How to configure local IPM registry authorization?

Question

Question

#InterSystems Package Manager (IPM) #InterSystems IRIS for Health

I'm working on my first (!) IPM module and I'm a little puzzled with the registry authorization.

I have a working local registry (I hope!) and the module is loaded (with load-command) to the namespace.

Now publish-command fails because of missing authorization. I have set nothing authorization related myself and I'm lost how the authorization should be configured. All the material I have read so far seems to ignore that and only mentions one have to authenticate ...

Here's the command output:

zpm:IPMTEST1>version

%SYS>     zpm          0.7.3
IPMTEST1> zpm-registry 1.3.2
https://pm.community.intersystems.com - 1.0.6
http://localhost:52773/registry/ - 1.3.2

zpm:IPMTEST1>list-installed -tree
osex-ipm-demo 1.0.0
├──osex-ipm-hello 1.0.0
└──osex-ipm-numbers 1.0.0
zpm-registry 1.3.2
└──yaml-utils 0.1.4

zpm:IPMTEST1>publish -verbose osex-ipm-hello

[IPMTEST1|osex-ipm-hello]       Reload START (/home/irisowner/work/objectscript-ex/ipm/hello/)
Skipping preload - directory does not exist.
Load of directory started on 10/29/2024 19:14:29 '*'

Loading file /home/irisowner/work/objectscript-ex/ipm/hello/src/OSEX/ipm/hello/Hello.cls as udl
Load finished successfully.

[IPMTEST1|osex-ipm-hello]       Reload SUCCESS
[osex-ipm-hello]        Module object refreshed.
[IPMTEST1|osex-ipm-hello]       Validate START
[IPMTEST1|osex-ipm-hello]       Validate SUCCESS
[IPMTEST1|osex-ipm-hello]       Compile START
Compilation started on 10/29/2024 19:14:29 with qualifiers 'd-lck'
Compiling class OSEX.ipm.hello.Hello
Compiling routine OSEX.ipm.hello.Hello.1
Compilation finished successfully in 0.007s.

[IPMTEST1|osex-ipm-hello]       Compile SUCCESS
[IPMTEST1|osex-ipm-hello]       Activate START
[IPMTEST1|osex-ipm-hello]       Configure START
[IPMTEST1|osex-ipm-hello]       Configure SUCCESS
Studio project created/updated: osex-ipm-hello.PRJ
[IPMTEST1|osex-ipm-hello]       Activate SUCCESS
[IPMTEST1|osex-ipm-hello]       Package START
Exporting 'OSEX.ipm.hello.Hello.cls' to '/usr/irissys/mgr/Temp/dirfi49Wp/osex-ipm-hello-1.0.0/src/OSEX/ipm/hello/Hello.cls'
Exported to /usr/irissys/mgr/Temp/dirfi49Wp/osex-ipm-hello-1.0.0/module.xml
Module exported to:
        /usr/irissys/mgr/Temp/dirfi49Wp/osex-ipm-hello-1.0.0/

Module package generated:
        /usr/irissys/mgr/Temp/dirfi49Wp/osex-ipm-hello-1.0.0.tgz
[IPMTEST1|osex-ipm-hello]       Package SUCCESS
[IPMTEST1|osex-ipm-hello]       Register START
[IPMTEST1|osex-ipm-hello]       Register SUCCESS
[IPMTEST1|osex-ipm-hello]       Publish START
Publish to: http://localhost:52773/registry/
[osex-ipm-hello]        Publish FAILURE
ERROR! Publishing module, authorization required.
zpm:IPMTEST1>

Product version: IRIS 2022.1

$ZV: IRIS for UNIX (Ubuntu Server LTS for x86-64 Containers) 2022.1.2 (Build 574_0_22161U) Tue Jan 24 2023 11:05:57 EST

Discussion (6)2

Log in or sign up to continue

Jani Hurskainen · Nov 5

I finally figured this out with a help of a colleague! I just had to create a user that I can use for authentication in publish operation. AFAICS now everything works as expected.

The difference in authentication of zpm-registry's /package and /packages paths confused me untiI I read the source code.

Essentially my problem here was this was the first time I run into these web applications and IRIS authentication model.

1 0

score 0 · Answer 1 · 2024-11-03T07:19:50-05:00

Evgeny Shvarov · Nov 3

Hi @Jani Hurskainen ! Have you solved your question with publishing in a registry?

0 0

score 1 · Answer 2 · 2024-11-03T07:25:25-05:00

There are two steps to publish into a registry.

1. Load a package into a namespace - you can load from a file directory that contains module.xml, or from a github repo, e.g.

load /folder_with_module/

2. switch to a current registry, where you can publish. You can install your own registry, or use a test registry, which is always avaliable for different tests:

ZPM:USER>repo -n registry -r -url https://test.pm.community.intersystems.com/registry/ -user test -pass PassWord42

3. Publish a pachage with the command:

publish package_name

score 0 · Answer 3 · 2024-11-04T00:31:00-05:00

Thanks for asking - I have not yet solved this (I have prioritized other things).

The overall work flow is clear but I'm struggling with this step on self-hosted remote registry:

repo -n local -r -url http://localhost:52773/registry/ -user test -pass PassWord42

How do I configure the authentication? I.e. how do I know the values for -user and -pass? AFAIK this is explained nowhere.

A side note for the community registry:

I recall I have seen the instructions how to self-register to the community registry (probably written by you 😉) but I didn't saved the link and now I can't find it anymore.

I'm expecting the front page at:

https://pm.community.intersystems.com/

would have clear description and instructions in the the similar way than the official (?) registry:

https://pm.intersystems.com/

score 1 · Answer 4 · 2024-11-04T04:56:50-05:00

Regarding user/pass - it should be a user and his/her password that is allowed to access web app /registry in your IRIS server.

You can go to the list of Web Apps: http://localhost:52773/csp/sys/sec/%25CSP.UI.Portal.Applications.WebList... and observe other and setup your own.

It can be passwordless, basic authentication, bearer token, OAuth, delegated - whatever you decide in your system.

If you are on a community edition of IRIS from a vanilla iris docker image then login/pass you use for your admin access, e.g. to access Management Portal http://localhost:32783/csp/sys/%25CSP.Portal.Home.zen

will work for the registry as well.

score 0 · Answer 5 · 2024-11-05T16:37:12-05:00

Evgeny Shvarov · Nov 5

Glad this is settled!

0 0