Package: Python Pip Authenticate

Version 1.* | Other versions

Azure Pipelines

Provides authentication for the pip client that can be used to install Python distributions.

Note

The Python Pip Authenticate task in Azure Pipelines is currently in public preview.

YAML snippet

# Python pip authenticate V1
# Authentication task for the pip client used for installing Python distributions
- task: PipAuthenticate@1
  inputs:
    #artifactFeeds: MyFeed, MyTestFeed # Optional
    #pythonDownloadServiceConnections: pypiOrgFeed, OtherOrganizationFeed # Optional
    #onlyAddExtraIndex: false # Optional

Arguments

Argument Description
artifactFeeds
My feeds
(Optional) Comma-separated list of Azure Artifacts feed names to authenticate with pip.
pythonDownloadServiceConnections
Feeds from external organizations
(Optional) Comma-separated list of pip service connection names from external organizations to authenticate with pip.
onlyAddExtraIndex
Don't set primary index URL
(Optional) Boolean value, if set to true will force pip to get distributions from official python registry first. By default, it's false
Control options

Examples

Download python distributions from Azure Artifacts feeds without consulting official python registry

In this example, we are setting authentication for downloading from a private Azure Artifacts feed. The authenticate task create environment variables PIP_INDEX_URL and PIP_EXTRA_INDEX_URL which contain auth credentials required to download the distributions. 'HelloTestPackage' has to be present in either 'myTestFeed1' or 'myTestFeed2', otherwise install will hard fail.

- task: PipAuthenticate@1
  displayName: 'Pip Authenticate'
  inputs:
    # Provide list of feed names which you want to authenticate
    artifactFeeds: myTestFeed1, myTestFeed2

# Use command line tool to 'pip install'.
- script: |
   pip install HelloTestPackage

Download python distributions from Azure Artifacts feeds consulting official python registry first

In this example, we are setting authentication for downloading from private Azure Artifacts feed but pypi is consulted first. The authenticate task creates an environment variable PIP_EXTRA_INDEX_URL which contain auth credentials required to download the distributions. 'HelloTestPackage' will be downloaded from the authenticated feeds only if it's not present in pypi.

- task: PipAuthenticate@1
  displayName: 'Pip Authenticate'
  inputs:
    # Provide list of feed names which you want to authenticate
    artifactFeeds: myTestFeed1, myTestFeed2
    # Setting this variable to "true" will force pip to get distributions from official python registry first and fallback to feeds mentioned above if distributions are not found there.
    onlyAddExtraIndex: true

# Use command line tool to 'pip install'.
- script: |
   pip install HelloTestPackage

Download python distributions from other private python servers

In this example, we are setting authentication for downloading from a external python distribution server. Create a pip service connection entry for the external service. The authenticate task uses the service connection to create an environment variable PIP_INDEX_URL which contain auth credentials required to download the distributions. 'HelloTestPackage' has to be present in 'pypitest' service connection, otherwise install will fail. If you want pypi to be consulted first, set onlyAddExtraIndex to true.

- task: PipAuthenticate@1
  displayName: 'Pip Authenticate'
  inputs:
    # In this case, name of the service connection is "pypitest". 
    pythonDownloadServiceConnections: pypitest

# Use command line tool to 'pip install'.
- script: |
   pip install HelloTestPackage

Task versions

Task: Pip Authenticate

Task version Azure Pipelines TFS
1.* Available Not supported
0.* Available Not supported

Open source

This task is open source on GitHub. Feedback and contributions are welcome.

Q & A

When in my pipeline should I run this task?

This task must run before you use pip to download python distributions to an authenticated package source such as Azure Artifacts. There are no other ordering requirements. Multiple invocation of this task will not stack credentials. Every run of the task will erase any previously stored credentials.

My agent is behind a web proxy. Will PipAuthenticate set up pip to use my proxy?

No. While this task itself will work behind a web proxy your agent has been configured to use, it does not configure pip to use the proxy.

To do so, you can either:

  • Set the environment variable http_proxy, https_proxy and optionally no_proxy to your proxy settings. See Pip official guidelines for details. Note that these are commonly used variables which other non-Python tools (e.g. curl) may also use.

    Caution: The http_proxy and no_proxy variables are case-sensitive on Linux and Mac operating systems and must be lowercase. Attempting to use an Azure Pipelines variable to set the environment variable will not work, as it will be converted to uppercase. Instead, set the environment variables on the self-hosted agent's machine and restart the agent.

  • Add the proxy settings to the pip config file file using proxy key.
  • Use the --proxy command-line option to specify proxy in the form [user:passwd@]proxy.server:port.