Optionally - set up a FREE JFrog Platform in the Cloud
- -Frogbot requires a JFrog environment to scan your projects. If you don't have an environment, we can set up a free environment in the cloud for you. Just run one of the following commands in your terminal to set up an environment in less than a minute. - -The commands will do the following: - -1. Install [JFrog CLI](https://www.jfrog.com/confluence/display/CLI/JFrog+CLI) on your machine. -2. Create a FREE JFrog environment in the cloud for you. - -**For macOS and Linux, use curl** - -``` -curl -fL "https://getcli.jfrog.io?setup" | sh -``` - -**For Windows, use PowerShell** - -``` -powershell "Start-Process -Wait -Verb RunAs powershell '-NoProfile iwr https://releases.jfrog.io/artifactory/jfrog-cli/v2-jf/[RELEASE]/jfrog-cli-windows-amd64/jf.exe -OutFile $env:SYSTEMROOT\system32\jf.exe'" ; jf setup -``` - -After the setup is complete, you'll receive an email with your JFrog environment connection details, which can be stored as secrets in Git. - -Advanced - Customize advanced settings with frogbot-config.yml
-* [Creating the frogbot-config.yml file](./frogbot-configuration.md) +* [Creating the frogbot-config.yml file](frogbot-configuration.md)Optionally set up a free JFrog Environment in the Cloud
- -Need a free JFrog environment in the Cloud, so that JFrog IntelliJ IDEA Plugin can connect to it? Just run one of the following commands in your terminal. The commands will do the following: - -1. Install JFrog CLI on your machine. -2. Create a FREE JFrog environment in the Cloud for you. -3. Configure IntelliJ IDEA to connect to your new environment. - -**MacOS and Linux using cURL** - -```bash -curl -fL https://getcli.jfrog.io?setup | sh -``` - -**Windows using PowerShell** - -```powershell -powershell "Start-Process -Wait -Verb RunAs powershell '-NoProfile iwr https://releases.jfrog.io/artifactory/jfrog-cli/v2-jf/[RELEASE]/jfrog-cli-windows-amd64/jf.exe -OutFile $env:SYSTEMROOT\system32\jf.exe'" ; jf setup -``` - -Connect the JFrog Plugin to an existing JFrog Environment
You can connect the plugin to your JFrog environment using one of the following methods: @@ -34,13 +10,12 @@ You can connect the plugin to your JFrog environment using one of the following Once the plugin is successfully installed, connect the plugin to your instance of the JFrog Platform: -1. If your JFrog Platform instance is behind an HTTP proxy, configure the proxy settings as described [here](https://www.jetbrains.com/help/idea/settings-http-proxy.html). - Manual proxy configuration is supported since version 1.3.0 of the JFrog IntelliJ IDEA Plugin. Auto-detect proxy settings is supported since version 1.7.0. +1. If your JFrog Platform instance is behind an HTTP proxy, configure the proxy settings as described [here](https://www.jetbrains.com/help/idea/settings-http-proxy.html). Manual proxy configuration is supported since version 1.3.0 of the JFrog IntelliJ IDEA Plugin. Auto-detect proxy settings is supported since version 1.7.0. 2. Under **Settings (Preferences)** | **Other Settings**, click **JFrog Global Configuration**. 3. Set your JFrog Platform URL and login credentials. 4. Test your connection to Xray using the Test Connection button. - - + +
**Using Environment Variables**
@@ -51,12 +26,12 @@ The plugin also supports connecting to your JFrog environment using environment
You may provide basic auth credentials or access token as follows:
-> **_NOTE:_** For security reasons, it is recommended to unset the environment variables after launching the IDE.
+_**NOTE:**_ For security reasons, it is recommended to unset the environment variables after launching the IDE.
-- `JFROG_IDE_PLATFORM_URL` - JFrog Platform URL
-- `JFROG_IDE_USERNAME` - JFrog Platform username
-- `JFROG_IDE_PASSWORD` - JFrog Platform password
-- `JFROG_IDE_ACCESS_TOKEN` - JFrog Platform access token
+* `JFROG_IDE_PLATFORM_URL` - JFrog Platform URL
+* `JFROG_IDE_USERNAME` - JFrog Platform username
+* `JFROG_IDE_PASSWORD` - JFrog Platform password
+* `JFROG_IDE_ACCESS_TOKEN` - JFrog Platform access token
If you don't have a JFrog Platform instance, create a free instance in the cloud by running one of the following commands in your terminal.
- -**MacOS and Linux using cUrl** - -``` -curl -fL "https://getcli.jfrog.io?setup" | sh -``` - -**Windows using PowerShell** - -``` -powershell "Start-Process -Wait -Verb RunAs powershell '-NoProfile iwr https://releases.jfrog.io/artifactory/jfrog-cli/v2-jf/[RELEASE]/jfrog-cli-windows-amd64/jf.exe -OutFile $env:SYSTEMROOT\system32\jf.exe'" ; jf setup -``` - -The commands will do the following: - -1. Install JFrog CLI on your machine. -2. Create a FREE JFrog environment in the cloud for you. -3. Configure VS Code to connect to your new environment. - -
Critical
[0.2.4]
[1.2.6]
High
High
Critical
[0.2.4]
[1.2.6]
High
High
Set Frogbot's connection details as GitHub secrets
+ +Go to your repository's **settings** tab and save the JFrog connection details as repository secrets with the following names: + +1. **JF\_URL** (JFrog Platform URL)\ + Example: `https://acme.jfrog.io`\ + You can also use **JF\_XRAY\_URL** and **JF\_ARTIFACTORY\_URL** instead of **JF\_URL.** +2. **JF\_ACCESS\_TOKEN** (JFrog access token)\ + You can also use **JF\_USER** + **JF\_PASSWORD** instead of **JF\_ACCESS\_TOKEN**.\ + Instead of using **JF\_ACCESS\_TOKEN** and providing an access token as a GitHub secret, you can utilize the [GitHub OpenID Connect (OIDC)](oidc-authentication.md) authentication protocol. +3. **JF\_GIT\_TOKEN** (GitHub token)\ + You can utilize [$\{{secrets.GITHUB\_TOKEN\}}](https://docs.github.com/en/actions/security-guides/automatic-token-authentication) for **JF\_GIT\_TOKEN**, which is an automatically generated token by GitHub. However, this option comes with a limitation: a workflow, such as Frogbot itself, cannot trigger another workflow. Consequently, if you have additional workflows intended to activate upon the creation of a new pull request, they might not be initiated. To resolve this issue, you can generate a [personal access token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens) and use it as JF\_GIT\_TOKEN. + +
+
+Allow Pull Requests
+ +Under **Actions** > **General**, check the **Allow GitHub Actions to create and approve pull requests** check box. + +
+
+Create a dedicated execution environment for Frogbot
+ +Create a new [GitHub environment](https://docs.github.com/en/actions/deployment/targeting-different-environments/using-environments-for-deployment#creating-an-environment) called **frogbot** and add people or public teams as reviewers. \ +The chosen reviewers can trigger Frogbot scans on pull requests. + +.png>) + +frogbot-scan-repository.yml template
+ +```yaml +name: "Frogbot Scan Repository" +on: + workflow_dispatch: + schedule: + # The repository will be scanned once a day at 00:00 GMT. + - cron: "0 0 * * *" +permissions: + contents: write + pull-requests: write + security-events: write + # [Mandatory If using OIDC authentication protocol instead of JF_ACCESS_TOKEN] + # id-token: write +jobs: + scan-repository: + runs-on: ubuntu-latest + strategy: + matrix: + # The repository scanning will be triggered periodically on the following branches. + branch: ["dev"] + steps: + - uses: jfrog/frogbot@v2 + env: + # [Mandatory] + # JFrog platform URL + JF_URL: ${{ secrets.JF_URL }} + + # [Mandatory if JF_USER and JF_PASSWORD are not provided] + # JFrog access token with 'read' permissions on Xray service + JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }} + + # [Mandatory if JF_ACCESS_TOKEN is not provided] + # JFrog username with 'read' permissions for Xray. Must be provided with JF_PASSWORD + # JF_USER: ${{ secrets.JF_USER }} + + # [Mandatory if JF_ACCESS_TOKEN is not provided] + # JFrog password. Must be provided with JF_USER + # JF_PASSWORD: ${{ secrets.JF_PASSWORD }} + + # [Mandatory] + # The GitHub token is automatically generated for the job + JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + # [Mandatory] + # The name of the branch on which Frogbot will perform the scan + JF_GIT_BASE_BRANCH: ${{ matrix.branch }} + + # [Mandatory if using OIDC authentication protocol instead of JF_ACCESS_TOKEN] + # Insert to oidc-provider-name the 'Provider Name' defined in the OIDC integration configured in the JPD + # with: + # oidc-provider-name: "" +``` + +frogbot-scan-pull-request.yml template
+ +{% code fullWidth="true" %} +```yaml +name: "Frogbot Scan Repository" +on: + workflow_dispatch: + schedule: + # The repository will be scanned once a day at 00:00 GMT. + - cron: "0 0 * * *" +permissions: + contents: write + pull-requests: write + security-events: write + # [Mandatory If using OIDC authentication protocol instead of JF_ACCESS_TOKEN] + # id-token: write +jobs: + scan-repository: + runs-on: ubuntu-latest + strategy: + matrix: + # The repository scanning will be triggered periodically on the following branches. + branch: ["dev"] + steps: + - uses: jfrog/frogbot@v2 + env: + # [Mandatory] + # JFrog platform URL + JF_URL: ${{ secrets.JF_URL }} + + # [Mandatory if JF_USER and JF_PASSWORD are not provided] + # JFrog access token with 'read' permissions on Xray service + JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }} + + # [Mandatory if JF_ACCESS_TOKEN is not provided] + # JFrog username with 'read' permissions for Xray. Must be provided with JF_PASSWORD + # JF_USER: ${{ secrets.JF_USER }} + + # [Mandatory if JF_ACCESS_TOKEN is not provided] + # JFrog password. Must be provided with JF_USER + # JF_PASSWORD: ${{ secrets.JF_PASSWORD }} + + # [Mandatory] + # The GitHub token is automatically generated for the job + JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + # [Mandatory] + # The name of the branch on which Frogbot will perform the scan + JF_GIT_BASE_BRANCH: ${{ matrix.branch }} + + # [Mandatory if using OIDC authentication protocol instead of JF_ACCESS_TOKEN] + # Insert to oidc-provider-name the 'Provider Name' defined in the OIDC integration configured in the JPD + # with: + # oidc-provider-name: "" +``` +{% endcode %} + +Frogbot template to scan Repository and Pull Request
+ +```yml +frogbot-scan: + rules: + - if: $CI_PIPELINE_SOURCE == 'merge_request_event' + when: manual + variables: + FROGBOT_CMD: "scan-pull-request" + JF_GIT_BASE_BRANCH: $CI_MERGE_REQUEST_TARGET_BRANCH_NAME + # Repository scanning is triggered by any push to the default branch. + # If you'd like a different branch to be scanned, replace $CI_DEFAULT_BRANCH in the line below with the name of the branch, wrapped with quotes ("). + - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_PIPELINE_SOURCE == "schedule" + variables: + FROGBOT_CMD: "scan-repository" + JF_GIT_BASE_BRANCH: $CI_COMMIT_BRANCH + variables: + # [Mandatory] + # JFrog platform URL (This functionality requires version 3.29.0 or above of Xray) + JF_URL: $JF_URL + + # [Mandatory if JF_USER and JF_PASSWORD are not provided] + # JFrog access token with 'read' permissions for Xray + JF_ACCESS_TOKEN: $JF_ACCESS_TOKEN + + # [Mandatory if JF_ACCESS_TOKEN is not provided] + # JFrog user and password with 'read' permissions for Xray + # JF_USER: $JF_USER + # JF_PASSWORD: $JF_PASSWORD + + # [Mandatory] + # GitLab access token. Ensure the token has the following permissions, depedending on your GiLab deployment type: + # Self hosted: api, read_api, read_user, read_repository. + # Cloud: api, read_api, read_repository + JF_GIT_TOKEN: $USER_TOKEN + + # Predefined GitLab variables. There's no need to set them. + JF_GIT_PROVIDER: gitlab + JF_GIT_OWNER: $CI_PROJECT_NAMESPACE + JF_GIT_REPO: $CI_PROJECT_NAME + JF_GIT_PULL_REQUEST_ID: $CI_MERGE_REQUEST_IID + + # [Mandatory if the two conditions below are met] + # 1. The project uses yarn 2, NuGet, or .NET to download its dependencies + # 2. The `installCommand` variable isn't set in your frogbot-config.yml file. + # + # The command that installs the project dependencies (e.g "nuget restore") + JF_INSTALL_DEPS_CMD: "" + + script: + # For Linux / MacOS runner: + - | + getFrogbotScriptPath=$(if [ -z "$JF_RELEASES_REPO" ]; then echo "https://releases.jfrog.io"; else echo "${JF_URL}/artifactory/${JF_RELEASES_REPO}"; fi) + curl -fLg "$getFrogbotScriptPath/artifactory/frogbot/v2/[RELEASE]/getFrogbot.sh" | sh + ./frogbot ${FROGBOT_CMD} + + # For Windows runner: + # + # - $getFrogbotScriptPath = $(if ([string]::IsNullOrEmpty($env:JF_RELEASES_REPO)) { "https://releases.jfrog.io" } else { "$($env:JF_URL)/artifactory/$($env:JF_RELEASES_REPO)" }) + # - Invoke-WebRequest -Uri "$getFrogbotScriptPath/artifactory/frogbot/v2/[RELEASE]/getFrogbot.sh" -UseBasicParsing | ForEach-Object { & $_.Content } + # - .\frogbot ${FROGBOT_CMD} +``` + +| Feature | Go | Maven | npm | Yarn v1-v3 | Pip | Pipenv | Poetry | .NET CLI | NuGet | Terraform | Gradle | Pnpm |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| SCA | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ | ✅ | ✅ |
| Contextual Analysis | Coming Soon | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | Coming Soon | Coming Soon | ❌ | ✅ | ✅ |
| Secrets Detection | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
| SAST | Beta | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | Roadmap | Roadmap | ❌ | ✅ | ✅ |
| Infrastructure as Code (IaC) | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ |
| PR Scan | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
| Monitor Scan | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
| Autofix with new PR for direct dep. | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ | ✅ | ✅ |
| License Violations | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ | ✅ | ✅ |
| Feature | Go | Maven | npm | Yarn v1-v3 | Pip | Pipenv | Poetry | .NET CLI | NuGet | Terraform | Gradle | Pnpm |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| SCA | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ | ✅ | ✅ |
| Contextual Analysis | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | Coming Soon | Coming Soon | ❌ | ✅ | ✅ |
| Secrets Detection | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
| SAST | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | Roadmap | Roadmap | ❌ | ✅ | ✅ |
| Infrastructure as Code (IaC) | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ |
| PR Scan | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
| Monitor Scan | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
| Autofix with new PR for direct dep. | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ | ✅ | ✅ |
| License Violations | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ | ✅ | ✅ |
| Feature | Go | Maven | npm | pnpm | Yarn | Pip | Pipenv | Poetry | .NET CLI | NuGet | Terraform |
|---|---|---|---|---|---|---|---|---|---|---|---|
| SCA | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ |
| Contextual Analysis | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ |
| Secrets Detection | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
| SAST | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ |
| Exclude dev dependencies | ❌ | ❌ | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ |
| Infrastructure as Code (IaC) | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ |
| Autofix for direct dep. | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ |
| License Violations | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
| Feature | Go | Maven | npm | pnpm | Yarn | Pip | Pipenv | Poetry | .NET CLI | NuGet | Terraform |
|---|---|---|---|---|---|---|---|---|---|---|---|
| SCA | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ |
| Contextual Analysis | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ |
| Secrets Detection | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
| SAST | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ |
| Exclude dev dependencies | ❌ | ❌ | ✅ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ |
| Infrastructure as Code (IaC) | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ |
| Autofix for direct dep. | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ |
| License Violations | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
(optional) The type of SCM to use for the analysis.
