How to write setup.py to include a Git repository as a dependency
Solution 1
Note: this answer is now outdated. Have a look at this answer from @Dick Fox for up-to-date instructions: https://stackoverflow.com/a/54794506/2272172
You can find the right way to do it here.
dependency_links=['http://github.com/user/repo/tarball/master#egg=package-1.0']
The key is not to give a link to a Git repository, but a link to a tarball. GitHub creates a tarball of the master branch for you if you append /tarball/master
as shown above.
Solution 2
After digging through the pip issue 3939 linked by @muon in the comments above and then the PEP-508 specification, I found success getting my private repo dependency to install via setup.py
using this specification pattern in install_requires
(no more dependency_links
):
install_requires = [
'some-pkg @ git+ssh://[email protected]/someorgname/[email protected]#egg=some-pkg',
]
The @v1.1
indicates the release tag created on github and could be replaced with a branch, commit, or different type of tag.
Solution 3
This answer has been updated regularly as Python has evolved over the years. Scroll to the bottom for the most current answer, or read through to see how this has evolved.
Unfortunately the other answer does not work with private repositories, which is one of the most common use cases for this. I eventually did get it working with a setup.py
file that looks like this (now deprecated) method:
from setuptools import setup, find_packages
setup(
name = 'MyProject',
version = '0.1.0',
url = '',
description = '',
packages = find_packages(),
install_requires = [
# Github Private Repository - needs entry in `dependency_links`
'ExampleRepo'
],
dependency_links=[
# Make sure to include the `#egg` portion so the `install_requires` recognizes the package
'git+ssh://[email protected]/example_org/ExampleRepo.git#egg=ExampleRepo-0.1'
]
)
Newer versions of pip make this even easier by removing the need to use "dependency_links"-
from setuptools import setup, find_packages
setup(
name = 'MyProject',
version = '0.1.0',
url = '',
description = '',
packages = find_packages(),
install_requires = [
# Github Private Repository
'ExampleRepo @ git+ssh://[email protected]/example_org/ExampleRepo.git#egg=ExampleRepo-0.1'
]
)
However, with the very latest pip you'll run into issues with the EGG format handler. This is because while the egg is ignored pip is now doing direct URL matching and will consider two URLs, one with the egg fragment and the other without, to be completely different versions even if they point to the same package. As such it's best to leave any egg fragments off.
June 2021 - setup.py
So, the best way (current to June 2021) to add a dependency from Github to your setup.py that will work with public and private repositories:
from setuptools import setup, find_packages
setup(
name = 'MyProject',
version = '0.1.0',
url = '',
description = '',
packages = find_packages(),
install_requires = [
# Github Private Repository
'ExampleRepo @ git+ssh://[email protected]/example_org/ExampleRepo.git'
]
)
February 2022 - setup.cfg
Apparently setup.py is being deprecated (although my guess is it'll be around for awhile) and setup.cfg is the new thing.
[metadata]
name = MyProject
version = 0.1.1
[options]
packages = :find
install_requires =
ExampleRepo @ git+ssh://[email protected]/example_org/ExampleRepo.git
June 16th 2022 - pyproject.toml
setup.cfg is already "pre" deprecated. as setuptools now has experimental support for pyproject.toml files.
This is the future, but since this is still experimental it should not be used in real projects for now. Even though setup.cfg
is on its way out you should use it for a declarative format, otherwise setup.py is still the way to go. This answer will be updated when setuptools has stabilized their support of the new standard.
