Install and configure Broker using Docker

Snyk Broker is an open-source tool that acts as a proxy between Snyk and special integrations, providing for access by snyk.io to your code to scan it and return results to you. SCM integrations with Broker support Snyk Open Source, Snyk Code, Snyk Container (Dockerfile), and Snyk IaC. For details about Snyk Broker, including how it works, how to deploy it, commit signing, upgrading, and troubleshooting, see the Snyk Broker user documentation.

If you are using Kubernetes, Snyk recommends that you install Snyk Broker with the Broker Helm Chart. For details, see Install and configure Broker using Helm.

For all other environments, you can install Snyk Broker using the Docker images provided by Snyk. The pages listed here explain how to set up the Snyk Broker Client integrations using Docker.

Installation using Docker

Multi-tenant settings for EU and AU When you set up Broker, Code Agent, or both for use in EU or AU Multi-tenant environments, additional environment variables with the specific URLs are required. Example: -e BROKER_SERVER_URL=https://broker.eu.snyk.io For the URLs, see EU and AU account datacenter creation.

• GitHub

• GitHub Enterprise

• Bitbucket Server/Data Centre

• Gitlab

• Azure Repos

• JFrog Artifactory Repository

• Nexus Repository Manager

• Jira

• Snyk Broker - Container Registry Agent (needed to connect to Container Registries)

• Snyk Broker - Code Agent (needed to enable SAST analysis)

• Derived Docker images for Broker Client integrations and Container Registry Agent

You can verify that the Broker is running by looking at the settings for your brokered integration in the Snyk Web UI to see a confirmation message that you are connected. You can start importing Projects once you are connected.

Advanced configuration using Docker

When you install using Docker, follow these instructions to configure Broker as needed:

• Changing the auth method with Docker

• Credential pooling with Docker

• HTTPS for Broker Client with Docker

• Backend requests with an internal certificate for Docker

• Proxy support with Docker

• Disable certificate verification with Docker

• Adding custom allowlist for Docker installation

• Custom approved-listing filter with Docker

• Mounting secrets with Docker

• Snyk Code - Clone capability with Broker for Docker

• High Availability Mode

Common questions about Snyk Broker

How often is Snyk Broker updated? Snyk Broker is updated each time new features become available and when there are fixes.

How often is Snyk Broker checked for vulnerabilities? The Snyk Broker application and images are tested daily for vulnerabilities.

What is the SLA to fix vulnerabilities? There is a 14-day SLA for fixing high vulnerabilities and a five-day SLA for fixing critical vulnerabilities in public images.

Additional information for developers

If you need to upgrade, see Upgrade the Snyk Broker Client.

Troubleshooting information is provided on the Troubleshooting Broker page.

You can view the license, Apache License, Version 2.0.

To submit pull requests, see Contributing.

See Security for specific information about Broker.