Supported Values: github, gitlab, bitbucket Example: --scm-type=github
(optional) The base URL of the SCM system's API endpoint.
Format: The full URL, including the protocol Example: --scm-api-url=https://api.github.com
(optional)
Enables verbose output, providing more detailed information.
| + +#### Example Commands + +**Single Repository** + +```javascript +git cc --scm-type=github --scm-api-url=https://api.github.com --token={
+ "total_unique_contributors": 4, - The number of unique developers (dedup)
+ "total_commits": 4, - The number of commits examined on the default branch (total)
+ "scanned_repos": [ - The repositories that were scanned
+ "test-go",
+ "test-cli-core"
+ ],
+ "report_date": "2024-07-22T12:08:04+03:00", - The report date
+ "number_of_months": "5", - The time range specified
+ "unique_contributors_list": [ - The evidence of the last seen developer
+ {
+ "email": "dev1@users.noreply.github.com",
+ "name": "`Developer 1",
+ "last_commit": {
+ "repo": "test-cli-core",
+ "date": "2024-02-22T14:21:55Z",
+ "hash": "3463b55aa453fb5dd3d5e7c6ebf45a3e33710e72"
+ }
+ },
+ {
+ "email": "dev2@users.noreply.github.com",
+ "name": "Developer 2",
+ "last_commit": {
+ "repo": "test-go",
+ "date": "2024-03-24T07:56:17Z",
+ "hash": "8b102603458044b434689fc3832e12d30af12d15"
+ }
+ },
+ {
+ "email": "dev3@jfrog.com",
+ "name": "Developer 3",
+ "last_commit": {
+ "repo": "test-cli-core",
+ "date": "2024-02-25T15:15:19Z",
+ "hash": "de88b95a38242b9984877a8e928ceafedb147843"
+ }
+ }
+ ],
+ "detailed_contributors_list": { - With verbose; detailed evidence per user
+ "dev2@users.noreply.github.com": [
+ {
+ "repo_path": "test-go",
+ "last_commit": {
+ "date": "2024-03-24T07:56:17Z",
+ "hash": "8b102603458044b434689fc3832e12d30af12d15"
+ }
+ },
+ {
+ "repo_path": "test-cli-core",
+ "last_commit": {
+ "date": "2024-02-25T12:40:40Z",
+ "hash": "0941c5ce1007501c2793efa0e09b0e9531b8d503"
+ }
+ }
+ ],
+ "dev3@jfrog.com": [
+ {
+ "repo_path": "test-cli-core",
+ "last_commit": {
+ "date": "2024-02-25T15:15:19Z",
+ "hash": "de88b95a38242b9984877a8e928ceafedb147843"
+ }
+ }
+ ],
+ "dev1@users.noreply.github.com": [
+ {
+ "repo_path": "test-cli-core",
+ "last_commit": {
+ "date": "2024-02-22T14:21:55Z",
+ "hash": "3463b55aa453fb5dd3d5e7c6ebf45a3e33710e72"
+ }
+ }
+ ]
+ },
+ "detailed_repos_list": { - With verbose; detailed evidence per repo
+ "test-go": [
+ {
+ "email": "dev2@users.noreply.github.com",
+ "last_commit": {
+ "date": "2024-03-24T07:56:17Z",
+ "hash": "8b102603458044b434689fc3832e12d30af12d15"
+ }
+ }
+ ],
+ "test-cli-core": [
+ {
+ "email": "dev3@jfrog.com",
+ "last_commit": {
+ "date": "2024-02-25T15:15:19Z",
+ "hash": "de88b95a38242b9984877a8e928ceafedb147843"
+ }
+ },
+ {
+ "email": "dev2@users.noreply.github.com",
+ "last_commit": {
+ "date": "2024-02-25T12:40:40Z",
+ "hash": "0941c5ce1007501c2793efa0e09b0e9531b8d503"
+ }
+ },
+ {
+ "email": "dev1@users.noreply.github.com",
+ "last_commit": {
+ "date": "2024-02-22T14:21:55Z",
+ "hash": "3463b55aa453fb5dd3d5e7c6ebf45a3e33710e72"
+ }
+ }
+ ]
+ }
+}
+[Optional]
JFrog project key.
[Optional]
JFrog project key.
[Optional]
Path to a yaml configuration file, used for collecting tracked project issues and adding them to the build-info.
[Optional]
Server ID configured using the 'jf config' command. This is the server to which the build-info will be later published, using the jf rt build-publish command. This option, if provided, overrides the serverID value in this command's yaml configuration. If both values are not provided, the default server, configured by the 'jf config' command, is used.
[Optional]
JFrog project key.
[Optional]
Path to a yaml configuration file, used for collecting tracked project issues and adding them to the build-info.
[Optional]
Server ID configured using the 'jf config' command. This is the server to which the build-info will be later published, using the jf rt build-publish command. This option, if provided, overrides the serverID value in this command's yaml configuration. If both values are not provided, the default server, configured by the 'jf config' command, is used.
[Optional]
JFrog project key.
Warning
When using the * or ; characters in the command options or arguments, make sure to wrap the whole options or arguments string in quotes (") to make sure the * or ; characters are not interpreted as literals.
[Default: false]
Set to true to search the files in Artifactory, rather than on the local file system. The --regexp option is not supported when --from-rt is set to true.
[Optional]
Server ID configured using the config command.
[Optional]
Path to a File Spec.
[Optional]
List of variables in the form of "key1=value1;key2=value2;..." to be replaced in the File Spec. In the File Spec, the variables should be used as follows: ${key1}.
[Default: true]
When false, artifacts inside sub-folders in Artifactory will not be affected.
[Optional: false]
[Default: false] Set to true to use a regular expression instead of wildcards expression to collect files to be added to the build info.This option is not supported when --from-rt is set to true.
[Default: false]
Set to true to only get a summery of the dependencies that will be added to the build info.
[Optional]
Optional module name in the build-info for adding the dependency.
When using the * or ; characters in the command options or arguments, make sure to wrap the whole options or arguments string in quotes (") to make sure the * or ; characters are not interpreted as literals.
| +| `--from-rt` |[Default: false]
Set to true to search the files in Artifactory, rather than on the local file system. The --regexp option is not supported when --from-rt is set to true.
[Optional]
Server ID configured using the 'jf config' command.
[Optional]
Path to a File Spec.
[Optional]
List of semicolon-separated(;) variables in the form of "key1=value1;key2=value2;..." to be replaced in the File Spec. In the File Spec, the variables should be used as follows: ${key1}.
[Default: true]
When false, artifacts inside sub-folders in Artifactory will not be affected.
[Optional: false]
[Default: false] Set to true to use a regular expression instead of wildcards expression to collect files to be added to the build info.This option is not supported when --from-rt is set to true.
[Default: false]
Set to true to only get a summery of the dependencies that will be added to the build info.
[Optional]
Optional module name in the build-info for adding the dependency.
[Optional]
Server ID configured using the config command. If not specified, the default configured Artifactory server is used.
[Optional]
JFrog project key.
[Optional]
Can be used for setting the CI server build URL in the build-info.
[Default: *]
List of patterns in the form of "value1;value2;..." Only environment variables that match those patterns will be included in the build info.
[Default: *password*;*secret*;*key*]
List of case insensitive patterns in the form of "value1;value2;..." environment variables match those patterns will be excluded.
[Default: false]
Set to true to disable communication with Artifactory.
[Default: false]
Set to true to skip TLS certificates verification.
[Optional]
Server ID configured using the 'jf config' command. If not specified, the default configured Artifactory server is used.
[Optional]
JFrog project key.
[Optional]
Can be used for setting the CI server build URL in the build-info.
[Default: *]
List of semicolon-separated(;) patterns in the form of "value1;value2;..." Only environment variables that match those patterns will be included in the build info.
[Default: *password*;*secret*;*key*]
List of semicolon-separated(;) case insensitive patterns in the form of "value1;value2;..." environment variables match those patterns will be excluded.
[Default: false]
Set to true to disable communication with Artifactory.
[Default: false]
Set to true to skip TLS certificates verification.
[Optional]
Server ID configured using the config command. If not specified, the default configured Artifactory server is used.
[Optional]
JFrog project key.
[Optional]
Build promotion status.
[Optional]
Build promotion comment.
[Optional]
Build promotion source repository.
[Default: false]
If set to true, the build dependencies are also promoted.
[Default: false]
If set true, the build artifacts and dependencies are copied to the target repository, otherwise they are moved.
[Optional]
List of properties in the form of "key1=value1;key2=value2,...". to attach to the build artifacts.
[Default: false]
If true, promotion is only simulated. The build is not promoted.
[Default: false]
Set to true to skip TLS certificates verification.
[Optional]
Server ID configured using the 'jf config' command. If not specified, the default configured Artifactory server is used.
[Optional]
JFrog project key.
[Optional]
Build promotion status.
[Optional]
Build promotion comment.
[Optional]
Build promotion source repository.
[Default: false]
If set to true, the build dependencies are also promoted.
[Default: false]
If set true, the build artifacts and dependencies are copied to the target repository, otherwise they are moved.
[Optional]
List of semicolon-separated(;) properties in the form of "key1=value1;key2=value2,...". to attach to the build artifacts.
[Default: false]
If true, promotion is only simulated. The build is not promoted.
[Default: false]
Set to true to skip TLS certificates verification.
[Optional]
Server ID configured using the config command. If not specified, the default configured Artifactory server is used.
[Optional]
The maximum number of days to keep builds in Artifactory.
[Optional]
The maximum number of builds to store in Artifactory.
[Optional]
List of build numbers in the form of "value1,value2,...", that should not be removed from Artifactory.
[Default: false]
If set to true, automatically removes build artifacts stored in Artifactory.
[Default: false]
If set to true, build discard will run asynchronously and will not wait for response.
[Optional]
Server ID configured using the 'jf config' command. If not specified, the default configured Artifactory server is used.
[Optional]
The maximum number of days to keep builds in Artifactory.
[Optional]
The maximum number of builds to store in Artifactory.
[Optional]
List of comma-separated(,) build numbers in the form of "build1,build2,...", that should not be removed from Artifactory.
[Default: false]
If set to true, automatically removes build artifacts stored in Artifactory.
[Default: false]
If set to true, build discard will run asynchronously and will not wait for response.
[Optional]
Server ID configured using the jf c add command. If not specified, the default configured server is used.
[Optional]
Server ID configured using the jf c add command. If not specified, the default configured server is used.
The same list of arguments and flags passed to cUrl, except for the following changes:
1. The full Artifactory URL should not be passed. Instead, the REST endpoint URI should be sent.
2. The login credentials should not be passed. Instead, the --server-id should be used.
[Default: 10]
Minimum file size in KB for which JFrog CLI performs checksum deploy optimization.
Configured Artifactory repository name to download the jar needed by the mvn/gradle command.
This environment variable's value format should be <server ID configured by the 'jf c add' command>/<repo name>.
The repository should proxy https://releases.jfrog.io.
This environment variable is used by the 'jf mvn' and 'jf gradle' commands, and also by the 'jf audit' command, when used for maven or gradle projects.
[Default: $JFROG_CLI_HOME_DIR/dependencies]
Defines the directory to which JFrog CLI's internal dependencies are downloaded.
[Default: true]
Set to false to block JFrog CLI from sending usage statistics to Artifactory.
[Default: *password*;*secret*;*key*;*token*]
List of case insensitive patterns in the form of "value1;value2;...". Environment variables match those patterns will be excluded. This environment variable is used by the "jf rt build-publish" command, in case the --env-exclude command option is not sent.
[Default: false]
Used by the "jf rt download" command. Set to true to download artifacts also from remote repositories. This feature is experimental and available on Artifactory version 7.17.0 or higher.
[Default: false]
Used by the "jf rt upload" command. Set to true if you'd like to upload an empty archive when '--archive' is set but all files were excluded by exclusions pattern.
[Default: 10]
Minimum file size in KB for which JFrog CLI performs checksum deploy optimization.
Configured Artifactory repository name to download the jar needed by the mvn/gradle command.
This environment variable's value format should be server ID configured by the 'jf c add' command.
The repository should proxy https://releases.jfrog.io.
This environment variable is used by the 'jf mvn' and 'jf gradle' commands, and also by the 'jf audit' command, when used for maven or gradle projects.
[Default: $JFROG_CLI_HOME_DIR/dependencies]
Defines the directory to which JFrog CLI's internal dependencies are downloaded.
[Default: true]
Set to false to block JFrog CLI from sending usage statistics to Artifactory.
[Default: *password*;*secret*;*key*;*token*]
List of semicolon-separated(;) case insensitive patterns in the form of "value1;value2;...". Environment variables match those patterns will be excluded. This environment variable is used by the "jf rt build-publish" command, in case the --env-exclude command option is not sent.
