For information about the Artifactory Gatekeeper plugin, see the Snyk user docs, Artifactory Gatekeeper plugin.
You can run artifactory pro with docker compose. There are a few steps needed to set it up:
Start up the containers:
docker compose upThat will initialise the system files at distribution/docker.
Ctrl+C out of the containers and edit the DB configuration in
distribution/docker/etc/system.yaml:
database:
type: postgresql
driver: org.postgresql.Driver
url: "jdbc:postgresql://postgres/artifactory"
username: artifactory
password: passwordRun docker compose up again. The application should start at localhost:8082,
you can log in with username admin and password password.
Artifactory pro license is required to run the plugin. You can get a trial one for free by signing up at JFrog website. Paste the license in you artifactory.
There! You have an artifactory pro running locally. Time to install the Snyk plugin.
Build the plugin first with mvn install -DskipTests.
Then unpack the release into artifactory's plugins folder:
unzip -o distribution/target/artifactory-snyk-security-plugin-LOCAL-SNAPSHOT.zip -d distribution/docker/etc/artifactory/Set your Snyk org ID and API token inside distribution/docker/etc/artifactory/plugins/snykSecurityPlugin.properties
and restart Artifactory. Check the logs
to confirm the plugin gets loaded.
After making changes to the plugin, repeat mvn install and extract the jar file but without touching your config:
unzip -p distribution/target/artifactory-snyk-security-plugin-LOCAL-SNAPSHOT.zip plugins/lib/artifactory-snyk-security-core.jar > distribution/docker/etc/artifactory/plugins/lib/artifactory-snyk-security-core.jar
unzip -p distribution/target/artifactory-snyk-security-plugin-LOCAL-SNAPSHOT.zip plugins/snykSecurityPlugin.groovy > distribution/docker/etc/artifactory/plugins/snykSecurityPlugin.groovyIn order to see the logs, set the log level for Snyk by inserting this line: <logger name="io.snyk" level="debug"/>
into this file: distribution/docker/etc/artifactory/logback.xml.