1

Let's say I have no internet, and a custom PyPI clone running at 10.0.0.2.

I want to be author a Python package that someone on my intranet can install. It has dependency X, which lives on my custom PyPI clone.

How can I author my package so that someone can install it, pulling in dependency X, without needing to apply any special pip configuration? That is, how can I author my package so that installing it pulls in custom PyPI dependencies? In this constraint, I only have access to edit the setup.py.

The context is that I am using a managed service that accepts a tar'd Python package with a setup.py file, and then runs pip to install everything. I don't have access to how pip is called, or any environmental config on that system.

Is there a way through setup.py alone to pull in packages from a custom IP address for a PyPI?

Improve this question

1 Answer 1

Reset to default
1

As far as I'm aware, you can't update the setup.py to point it to download dependencies from a specific server. However, the person that's executing the pip install can specify which server to use to look for the package and its dependencies with the -i flag like so

pip install -i http://localhost:8000 <package>

The dependencies can be specified in the setup.py, on the other hand. In setuptools.setup you can declare dependencies like so:

import sys

import setuptools

with open("README.md", "r") as fh:
    long_description = fh.read()

setuptools.setup(
    name="somepackage",
    version="0.0.1",
    author="Your Name",
    author_email="[email protected]",
    description="Some desc",
    long_description=long_description,
    long_description_content_type="text/markdown",
    packages=setuptools.find_packages(),
    classifiers=[
        "Programming Language :: Python :: 2.7",
        "Programming Language :: Python :: 3.8"
    ],
    install_requires=["dependency1", "dependency2"]
)
Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Bummer! There's really no way to do this with setup.py itself? I don't have access to how pip is invoked. I need pip install . to just work in this case.
To my knowledge you can't do this and I think it's a feature because if you were able to do something like that, it would open a big vulnerability for hacking. You would never be certain if the dependencies were being downloaded from a trusted source thus any dependency could be compromised.
If you are building a package for someone to use and hosting it on your private server, how do you not able to tell the people to use -i with pip install?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.