[Default: false]
Set this option to true to include remote repositories in artifact searches when using the 'rt download' command. The search will target the first five remote repositories within the virtual repository. This feature is available starting from Artifactory version 7.17.0. **NOTE:** Enabling this option may increase the load on Artifactory instances that are proxied by multiple remote repositories..
[Default: false]
Used by the "jf rt upload" command. Set to true if you'd like to upload an empty archive when '--archive' is set but all files were excluded by exclusions pattern.
Warning
When using the * or ; characters in the upload command options or arguments, make sure to wrap the whole options or arguments string in quotes (") to make sure the * or ; characters are not interpreted as literals.
[Optional]
Set to "zip" to pack and deploy the files to Artifactory inside a ZIP archive. Currently, the only packaging format supported is zip.
[Optional]
Server ID configured using the jf c add command. If not specified, the default configured Artifactory server is used.
[Optional]
Path to a file spec. For more details, please refer to Using File Specs.
[Optional]
List of variables in the form of "key1=value1;key2=value2;..." to be replaced in the File Spec. In the File Spec, the variables should be used as follows: ${key1}.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Optional]
A list of Artifactory properties specified as "key=value" pairs separated by a semi-colon ( ; ) to be attached to the uploaded files. If any key can take several values, then each value is separated by a comma ( , ). For example, "key1=value1;key2=value21,value22;key3=value3".
[Optional]
Used for Debian packages only. Specifies the distribution/component/architecture of the package. If the the value for distribution, component or architecture include a slash. the slash should be escaped with a back-slash.
[Default: false]
If true, files are uploaded to the exact target path specified and their hierarchy in the source file system is ignored.
If false, files are uploaded to the target path while maintaining their file system hierarchy.
If Using Placeholders are used, the value of this option is ignored.
Note
JFrog CLI v1
In JFrog CLI v1, the default value of the --flat option is true.
[Default: true]
If true, files are also collected from sub-folders of the source directory for upload .
If false, only files specifically in the source directory are uploaded.
[Default: false]
If true, the command will interpret the first argument, which describes the local file-system path of artifacts to upload, as a regular expression.
If false, it will interpret the first argument as a wild-card expression.
The above also applies for the --exclusions option.
If you have specified that you are using regular expressions, then the beginning of the expression must be enclosed in parenthesis. For example: a/b/c/(.*)/file.zip
[Default: false]
If true, the command will interpret the first argument, which describes the local file-system path of artifacts to upload, as an ANT pattern.
If false, it will interpret the first argument as a wildcards expression.
The above also applies for the --exclusions option.
[Default: 3]
The number of parallel threads that should be used to upload where each thread uploads a single artifact at a time.
[Default: false]
If true, the command only indicates which artifacts would have been uploaded
If false, the command is fully executed and uploads artifacts as specified
[Default: false]
If true, the command will preserve the soft links structure in Artifactory. The symlink file representation will contain the symbolic link and checksum properties.
[Default: false]
If true, the command will extract an archive containing multiple artifacts after it is deployed to Artifactory, while maintaining the archive's file structure.
[Default: false]
If true, the source path applies to bottom-chain directories and not only to files. Bottom-chain directories are either empty or do not include other directories that match the source path.
[Optional]
A list of Semicolon-separated exclude patterns. Allows using wildcards, regular expressions or ANT patterns, according to the value of the --regexp and --ant options. Please read the --regexp and --ant options description for more information.
[Optional]
Specific path in Artifactory, under which to sync artifacts after the upload. After the upload, this path will include only the artifacts uploaded during this upload operation. The other files under this path will be deleted.
[Default: false]
If true, the delete confirmation message is skipped.
[Default: false]
Set to true if you'd like the command to return exit code 2 in case of no files are affected.
[Default: 3]
Number of upload retries.
[Default: 0s]
Number of seconds or milliseconds to wait between retries. The numeric value should either end with s for seconds or ms for milliseconds.
[Default: false]
Set to true to include a list of the affected files as part of the command output summary.
[Default: false]
Set to true to skip TLS certificates verification.
[Default: 200]
The minimum file size in MiB required to attempt a multi-part upload. This option, as well as the functionality of multi-part upload, requires Artifactory with S3 storage.
[Default: 5]
The maximum number of parts that can be concurrently uploaded per file during a multi-part upload. Set to 0 to disable multi-part upload. This option, as well as the functionality of multi-part upload, requires Artifactory with S3 storage.
The command takes two arguments.
In case the --spec option is used, the commands accept no arguments.
The second argument specifies the target path in Artifactory in the following format: [repository name]/[repository path]
If the target path ends with a slash, the path is assumed to be a folder. For example, if you specify the target as "repo-name/a/b/", then "b" is assumed to be a folder in Artifactory into which files should be uploaded. If there is no terminal slash, the target path is assumed to be a file to which the uploaded file should be renamed. For example, if you specify the target as "repo-name/a/b", the uploaded file is renamed to "b" in Artifactory.
For flexibility in specifying the upload path, you can include placeholders in the form of {1}, {2} which are replaced by corresponding tokens in the source path that are enclosed in parenthesis. For more details, please refer to Using Placeholders.
The command takes two arguments, source path and target path.
In case the --spec option is used, the commands accept no arguments.
The second argument specifies the target path in Artifactory in the following format: [repository name]/[repository path]
If the target path ends with a slash, the path is assumed to be a folder. For example, if you specify the target as "repo-name/a/b/", then "b" is assumed to be a folder in Artifactory into which files should be uploaded. If there is no terminal slash, the target path is assumed to be a file to which the uploaded file should be renamed. For example, if you specify the target as "repo-name/a/b", the uploaded file is renamed to "b" in Artifactory.
For flexibility in specifying the upload path, you can include placeholders in the form of {1}, {2} which are replaced by corresponding tokens in the source path that are enclosed in parenthesis. For more details, please refer to Using Placeholders.
When using the * or ; characters in the upload command options or arguments, make sure to wrap the whole options or arguments string in quotes (") to make sure the * or ; characters are not interpreted as literals.
[Optional]
Set to "zip" to pack and deploy the files to Artifactory inside a ZIP archive. Currently, the only packaging format supported is zip.
[Optional]
Server ID configured using the jf c add command. If not specified, the default configured Artifactory server is used.
[Optional]
Path to a file spec. For more details, please refer to Using File Specs.
[Optional]
List of semicolon-separated(;) variables in the form of "key1=value1;key2=value2;..." to be replaced in the File Spec. In the File Spec, the variables should be used as follows: ${key1}.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Optional]
List of semicolon-separated(;) Artifactory properties specified as "key=value" pairs to be attached to the uploaded files.(for example: "key1=value1;key2=value21,value22;key3=value3".
[Optional]
Used for Debian packages only. Specifies the distribution/component/architecture of the package. If the the value for distribution, component or architecture include a slash. the slash should be escaped with a back-slash.
[Default: false]
If true, files are uploaded to the exact target path specified and their hierarchy in the source file system is ignored.
If false, files are uploaded to the target path while maintaining their file system hierarchy.
If Using Placeholders are used, the value of this option is ignored.
Note
JFrog CLI v1
In JFrog CLI v1, the default value of the --flat option is true.
[Default: true]
If true, files are also collected from sub-folders of the source directory for upload .
If false, only files specifically in the source directory are uploaded.
[Default: false]
If true, the command will interpret the first argument, which describes the local file-system path of artifacts to upload, as a regular expression.
If false, it will interpret the first argument as a wild-card expression.
The above also applies for the --exclusions option.
If you have specified that you are using regular expressions, then the beginning of the expression must be enclosed in parenthesis. For example: a/b/c/(.*)/file.zip
[Default: false]
If true, the command will interpret the first argument, which describes the local file-system path of artifacts to upload, as an ANT pattern.
If false, it will interpret the first argument as a wildcards expression.
The above also applies for the --exclusions option.
[Default: 3]
The number of parallel threads that should be used to upload where each thread uploads a single artifact at a time.
[Default: false]
If true, the command only indicates which artifacts would have been uploaded
If false, the command is fully executed and uploads artifacts as specified
[Default: false]
If true, the command will preserve the soft links structure in Artifactory. The symlink file representation will contain the symbolic link and checksum properties.
[Default: false]
If true, the command will extract an archive containing multiple artifacts after it is deployed to Artifactory, while maintaining the archive's file structure.
[Default: false]
If true, the source path applies to bottom-chain directories and not only to files. Bottom-chain directories are either empty or do not include other directories that match the source path.
[Optional]
A list of semicolon-separated(;) exclude patterns. Allows using wildcards, regular expressions or ANT patterns, according to the value of the --regexp and --ant options. Please read the --regexp and --ant options description for more information.
[Optional]
Specific path in Artifactory, under which to sync artifacts after the upload. After the upload, this path will include only the artifacts uploaded during this upload operation. The other files under this path will be deleted.
[Default: false]
If true, the delete confirmation message is skipped.
[Default: false]
Set to true if you'd like the command to return exit code 2 in case of no files are affected.
[Default: 3]
Number of upload retries.
[Default: 0s]
Number of seconds or milliseconds to wait between retries. The numeric value should either end with s for seconds or ms for milliseconds (for example: 10s or 100ms).
[Default: false]
Set to true to include a list of the affected files as part of the command output summary.
[Default: false]
Set to true to skip TLS certificates verification.
[Default: 20]
The upload chunk size in MiB that can be concurrently uploaded during a multi-part upload. This option, as well as the functionality of multi-part upload, requires Artifactory with S3 or GCP storage.
[Default: 200]
The minimum file size in MiB required to attempt a multi-part upload. This option, as well as the functionality of multi-part upload, requires Artifactory with S3 or GCP storage.
[Default: 5]
The maximum number of parts that can be concurrently uploaded per file during a multi-part upload. Set to 0 to disable multi-part upload. This option, as well as the functionality of multi-part upload, requires Artifactory with S3 or GCP storage.
Warning
When using the * or ; characters in the download command options or arguments, make sure to wrap the whole options or arguments string in quotes (") to make sure the * or ; characters are not interpreted as literals.
[Optional]
Server ID configured using the config command. If not specified, the default configured Artifactory server is used.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Optional]
Path to a file spec. For more details, please refer to Using File Specs.
[Optional]
List of variables in the form of "key1=value1;key2=value2;..." to be replaced in the File Spec. In the File Spec, the variables should be used as follows: ${key1}.
[Optional]
A list of Artifactory properties specified as "key=value" pairs separated by a semi-colon (for example, "key1=value1;key2=value2;key3=value3"). Only artifacts with all of the specified properties names and values will be downloaded.
[Optional]
A list of Artifactory properties specified as "key=value" pairs separated by a semi-colon (for example, "key1=value1;key2=value2;key3=value3"). Only artifacts without all of the specified properties names and values will be downloaded.
[Optional]
If specified, only artifacts of the specified build are matched. The property format is build-name/build-number. If you do not specify the build number, the artifacts are filtered by the latest build number.
[Optional]
If specified, only artifacts of the specified bundle are matched. The value format is bundle-name/bundle-version.
[Default: false]
If true, artifacts are downloaded to the exact target path specified and their hierarchy in the source repository is ignored.
If false, artifacts are downloaded to the target path in the file system while maintaining their hierarchy in the source repository.
If Using Placeholders are used, and you would like the local file system (download path) to be determined by placeholders only, or in other words, avoid concatenating the Artifactory folder hierarchy local, set to false.
[Default: true]
If true, artifacts are also downloaded from sub-paths under the specified path in the source repository.
If false, only artifacts in the specified source path directory are downloaded.
[Default: 3]
The number of parallel threads that should be used to download where each thread downloads a single artifact at a time.
[Default: 3]
The number of segments into which each file should be split for download (provided the artifact is over --min-split in size). To download each file in a single thread, set to 0.
[Default: 3]
Number of download retries.
[Default: 0s]
Number of seconds or milliseconds to wait between retries. The numeric value should either end with s for seconds or ms for milliseconds.
[Default: 5120]
The minimum size permitted for splitting. Files larger than the specified number will be split into equally sized --split-count segments. Any files smaller than the specified number will be downloaded in a single thread. If set to -1, files are not split.
[Default: false]
If true, the command only indicates which artifacts would have been downloaded.
If false, the command is fully executed and downloads artifacts as specified.
[Default: false]
Set to true to extract an archive after it is downloaded from Artifactory.
Supported compression formats: br, bz2, gz, lz4, sz, xz, zstd.
Supported archive formats: zip, tar (including any compressed variants like tar.gz), rar.
[Default: false]
Set to true to bypass the archive security inspection before it is unarchived. Used with the 'explode' option.
[Default: false]
If true, the command will validate that symlinks are pointing to existing and unchanged files, by comparing their sha1. Applicable to files and not directories.
[Default: false]
If true, the source path applies to bottom-chain directories and not only to files. Bottom-chain directories are either empty or do not include other directories that match the source path.
[Optional]
Specific path in the local file system, under which to sync dependencies after the download. After the download, this path will include only the dependencies downloaded during this download operation. The other files under this path will be deleted.
[Default: false]
If true, the delete confirmation message is skipped.
[Optional]
A list of semicolon-separated fields to sort by. The fields must be part of the 'items' AQL domain. For more information read the AQL documentation
[Default: asc]
The order by which fields in the 'sort-by' option should be sorted. Accepts 'asc' or 'desc'.
[Optional]
The maximum number of items to fetch. Usually used with the 'sort-by' option.
[Optional]
The offset from which to fetch items (i.e. how many items should be skipped). Usually used with the 'sort-by' option.
[Default: false]
Set to true if you'd like the command to return exit code 2 in case of no files are affected.
[Optional]
If specified, only archive artifacts containing entries matching this pattern are matched. You can use wildcards to specify multiple artifacts.
[Default: false]
Set to true to include a list of the affected files as part of the command output summary.
[Default: false]
Set to true to skip TLS certificates verification.
[Optional]
Path to the public GPG key file located on the file system, used to validate downloaded release bundle files.
The second argument is optional and specifies the local file system target path.
If the target path ends with a slash, the path is assumed to be a directory. For example, if you specify the target as "repo-name/a/b/", then "b" is assumed to be a directory into which files should be downloaded. If there is no terminal slash, the target path is assumed to be a file to which the downloaded file should be renamed. For example, if you specify the target as "a/b", the downloaded file is renamed to "b".
For flexibility in specifying the target path, you can include placeholders in the form of {1}, {2} which are replaced by corresponding tokens in the source path that are enclosed in parenthesis. For more details, please refer to Using Placeholders.
