From da09fbdc8163fcdfbb2e5a8eaf78bf98ad1f6374 Mon Sep 17 00:00:00 2001 From: Atif Ali Date: Sun, 13 Aug 2023 23:13:46 +0000 Subject: [PATCH 1/8] dcs: update jfrog package management docs --- docs/platforms/jfrog.md | 70 +++++++++++++++---- .../templates/jfrog-docker/build/Dockerfile | 1 + examples/templates/jfrog-docker/main.tf | 35 +++++++--- 3 files changed, 83 insertions(+), 23 deletions(-) diff --git a/docs/platforms/jfrog.md b/docs/platforms/jfrog.md index 966d1472f6bd5..264aeb092caf9 100644 --- a/docs/platforms/jfrog.md +++ b/docs/platforms/jfrog.md @@ -11,8 +11,9 @@ The full example template can be found [here](https://github.com/coder/coder/tre - A JFrog Artifactory instance - An admin-level access token for Artifactory -- 1:1 mapping of users in Coder to users in Artifactory by email address -- An npm repository in Artifactory named "npm" +- 1:1 mapping of users in Coder to users in Artifactory by email address and username +- Repositories configured in Artifactory for each package manager you want to use +
The admin-level access token is used to provision user tokens and is never exposed to @@ -40,7 +41,7 @@ terraform { } artifactory = { source = "registry.terraform.io/jfrog/artifactory" - version = "6.22.3" + version = "~> 8.4.0" } } } @@ -57,15 +58,15 @@ variable "artifactory_access_token" { # Configure the Artifactory provider provider "artifactory" { - url = "${var.jfrog_url}/artifactory" + url = "https://${var.jfrog_url}/artifactory" access_token = "${var.artifactory_access_token}" } ``` -When pushing the template, you can pass in the variables using the `-V` flag: +When pushing the template, you can pass in the variables using the `--var` flag: ```sh -coder templates push --var 'jfrog_url=https://YYY.jfrog.io' --var 'artifactory_access_token=XXX' +coder templates push --var 'jfrog_url=YYY.jfrog.io' --var 'artifactory_access_token=XXX' ``` ## Installing JFrog CLI @@ -107,9 +108,27 @@ resource "coder_agent" "main" { export CI=true jf c rm 0 || true - echo ${artifactory_access_token.me.access_token} | \ - jf c add --access-token-stdin --url ${var.jfrog_url} 0 + echo ${artifactory_scoped_token.me.access_token} | \ + jf c add --access-token-stdin --url https://${var.jfrog_url} 0 + + # Configure the `npm` CLI to use the Artifactory "npm" registry. + cat << EOF > ~/.npmrc + email = ${data.coder_workspace.me.owner_email} + registry = https://${var.jfrog_url}/artifactory/api/npm/${local.artifactory_registry_keys["npm"]} + EOF + jf rt curl /api/npm/auth >> .npmrc + + mkdir -p ~/.pip + cat << EOF > ~/.pip/pip.conf + [global] + index-url = https://${data.coder_workspace.me.owner}:${artifactory_scoped_token.me.access_token}@${var.jfrog_url}/artifactory/api/pypi/${local.artifactory_registry_keys["pypi"]}/simple + EOF + EOT + # Set GOPROXY to use the Artifactory "go" registry. + env = { + GOPROXY : "https://${data.coder_workspace.me.owner}:${artifactory_scoped_token.me.access_token}@${var.jfrog_url}/artifactory/api/go/${local.artifactory_registry_keys["go"]}" + } } ``` @@ -125,7 +144,7 @@ Distribution URL: https://cdr.jfrog.io/distribution/ Xray URL: https://cdr.jfrog.io/xray/ Mission Control URL: https://cdr.jfrog.io/mc/ Pipelines URL: https://cdr.jfrog.io/pipelines/ -User: ammar@....com +User: ammar Access token: ... Default: true ``` @@ -151,11 +170,11 @@ Note that this method will only work if your developers use code-server. Add the following line to