User Guide
  • Fundamentals
    • Quick Start Guide
      • Signing Up
      • Package Discovery
        • Connecting to GitHub
        • Connecting to GitLab
        • Connecting to Azure DevOps
        • Connecting to the CI Pipeline
        • Connecting to the Artifact Server
      • Package Sealing
        • Integrating the CLI in the CI
        • Editing Dependencies
    • Deployments
      • Choosing Your Deployment
      • Automatic Remediation
      • Remote Configuration
      • Local Configuration
      • Artifact Server
    • CLI
      • Download and Installation
      • Scanning
      • Fixing All Dependencies
      • Fixing Specific Dependencies
      • Fixing OS Vulnerabilities
      • Integrating with the CI
      • Uploading Scan Results
      • Commands
      • SCA Integrations
      • JFrog Integration
      • Usage Examples
        • Sealing Application Dependencies
        • Sealing Linux Environments
    • Artifact Server
      • Generating a Token
      • Artifact Server Ordering
      • Configuring the Package Manager
        • Configuring apk
        • Configuring Composer
        • Configuring Go
        • Configuring Gradle
        • Configuring Maven
        • Configuring npm
        • Configuring pip
        • Configuring Poetry
        • Configuring yarn
        • Configuring yum
      • Clearing the Cache
      • Editing Your Dependencies
    • Web Interface
      • Rules Screen
  • APIs
    • List Vulnerable Packages
  • FAQ
  • Vulnerability Disclosure
Powered by GitBook
On this page
  • Pull directly from the artifact server using Groovy
  • Pull through JFrog's Artifactory
  1. Fundamentals
  2. Artifact Server
  3. Configuring the Package Manager

Configuring Gradle

How to configure the Gradle package manager

PreviousConfiguring GoNextConfiguring Maven

Last updated 3 months ago

This page explains how to configure the Gradle package manager to pull packages from the Seal artifact server based on your existing setup.

Make sure you have the access token for the server ready.

Pull directly from the artifact server using Groovy

  1. Open the project's build.gradle file under the app directory.

  2. In the repositories section add Seal Security's artifact server. Note that it should replace or be before the built-in servers such as mavenCentral() and google() as explained . See the following example:

repositories {
    maven {
        credentials {
            username "$sealUser"
            password "$sealToken"
        }
        url "https://maven.sealsecurity.io"
    }
}

  1. Open the project's gradle.properties file and set the following properties, where SEAL_TOKEN stands for your token and PROJECT_ID should be the name of your project:

sealUser=PROJECT_ID
sealToken=SEAL_TOKEN

Pull through JFrog's Artifactory

  1. Go to JFrog's Artifactory configuration and create a new remote Maven repository.

    1. In the Basic configuration, choose whatever Repository Key you like.

    2. In both the URL field set https://maven.sealsecurity.io.

    3. In the User Name field use jfrog.

    4. In the Password / Access Token field paste the Production token you created earlier.

  2. Turn off the Handle Snapshots option.

  3. Save the new repository, and set it as the top priority remote repository in the virtual repository you're using.

here