The command takes two arguments source path and target path (Optional).
In case the --spec option is used, the commands accept no arguments.
The second argument is optional and specifies the local file system target path.
If the target path ends with a slash, the path is assumed to be a directory. For example, if you specify the target as "repo-name/a/b/", then "b" is assumed to be a directory into which files should be downloaded. If there is no terminal slash, the target path is assumed to be a file to which the downloaded file should be renamed. For example, if you specify the target as "a/b", the downloaded file is renamed to "b".
For flexibility in specifying the target path, you can include placeholders in the form of {1}, {2} which are replaced by corresponding tokens in the source path that are enclosed in parenthesis. For more details, please refer to Using Placeholders.
When using the * or ; characters in the download command options or arguments, make sure to wrap the whole options or arguments string in quotes (") to make sure the * or ; characters are not interpreted as literals.
| +| `--server-id` |[Optional]
Server ID configured using the 'jf config' command. If not specified, the default configured Artifactory server is used.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Optional]
Path to a file spec. For more details, please refer to Using File Specs.
[Optional]
List of semicolon-separated(;) variables in the form of "key1=value1;key2=value2;..." to be replaced in the File Spec. In the File Spec, the variables should be used as follows: ${key1}.
[Optional]
A list of Artifactory properties specified as semicolon-separated(;) "key=value" pairs (for example: "key1=value1;key2=value2;key3=value3"). Only artifacts with all of the specified properties names and values will be downloaded.
[Optional]
A list of Artifactory properties specified as semicolon-separated(;) "key=value" pairs (for example: "key1=value1;key2=value2;key3=value3"). Only artifacts without all of the specified properties names and values will be downloaded.
[Optional]
If specified, only artifacts of the specified build are matched. The property format is build-name/build-number. If you do not specify the build number, the artifacts are filtered by the latest build number.
[Optional]
If specified, only artifacts of the specified bundle are matched. The value format is bundle-name/bundle-version.
[Default: false]
If true, artifacts are downloaded to the exact target path specified and their hierarchy in the source repository is ignored.
If false, artifacts are downloaded to the target path in the file system while maintaining their hierarchy in the source repository.
If Using Placeholders are used, and you would like the local file system (download path) to be determined by placeholders only, or in other words, avoid concatenating the Artifactory folder hierarchy local, set to false.
[Default: true]
If true, artifacts are also downloaded from sub-paths under the specified path in the source repository.
If false, only artifacts in the specified source path directory are downloaded.
[Default: 3]
The number of parallel threads that should be used to download where each thread downloads a single artifact at a time.
[Default: 3]
The number of segments into which each file should be split for download (provided the artifact is over --min-split in size). To download each file in a single thread, set to 0.
[Default: 3]
Number of download retries.
[Default: 0s]
Number of seconds or milliseconds to wait between retries. The numeric value should either end with s for seconds or ms for milliseconds (for example: 10s or 100ms).
[Default: 5120]
The minimum size permitted for splitting. Files larger than the specified number will be split into equally sized --split-count segments. Any files smaller than the specified number will be downloaded in a single thread. If set to -1, files are not split.
[Default: false]
If true, the command only indicates which artifacts would have been downloaded.
If false, the command is fully executed and downloads artifacts as specified.
[Default: false]
Set to true to extract an archive after it is downloaded from Artifactory.
Supported compression formats: br, bz2, gz, lz4, sz, xz, zstd.
Supported archive formats: zip, tar (including any compressed variants like tar.gz), rar.
[Default: false]
Set to true to bypass the archive security inspection before it is unarchived. Used with the `explode` option.
[Default: false]
If true, the command will validate that symlinks are pointing to existing and unchanged files, by comparing their sha1. Applicable to files and not directories.
[Default: false]
If true, the source path applies to bottom-chain directories and not only to files. Bottom-chain directories are either empty or do not include other directories that match the source path.
[Optional]
Specific path in the local file system, under which to sync dependencies after the download. After the download, this path will include only the dependencies downloaded during this download operation. The other files under this path will be deleted.
[Default: false]
If true, the delete confirmation message is skipped.
[Optional]
A list of semicolon-separated(;) fields to sort by. The fields must be part of the `items` AQL domain. For more information read the AQL documentation
[Default: asc]
The order by which fields in the 'sort-by' option should be sorted. Accepts `asc` or `desc`.
[Optional]
The maximum number of items to fetch. Usually used with the 'sort-by' option.
[Optional]
The offset from which to fetch items (i.e. how many items should be skipped). Usually used with the 'sort-by' option.
[Default: false]
Set to true if you'd like the command to return exit code 2 in case of no files are affected.
[Optional]
If specified, only archive artifacts containing entries matching this pattern are matched. You can use wildcards to specify multiple artifacts.
[Default: false]
Set to true to include a list of the affected files as part of the command output summary.
[Default: false]
Set to true to skip TLS certificates verification.
[Optional]
Path to the public GPG key file located on the file system, used to validate downloaded release bundle files.
Warning
When using the * or ; characters in the copy command options or arguments, make sure to wrap the whole options or arguments string in quotes (") to make sure the * or ; characters are not interpreted as literals.
[Optional]
Server ID configured using the config command. If not specified, the default configured Artifactory server is used.
[Optional]
Path to a file spec. For more details, please refer to Using File Specs.
[Optional]
A list of Artifactory properties specified as "key=value" pairs separated by a semi-colon. (For example, "key1=value1;key2=value2;key3=value3"). Only artifacts with these properties names and values will be copied.
[Optional]
A list of Artifactory properties specified as "key=value" pairs separated by a semi-colon (for example, "key1=value1;key2=value2;key3=value3"). Only artifacts without all of the specified properties names and values will be copied.
[Optional]
If specified, only artifacts of the specified build are matched. The property format is build-name/build-number. If you do not specify the build number, the artifacts are filtered by the latest build number.
[Optional]
If specified, only artifacts of the specified bundle are matched. The value format is bundle-name/bundle-version.
[Default: false]
If true, artifacts are copied to the exact target path specified and their hierarchy in the source path is ignored.
If false, artifacts are copied to the target path while maintaining their source path hierarchy.
[Default: true]
If true, artifacts are also copied from sub-paths under the specified source path.
If false, only artifacts in the specified source path directory are copied.
[Default: false]
If true, the command only indicates which artifacts would have been copied.
If false, the command is fully executed and copies artifacts as specified.
[Default: 3]
Number of threads used for copying the items.
[Optional]
A list of semicolon-separated fields to sort by. The fields must be part of the 'items' AQL domain. For more information read the AQL documentation
[Default: asc]
The order by which fields in the 'sort-by' option should be sorted. Accepts 'asc' or 'desc'.
[Optional]
The maximum number of items to fetch. Usually used with the 'sort-by' option.
[Optional]
The offset from which to fetch items (i.e. how many items should be skipped). Usually used with the 'sort-by' option.
[Default: false]
Set to true if you'd like the command to return exit code 2 in case of no files are affected.
[Optional]
If specified, only archive artifacts containing entries matching this pattern are matched. You can use wildcards to specify multiple artifacts.
[Default: false]
Set to true to skip TLS certificates verification.
[Default: 3]
Number for HTTP retry attempts.
[Default: 0s]
Number of seconds or milliseconds to wait between retries. The numeric value should either end with s for seconds or ms for milliseconds.
Specifies the target path in Artifactory, to which the artifacts should be copied, in the following format: [repository name]/[repository path]
If the pattern ends with a slash, the target path is assumed to be a folder. For example, if you specify the target as "repo-name/a/b/", then "b" is assumed to be a folder in Artifactory into which files should be copied. If there is no terminal slash, the target path is assumed to be a file to which the copied file should be renamed. For example, if you specify the target as "repo-name/a/b", the copied file is renamed to "b" in Artifactory.
For flexibility in specifying the target path, you can include placeholders in the form of {1}, {2} which are replaced by corresponding tokens in the source path that are enclosed in parenthesis. For more details, please refer to Using Placeholders.
The command takes two arguments source path and target path.
In case the --spec option is used, the commands accept no arguments.
Specifies the target path in Artifactory, to which the artifacts should be copied, in the following format: [repository name]/[repository path]
By default the Target Path maintains the source path hierarchy, see --flat flag for more info. If the pattern ends with a slash, the target path is assumed to be a folder. For example, if you specify the target as "repo-name/a/b/", then "b" is assumed to be a folder in Artifactory into which files should be copied. If there is no terminal slash, the target path is assumed to be a file to which the copied file should be renamed. For example, if you specify the target as "repo-name/a/b", the copied file is renamed to "b" in Artifactory.
For flexibility in specifying the target path, you can include placeholders in the form of {1}, {2} which are replaced by corresponding tokens in the source path that are enclosed in parenthesis. For more details, please refer to Using Placeholders.
When using the * or ; characters in the copy command options or arguments, make sure to wrap the whole options or arguments string in quotes (") to make sure the * or ; characters are not interpreted as literals.
| +| `--server-id` |[Optional]
Server ID configured using the 'jf config' command. If not specified, the default configured Artifactory server is used.
[Optional]
Path to a file spec. For more details, please refer to Using File Specs.
[Optional]
A list of Artifactory properties specified as semicolon-separated(;) "key=value" pairs. (for example: "key1=value1;key2=value2;key3=value3"). Only artifacts with these properties names and values will be copied.
[Optional]
A list of Artifactory properties specified as semicolon-separated(;) "key=value" pairs (for example: "key1=value1;key2=value2;key3=value3"). Only artifacts without all of the specified properties names and values will be copied.
[Optional]
If specified, only artifacts of the specified build are matched. The property format is build-name/build-number. If you do not specify the build number, the artifacts are filtered by the latest build number.
[Optional]
If specified, only artifacts of the specified bundle are matched. The value format is bundle-name/bundle-version.
[Default: false]
If true, artifacts are copied to the exact target path specified and their hierarchy in the source path is ignored.
If false, artifacts are copied to the target path while maintaining their source path hierarchy.
[Default: true]
If true, artifacts are also copied from sub-paths under the specified source path.
If false, only artifacts in the specified source path directory are copied.
[Default: false]
If true, the command only indicates which artifacts would have been copied.
If false, the command is fully executed and copies artifacts as specified.
[Default: 3]
Number of threads used for copying the items.
[Optional]
A list of semicolon-separated(;) fields to sort by. The fields must be part of the `items` AQL domain. For more information read the AQL documentation
[Default: asc]
The order by which fields in the 'sort-by' option should be sorted. Accepts `asc` or `desc`.
[Optional]
The maximum number of items to fetch. Usually used with the 'sort-by' option.
[Optional]
The offset from which to fetch items (i.e. how many items should be skipped). Usually used with the 'sort-by' option.
[Default: false]
Set to true if you'd like the command to return exit code 2 in case of no files are affected.
[Optional]
If specified, only archive artifacts containing entries matching this pattern are matched. You can use wildcards to specify multiple artifacts.
[Default: false]
Set to true to skip TLS certificates verification.
[Default: 3]
Number for HTTP retry attempts.
[Default: 0s]
Number of seconds or milliseconds to wait between retries. The numeric value should either end with s for seconds or ms for milliseconds (for example: 10s or 100ms).
Warning
When using the * or ; characters in the copy command options or arguments, make sure to wrap the whole options or arguments string in quotes (") to make sure the * or ; characters are not interpreted as literals.
[Optional]
Server ID configured using the config command. If not specified, the default configured Artifactory server is used.
[Optional]
Path to a file spec. For more details, please refer to Using File Specs.
[Optional]
A list of Artifactory properties specified as "key=value" pairs separated by a semi-colon (for example, "key1=value1;key2=value2;key3=value3"). Only artifacts with these properties names and values will be moved.
[Optional]
A list of Artifactory properties specified as "key=value" pairs separated by a semi-colon (for example, "key1=value1;key2=value2;key3=value3"). Only artifacts without all of the specified properties names and values will be moved.
[Optional]
If specified, only artifacts of the specified build are matched. The property format is build-name/build-number. If you do not specify the build number, the artifacts are filtered by the latest build number.
[Optional]
If specified, only artifacts of the specified bundle are matched. The value format is bundle-name/bundle-version.
[Default: false]
If true, artifacts are moved to the exact target path specified and their hierarchy in the source path is ignored.
If false, artifacts are moved to the target path while maintaining their source path hierarchy.
[Default: true]
If true, artifacts are also moved from sub-paths under the specified source path.
If false, only artifacts in the specified source path directory are moved.
[Default: false]
If true, the command only indicates which artifacts would have been moved.
If false, the command is fully executed and downloads artifacts as specified.
[Default: 3]
Number of threads used for moving the items.
[Optional]
A list of semicolon-separated fields to sort by. The fields must be part of the 'items' AQL domain. For more information read the AQL documentation
[Default: asc]
The order by which fields in the 'sort-by' option should be sorted. Accepts 'asc' or 'desc'.
[Optional]
The maximum number of items to fetch. Usually used with the 'sort-by' option.
[Optional]
The offset from which to fetch items (i.e. how many items should be skipped). Usually used with the 'sort-by' option.
[Default: false]
Set to true if you'd like the command to return exit code 2 in case of no files are affected.
[Optional]
If specified, only archive artifacts containing entries matching this pattern are matched. You can use wildcards to specify multiple artifacts.
[Default: false]
Set to true to skip TLS certificates verification.
[Default: 3]
Number of HTTP retry attempts.
[Default: 0s]
Number of seconds or milliseconds to wait between retries. The numeric value should either end with s for seconds or ms for milliseconds.
Specifies the target path in Artifactory, to which the artifacts should be moved, in the following format: [repository name]/[repository path]
If the pattern ends with a slash, the target path is assumed to be a folder. For example, if you specify the target as "repo-name/a/b/", then "b" is assumed to be a folder in Artifactory into which files should be moved. If there is no terminal slash, the target path is assumed to be a file to which the moved file should be renamed. For example, if you specify the target as "repo-name/a/b", the moved file is renamed to "b" in Artifactory.
For flexibility in specifying the upload path, you can include placeholders in the form of {1}, {2} which are replaced by corresponding tokens in the source path that are enclosed in parenthesis. For more details, please refer to Using Placeholders.
The command takes two arguments source path and target path.
In case the --spec option is used, the commands accept no arguments.
