Skip to main content

Configure an agent with Artifactory access: LSTs

Artifactory serves as a source of LST artifacts for Moderne. This integration uses Artifactory Query Language (AQL) to identify LST artifacts that have not yet been encrypted and transmitted to Moderne in near real-time.

This guide will walk you through how to configure the Moderne agent to connect to your Artifactory instance to retrieve LST artifacts.

info

If you're wanting to configure Artifactory to support recipe artifacts, please see this guide instead.

Prerequisites

  • You will need credentials for an Artifactory user that is allowed to issue the relevant AQL queries that will be configured. This can be either:
    • A username and password combination, or
    • A bearer token (access token)

Configuring the Moderne agent

The following table contains all of the variables/arguments you need to add to your Moderne agent run command in order for it to get LST artifacts from your Artifactory instance. Please note that these variables/arguments must be combined with ones found in other steps in the Configuring the Moderne agent guide.

You can configure multiple Artifactory servers by including multiple entries, each with a different {index}. Within a given Artifactory server configuration, you can configure multiple LST query filters by including multiple entries, each with a different {index}.

Environment variables:

Variable NameRequiredDefaultDescription
MODERNE_AGENT_ARTIFACTORY_{index}_URLtrueThe URL of your Artifactory instance.
MODERNE_AGENT_ARTIFACTORY_{index}_USERNAMEfalseThe username used to connect to your Artifactory instance. This user must have permission to run AQL queries.

Note: Only one of basic auth (username+password) or bearer token can be used.
MODERNE_AGENT_ARTIFACTORY_{index}_PASSWORDfalseThe password used to connect to your Artifactory instance.

Note: Only one of basic auth (username+password) or bearer token can be used.
MODERNE_AGENT_ARTIFACTORY_{index}_BEARERTOKENfalseThe bearer token (access token) used to connect to your Artifactory instance.

Note: Only one of basic auth (username+password) or bearer token can be used. If bearerToken is specified, username and password must not be provided.
MODERNE_AGENT_ARTIFACTORY_{index}_ASTQUERYFILTERS_{index}trueThe AQL query fragment used to select LST artifacts to send to Moderne. If multiple are specified, they are combined together with an AND.
MODERNE_AGENT_ARTIFACTORY_{index}_SKIPSSLfalsefalseSpecifies whether or not to skip SSL verification for HTTP connections from the agent to this Artifactory instance. This must be set to true if you use a self-signed SSL/TLS certificate.
MODERNE_AGENT_ARTIFACTORY_{index}_SKIPVALIDATECONNECTIVITYfalsefalseBy default, on agent startup, we will validate that we can connect to this Artifactory instance, and fail to start up the agent if we cannot. Set this to true to skip this validation.
MODERNE_AGENT_ARTIFACTORY_{index}_PROXY_HOSTfalseThe hostname of a proxy server to use for connections to this Artifactory instance.
MODERNE_AGENT_ARTIFACTORY_{index}_PROXY_PORTfalseThe port of the proxy server to use for connections to this Artifactory instance.
MODERNE_AGENT_ARTIFACTORY_{index}_CONNECTTIMEOUTfalse30sTimeout for the connection to be established (and the first data received). Specified as a duration (e.g., 30s, 1m).
MODERNE_AGENT_ARTIFACTORY_{index}_READTIMEOUTfalse60sTimeout for reading the response body from the Artifactory instance. Specified as a duration (e.g., 60s, 5m).

Example:

docker run \
# ... Existing variables
-e MODERNE_AGENT_ARTIFACTORY_0_URL=https://myartifactory.example.com/artifactory/ \
-e MODERNE_AGENT_ARTIFACTORY_0_USERNAME=admin \
-e MODERNE_AGENT_ARTIFACTORY_0_PASSWORD=password \
-e MODERNE_AGENT_ARTIFACTORY_0_ASTQUERYFILTERS_0='"name":{"$match":"*-ast.jar"}' \
-e MODERNE_AGENT_ARTIFACTORY_0_ASTQUERYFILTERS_1='"repo":{"$eq":"example-maven"}' \
# ... Additional variables