Using Artifactory 5.x ?
JFrog Artifactory 5.x User Guide
Triggering RPM Metadata Updates
When enabled, the metadata calculation is triggered automatically by some actions, and can also be invoked manually by others. Either way, the metadata produced is served to YUM clients.
RPM metadata is automatically calculated:
- When deploying/removing/copying/moving an RPM file.
- When performing content import (both system and repository imports).
You can manually invoke RPM metadata calculation:
Metadata calculation cleans up RPM metadata that already existed as a result of manual deployment or import. This includes RPM metadata stored as SQLite database files.
To create an RPM local repository, select RPM as the Package Type when you create the repository.
To enable automatic RPM metadata calculation on a local RPM YUM repository, in the RPM SettingsYUMSettings section of the Basic settings screen, set Auto-calculate RPM YUM Metadata.
YUM Metadata Folder Depth
Informs Artifactory under which level of directory to search for RPMs and save the
By default this value is 0 and refers to the repository's root folder. In this case, Artifactory searches the entire repository for RPMs and saves the
Using a different depth is useful in cases where generating metadata for a repository separates its artifacts by name, version and architecture. This will allow you to create multiple RPM repositories under the same Artifactory RPM repository.
YUM Group File Names
A comma-separated list of YUM group files associated with your RPM packages.
Note that at each level (depth), the
|When set, RPM YUM metadata calculation is automatically triggered by the actions described above.|
Artifactory invokes the actual calculation only after a certain "quiet period", so the creation of metadata normally occurs only 1-2 minutes after the calculation was triggered.
Artifactory remote repositories support RPMs out-of-the-box, and there is no need for any special configuration needed in order to work with RPMs in a remote repository.
To define a remote repository to proxy an RPM YUM remote repository, follow the steps below:
- In the Admin module under Repositories | Remote, click "New" to create a new remote repository.
- Set the Repository Key value, and specify the URL to the remote repository in the URL field as displayed below.
- Click "Save & Finish"
- Back in the Artifacts module, in theTree Browser, select the repository. Note that in the Tree Browser, the repository name is appended with "-cache".
- Click Set Me Up and copy the value of the baseurl tag.
- Next, create the
targetCentos.repofile and paste the following configuration into it:
[targetCentos] name=targetCentos baseurl=http://localhost:8081/artifactory/targetCentos/ enabled=1 gpgcheck=0
A Virtual Repository defined in Artifactory aggregates packages from both local and remote repositories.
This allows you to access both locally hosted RPM packages and remote proxied RPM repositories from a single URL defined for the virtual repository.
To define a virtual YUM repository, create a virtual repository, set the Package Type to be RPM, and select the underlying local and remote RPM repositories to include in the Basic settings tab.
To allow deploying packages to this repository, set the Default Deployment Repository.
Signing RPM Metadata
Artifactory supports using a GPG key to sign RPM metadata for authentication by the YUM client.
To generate a pair of GPG keys and upload them to Artifactory, please refer to GPG Signing.
Using Yum to
After configuring the
rpm-local repository in Artifactory, you need to configure your local machine to install software packages from it by executing the following steps:
artifactory.repofile with root privileges
sudo vi /etc/yum.repos.d/artifactory.repo
Paste the following configuration into the
[Artifactory] name=Artifactory baseurl=http://localhost:8081/artifactory/rpm-local/ enabled=1 gpgcheck=0
Now, every RPM file deployed to the root of the
rpm-local repository can be installed using:
yum install <package_name>
Deploy RPM Packages
Once you have configured your local machine to install RPM packages from your RPM YUM local repository, you may also deploy RPM packages to the same repository repository using the UI or or using the the REST API.
For example, to deploy an RPM package into a repository called called
rpm-local local you could use the following:
where PATH_TO_METADATA_ROOT specifies the path from the repository root to the deploy folder.
