An Integration connects Pipelines to an external service/tool. Each integration type defines the endpoint, credentials and any other configuration detail required for Pipelines to exchange information with the service. All credential information is encrypted and held in secure storage, in conformance with best security practices.

Using Integrations

Integrations are most commonly used in resources to connect inputs and outputs to the external facility. They can also be referenced directly in many utility functions. Integrations can also be directly used as an input to a step.

Integrations are added through the JFrog Platform. For more information, see Managing Pipelines Integrations.

📘

Note

All passwords and keys used in integrations are secure and they are masked when printed.

Environmental Variables

A step that uses an integration can access the integration and its properties through environment variables. The form of the environment variable is:

int_<integration name>_<tag>

For example, if an Artifactory Integration or JFrog Platform Access Token Integration is named myArtifactory, then the environment variable int_myArtifactory_url might be used to send a notification:

steps:
  . . .

  - name: publish_go_binary
  type: GoPublishBinary
  configuration:
    inputSteps:
    - name: build_go
    targetRepository: my-go
    integrations:
    - name: myArtifactory
   execution:
     onSuccess:
       - send_notification notifySlack --text "Published Go binary to $int_myArtifactory_url"

For more information about using environment variables, see Pipelines Environment Variables.

Integration Types

The available integrations for JFrog Pipelines are:

• Airbrake Integration
• Artifactory Integration
• AWS Keys Integration
• Azure Keys Integration
• Bitbucket Integration
• Bitbucket Server Integration
• Digital Ocean Integration
• Distribution Integration
• Docker Registry Integration
• File Server Integration
• Generic Integration
• GitHub Enterprise Integration
• GitHub Integration
• GitLab Integration
• Google Cloud Integration
• Incoming Webhook Integration
• Jenkins Integration
• Jenkins Server Integration
• JFrog Platform Access Token Integration
• Jira Integration
• Kubernetes Integration
• NewRelic Integration
• Outgoing Webhook Integration
• PagerDuty Events Integration
• PEM Key Integration
• Slack Integration
• SMTP Credentials Integration
• Sonar Integration
• SSH Key Integration

Airbrake Integration

The Airbrake integration is used to connect Jfrog Pipelines to Airbrake for notifying deployments performed through Pipelines.

Creating an Airbrake Integration

You can add this integration by following steps on the Managing Pipelines Integrations page.

Here is the information you need to create an Airbrake integration:

• Name -- choose a friendly name for the integration
• Url -- Airbrake API endpoint. This is already hard-coded to https://airbrake.io/api/v4
• Token -- Airbrake API Token

Usage

The Airbrake integration can be used in the send_notification utility function.

Default Environment Variables for Airbrake

When you create a step that uses the integration in an inputIntegrations entity, a set of environment variables is automatically made available that you can use in your scripts.

Artifactory Integration

📘

Note

Artifactory Integration will be deprecated soon!

Artifactory Integration will be deprecated as announced in Artifactory version 7.47.10, hence we recommend migrating from Artifactory Integration to JFrog Platform Access Token Integration. Refer to Migrating to JFrog Platform Access Token Integration (Existing Artifactory Integration)").

The Artifactory Integration connects your JFrog Pipeline Automation platform to an installation of Artifactory to push artifacts including Docker images, and maintain build information.

Creating an Artifactory Integration

Add this integration by following steps on the Managing Pipelines Integrations page.

Here is the information you need to create this integration:

• Name -- Choose a friendly name for the integration

• Artifactory URL -- The Artifactory URL is automatically added for the user adding the integration. If required, you can manually enter the HTTP Endpoint (URL) for your JFrog Artifactory.

• User -- The Artifactory username is automatically added for the user adding the integration. If required, you can manually enter the username for your JFrog Artifactory.

• API key -- Your Artifactory API Key.

  Click Get API Key to automatically fetch API key for the user adding the integration. If the API key does not exist, a new one is generated. If required, you can manually enter the API key for your JFrog Artifactory.

Migrating to JFrog Platform Access Token Integration (Existing Artifactory Integration)

Pipelines is leveraging JFrog Platform Access Token Integration to integrate Artifactory by incorporating Artifactory URL to enhance Artifactory utilization through PAT.

Edit the existing Artifactory Integration to migrate to the JFrog Platform Access Token Integration. On successful migration, existing pipelines definition such as, steps and resources work as expected (the name of the integration remains the same thus avoiding any need for a change).

To migrate from Artifactory Integration to JFrog Platform Access Token Integration, follow these steps:

1. Go to Administration | Pipelines | Integrations.
2. Click Actions icon in line with the Integration you want to migrate to JFrog Platform Access Token Integration, and then click Edit.
3. Click Migrate.
4. Enter Platform Access Token, and then click Migrate.

Usage

With native steps: An Artifactory integration or JFrog Platform Access Token integration is mandatory in the integrations section of the following native steps:

• DockerBuild
• DockerPush
• GradleBuild
• MvnBuild
• NpmBuild
• NpmPublish
• PromoteBuild
• PublishBuildInfo
• GoBuild
• GoPublishBinary
• GoPublishModule

In resources: An Artifactory integration or JFrog Platform Access Token integration must/may be used in the following resources:

Mandatory

• Aql
• BuildInfo

Optional

• FileSpec
• Image
• RemoteFile

Default Environment Variables

When you add this integration directly to a step, a set of environment variables is automatically made available.

When you create an Aql, BuildInfo, or FileSpec resource with this integration, a set of environment variables is automatically made available in steps using that resource.

When you create an Image resource with this integration, a set of environment variables is automatically made available in steps using that resource.

When you create a RemoteFile resource with this integration, a set of environment variables is automatically made available in steps using that resource.

Examples

The following example creates a Docker image that is published to Artifactory. It assumes that an Artifactory integration named myArtifactory has been created.