Specifies the target path in Artifactory, to which the artifacts should be moved, in the following format: [repository name]/[repository path]
By default the Target Path maintains the source path hierarchy, see --flat flag for more info. If the pattern ends with a slash, the target path is assumed to be a folder. For example, if you specify the target as "repo-name/a/b/", then "b" is assumed to be a folder in Artifactory into which files should be moved. If there is no terminal slash, the target path is assumed to be a file to which the moved file should be renamed. For example, if you specify the target as "repo-name/a/b", the moved file is renamed to "b" in Artifactory.
For flexibility in specifying the upload path, you can include placeholders in the form of {1}, {2} which are replaced by corresponding tokens in the source path that are enclosed in parenthesis. For more details, please refer to Using Placeholders.
When using the * or ; characters in the copy command options or arguments, make sure to wrap the whole options or arguments string in quotes (") to make sure the * or ; characters are not interpreted as literals.
| +| `--server-id` |[Optional]
Server ID configured using the 'jf config' command. If not specified, the default configured Artifactory server is used.
[Optional]
Path to a file spec. For more details, please refer to Using File Specs.
[Optional]
A list of Artifactory properties specified as semicolon-separated(;) "key=value" pairs (for example: "key1=value1;key2=value2;key3=value3"). Only artifacts with these properties names and values will be moved.
[Optional]
A list of Artifactory properties specified as semicolon-separated(;) "key=value" pairs (for example: "key1=value1;key2=value2;key3=value3"). Only artifacts without all of the specified properties names and values will be moved.
[Optional]
If specified, only artifacts of the specified build are matched. The property format is build-name/build-number. If you do not specify the build number, the artifacts are filtered by the latest build number.
[Optional]
If specified, only artifacts of the specified bundle are matched. The value format is bundle-name/bundle-version.
[Default: false]
If true, artifacts are moved to the exact target path specified and their hierarchy in the source path is ignored.
If false, artifacts are moved to the target path while maintaining their source path hierarchy.
[Default: true]
If true, artifacts are also moved from sub-paths under the specified source path.
If false, only artifacts in the specified source path directory are moved.
[Default: false]
If true, the command only indicates which artifacts would have been moved.
If false, the command is fully executed and downloads artifacts as specified.
[Default: 3]
Number of threads used for moving the items.
[Optional]
A list of semicolon-separated(;) fields to sort by. The fields must be part of the `items` AQL domain. For more information read the AQL documentation
[Default: asc]
The order by which fields in the 'sort-by' option should be sorted. Accepts `asc` or `desc`.
[Optional]
The maximum number of items to fetch. Usually used with the 'sort-by' option.
[Optional]
The offset from which to fetch items (i.e. how many items should be skipped). Usually used with the 'sort-by' option.
[Default: false]
Set to true if you'd like the command to return exit code 2 in case of no files are affected.
[Optional]
If specified, only archive artifacts containing entries matching this pattern are matched. You can use wildcards to specify multiple artifacts.
[Default: false]
Set to true to skip TLS certificates verification.
[Default: 3]
Number of HTTP retry attempts.
[Default: 0s]
Number of seconds or milliseconds to wait between retries. The numeric value should either end with s for seconds or ms for milliseconds (for example: 10s or 100ms).
Warning
When using the * or ; characters in the delete command options or arguments, make sure to wrap the whole options or arguments string in quotes (") to make sure the * or ; characters are not interpreted as literals.
[Optional]
Server ID configured using the config command. If not specified, the default configured Artifactory server is used.
[Optional]
Path to a file spec. For more details, please refer to Using File Specs.
[Optional]
A list of Artifactory properties specified as "key=value" pairs separated by a semi-colon (for example, "key1=value1;key2=value2;key3=value3"). Only artifacts with these properties names and values will be deleted.
[Optional]
A list of Artifactory properties specified as "key=value" pairs separated by a semi-colon (for example, "key1=value1;key2=value2;key3=value3"). Only artifacts without all of the specified properties names and values will be deleted.
[Optional]
If specified, only artifacts of the specified build are matched. The property format is build-name/build-number. If you do not specify the build number, the artifacts are filtered by the latest build number.
[Optional]
If specified, only artifacts of the specified bundle are matched. The value format is bundle-name/bundle-version.
[Default: true]
If true, artifacts are also deleted from sub-paths under the specified path.
[Default: false]
If true, the delete confirmation message is skipped.
[Default: false]
If true, the command only indicates which artifacts would have been deleted.
If false, the command is fully executed and deletes artifacts as specified.
[Optional]
A list of semicolon-separated fields to sort by. The fields must be part of the 'items' AQL domain. For more information read the AQL documentation
[Default: asc]
The order by which fields in the 'sort-by' option should be sorted. Accepts 'asc' or 'desc'.
[Optional]
The maximum number of items to fetch. Usually used with the 'sort-by' option.
[Optional]
The offset from which to fetch items (i.e. how many items should be skipped). Usually used with the 'sort-by' option.
[Default: false]
Set to true if you'd like the command to return exit code 2 in case of no files are affected.
[Optional]
If specified, only archive artifacts containing entries matching this pattern are matched. You can use wildcards to specify multiple artifacts.
[Default: 3]
Number of threads used for deleting the items.
[Default: false]
Set to true to skip TLS certificates verification.
[Default: 3]
Number of HTTP retry attempts.
[Default: 0s]
Number of seconds or milliseconds to wait between retries. The numeric value should either end with s for seconds or ms for milliseconds.--retry-wait-time
The command takes one argument which is the delete path.
In case the --spec option is used, the commands accept no arguments.
When using the * or ; characters in the delete command options or arguments, make sure to wrap the whole options or arguments string in quotes (") to make sure the * or ; characters are not interpreted as literals.
| +| `--server-id` |[Optional]
Server ID configured using the 'jf config' command. If not specified, the default configured Artifactory server is used.
[Optional]
Path to a file spec. For more details, please refer to Using File Specs.
[Optional]
A list of Artifactory properties specified as semicolon-separated(;) "key=value" pairs (for example: "key1=value1;key2=value2;key3=value3"). Only artifacts with these properties names and values will be deleted.
[Optional]
A list of Artifactory properties specified as semicolon-separated(;) "key=value" pairs (for example: "key1=value1;key2=value2;key3=value3"). Only artifacts without all of the specified properties names and values will be deleted.
[Optional]
If specified, only artifacts of the specified build are matched. The property format is build-name/build-number. If you do not specify the build number, the artifacts are filtered by the latest build number.
[Optional]
If specified, only artifacts of the specified bundle are matched. The value format is bundle-name/bundle-version.
[Default: true]
If true, artifacts are also deleted from sub-paths under the specified path.
[Default: false]
If true, the delete confirmation message is skipped.
[Default: false]
If true, the command only indicates which artifacts would have been deleted.
If false, the command is fully executed and deletes artifacts as specified.
[Optional]
A list of semicolon-separated(;) fields to sort by. The fields must be part of the `items` AQL domain. For more information read the AQL documentation
[Default: asc]
The order by which fields in the 'sort-by' option should be sorted. Accepts `asc` or `desc`.
[Optional]
The maximum number of items to fetch. Usually used with the 'sort-by' option.
[Optional]
The offset from which to fetch items (i.e. how many items should be skipped). Usually used with the 'sort-by' option.
[Default: false]
Set to true if you'd like the command to return exit code 2 in case of no files are affected.
[Optional]
If specified, only archive artifacts containing entries matching this pattern are matched. You can use wildcards to specify multiple artifacts.
[Default: 3]
Number of threads used for deleting the items.
[Default: false]
Set to true to skip TLS certificates verification.
[Default: 3]
Number of HTTP retry attempts.
[Default: 0s]
Number of seconds or milliseconds to wait between retries. The numeric value should either end with s for seconds or ms for milliseconds (for example: 10s or 100ms).
Warning
When using the * or ; characters in the command options or arguments, make sure to wrap the whole options or arguments string in quotes (") to make sure the * or ; characters are not interpreted as literals.
[Optional]
Server ID configured using the config command. If not specified, the default configured Artifactory server is used.
[Optional]
Path to a file spec. For more details, please refer to Using File Specs.
[Optional]
Set to true to display only the total of files or folders found.
[Optional]
Set to true if you'd like to also apply the source path pattern for directories and not only for files
[Optional]
List of variables in the form of "key1=value1;key2=value2;..." to be replaced in the File Spec. In the File Spec, the variables should be used as follows: ${key1}.
[Optional]
A list of Artifactory properties specified as "key=value" pairs separated by a semi-colon (for example, "key1=value1;key2=value2;key3=value3"). Only artifacts with these properties names and values will be returned.
[Optional]
A list of Artifactory properties specified as "key=value" pairs separated by a semi-colon (for example, "key1=value1;key2=value2;key3=value3"). Only artifacts without all of the specified properties names and values will be returned.
[Optional]
If specified, only artifacts of the specified build are matched. The property format is build-name/build-number. If you do not specify the build number, the artifacts are filtered by the latest build number.
[Optional]
If specified, only artifacts of the specified bundle are matched. The value format is bundle-name/bundle-version.
[Default: true]
Set to false if you do not wish to search artifacts inside sub-folders in Artifactory.
[Optional]
A list of semicolon-separated fields to sort by. The fields must be part of the 'items' AQL domain. For more information read the AQL documentation
[Default: asc]
The order by which fields in the 'sort-by' option should be sorted. Accepts 'asc' or 'desc'.
[Default: false]
Set to true to look for artifacts also in remote repositories. Available on Artifactory version 7.17.0 or higher.
[Optional]
The maximum number of items to fetch. Usually used with the 'sort-by' option.
[Optional]
The offset from which to fetch items (i.e. how many items should be skipped). Usually used with the 'sort-by' option.
[Default: false]
Set to true if you'd like the command to return exit code 2 in case of no files are affected.
[Optional]
If specified, only archive artifacts containing entries matching this pattern are matched. You can use wildcards to specify multiple artifacts.
[Default: false]
Set to true to skip TLS certificates verification.
[Default: 3]
Number of HTTP retry attempts.
[Default: 0s]
Number of seconds or milliseconds to wait between retries. The numeric value should either end with s for seconds or ms for milliseconds.retry-wait-time
[Optional]
List of fields in the form of "value1;value2;...".
Only the path and the fields that are specified will be returned. The fields must be part of the 'items' AQL domain. for the full supported items list check AQL documentation
The command takes one argument which is the search path.
In case the --spec option is used, the commands accept no arguments.
When using the * or ; characters in the command options or arguments, make sure to wrap the whole options or arguments string in quotes (") to make sure the * or ; characters are not interpreted as literals.
| +| `--server-id` |[Optional]
Server ID configured using the 'jf config' command. If not specified, the default configured Artifactory server is used.
[Optional]
Path to a file spec. For more details, please refer to Using File Specs.
[Optional]
Set to true to display only the total of files or folders found.
[Default: false]
Set to true if you'd like to also apply the source path pattern for directories and not only for files
[Optional]
List of semicolon-separated(;) variables in the form of "key1=value1;key2=value2;..." to be replaced in the File Spec. In the File Spec, the variables should be used as follows: ${key1}.
[Optional]
A list of Artifactory properties specified as semicolon-separated(;) "key=value" pairs (for example: "key1=value1;key2=value2;key3=value3"). Only artifacts with these properties names and values will be returned.
[Optional]
A list of Artifactory properties specified as semicolon-separated(;) "key=value" pairs (for example: "key1=value1;key2=value2;key3=value3"). Only artifacts without all of the specified properties names and values will be returned.
[Optional]
If specified, only artifacts of the specified build are matched. The property format is build-name/build-number. If you do not specify the build number, the artifacts are filtered by the latest build number.
[Optional]
If specified, only artifacts of the specified bundle are matched. The value format is bundle-name/bundle-version.
[Default: true]
Set to false if you do not wish to search artifacts inside sub-folders in Artifactory.
[Optional]
A list of semicolon-separated(;) fields to sort by. The fields must be part of the `items` AQL domain. For more information read the AQL documentation
[Default: asc]
The order by which fields in the 'sort-by' option should be sorted. Accepts `asc` or `desc`.
[Optional]
Set to true to look for artifacts also in remote repositories. Available on Artifactory version 7.17.0 or higher.
[Optional]
The maximum number of items to fetch. Usually used with the 'sort-by' option.
[Optional]
The offset from which to fetch items (i.e. how many items should be skipped). Usually used with the 'sort-by' option.
[Default: false]
Set to true if you'd like the command to return exit code 2 in case of no files are affected.
[Optional]
If specified, only archive artifacts containing entries matching this pattern are matched. You can use wildcards to specify multiple artifacts.
[Default: false]
Set to true to skip TLS certificates verification.
[Default: 3]
Number of HTTP retry attempts.
[Default: 0s]
Number of seconds or milliseconds to wait between retries. The numeric value should either end with s for seconds or ms for milliseconds (for example: 10s or 100ms).
[Optional]
List of semicolon-separated(;) fields in the form of "value1;value2;...".
Only the path and the fields that are specified will be returned. The fields must be part of the `items` AQL domain. for the full supported items list check AQL documentation
Warning
When using the * or ; characters in the command options or arguments, make sure to wrap the whole options or arguments string in quotes (") to make sure the * or ; characters are not interpreted as literals.
[Optional]
Server ID configured using the config command. If not specified, the default configured Artifactory server is used.
[Optional]
Path to a file spec. For more details, please refer to Using File Specs.
[Optional]
List of variables in the form of "key1=value1;key2=value2;..." to be replaced in the File Spec. In the File Spec, the variables should be used as follows: ${key1}.
[Optional]
List of properties in the form of "key1=value1;key2=value2,...". Only files with these properties names and values are affected.
[Optional]
A list of Artifactory properties specified as "key=value" pairs separated by a semi-colon (for example, "key1=value1;key2=value2;key3=value3"). Only artifacts without all of the specified properties names and values will be affected.
[Default: true]
When false, artifacts inside sub-folders in Artifactory will not be affected.
[Optional]
If specified, only artifacts of the specified build are matched. The property format is build-name/build-number. If you do not specify the build number, the artifacts are filtered by the latest build number.
[Default: false]
When true, the properties will also be set on folders (and not just files) in Artifactory.
[Default: false]
Set to true if you'd like the command to return exit code 2 in case of no files are affected.
[Optional]
A list of semicolon-separated fields to sort by. The fields must be part of the 'items' AQL domain. For more information read the AQL documentation
[Default: asc]
The order by which fields in the 'sort-by' option should be sorted. Accepts 'asc' or 'desc'.
[Optional]
The maximum number of items to fetch. Usually used with the 'sort-by' option.