A YUM group is a set of RPM packages collected together for a specific purpose. For example, you might collect a set of "Development Tools” together as a YUM group.
sudo yum-groups-manager -n "My Group" --id=mygroup --save=mygroups.xml --mandatory yum glibc rpm
Attaching a YUM Group
The process of attaching YUM group metadata to a local repository is simple:
- Create an XML file in the groups format used by YUM. You can either just type it out manually using any text editor, or run the
- Deploy the created group file to the
Artifactory will automatically perform the following steps:
- Create the corresponding
.gzfile and deploy it next to the deployed group XML file.
- Invoke a YUM calculation on the local repository.
- Attach the group information (both the XML and the
.gzfile) to the
- Create the corresponding
- Make sure the group file names are listed in the YUM Group File Names field of the Packages tab. This tells Artifactory which files should be attached as repository group information.
YUM Group Commands
The following table lists some useful YUM group commands:
|Install the YUM group. The group must be deployed to the root of the YUM local repository.|
|Remove the RPM group|
Update the RPM group. The group must be deployed to the root of the YUM local repository.
|List the RPM packages within the group.|
|List the YUM groups|
Setting Group Properties
YUM group properties can be set in the
/etc/yum.config file as follows:
|overwrite_groups||0 or 1|
Determines YUM's behavior if two or more repositories offer package groups with the same name.
If set to1 then the group packages of the last matching repository will be used.
If set to 0 then the groups from all matching repositories will be merged together as one large group.
|groupremove_leaf_only||0 or 1|
Determines YUM's behavior when the groupremove command is run.
If set to 0 (default) then all packages in the group will be removed.
If set to 1 then only those packages in the group that aren't required by another package will be removed.
|enable_group_conditionals||0 or 1|
Determines whether YUM will allow the use of conditionals packages.
If set to 0 then conditionals are not allowed
If set to 1 (default) package conditionals are allowed.
|group_package_types||optional, default, mandatory||Tells YUM which type of packages in groups will be installed when |
Proxy Server Settings
If your organization uses a proxy server as an intermediary for Internet access, specify the
proxy settings in
/etc/yum.conf. If the proxy server also requires authentication, you also need to specify the
proxy=<proxy server url> proxy_username=<user> proxy_password=pass
enableProxy=1 httpProxy=<proxy server url> enableProxyAuth=1 proxyUser=<user> proxyPassword=<password>
YUM supports SSL from version 3.2.27.
- Generate a private key and certificate using
Newtablink Text OpenSSL URL https://www.openssl.org/
Define your protected repository in a
.repofile as follows:
[protected] name = SSL protected repository baseurl=<secure repo url> enabled=1 gpgcheck=1 gpgKey=<URL to public key> sslverify=1 sslclientcert=<path to .cert file> sslclientkey=<path to .key file>
gpgkey is a URL pointing to the ASCII-armored GPG key file for the repository . This option is used if YUM needs a public key to verify a package and the required key has not been imported into the RPM database.
If If this option is set, YUM will automatically import the key from the specific URL. You will be prompted before the key is installed unless the assumeyes option is set.
Using Yum Variables
You can use and reference the following built-in variables in
yum commands and in all YUM configuration files (i.e.
/etc/yum.conf and all
.repo files in the
|This is replaced with the package's version, as listed in |
|This is replaced with your system's architecture, as listed by |
|This is replaced with your base architecture. For example, if |
The following code block is an example of how your
/etc/yum.conf file might look:
[main] cachedir=/var/cache/yum/$basearch/$releasever keepcache=0 debuglevel=2 logfile=/var/log/yum.log exactarch=1 obsoletes=1 gpgcheck=1 plugins=1 installonly_limit=3 [comments abridged]
Viewing Individual RPM Information
You can view all the metadata that annotates an RPM by choosing it in Artifactory's tree browser and selecting the RPM Info tab:
Metadata Fields as Properties
The corresponding RPM metadata fields are automatically added as properties of an RPM artifact in YUM repositories accessed through Artifactory:
Properties can be used for searching and other functions. For more details please refer to Properties.
Watch the Screencast
Watch this short screencast to learn how easy it is to host RPMs in Artifactory.
<iframe width="560" height="315" src="https://www.youtube.com/embed/HZvwamCJR-Q" frameborder="0" allowfullscreen></iframe>