Overview
You can configure two types of Artifactory Package Repository integrations:
- Publicly accessible instances protected by basic authentication
- Instances on a private network (with or without basic authentication) accessed via a broker
Brokered Artifactory is currently supported for Maven and Node.js (npm and Yarn).
Getting started
- Go to
Settings > Integrations > Package Repositories > Artifactory - You should see this screen at the beginning.
Note
If you do not see the “Publicly accessible” switch you do not have the necessary permissions and can only add a publicly accessible instance.
Contact support@snyk.io if you want to add a private registry
Set up publicly accessible instances
- Enter URL of your Artifactory instance, this must end with “/artifactory”
- Enter Username
- Enter Password
- Hit Save
Set up brokered instances
- Toggle Artifactory (Publicly accessible) switch, you should now see a form for generating an Artifactory Broker token.
- Click on Generate and Save button
- Copy the token that was generated for you, it will be needed to set up new Broker Client
- Set up a new Broker Client in your prod environment:
- Pull Broker Artifactory image from Dockerhub:
docker pull snyk/broker:artifactory
- Run docker image and provide environment variables
docker run --restart=always \ -p 8000:8000 \ -e BROKER_TOKEN=secret-broker-token \ -e ARTIFACTORY_URL=<username>:<password>@<yourdomain>.artifactory.com/artifactory \ -e RES_BODY_URL_SUB=http://<yourdomain>.artifactory.com/artifactory snyk/broker:artifactory
BROKER_TOKENis token you just generated in Integration > Artifactory form
ARTIFACTORY_URLis URL to your artifactory instance, including /artifactory at the end of URL. Omit<username>:<password>@credentials if not using basic authRES_BODY_URL_SUBis the URL of the artifactory without credentials, and with http protocol and is required for NPM integration - Check connection status by refreshing Artifactory Integration Settings page, no connection error should be displayed