• This example uses a values.yml file to store the pipeline definitions.
• In addition to the Artifactory integration, this example uses a GitHub Integration.
• For a full tutorial, see Pipeline Example: Docker Build and Push.

template: true   # required for local templates
valuesFilePath: ./values.yml

resources:
  - name: dbp_repo
    type: GitRepo
    configuration:
      gitProvider: {{ .Values.gitIntegration }}                      
      path: {{ .Values.gitRepositoryPath }} 
      branches:
        include: master

  - name: dbp_image
    type: Image
    configuration:
      registry: {{ .Values.artifactoryIntegration }}
      sourceRepository:  {{ .Values.sourceRespository }}
      imageName:  {{ .Values.artifactoryUrl }}/{{ .Values.sourceRepository }}/{{ .Values.imageName }}
      imageTag: latest
      autoPull: true
      
  - name: dbp_build_info
    type: BuildInfo
    configuration:
      sourceArtifactory: {{ .Values.artifactoryIntegration }}
      buildName: dbp_build
      buildNumber: 1    

  - name: dbp_promoted_build_info
    type: BuildInfo
    configuration:
      sourceArtifactory: {{ .Values.artifactoryIntegration }}
      buildName: dbp_build
      buildNumber: 1
      

pipelines:
  - name: pipeline_dbp
    steps:
      - name: docker_build
        type: DockerBuild
        configuration:
          affinityGroup: dbp_group          # affinity group string that is the same as specified in the DockerPush step
          dockerFileLocation: .
          dockerFileName: Dockerfile
          dockerImageName:  {{ .Values.artifactoryUrl }}/{{ .Values.sourceRepository }}/{{ .Values.imageName }}
          dockerImageTag: ${run_number}
          inputResources:
            - name: dbp_repo
          integrations:
            - name: {{ .Values.artifactoryIntegration }}

      - name: docker_push
        type: DockerPush
        configuration:
          affinityGroup: dbp_group          # affinity group string that is the same as specified in the DockerBuild step
          targetRepository: docker-local
          integrations:
            - name: {{ .Values.artifactoryIntegration }}
          inputSteps:
            - name: docker_build
          outputResources:
            - name: dbp_image

      - name: publish_dbp_build
        type: PublishBuildInfo
        configuration:
          inputSteps:
            - name: docker_push
          outputResources:
            - name: dbp_build_info

      - name: promote_dbp_build
        type: PromoteBuild
        configuration:
          targetRepository: demo-pipelines
          integrations:
            - name: {{ .Values.artifactoryIntegration }}
          inputResources:
            - name: dbp_build_info
          outputResources:
            - name: dbp_promoted_build_info

AWS Keys Integration

The AWS Keys integration is used to provide access and secret keys to AWS services in order to connect to JFrog Pipelines.

The AWS Keys integration is used to connect to AWS services that include:

• ECR
• ECS
• EC2
• S3
• Any other service that needs AWS Access and Secret keys to connect

Creating an AWS Keys Integration

You can add this integration by following steps on the Managing Pipelines Integrations page.

Here is the information you need to create this integration:

• Name -- choose a friendly name for the integration
• Access Key Id -- access key Id obtained from AWS
• Secret Access Key -- secret access key obtained from AWS

Usage

The AWS Keys integration can be used in the following resources:

• Image
• RemoteFile

An AWS Keys integration can also be added directly to a step in the integrations section. This automatically configures the AWS CLI with the access key and secret key.

You can use this integration in any workflow where you need to connect to AWS for some reason, such as provisioning infrastructure, deploying to AWS EC2 or Amazon ECS, etc.

Default Environment Variables

When you create an Image resource with this integration, a set of environment variables is automatically made available in steps using that resource.

When you create a Remote File resource with this integration, a set of environment variables is automatically made available in steps using that resource.

When you add this integration to a step directly, a set of environment variables is automatically made available.

Azure Keys Integration

The Microsoft Azure Integration is used to connect JFrog Pipelines to Microsoft Azure to manage cloud services and entities.

This integration uses a password-based authentication service principal for connecting to and commanding your Azure cloud service. You must create an Azure service principal for this purpose, and provide the generated keys to this integration.

For example, using the Azure CLI service principal creation function:

az ad sp create-for-rbac --role="Contributor" --scopes="/subscriptions/SUBSCRIPTION_ID"

will produce the needed key values:

Creating an Azure Keys Integration

You can add this integration by following steps on the Managing Pipelines Integrations page.

Here is the information you need to create this integration:

• Name -- choose a friendly name for the integration
• App Id -- the appId key used for service principal authentication.
• Password -- the password key used for service principal authentication.
• Tenant -- the tenant key used for service principal authentication.

Usage

An Azure Keys integration can be used in Bash steps for access to its properties through environment variables. This integraton cannot currently be used with any resources.

Make sure that your service principal has adequate permission to perform whatever actions you plan to take in your custom script. This could mean ACR reader role to pull images, AKS contributor to create deployments, etc.

📘

Required for Dynamic Nodes

In order for Pipelines to run dynamic node pools on Azure, you will need to accept Azure Marketplace image terms so that the JFrog Pipelines buildplane VM images can be used. The following Azure CLI commands must be run with the Azure service principal used by this integration:

az vm image terms accept --plan x86_64-ubuntu_16_04 --offer pipelines-buildplane --publisher jfrog
az vm image terms accept --plan x86_64-ubuntu_18_04 --offer pipelines-buildplane --publisher jfrog
az vm image terms accept --plan x86_64-centos_7 --offer pipelines-buildplane --publisher jfrog
az vm image terms accept --plan x86_64-windows_server_2019 --offer pipelines-buildplane --publisher jfrog

Default Environment Variables

When you create a resource with this integration, a set of environment variables is automatically made available.

Digital Ocean Integration

Digital Ocean Integration is used to connect JFrog Pipelines to Digital Ocean to interact with its cloud services in order to provision machines.

Creating a Digital Ocean Integration

You can add this integration by following steps on the Managing Pipelines Integrations page.

Here is the information you need to create this integration:

• Name -- choose a friendly name for the integration
• Token -- Token to connect to the Digital Ocean API

Usage

The Digital Ocean integration can be added directly to a step in the integrations section.

Default Environment Variables

When you add this integration to a step, a set of environment variables is automatically made available.

Bitbucket Integration

A Bitbucket Integration is used to connect the JFrog Pipelines platform to bitbucket.org.

Creating a Bitbucket Integration

You can add this integration by following the steps on the Managing Pipelines Integrations page.

Here is the information you need to create this integration:

• Name -- choose a friendly name for the integration
• URL -- Bitbucket API endpoint. This is already hard-coded to https://api.bitbucket.org
• User Name -- Username to connect to Bitbucket. This is the username found on the account settings page (Personal Settings → Bitbucket profile settings), and not your email Id or display name.
• Token -- Bitbucket token with the permissions needed to run your commands

📘

Note

Bitbucket integration requires the following permissions:

• Account: Read
• Pull requests: Read
• Workspace membership: Read
• Projects: Read
• Repositories: Admin
• Webhooks: Read and Write

Usage

The Bitbucket integration can be used with the GitRepo resource.

The Bitbucket integration can also be added directly to a step in the integrations section.

Default Environment Variables

When you create a resource with this integration, and create a step that uses it in the inputResources section, a set of environment variables is automatically made available.

