For information about the Artifactory Gatekeeper plugin, see the Snyk user docs, Artifactory Gatekeeper plugin.
You can run artifactory pro with docker compose. There are a few steps needed to set it up:
Start up the containers:
docker compose up
That will initialise the system files at distribution/docker
.
Ctrl+C out of the containers and edit the DB configuration in
distribution/docker/etc/system.yaml
:
database:
type: postgresql
driver: org.postgresql.Driver
url: "jdbc:postgresql://postgres/artifactory"
username: artifactory
password: password
Run docker compose up
again. The application should start at localhost:8082,
you can log in with username admin
and password password
.
Artifactory pro license is required to run the plugin. You can get a trial one for free by signing up at JFrog website. Paste the license in you artifactory.
There! You have an artifactory pro running locally. Time to install the Snyk plugin.
Build the plugin first with mvn install -DskipTests
.
Then unpack the release into artifactory's plugins folder:
unzip -o distribution/target/artifactory-snyk-security-plugin-LOCAL-SNAPSHOT.zip -d distribution/docker/etc/artifactory/
Set your Snyk org ID and API token inside distribution/docker/etc/artifactory/plugins/snykSecurityPlugin.properties
and restart Artifactory. Check the logs
to confirm the plugin gets loaded.
After making changes to the plugin, repeat mvn install
and extract the jar file but without touching your config:
unzip -p distribution/target/artifactory-snyk-security-plugin-LOCAL-SNAPSHOT.zip plugins/lib/artifactory-snyk-security-core.jar > distribution/docker/etc/artifactory/plugins/lib/artifactory-snyk-security-core.jar
unzip -p distribution/target/artifactory-snyk-security-plugin-LOCAL-SNAPSHOT.zip plugins/snykSecurityPlugin.groovy > distribution/docker/etc/artifactory/plugins/snykSecurityPlugin.groovy
In order to see the logs, set the log level for Snyk by inserting this line: <logger name="io.snyk" level="debug"/>
into this file: distribution/docker/etc/artifactory/logback.xml
.
Here are some tips for pointing local dev tools to Artifactory in order to try out the plugin.
- In the Artifactory UI, create a remote NPM repository using Repository Key
npm
. - Authenticate your NPM client:
npm login --registry=http://localhost:8081/artifactory/api/npm/npm/ --auth-type=web
. - Install a package
npm add [email protected] --registry=http://localhost:8081/artifactory/api/npm/npm/ --cache /tmp/npm-cache && rm -rf /tmp/npm-cache
This actually uses a Gradle project to test:
- In the Artifactory UI, create a remote Maven repository using Repository Key
maven
. - Drop repository coords in
settings.gradle.kts
of your Gradle project (see the snippet below).
pluginManagement {
repositories {
maven {
url = uri("http://localhost:8082/artifactory/maven/")
isAllowInsecureProtocol = true
credentials {
username = "admin"
password = "password"
}
}
gradlePluginPortal()
}
}
- Make sure the
repositories
block only includes your Artifactory inbuild.gradle.kts
(see the second snippet below).
repositories {
maven {
url = uri("http://localhost:8082/artifactory/maven/")
isAllowInsecureProtocol = true
credentials {
username = "admin"
password = "password"
}
}
}
- Install your project's dependencies.
- In the Artifactory UI, create a remote Pypi repository using Repository Key
pypi
. pip3 install --index-url http://localhost:8082/artifactory/api/pypi/pypi/simple libdev
- In the Artifactory UI, create a remote Gems repository using Repository Key
rubygems
. - Still in the Artifactory UI, navigate to the artifacts view and hit the
Set me up
option. - Choose the
rubygems
repository and generate an access token. gem source -a http://admin:ACCESS_TOKEN_FROM_PREVIOUS_STEP@localhost:8081/artifactory/api/gems/rubygems/
gem install openssl
- In the Artifactory UI, create a remote CocoaPods repository using Repository Key
cocoapods
. - Create a
Podfile
:
source "http://localhost:8081/artifactory/api/pods/cocoapods"
project 'project/test/test.xcodeproj'
platform :ios, '10.0'
target 'test' do
use_frameworks!
pod 'Alamofire', '~> 5.10'
pod 'Bolts', '~> 1.9'
end
pod install
- In the Artifactory UI, create a remote Nuget repository using Repository Key
nuget
. nuget sources Add -Name Artifactory -Source http://localhost:8081/artifactory/api/nuget/nuget
- Disable the default source:
nuget sources disable -Name nuget.org
. - Verify only Artifactory is enabled:
nuget sources List
. nuget install Newtonsoft.Json -Version 13.0.1