Try JFrog
Guides
Contact SupportTry JFrog
Start typing to search…
  1. Configurations
  2. System Configuration
  3. Artifactory YAML Configuration

Repositories Configurations in Artifactory YAML

Local, remote, and virtual repository configuration settings in the YAML Artifactory configuration file.

Local Repositories
localRepositories:   #Local repositories configuration
 my-local-repo:   #The local repository name
   type: maven | gradle | ivy | helm | sbt | nuget | gems | npm | bower | debian | composer | pypi | docker | vagrant | gitlfs | conan | chef | puppet | huggingfaceml | go | rpm | swift | terraform | terraformbe | alpine | cargo | cocoapods | conda | cran | oci | gems | opkg | pub | generic    #The package type
   checksumPolicyType: server-generated-checksums | client-checksums   #Determines how Artifactory behaves when a client checksum for a deployed resource is missing or conflicts with the locally calculated checksum
   description: "Hello world"   #A free text field that describes the content and purpose of the repository
   dockerApiVersion: V1 | V2   #Only for Docker repositories. The Docker API version
   excludesPattern:  #Provides a way to filter out specific repositories when trying to resolve the location of different artifacts (Ant-like pattern)
   includesPattern:   #Provides a way to filter out specific repositories when trying to resolve the location of different artifacts (Ant-like pattern)
   maxUniqueSnapshots: 0   #Only for Maven and NuGet repositories. Specifies the maximum number of unique snapshots of the same artifact that should be stored. Once this number is reached and a new snapshot is uploaded, the oldest stored snapshot is removed automatically. Default: 0
   maxUniqueTags: 0   #Only for Docker repositories. Specifies the maximum number of unique snapshots of the same artifact that should be stored. Once this number is reached and a new snapshot is uploaded, the oldest stored snapshot is removed automatically. Default: 0
   notes: "Hello world 2"   #A free text field to add additional notes about the repository
   propertySets:   #A list of property sets that will be defined for this repository
     - set1
     - set2
   repoLayout: maven-2-default   #Sets the layout that the repository should use for storing and identifying modules. The layout usually varies for the different package types
   snapshotVersionBehavior: unique | non-unique | deployer   #Specifies the naming convention for Maven SNAPSHOT versions. From release 7.41, the default changed from "non-unique" to "unique" and affects both local and federated repositories . 
   xray:   #Xray settings for the certain repository
     enabled: false   #Indicated whether the repository will be indexed and scanned by Xray
   yumGroupFileNames: yumGroup1   #A comma-separated list of YUM group files associated with your RPM packages
   yumRootDepth: 0   #Informs Artifactory under which level of directory to search for RPMs and save the repodata directory
   blackedOut: false   #If set, Artifactory ignores this repository when trying to resolve artifacts. The repository is also not available for download or deployment of artifacts
   calculateYumMetadata: false   #When set, RPM metadata calculation is automatically triggered by the actions described above
   debianTrivialLayout: false  #Indicates whether the Debian repository uses a trivial layout
   enableFileListsIndexing: false   #When set, Artifactory will index and maintain an RPM filelists.xml metadata file
   forceNugetAuthentication: false  #When set, if anoynmous access is enabled on the Artifactory instance, this will override the behavior and will force client to authentiacate
   handleReleases: true   #If set, Artifactory allows you to deploy release artifacts into this repository
   handleSnapshots: true   #If set, Artifactory allows you to deploy snapshot artifacts into this repository
   suppressPomConsistencyChecks: true   #When deploying an artifact to a repository, Artifactory verifies that the value set for groupId:artifactId:version in the POM is consistent with the deployed path. If there is a conflict between these then Artifcatory will reject the deployment.
   downloadRedirect:   #Settings for redirecting download requests for direct download from cloud storage
     enabled: false   #When true, Artifactory will respond to download requests to this repository with an HTTP 302 redirection return code along with a signed URL directing the calling client to download the requested artifact directly from cloud storage.
   cdnRedirect: false # Redirects to the CDN; applies to Cloud only)
   blockPushingSchema1: false
   primaryKeyPairDescriptor: "mygpgkey"
   secondaryKeyPairRef: "mysecgpgkey"
Remote Repositories
remoteRepositories:   #Remote repositories configuration
  my-remote-repo:   #The remote repository name
    type: maven | gradle | ivy | helm | sbt | nuget | gems | npm | bower | debian | composer | pypi | docker | gitlfs | conan | chef | puppet | huggingfaceml | go | rpm | swift | terraform | alpine | cargo | cocoapods | conda | cran | oci | opkg | p2 | pub | vcs | generic   #The package type
    url: https://repo1.maven.org/maven2/   #The URL for the remote repository. Needs to be only HTTP and HTTPS URLs
    username: user   #The remote repository username, when authentication is required
    password: password   #The remote repository password, when authentication is required