When you add this integration directly to a step, a set of environment variables is automatically made available.

Bitbucket Server Integration

A Bitbucket Server Integration is used to connect the JFrog Pipelines platform to an installation of Bitbucket Server.

Creating a Bitbucket Server Integration

You can add this integration by following steps on the Managing Pipelines Integrations page.

Here is the information you need to create this integration:

• Name -- choose a friendly name for the integration
• URL -- Bitbucket Server API endpoint. For example: https://bitbucket.myserver.com/
• User Name-- username to connect to Bitbucket Server
• Password -- password for the user account on Bitbucket Server

📘

Note

Bitbucket Server integration requires Admin permission for repositories.

Usage

The Bitbucket Server integration is most commonly used with the GitRepo resource or while adding a Pipeline source.

The Bitbucket Server integration can also be added directly to a step in the integrations section.

✅

URL Specification

When a Bitbucket Server repository is part of a project, the URL uses the project key rather than the project name. So if the "Teams in Space" project key is TIS, then the "buildPipe" repository in that project is addressed as TIS/buildpipe.

When a Bitbucket Server repository is a personal repository, the '~' (tilde) character must precede the user slug in the URL. For example: ~janedoe/test.

For additional information, see Atlassian Stash REST API Reference.

Default Environment Variables

When you create a resource with this integration, and create a step that uses it in the inputResources section, a set of environment variables is automatically made available.

When you add this integration directly to a step, a set of environment variables is automatically made available.

Distribution Integration

The Distribution Integration connects your JFrog Pipeline Automation platform to a Distribution instance.

Creating a Distribution Integration

Add this integration by following steps on the Managing Pipelines Integrations page.

Here is the information you need to create this integration:

• Name -- Choose a friendly name for the integration

• Distribution URL -- The Distribution URL is automatically added for the user adding the integration. If required, you can manually enter the HTTP Endpoint (URL) for your JFrog Distribution.

• User -- The Distribution username is automatically added for the user adding the integration. If required, you can manually enter the username for your JFrog Distribution.

• API Key -- Your Distribution API key.

  Click Get API Key to automatically fetch API key for the user adding the integration. If the API key does not exist, a new one is generated. If required, you can manually enter the API key for your JFrog Distribution.

• Signing Key Passphrase -- Your optional GPG signing key passphase.

Usage

A Distribution integration is used in the following resources:

• DistributionRule
• ReleaseBundle

Default Environment Variables

When you create a DistributionRule or ReleaseBundle resource with this integration, a set of environment variables is automatically made available that you can use in your scripts.

When you add this integration directly to a step, a set of environment variables is automatically made available that you can use in your scripts.

Examples

This example uses a BuildInfo resource to create, sign and distribute a release bundle. It assumes that a Distribution integration named myDist has been created.

• In addition to the Distribution integration, this example requires an Artifactory integration or JFrog Platform Access Token Integration.

CreateReleaseBundle

template: true   # required for local templates
valuesFilePath: ./values.yml

resources:
  # Build info of first build to bundle
  - name: gosvc_promoted_build_info
    type: BuildInfo
    configuration:
      sourceArtifactory: {{ .Values.myArtifactoryIntegration }}
      buildName: svc_build
      buildNumber: 1

  # Build info of second build to bundle
  - name: appl_promoted_build_info
    type: BuildInfo
    configuration:
      sourceArtifactory: {{ .Values.demoArtifactoryIntegration }}
      buildName: backend_build
      buildNumber: 1

  # Release bundle
  - name: release_bundle
    type: ReleaseBundle
    configuration:
      sourceDistribution: {{ .Values.distributionIntegration }}
      name: demo_rb
      version: v1.0.0

  # Signed version of the same release bundle
  - name: signed_bundle
    type: ReleaseBundle
    configuration:
      sourceDistribution: {{ .Values.distributionIntegration }}
      name: demo_rb
      version: v1.0.0

  # Distribution rules
  - name: distribution_rules
    type: DistributionRule
    configuration:
      sourceDistribution: {{ .Values.distributionIntegration }}
      serviceName: "*"
      siteName: "*"
      cityName: "*"
      countryCodes:
        - "CN"
        - "GB"

pipelines:
  - name: demo_release_mgmt
    steps:
      - name: bundle
        type: CreateReleaseBundle
        configuration:
          releaseBundleName: demo_rb
          releaseBundleVersion: v1.0.${run_number}
          dryRun: false
          sign: false
          description: "some random test description"
          inputResources:
            - name: gosvc_promoted_build_info
              trigger: true
            - name: appl_promoted_build_info
              trigger: true
          outputResources:
            - name: release_bundle
          releaseNotes:
            syntax: markdown
            content: |
              ## Heading
                * Bullet
                * Points
            
      - name: sign
        type: SignReleaseBundle
        configuration:
          inputResources:
            - name: release_bundle
          outputResources:
            - name: signed_bundle

      - name: distribute
        type: DistributeReleaseBundle
        configuration:
          dryRun: false
          inputResources:
            - name: signed_bundle
            - name: distribution_rules

Docker Registry Integration

The Docker Registry Integration is used to connect the JFrog Pipelines platform to Docker Hub, Docker Trusted Registry, or a Docker registry in Artifactory so that you can pull and push Docker images.

Creating a Docker Registry Integration

You can add this integration by following steps on the Managing Pipelines Integrations page.

Here is the information you need to create this integration:

• Name -- choose a friendly name for the integration
• url -- an optional field that defaults to Docker Hub if left empty. To use with Docker Trusted Registry or Docker Private Registry, enter the location of your private registry. Format https://foo.com
• User Name -- username of your Docker Registry Account
• Password -- password of your Docker Registry Account

Usage

The Docker Registry integration can be used in the Image resource.

The Docker Registry integration can also be added directly to a step in the integrations section. This automatically configures the Docker CLI with access to the registry.

Default Environment Variables

When you create a resource with this integration, and create a step that uses it, a set of environment variables is automatically made available.

When you add this integration directly to a step, a set of environment variables is automatically made available.

Example

• This example uses a Docker Registry integration named myDocker, which is used in the Image_1 resource.

resources:  
  - name: Image_1
    type: Image 
    configuration:         
      registry: myDocker              
      imageName: docker/jfreq_win             
      imageTag: latest  
      autoPull: true

pipelines:
  - name: pipelines_Image_1
    steps:
      - name: step_Image_1
        type: PowerShell
        configuration:
          nodePool: win_2019
          inputResources:
            - name: Image_1
        execution:
          onExecute:
            - write_output "executing step..."
            - if($Image_1_isTrigger -ne "true"){
              Write-Error "Stop" -ErrorAction Stop
              }

File Server Integration

The File Server integration is used to connect JFrog Pipelines a remote File server to download and upload files.

