🐸
JFrog Applications
  • JFrog Applications
  • JFrog Applications
    • JFrog CLI
      • Download and Install
      • Authentication
      • Shell Auto Completion
      • Usage
      • Configurations
        • JFrog Platform Configuration
        • Proxy Support
      • CLI AI Assistant
        • AI Assistant Addendum
      • Binaries Management with JFrog Artifactory
        • Environment Variables
        • Authentication
        • Verifying Artifactory's Accessibility
        • Generic Files
        • Using File Specs
        • Using Placeholders
        • Build Integration
        • Package Managers Integration
        • Storing Symlinks in Artifactory
        • cURL Integration
        • Managing Configuration Entities
        • Release Lifecycle Management
        • Transferring Files Between Artifactory Servers
        • Cleaning Up Unreferenced Files from a Git LFS Repository
        • Evidence Service
      • CLI for JFrog Security
        • Download Updates for Xray's Database
        • How Tos
          • Scan your code dependencies
          • Scan your Binaries
          • Enrich your SBOM JSONs & XMLs
          • JFrog Curation
          • Scan Published Builds
          • Count Contributing Developers
      • CLI for JFrog Distribution
      • CLI for JFrog Cloud Transfer
      • CLI Command Summaries
      • JFrog CLI Plugins
        • JFrog CLI Plugins Developer Guide
    • IDE
      • Visual Studio Code
        • VS Code Prerequsites Per Language
        • Supported Technologies
        • Install the JFrog VS Code Extension
          • Connect VS Code to the JFrog Platform
        • Manage VS Code IDE
        • Quick Start
        • How Tos
          • Analyze your Results
            • Resolve Issues
            • Ignore Findings
      • JetBrains IDEs
        • Supported Technologies
        • Install the JFrog IDEA Plugin
        • Connect the JFrog Plugin to the JFrog Platform
        • Using the JFrog Plugin in the JetBrains IDEs
        • Plugin Configuration
        • Apply Xray Policies and Watches
        • Troubleshooting
      • Eclipse
        • Supported Technologies
        • Install and Setup of the JFrog Eclipse IDE Plugin
        • Scan Gradle Projects with the JFrog Eclipse IDE Plugin
        • Use the JFrog Eclipse IDE Plugin
      • Visual Studio
        • Supported Technologies
        • Install and Setup the JFrog Visual Studio Extension
        • Use the JFrog Visual Studio Extension
    • JFrog Frogbot
      • Supported Technologies
      • Setup
        • Frogbot Configuration
        • Setup Frogbot Using GitHub Actions
          • OIDC Authentication
          • Scan Git Repository Full Template
          • Scan Pull Request Full Template
        • Setup Frogbot Using Jenkins
        • Setup Frogbot Using JFrog Pipelines
        • Setup Frogbot Using GitLab CI
          • GitLab Full Template
        • Setup Frogbot Using Azure Pipelines
      • Scan Execution
        • Scan Git Repositories
          • View Security Alerts on GitHub
        • Scan Pull Requests
          • Scan GitHub Pull Request
          • Scan GitLab Pull Request
          • Scan Azure Repos Pull Request
          • Scan Bitbucket Server Pull Request
          • Pull Request Scan Results
      • Frogbot Badge
  • CI & SDKs
    • CI Integrations
      • Maven Artifactory Plugin
      • GitLab Templates for JFrog
      • Jenkins JFrog Plugin
      • Bamboo JFrog Plugin
      • GitHub Actions
      • Artifactory Gradle Plugin
    • SDKs
      • Artifactory Java Client
      • JFrog Go Client
  • JFrog Security Features
    • SCA
    • Contextual Analysis
    • Infrastructure as Code (IaC)
    • Secrets
    • SAST
      • Integrations
      • Ignore Findings
Powered by GitBook

Β© 2024 JFrog Ltd All Rights Reserved

On this page
  • Installation
  • Templates
Edit on GitHub
Export as PDF
  1. CI & SDKs
  2. CI Integrations

GitLab Templates for JFrog

PreviousMaven Artifactory PluginNextJenkins JFrog Plugin

Last updated 8 months ago

This repository includes pipeline templates for GitLab CI, for a quick and easy integration with the .

The templates use the pipeline scripts. The script is included by each of the templates, and sets up the integration between the pipeline and the JFrog Platform.

The script does the following:

  • Installs

  • Configures JFrog CLI to work with the JFrog Platform

  • Sets the build name and build number values with the values of $CI_PROJECT_PATH_SLUG-$CI_COMMIT_REF_NAME and $CI_PIPELINE_ID respectively, to allow publishing to Artifactory

  • Optionally replaces the default Docker Registry with an

Installation

  1. Ensure you have the connection details for the JFrog Platform.

  2. the JFrog Platform connection details on GitLab

  3. Optionally set the URL of your Artifactory Docker Registry as the value of the JF_DOCKER_REGISTRY variable

  4. the setup-jfrog pipeline script in your GitLab pipeline

Storing the JFrog Platform Connection Details

Store the connection details of your JFrog Platform as by using one of the following variables combinations:

  1. JF_URL - Anonymous access (no authentication)

  2. JF_URL + JF_USER + JF_PASSWORD - Basic authentication

  3. JF_URL + JF_ACCESS_TOKEN - Authentication with JFrog Access Token. NOTE: When pulling and pushing docker images from/to Artifactory, the JF_USER variable is also required, in addition to the JF_ACCESS_TOKEN variables

