Configuration
Detailed Configuration
pip.conf
Configure pip globally so you do not need to pass --index-url on every install.
User-level (~/.config/pip/pip.conf on Linux/macOS, %APPDATA%\pip\pip.ini on Windows):
[global]
index-url = https://<REGION>-python.pkg.dev/<PROJECT>/<REPOSITORY>/simple/
Project-level (pip.conf in your virtualenv root):
[global]
index-url = https://<REGION>-python.pkg.dev/<PROJECT>/<REPOSITORY>/simple/
~/.pypirc
If you need to configure multiple registries or use tools that read ~/.pypirc:
[distutils]
index-servers =
eigenoid
[eigenoid]
repository = https://<REGION>-python.pkg.dev/<PROJECT>/<REPOSITORY>/
Poetry
Add the Artifact Registry repository as a source:
poetry source add eigenoid https://<REGION>-python.pkg.dev/<PROJECT>/<REPOSITORY>/simple/
Then install packages as usual:
poetry add <PACKAGE_NAME>
info
Poetry uses the keyring backend automatically when keyrings.google-artifactregistry-auth is installed.
Security Best Practices
tip
Follow these best practices to keep your credentials secure.
- Never commit service account keys to source control — add
*.jsonto.gitignore. - Do not bake keys into Docker images. Use build secrets or mount them at runtime.
- Rotate keys periodically and revoke unused ones through the Eigenoid portal.
- Restrict
GOOGLE_APPLICATION_CREDENTIALSfile permissions:chmod 600 /path/to/your-key.json.