User Guide
  • Fundamentals
    • Quick Start Guide
      • Signing Up
      • Package Discovery
        • Connecting to GitHub
        • Connecting to GitLab
        • Connecting to Azure DevOps
        • Connecting to the CI Pipeline
        • Connecting to the Artifact Server
      • Package Sealing
        • Integrating the CLI in the CI
        • Editing Dependencies
    • Deployments
      • Choosing Your Deployment
      • Automatic Remediation
      • Remote Configuration
      • Local Configuration
      • Artifact Server
    • CLI
      • Download and Installation
      • Scanning
      • Fixing All Dependencies
      • Fixing Specific Dependencies
      • Fixing OS Vulnerabilities
      • Integrating with the CI
      • Uploading Scan Results
      • Commands
      • SCA Integrations
      • JFrog Integration
      • Usage Examples
        • Sealing Application Dependencies
        • Sealing Linux Environments
    • Artifact Server
      • Generating a Token
      • Artifact Server Ordering
      • Configuring the Package Manager
        • Configuring apk
        • Configuring Composer
        • Configuring Go
        • Configuring Gradle
        • Configuring Maven
        • Configuring npm
        • Configuring pip
        • Configuring Poetry
        • Configuring yarn
        • Configuring yum
      • Clearing the Cache
      • Editing Your Dependencies
    • Web Interface
      • Rules Screen
  • FAQ
  • Vulnerability Disclosure
Powered by GitBook
On this page
  1. Fundamentals
  2. CLI

JFrog Integration

How to configure the CLI if the CI pipeline can only communicate with a JFrog artifact server

  1. Go to JFrog and create a new remote repository:

    • Select the repository type Generic.

    • Set the Repository Key as seal-cli.

    • Set the URL as https://cli.sealsecurity.io/authenticated/jfrog.

    • Set the User Name as jfrog.

    • Set the Password / Access Token as the token to the Seal artifact server. See here about how to create a new token.

    • Turn on Propagate Query Parameters.

    • Turn on Disable URL Normalization.

    • Turn off Store Artifacts Locally.

  2. Go to JFrog and create an additional remote repository according to the ecosystem-specific instructions.

  3. Generate a new JFrog access token:

    • Set Token scope as "User".

    • Set User name to be your user.

    • Set Expiration time to "Never".

    • Turn on Create Reference Token.

    • Click Generate and save the reference token for the next steps.

  4. Configure the CLI:

    • Similar to the instructions here, we need to configure the authentication with JFrog. We can either use environment variables or the .seal-config.yml.

    • Using environment variables:

    • export SEAL_JFROG_AUTH_TOKEN=<token> # the reference token created in the previous step
export SEAL_JFROG_INSTANCE_HOST=<domain> # for example: domain.jfrog.io
export SEAL_JFROG_ENABLED=1
export SEAL_PROJECT=<project-id> # the ID of the current project

    • Using the .seal-config.yml:

    • jfrog:
  host: <doman> # for example: domain.jfrog.io
  token: <token> # the reference token created in the previous step
  enabled: true
project: <project-id> # the ID of the current project

PreviousSCA IntegrationsNextUsage Examples

Last updated 4 months ago