`pipenv install --index <my-pypi-registry> <my-package>` generates a Pipfile that `pipenv lock` can't handle

[ben-g-]

I start from a completely blank slate -- no Pipfile, no Pipfile.lock, no virtual environment. And I execute a command like

pipenv install --index <my-pypi-registry> <my-package>

where <my-pypi-registry> is a private PyPI registry (not a mirror of the public PyPI registry!) that hosts the package <my-package>.

The result of the command is:

• a virtual environment is successfully created
• and a Pipfile is generated
• but locking fails.

...
Successfully created virtual environment!
Virtualenv location: C:\tmp\tmp-venv\.venv
Creating a Pipfile for this project...
Installing <my-package>...
Adding <my-package> to Pipfile's [packages]...
Installation Succeeded
Pipfile.lock not found, creating...
Locking [dev-packages] dependencies...
Locking [packages] dependencies...
 Locking...Building requirements...
Resolving dependencies...
Locking Failed!

CRITICAL:pipenv.patched.notpip._internal.resolution.resolvelib.factory:Could not find a version that satisfies the requirement <my-package> (from versions: none)
[ResolutionFailure]:   File "c:\python391\lib\site-packages\pipenv\resolver.py", line 743, in _main
[ResolutionFailure]:       resolve_packages(pre, clear, verbose, system, write, requirements_dir, packages, dev)
[ResolutionFailure]:   File "c:\python391\lib\site-packages\pipenv\resolver.py", line 704, in resolve_packages
[ResolutionFailure]:       results, resolver = resolve(
[ResolutionFailure]:   File "c:\python391\lib\site-packages\pipenv\resolver.py", line 685, in resolve
[ResolutionFailure]:       return resolve_deps(
[ResolutionFailure]:   File "c:\python391\lib\site-packages\pipenv\utils.py", line 1370, in resolve_deps
[ResolutionFailure]:       results, hashes, markers_lookup, resolver, skipped = actually_resolve_deps(
[ResolutionFailure]:   File "c:\python391\lib\site-packages\pipenv\utils.py", line 1099, in actually_resolve_deps
[ResolutionFailure]:       resolver.resolve()
[ResolutionFailure]:   File "c:\python391\lib\site-packages\pipenv\utils.py", line 877, in resolve
[ResolutionFailure]:       raise ResolutionFailure(message=str(e))
[pipenv.exceptions.ResolutionFailure]: Warning: Your dependencies could not be resolved. You likely have a mismatch in your sub-dependencies.
  You can use $ pipenv install --skip-lock to bypass this mechanism, then run $ pipenv graph to inspect the situation.
  Hint: try $ pipenv lock --pre if it is a pre-release dependency.
ERROR: No matching distribution found for <my-package>

The generated Pipfile looks like this:

[[source]]
url = "https://pypi.org/simple"
verify_ssl = true
name = "pypi"

[packages]
<my-package> = {version = "*", index = "<my-pypi-registry>"}
...

That looks reasonable, but pipenv lock fails on it with the error shown above.

However, if I manually change the Pipfile to look like this, then pipenv lock succeeds, even though this seems essentially the same:

[[source]]
url = "https://pypi.org/simple"
verify_ssl = true
name = "pypi"

[[source]]
url = "<my-pypi-registry>"
verify_ssl = true
name = "mypypi"

[packages]
<my-package> = {version = "*", index = "mypypi"}
...

---

If (again starting from a completely blank slate) I replace --index with --extra-index-url, so my command looks like this:

pipenv install --extra-index-url <my-pypi-registry> <my-package>

then the command's output looks the same, meaning

• a virtual environment is successfully created
• and a Pipfile is generated
• but locking fails with the same error as above.

However, in this case, the generated Pipfile is clearly wrong, in that it doesn't reference <my-pypi-registry> at all, so it's not surprising that pipenv lock fails on it. It looks like this:

[[source]]
url = "https://pypi.org/simple"
verify_ssl = true
name = "pypi"

[packages]
<my-package> = "*"
...

---

In summary, this might be two separate bugs.

1. pipenv lock fails on the seemingly correct Pipfile generated by pipenv install --index ....
2. pipenv install --extra-index-url ... generates an incorrect Pipfile.

---

I'm using pipenv version 2021.11.15, which I installed using pip.

