ARTIFACTORY: Configuring PyPI Remote Repositories in Artifactory with Registry Suffix for Precise Path Proxy

ARTIFACTORY: Configuring PyPI Remote Repositories in Artifactory with Registry Suffix for Precise Path Proxy
Products
Frog_Artifactory
Content Type
User_Guide
AuthorFullName__c
Zhang Hailang
articleNumber
000006726
FirstPublishedDate
2025-12-25T09:17:07Z
lastModifiedDate
2025-12-25
VersionNumber
2
Introduction 

This document addresses a specific requirement for proxying the PyTorch PyPI repository within JFrog Artifactory: the request to proxy packages only from the https://download.pytorch.org/whl/cpu path while explicitly excluding others like whl/xpu. It presents a precise and efficient configuration method. Instead of using "Excludes Pattern," configuring the remote repository's "Registry Suffix" provides a more direct and fundamental solution. This method limits the proxy scope at the source, simplifying configuration and improving clarity.

Resolution 

The following detailed steps show how to achieve precise proxying for the PyTorch cpu subdirectory by setting the "Registry Suffix."

Step 1: Create and Configure the Remote PyPI Repository

User-added image 

Step 2: Verify Configuration Effectiveness

After adding the configured remote repository to a virtual repository, verification can be performed through practical installation and log analysis.
1. Client-Side Installation Verification:
Use pip to install a package (e.g., cmake) via this repository. A successful installation output (as shown below) indicates the repository is functioning correctly and fetching packages from the intended path.
pip3 install cmake --trusted-host 192.168.3.193  
Looking in indexes: http://admin:****@192.168.3.193:8081/artifactory/api/pypi/zhl-pypi-cpu/simple
Collecting cmake
  WARNING: Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None)) after connection broken by 'ReadTimeoutError("HTTPConnectionPool(host='192.168.3.193', port=8081): Read timed out. (read timeout=15)")': /artifactory/api/pypi/zhl-pypi-cpu/packages/whl/cmake-3.25.0-py2.py3-none-macosx_10_10_universal2.macosx_10_10_x86_64.macosx_11_0_arm64.macosx_11_0_universal2.whl
  Downloading http://192.168.3.193:8081/artifactory/api/pypi/zhl-pypi-cpu/packages/whl/cmake-3.25.0-py2.py3-none-macosx_10_10_universal2.macosx_10_10_x86_64.macosx_11_0_arm64.macosx_11_0_universal2.whl (45.1 MB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 45.1/45.1 MB 723.9 MB/s eta 0:00:00
Installing collected packages: cmake
Successfully installed cmake-3.25.0

 

2. Server-Side Log Verification (Conclusive Evidence):
Check Artifactory's request.log. The core indicator of successful configuration is that all external requests initiated by this remote repository have URLs strictly starting with https://download.pytorch.org/whl/cpu/.
  • Valid Log Example (Proof that requests are precisely scoped)
2025-08-07T06:59:23.725Z|6dbe87a2b7fbef98|zhl-pypi-cpu||HEAD|https://download.pytorch.org/whl/cpu/cmake/|200|0|862|1487
2025-08-07T06:59:24.165Z|6dbe87a2b7fbef98|zhl-pypi-cpu||GET|https://download.pytorch.org/whl/cpu/cmake/|200|0|862|435
2025-08-07T06:59:24.401Z|ca6bacd858156aec|zhl-pypi-cpu||HEAD|https://download.pytorch.org/whl/cmake-3.25.0-py2.py3-none-macosx_10_10_universal2.macosx_10_10_x86_64.macosx_11_0_arm64.macosx_11_0_universal2.whl|200|0|45051513|200
2025-08-07T06:59:24.910Z|ca6bacd858156aec|zhl-pypi-cpu||GET|https://download.pytorch.org/whl/cmake-3.25.0-py2.py3-none-macosx_10_10_universal2.macosx_10_10_x86_64.macosx_11_0_arm64.macosx_11_0_universal2.whl|200|0|45051513|500
2025-08-07T06:59:41.911Z|1649a96c361fb5c0|zhl-pypi-cpu||HEAD|https://download.pytorch.org/whl/cmake-3.25.0-py2.py3-none-macosx_10_10_universal2.macosx_10_10_x86_64.macosx_11_0_arm64.macosx_11_0_universal2.whl|200|0|45051513|2694

As shown, the remote request addresses logged all conform to the expected path, and critically, there are no request records for https://download.pytorch.org/whl/xpu/. This confirms at the system level that the "Registry Suffix" configuration is active and achieves precise path proxying.


Conclusion 

Configuring the "Registry Suffix" field of a remote PyPI repository perfectly fulfills the requirement to proxy only a specific subpath (whl/cpu) within the official PyTorch source.
  1. Solution Advantage: Compared to the "post-filtering" approach using "Excludes Pattern" (**/xpu/**), this solution is a form of "pre-scoping." By directly modifying the request base URL, it prevents network requests to non-target paths at the root cause. The configuration is more concise, the intent clearer, and there is no need to worry about updating exclusion rules if other irrelevant paths (e.g., cu116) are added in the future.
  2. Configuration Core: The key lies in the synergistic setup of three parameters: URL (Root Address) + Registry URL (Base URL) + Registry Suffix (Target Subpath).
  3. Solution Effectiveness: Based on the provided client-side installation success records and Artifactory request log analysis, this configuration has been validated in a real-world environment. It can stably and precisely proxy Python packages from the required path, fully meeting the business requirement.