[Optional]
The offset from which to fetch items (i.e. how many items should be skipped). Usually used with the 'sort-by' option.
[Optional]
If specified, only archive artifacts containing entries matching this pattern are matched. You can use wildcards to specify multiple artifacts.
[Default: false]
Set to true to skip TLS certificates verification.
[Default: 3]
Number of working threads.
[Default: 3]
Number of HTTP retry attempts.
[Default: 0s]
Number of seconds or milliseconds to wait between retries. The numeric value should either end with s for seconds or ms for milliseconds.
The command takes two arguments, files pattern and files properties.
In case the --spec option is used, the commands accept no arguments.
When using the * or ; characters in the command options or arguments, make sure to wrap the whole options or arguments string in quotes (") to make sure the * or ; characters are not interpreted as literals.
| +| `--server-id` |[Optional]
Server ID configured using the 'jf config' command. If not specified, the default configured Artifactory server is used.
[Optional]
Path to a file spec. For more details, please refer to Using File Specs.
[Optional]
List of semicolon-separated(;) variables in the form of "key1=value1;key2=value2;..." to be replaced in the File Spec. In the File Spec, the variables should be used as follows: ${key1}.
[Optional]
List of semicolon-separated(;) properties in the form of "key1=value1;key2=value2,...". Only files with these properties names and values are affected.
[Optional]
A list of Artifactory properties specified as semicolon-separated(;) "key=value" pairs (for example: "key1=value1;key2=value2;key3=value3"). Only artifacts without all of the specified properties names and values will be affected.
[Default: true]
When false, artifacts inside sub-folders in Artifactory will not be affected.
[Optional]
If specified, only artifacts of the specified build are matched. The property format is build-name/build-number. If you do not specify the build number, the artifacts are filtered by the latest build number.
[Default: false]
When true, the properties will also be set on folders (and not just files) in Artifactory.
[Default: false]
Set to true if you'd like the command to return exit code 2 in case of no files are affected.
[Optional]
A list of semicolon-separated(;) fields to sort by. The fields must be part of the `items` AQL domain. For more information read the AQL documentation
[Default: asc]
The order by which fields in the 'sort-by' option should be sorted. Accepts `asc` or `desc`.
[Optional]
The maximum number of items to fetch. Usually used with the 'sort-by' option.
[Optional]
The offset from which to fetch items (i.e. how many items should be skipped). Usually used with the 'sort-by' option.
[Optional]
If specified, only archive artifacts containing entries matching this pattern are matched. You can use wildcards to specify multiple artifacts.
[Default: false]
Set to true to skip TLS certificates verification.
[Default: 3]
Number of working threads.
[Default: 3]
Number of HTTP retry attempts.
[Default: 0s]
Number of seconds or milliseconds to wait between retries. The numeric value should either end with s for seconds or ms for milliseconds (for example: 10s or 100ms).
Warning
When using the * or ; characters in the command options or arguments, make sure to wrap the whole options or arguments string in quotes (") to make sure the * or ; characters are not interpreted as literals.
[Optional]
Artifactory server ID configured using the config command. If not specified, the default configured Artifactory server is used.
[Optional]
List of properties in the form of "key1=value1;key2=value2,...". Only files with these properties are affected.
[Optional]
A list of Artifactory properties specified as "key=value" pairs separated by a semi-colon (for example, "key1=value1;key2=value2;key3=value3"). Only artifacts without all of the specified properties names and values will be affected.
[Default: true]
When false, artifacts inside sub-folders in Artifactory will not be affected.
[Optional]
If specified, only artifacts of the specified build are matched. The property format is build-name/build-number. If you do not specify the build number, the artifacts are filtered by the latest build number.
[Optional]
If specified, only artifacts of the specified bundle are matched. The value format is bundle-name/bundle-version.
[Default: false]
When true, the properties will also be set on folders (and not just files) in Artifactory.
[Default: false]
Set to true if you'd like the command to return exit code 2 in case of no files are affected.
[Optional]
A list of semicolon-separated fields to sort by. The fields must be part of the 'items' AQL domain. For more information read the AQL documentation
[Default: asc]
The order by which fields in the 'sort-by' option should be sorted. Accepts 'asc' or 'desc'.
[Optional]
The maximum number of items to fetch. Usually used with the 'sort-by' option.
[Optional]
The offset from which to fetch items (i.e. how many items should be skipped). Usually used with the 'sort-by' option.
[Optional]
If specified, only archive artifacts containing entries matching this pattern are matched. You can use wildcards to specify multiple artifacts.
[Default: false]
Set to true to skip TLS certificates verification.
[Default: 3]
Number of HTTP retry attempts.
[Default: 0s]
Number of seconds or milliseconds to wait between retries. The numeric value should either end with s for seconds or ms for milliseconds.retry-wait-time
The command takes two arguments, files pattern and properties list.
In case the --spec option is used, the commands accept no arguments.
When using the * or ; characters in the command options or arguments, make sure to wrap the whole options or arguments string in quotes (") to make sure the * or ; characters are not interpreted as literals.
| +| `--server-id` |[Optional]
Artifactory Server ID configured using the 'jf config' command. If not specified, the default configured Artifactory server is used.
[Optional]
List of semicolon-separated(;) properties in the form of "key1=value1;key2=value2,...". Only files with these properties are affected.
[Optional]
List of semicolon-separated(;) Artifactory properties specified as "key=value" (for example: "key1=value1;key2=value2;key3=value3"). Only artifacts without all of the specified properties names and values will be affected.
[Default: true]
When false, artifacts inside sub-folders in Artifactory will not be affected.
[Optional]
If specified, only artifacts of the specified build are matched. The property format is build-name/build-number. If you do not specify the build number, the artifacts are filtered by the latest build number.
[Optional]
If specified, only artifacts of the specified bundle are matched. The value format is bundle-name/bundle-version.
[Default: false]
When true, the properties will also be set on folders (and not just files) in Artifactory.
[Default: false]
Set to true if you'd like the command to return exit code 2 in case of no files are affected.
[Optional]
A list of semicolon-separated(;) fields to sort by. The fields must be part of the `items` AQL domain. For more information read the AQL documentation
[Default: asc]
The order by which fields in the 'sort-by' option should be sorted. Accepts `asc` or `desc`.
[Optional]
The maximum number of items to fetch. Usually used with the 'sort-by' option.
[Optional]
The offset from which to fetch items (i.e. how many items should be skipped). Usually used with the 'sort-by' option.
[Optional]
If specified, only archive artifacts containing entries matching this pattern are matched. You can use wildcards to specify multiple artifacts.
[Default: false]
Set to true to skip TLS certificates verification.
[Default: 3]
Number of HTTP retry attempts.
[Default: 0s]
Number of seconds or milliseconds to wait between retries. The numeric value should either end with s for seconds or ms for milliseconds (for example: 10s or 100ms).
[Optional]
Artifactory server ID configured using the config command.
[Mandatory]
Path to a CSV file with the users' details. The first row of the file should include the name,password,email headers.
[Optional]
Set to true if you'd like existing users or groups to be replaced.
[Optional]
A list of comma-separated groups for the new users to be associated to.
[Optional]
Artifactory Server ID configured using the 'jf config' command.
[Mandatory]
Path to a CSV file with the users' details. The first row of the file should include the name,password,email headers.
[Optional]
Set to true if you'd like existing users or groups to be replaced.
[Optional]
A list of comma-separated(,) groups for the new users to be associated to.
[Optional]
Artifactory server ID configured using the config command.
[Optional]
Path to a csv file with the usernames to delete. The first row of the file is the reserved for the cells' headers. It must include the "username" header.
[Optional]
Artifactory Server ID configured using the 'jf config' command.
[Optional]
Path to a csv file with the usernames to delete. The first row of the file is the reserved for the cells' headers. It must include the "username" header.
[Optional]
Artifactory server ID configured using the config command.
[Optional]
Artifactory Server ID configured using the 'jf config' command.
[Optional]
Artifactory server ID configured using the config command.
[Optional]
Artifactory Server ID configured using the 'jf config' command.
[Optional]
Artifactory server ID configured using the config command.
[Optional]
Artifactory Server ID configured using the 'jf config' command.
[Optional]
Artifactory server ID configured using the config command.
[Optional]
List of variables in the form of "key1=value1;key2=value2;..." to be replaced in the template. In the template, the variables should be used as follows: ${key1}.
[Optional]
Artifactory Server ID configured using the 'jf config' command.
[Optional]
List of semicolon-separated(;) variables in the form of "key1=value1;key2=value2;..." to be replaced in the template. In the template, the variables should be used as follows: ${key1}.
[Optional]
Artifactory server ID configured using the config command.
[Default: $CI]
Set to true to skip the delete confirmation message.
[Optional]
Artifactory Server ID configured using the 'jf config' command.
[Default: $CI]
Set to true to skip the delete confirmation message.
[Optional]
Artifactory server ID configured using the config command.
[Optional]
List of variables in the form of "key1=value1;key2=value2;..." to be replaced in the template. In the template, the variables should be used as follows: ${key1}.
[Optional]
Artifactory Server ID configured using the 'jf config' command.
[Optional]
List of semicolon-separated(;) variables in the form of "key1=value1;key2=value2;..." to be replaced in the template. In the template, the variables should be used as follows: ${key1}.
[Optional]
Artifactory server ID configured using the config command.
[Default: $CI]
Set to true to skip the delete confirmation message.
[Optional]
Artifactory Server ID configured using the 'jf config' command.
[Default: $CI]
Set to true to skip the delete confirmation message.
[Optional]
Artifactory server ID configured using the config command.
[Optional]
List of variables in the form of "key1=value1;key2=value2;..." to be replaced in the template. In the template, the variables should be used as follows: ${key1}.
[Optional]
Artifactory Server ID configured using the 'jf config' command.
[Optional]
List of semicolon-separated(;) variables in the form of "key1=value1;key2=value2;..." to be replaced in the template. In the template, the variables should be used as follows: ${key1}.
[Optional]
Artifactory server ID configured using the config command.
[Default: $CI]
Set to true to skip the delete confirmation message.
[Optional]
Artifactory Server ID configured using the 'jf config' command.
[Default: $CI]
Set to true to skip the delete confirmation message.
[Optional]
Set to true, if you'd like the configuration to be global (for all projects on the machine). Specific projects can override the global configuration.
[Optional]
Server ID for resolution. The server should configured using the 'jf rt c' command.
[Optional]
Server ID for deployment. The server should be configured using the 'jf rt c' command.
[Optional]
Resolution repository for release dependencies.
[Optional]
Resolution repository for snapshot dependencies.
[Optional]
Deployment repository for release artifacts.
[Optional]
Deployment repository for snapshot artifacts.
[Optional]
Filter deployed artifacts by setting a wildcard pattern that specifies which artifacts to include. You may provide multiple patterns separated by a comma followed by a white-space. For example
artifact-.jar, artifact-.pom
[Optional]
Filter deployed artifacts by setting a wildcard pattern that specifies which artifacts to exclude. You may provide multiple patterns separated by a comma followed by a white-space. For example
artifact--test.jar, artifact--test.pom
[Default: false]
Set if you'd like all files to be scanned by Xray on the local file system prior to the upload, and skip the upload if any of the files are found vulnerable.
[Default: table]
Should be used with the --scan option. Defines the scan output format. Accepts table or json as values.
[Optional]
Set to true, if you'd like the configuration to be global (for all projects on the machine). Specific projects can override the global configuration.
[Optional]
Server ID for resolution. The server should configured using the 'jf rt c' command.
[Optional]
Server ID for deployment. The server should be configured using the 'jf rt c' command.
[Optional]
Resolution repository for release dependencies.
[Optional]
Resolution repository for snapshot dependencies.
[Optional]
Deployment repository for release artifacts.
[Optional]
Deployment repository for snapshot artifacts.
[Optional]
Filter deployed artifacts by setting a wildcard pattern that specifies which artifacts to include. You may provide multiple comma-separated(,) patterns followed by a white-space. For example
artifact-.jar, artifact-.pom
[Optional]
Filter deployed artifacts by setting a wildcard pattern that specifies which artifacts to exclude. You may provide multiple comma-separated(,) followed by a white-space. For example
artifact--test.jar, artifact--test.pom
[Default: false]
Set if you'd like all files to be scanned by Xray on the local file system prior to the upload, and skip the upload if any of the files are found vulnerable.
[Default: table]
Should be used with the --scan option. Defines the scan output format. Accepts table or json as values.
[Default: 3]
Number of threads for uploading build artifacts.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Default: false]
Set to true to skip TLS certificates verification.
[Default: 3]
Number of threads for uploading build artifacts.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Default: false]
Set to true to skip TLS certificates verification.
[Optional]
Set to true, if you'd like the configuration to be global (for all projects on the machine). Specific projects can override the global configuration.
[Optional]
Server ID for resolution. The server should configured using the 'jf c add' command.
[Optional]
Server ID for deployment. The server should be configured using the 'jf c add' command.
[Optional]
Repository for dependencies resolution.
[Optional]
Repository for artifacts deployment.
[Default: false]
Set to true if the Gradle Artifactory Plugin is already applied in the build script.
[Default: false]
Set to true if you'd like to use the Gradle wrapper.
[Default: true]
Set to false if you do not wish to deploy Maven descriptors.
[Default: true]
Set to false if you do not wish to deploy Ivy descriptors.
[Default: '[organization]/[module]/ivy-[revision].xml'
Set the deployed Ivy descriptor pattern.
[Default: '[organization]/[module]/[revision]/[artifact]-[revision](-[classifier]).[ext]'
Set the deployed Ivy artifacts pattern.
[Default: false]
Set if you'd like all files to be scanned by Xray on the local file system prior to the upload, and skip the upload if any of the files are found vulnerable.
[Default: table]
Should be used with the --scan option. Defines the scan output format. Accepts table or json as values.
[Optional]
Set to true, if you'd like the configuration to be global (for all projects on the machine). Specific projects can override the global configuration.
[Optional]
Server ID for resolution. The server should configured using the 'jf c add' command.
[Optional]
Server ID for deployment. The server should be configured using the 'jf c add' command.
[Optional]
Repository for dependencies resolution.
[Optional]
Repository for artifacts deployment.
[Default: false]
Set to true if the Gradle Artifactory Plugin is already applied in the build script.
[Default: false]
Set to true if you'd like to use the Gradle wrapper.
[Default: true]
Set to false if you do not wish to deploy Maven descriptors.
