For information about the Artifactory Gatekeeper plugin, see the Snyk user docs, Artifactory Gatekeeper plugin.
docker pull releases-docker.jfrog.io/jfrog/artifactory-pro:latest
Does not have to be pro, but in this example we'll do it.
mkdir -p ~/.jfrog/artifactory/var/
Export it to your environment for ease of use
echo export JFROG_HOME=~/.jfrog >> ~/.zshrc
Depends a lot on your system. But something like
mvn install -DskipTests
Will probably work. Per default, you'll find a baked .zip
in ~/.m2/repository/io/snyk/plugins/artifactory/distribution/LOCAL-SNAPSHOT.
Unzip it. Inside is a .groovy file, a .properties file, as well as the actual .jar inside /lib.
Edit the .properties, add something like this to the properties for a minimum working solution:
snyk.api.token=<INSERT_TOKEN>
snyk.api.organization=<INSERT_ORG_ID>
Also, if you want to test against your local Registry, but you're running on Docker:
snyk.api.url=http://host.docker.internal:8000/api/v1/
At least if you're on OSX, you cannot probe against localhost from within a Docker container.
Also, remember to activate some of the scanners depending on what you're debugging:
snyk.scanner.packageType.maven=true
snyk.scanner.packageType.npm=true
snyk.scanner.packageType.pypi=true
vim $JFROG_HOME/artifactory/var/etc/system.yaml
Add extraJavaOpts
shared:
## Java 17 distribution to use
#javaHome: "JFROG_HOME/artifactory/app/third-party/java"
## Extra Java options to pass to the JVM. These values add to or override the defaults.
#extraJavaOpts: "-Xms512m -Xmx4g"
extraJavaOpts: "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005"
And ensure you expose debugging ports, in this case, 5005
docker run -d --name artifactory -p 8888:8082 -p 8081:8081 -p 5005:5005 -v $JFROG_HOME/artifactory/var/:/var/opt/jfrog/artifactory releases-docker.jfrog.io/jfrog/artifactory-pro:latest
Wait until the Docker has loaded, it can take a while. Check the progress with docker logs -f <id>.
You'll have a ton of trouble if you default to building your Docker images as linux/amd64. At least I had. Ensure you
do not have a env variable like DOCKER_DEFAULT_PLATFORM=linux/amd64 enabled when pulling and/or running the image.