Creating a File Server Integration

You can create this from the integrations page by following instructions here: Managing Pipelines Integrations.

This is the information you would require to create this integration:

• Name -- choose a friendly name for the integration
• Protocol -- select FTP, SFTP, or SMB
• url -- the URL of your file server
• User Name -- username for access to the file server
• Password -- password for access to the file server

Usage

A File Server integration is required for the source tag of the RemoteFile resource.

Default Environment Variables

When you create a resource with this integration, a set of environment variables is automatically made available that you can use in your scripts.

Generic Integration

A Generic integration is used to store key/value information that can be accessed in steps as environment variables. Because all integration properties are stored in a secure, encrypted vault, this is suitable for storing secrets such as username/password credentials.

Creating a Generic Integration

You can add this integration by following steps on the Managing Pipelines Integrations page.

Here is the information you need to create this integration:

• Name -- choose a friendly name for the integration
• Custom Environment Variables -- the Key and Value pair to store. Select Secure to secure the custom environment variable.

You can add as many key-value pairs as you need in the integration by clicking Add for each.

Usage

The Generic integration can be added directly to a step in the integrations section.

Default Environment Variables

When you add this integration to a step, All key-value pairs are made available as environment variables.

Example

You can define a Generic integration with the following entries:

• Name: myCredentials

• Custom Environment Variables:

  • Key: username
  • Value: janedoe
  • Key: password
  • Value: nAm30fMyp3t

When myCredentials is specified in a step's integrations block, the key-value pairs stored there can then be accessed in the step as environment variables:

📘

Note

Export generic integration key values as it is. Use as <key> instead of <int>_<integration-name>_<key>. Can be achieved using API only. Pass "exportKey": true, while creating/updating api/v1/projectIntegrations.

pipelines:
  - name: generic_integration_example
    steps:
    - name: step_1
      type: Bash
      configuration:
        integrations:
          - name: exportWithKey14856
          - name: myCredentials
      execution:
        onExecute:
          - printenv $int_myCredentials_username
          - printenv $int_myCredentials_password
          - withkey=${exportWithKey} #
          - echo $withkey

GitHub Integration

The GitHub Integration is used to connect the JFrog Pipelines platform to GitHub.

📘

Note

JFrog and Github have announced a strategic partnership to unify code and binary management:

• Read about JFrog's partnership with GitHub to Unify Code and Binaries for DevSecOps
• See How to Connect the JFrog Platform to Your GitHub Environment as part of this partnership

Creating a GitHub Integration for Pipelines

You can add this integration by following steps on the Managing Pipelines Integrations page.

Here is the information you need to create this integration:

• Name -- Choose a friendly name for the integration

• url -- Your GitHub API endpoint. This is already hard-coded to https://api.github.com

• Token -- Your GitHub personal access token with the permissions needed to run your jobs

📘

Token permissions

To use this integration as a pipeline source, your token must be granted these permissions at minimum:

• repo (all)
• admin:repo_hook (read, write)
• admin:public_key (read, write)

Additionally, if your organization uses SAML single sign-on, you will need to authorize your token.

• HTTP Header -- Optional. Use the key and value fields to provide the name and value for the custom HTTP header you would like to pass in the HTTP requests for Git clone events.

Usage

The GitHub integration can be used in the Pipelines GitRepo resource.

The GitHub integration can also be added directly to a step in the integrations section. For more information on Pipeline steps, see Pipelines Steps.

Default Environment Variables

When you create a resource with this integration, and create a step that uses it, a set of environment variables is automatically made available.

When you add this integration directly to a step, a set of environment variables is automatically made available.

Examples

This example shows how to configure an NpmBuild step using default locations and default commands. It assumes that a GitHub integration named myGithub has been created.

• This example uses a values.yml file to store the pipeline definitions.
• The YAML for this example is available in this repository in the JFrog GitHub account.
• For more information about running this example, see Pipeline Example: Npm Build.

NpmBuild

# This config file is templatized so that it can be easily customized. Values can be provided with a values.yml file.
template: true   # required for local templates
valuesFilePath: ./values.yml

resources:
  - name: npm_repo_jfp_example
    type: GitRepo
    configuration:
      # SCM integration where the repository is located
      gitProvider: {{ .Values.myRepo.gitProvider }}
      # Repository path, including org name/repo name
      path: {{ .Values.myRepo.path }}
      branches:
        # Specifies which branches will trigger dependent steps
        include: master

  - name: npm_buildinfo_jfp_example
    type: BuildInfo
    configuration:
      sourceArtifactory: demoArt

pipelines:
  - name: npm_pipeline_jfp_example
    steps:
      - name: npm_build_step
        type: NpmBuild
        configuration:
          repositoryName: npm-virtual      # required, npm repository name on artifacctory
          sourceLocation: .      # required, location of package.json file
          integrations:
            - name:  demoArt  # required
          inputResources:
            - name: npm_repo_jfp_example         # required

GitHub Enterprise Integration

The GitHub Enterprise Integration is used to connect JFrog Pipelines to your instance of GitHub Enterprise Server.

Creating a GitHub Enterprise Integration

You can add this integration by following steps on the Managing Pipelines Integrations page.

Here is the information you need to create this integration:

• Name -- choose a friendly name for the integration

• url -- location of your GHE server API. The format is https://(GitHub Enterprise URL)/api/v3

• Token -- your GitHub personal access token with the permissions needed to run your job

📘

Token permissions

To use this integration as a pipeline source, your token must be granted these permissions at minimum:

• repo (all)
• admin:repo_hook (read, write)
• admin:public_key (read, write)

Additionally, if your organization uses SAML single sign-on, you will need to authorize your token.

Usage

The GitHub Enterprise integration can be used in the GitRepo resource.

The GitHub Enterprise integration can also be added directly to a step in the integrations section.

Default Environment Variables

When you create a resource with this integration, and create a step that uses the resource, a set of environment variables is automatically made available.

When you add this integration directly to a step, a set of environment variables is automatically made available.

GitLab Integration

The GitLab Integration is used to connect JFrog Pipelines to your instance of GitLab so that you can run builds for your repositories hosted there.

📘

Note

Pipelines does not support GitLab subgroups.

Creating a GitLab Integration

You can add this integration by following steps on the Managing Pipelines Integrations page.

