Get started with Python packages in Azure Artifacts
Azure DevOps Services | Azure DevOps Server 2019 Update 1
This quickstart guides you through using Azure Artifacts to consume and publish Python packages in Azure DevOps Services. It covers license assigning and setup.
Create a feed
On your first visit to Azure Artifacts, you're welcomed with an image that prompts you to create a new feed. Select the + New feed button.
In the dialog box:
- Name: Give the feed a name. "PyPI" is the default repository name for
twine, which is a tool for publishing Python packages. We recommend that you don't name your feed "PyPI," because you might accidentally push to the wrong repository if you don't provide a repository name with
- Visibility: Choose who can read and contribute (or update) packages in your feed. An organization-visible feed is created with permissions that allow all users in the organization to see and use your feed (recommended). A private feed is created with permissions such that only you have access.
- Packages from public sources: Selecting Use packages from public sources through this feed will add the public npm, NuGet, and PyPI registries as upstreams to your feed. When upstreams are enabled, your client will be able to fetch packages from the public registry through your private feed, and your private feed will cache those packages for you. If you select Use packages published to this feed, your feed will be created without connectivity to public registries. You can connect them later if you want.
- When you're done, select Create.
You can change these settings later by editing the feed.
Connect to your feed
There are two primary ways to connect to a feed to push or pull Python packages:
- Install and use the Python Credential Provider (artifacts-keyring) (preview), which sets up authentication for you
- Set up your
pip.conffor pushes, or your
.pypircfor pulls, manually with credentials via a PAT
Option 1: Connect with Python Credential Provider (preview) to automate authentication
The Python Credential Provider is a package (artifacts-keyring) in public preview that can be installed from the Python Package Index (PyPI). It allows the pip command (for package pulls) and the twine command (for package pushes) to authenticate to your feed by sending you through an authentication flow in your web browser.
IMPORTANT: You must have
pip version 19.2 and
twine version 1.13.0 or higher installed to use the Python Credential Provider.
From your command-line, install the artifacts-keyring package:
pip install artifacts-keyring --pre
Install or upload packages to your feed:
pip install <package_name> --index-url https://pkgs.dev.azure.com/<org_name>/_packaging/<feed_name>/pypi/simple
twine upload --repository-url https://pkgs.dev.azure.com/<org_name>/_packaging/<feed_name>/pypi/upload <package_wheel_or_other_dist_format>
Follow the authentication flow in your browser
Note: The Python Credential Provider is designed for manual interaction. If you want to set up authentication in an Azure DevOps pipeline, you will want to use the Pip Authenticate Task for installing packages or Twine Authentication Task for pushing.
Option 2: Connect by manually configuring authentication
From your feed in Azure Artifacts, select Connect to feed.
When the Connect to feed dialog box opens, choose Python from the left menu.
Publish Python packages from your builds
If you want to consume or publish Python packages as part of your continuous integration/continuous delivery (CI/CD) pipeline, check out the Publish Python packages from Azure Pipelines guide.
Build Python apps with Azure Pipelines
To learn more about how to create, configure, and use Python packages as part of your project or pipeline, check out the Build Python apps with Azure Pipelines guide.
If you’d like to learn more about how Python packages work, there’s a great write-up in the Architecture of Open Source Applications book. Here's an excerpt: