Setup
Private registry cloudsmith.io
cloudsmith.io is a service that provides functionality similar to crates.io but is used
for publishing crates to a private registry.
Some of our crates are published there to prevent them from being publicly available.
Get access for using crates from cloudsmith
Safety is important! Everyone on our team needs to be invited to the private repository at
cloudsmith.io. Each team member has their own credentials for accessing build dependencies stored on cloudsmith.io.
Use this elastio's link to login to
cloudsmith.io
After signing in, you have to enable 2FA; otherwise, you won't be able to view an entitlement token.
There are two types of configuration access to the registry, each with its own security settings. Actively used
repositories employ the sparse protocol, while old and legacy repositories are still configured to use the old, git-based protocol.
To determine which protocol is used in a particular repository, check the .cargo/config.toml file.
If you see a registry URL starting with sparse+https, the new sparse protocol is in use.
Example of configuration of the private registry:
[registries.elastio-private]
credential-provider = "cargo:token"
index = "sparse+https://cargo.cloudsmith.io/elastio/private/"
Authentication with sparse proto
To authenticate with the modern sparse proto, you can use either an API-KEY or an Entitlement token.
API-KEY can be obtained from user's settings page on cloudsmith.io
To use the API-KEY for authentication, define the CARGO_REGISTRIES_ELASTIO_PRIVATE_TOKEN environment variable:
export CARGO_REGISTRIES_ELASTIO_PRIVATE_TOKEN=API_KEY
or run cargo login --registry elastio-private in the project's top directory and provide the token.
cd elastio/
cargo login --registry elastio-private
Note: If you use the
cargo logincommand, your token will be saved in the$CARGO_HOME/credentials.tomlfile in clear text!
To obtain the Entitlement token, go to the "Repositories" page, then navigate to the elastio/private repo. In the left sidebar,
find Entitlement Tokens, copy the secret key (TOKEN) from the line with your account name, and use it.
To use the Entitlement Token, use the same process, except that instead of the API_KEY value, the string Token TOKEN should be used:
export CARGO_REGISTRIES_ELASTIO_PRIVATE_TOKEN='Token XXXXXXXXXXX'
# or
cargo login --registry elastio-private
Updating `elastio-private` index
please paste the token found on https://cargo.cloudsmith.io/elastio/private/me below
Token XXXXXXXXXXXXXX <<< - Your input is here
Login token for `elastio-private` saved
Authentication with the legacy protocol
Authentication using the legacy protocol can be performed with the Entitlement token only!
The next step is to setup git credentials using TOKEN:
git config --global credential.helper store
echo "https://token:TOKEN@dl.cloudsmith.io" >> ~/.git-credentials
Congratulations! You have access to use cloudsmith.io.
Extra info
For additional information, please refer to:
- https://help.cloudsmith.io/docs/cargo-registry#registry-setup
- https://doc.rust-lang.org/cargo/reference/config.html#credentials