VSCode dev containers: accessing AWS CodeArtifact

Question

I'm working with VSCode dev containers, and the container should pip install modules that reside on AWS CodeArtifact. First, I need to sso login on the host machine, before the container is built, so I added the following configuration to devcontainer.json:

{
  ...
  "initializeCommand": "aws sso login --profile dev"
  ...
}

Here lies my problem. The container should install the modules, so I need it to have the proper permissions. I run $ aws codeartifact get-authorization-token on the host machine and I need to pass the token to the container. How can I do it? As far as I know there is no option to pass dynamic values as an environment variable, and using script to create files seems very cumbersome for such a simple task.

Answer 1

I've searched this for a while then found such solution: The idea is initializeCommand runs on the host machine and generates a file named token in project directory. Then postCreateCommand can use this file to login to codeartifact repo. Hope this helps.

cat devcontainer.json

{
    "name": "C# (.NET)",
    "image": "mcr.microsoft.com/devcontainers/dotnet:1-8.0-bookworm",
    "features": {
        "ghcr.io/devcontainers/features/aws-cli:1": {
            "version": "latest"
        },
        "ghcr.io/devcontainers/features/github-cli:1": {
            "installDirectlyFromGitHubRelease": true,
            "version": "latest"
        }
    },
    "forwardPorts": [5002],
    "portsAttributes": {
        "5001": {
            "protocol": "https"
        }
},  
"initializeCommand": "aws codeartifact get-authorization-token --domain xxxx --domain-owner yyyy --region zzzz --query authorizationToken --output text > token",
"postCreateCommand": "dotnet nuget add source \"https://xxxx-yyyy.d.codeartifact.zzzz.amazonaws.com/nuget/nuget/v3/index.json\" -n \"somename\" -u \"aws\" -p \"$(cat token)\" --store-password-in-clear-text && dotnet restore && rm -f token"
}