Cannot run codewiki config set in headless container (RHEL 9 host) – “System keychain unavailable: No recommended backend was available”

[SemifrontTechnologies]

Environment

Host OS: RHEL 9 (server, headless)

Container base image: python:3.12-slim (Docker/Podman)​

CodeWiki version: CodeWiki CLI, version 1.0.0 (installed via pip install "git+https://github.com/FSoft-AI4Code/CodeWiki.git")​

Running as: root inside container, with config bind-mounted from host

LLM provider: Anthropic Claude (standard cloud API key)​

What I am trying to do

Build a minimal CodeWiki container:

text
FROM python:3.12-slim

RUN apt-get update && apt-get install -y git curl ca-certificates gnupg
&& rm -rf /var/lib/apt/lists/*

RUN pip install --upgrade pip
&& pip install "git+https://github.com/FSoft-AI4Code/CodeWiki.git"

WORKDIR /workspace
ENTRYPOINT ["codewiki"]
Verify CLI:

bash
docker run --rm codewiki:3.12 --version

CodeWiki CLI, version 1.0.0

Persist config outside the container:

bash
sudo mkdir -p /opt/codewiki-config
Configure Anthropic API key from the host:

bash
sudo docker run --rm
-v /opt/codewiki-config:/root/.config/codewiki
codewiki:3.12
config set
--api-key <ANTHROPIC_API_KEY>
--base-url https://api.anthropic.com
--main-model claude-3-5-sonnet-latest
--cluster-model claude-3-5-sonnet-latest
Actual behavior

The command fails with:

Configuration error: System keychain unavailable: No recommended backend was available. Install a recommended 3rd party backend package; or, install the keyrings.alt package if you want to use the non-recommended backends. See https://pypi.org/project/keyring for details. Please ensure your system keychain is properly configured.​​

No config file is created under /root/.config/codewiki, and a subsequent config validate reports “Configuration file not found / configuration is incomplete”.​​

Setting CODEWIKI_NO_KEYRING=1 (and =true) on the container does not change the behavior; the same “System keychain unavailable” error is thrown.​​

Expected behavior

On a headless/containerized environment without a system keyring, it should be possible to:

Either disable keyring usage entirely and store the API key in a config file in the mounted directory, or

Use a documented lightweight backend (e.g., keyrings.alt) that works out of the box with the official Docker instructions.​

Why this matters

For server/CI use (RHEL 9, Kubernetes, etc.), running CodeWiki in a minimal container is the most practical option.​

At the moment, the only blocker to using CodeWiki end‑to‑end is the keyring requirement in config set; codewiki --version works and the image builds cleanly.​​

Questions / feature requests

Is there an officially supported way to disable keyring and force plain config-file storage (e.g., a --no-keyring flag or a documented env var)?​

If not, would you recommend bundling keyrings.alt (or another backend) in the default install, or documenting a minimal working Dockerfile for headless environments?​

[watreyoung]

Maybe you can solve it by pip install keyrings and pip install keyrings.alt?

The question may be similarly raised by this issue.