    assumedOfflinePeriodSecs: 300   #The number of seconds the repository stays in assumed offline state after a connection error. At the end of this time, an online check is attempted in order to reset the offline status. A value of 0 means the repository is never assumed offline.
    remoteRepoChecksumPolicyType: generate-if-absent | fail | ignore-and-generate | pass-thru   #Only for Maven repositories. The Checksum Policy determines how Artifactory behaves when a client checksum for a remote resource is missing or conflicts with the locally calculated checksum
    clientTlsCertificate: tls-certificate   #The client TLS certificate (alias) that will be used when authentiacating against the remote resource.
    description: "Hello world"   #A free text field that describes the content and purpose of the repository
    dockerApiVersion: V1 | V2   #Only for Docker repositories. The Docker API version
    excludesPattern: excludingremote1   #Provides a way to filter out specific repositories when trying to resolve the location of different artifacts (Ant-like pattern)
    includesPattern: includingremote1   #Provides a way to filter out specific repositories when trying to resolve the location of different artifacts (Ant-like pattern)
    maxUniqueSnapshots: 0   #Only for Maven and VCS repositories. Specifies the maximum number of unique snapshots of the same artifact that should be stored. Once this number is reached and a new snapshot is uploaded, the oldest stored snapshot is removed automatically. Default: 0
    maxUniqueTags: 0   #Only for Docker repositories. Specifies the maximum number of unique snapshots of the same artifact that should be stored. Once this number is reached and a new snapshot is uploaded, the oldest stored snapshot is removed automatically. Default: 0
    blockMismatchingMimeTypes: true   #If set, artifacts will fail to download if a mismatch is detected between requested and received mimetype, according to the list specified in the system properties file under blockedMismatchingMimeTypes. You can override by adding mimetypes to the override list in the mismatchingMimeTypesOverrideList field
    mismatchingMimeTypesOverrideList: xml   #When set, artifacts will fail to download if a mismatch is detected between the requested and received mime type, according to a list specified in the system.properties file under blockedMismatchingMimeTypes. You can override this setting by adding mime types to this field
    missedRetrievalCachePeriodSecs: 1800   #If a remote repository is missing a requested artifact, Artifactory will return a "404 Not found" error. This response is cached for the period of time specified by this parameter. During that time, Artifactory will not issue new requests for the same artifact. A value of 0 means that the response is not cached and Artifactory will always issue a new request when demanded
    notes: "Hello world 2"   #A free text field to add additional notes about the repository
    propertySets:   #A list of property sets that will be defined for this repository
      - set1
      - set2
    proxy: proxy1   #The proxy name configured in the Proxy section to use for accessing the remote resource
    disableProxy: false # Turns off using of proxy for this repository. Prevents proxy updating during system proxy changes.
    queryParams: query-params&for-my-remote-repo   #Custom HTTP query parameters that will be automatically included in all remote resource requests. For example: param1=val1&param2=val2&param3=val3
    repoLayout: nameremote1   #Sets the layout that the repository should use for storing and identifying modules
    retrievalCachePeriodSecs: 600   #This value refers to the number of seconds to cache metadata files before checking for newer versions on remote server. A value of 0 indicates no caching
    socketTimeoutMillis: 15000   #Network timeout (in ms) to use when establishing a connection and for unanswered requests. Timing out on a network operation is considered a retrieval failure
    unusedArtifactsCleanupPeriodHours: 0   #The number of hours to wait before an artifact is deemed "unused" and eligible for cleanup from the repository. A value of 0 means automatic cleanup of cached artifacts is disabled
    allowAnyHostAuth: false   #Allow credentials of this repository to be used on requests redirected to any other host
    blackedOut: false   #When set, the repository or its local cache do not participate in artifact resolution
    bypassHeadRequests: false   #Before caching an artifact, Artifactory first sends a HEAD request to the remote resource. In some remote resources, HEAD requests are disallowed and therefore rejected, even though downloading the artifact is allowed. When set, Artifactory will bypass the HEAD request and cache the artifact directly using a GET request
    enableCookieManagement: false   #Enables cookie management if the remote repository uses cookies to manage client state
    enableTokenAuthentication: false # Enables token authentication - Required for DockerHub and other token based registries
    fetchJarsEagerly: false   #Only for Maven repositories. When set, the repository attempts to eagerly fetch the jar in the background each time a POM is requested
    fetchSourcesEagerly: false   #When set, the repository attempts to eagerly fetch the source jar in the background each time a jar is requested
    forceNugetAuthentication: false   #Force basic authentication credentials in order to use this repository
    handleReleases: true   #If set, Artifactory allows you to deploy release artifacts into this repository
    handleSnapshots: true   #If set, Artifactory allows you to deploy snapshot artifacts into this repository
    listRemoteFolderItems: true   #Lists the items of remote folders in simple and list browsing. Required for dynamic resolution that depends on remote folder content information, such as remote Ivy version lookups. The remote content is cached according to the value of the 'Retrieval Cache Period'
    offline: false   #If set, Artifactory does not try to fetch remote artifacts. Only locally-cached artifacts are retrieved
    synchronizeProperties: false   #When set, remote artifacts are fetched along with their properties

