I'm deploying a Python Django app to Heroku, and I'd like to customize the requirements.txt file (by adding a git-backed dependency with password) only when I deploy to certain environments like Heroku. I'd love to set this in an environment variable or something, but I don't believe pip has any functionality like that. My idea was to use a hook that Heroku provides to place a script which would add to my requirements.txt before the dependencies are installed. Is that possible?

You can include a requirements file in another requirements file.

# requirements.txt    
-r requirements/base.txt

# requirements/base.txt
django==1.6

# requirements/heroku.txt
-r requirements/base.txt
djpostgresurlthing==1.0.0

# requirements/dev.txt
-r requirements/base.txt
django-debug-toolbar

I typically keep a requirements.txt file in the root of the project that just includes other requirements files(usually prod or a base) and make a requirements/ folder with environment specific stuff. So locally I'd pip install -r requirements/dev.txt and on the server pip install -r requirements/prod.txt.

For your case with heroku, you need the root requirements.txt to be for heroku. So you can just use that file to include your heroku requirements file.

# requirements.txt    
-r requirements/heroku.txt

There's probably SOME way to tell heroku to use a different file. But this would be an easy way to get around it.

You can do standard HTTPS auth:

# requirements.txt
git+https://user:password@example.com/dir/repo.git

But a much cleaner way would be to host your own set of requirements, see: https://devcenter.heroku.com/articles/python-pip#private-indexes

For managing different environment requirements, you can simply use requirements.txt for production and requirements-dev.txt for local development, or one of @yellottyellott's suggestions for including dependencies from other files.