Here is the information you need to create this integration:

• Name -- choose a friendly name for the integration

• URL -- location of your GitLab API. The URL should be in the format https://(GitLab URL)/api/(api version). For example, if you're using gitlab.com, this will be https://gitlab.com/api/v4. Please note that if you're using Gitlab version 9.0 or later, you should use v4 for api version. If you're using Gitlab version 8.17 or earlier, you should use v3 for api version. API v3 is unsupported from Gitlab 9.5 according to this Gitlab notice

• Token -- GitLab private token with the right levels of permission

📘

Note

Token Permissions

To use this integration as a pipeline source, your token must be granted these scopes at minimum:

• api
• write_repository

Additionally, if your organization uses SAML single sign-on, and you want your tokens to work with the SAML, you will have to configure it.

Usage

The GitLab integration can be used in the GitRepo resource.

The GitLab integration can also be added directly to a step in the integrations section.

Default Environment Variables

When you create a resource with this integration, and create a step that uses it, a set of environment variables is automatically made available.

When you add this integration directly to a step, a set of environment variables is automatically made available.

Google Cloud Integration

The Google Cloud Integration is used to connect JFrog Pipelines to Google Cloud and manage entities and services provided by Google Cloud.

Creating a Google Cloud Integration

You can add this integration by following steps on the Managing Pipelines Integrations page.

This is the information you would require to create this integration:

• Name -- choose a friendly name for the integration
• JSON Key -- JSON Security Key for Google Cloud

Usage

The Google Cloud integration can be used in the following resources:

• Image
• RemoteFile

The Google Cloud integration can also be added directly to a step in the integrations section.

Default Environment Variables

When you create an Image resource with this integration, and create a step that uses the resource, a set of environment variables is automatically made available.

When you create a Remote File resource with this integration, and create a step that uses the resource, a set of environment variables is automatically made available.

When you add this integration directly to a step, a set of environment variables is automatically made available.

Jenkins Integration

The Jenkins Integration is used to connect the JFrog Pipelines platform to Jenkins. This will enable a Jenkins build job to trigger execution of a pipeline in Pipelines.

📘

Deprecated

As of Pipelines 1.6.0, this integration is deprecated and unavailable for new use. Pipelines using this integration will still function, but it has been retired in favor of the Jenkins Server Integration.

Creating a Jenkins Integration

You can add this integration by following steps on the Managing Pipelines Integrations page.

Here is the information you need to create this integration:

• Name -- choose a friendly name for the integration
• url -- enter the HTTP endpoint (URL) of your Jenkins
• callback user -- JFrog Platform username to use for basic authentication in the callback URL to Pipelines
• callback password -- JFrog Platform user password

Usage

The Jenkins integration can be used in the BuildInfo resource.

A Jenkins integration can be added directly to a step in the integrations section to access its environment variables.

Once the integration has been created, it provides the format of the callback URL and curl command lines that your Jenkins job must invoke to trigger execution of a pipeline in Pipelines.

Default Environment Variables

When you add this integration directly to a step, a set of environment variables is automatically made available.

Jenkins Server Integration

The Jenkins Integration is used to connect the JFrog Pipelines platform to Jenkins through the Jenkins Artifactory Plugin.

📘

Note on plugin deprecation

The Jenkins Artifactory Plugin is deprecated for general CI/CD use. It remains required for JFrog Pipelines ↔ Jenkins integration because the callback and bearer-token configuration depend on this plugin. For new Jenkins pipelines that do not use Pipelines integration, use the Jenkins JFrog Plugin instead.

Creating a Jenkins Server Integration

You can add this integration by following steps on the Managing Pipelines Integrations page.

Here is the information you need to create this integration:

• Name -- choose a friendly name for the integration
• url -- enter the HTTP endpoint (URL) of your Jenkins server
• Jenkins user -- the Jenkins account user name
• Jenkins API token -- the Jenkins user's API token for authentication
• Token to configure Jenkins Plugin -- generate the required Token to configure Jenkins Plugin to complete the integration.

📘

Note

For information about using the Jenkins server integration, see Using Jenkins With Pipelines.

Usage

The Jenkins Server integration can be used with the Jenkins native step. Operation requires that the Jenkins Artifactory Plugin be installed in your Jenkins server.

For Jenkins to successfully interoperate with Pipelines, a bearer token generated by Pipelines must be provided to the required plugin for authentication of your JPD user account.

Configuration

To complete the Jenkins Server integration and connect it to the Jenkins Artifactory Plugin:

1. In the Jenkins Server Integration UI, enter the required configuration information.

2. Next to the field Token to configure Jenkins Plugin, click Generate.

   

3. Once the token is generated, click Copy to Clipboard.

   

4. In the Jenkins Artifactory Plugin configuration, in the JFrog Pipelines server section, Add the token to the Credentials*.***, pasting the value from your clipboard.

5. Return to Pipelines, and open the Jenkins Server Integration again for editing. You should now see a Callback URL presented. Click Copy webhook url to clipboard.

   

6. In the Jenkins Artifactory Plugin configuration, past this URL into the Integration URLfield.

   

Default Environment Variables

When you add this integration directly to a step, a set of environment variables is automatically made available.

JFrog Platform Access Token Integration

The JFrog Platform Access Token integrationgives steps the ability to utilize an access token to interact with different pieces of the JFrog platform. These tokens can be used for many of JFrog's REST APIs, including the Pipelines API. This integration is also required when using the TriggerPipeline native step.

Creating a JFrog Platform Access Token Integration

Add this integration by following steps on the Managing Pipelines Integrations page.

Here is the information you need to create this integration:

• Name -- Choose a friendly name for the integration

• Platform URL -- The Platform URL is automatically added for the user adding the integration. If required, you can manually enter the HTTP Endpoint (URL) for your JFrog Platform.

• Access Token-- Your Artifactory API Key. You can automatically generate a token that represents the logged in user from the User Profile page, or you can follow the Access Tokens documentation to create a more nuanced token with particular scopes.

  When creating an Access Token, ensure that Token scope and User name are Admin.

  

Usage

With native steps: An Artifactory integration or JFrog Platform Access Token integration is mandatory in the integrations section of the TriggerPipeline native step:

Default Environment Variables

When you add this integration directly to a step, a set of environment variables is automatically made available.

Example

pipelines:
- name: myPipeline
  steps:
    - name: scan_controller
      type: TriggerPipeline
      configuration:
        pipelineName: steptarget
        stepName: scanIt
        integrations:
          - name: myPlatformToken
        environmentVariables:
          scan_target:
            default: "hello-world"
            allowCustom: true
            values:
              - "vault"
              - "redis"
              - "postgresql"
      execution:
        onStart:
          - set_trigger_payload pipelineVariables "scan_target=${scan_target}"
          - set_trigger_payload stepVariables "notify=email" "uploadReport=true"         
        onComplete:
          - echo "Final status is $nested_run_status"

Jira Integration

A Jira integration is required to create issues on Jira server from JFrog Pipelines steps.

