Values in /etc/pip.conf and /etc/xdg/pip/pip.conf are not ignored by pip despite --isolated flag #335
Description
Use of the --isolated flag in the bundled piptool.par ignores environment variable PIP_INDEX_URL as expected, but not index urls defined in /etc/pip.conf and /etc/xdg/pip/pip.conf. This may be the intended behaviour for pip: pypa/pip#3828, but presents challenges for consistent builds across platforms. Seems to ignore PIP_CONFIG_FILE as well.
A passing build on one platform that has a private pypi index server specified in a system configuration file such as /etc/pip.conf, will fail on another that doesn't have this file of course, but there's not even a way to provide a value for this custom index url with an environment variable and --action_env flag. Therefore, in an automated continuous integration environment one cannot simply add an environment variable for this non-hermetic operation, and instead needs to create the system configuration file and place it exactly at /etc/pip.conf.
Support for extra pip args was recently added in, dd7f9c5, which can solve this issue by hardcoding the index urls in the pip_import rule declaration, but then one loses the flexibility of having an environment variable that can have different values depending on the platform.
The location of the index server should not matter for hermetic build purposes as long as the underlying data is the same and produces the same hash. Same argument goes for tools found under PATH and HTTP mirror urls.
In short, what's the best way to provide a custom value for the index url so one can install private repositories?