[Yuribtr]

Seems this problem resurrected in last release 2022.3.28 (at least).
I was unable to install python packages from my private repository. The same problem raised:

CRITICAL:pipenv.patched.notpip._internal.resolution.resolvelib.factory:Could not find a version that satisfies the requirement my-utils (from versions: none)

Pipfile is:

[[source]]
url = "https://pypi.org/simple"
verify_ssl = true
name = "pypi"

[[source]]
url = "http://nexus.localhost:8081/repository/pypi-internal/simple/"
verify_ssl = false
name = "nexus"

[dev-packages]
ipython = "*"
pytest = "*"
pytest-env = "*"
pytest-cov = "*"
flake8 = "*"
flake8-broken-line = "*"
flake8-builtins = "*"
flake8-commas = "*"
flake8-comprehensions = "*"
flake8-mutable = "*"
flake8-print = "*"
flake8-cognitive-complexity = "*"
flake8-functions = "*"
flake8-quotes = "*"
pre-commit = "*"
requests = "*"

[packages]
fastapi = "*"
uvicorn = "*"
gunicorn = "*"
python-json-logger = "*"
markdown2 = "*"
my-utils = {extras = ["fastapi"], version = "*",  index = "nexus"}

[requires]
python_version = "3.9"

[pipenv]
allow_prereleases = false

Also another problem raised, if in Pipfile I swap sources like this:

[[source]]
url = "http://nexus.localhost:8081/repository/pypi-internal/simple/"
verify_ssl = false
name = "nexus"

[[source]]
url = "https://pypi.org/simple"
verify_ssl = true
name = "pypi"

........

In above case I get:

CRITICAL:pipenv.patched.notpip._internal.resolution.resolvelib.factory:Could not find a version that satisfies the requirement flake8-comprehensions (from versions: none)

Solution:
pip install "pipenv==2022.1.8"

[matteius]

@Yuribtr Well the example is going to be hard to reproduce since I don't have the private pypi package my-utils ... however I have a theory. Can you try removing the extras = ["fastapi"] and add that as its own dependency to your requirements? I suspect that could be causing the issue and neither the basics or advacned pipenv docs page talks about that syntax. If you find there is still an issue, could you open a new issues report for this?

[bkraft4257]

I have been able to reproduce this exact same problem. The only differences based upon the description are

1. I am using a different private repository and a different package
2. I did not use extras when specifying the package in the private repo. Just version and index. sdspytools = {version="==0.7.1", name="private-pypi"}

Installation of the dependencies went fine. I verified this by marking sure sdspytools was installed in the site-packages. Locking always fails. What I think is happening is that locking mechanism is only accessing the public repo. You can see the traceback message shows from versions: none. I used to see this error only when access to my private repository was not set up correctly.

I am using environment variables in my Pipfile to pass in the password and username to the URL. I thought this might be a problem so as a test I hard coded my username and password in the URL in the Pipfile. Unfortunately, the result was the same.

`
(cdi-data-blackdog) (my_python38) [ec2-user@ip-10-10-64-184 cdi-data-blackdog]$ pipenv install --dev

Courtesy Notice: Pipenv found itself running within a virtual environment, so it will automatically use that environment, instead of creating its own for any project. You can set PIPENV_IGNORE_VIRTUALENVS=1 to force pipenv to ignore that environment and create its own instead. You can set PIPENV_VERBOSITY=-1 to suppress this warning.

Pipfile.lock (dc4640) out of date, updating to (300441)...
Locking [dev-packages] dependencies...
Building requirements...
Resolving dependencies...
✔ Success!
Locking [packages] dependencies...
Building requirements...
Resolving dependencies...
✘ Locking Failed!

CRITICAL:pipenv.patched.notpip._internal.resolution.resolvelib.factory:Could not find a version that satisfies the requirement sdspytools==0.7.1 (from versions: none)`

[bkraft4257]

Another piece of information that may be useful is when I run pipenv graph I can see that my package has been installed and there are no conflicts reported (at least none that I have noticed).

[matteius]

@bkraft4257 This is a closed issue you are commenting on, and also you did not indicate the version of pipenv you are running or the contents of an example Pipfile. If you would like support please ensure you are running the latest version, have checked recent opened issues and potentially file a new issue report. Thanks!