从Azure DevOps Python Artifacts feed进行pip安装无法正常工作 [英] pip install from Azure DevOps Python Artifacts feed not working

问题描述

当我尝试从Azure DevOps Artifacts feed中安装软件包时，出现错误消息:

When I attempt to install a package from our Azure DevOps Artifacts feed, I get the error:

Looking in indexes: https://pypi.org/simple, https://pkgs.dev.azure.com/company/company_Software/_packaging/PyPI/pypi/simple/
ERROR: Could not find a version that satisfies the requirement as-api (from versions: none)
ERROR: No matching distribution found for as-api

由于使用pip install -vvv可能会产生机密信息，因此我无法在此处提供完整的日志.请随时询问有关日志的任何特定问题.同时，我可以看到有希望的消息，例如:

As using pip install -vvv potentially produces confidential information, I cannot provide the full log here. Please feel free to ask any specific questions about the log. In the meantime, I can see promising messages like:

Found index url https://pkgs.dev.azure.com/company/company_Software/_packaging/PyPI/pypi/simple/
Getting credentials from keyring for https://pkgs.dev.azure.com/company/company_Software/_packaging/PyPI/pypi/simple/

还有一些有问题的消息吗?:

And some problematic messages?:

Status code 302 not in (200, 203, 300, 301)
Skipping link: not a file: ...
Given no hashes to check 0 links for project 'as-api': discarding no candidates

复制细节

virtualenv .venv
.\.venv\Scripts\activate
python -m pip install -U pip
pip install keyring artifacts-keyring
pip install as-api

此链接用于生成发布软件包的管道以及建议的安装软件包的方法.现在，我的方法是将选项1和选项2混合使用.请注意，使用php.ini文件来设置--index-url和artifacts-keyring软件包(使用--pre进行安装对版本没有任何影响)，所以这真的没有任何区别.但是，我分别尝试了这两个选项，它不会产生浏览器，因此它给出的结果相同.

This link was used to produce a pipeline to publish the package and the suggested way of installing the package. My approach is now a mix of both option 1 and option 2. Note the use of a php.ini file to set --index-url and the artifacts-keyring package (installing with --pre does not make any difference to the version), so it really doesn't make any difference. However, I have tried both options separately, it doesn't spawn a browser, so it gives the same result.

系统详细信息:

• 操作系统:Windows 10
• Python 2.7.17

pip list
Package           Version
----------------- ----------
artifacts-keyring 0.2.8rc0
certifi           2019.11.28
chardet           3.0.4
configparser      4.0.2
entrypoints       0.3
idna              2.8
keyring           18.0.1
pip               19.3.1
pywin32-ctypes    0.2.0
requests          2.22.0
setuptools        42.0.2
urllib3           1.25.7
wheel             0.33.6

文件夹结构:

test
  |-- test.py
  |-- .venv
         |-- pip.ini
         |-- ... other virtualenv folders and files

pip.ini:

[global]
extra-index-url = https://pkgs.dev.azure.com/company/company_Software/_packaging/PyPI/pypi/simple/

进一步分析

• 使用干净的笔记本电脑可以实际使用上述复制细节.公司中的其他计算机也有相同的问题，因此我们的某些设置与身份验证冲突.

  Further analysis

  • Using a clean laptop actually works with the above reproduction details. Other computers in the company also have the same problem, so some of our set up is conflicting with the authentication.

    如果我们使用管道(请参阅此

    If we use a pipeline (see this link) to install the as-api package, it works, so I suspect this is an authentication problem, but it's not mentioned on any documentation.

    使用 https://用户名:密码@ ...没有给出任何身份验证错误，即使使用了错误的用户名和密码.

    Using https://username:password@... does not give any authentication error, even with wrong username and password.

    使用正确的用户名，但密码中包含符号会触发交互模式，以输入用户名和密码.但是，这会出现此错误:WARNING: 401 Error, Credentials not correct for https://pkgs.dev.azure.com/company/company_Software/_packaging/PyPI/pypi/simple/as-api/请注意，我是Artifacts feed的所有者，并且该团队已被添加为权限"标签中的所有者.

    Using the correct username but have symbols in the password triggers interactive mode to enter username and password. However, this gives this error: WARNING: 401 Error, Credentials not correct for https://pkgs.dev.azure.com/company/company_Software/_packaging/PyPI/pypi/simple/as-api/ Note that I am the owner of the Artifacts feed and the team has been added as the owner in the permission tab.

    推荐答案

    修复

    执行以下操作之一:

    The fix

    Do one of the following:

    • 删除VSS_NUGET_EXTERNAL_FEED_ENDPOINTS环境变量(不是很有用，不建议使用).

    • Remove the VSS_NUGET_EXTERNAL_FEED_ENDPOINTS environment variable (not very useful, not recommended).

    向VSS_NUGET_EXTERNAL_FEED_ENDPOINTS环境变量添加一个额外的endpoint.例如，

    Add an extra endpoint to the VSS_NUGET_EXTERNAL_FEED_ENDPOINTS environment variable. E.g.,

    {"endpointCredentials": [{"endpoint":"https://pkgs.dev.azure.com/company/_packaging/NuGetFeed/nuget/v3/index.json", ...},{"endpoint":"https://pkgs.dev.azure.com/company/company_Software/_packaging/PyPI/pypi/simple/", ...}]}
    

    我们有一个脚本来设置这些端点，因此这真是一个简单的解决方法.

    We have a script which sets up these endpoints, so this turns out to be a simple fix.

    事实证明，如果您使用 artifacts-credprovider 来设置另一个供稿，在本例中为NuGet如果使用另一个端点作为提要，则VSS_NUGET_EXTERNAL_FEED_ENDPOINTS环境变量仅在键endpoint内存储该提要URL.即使endpoint不存在， artifacts-keyring 仍会读取该环境变量，这会导致身份验证问题. -vvv日志不会告诉您有关身份验证的任何信息，也不会尝试使用其他方法进行身份验证.

    It turns out that if you have used artifacts-credprovider to set up another feed, in our case, a NuGet feed with another endpoint, the VSS_NUGET_EXTERNAL_FEED_ENDPOINTS environment variable stores only that feed URL inside the key endpoint. artifacts-keyring will still read that environment variable even if the endpoint doesn't exist, which causes authentication problem. The -vvv log doesn't tell you anything about authentication and it won't attempt to authenticate using another method.

    这篇关于从Azure DevOps Python Artifacts feed进行pip安装无法正常工作的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！