Ctrlk
SupportSnyk LearnAPI referenceProduct updatesSign up for free
Edit

Running your Universal Broker client

Ensure you have all of the prerequisites before running the Broker Client:

  • The DEPLOYMENT_ID, CLIENT_ID, CLIENT_SECRET for your Broker Deployment

  • A credential reference associated with your deployment

  • Valid integration credentials required by your connections such as MY_GITHUB_TOKEN If references are missing, the connection will not be established, and an error entry will be logged in the Broker client logs.

Run your Broker deployment on your container engine (Docker Compose or Kubernetes cluster).

If you are not using app.snyk.io (for example, if you log into https://app.eu.snyk.io), you will need to target the Broker server for your region by using the following in your Docker run command -e BROKER_SERVER_URL=https://broker.region.snyk.io \ . For details, visit Broker URLs.

Docker Compose example

  1. Create a .env file with required and optional configuration variables:

  DEPLOYMENT_ID=<your-deployment-id>
  CLIENT_ID=<your-client-id>
  CLIENT_SECRET=<your-client-secret>
  PORT=8000
  # Add any credentials your integrations need, for example:
  MY_GITHUB_TOKEN=<secret>
  # Optional: override for EU or other environments
  BROKER_SERVER_URL=https://broker.eu.snyk.io
  BROKER_DISPATCHER_BASE_URL=https://api.eu.snyk.io

  1. Copy this example file to docker-compose.yaml

  1. Run docker compose up -d to start the containers.

Helm

A Helm chart is available for use on Kubernetes clusters. Refer to the README for details.

Ensure that you first pull the Helm chart:

helm pull oci://registry-1.docker.io/snyk/snyk-universal-broker

Then run:

Secret Values

Integration types may require different SCM-specific authentication parameters. When setting your credential reference environment variable in your Broker deployment you may wish to consult the following list of secret values and their required formats:

Integration Type
Parameter Name
Format

Artifactory

Artifactory URL

<username>:<password>@<yourdomain.artifactory.com>/artifactory

Azure Repos

Azure Repos Token

Azure Repos PAT

Bitbucket Server

Bitbucket Password

Alphanumeric password

Bitbucket PAT

Bitbucket Personal Access Token

Container Registry

Azure CR Password

Alphanumeric password

Artifactory CR Password (ACR)

Alphanumeric password

Docker Hub Password

Alphanumeric password

DigitalOcean CR Token

DigitalOcean PAT

Amazon Elastic Container CR Role ARN (ECR)

AWS IAM role ARN

Google Cloud Container (GCR) Password

Alphanumeric password

GitHub CR Password

Alphanumeric password

GitLab CR Password

Alphanumeric password

Google Artifact CR Password

Alphanumeric password

Harbor CR Password

Alphanumeric password

Nexus CR Password

Alphanumeric password

Quay CR Password

Alphanumeric password

Github

Github Token

Github Personal Access Token

Github Enterprise

Github Token

Github Personal Access Token

Github Server App

Github App Client ID

Github App Client ID

Github Cloud App

Github App Client ID

Github App Client ID

Gitlab

Gitlab Token

Gitlab Personal Access Token

Jira

Jira Password

Alphanumeric password

Jira PAT

JIRA Personal Access Token

Nexus

Nexus Base URL

https://<username>:<password>@<your.nexus.hostname>

PreviousSetting up and integrating your Universal Broker connectionsNextAdd a new connection to your Universal Broker

Last updated

Was this helpful?