Adding the setup-jfrog Script in Your Pipeline

Including the Script

The templates included in this repository already have the setup-jfrog script included as follows:

include:
  - remote: 'https://releases.jfrog.io/artifactory/jfrog-cli/gitlab/v2/.setup-jfrog-unix.yml'

For Windows agents, use:

include:
  - remote: 'https://releases.jfrog.io/artifactory/jfrog-cli/gitlab/v2/.setup-jfrog-windows.yml'
  - local: '.setup-jfrog-unix.yml'

You can also include it from one of your projects as follows:

  - project: 'my-group/my-project'
    file: '/script/.setup-jfrog-unix.yml'

Referencing the Script

Once the script is included in your pipeline, you'll need to reference it from any script or before_script sections in the pipeline as shown below:

job:
  script:
    - !reference [.setup_jfrog, script]

At the end of your script, or as part of after_script, you should add the cleanup reference:

job:
  after_script:
    - !reference [.cleanup_jfrog, script]

Downloading the setup-jfrog script and JFrog CLI from Artifactory

If your GitLab environment is air-gapped, you would want your pipeline to avoid downloading the setup-jfrog script and also JFrog CLI from https://releases.jfrog.io/artifactory. Here's how you do this:

  1. Create a remote generic repository in Artifactory pointing to https://releases.jfrog.io/artifactory/

  2. Add the JF_RELEASES_REPO variable to GitLab with the name of the repository you created

Additional Optional Variables

Configurations can be done via Project Settings > CI/CD > Variables:

Variable
Usage

JF_DOCKER_REGISTRY

JFROG_CLI_BUILD_PROJECT

JFrog project key to be used by commands which expect build name and build number. Determines the project of the published build.

JFROG_CLI_VERSION

Use a specific JFrog CLI version instead of the latest version. The minimal version allowed is: 2.17.0

Prerequisites

  • For Linux / Mac: cURL

Limitations

  1. If the JF_DOCKER_REGISTRY and JF_ACCESS_TOKEN variables are set, then the JF_USER variable is required.

  2. Build info collection is unavailable when:

    • Working with a docker registry without JFrog CLI.

    • Running separate jobs on temporary agents or docker containers.

Behind the Scenes

Templates

Build and Upload to JFrog Artifactory

  • .NET

  • Go

  • Gradle

  • Maven

  • npm

  • NuGet

  • Pip

  • Pipenv

  • Yarn Berry

$ jf mvn clean install
18:26:42 [πŸ”΅Info] Running Mvn...
18:26:58 [πŸ”΅Info] These files were uploaded:

πŸ“¦ libs-snapshot-local
└── πŸ“ org
    └── πŸ“ jfrog
        └── πŸ“ test
            β”œβ”€β”€ πŸ“ multi2
            β”‚   └── πŸ“ 3.7-SNAPSHOT
            β”‚       β”œβ”€β”€ πŸ“„ multi2-3.7-20230227.162644-67.jar
            β”‚       └── πŸ“„ multi2-3.7-20230227.162644-67.pom
            β”œβ”€β”€ πŸ“ multi1
            β”‚   └── πŸ“ 3.7-SNAPSHOT
            β”‚       β”œβ”€β”€ πŸ“„ multi1-3.7-20230227.162644-69.pom
            β”‚       β”œβ”€β”€ πŸ“„ multi1-3.7-20230227.162644-69-tests.jar
            β”‚       β”œβ”€β”€ πŸ“„ multi1-3.7-20230227.162644-69-sources.jar
            β”‚       └── πŸ“„ multi1-3.7-20230227.162644-69.jar
            β”œβ”€β”€ πŸ“ multi
            β”‚   └── πŸ“ 3.7-SNAPSHOT
            β”‚       └── πŸ“„ multi-3.7-20230227.162644-67.pom
            └── πŸ“ multi3
                └── πŸ“ 3.7-SNAPSHOT
                    β”œβ”€β”€ πŸ“„ multi3-3.7-20230227.162644-67.pom
                    └── πŸ“„ multi3-3.7-20230227.162644-67.war

Security Audit with JFrog Xray

  • .NET

  • Go

  • Gradle

  • Maven

  • npm

  • NuGet

  • Pip

  • Pipenv

  • Yarn Berry

You also have the option of downloading the matching script from , adding it to your project, and including it in your pipeline as follows:

As shown in the above and sections, you have the option of copying the setup-jfrog script into your pipeline, and thus avoiding its download. Since the setup-jfrog script downloads JFrog CLI from https://releases.jfrog.io/artifactory, you should also configure the script to download JFrog CLI from a remote repository in your JFrog Artifactory instance. Follow these steps to have JFrog CLI downloaded from your Artifactory instance:

Docker registry in Artifactory. For more info, see

See more environment variables in the JFrog CLI .

The setup-jfrog scripts are maintained in the . Each yaml includes two hidden jobs with scripts named .setup_jfrog and .cleanup_jfrog, which can be referenced by the pipeline after the script is included.

JFrog Platform
.setup-jfrog.yml
JFrog CLI
build-info
Artifactory Docker Registry
Store
Add
GitLab CI/CD variables
releases.jfrog.io
Including the Script
Referencing the Script
documentation
jfrog-cli repository
Getting Started with Artifactory as a Docker Registry