[Default: true]
Set to false if you do not wish to deploy Ivy descriptors.
[Default: '[organization]/[module]/ivy-[revision].xml'
Set the deployed Ivy descriptor pattern.
[Default: '[organization]/[module]/[revision]/[artifact]-[revision](-[classifier]).[ext]'
Set the deployed Ivy artifacts pattern.
[Default: false]
Set if you'd like all files to be scanned by Xray on the local file system prior to the upload, and skip the upload if any of the files are found vulnerable.
[Default: table]
Should be used with the --scan option. Defines the scan output format. Accepts table or json as values.
[Default: 3]
Number of threads for uploading build artifacts.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Default: 3]
Number of threads for uploading build artifacts.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Optional]
Server ID configured using the config command. If not specified, the default configured Artifactory server is used.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Default: false]
Set to true if you'd like the command to skip performing docker login.
[Optional]
Server ID configured using the 'jf config' command. If not specified, the default configured Artifactory server is used.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Default: false]
Set to true if you'd like the command to skip performing docker login.
[Optional]
Server ID configured using the config command. If not specified, the default configured Artifactory server is used.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Default: false]
Set to true if you'd like the command to skip performing docker login.
[Default: 3]
Number of working threads.
[Default: false]
Set true to include a list of the affected files as part of the command output summary.
[Optional]
Server ID configured using the 'jf config' command. If not specified, the default configured Artifactory server is used.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Default: false]
Set to true if you'd like the command to skip performing docker login.
[Default: 3]
Number of working threads.
[Default: false]
Set true to include a list of the affected files as part of the command output summary.
[Optional]
Server ID configured using the config command. If not specified, the default configured Artifactory server is used.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Default: false]
Set to true if you'd like the command to skip performing docker login.
[Optional]
Server ID configured using the 'jf config' command. If not specified, the default configured Artifactory server is used.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Default: false]
Set to true if you'd like the command to skip performing docker login.
[Optional]
Server ID configured using the config command. If not specified, the default configured Artifactory server is used.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Default: false]
Set to true if you'd like the command to skip performing docker login.
[Default: 3]
Number of working threads.
[Default: false]
Set to true to include a list of the affected files as part of the command output summary.
[Optional]
Server ID configured using the 'jf config' command. If not specified, the default configured Artifactory server is used.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Default: false]
Set to true if you'd like the command to skip performing docker login.
[Default: 3]
Number of working threads.
[Default: false]
Set to true to include a list of the affected files as part of the command output summary.
Path to a file which includes one line in the following format: IMAGE-TAG@sha256:MANIFEST-SHA256. For example:
cat image-file-details
superfrog-docker.jfrog.io/hello-frog@sha256:30f04e684493fb5ccc030969df6de0
[Optional]
Server ID configured using the config command. If not specified, the default configured Artifactory server is used.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Default: false]
Set to true if you'd like the command to skip performing docker login.
[Default: 3]
Number of working threads.
Path to a file which includes one line in the following format: IMAGE-TAG@sha256:MANIFEST-SHA256. For example:
cat image-file-details
superfrog-docker.jfrog.io/hello-frog@sha256:30f04e684493fb5ccc030969df6de0
[Optional]
Server ID configured using the 'jf config' command. If not specified, the default configured Artifactory server is used.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Default: false]
Set to true if you'd like the command to skip performing docker login.
[Default: 3]
Number of working threads.
[Optional]
Server ID configured using the config command. If not specified, the default configured Artifactory server is used.
[Default: false]
If set true, the Docker image is copied to the target repository, otherwise it is moved.
[Optional]
The tag name to promote.
[Optional]
Docker target image name.
[Optional]
The target tag to assign the image after promotion.
[Optional]
Server ID configured using the 'jf config' command. If not specified, the default configured Artifactory server is used.
[Default: false]
If set true, the Docker image is copied to the target repository, otherwise it is moved.
[Optional]
The tag name to promote.
[Optional]
Docker target image name.
[Optional]
The target tag to assign the image after promotion.
[Optional]
Set to true, if you'd like the configuration to be global (for all projects on the machine). Specific projects can override the global configuration.
[Optional]
Artifactory server ID for resolution. The server should configured using the 'jf c add' command.
[Optional]
Artifactory server ID for deployment. The server should be configured using the 'jf c add' command.
[Optional]
Repository for dependencies resolution.
[Optional]
Repository for artifacts deployment.
[Optional]
Set to true, if you'd like the configuration to be global (for all projects on the machine). Specific projects can override the global configuration.
[Optional]
Artifactory server ID for resolution. The server should configured using the 'jf c add' command.
[Optional]
Artifactory server ID for deployment. The server should be configured using the 'jf c add' command.
[Optional]
Repository for dependencies resolution.
[Optional]
Repository for artifacts deployment.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Default: 3]
Number of working threads for build-info collection.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Default: 3]
Number of working threads for build-info collection.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Default: false]
Set true to include a list of the affected files as part of the command output summary.
[Default: false]
Set if you'd like all files to be scanned by Xray on the local file system prior to the upload, and skip the upload if any of the files are found vulnerable.
[Default: table]
Should be used with the --scan option. Defines the scan output format. Accepts table or JSON as values.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Default: false]
Set true to include a list of the affected files as part of the command output summary.
[Default: false]
Set if you'd like all files to be scanned by Xray on the local file system prior to the upload, and skip the upload if any of the files are found vulnerable.
[Default: table]
Should be used with the --scan option. Defines the scan output format. Accepts table or JSON as values.
[Optional]
Set to true, if you'd like the configuration to be global (for all projects on the machine). Specific projects can override the global configuration.
[Optional]
Artifactory server ID for resolution. The server should configured using the 'jf c add' command.
[Optional]
Repository for dependencies resolution.
[Optional]
Set to true, if you'd like the configuration to be global (for all projects on the machine). Specific projects can override the global configuration.
[Optional]
Artifactory server ID for resolution. The server should configured using the 'jf c add' command.
[Optional]
Repository for dependencies resolution.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Default: 3]
Number of working threads for build-info collection.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Default: 3]
Number of working threads for build-info collection.
[Default false]
Set to true, if you'd like the configuration to be global (for all projects on the machine). Specific projects can override the global configuration.
[Optional]
Artifactory server ID for resolution. The server should configured using the 'jf c add' command.
[Optional]
Artifactory server ID for deployment. The server should be configured using the 'jf c add' command.
[Optional]
Repository for dependencies resolution.
[Optional]
Repository for artifacts deployment.
[Default false]
Set to true, if you'd like the configuration to be global (for all projects on the machine). Specific projects can override the global configuration.
[Optional]
Artifactory server ID for resolution. The server should configured using the 'jf c add' command.
[Optional]
Artifactory server ID for deployment. The server should be configured using the 'jf c add' command.
[Optional]
Repository for dependencies resolution.
[Optional]
Repository for artifacts deployment.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Default: false]
Set to avoid downloading packages from the VCS, if they are missing in Artifactory.
[Optional]
Optional module name for the build-info.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Default false]
Set to avoid downloading packages from the VCS, if they are missing in Artifactory.
[Optional]
Optional module name for the build-info.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Default: false]
Set true to include a list of the affected files as part of the command output summary.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Default: false]
Set true to include a list of the affected files as part of the command output summary.
[Default false]
Set to true, if you'd like the configuration to be global (for all projects on the machine). Specific projects can override the global configuration.
[Optional]
Artifactory server ID for resolution. The server should configured using the 'jf c add' command.
[Optional]
Repository for dependencies resolution.
[Default false]
Set to true, if you'd like the configuration to be global (for all projects on the machine). Specific projects can override the global configuration.
[Optional]
Artifactory server ID for resolution. The server should configured using the 'jf c add' command.
[Optional]
Repository for dependencies resolution.
[Optional]
Artifactory server ID for deployment. The server should configured using the 'jf c add' command.
[Optional]
Repository for artifacts deployment.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Default false]
Set to true, if you'd like the configuration to be global (for all projects on the machine). Specific projects can override the global configuration.
[Optional]
Artifactory server ID for resolution. The server should configured using the 'jf c add' command.
[Optional]
Repository for dependencies resolution.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Optional]
Set to true, if you'd like the configuration to be global (for all projects on the machine). Specific projects can override the global configuration.
[Optional]
Artifactory server ID for resolution. The server should configured using the 'jf c add' command.
[Optional]
Repository for dependencies resolution.
[Default: false]
Set to true if you'd like to use the NuGet V2 protocol when restoring packages from Artifactory (instead of NuGet V3).
[Optional]
Set to true, if you'd like the configuration to be global (for all projects on the machine). Specific projects can override the global configuration.
[Optional]
Artifactory server ID for resolution. The server should configured using the 'jf c add' command.
[Optional]
Repository for dependencies resolution.
[Default: false]
Set to true if you'd like to use the NuGet V2 protocol when restoring packages from Artifactory (instead of NuGet V3).
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
JFrog project key.
[Optional]
Optional module name for the build-info.
[Optional]
Set to true, if you'd like the configuration to be global (for all projects on the machine). Specific projects can override the global configuration.
[Optional]
Artifactory server ID for deployment. The server should configured using the 'jf c add' command.
[Optional]
Repository for artifacts deployment.
[Optional]
Set to true, if you'd like the configuration to be global (for all projects on the machine). Specific projects can override the global configuration.
[Optional]
Artifactory server ID for deployment. The server should configured using the 'jf c add' command.
[Optional]
Repository for artifacts deployment.
[Mandatory]
Terraform module namespace
[Mandatory]
Terraform module provider
[Mandatory]
Terraform module tag
[Optional]
A list of Semicolon-separated exclude patterns wildcards. Paths inside the module matching one of the patterns are excluded from the deployed package.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Mandatory]
Terraform module namespace
[Mandatory]
Terraform module provider
[Mandatory]
Terraform module tag
[Optional]
A list of semicolon-separated(;) exclude patterns wildcards. Paths inside the module matching one of the patterns are excluded from the deployed package.
[Optional]
Build name. For more details, please refer to Build Integration.
[Optional]
Build number. For more details, please refer to Build Integration.
[Optional]
Project key associated with the created Release Bundle version.
[Optional]
Platform server ID configured using the config command.
[Mandatory]
The GPG/RSA key-pair name given in Artifactory.
[Optional]
Path to a File Spec.
[Optional]
List of variables in the form of "key1=value1;key2=value2;..." (wrapped by quotes) to be replaced in the File Spec. In the File Spec, the variables should be used as follows: ${key1}.
[Default: false]
Set to true to run synchronously.
[Optional]
Project key associated with the created Release Bundle version.
[Optional]
Platform Server ID configured using the 'jf config' command.
[Mandatory]
The GPG/RSA key-pair name given in Artifactory.
[Optional]
Path to a File Spec.
[Optional]
List of semicolon-separated(;) variables in the form of "key1=value1;key2=value2;..." (wrapped by quotes) to be replaced in the File Spec. In the File Spec, the variables should be used as follows: ${key1}.
[Default: false]
Set to true to run synchronously.
[Optional]
A list of semicolon-separated repositories to include in the promotion. If this property is left undefined, all repositories (except those specifically excluded) are included in the promotion. If one or more repositories are specifically included, all other repositories are excluded.
[Optional]
A list of semicolon-separated repositories to exclude from the promotion.
[Optional]
Project key associated with the Release Bundle version.
[Optional]
Platform server ID configured using the config command.
[Mandatory]
The GPG/RSA key-pair name given in Artifactory.
[Default: false]
Set to true to run synchronously.
[Optional]
A list of semicolon-separated(;) repositories to include in the promotion. If this property is left undefined, all repositories (except those specifically excluded) are included in the promotion. If one or more repositories are specifically included, all other repositories are excluded.
[Optional]
A list of semicolon-separated(;) repositories to exclude from the promotion.
[Optional]
Project key associated with the Release Bundle version.
[Optional]
Platform Server ID configured using the 'jf config' command.
[Mandatory]
The GPG/RSA key-pair name given in Artifactory.
[Default: false]
Set to true to run synchronously.
[Default: *]
Wildcard filter for site city name.
[Default: *]
Semicolon-separated list of wildcard filters for site country codes.
[Default: false]
Set to true to create the repository on the edge if it does not exist.
[Optional]
Path to a file, which includes the Distribution Rules in a JSON format. See the "Distribution Rules Structure" bellow.
[Default: false]
Set to true to disable communication with JFrog Distribution.
[Optional]
Specify along with 'mapping-target' to distribute artifacts to a different path on the edge node. You can use wildcards to specify multiple artifacts.
[Optional]
The target path for distributed artifacts on the edge node. If not specified, the artifacts will have the same path and name on the edge node, as on the source Artifactory server. For flexibility in specifying the distribution path, you can include [placeholders](https://www.jfrog.com/confluence/display/CLI/CLI+for+JFrog+Artifactory#CLIforJFrogArtifactory-UsingPlaceholders) in the form of {1}, {2} which are replaced by corresponding tokens in the pattern path that are enclosed in parenthesis.
[Default: 60]
Max minutes to wait for sync distribution.
[Optional]
Project key associated with the Release Bundle version.
[Optional]
Platform server ID configured using the config command.
[Default: *]
Wildcard filter for site name.
[Default: false]
Set to true to run synchronously.
[Default: *]
Wildcard filter for site city name.
[Default: *]
semicolon-separated(;) list of wildcard filters for site country codes.
[Default: false]
Set to true to create the repository on the edge if it does not exist.
[Optional]
Path to a file, which includes the Distribution Rules in a JSON format. See the "Distribution Rules Structure" bellow.
[Default: false]
Set to true to disable communication with JFrog Distribution.
[Optional]
Specify along with 'mapping-target' to distribute artifacts to a different path on the edge node. You can use wildcards to specify multiple artifacts.
[Optional]
The target path for distributed artifacts on the edge node. If not specified, the artifacts will have the same path and name on the edge node, as on the source Artifactory server. For flexibility in specifying the distribution path, you can include [placeholders](https://www.jfrog.com/confluence/display/CLI/CLI+for+JFrog+Artifactory#CLIforJFrogArtifactory-UsingPlaceholders) in the form of {1}, {2} which are replaced by corresponding tokens in the pattern path that are enclosed in parenthesis.
[Default: 60]
Max minutes to wait for sync distribution.
[Optional]
Project key associated with the Release Bundle version.
[Optional]
Platform Server ID configured using the 'jf config' command.
[Default: *]
Wildcard filter for site name.
[Default: false]
Set to true to run synchronously.
