Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/brettlangdon/pypihub

pip compatible server to serve Python packages out of GitHub
https://github.com/brettlangdon/pypihub

Last synced: about 2 months ago
JSON representation

pip compatible server to serve Python packages out of GitHub

Host: GitHub
URL: https://github.com/brettlangdon/pypihub
Owner: brettlangdon
License: mit
Created: 2016-12-21T16:24:04.000Z (about 8 years ago)
Default Branch: master
Last Pushed: 2016-12-22T19:53:35.000Z (about 8 years ago)
Last Synced: 2024-10-12T22:44:54.873Z (3 months ago)
Language: Go
Size: 1.7 MB
Stars: 4
Watchers: 4
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        PyPIHub

=======

PyPI server for serving Python packages out of GitHub.

This project is useful if you have private Python packages in GitHub that you want to install via `pip`.

*Note:* You can use `-e git+ssh://[email protected]//@` with `pip` to install private packages using git.

However, if you needed to allow someone without ssh access to GitHub the ability to install your package, or make private packages installable from a location that does not have ssh access to GitHub (e.g. docker container) then this server will make that easier for you.

## Installing

```bash

go get github.com/brettlangdon/pypihub

```

## Running

```bash

pypihub -h

usage: pypihub --username USERNAME --access-token ACCESS-TOKEN [--bind BIND] [REPONAMES [REPONAMES ...]]

positional arguments:

  reponames              list of '/' repos to proxy for (env: PYPIHUB_REPOS)

options:

  --username USERNAME, -u USERNAME

                         Username of GitHub user to login as (env: PYPIHUB_USERNAME)

  --access-token ACCESS-TOKEN, -a ACCESS-TOKEN

                         GitHub personal access token to use for authenticating (env: PYPIHUB_ACCESS_TOKEN)

  --bind BIND, -b BIND   [
]: to bind the server to (default: ':8287') (env: PYPIHUB_BIND) [default: :8287]

  --help, -h             display this help and exit

```

### Example

```bash

pypihub -u "" -a "" "brettlangdon/flask-env" "brettlangdon/flask-defer" [... /]

```

```bash

export PYPIHUB_USERNAME=""

export PYPIHUB_ACCESS_TOKEN="""

export PYPIHUB_REPOS="brettlangdon/flask-env brettlangdon/flask-defer [... /]"

pypihub

```

## Docker

```bash

docker run --rm -it -p "8287:8287" -e PYPIHUB_USERNAME="" -e PYPIHUB_ACCESS_TOKEN="" -e PYPIHUB_REPOS="/ ..." brettlangdon/pypihub:latest

```

### Using an env file

```

PYPIHUB_USERNAME=

PYPIHUB_ACCESS_TOKEN=

PYPIHUB_REPOS=/ ...

```

```bash

docker run --rm -it -p "8287:8287" --env-file ./.env brettlangdon/pypihub:latest

```

## Endpoints

* `/` - Page containing all links for all projects/assets

  * This endpoint can be used with `--find-links` to make all projects accessible

  * e.g. `pip install --find-links http://localhost:8287/`

* `/` - Page containing all links for a given GitHub repo owner

  * This endpoint can be used with `--find-links` to make all projects for a given GitHub owner accessible

  * e.g. `pip install --find-links http://localhost:8287/brettlangdon`

* `//` - Page containing all links for a specific GitHub repo

  * This endpoint can be used with `--find-links` to make all releases for a specific GitHub repo accessible

  * e.g. `pip install --find-links http://localhost:8287/brettlangdon/flask-env`

* `/simple` - PyPI simple index page

  * This page lists all of the project names available

  * This endpoint can be used with `--index-url` or `--extra-index-url`

  * e.g. `pip install --extra-index-url http://localhost:8287/simple`

* `/simple/` - PyPI simple index project links page

  * This page contains the links for the given project name

  * This endpoint can be used with `--find-links`, but is typically used by `pip` when using `--extra-index-url`

  * See `/simple` example above for usage

## Usage with pip

### Simple index

```bash

pip install --index-url http://localhost:8287/simple 

pip install --extra-index-url http://localhost:8287/simple 

```

### Find links

```bash

pip install --find-links http://localhost:8287/ 

pip install --find-links http://localhost:8287/ project

pip install --find-links http://localhost:8287// project

```

### requirements.txt

```

--find-links http://localhost:8287/

```

```bash

pip install -r requirements.txt

```

## GitHub repo requirements

### Project structure

PyPIHub will not validate the source files of your package, however, you should structure the package as though you would publish them to [PyPI](https://pypi.org).

This means that your package should contain a `setup.py` file and be installable (you can use `python setup.py install` or `python setup.py develop` to test).

### Releases

PyPIHub expects that you use tags in your repo to denote releases.

If you use [GitHub releases](https://github.com/blog/1547-release-your-software) for your repo, then only those releases will be used by PyPIHub.

However, if you do not use GitHub releases, then all git tags will be used as versions.

### Version names

It is recommended (but not required) that you use [Semantic Versioning](http://semver.org/) of your projects.

*Note:* PyPIHub will automatically strip any leading `v` from your version/tag name. This will turn `v1.0.0` into `1.0.0`, which is more `pip` friendly.

### Assets

PyPIHub will always try to make a `.tar.gz` source asset available for installing from either your release or tag.

However, it is recommended that create a release and build/upload the assets for your package.

See [Creating releases](https://github.com/blog/1547-release-your-software#creating-releases) for more information.

To build assets, you can use `python setup.py sdist bdist_wheel` which will create a `.tar.gz` and a `.whl` file into a `./dist` directory.

Both of these files can and should be attached to the release.

## Differences with other projects

PyPIHub differs from other projects, like [devpi](http://doc.devpi.net/latest/) in that it doesn't try to be a fully functioning replica of [PyPI](https://pypi.org/).

PyPIHub does not support creating users, uploading packages, or even mirroring PyPI. Is meant purely as a `pip` compatible proxy for packages stored in GitHub repos.

## Security

PyPIHub does not offer any security/authentication methods. This means that anyone who has access to make HTTP requests to the server will be able to access all source files for the proxied projects.

This implementation is by design. PyPIHub is meant to act as an unauthenticated proxy for private python packages for local development/testing.