Solution 4
A more general answer: To get the information from the requirements.txt file I do:
from setuptools import setup, find_packages
from os import path
loc = path.abspath(path.dirname(__file__))
with open(loc + '/requirements.txt') as f:
requirements = f.read().splitlines()
required = []
dependency_links = []
# Do not add to required lines pointing to Git repositories
EGG_MARK = '#egg='
for line in requirements:
if line.startswith('-e git:') or line.startswith('-e git+') or \
line.startswith('git:') or line.startswith('git+'):
line = line.lstrip('-e ') # in case that is using "-e"
if EGG_MARK in line:
package_name = line[line.find(EGG_MARK) + len(EGG_MARK):]
repository = line[:line.find(EGG_MARK)]
required.append('%s @ %s' % (package_name, repository))
dependency_links.append(line)
else:
print('Dependency to a git repository should have the format:')
print('git+ssh://[email protected]/xxxxx/xxxxxx#egg=package_name')
else:
required.append(line)
setup(
name='myproject', # Required
version='0.0.1', # Required
description='Description here....', # Required
packages=find_packages(), # Required
install_requires=required,
dependency_links=dependency_links,
)
Solution 5
Actually if you like to make your packages installable recursively (YourCurrentPackage includes your SomePrivateLib), e.g. when you want to include YourCurrentPackage into another one (like OuterPackage → YourCurrentPackage → SomePrivateLib) you'll need both:
install_requires=[
...,
"SomePrivateLib @ git+ssh://github.abc.com/abc/[email protected]#egg=SomePrivateLib"
],
dependency_links = [
"git+ssh://github.abc.com/abc/[email protected]#egg=SomePrivateLib"
]
And make sure you have a tag created with your version number.
Also if your Git project is private and you like to install it inside the container, e.g., a Docker or GitLab runner, you will need authorized access to your repository. Please consider to use Git + HTTPS with access tokens (like on GitLab: https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html):
import os
from setuptools import setup
TOKEN_VALUE = os.getenv('EXPORTED_VAR_WITH_TOKEN')
setup(
....
install_requires=[
...,
f"SomePrivateLib @ git+https://gitlab-ci-token:{TOKEN_VALUE}@gitlab.server.com/abc/[email protected]#egg=SomePrivateLib"
],
dependency_links = [
f"git+https://gitlab-ci-token:{TOKEN_VALUE}@gitlab.server.com/abc/[email protected]#egg=SomePrivateLib"
]
)
Updated:
You have to put #egg=SomePrivateLib at the end of dependency line if you like to have this dependency in requirements.txt file. Otherwise pip install -r requirements.txt won't work for you and you wil get something like:
ERROR: Could not detect requirement name for 'git+https://gitlab-ci-token:[email protected]/abc/[email protected]', please specify one with #egg=your_package_name
If you use reuirements.txt, this part is resposible for name of dependency’s folder that would be created inside python_home_dir/src and for name of egg-link in site-packages/
You can use a environment variable in your requirements.txt to store your dependency’s token value safe in your repo:
Example row in requrements.txt file for this case:
....
-e git+https://gitlab-ci-token:${EXPORTED_VAR_WITH_TOKEN}@gitlab.server.com/abc/[email protected]#egg=SomePrivateLib
....
Ankur Agarwal
Updated on April 25, 2022Comments
-
Ankur Agarwal about 2 years
I am trying to write
setup.py
for my package. My package needs to specify a dependency on another Git repository.This is what I have so far:
from setuptools import setup, find_packages setup( name='abc', packages=find_packages(), url='https://github.abc.com/abc/myabc', description='This is a description for abc', long_description=open('README.md').read(), install_requires=[ "requests==2.7.0", "SomePrivateLib>=0.1.0", ], dependency_links = [ "git+git://github.abc.com/abc/SomePrivateLib.git#egg=SomePrivateLib", ], include_package_data=True, )
When I run:
pip install -e https://github.abc.com/abc/myabc.git#egg=analyse
I get
Could not find a version that satisfies the requirement SomePrivateLib>=0.1.0 (from analyse) (from versions: ) No matching distribution found for SomePrivateLib>=0.1.0 (from analyse)
What am I doing wrong?
-
bcattle over 3 yearsNote that setup.py and pip are completely different systems. One issue that I had was that I was able to get this working for pip but not for setup.py.
-
-
Eugen over 7 yearsIs it possible to disable server certificate verification on downloading the dependency ?
-
cel over 7 years@Eugen, there's a
--trusted-host
option, but I am not sure if it helps. You might get a good answer if you ask in a new question. -
Eugen over 7 yearsI've found stackoverflow.com/questions/29170630/…
-
muon about 6 yearslooks like this method is deprecated per github.com/pypa/pip/issues/3939
-
Robert Hafner over 5 yearsThis method is also useless for private repositories, since there's no way to authenticate.