Adding an Jira Integration

You can add this integration by following steps on the Managing Pipelines Integrations page.

Here is the information you need to create this integration:

• Name -- choose a friendly name for the integration
• Url -- Jira URL (for example, https://jira.mycompany.com)
• Username -- account username/email used for login
• Token/Password -- either a Jira API Token for the account with permissions on the Jira REST APIs (for Jira Cloud), or the account password (for Jira Server)

Usage

The Jira integration can be added directly to a step in the integrations section.

The send_notificationutility function can be used with a Jira integration to create an issue in Jira. For example, if a deployment fails, a ticket can be created in Jira through this integration. For more information, see Creating Jira Issues From Pipelines.

Default Environment Variables

When you add this integration to a step, a set of environment variables is automatically made available.

Example

The following example pipeline demonstrates the use of the send_notification utility function to create a Jira issue (ticket).

• In addition to the Jira integration, this example uses an Artifactory Integration or JFrog Platform Access Token Integration.

• This example sets environment variables for the project-id and type options.

• This example performs a MvnBuild native step, which produces a log file.

• On failure, this example uses the send_notification utility function to create the JIra ticket. The command line:

  • Relies on the environment variables for the project-id and type options
  • Attaches the log file produced by Maven to the Jira issue
  • Specifies the summary and description options using standard environment variables

resources:
  - name: my_repo
    type: GitRepo
    configuration:
      gitProvider: MyGithub
      path: myrepo/myproject

pipelines:
  - name: jira_ticket_example
    configuration:
      environmentVariables:
        readOnly:
          NOTIFY_PROJECT_ID: "DEMO"            # Jira project key for all tickets we create
          NOTIFY_TYPE: "Bug"                   # Jira issue type for all tickets we create
    steps:
    ### with jira for log attachment
      - name: BuildSample
        type: MvnBuild
        configuration:
          sourceLocation: artifactory-maven-plugin-example
          configFileLocation: .
          configFileName: config
          mvnCommand: "install -P release --log-file ${step_tmp_dir}/log.txt"
          inputResources:
            - name: my_repo
          integrations:
            - name: myArtifactory
            - name: myJira
        execution:
          onFailure:
            - send_notification myJira --attach-file "$step_tmp_dir/log.txt" --description "Failure occured in $pipeline_name - $step_name" --summary "$step_name has failed"

Incoming Webhook Integration

An Incoming Webhook Integration is used to receive a webhook from an external system (for example, GitHub) to trigger a pipeline step.

Creating an Incoming Webhook Integration

You can add this integration by following steps on the Managing Pipelines Integrations page.

Here is the information you need to create this integration:

• Name -- choose a friendly name for the integration

• Authorization Type -

  select hmac, basic, or authorization

• Secret -- secret to use with hmac authType

• User Name -- username to use with basic authType to trigger the webhook

• Password -- password for the user to trigger the webhook for basic authType

• Authorization -- authorization to use with authorization authType to trigger the webhook

Incoming Webhook URL

When an Incoming Webhook integration is created, it generates a unique webhook URL that can be used to post information into any resource that is associated with the integration.

Usage

Incoming Webhook can be used in the Incoming Webhook resource.

The Incoming Webhook integration can also be added directly to a step in the integrations section.

Default Environment Variables

When you create a resource with this integration, and create a step that uses it, a set of environment variables is automatically made available.

When you add this integration directly to a step, a set of environment variables is automatically made available.

Example

• This example uses an Incoming Webhook Integration named MyIncomingWebhookIntegration. The unique Webhook URL this integration creates can be used to post information into any resource that is associated with the integration. In this example, this integration is used in the resource named MyIncomingWebhookResource. To trigger the ExampleStepstep, the resourceMyIncomingWebhookResource is used as an input resource in the step.

resources:
  - name:               MyIncomingWebhookResource
    type:               IncomingWebhook
    configuration:
      webhookName: MyIncomingWebhookIntegration

pipelines:
  - name: ExamplePipeline
    steps:
    - name: ExampleStep
      type: Bash
      configuration:
        inputResources:
          - name: MyIncomingWebhookResource
      execution:
          onExecute:
            - echo "$res_MyIncomingWebhookResource_payload" | jq '.' > payload.json
            - read_json payload.json "LESSER_SECRET_FORMULA"

Kubernetes Integration

The Kubernetes Integration is used to connect JFrog Pipelines platform to self-hosted Kubernetes clusters so that you can deploy Docker based applications.

A Kubernetes integration can be used for these purposes:

• To deploy builds to nodes in Kubernetes clusters from pipelines using a HelmChart resource with the HelmDeploy step.
• To enable Pipelines to create and destroy build nodes in Kubernetes clusters on demand through a dynamic node pool.

Creating a Kubernetes Integration

Kubernetes Integration can be added as:

• A Pipeline integration, to use Kubernetes for deploying builds from a pipeline
• An Admin integration, to use Kubernetes for a dynamic node pool

For more information, see Adding an Integration.

Here is the information you need to create this integration:

• Name -- choose a friendly name for the integration

• Kube Config -- configuration YAML to access Kubernetes cluster

📘

Note

The Kube Config file should include the following permissions:

• Create/scale/destroy Deployments

• Create/delete PVCs

• Create/delete Secrets

• Create/delete ConfigMaps

  Note that ConfigMaps is required only when user is using the insecure docker registries feature.

✅

Tip

If you encounter issues, consider simplifying your kubeconfig file by including just one context and user, as having multiple contexts and users can lead to problems.

Usage

The Kubernetes integration can also be added directly to a step in the integrations section. This automatically configures the kubectl command line interface with access to the Kubernetes cluster.

Default Environment Variables

When you create a resource with this integration, and create a step that uses it, a set of environment variables is automatically made available.

When add this integration directly to a step, a set of environment variables is automatically made available.

NewRelic Integration

A NewRelic integration is used to connect JFrog Pipelines to NewRelic for recording deployments.

Creating a NewRelic Integration

You can add this integration by following steps on the Managing Pipelines Integrations page.

Here is the information you need to create this integration:

• Name: choose a friendly name for the integration
• URL: NewRelic API endpoint. This is already hard-coded to https://api.newrelic.com/v2.
• Token: NewRelic API Token

Usage

The NewRelic integration can be added directly to a step in the integrations section.