    xray:   #Xray settings for the certain repository
      enabled: false   #Indicated whether the repository will be indexed and scanned by Xray

    bower:   #Only for Bower repositories
      bowerRegistryUrl: http://someurl.com   #The registry URL from which packages will be resolved

    cocoaPods:   #Only for CocoaPods repositories
      cocoaPodsSpecsRepoUrl: http://someurl.com   #The specs URL. When using a private specs repo, set the URL to be the same as the one configured in the URL field
      specRepoProvider:   #The specs repo provider settings
        provider: github | bitbucket | stash | oldstash | artifactory | custom  #The Git Provider the remote repository works against
        downloadUrl: http://someurl.com   #The custom download URL. Need to set only if the provider is set to 'custom'

    nuget:  #Only for NuGet repositories
      downloadContextPath: api/v2/package   #The context path prefix through which NuGet downloads are served. For example, the NuGet Gallery download URL is 'https://nuget.org/api/v2/package', so the repository URL should be configured as 'https://nuget.org' and the download context path should be configured as 'api/v2/package'
	  v3FeedUrl:"https://api.nuget.org/v3/index.json"
      feedContextPath: api/v2   #The context path prefix through which the NuGet feeds are served. For example, the NuGet Gallery feed URL is 'https://nuget.org/api/v2', so the repository URL should be configured as 'https://nuget.org' and the feed context path should be configured as 'api/v2'
    
    helm:     
      chartsBaseUrl: https://github.com/newrelic/helm-charts/releases/download/ 
    
    composer:   #Only for PHP Composer repositories
      composerRegistryUrl: http://someurl.com   #The registry URL from which packages will be resolved
    
    vcs:   #Only for VCS, CocoaPods, Bower and Composer repositories
      git:
        provider: github | bitbucket | stash | oldstash | artifactory | custom  #The Git Provider the remote repository works against
        downloadUrl: http://someurl.com   #The custom download URL. Need to set only if the provider is set as CUSTOM
      type: git   #Mandatory only when creating a VCS remote repository
    downloadRedirect:   #Settings for redirecting download requests for direct download from cloud storage
      enabled: false   #When true, Artifactory will respond to download requests to this repository with an HTTP 302 redirection return code along with a signed URL directing the calling client to download the requested artifact directly from cloud storage.
    blockPushingSchema1: false
    priorityResolution: false" #Default, applies to all repository types excluding CocoaPods, Git LFS, NuGet V2, Opkg, Rust, Vagrant and VCS repositories
    disableUrlNormalization: false #Default    
    externalDependencies:  #Only for Docker, npm, and OCI repositories. External dependencies configuration.
      enabled: false   #When set, dependency rewrite for the specified repository will be enabled
      patterns:   #Optional include patterns to match external dependencies. Ant-style path expressions are supported (*, **, ?). For example, specifying **/github.com/** will only allow external dependencies from github.com host
        - "**/github.com/**"

