Set up Snyk Broker with Artifactory Repository

Follow the instructions on this page to set up Artifactory Repository with Snyk Broker. This integration is useful to ensure a secure connection with your on-premise Artifactory Repository deployment.

Feature availability Integration with Artifactory Repository is available with Enterprise plans. See pricing plans for more details.

Prerequisites Ask your Snyk account team to provide you with a Broker token or generate it from the Snyk Web UI.

You need Docker or a way to run Docker Linux containers.

Some Docker deployments for Windows run only Windows containers. Ensure that your deployment is capable of running Linux containers.

For information about non-brokered integration with Artifactory Repository see Artifactory Repository setup.

Generate a Broker token from the Web UI

In the Artifactory integration settings, move the Snyk Broker on/off switch to on to display a form for generating a Broker token.
Select Generate and Save.
Copy the token that was generated to use when you set up the Broker Client.

Configure Broker to be used for Artifactory Registry

To use the Broker client with an Artifactory Registry deployment, run docker pull snyk/broker:artifactory.

The following environment variables are needed to customize the Broker client:

BROKER_TOKEN - the Snyk Broker token, obtained from your Artifactory integration settings (Integrations > Artifactory).

ARTIFACTORY_URL - the URL of your Artifactory deployment, such as <yourdomain>.artifactory.com/artifactory.

The following fields are optional:

Port: Omit if no port number is needed
Basic auth: Omit if no basic auth required. URL encode both username and password info to avoid errors that may prevent authentication.
Protocol: Defaults to https:// This should only be specified when no certificate is present and http:// is required instead for your instance

ARTIFACTORY_URL format with optional fields: [http://][username:password@]hostname[:port]/artifactory Example: http://alice:[email protected]:8080/artifactory

Optional. RES_BODY_URL_SUB - The URL of the Artifactory instance, including http:// and without basic auth credentials. Required for npm/Yarn integrations only. Example: http://acme.com/artifactory

Docker run commands to set up a Broker Client for Artifactory Repository

Copy the following command to set up a fully configured Broker Client to use with Artifactory Registry. You can run the Docker container by providing the relevant configuration:

docker run --restart=always \
           -p 8000:8000 \
           -e BROKER_TOKEN=secret-broker-token \
           -e ARTIFACTORY_URL=<yourdomain>.artifactory.com/artifactory \
       snyk/broker:artifactory

For an npm or Yarn integration, use the following command.

docker run --restart=always \
  -p 8000:8000 \
  -e BROKER_TOKEN=secret-broker-token \
  -e ARTIFACTORY_URL=acme.com/artifactory \
  -e RES_BODY_URL_SUB=http://acme.com/artifactory \ 
  snyk/broker:artifactory

As an alternative to using the Docker run command, you can use a derived Docker image to set up the Broker Client integration. See Derived Docker images for the environment variables to override for the Artifactory integration.

Start the Broker Client container and verify the connection with Artifactory Repository

Paste the Broker Client configuration to start the Broker Client container.

You can check the status of the connection by refreshing the Artifactory Integration Settings page. When the connection is set up correctly, there is no connection error.

PreviousSet up Snyk Broker with Azure Repos NextSet up Snyk Broker with Nexus Repository Manager

Last updated 2 years ago

Was this helpful?