The send_notification utility function can be used with a NewRelic integration to send a notification message.

Default Environment Variables

When you add this integration to a step, a set of environment variables is automatically made available.

Outgoing Webhook Integration

An Outgoing Webhook Integration is used by JFrog Pipelines to send webhook to an external system to trigger events on that system.

Creating a Webhook Integration

You can add this integration by following steps on the Managing Pipelines Integrations page.

Here is the information you need to create this integration:

• Name -- choose a friendly name for the integration

• Webhook URL -- URL of endpoint to receive the payload

• Authorization Type -

  select hmac, basic, or authorization

• Secret -- secret to use with hmac authType

• User Name -- username to use with basic authType for invoking the webhook

• Password -- password for the user to use with basic authType

• Authorization -- authorization to use with authorization authType for invoking the webhook in the external system

Usage

Outgoing Webhook integration can be used in the Outgoing Webhook resource.

The Outgoing Webhook integration can also be added directly to a step in the integrations section.

Default Environment Variables

When you create a resource with this integration, and create a step that uses it, a set of environment variables is automatically made available.

When you add this integration directly to a step, a set of environment variables is automatically made available.

Example

• This example uses an Outgoing Webhook Integration named MyOutgoingWebhookIntegration, which is used in the resource named My_OutHook_formurl_Resource. The step my_send_hook_formurl uses this resource as an output resource to send a payload to the endpoint specified in the integration.

Outgoing Form URL Webhook

resources:
  - name: My_OutHook_formurl_Resource
    type: OutgoingWebhook
    configuration:
      webhookName: MyOutgoingWebhookIntegration
      path: /url
      headers:
        content-type: application/x-www-form-urlencoded

pipelines:
  - name: ExamplePipeline
    steps:
      - name: my_send_hook_formurl
        type: Bash
        configuration:
          outputResources:
            - name: My_OutHook_formurl_Resource
        execution:
          onExecute:
            - echo "hello world"
            - formUrlEncodedPayload="foo=bar&runNumber=$run_number&stepName=$step_name"
            - set_payload My_OutHook_formurl_Resource "$formUrlEncodedPayload"

PagerDuty Events Integration

The PagerDuty Events integration is used to connect JFrog Pipelines platform to PagerDuty for notifying events.

Creating a Pager Duty Events Integration

You can add this integration by following steps on the Managing Pipelines Integrations page.

Here is the information you need to create an PagerDuty Events integration:

• Name -- choose a friendly name for the integration.
• Token -- PagerDuty integration key/token.

Usage

The PagerDuty integration can be used in the send_notification utility function.

Default Environment Variables

When you add this integration directly to a step, a set of environment variables is automatically made available.

Example

• This example uses a PagerDuty integration named myPagerDuty.
• The send_notification utility function is used to send an onExecutenotification.

Sending notifications

pipelines:
  - name: pipeline_pd
    steps:
      - name: bash_pagerduty_success
        type: Bash
        configuration:
          integrations:
            - name: myPagerDuty
        execution:
          onStart:
            - echo "starting"
          onExecute:
            - send_notification myPagerDuty -text "hello world from JFrog Pipelines run number $run_number"

PEM Key Integration

The PEM Key Integration is used to connect JFrog Pipelines to VMs that allow PEM-based authorization. This is typically used to SSH in and then run commands on the machine. Tools like Terraform and Ansible use this to execute scripts on a machine.

Creating a PEM Key Integration

You can add this integration by following steps on the Managing Pipelines Integrations page.

Here is the information you need to create this integration:

• Name -- choose a friendly name for the integration
• Key -- encrypted Key in PEM format

Note: The PEM Key must be generated without passphrase.

Usage

The PEM Key integration can be added directly to a step in the integrations section.

Default Environment Variables

When you add this integration to a step, a set of environment variables is automatically made available.

Slack Integration

A Slack integration is required to send notifications to Slack channels or rooms for pipeline events (to learn more about the Slack integration, see Artifactory and Xray Integration with Slack).

Creating a Slack Integration

• Follow instructions in the Slack docs to create an incoming webhook. While you should specify a default or popular channel while creating the webhook, it can be overriden in your pipeline source when needed.

• Copy the text in the Webhook URL section. It looks like this:

  https://hooks.slack.com/services/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

• To add your integration, follow steps on the Managing Pipelines Integrations page.

  Here is the information you need to create this integration:

  • Name -- choose a friendly name for the integration
  • Webhook url -- Webhook URL to your Slack channel

Usage

The Slack integration can be added directly to a step in the integrations section.

The send_notification utility function can be used with a Slack integration to send a notification message.

For more information, see Sending Notifications from Pipelines.

Default Environment Variables

When you add this integration to a step, a set of environment variables is automatically made available.

Example

• This example uses a Slack integration named mySlack.
• The send_notification utility function is used to send the onStartandonExecutenotifications.

Sending notifications

pipelines:
  - name: pipe1
    steps:
      - name: test_step_1
        type: Bash
        configuration:
          integrations:
            - name: mySlack       # This is the name of the Slack integration you created in your test instance
        execution:
          onStart:
            - send_notification mySlack --text "starting test_step_1"         # replace 'mySlack' with the name of your Slack integration
          onExecute:
            - send_notification mySlack --text "onExecute, past test commands"  # replace 'mySlack' with the name of your Slack integration
          onSuccess:
            - send_notification mySlack      # without '--text' to send a generic notification that includes the pipeline name and step name

SMTP Credentials Integration

An SMTP Credentials integration is used to send notifications for pipeline events using SMTP email.

Creating an SMTP Credentials Integration

To add this integration, follow the steps on the Managing Pipelines Integrations page.

Here is the information you need to create this integration:

• Name -- choose a friendly name for the integration
• Host -- endpoint to receive the payload
• Port -- port to use to send the email
• Host Name -- optional identifying label for the email
• Email Sender -- optional sender email address
• Email Auth User -- optional username for authorization to send the email
• Email Auth Password -- optional password for authorization to send the email
• Proxy -- optional proxy setting for the email server
• Secure -- optional secure option to connect to the email server
• ignoreTLS -- optional TLS option to connect to the email server without using TLS

Usage

The SMTP Credentials integration can be added directly to a step in the integrations section.

The send_notification utility function can be used with a SMTP Credentials integration to send a notification message.

Example:

Default Environment Variables

When you add this integration to a step, a set of environment variables is automatically made available.

