When working with Python packages, there are situations where you might need to grant access to a particular path for certain users. For instance, when managing a large PyPi repository, you may wish to allow specific users to install packages on a designated path while assigning different paths for other users. Achieving this flexibility is possible through the implementation of a permission target include/exclude patterns in Artifactory.
For example, if you have a local repository(in this example the repository name is “pypi-local”), and you want to allow the users to install only packages from a specific path(in this example we want to allow installing all packages under the “pypi-local/testfolder/” folder):
To allow installation only to the path above, we need to define the following include patterns:
- The ".pypi/**" pattern for the metadata dir.
- The "*" pattern for ALL the packages metadata.
- The "testfolder/**" for all packages under testfolder folder.
Now you can install the package(in this example the package name is “urllib3”) using the requested user:
Keep in mind that adding numerous include/exclude patterns into a single repository can impact performance, as Artifactory needs to check each pattern for every package installation attempt. This process can be time-consuming. If you find yourself needing to add a large number of include/exclude patterns, you may consider splitting the big PyPi repository into smaller ones.