Summary

I'm trying to set up a repo that uses an Azure Artifacts Feed private registry.

The current documentation gives a good example of how to do this securely for both interactive user environment, and in my case, an Azure DevOps Pipeline.

For users, run uv tool install keyring --with artifacts-keyring and set the following in pyproject.toml:

[tool.uv]
keyring-provider = "subprocess"

[[tool.uv.index]]
name = "private-registry"
url = "https://[email protected]/<ORGANIZATION>/<PROJECT>/_packaging/<FEED>/pypi/simple/"

This avoids having to try and set any permanent environment variables.

The problem:

For Azure DevOps, setting UV_INDEX_PRIVATE_REGISTRY_USERNAME=whatever, UV_INDEX_PRIVATE_REGISTRY_PASSWORD=$(System.AccessToken), and UV_KEYRING_PROVIDER=disabled should work, but it only works if VssSessionToken@ is removed from the index-url in pyproject.toml.

Proposed Solution

It would be great if UV_INDEX_PRIVATE_REGISTRY_USERNAME would override any username set in the url, as that would allow me to not have to try and set the correct env variable in user environments each time.

Or maybe I'm overlooking something that allows me to do the same?

Version

0.9.8