Pip install from private Git repo, with Personal access token in Git URL

Question

I am trying to install a package from a private repository on Git.
I am using Personal Access Token in my Git URL in order to bypass the manual authentication step. (You can read about Personal Access Tokens here)
If I add this git URL in requirements file and then use the requirements file in pip to install build it works.

requirements.txt
<package name> @ git+https://<Personal Access Token>@<git server address>/<username>/<repository name>.git@<branch name>#egg=<package name>

But, if I use the same URL directly it asks for password, how do I avoid this password prompt (as mentioned below):

pip install git+https://<Personal Access Token>@<git server address>/<username>/<repository name>.git@<branch name>#egg=<package name>

This issue is not observed on all machines that i tested on. It worked on Win 10 x64 and Win 10 x86. But it didn't work on Ubuntu x64. I made sure all the 3 systems has same Python version (3.8.0) and same Pip version (19.3.1).

Answer 1

Use environment variables with the syntax ${VARIABLE} (POSIX format, upper case and underscores allowed) so you're not hard-coding your secrets.

Pip will replace when installing from requirements.txt.

So you can refer to a token to clone the private repo, for example:

in requirements.txt

Github

git+https://${GITHUB_TOKEN}@github.com/user/project.git@{version}

Gitlab

git+https://${GITLAB_TOKEN_USER}:${GITLAB_TOKEN}@gitlab.com/user/project.git@{version}

Bitbucket

git+https://${BITBUCKET_USER}:${BITBUCKET_APP_PASSWORD}@bitbucket.org/user/project.git@{version}

More info here: https://docs.readthedocs.io/en/stable/guides/private-python-packages.html

Answer 2

Go to GitLab profile settings and generate an read access token:

1. Select access tokens
2. give it a name (you can leave expiration date empty)
3. give it access to read all repositories you have access
4. generate it

Now edit your requirement file:

pandas==1.0.5
git+https://yourgitlabuser:<generated_token>@gitlab/group/repo@hash#egg=piplib
requests==2.24.0

Answer 3

I just had the same issue. In the end, I could install the package as follows.

• from the command line:

pip install mypackagename --no-deps --index-url https://gitlab+deploy-token-mytokenname:[email protected]/api/v4/projects/123456789/packages/pypi/simple

• by specifying it in the requirements.txt file:

(Note that the flask and flask-cors package requirements in the example below are just an example, because it may seem really weird to a reader that the other lines in the example are really content that can be written in a requirements.txt.)

flask==1.1.1
flask-cors==3.0.8
--index-url https://pypi.org/simple --extra-index-url https://gitlab+deploy-token-mytokenname:[email protected]/api/v4/projects/123456789/packages/pypi/simple
mypackagename

Then of course run pip install -r requirements.txt.

Note that both fragments above show how to provide your password, as you asked.