Artifactory

Overview

Heeler connects with the JFrog Artifactory for analysis of the images and artifacts running in your environment. Heeler connects to Artifactory using basic auth (username/password) and can utilize the Broker for on-premise deployments with limited accessibility.

For on-premise Artifactory instances, these instructions assume you have already setup the Broker with access to the Artifactory registry. See Instructions for the Broker here.

JFrog User and Permissions

Heeler connects to JFrog Artifactory at a given domain using an account user name and reference token. We recommend creating a Heeler-specific account that has the minimum permissions required to harvest the necessary information for Heeler to perform its analysis. For more information on reference tokens see: https://jfrog.com/help/r/platform-api-key-deprecation-and-the-new-reference-tokens/what-is-a-reference-token

The JFrog permission should be defined to include Read permission for Any repository as shown below.

The permission can be applied to the Heeler-specific account or to a group of which the Heeler-specific account is a member.

Once the account has been established and its reference token generated, obtain the domain of the Artifactory registry. The domain can be obtained through the JFrog URL or from an image. For example, Heeler's JFrog URL is https://heeler.jfrog.io/ui/ , so its domain is heeler.jfrog.io.

Add Artifactory to Heeler

  1. In Heeler, select the Settings icon from the top navigation

  2. Select Connections -> Registries then select Add Registry

  1. Select the Artifactory Registry type

  2. Enter a Name for the Registry

  3. Enter the Domain of the Artifactory account

  4. Enter the User Name and Reference Token for Heeler to use to access the Artifactory account

  5. If the registry is public-facing, check Validate Credentials. If the registry is on-premise, leave unchecked as Heeler will not be able to connect to the registry to validate the credentials until it is linked with the Broker.

After clicking Add Registry, its Health property should update. If the Registry is on-prem or if it is public-facing and its credentials validated, it should update to Healthy.

If your Registry is public-facing and Healthy, the setup is complete. Heeler will be able to download and analyze artifacts.

Link Artifactory Connection to the Broker

If the Artifactory instance is utilizing the Broker, you need to add the newly added connection to the Broker.

  1. Select the icon from the top navigation

  2. Select Connections -> Brokers

  3. Edit the Broker you want to add the Harbor connection to

  4. Select the Artifactory connection by name for the Broker connection

  5. Save the changes

PreviousBitbucket (Preview)NextGitHub Container Registry

Last updated

Was this helpful?