Pipenv: Pipenv workflow for private authenticated package indexes like Artifactory

Created on 18 Feb 2018 · 5Comments · Source: pypa/pipenv

Hi there, I'm looking to switch from plain old pip to pipenv but I'm having trouble finding a comparable workflow for private package indexes that require HTTP Basic Auth specified in the index URL.

With plain old pip (9.0.1), it's quite easy to point to a package index with basic auth using ~/.pip/pip.conf or $VIRTUAL_ENV/pip.conf:

[global]
index-url = https://MY_USERNAME:[email protected]/artifactory/api/pypi/python/simple

Because of the basic auth in the URL, it's actually beneficial that this is kept separate from our dependencies. We track our requirements in git; meanwhile the creds are kept in an untracked config file that varies for each member of our team (since they'll all have their own personal creds).

Can pipenv support a workflow like this?

FWIW I tried removing the [[sources]] section in hopes that it would fall back to pip.conf, but no such luck. At least for us, this would be quite amenable as every package is expected to be pulled from our single private index anyway.

Thanks!

Describe your environment

OSX 10.12
Python version: 3.6.2
Pipenv version: 9.0.3

Source

natedub

👍6

Most helpful comment

+1'd OP as this has become something very needed for those of us in more secured environments where an internal "proxy" pip (like Artifactory) is the only way to get external pip packages.

tyler-8 on 30 Apr 2018

👍4

All 5 comments

this is currently unsupported

kennethreitz42 on 18 Feb 2018

Any interest in supporting this in the future? I'd be willing to contribute if we can come to some agreement on how it would work.

natedub on 23 Feb 2018

+1'd OP as this has become something very needed for those of us in more secured environments where an internal "proxy" pip (like Artifactory) is the only way to get external pip packages.

tyler-8 on 30 Apr 2018

👍4

This was already in #1769 and updated in #1809 and #2015 @natedub @tyler-8