-
cel over 5 years@tedivm, according to the docs, it should in principle be possible to give a git url there instead of https, so I guess you can make it work with private repositories. (see setuptools.readthedocs.io/en/latest/…) If you manage to get it to work it may be worth to post this as a separate answer here.
-
Robert Hafner about 5 yearsI did manage to get it working and have added another answer.
-
Brian about 5 yearsNote: This works fine for local/private packages, however, you cannot release a package to PyPI that uses this syntax in its setup.py
-
Elephant over 4 years@Brian Could you please provide a link to official statement?
-
Peteris over 4 yearscould you please elaborate what
-0.1
stands for in your approach? Do you take the version number from a git release or from thesetup.py
description? -
Robert Hafner over 4 yearsFrom the setup.py file- if you want to use a specific branch or tag you format things a little differently.
-
multithr3at3d over 4 yearsNote you can do
git+https://github.com
if you don't want to use SSH. -
multithr3at3d over 4 yearsThis doesn't seem to work (anymore?), @DickFox's answer is the way to go.
-
Martin Thoma over 4 yearsThe
/tarball/master
method does not work for gitlab -
Piacenti about 4 yearsSo what is the correct approach for doing a --upgrade? Even though I specify a tag version an upgrade just ignores newer tag versions
-
Dominick Pastore about 4 years@Elephant Not super official, but these are at least comments on the pip GitHub project from actual members of the PyPA: github.com/pypa/pip/issues/4187#issuecomment-415667805 and further explanation: github.com/pypa/pip/issues/4187#issuecomment-415067034
-
SwimBikeRun almost 4 yearsDeprecated. Correct answer is to use Pep508, answered by @Dick Fox below
-
Keto over 3 years"Unfortunately the other answer does not work with private repositories" This is no longer true Fox's answer does work on private repo without needing
dependency_links
(which is deprecated) -
Robert Hafner over 3 yearsThanks @Keto! I don't know why your edit got rejected but the mods, but I went ahead and overrode that rejection to add the deprecation notice to the answer.
-
khaverim over 3 yearshow do you specify a commit instead of a release version?
-
Eduardo Pignatelli over 3 yearsIs there a protocol that works both for pip requirements files and
install_requires
? I usually use the patterninstall_requires=open("requirements.txt", "r").read().splitlines()
-
Vinay over 3 yearsthanks, how can we specify the whl file form the github location?
-
SilentW about 3 yearsThis really ought to be the top answer, it's actually relevant in the current time.
-
JAR.JAR.beans about 3 years@Piacenti Did you came across any solution to the upgrade path ?
-
DineshKumar almost 3 yearsThanks a lot. This worked for me after 2 days of banging my head with
setup.py
. It worked like a charm for my private/internal repository. Just one difference is I didn't add the#egg
part. -
DineshKumar almost 3 yearsCould save someone's effort.
my-dependent-sdk @ git+https://<mypersonaltoken>@github.private.com/myorg/my-dependent-sdk.git@master
-
sam almost 3 yearsThis does not seem to work if then installing via
python setup.py develop
. Instead usingpip install -e .
worked for me. -
Alex Zvoleff almost 3 yearsThis doesn't seem to work when running
python setup.py install
- it only works for me forpip install -e [module_name]
. Is that true for all? This is on pip 21.1.3 -
Robert Hafner almost 3 yearsI recommend always using pip and not using setup.py install. This answer has a lot more details on why- stackoverflow.com/a/15731459/212774
-
mildewey over 2 yearsIn one of the answers below, it suggests removing the #egg= section. I needed that piece of information to get it to work for my repo.
-
Nomios over 2 years@EduardoPignatelli if someone is looking for that as well you can run for each line:
line = re.sub(r'(git\+.*egg=(.*))', '\2 @ \1', line)
-
A. West over 2 yearsI get "Host key verification failed." using ssh, but using https works, e.g:
pkg @ git+https://github.com/user/pkg.git
- also best answer here -
Robert Hafner over 2 yearsYou can resolve the host key verification by adding the host key to your known key list. Using github as an example, in a shell run
ssh-keyscan github.com >> ~/.ssh/known_hosts
.