Using alternative package indexes#
While uv uses the official Python Package Index (PyPI) by default, it also supports alternative package indexes. Most alternative indexes require various forms of authentication, which requires some initial setup.
Important
Please read the documentation on using multiple indexes in uv — the default behavior is different from pip to prevent dependency confusion attacks, but this means that uv may not find the versions of a package as you'd expect.
Azure Artifacts#
uv can install packages from
Azure DevOps Artifacts.
Authenticate to a feed using a
Personal Access Token
(PAT) or interactively using the keyring
package.
Using a PAT#
If there is a PAT available (eg
$(System.AccessToken)
in an Azure pipeline),
credentials can be provided via the "Basic" HTTP authentication scheme. Include the PAT in the
password field of the URL. A username must be included as well, but can be any string.
For example, with the token stored in the $ADO_PAT
environment variable, set the index URL with:
$ export UV_EXTRA_INDEX_URL=https://dummy:$ADO_PAT@pkgs.dev.azure.com/{organisation}/{project}/_packaging/{feedName}/pypi/simple/
Using keyring
#
If there is not a PAT available, authenticate to Artifacts using the
keyring
package with
the artifacts-keyring
plugin. Because these two
packages are required to authenticate to Azure Artifacts, they must be pre-installed from a source
other than Artifacts.
The artifacts-keyring
plugin wraps
the Azure Artifacts Credential Provider tool.
The credential provider supports a few different authentication modes including interactive login —
see the tool's documentation for information
on configuration.
uv only supports using the keyring
package in
subprocess mode.
The keyring
executable must be in the PATH
, i.e., installed globally or in the active
environment. The keyring
CLI requires a username in the URL, so the index URL must include the
default username VssSessionToken
.
$ # Pre-install keyring and the Artifacts plugin from the public PyPI
$ uv tool install keyring --with artifacts-keyring
$ # Enable keyring authentication
$ export UV_KEYRING_PROVIDER=subprocess
$ # Configure the index URL with the username
$ export UV_EXTRA_INDEX_URL=https://[email protected]/{organisation}/{project}/_packaging/{feedName}/pypi/simple/
AWS CodeArtifact#
uv can install packages from AWS CodeArtifact.
The authorization token can be retrieved using the awscli
tool.
Note
This guide assumes the AWS CLI has previously been authenticated.
First, declare some constants for your CodeArtifact repository:
export AWS_DOMAIN="<your-domain>"
export AWS_ACCOUNT_ID="<your-account-id>"
export AWS_REGION="<your-region>"
export AWS_CODEARTIFACT_REPOSITORY="<your-repository>"
Then, retrieve a token from the awscli
:
export AWS_CODEARTIFACT_TOKEN="$(
aws codeartifact get-authorization-token \
--domain $AWS_DOMAIN \
--domain-owner $AWS_ACCOUNT_ID \
--query authorizationToken \
--output text
)"
And configure the index URL:
export UV_EXTRA_INDEX_URL="https://aws:${AWS_CODEARTIFACT_TOKEN}@${AWS_DOMAIN}-${AWS_ACCOUNT_ID}.d.codeartifact.${AWS_REGION}.amazonaws.com/pypi/${AWS_CODEARTIFACT_REPOSITORY}/simple/"
Publishing packages#
If you also want to publish your own packages to AWS CodeArtifact, you can use twine
as described
in the publishing guide. You will need to set TWINE_REPOSITORY_URL
separately
from the credentials:
# Configure twine to use AWS CodeArtifact
export TWINE_REPOSITORY_URL="https://${AWS_CODEARTIFACT_TOKEN}@${AWS_DOMAIN}-${AWS_ACCOUNT_ID}.d.codeartifact.${AWS_REGION}.amazonaws.com/pypi/${AWS_CODEARTIFACT_REPOSITORY}/"
export TWINE_USERNAME=aws
export TWINE_PASSWORD="$AWS_CODEARTIFACT_TOKEN"
# Publish the package
uv run twine upload dist/*
Other indexes#
uv is also known to work with JFrog's Artifactory and the Google Cloud Artifact Registry.