Pipenv install w/ Keychain Support on Private Registry Fails to find package

[smittysmee]

Be sure to check the existing issues (both open and closed!), and make sure you are running the latest version of Pipenv.

Check the diagnose documentation for common issues before posting! We may close your issue if it is very similar to one of them. Please be considerate, or be on your way.

Make sure to mention your debugging experience if the documented solution failed.

Issue description

While leverage Google Artifact Registry under pipenv version 2023.4.29 all is well and system validated with oauth2accesstoken as expected.

Upgrade pipenv to either version 2023.5.19 or 2023.6.2, the system is unable to find the previously found package.

Expected result

Describe what you expected.

ERROR: Could not find a version that satisfies the requirement REDACTED==3.0.2 (from versions: none)
ERROR: No matching distribution found for REDACTED==3.0.2

Actual result

When possible, provide the verbose output (--verbose), especially for locking and dependencies resolving issues.

Steps to replicate

Pipfile

[[source]]
url = "https://pypi.org/simple"
verify_ssl = true
name = "pypi"

[[source]]
url = "https://oauth2accesstoken@us-python.pkg.dev/PROJECT/REDACTED/simple/"
verify_ssl = true
name = "REDACTED"

[pipenv]
disable_pip_input = false

[packages]
some_private_lib = {version = "*", index = "REDACTED"}

[dev-packages]
pytest = "*"

Commands:

gcloud artifacts print-settings python --project=REDACTED \
    --repository=REDACTED \
    --location=us > ~/.pypirc

pip install --upgrade pip
pip install pipenv keyring keyrings.google-artifactregistry-auth --upgrade
gcloud auth application-default login
pipenv install --dev

---

Please run $ pipenv --support, and paste the results here. Don't put backticks (`) around it! The output already contains Markdown formatting.

If you're on macOS, run the following:

$ pipenv --support | pbcopy

If you're on Windows, run the following:

> pipenv --support | clip

If you're on Linux, run the following:

$ pipenv --support | xclip

Unable to send output due to sensitive information about the environment.

[matteius]

There might be some recent discussion here that could be helpful: #4706

I am not sure right off what could have changed related to those code paths between 2023.4.29 and 2023.5.19 -- I did an initial compare and nothing stood out.

[Darsstar]

I tested both 2023.5.19 and 2023.6.2, and the keyring related stuff works just fine for me when pointed to our Azure DevOps Artifact Feed. (They no longer detect my pyenv-win 3.8.10 installation, so I temporarily added it to my PATH. I don't expect that to be relevant, but I have been wrong before.)

Are you sure that in your verbose output there is nothing about conflicting requirements?

[matteius]

Part of my changes to pythonfinder is you shouldn't have to add pyenv things to your PATH other than the PYENV_HOME because it should be adding the various installed versions to the PATH. It may be finding a system python without any args -- so try passing --python 3.8.10 as an alternative to modifying the PATH.

[smittysmee]

Part of my changes to pythonfinder is you shouldn't have to add pyenv things to your PATH other than the PYENV_HOME because it should be adding the various installed versions to the PATH. It may be finding a system python without any args -- so try passing --python 3.8.10 as an alternative to modifying the PATH.

Hmmmm, this is interesting. Yes, so both machines were running items within a virtualenv. Let me give this a try to see what the outcome is.

[smittysmee]

I tested both 2023.5.19 and 2023.6.2, and the keyring related stuff works just fine for me when pointed to our Azure DevOps Artifact Feed. (They no longer detect my pyenv-win 3.8.10 installation, so I temporarily added it to my PATH. I don't expect that to be relevant, but I have been wrong before.)

Are you sure that in your verbose output there is nothing about conflicting requirements?

Yes, I narrowed down the venv to only include a single package that was verified to be installed via pip apart from pipenv.

[matteius]

Unfortunately I am not setup for a key-ring reproduction test/case environment.

[matteius]

@smittysmee I am wondering if you have experimented at all with passing extra pip args?

I see pip there is an argument --keyring-provider -- it is disabled by default. It is possible to pass extra arguments to pipenv like --extra-pip-args="--keyring-provider=auto"

Any suggestions on the easiest way for me to be setup to do similar reproduction tests?

[matteius]

I just setup a google artifact registry and while I can install the sampleproject with pip, I cannot get it to resolve via pipenv, even on the version you specify that works.

[Darsstar]

I see pip there is an argument --keyring-provider -- it is disabled by default.

Whoops, the actual default is auto, time to make another PR.

pip config set --global global.keyring-provider subprocess is what I use. It finds the keyring executable I installed with pipx:

pipx install keyring
pipx inject keyring artifacts-keyring

[matteius]

I have gotten to the bottom of why this is breaking: #4706 (comment)

[smittysmee]

Bravo!