your `startup_script` to configure `npm` to use Artifactory: -```sh +```shell # Configure the `npm` CLI to use the Artifactory "npm" registry. cat << EOF > ~/.npmrc email = ${data.coder_workspace.me.owner_email} - registry=${var.jfrog_url}/artifactory/api/npm/npm/ + registry = https://${var.jfrog_url}/artifactory/api/npm/npm/ EOF jf rt curl /api/npm/auth >> .npmrc ``` @@ -165,8 +184,33 @@ use Artifactory as the package registry. You can verify that `npm` is configured correctly by running `npm install --loglevel=http react` and checking that npm is only hitting your Artifactory URL. -You can apply the same concepts to Docker, Go, Maven, and other package managers -supported by Artifactory. +## Configuring pip + +Add the following lines to your `startup_script` to configure `pip` to use +Artifactory: + +```shell + mkdir -p ~/.pip + cat << EOF > ~/.pip/pip.conf + [global] + index-url = https://${data.coder_workspace.me.owner}:${artifactory_scoped_token.me.access_token}@${var.jfrog_url}/artifactory/api/pypi/pypi/simple + EOF +``` + +Now, your developers can run `pip install` and transparently use Artifactory as the package registry. You can verify that `pip` is configured correctly by running `pip install --verbose requests` and checking that pip is only hitting your Artifactory URL. + +## Configuring Go + +Add the following environment variable to your `coder_agent` block to configure `go` to use Artifactory: + +```hcl + env = { + GOPROXY : "https://${data.coder_workspace.me.owner}:${artifactory_scoped_token.me.access_token}@${var.jfrog_url}/artifactory/api/go/go" + } +``` + +You can apply the same concepts to Docker, Maven, and other package managers +supported by Artifactory. See the [JFrog documentation](https://jfrog.com/help/r/jfrog-artifactory-documentation/package-management) for more information. ## More reading diff --git a/examples/templates/jfrog-docker/build/Dockerfile b/examples/templates/jfrog-docker/build/Dockerfile index 1dfaa77015f32..d3a4be36997dd 100644 --- a/examples/templates/jfrog-docker/build/Dockerfile +++ b/examples/templates/jfrog-docker/build/Dockerfile @@ -5,6 +5,7 @@ RUN apt-get update \ curl \ git \ golang \ + python3-pip \ sudo \ vim \ wget \ diff --git a/examples/templates/jfrog-docker/main.tf b/examples/templates/jfrog-docker/main.tf index 0c409d5ebe54b..844a730c56acc 100644 --- a/examples/templates/jfrog-docker/main.tf +++ b/examples/templates/jfrog-docker/main.tf @@ -10,19 +10,25 @@ terraform { } artifactory = { source = "registry.terraform.io/jfrog/artifactory" - version = "6.22.3" + version = "~> 8.4.0" } } } locals { username = data.coder_workspace.me.owner + artifactory_registry_keys = { + "npm" = "npm" + "pypi" = "pypi" + "go" = "go" + } } data "coder_provisioner" "me" { } provider "docker" { + host = "tcp://100.117.102.81:2375" } data "coder_workspace" "me" { @@ -38,17 +44,14 @@ variable "artifactory_access_token" { description = "The admin-level access token to use for JFrog." } - # Configure the Artifactory provider provider "artifactory" { - url = "${var.jfrog_url}/artifactory" + url = "https://${var.jfrog_url}/artifactory" access_token = var.artifactory_access_token } -resource "artifactory_access_token" "me" { - username = data.coder_workspace.me.owner_email - # The token should live for the duration of the workspace. - end_date_relative = "0s" +resource "artifactory_scoped_token" "me" { + username = data.coder_workspace.me.owner } resource "coder_agent" "main" { @@ -67,16 +70,28 @@ resource "coder_agent" "main" { export CI=true jf c rm 0 || true - echo ${artifactory_access_token.me.access_token} | \ - jf c add --access-token-stdin --url ${var.jfrog_url} 0 + echo ${artifactory_scoped_token.me.access_token} | \ + jf c add --access-token-stdin --url https://${var.jfrog_url} 0 # Configure the `npm` CLI to use the Artifactory "npm" registry. cat << EOF > ~/.npmrc email = ${data.coder_workspace.me.owner_email} - registry=${var.jfrog_url}/artifactory/api/npm/npm/ + registry = https://${var.jfrog_url}/artifactory/api/npm/${local.artifactory_registry_keys["npm"]} EOF jf rt curl /api/npm/auth >> .npmrc + + # Configure the `pip` to use the Artifactory "pypi" registry. + mkdir -p ~/.pip + cat << EOF > ~/.pip/pip.conf + [global] + index-url = https://${data.coder_workspace.me.owner}:${artifactory_scoped_token.me.access_token}@${var.jfrog_url}/artifactory/api/pypi/${local.artifactory_registry_keys["pypi"]}/simple + EOF + EOT + # Set GOPROXY to use the Artifactory "go" registry. + env = { + GOPROXY : "https://${data.coder_workspace.me.owner}:${artifactory_scoped_token.me.access_token}@${var.jfrog_url}/artifactory/api/go/${local.artifactory_registry_keys["go"]}" + } } resource "coder_app" "code-server" { From e621e6dd8b4ca401b12db4e97f89cd136d610b91 Mon Sep 17 00:00:00 2001 From: Atif Ali Date: Sun, 13 Aug 2023 23:17:32 +0000 Subject: [PATCH 2/8] fmt --- docs/platforms/jfrog.md | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/platforms/jfrog.md b/docs/platforms/jfrog.md index 264aeb092caf9..7ce5cdf2c04e2 100644 --- a/docs/platforms/jfrog.md +++ b/docs/platforms/jfrog.md @@ -14,7 +14,6 @@ The full example template can be found [here](https://github.com/coder/coder/tre - 1:1 mapping of users in Coder to users in Artifactory by email address and username - Repositories configured in Artifactory for each package manager you want to use -
The admin-level access token is used to provision user tokens and is never exposed to developers or stored in workspaces. From 2d218bba0b9799b883937889596f8ad25aee5b01 Mon Sep 17 00:00:00 2001 From: Atif Ali Date: Mon, 14 Aug 2023 10:11:52 +0000 Subject: [PATCH 3/8] update --- docs/platforms/jfrog.md | 4 +-- .../templates/jfrog-docker/build/Dockerfile | 8 +++++- examples/templates/jfrog-docker/main.tf | 26 +++++++++++-------- 3 files changed, 24 insertions(+), 14 deletions(-) diff --git a/docs/platforms/jfrog.md b/docs/platforms/jfrog.md index 7ce5cdf2c04e2..a34862871b73d 100644 --- a/docs/platforms/jfrog.md +++ b/docs/platforms/jfrog.md @@ -47,7 +47,7 @@ terraform { variable "jfrog_url" { type = string - description = "The URL of the JFrog instance." + description = "The URL of the JFrog instance. e.g. YYY.jfrog.io" } variable "artifactory_access_token" { @@ -143,7 +143,7 @@ Distribution URL: https://cdr.jfrog.io/distribution/ Xray URL: https://cdr.jfrog.io/xray/ Mission Control URL: https://cdr.jfrog.io/mc/ Pipelines URL: https://cdr.jfrog.io/pipelines/ -User: ammar +User: ammar@....com Access token: ... Default: true ``` diff --git a/examples/templates/jfrog-docker/build/Dockerfile b/examples/templates/jfrog-docker/build/Dockerfile index d3a4be36997dd..2d966c10cffa2 100644 --- a/examples/templates/jfrog-docker/build/Dockerfile +++ b/examples/templates/jfrog-docker/build/Dockerfile @@ -4,7 +4,6 @@ RUN apt-get update \ && apt-get install -y \ curl \ git \ - golang \ python3-pip \ sudo \ vim \ @@ -12,6 +11,13 @@ RUN apt-get update \ npm \ && rm -rf /var/lib/apt/lists/* +ARG GO_VERSION=1.20.7 +RUN mkdir --parents /usr/local/go && curl --silent --show-error --location \ + "https://go.dev/dl/go${GO_VERSION}.linux-amd64.tar.gz" -o /usr/local/go.tar.gz && \ + tar --extract --gzip --directory=/usr/local/go --file=/usr/local/go.tar.gz --strip-components=1 + +ENV PATH=$PATH:/usr/local/go/bin + ARG USER=coder RUN useradd --groups sudo --no-create-home --shell /bin/bash ${USER} \ && echo "${USER} ALL=(ALL) NOPASSWD:ALL" >/etc/sudoers.d/${USER} \ diff --git a/examples/templates/jfrog-docker/main.tf b/examples/templates/jfrog-docker/main.tf index 844a730c56acc..b4835019314d9 100644 --- a/examples/templates/jfrog-docker/main.tf +++ b/examples/templates/jfrog-docker/main.tf @@ -16,19 +16,23 @@ terraform { } locals { - username = data.coder_workspace.me.owner + # if the jfrog username is same as the coder username, you can use the following + # username = data.coder_workspace.me.owner + # if the username is same as email, you can use the following + # username = urlencode(data.coder_workspace.me.owner_email) + artifactory_username = data.coder_workspace.me.owner artifactory_registry_keys = { - "npm" = "npm" - "pypi" = "pypi" - "go" = "go" + "npm" = "npm" + "python" = "python" + "go" = "go" } + workspace_user = data.coder_workspace.me.owner } data "coder_provisioner" "me" { } provider "docker" { - host = "tcp://100.117.102.81:2375" } data "coder_workspace" "me" { @@ -51,7 +55,7 @@ provider "artifactory" { } resource "artifactory_scoped_token" "me" { - username = data.coder_workspace.me.owner + username = local.artifactory_username } resource "coder_agent" "main" { @@ -84,13 +88,13 @@ resource "coder_agent" "main" { mkdir -p ~/.pip cat << EOF > ~/.pip/pip.conf [global] - index-url = https://${data.coder_workspace.me.owner}:${artifactory_scoped_token.me.access_token}@${var.jfrog_url}/artifactory/api/pypi/${local.artifactory_registry_keys["pypi"]}/simple + index-url = https://${local.artifactory_username}:${artifactory_scoped_token.me.access_token}@${var.jfrog_url}/artifactory/api/pypi/${local.artifactory_registry_keys["python"]}/simple EOF EOT # Set GOPROXY to use the Artifactory "go" registry. env = { - GOPROXY : "https://${data.coder_workspace.me.owner}:${artifactory_scoped_token.me.access_token}@${var.jfrog_url}/artifactory/api/go/${local.artifactory_registry_keys["go"]}" + GOPROXY : "https://${local.artifactory_username}:${artifactory_scoped_token.me.access_token}@${var.jfrog_url}/artifactory/api/go/${local.artifactory_registry_keys["go"]}" } } @@ -98,7 +102,7 @@ resource "coder_app" "code-server" { agent_id = coder_agent.main.id slug = "code-server" display_name = "code-server" - url = "http://localhost:13337/?folder=/home/${local.username}" + url = "http://localhost:13337/?folder=/home/${local.workspace_user}" icon = "/icon/code.svg" subdomain = false share = "owner" @@ -123,7 +127,7 @@ resource "docker_image" "main" { build { context = "./build" build_args = { - USER = local.username + USER = local.workspace_user } } triggers = { @@ -145,7 +149,7 @@ resource "docker_container" "workspace" { ip = "host-gateway" } volumes { - container_path = "/home/${local.username}" + container_path = "/home/${local.workspace_user}" volume_name = docker_volume.home_volume.name read_only = false } From f4ce48555e40b8278cdeba48b51a3301f0446a05 