24

When I attempt to install a package from our Azure DevOps Artifacts feed, I get the error:

Looking in indexes: https://pypi.org/simple, https://pkgs.dev.azure.com/company/company_Software/_packaging/PyPI/pypi/simple/
ERROR: Could not find a version that satisfies the requirement as-api (from versions: none)
ERROR: No matching distribution found for as-api

As using pip install -vvv potentially produces confidential information, I cannot provide the full log here. Please feel free to ask any specific questions about the log. In the meantime, I can see promising messages like:

Found index url https://pkgs.dev.azure.com/company/company_Software/_packaging/PyPI/pypi/simple/
Getting credentials from keyring for https://pkgs.dev.azure.com/company/company_Software/_packaging/PyPI/pypi/simple/

And some problematic messages?:

Status code 302 not in (200, 203, 300, 301)
Skipping link: not a file: ...
Given no hashes to check 0 links for project 'as-api': discarding no candidates

Reproduction details

virtualenv .venv
.\.venv\Scripts\activate
python -m pip install -U pip
pip install keyring artifacts-keyring
pip install as-api

This link was used to produce a pipeline to publish the package and the suggested way of installing the package. My approach is now a mix of both option 1 and option 2. Note the use of a php.ini file to set --index-url and the artifacts-keyring package (installing with --pre does not make any difference to the version), so it really doesn't make any difference. However, I have tried both options separately, it doesn't spawn a browser, so it gives the same result.

System details:

  • OS: Windows 10
  • Python 2.7.17
pip list
Package           Version
----------------- ----------
artifacts-keyring 0.2.8rc0
certifi           2019.11.28
chardet           3.0.4
configparser      4.0.2
entrypoints       0.3
idna              2.8
keyring           18.0.1
pip               19.3.1
pywin32-ctypes    0.2.0
requests          2.22.0
setuptools        42.0.2
urllib3           1.25.7
wheel             0.33.6

Folder structure:

test
  |-- test.py
  |-- .venv
         |-- pip.ini
         |-- ... other virtualenv folders and files

pip.ini:

[global]
extra-index-url = https://pkgs.dev.azure.com/company/company_Software/_packaging/PyPI/pypi/simple/

Further analysis

  • Using a clean laptop actually works with the above reproduction details. Other computers in the company also have the same problem, so some of our set up is conflicting with the authentication.

  • If we use a pipeline (see this link) to install the as-api package, it works, so I suspect this is an authentication problem, but it's not mentioned on any documentation.

  • Using https://username:password@... does not give any authentication error, even with wrong username and password.

  • Using the correct username but have symbols in the password triggers interactive mode to enter username and password. However, this gives this error: WARNING: 401 Error, Credentials not correct for https://pkgs.dev.azure.com/company/company_Software/_packaging/PyPI/pypi/simple/as-api/ Note that I am the owner of the Artifacts feed and the team has been added as the owner in the permission tab.

Improve this question
8
  • Looks like the bug in pip: github.com/pypa/pip/issues/6179. Still open. Commented Dec 23, 2019 at 17:27
  • @phd Interesting find. I wonder if it's the same problem though because if I set up a pipeline on Azure which installs the same as-api package, it seems to work (see the final point in my post). Commented Dec 23, 2019 at 17:36
  • Perhaps Azure in the second case doesn't send back a redirect? Commented Dec 23, 2019 at 17:44
  • 1
    @LanceLi-MSFT That's actually the same as my approach, which I got from the same page. I just tried the exact same commands on the page again and it gives the same results. Adding --pre doesn't make any difference to the version, and using --index-url is the same as mine except pip won't search the pypi.org/simple index. Sorry for the confusion, I should've added more stuff that I've tried in the question. I will update that now. Commented Dec 24, 2019 at 8:33
  • Do you pass the login-in check like the pic in my answer? I tried the both two options and find in some situations the login-in check won't occur so that we can't make the authentication, and it just throw something like Could not find a version... And it seems that you use pip install+pip.ini to do the installation, for option1, only command with devops feed --index-url https://pkgs.dev.azure.com/xxx/xxx/_packaging/xxx/pypi/simple/ is enough. Also, does it make any difference if we add the argument --no-deps, any update feel free to let me know:) Commented Dec 24, 2019 at 8:43

5 Answers 5

Reset to default
8

Assuming your Azure DevOps artifacts is private and you have a PAT then installing a package from the artifact can be done in the following two ways