Example

• This example uses an SMTP Credentials integration named notifySMTP.
• The send_notification utility function is used to send the onSuccess and onFailure notifications.
• The YAML for this example is available in this repository in the JFrog GitHub account.

Sending notifications

pipelines:
  - name: smtp_pipe
    steps:
      - name: test_step_1
        type: Bash
        configuration:
          integrations:
            - name: notifySMTP       # replace with friendly name of your SMTP Credentials integration
        execution:
          onSuccess:
            # replace 'notifySMTP' with the name of your SMTP Credentials integration
            - send_notification notifySMTP --recipients "[email protected]" --subject "Build Succeeded" --body "built docker image 112.32.101.173:8081/docker-local/demo:$PIPELINE_NAME.$RUN_NUMBER"
          onFailure:
            # replace 'notifySMTP' with the name of your SMTP Credentials integration
            - send_notification notifySMTP --recipients "[email protected]" --subject "Build Failed" --body "Failed docker image 112.32.101.173:8081/docker-local/demo:$PIPELINE_NAME.$RUN_NUMBER"

Sonar Integration

The Sonar Integration connects the JFrog Pipelines platform to Sonar for code analysis and write clean code.

This integration is explained using GitHub Integration (to connect pipelines.yml and Source Code to scan for code analysis) and Artifactory Integration or JFrog Platform Access Token Integration (will be deprecated soon) to use custom Docker image with SonarScanner CLI. They are optional and you can use alternative mechanisms that suit your project needs.

The following diagram illustrates the high-level overview of Integrations, Source and Pipeline.

Resources

The Sonar Integration must be used with CodeAnalysis Resource as mentioned in the example below.

The Code Analysis helps in:

• Capturing Sonar Scan report.
• Capturing Sonar Metrics
• Linking Sonar Metrics with a Git Commit via Run, if used with a Git Resource.

  - name: maven_app_sonar_report                              # name of the resource
    type: CodeAnalysis                                        # codeAnalysis resource to capture sonar scan report
    configuration:
      integration: SonarIntegration                           # name of the Sonar Integration

Creating Sonar Integration

You can add this integration by following the Managing Pipelines Integrations  page steps.

Prerequisites

Sonar Token with the privileges to Browse the project of specified components.

The following table shows the fields to be filled with the appropriate information to complete the Sonar Integration:

Example

resources:
  - name: maven_app                                             # name of the resource
    type: GitRepo
    configuration:
      path: jfrog/jfrog-pipelines
      gitProvider: GitHubIntegration
      branches:
        include: main

  - name: maven_app_pr1                                        # name of the resource
    type: GitRepo
    configuration:
      path: jfrog/jfrog-pipelines
      gitProvider: GitHubIntegration                          # name of the GitHub Integration
      buildOn:
        commit: false
        pullRequestCreate: true

  - name: maven_app_sonar_report                              # name of the resource
    type: CodeAnalysis                                        # codeAnalysis resource to capture sonar scan report
    configuration:
      integration: SonarIntegration                           # name of the Sonar Integration

pipelines:
  - name: sonar_integration_pipeline
    configuration:
      jfrogCliVersion: 2
    steps:
      - name: scan                                                    # name of the step
        type: Bash
        configuration:
          inputResources:
            - name: maven_app            
          outputResources:
            - name: maven_app_sonar_report
          integrations:
            - name: myArtifactory                                       # name of the Artifactory Integration
          runtime:
            type: image
            image:
              custom:
                registry: myArtifactory                                # name of the Artifactory Integration
                sourceRepository: example-docker-local
                name: pipelines.jfrog.io/example-docker-local/sonar-scanner
                tag: latest
        execution:
          onExecute:
            - task: jfrog/[email protected]
              input:
                codeResourceName: maven_app_sonar_report
                gitResourceName: maven_app
                projectFolder: simple-java-maven-app-master            # path of the app to scan
                gitBranch: main
                orgName: jfrogsonarcodeanalysis                        # name of the sonar organization
                projectKey: jfrogsonarcodeanalysis_mavenapp            # name of the sonar project key


      - name: scan_pr                                                  # name of the step
        type: Bash
        configuration:
          inputResources:
            - name: maven_app_pr1
          outputResources:
            - name: maven_app_sonar_report
          integrations:
            - name: myArtifactory
          runtime:
            type: image
            image:
              custom:
                registry: myArtifactory
                sourceRepository: example-docker-local
                name: pipelines.jfrog.io/example-docker-local/sonar-scanner
                tag: latest
        execution:
          onExecute:
            - task: jfrog/[email protected]                                # name of the task > sonar task
              input:
                codeResourceName: maven_app_sonar_report
                gitResourceName: maven_app_pr1
                projectFolder: simple-java-maven-app-master
                gitBranch: main
                orgName: jfrogsonarcodeanalysis
                projectKey: jfrogsonarcodeanalysis_mavenapp
                extraSonarOptions: "-Dsonar.pullrequest.key=$res_maven_app_pr1_pullRequestNumber -Dsonar.pullrequest.branch=$res_maven_app_pr1_headCommitRef -Dsonar.pullrequest.base=$res_maven_app_pr1_pullRequestBaseBranch"

📘

Note

orgName and projectkey can be found here from the Sonar Application.

References

Following are the references to learn more about the Sonar Integration:

• Sonar Task and search for jfrog/sonar task.

  

View SonarQube Results

After successful run of the pipeline, navigate to the Pipelines > MyPipelines > Your Pipeline > Run > Code.

Here you can view overview of the sonar report. To learn more, click See more. It takes you to the Sonar Application.

View Code Insights

After successful run of the pipelines, you can also view insights of the code coverage and tests. To learn more, refer to CodeAnalysis Insights.

SSH Key Integration

SSH Key Integration is used to connect JFrog Pipelines to VMs that allow SSH based auth. This is typically used to SSH in and then run commands on the machine. Tools like Terraform and Ansible use this to execute scripts on a machine.

Creating an SSH Key Integration

You can add this integration by following steps on the Managing Pipelines Integrations page.

Here is the information you need to create this integration:

• Name -- choose a friendly name for the integration
• Public Key -- Public SSH Key
• Private Key -- Private SSH Key

Note: The SSH Key must be generated without passphrase.

Usage

The SSH Key integration can be used in the following resources:

• VmCluster

The SSH Key integration can also be added directly to a step in the integrations section. This automatically adds the public and private SSH keys to the SSH client configuration file (~/.ssh) to enable a secure connection through the ssh command.

Default Environment Variables

When you create a VmCluster resource with this integration, and create a step that uses it, a set of environment variables is automatically made available.

When you add this integration directly to a step, a set of environment variables is automatically made available.