Mon Sep 17 00:00:00 2001 From: Atif Ali Date: Mon, 14 Aug 2023 15:46:55 +0000 Subject: [PATCH 4/8] rename `jfrog_host` to `jfrog_url` --- examples/templates/jfrog-docker/main.tf | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/examples/templates/jfrog-docker/main.tf b/examples/templates/jfrog-docker/main.tf index b4835019314d9..27d35adf71049 100644 --- a/examples/templates/jfrog-docker/main.tf +++ b/examples/templates/jfrog-docker/main.tf @@ -38,9 +38,9 @@ provider "docker" { data "coder_workspace" "me" { } -variable "jfrog_url" { +variable "jfrog_host" { type = string - description = "The URL of the JFrog instance." + description = "JFrog instance hostname. For example, 'YYY.jfrog.io'." } variable "artifactory_access_token" { @@ -50,7 +50,7 @@ variable "artifactory_access_token" { # Configure the Artifactory provider provider "artifactory" { - url = "https://${var.jfrog_url}/artifactory" + url = "https://${var.jfrog_host}/artifactory" access_token = var.artifactory_access_token } @@ -75,12 +75,12 @@ resource "coder_agent" "main" { jf c rm 0 || true echo ${artifactory_scoped_token.me.access_token} | \ - jf c add --access-token-stdin --url https://${var.jfrog_url} 0 + jf c add --access-token-stdin --url https://${var.jfrog_host} 0 # Configure the `npm` CLI to use the Artifactory "npm" registry. cat << EOF > ~/.npmrc email = ${data.coder_workspace.me.owner_email} - registry = https://${var.jfrog_url}/artifactory/api/npm/${local.artifactory_registry_keys["npm"]} + registry = https://${var.jfrog_host}/artifactory/api/npm/${local.artifactory_registry_keys["npm"]} EOF jf rt curl /api/npm/auth >> .npmrc @@ -88,13 +88,13 @@ resource "coder_agent" "main" { mkdir -p ~/.pip cat << EOF > ~/.pip/pip.conf [global] - index-url = https://${local.artifactory_username}:${artifactory_scoped_token.me.access_token}@${var.jfrog_url}/artifactory/api/pypi/${local.artifactory_registry_keys["python"]}/simple + index-url = https://${local.artifactory_username}:${artifactory_scoped_token.me.access_token}@${var.jfrog_host}/artifactory/api/pypi/${local.artifactory_registry_keys["python"]}/simple EOF EOT # Set GOPROXY to use the Artifactory "go" registry. env = { - GOPROXY : "https://${local.artifactory_username}:${artifactory_scoped_token.me.access_token}@${var.jfrog_url}/artifactory/api/go/${local.artifactory_registry_keys["go"]}" + GOPROXY : "https://${local.artifactory_username}:${artifactory_scoped_token.me.access_token}@${var.jfrog_host}/artifactory/api/go/${local.artifactory_registry_keys["go"]}" } } From 86926f54e3c06678abc220b63be247552cbffc30 Mon Sep 17 00:00:00 2001 From: Atif Ali Date: Mon, 14 Aug 2023 15:47:50 +0000 Subject: [PATCH 5/8] typo --- examples/templates/jfrog-docker/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/examples/templates/jfrog-docker/main.tf b/examples/templates/jfrog-docker/main.tf index 27d35adf71049..34d685402295f 100644 --- a/examples/templates/jfrog-docker/main.tf +++ b/examples/templates/jfrog-docker/main.tf @@ -17,9 +17,9 @@ terraform { locals { # if the jfrog username is same as the coder username, you can use the following - # username = data.coder_workspace.me.owner + # artifactory_username = data.coder_workspace.me.owner # if the username is same as email, you can use the following - # username = urlencode(data.coder_workspace.me.owner_email) + # artifactory_username = urlencode(data.coder_workspace.me.owner_email) artifactory_username = data.coder_workspace.me.owner artifactory_registry_keys = { "npm" = "npm" From dda579e5fa97a663c2ce74a4de570ad6fa0a945f Mon Sep 17 00:00:00 2001 From: Atif Ali Date: Mon, 14 Aug 2023 15:52:49 +0000 Subject: [PATCH 6/8] update docs --- docs/platforms/jfrog.md | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/docs/platforms/jfrog.md b/docs/platforms/jfrog.md index a34862871b73d..4d30a5242fdd3 100644 --- a/docs/platforms/jfrog.md +++ b/docs/platforms/jfrog.md @@ -45,9 +45,9 @@ terraform { } } -variable "jfrog_url" { +variable "jfrog_host" { type = string - description = "The URL of the JFrog instance. e.g. YYY.jfrog.io" + description = "JFrog instance hostname. e.g. YYY.jfrog.io" } variable "artifactory_access_token" { @@ -57,7 +57,7 @@ variable "artifactory_access_token" { # Configure the Artifactory provider provider "artifactory" { - url = "https://${var.jfrog_url}/artifactory" + url = "https://${var.jfrog_host}/artifactory" access_token = "${var.artifactory_access_token}" } ``` @@ -65,7 +65,7 @@ provider "artifactory" { When pushing the template, you can pass in the variables using the `--var` flag: ```sh -coder templates push --var 'jfrog_url=YYY.jfrog.io' --var 'artifactory_access_token=XXX' +coder templates push --var 'jfrog_host=YYY.jfrog.io' --var 'artifactory_access_token=XXX' ``` ## Installing JFrog CLI @@ -108,25 +108,25 @@ resource "coder_agent" "main" { jf c rm 0 || true echo ${artifactory_scoped_token.me.access_token} | \ - jf c add --access-token-stdin --url https://${var.jfrog_url} 0 + jf c add --access-token-stdin --url https://${var.jfrog_host} 0 # Configure the `npm` CLI to use the Artifactory "npm" registry. cat << EOF > ~/.npmrc email = ${data.coder_workspace.me.owner_email} - registry = https://${var.jfrog_url}/artifactory/api/npm/${local.artifactory_registry_keys["npm"]} + registry = https://${var.jfrog_host}/artifactory/api/npm/${local.artifactory_registry_keys["npm"]} EOF jf rt curl /api/npm/auth >> .npmrc mkdir -p ~/.pip cat << EOF > ~/.pip/pip.conf [global] - index-url = https://${data.coder_workspace.me.owner}:${artifactory_scoped_token.me.access_token}@${var.jfrog_url}/artifactory/api/pypi/${local.artifactory_registry_keys["pypi"]}/simple + index-url = https://${data.coder_workspace.me.owner}:${artifactory_scoped_token.me.access_token}@${var.jfrog_host}/artifactory/api/pypi/${local.artifactory_registry_keys["pypi"]}/simple EOF EOT # Set GOPROXY to use the Artifactory "go" registry. env = { - GOPROXY : "https://${data.coder_workspace.me.owner}:${artifactory_scoped_token.me.access_token}@${var.jfrog_url}/artifactory/api/go/${local.artifactory_registry_keys["go"]}" + GOPROXY : "https://${data.coder_workspace.me.owner}:${artifactory_scoped_token.me.access_token}@${var.jfrog_host}/artifactory/api/go/${local.artifactory_registry_keys["go"]}" } } ``` @@ -173,7 +173,7 @@ Artifactory: # Configure the `npm` CLI to use the Artifactory "npm" registry. cat << EOF > ~/.npmrc email = ${data.coder_workspace.me.owner_email} - registry = https://${var.jfrog_url}/artifactory/api/npm/npm/ + registry = https://${var.jfrog_host}/artifactory/api/npm/npm/ EOF jf rt curl /api/npm/auth >> .npmrc ``` @@ -192,7 +192,7 @@ Artifactory: mkdir -p ~/.pip cat << EOF > ~/.pip/pip.conf [global] - index-url = https://${data.coder_workspace.me.owner}:${artifactory_scoped_token.me.access_token}@${var.jfrog_url}/artifactory/api/pypi/pypi/simple + index-url = https://${data.coder_workspace.me.owner}:${artifactory_scoped_token.me.access_token}@${var.jfrog_host}/artifactory/api/pypi/pypi/simple EOF ``` @@ -204,7 +204,7 @@ Add the following environment variable to your `coder_agent` block to configure ```hcl env = { - GOPROXY : "https://${data.coder_workspace.me.owner}:${artifactory_scoped_token.me.access_token}@${var.jfrog_url}/artifactory/api/go/go" + GOPROXY : "https://${data.coder_workspace.me.owner}:${artifactory_scoped_token.me.access_token}@${var.jfrog_host}/artifactory/api/go/go" } ``` From 043392f02c2b81e19fb3403c1dda5c60986e38aa Mon Sep 17 00:00:00 2001 From: Atif Ali Date: Mon, 14 Aug 2023 15:58:15 +0000 Subject: [PATCH 7/8] obfuscate --- docs/platforms/jfrog.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/platforms/jfrog.md b/docs/platforms/jfrog.md index 4d30a5242fdd3..97299dc0a466e 100644 --- a/docs/platforms/jfrog.md +++ b/docs/platforms/jfrog.md @@ -137,12 +137,12 @@ running `jf c show`. It should display output like: ```text coder@jf:~$ jf c show Server ID: 0 -JFrog Platform URL: https://cdr.jfrog.io/ -Artifactory URL: https://cdr.jfrog.io/artifactory/ -Distribution URL: https://cdr.jfrog.io/distribution/ -Xray URL: https://cdr.jfrog.io/xray/ -Mission Control URL: https://cdr.jfrog.io/mc/ -Pipelines URL: https://cdr.jfrog.io/pipelines/ +JFrog Platform URL: https://YYY.jfrog.io/ +Artifactory URL: https://YYY.jfrog.io/artifactory/ +Distribution URL: https://YYY.jfrog.io/distribution/ +Xray URL: https://YYY.jfrog.io/xray/ +Mission Control URL: https://YYY.jfrog.io/mc/ +Pipelines URL: https://YYY.jfrog.io/pipelines/ User: ammar@....com Access token: ... Default: true From 19ca292c0c261a1b6888f359c5ff41352cee9c36 Mon Sep 17 00:00:00 2001 From: Atif Ali Date: Tue, 15 Aug 2023 06:57:30 +0000 Subject: [PATCH 8/8] incorporate suggestions --- docs/platforms/jfrog.md | 27 +++++++++++++++++++------ examples/templates/jfrog-docker/main.tf | 14 ++++++------- 2 files changed, 28 insertions(+), 13 deletions(-) diff --git a/docs/platforms/jfrog.md b/docs/platforms/jfrog.md index 97299dc0a466e..d8511de230dbf 100644 --- a/docs/platforms/jfrog.md +++ b/docs/platforms/jfrog.md @@ -88,7 +88,21 @@ In our Docker-based example, we install `jf` by adding these lines to our `Docke RUN curl -fL https://install-cli.jfrog.io | sh && chmod 755 $(which jf) ``` -and use this `coder_agent` block: +## Configuring Coder workspace to use JFrog Artifactory repositories + +Create a `locals` block to store the Artifactory repository keys for each package manager you want to use in your workspace. For example, if you want to use artifactory repositories with keys `npm`, `pypi`, and `go`, you can create a `locals` block like this: + +```hcl +locals { + artifactory_repository_keys = { + npm = "npm" + python = "pypi" + go = "go" + } +} +``` + +To automatically configure `jf` CLI and Artifactory repositories for each user, add the following lines to your `startup_script` in the `coder_agent` block: ```hcl resource "coder_agent" "main" { @@ -110,23 +124,24 @@ resource "coder_agent" "main" { echo ${artifactory_scoped_token.me.access_token} | \ jf c add --access-token-stdin --url https://${var.jfrog_host} 0 - # Configure the `npm` CLI to use the Artifactory "npm" registry. + # Configure the `npm` CLI to use the Artifactory "npm" repository. cat << EOF > ~/.npmrc email = ${data.coder_workspace.me.owner_email} - registry = https://${var.jfrog_host}/artifactory/api/npm/${local.artifactory_registry_keys["npm"]} + registry = https://${var.jfrog_host}/artifactory/api/npm/${local.artifactory_repository_keys["npm"]} EOF jf rt curl /api/npm/auth >> .npmrc + # Configure the `pip` to use the Artifactory "python" repository. mkdir -p ~/.pip cat << EOF > ~/.pip/pip.conf [global] - index-url = https://${data.coder_workspace.me.owner}:${artifactory_scoped_token.me.access_token}@${var.jfrog_host}/artifactory/api/pypi/${local.artifactory_registry_keys["pypi"]}/simple + index-url = https://${local.artifactory_username}:${artifactory_scoped_token.me.access_token}@${var.jfrog_host}/artifactory/api/pypi/${local.artifactory_repository_keys["python"]}/simple EOF EOT - # Set GOPROXY to use the Artifactory "go" registry. + # Set GOPROXY to use the Artifactory "go" repository. env = { - GOPROXY : "https://${data.coder_workspace.me.owner}:${artifactory_scoped_token.me.access_token}@${var.jfrog_host}/artifactory/api/go/${local.artifactory_registry_keys["go"]}" + GOPROXY : "https://${local.artifactory_username}:${artifactory_scoped_token.me.access_token}@${var.jfrog_host}/artifactory/api/go/${local.artifactory_repository_keys["go"]}" } } ``` diff --git a/examples/templates/jfrog-docker/main.tf b/examples/templates/jfrog-docker/main.tf index 34d685402295f..01bad5e2c52b7 100644 --- a/examples/templates/jfrog-docker/main.tf +++ b/examples/templates/jfrog-docker/main.tf @@ -21,7 +21,7 @@ locals { # if the username is same as email, you can use the following # artifactory_username = urlencode(data.coder_workspace.me.owner_email) artifactory_username = data.coder_workspace.me.owner - artifactory_registry_keys = { + artifactory_repository_keys = { "npm" = "npm" "python" = "python" "go" = "go" @@ -77,24 +77,24 @@ resource "coder_agent" "main" { echo ${artifactory_scoped_token.me.access_token} | \ jf c add --access-token-stdin --url https://${var.jfrog_host} 0 - # Configure the `npm` CLI to use the Artifactory "npm" registry. + # Configure the `npm` CLI to use the Artifactory "npm" repository. cat << EOF > ~/.npmrc email = ${data.coder_workspace.me.owner_email} - registry = https://${var.jfrog_host}/artifactory/api/npm/${local.artifactory_registry_keys["npm"]} + registry = https://${var.jfrog_host}/artifactory/api/npm/${local.artifactory_repository_keys["npm"]} EOF jf rt curl /api/npm/auth >> .npmrc - # Configure the `pip` to use the Artifactory "pypi" registry. + # Configure the `pip` to use the Artifactory "python" repository. mkdir -p ~/.pip cat << EOF > ~/.pip/pip.conf [global] - index-url = https://${local.artifactory_username}:${artifactory_scoped_token.me.access_token}@${var.jfrog_host}/artifactory/api/pypi/${local.artifactory_registry_keys["python"]}/simple + index-url = https://${local.artifactory_username}:${artifactory_scoped_token.me.access_token}@${var.jfrog_host}/artifactory/api/pypi/${local.artifactory_repository_keys["python"]}/simple EOF EOT - # Set GOPROXY to use the Artifactory "go" registry. + # Set GOPROXY to use the Artifactory "go" repository. env = { - GOPROXY : "https://${local.artifactory_username}:${artifactory_scoped_token.me.access_token}@${var.jfrog_host}/artifactory/api/go/${local.artifactory_registry_keys["go"]}" + GOPROXY : "https://${local.artifactory_username}:${artifactory_scoped_token.me.access_token}@${var.jfrog_host}/artifactory/api/go/${local.artifactory_repository_keys["go"]}" } }