I am trying to upload Python package to private gitlab package registry using CI.
script:
- poetry build
- pip install twine
- echo "[distutils]" > ~/.pypirc
- echo "index-servers = gitlab" >> ~/.pypirc
- echo "[gitlab]" >> ~/.pypirc
- echo "repository=$CI_API_V4_URL/projects/$CI_PROJECT_ID/packages/pypi" >> ~/.pypirc
- echo "username=gitlab-ci-token" >> ~/.pypirc
- echo "password=$CI_JOB_TOKEN" >> ~/.pypirc
- twine upload --repository gitlab dist/* --verbose --cert /usr/local/share/ca-certificates/ca.crt
When running curl --verbose https://****repository url**** within the same CI job it shows that SSL certificate verify ok..
But CI job fails, showing:
$ twine upload --repository gitlab dist/* --verbose --cert /usr/local/share/ca-certificates/ca.crt
INFO Using configuration from /root/.pypirc
INFO ca_cert set by command options
Uploading distributions to
https://***********.com/api/v4/projects/53/packages/pypi
INFO dist/************.whl (30.0 KB)
INFO dist/************.tar.gz (25.1 KB)
INFO username set from config file
INFO password set from config file
INFO username: gitlab-ci-token
INFO password: <hidden>
Uploading ************.whl
WARNING Retrying (Retry(total=9, connect=5, read=None, redirect=None,
status=None)) after connection broken by
'SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED]
certificate verify failed: unable to get local issuer certificate
Please suggest what can be wrong or what can I try to do as well?
p.s. I have also tried using Poetry directly:
- poetry build
- poetry config repositories.gitlab "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/pypi"
- poetry config certificates.gitlab.cert "/usr/local/share/ca-certificates/ca.crt"
- poetry config http-basic.gitlab gitlab-ci-token "$CI_JOB_TOKEN"
- poetry config --list
- poetry publish --repository gitlab --username gitlab-ci-token --password $CI_JOB_TOKEN
But it gives error that server is unreachable and I should check url.