Smart Remote Configuration (Applies to Smart Remote Repositories)

contentSynchronisation:
  enabled: true
  statistics :
    enabled: true
  properties:
    enabled: true
  source:
    originAbsenceDetection: true
Virtual Repositories
virtualRepositories:   #Virtual repositories configuration
virtual1:   #The virtual repository name
  type: maven | gradle | ivy | helm | sbt | nuget | gems | npm | bower | debian | composer | pypi | docker | gitlfs | conan | chef | puppet | go | swift | terraform | alpine | cocoapods | conda | cran | oci | p2 | pub | generic   #The package type
  repositories:   #A list of local and remote repositories that will be aggregated under this virtual repository
    - my-local-repo
    - my-remote-repo
  description: ""   #A free text field that describes the content and purpose of the repository
  notes: ""   #A free text field to add additional notes about the repository
  dockerApiVersion: V1 | V2   #Only for Docker repositories. The Docker API version
  includesPattern:   #Provides a way to filter out specific repositories when trying to resolve the location of different artifacts (Ant-like pattern)
  excludesPattern:   #Provides a way to filter out specific repositories when trying to resolve the location of different artifacts (Ant-like pattern)
  externalDependencies:  #Only for npm repositories. External dependencies configuration.
    enabled: false   #When set, dependency rewrite for the specified npm repository will be enabled
    patterns:   #Optional include patterns to match external dependencies. Ant-style path expressions are supported (*, **, ?). For example, specifying **/github.com/** will only allow external dependencies from github.com host
      - "**/github.com/**"
  keyPair: keypairvirtual1   #Only for Maven repositories, for WebStart and Jar signing. The alias of the keypair configured in the Signing Keys page
  p2:   #Only for P2 repositories
    urls:   #A list of remote URLs that are aggregate under this virtual repositories
      - http://someurl.com
      - http://someurl2.com
  pomRepositoryReferencesCleanupPolicy: discard_any_reference | discard_active_reference | nothing   #Only for Maven repositories. (1) Discard Active References - Removes repository elements that are declared directly under project or under a profile in the same POM that is activeByDefault. (2) Discard Any References - Removes all repository elements regardless of whether they are included in an active profile or not. (3) Nothing - Does not remove any repository elements declared in the POM.
  repoLayout: maven-2-default   #Sets the layout that the repository should use for storing and identifying modules
  virtualCacheConfig:
    virtualRetrievalCachePeriodSecs: 600   #This value refers to the number of seconds to cache metadata files before checking for newer versions on aggregated repositories. A value of 0 indicates no caching
  artifactoryRequestsCanRetrieveRemoteArtifacts: false   #Determines whether artifact requests coming from other instance of Artifactory can be fulfilled by accessing this virtual repository's remote repositories, or by only accessing its caches (default)
  forceNugetAuthentication: false   #Only for NuGet repositories. Force basic authentication credentials in order to use this repository     
  forceMavenAuthentication: false   #Only for Maven repositories. Force basic authentication credentials in order to use this repository
Federated Repositories
federatedRepositories:
- test1:
  - type: npm
  - repoLayout: maven-2-default
  - federatedMembers:
    - url: http://localhost:8081/artifactory/test1
    - url: http://localhost:8081/artifactory/test2
  - rclass: federated
  - packageType: maven
  - description: "The federated repository public description"
  - proxy: proxy-key
  - disableProxy: false
  - notes: "Some internal notes"
  - includesPattern": **/*
  - excludesPattern: ""
  - repoLayoutRef: maven-2-default
  - debianTrivialLayout: false
  - checksumPolicyType: client-checksums
  - handleReleases: true
  - handleSnapshots: true
  - maxUniqueSnapshots: 0
  - maxUniqueTags: 0
  - snapshotVersionBehavior: "unique"
  - suppressPomConsistencyChecks: false
  - blackedOut: false
  - xrayIndex: false
  - propertySets: ["ps1", "ps2"]
  - archiveBrowsingEnabled: false
  - calculateYumMetadata: false
  - yumRootDepth: 0
  - dockerApiVersion: V2
  - enableFileListsIndexing: false
  - optionalIndexCompressionFormats: ["bz2", "lzma", "xz"]
  - downloadRedirect: false
  - cdnRedirect: false
  - blockPushingSchema1: false
  - primaryKeyPairRef: mygpgkey
  - secondaryKeyPairRef: mysecgpgkey
  - priorityResolution: false

Updated 5 days ago