  1. If you have access to a terminal (only preferred in dev environment)
pip install https://<your-feed-name>:<your-PAT-key>@pkgs.dev.azure.com/<your-organization-name>/<your-project-name>/_packaging/<your-feed-name>/pypi/simple/ Your-Package-Name==x.x.x

Note: All the names (eg: feed, project) must follow the HTTPS URL convention.A simple (& actually correct) way to get to know the URL is goto Artifacts --> Select your artifact feed --> Connect to feed --> PIP --> Here you will get the correct URL. Also, use the some feed name both the place in URL

  1. Using requirements.txt (this will be ideally used in prod or CI/CD pipeline) and automating the process:

Mind you it need a bit of string/URL manipulation. Add the respective line/URL in your requirements.txt in following manner:

  • The URL will be mostly similar to the earlier URL used in the earlier terminal method
  • In the URL after simple everything will have to change, modified URL-
https://<your-feed-name>:<your-PAT-key>@pkgs.dev.azure.com/<your-organization-name>/<your-project-name>/_packaging/<your-feed-name>/pypi/download/<yourpackagename>/<package version>/Your-Package-Name.whl 
#assuming your package is a .whl file
  • So simple changed to download; then whatever is your package name, whether it contains '-' or '_' or CAPS, everything will be removed and converted into small case.
  • Next is version no of your package that you want to install & finally the name of wheel or .whl file.
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

As per @NaishOLoughlin the first method is almost correct, it should be: pip install --extra-index-url=https://<your-feed-name>:<your-PAT-key>@pkgs.dev.azure.com/<your-organization-name>/<your-project-name>/_packaging/<your-feed-name>/pypi/simple/ Your-Package-Name==x.x.x otherwise it results in a 404
in my case URL was @microsoft.pkgs.visualstudio.com/ instead of @pkgs.dev.azure.com/
7

As a workaround:

Looks like you're using option2 from the document to do the install. I happen to see one similar issue which indicates this error message could have something to do with pip.ini(windows) or pip.conf(linux/mac), so I think you can try another approach to avoid something wrong with those configurations.

You can run pip install artifacts-keyring --pre and then run

pip install packageName --index-url https://pkgs.dev.azure.com/xxx/xxx/_packaging/xxx/pypi/simple/ -vvv --no-deps

You would meet something like this when running command pip install artifacts-keyring --pre:

enter image description here

After the login-in passes, you would get the package you need if it do exist in your feed.

Improve this answer

1 Comment

FYI: artifacts-keyring only works if you have dotnet installed. This is not automatically installed as a dependency when pip installing it.
4

My issue was that I had not installed artifacts-keyring. After that I could see VS Code authenticating to the feed and installing the package.

I also needed to upgrade pip (needs to be above > 19.2) with the following command:

python -m pip install --upgrade pip
Improve this answer

Comments

3

The fix

Do one of the following:

  • Remove the VSS_NUGET_EXTERNAL_FEED_ENDPOINTS environment variable (not very useful, not recommended).

  • Add an extra endpoint to the VSS_NUGET_EXTERNAL_FEED_ENDPOINTS environment variable. E.g.,

{"endpointCredentials": [{"endpoint":"https://pkgs.dev.azure.com/company/_packaging/NuGetFeed/nuget/v3/index.json", ...},{"endpoint":"https://pkgs.dev.azure.com/company/company_Software/_packaging/PyPI/pypi/simple/", ...}]}

We have a script which sets up these endpoints, so this turns out to be a simple fix.

The cause

It turns out that if you have used artifacts-credprovider to set up another feed, in our case, a NuGet feed with another endpoint, the VSS_NUGET_EXTERNAL_FEED_ENDPOINTS environment variable stores only that feed URL inside the key endpoint. artifacts-keyring will still read that environment variable even if the endpoint doesn't exist, which causes authentication problem. The -vvv log doesn't tell you anything about authentication and it won't attempt to authenticate using another method.

Improve this answer

1 Comment

Hi Nelson, thanks for your sharing and please mark your reply as self-answer and that will help other community members to search this useful information more easily, it just a reminder :)
2

As an update to @user:10097045 's answer

You must add the --extra-index-url= infront of the URL with path in option 1 otherwise pip will fail to find the directory

Otherwise answer was super helpful you just get a 404 without that definition

Improve this answer

2 Comments

This does not provide an answer to the question. Once you have sufficient reputation you will be able to comment on any post; instead, provide answers that don't require clarification from the asker. - From Review
Thanks for your answer, this led me in the right direction. Looks like the proposed edit queue is full for that answer but I added a comment.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.