[Optional]
Project key associated with the Release Bundle version.
[Default: $CI]
Set to true to skip the delete confirmation message.
[Optional]
Platform server ID configured using the config command.
[Default: false]
Set to true to run synchronously.
[Optional]
Project key associated with the Release Bundle version.
[Default: $CI]
Set to true to skip the delete confirmation message.
[Optional]
Platform Server ID configured using the 'jf config' command.
[Default: false]
Set to true to run synchronously.
[Default: *]
Wildcard filter for site city name.
[Default: *]
Semicolon-separated list of wildcard filters for site country codes.
[Optional]
Path to a file, which includes the Distribution Rules in a JSON format. See the "Distribution Rules Structure" bellow.
[Default: false]
Set to true to disable communication with JFrog Distribution.
[Default: 60]
Max minutes to wait for sync distribution.
[Optional]
Project key associated with the Release Bundle version.
[Default: $CI]
Set to true to skip the delete confirmation message.
[Optional]
Platform server ID configured using the config command.
[Default: *]
Wildcard filter for site name.
[Default: false]
Set to true to run synchronously.
[Default: *]
Wildcard filter for site city name.
[Default: *]
semicolon-separated(;) list of wildcard filters for site country codes.
[Optional]
Path to a file, which includes the Distribution Rules in a JSON format. See the "Distribution Rules Structure" bellow.
[Default: false]
Set to true to disable communication with JFrog Distribution.
[Default: 60]
Max minutes to wait for sync distribution.
[Optional]
Project key associated with the Release Bundle version.
[Default: $CI]
Set to true to skip the delete confirmation message.
[Optional]
Platform Server ID configured using the 'jf config' command.
[Default: *]
Wildcard filter for site name.
[Default: false]
Set to true to run synchronously.
[Optional]
Project key associated with the Release Bundle version.
[Optional]
Platform Server ID configured using the 'jf config' command.
[Optional]
Specify a list of input regex mapping pairs that define where the queried artifact is located and where it should be placed after it is imported. Use this option if the path on the target is different than the source path. |
+| mapping-target |
[Optional]
Specify a list of output regex mapping pairs that define where the queried artifact is located and where it should be placed after it is imported. Use this option if the path on the target is different than the source path. |
+| split-count |
[Optional]
The maximum number of parts that can be concurrently uploaded per file during a multi-part upload. Set to 0 to disable multi-part upload. |
+| min-split |
[Optional]
Minimum file size in KB to split into ranges when downloading. Set to -1 for no splits |
+
+
+#### Example
+Export release bundle named "myApp" and version 1.0.0
+
+```
+jf rbe myApp 1.0.0
+```
+
+#### Example
+Download to a specific location
+
+```
+jf rbe myApp 1.0.0 /user/mybundle/
+```
+
+## Importing Release Bundle archive
+Import a Release Bundle archive from a release bundle exported zip file.
+
+Please note this functionality only works on Edge nodes within an air-gapped environment.
+
+| | |
+|-------------------|-----------------------------------------------------------------------------------|
+| Command-name | release-bundle-import |
+| Abbreviation | rbi |
+| **Command arguments:** | |
+| path to archive | Path to the release bundle archive on the filesystem |
+| **Command options:** | |
+| `--project` |
[Optional]
Project key associated with the Release Bundle version.
[Optional]
Platform Server ID configured using the 'jf config' command.
[Optional]
Artifactory URL.
[Optional]
Server ID configured using the jf c add command. If not specified, the default configured Artifactory server is used.
[Default: false]
Set to true to skip TLS certificates verification.
[Optional]
JFrog Artifactory URL. (example: https://acme.jfrog.io/artifactory)
[Optional]
Server ID configured using the jf c add command. If not specified, the default configured Artifactory server is used.
[Default: false]
Set to true to skip TLS certificates verification.
[Default: table]
Defines the output format of the command. Acceptable values are: table and json.
[Optional]
A comma separated list of relative working directories, to determine the audit targets locations.
[Default: 10]
The number of parallel threads used to determine the curation status for each package in the project tree.
[Default: table]
Defines the output format of the command. Acceptable values are: table and json.
[Optional]
A comma separated list of relative working directories, to determine the audit targets locations.
[Default: 3]
The number of parallel threads used to determine the curation status for each package in the project tree.
[Optional] [Pip]
Defines pip requirements file name. For example: 'requirements.txt'
[Optional]
Artifactory server ID configured using the config command.
[Optional]
Path to a file spec. For more details, please refer to Using File Specs.
[Optional]
List of variables in the form of "key1=value1;key2=value2;..." to be replaced in the File Spec. In the File Spec, the variables should be used as follows: ${key1}.
[Optional]
The list of properties, in the form of key1=value1;key2=value2,..., to be added to the artifacts after distribution of the release bundle.
[Optional]
The target path for distributed artifacts on the edge node. If not specified, the artifacts will have the same path and name on the edge node, as on the source Artifactory server. For flexibility in specifying the distribution path, you can include placeholders in the form of {1}, {2} which are replaced by corresponding tokens in the pattern path that are enclosed in parenthesis.
[Default: false]
Set to true to disable communication with JFrog Distribution.
[Default: false]
If set to true, automatically signs the release bundle version.
[Optional]
The passphrase for the signing key.
[Optional]
Description of the release bundle.
[Optional]
Path to a file describes the release notes for the release bundle version.
[Default: plain_text]
The syntax for the release notes. Can be one of markdown, asciidoc, or plain_text.
[Optional]
A list of Semicolon-separated exclude path patterns, to be excluded from the Release Bundle. Allows using wildcards.
[Optional]
A repository name at source Artifactory to store release bundle artifacts in. If not provided, Artifactory will use the default one.
[Default: false]
Set to true to skip TLS certificates verification.
[Default: false]
Set to true to return the SHA256 value of the release bundle manifest.
[Optional]
Artifactory Server ID configured using the 'jf config' command.
[Optional]
Path to a file spec. For more details, please refer to Using File Specs.
[Optional]
List of semicolon-separated(;) variables in the form of "key1=value1;key2=value2;..." to be replaced in the File Spec. In the File Spec, the variables should be used as follows: ${key1}.
[Optional]
The list of properties, in the form of key1=value1;key2=value2,..., to be added to the artifacts after distribution of the release bundle.
[Optional]
The target path for distributed artifacts on the edge node. If not specified, the artifacts will have the same path and name on the edge node, as on the source Artifactory server. For flexibility in specifying the distribution path, you can include placeholders in the form of {1}, {2} which are replaced by corresponding tokens in the pattern path that are enclosed in parenthesis.
[Default: false]
Set to true to disable communication with JFrog Distribution.
[Default: false]
If set to true, automatically signs the release bundle version.
[Optional]
The passphrase for the signing key.
[Optional]
Description of the release bundle.
[Optional]
Path to a file describes the release notes for the release bundle version.
[Default: plain_text]
The syntax for the release notes. Can be one of markdown, asciidoc, or plain_text.
[Optional]
A list of semicolon-separated(;) exclude path patterns, to be excluded from the Release Bundle. Allows using wildcards.
[Optional]
A repository name at source Artifactory to store release bundle artifacts in. If not provided, Artifactory will use the default one.
[Default: false]
Set to true to skip TLS certificates verification.
[Default: false]
Set to true to return the SHA256 value of the release bundle manifest.
[Optional]
Artifactory server ID configured using the config command.
[Optional]
The passphrase for the signing key.
[Optional]
A repository name at source Artifactory to store release bundle artifacts in. If not provided, Artifactory will use the default one.
[Default: false]
Set to true to skip TLS certificates verification.
[Default: false]
Set to true to return the SHA256 value of the release bundle manifest.
[Optional]
Artifactory Server ID configured using the 'jf config' command.
[Optional]
The passphrase for the signing key.
[Optional]
A repository name at source Artifactory to store release bundle artifacts in. If not provided, Artifactory will use the default one.
[Default: false]
Set to true to skip TLS certificates verification.
[Default: false]
Set to true to return the SHA256 value of the release bundle manifest.
[Optional]
Artifactory server ID configured using the config command.
[Default: false]
Set to true to enable sync distribution (the command execution will end when the distribution process ends).
[Default: 60]
Max minutes to wait for sync distribution.
[Default: false]
Set to true to create the repository on the edge if it does not exist.
[Default: false]
Set to true to disable communication with JFrog Distribution.
[Optional]
Path to a file, which includes the Distribution Rules in a JSON format.
Distribution Rules JSON structure
{
"distribution_rules": [
{
"site_name": "DC-1",
"city_name": "New-York",
"country_codes": ["1"]
},
{
"site_name": "DC-2",
"city_name": "Tel-Aviv",
"country_codes": ["972"]
}
]
}
The Distribution Rules format also supports wildcards. For example:
{
"distribution_rules": [
{
"site_name": "",
"city_name": "",
"country_codes": ["*"]
}
]
}
[Default: *]
Wildcard filter for site name.
[Default: *]
Wildcard filter for site city name.
[Default: *]
Semicolon-separated list of wildcard filters for site country codes.
[Default: false]
Set to true to skip TLS certificates verification.
[Optional]
Artifactory Server ID configured using the 'jf config' command.
[Default: false]
Set to true to enable sync distribution (the command execution will end when the distribution process ends).
[Default: 60]
Max minutes to wait for sync distribution.
[Default: false]
Set to true to create the repository on the edge if it does not exist.
[Default: false]
Set to true to disable communication with JFrog Distribution.
[Optional]
Path to a file, which includes the Distribution Rules in a JSON format.
Distribution Rules JSON structure
{
"distribution_rules": [
{
"site_name": "DC-1",
"city_name": "New-York",
"country_codes": ["1"]
},
{
"site_name": "DC-2",
"city_name": "Tel-Aviv",
"country_codes": ["972"]
}
]
}
The Distribution Rules format also supports wildcards. For example:
{
"distribution_rules": [
{
"site_name": "",
"city_name": "",
"country_codes": ["*"]
}
]
}
[Default: *]
Wildcard filter for site name.
[Default: *]
Wildcard filter for site city name.
[Default: *]
semicolon-separated(;) list of wildcard filters for site country codes.
[Default: false]
Set to true to skip TLS certificates verification.
[Optional]
Artifactory server ID configured using the config command.
[Default: false]
Set to true to enable sync deletion (the command execution will end when the deletion process ends).
[Default: 60]
Max minutes to wait for sync deletion.
[Default: false]
Set to true to disable communication with JFrog Distribution.
[Optional]
Path to a file, which includes the distribution rules in a JSON format.
[Default: *]
Wildcard filter for site name.
[Default: *]
Wildcard filter for site city name.
[Default: *]
Semicolon-separated list of wildcard filters for site country codes.
[Default: false]
Set to true to delete release bundle version in JFrog Distribution itself after deletion is complete in the specified Edge nodes.
[Default: false]
Set to true to skip the delete confirmation message.
[Default: false]
Set to true to skip TLS certificates verification.
[Optional]
Artifactory Server ID configured using the 'jf config' command.
[Default: false]
Set to true to enable sync deletion (the command execution will end when the deletion process ends).
[Default: 60]
Max minutes to wait for sync deletion.
[Default: false]
Set to true to disable communication with JFrog Distribution.
[Optional]
Path to a file, which includes the distribution rules in a JSON format.
[Default: *]
Wildcard filter for site name.
[Default: *]
Wildcard filter for site city name.
[Default: *]
semicolon-separated(;) list of wildcard filters for site country codes.
[Default: false]
Set to true to delete release bundle version in JFrog Distribution itself after deletion is complete in the specified Edge nodes.
[Default: false]
Set to true to skip the delete confirmation message.
[Default: false]
Set to true to skip TLS certificates verification.
[Optional]
Specify Pipelines server for which the version is to be fetched. If not specified, the default configured server is used.
[Optional]
Specify Pipelines server for which the version is to be fetched. If not specified, the default configured server is used.
[Optional]
Name of the pipeline.
[Optional]
Name of the multi branch.
[Optional]
Continuous monitoring until pipeline reaches end state.
Default time is 1 hour and 30 minutes.
[Optional]
Name of the server.
[Optional]
To be used when using a single branch.
[Optional]
Name of the pipeline.
[Optional]
Name of the multi branch.
[Optional]
Continuous monitoring until pipeline reaches end state.
Default time is 1 hour and 30 minutes.
[Optional]
Name of the server.
[Optional]
To be used when using a single branch.
[Optional]
Name of the server.
[Optional]
To be used when using a single branch. When used, branch_name argument is ignored.
[Optional]
Name of the server.
[Optional]
To be used when using a single branch. When used, branch_name argument is ignored.
[Optional]
Name of the server.
[Optional]
Full name of the repository where the pipeline source is stored.
[Optional]
Name of branch that has the pipeline source.
[Optional]
Name of the server.
[Optional]
Full name of the repository where the pipeline source is stored.
[Optional]
Name of branch that has the pipeline source.
[Optional]
Name of the server.
[Optional]
Name of the server.
| Command option | Description |
| --url | JFrog Xray API endpoint URL. It usually ends with /xray |
| --user | JFrog username |
| --password | JFrog password |
| + | + |
|---|---|
| Command option | +Description | +
| --url | +JFrog Xray API endpoint URL. It usually ends with /xray | +
| --user | +JFrog username | +
| --password | +JFrog password | +
| Command Option | Description |
|---|---|
| --url | JFrog Xray API endpoint URL. It usually ends with /xray |
| --user | JFrog username |
| --password | JFrog password |
| Command Option | +Description | +
|---|---|
| --url | +JFrog Xray API endpoint URL. It usually ends with /xray | +
| --user | +JFrog username | +
| --password | +JFrog password | +
| Command Option | Description |
|---|---|
| --url | JFrog Xray API endpoint URL. It usually ends with /xray |
| --access-token | JFrog access token |
| Command Option | +Description | +
|---|---|
| --url | +JFrog Xray API endpoint URL. It usually ends with /xray | +
| --access-token | +JFrog access token | +
[Optional]
Server ID configured using the jf c add command. If not specified, the default configured server is used.
The same list of arguments and flags passed to cUrl, except for the following changes:
1. The full Xray URL should not be passed. Instead, the REST endpoint URI should be sent.
2. The login credentials should not be passed. Instead, the --server-id should be used.
| Command name | xr offline-update |
| Abbreviation | xr ou |
| Command options | |
| --license-id | [Mandatory] Xray license ID. |
| --from | [Optional] From update date in YYYY-MM-DD format. |
| --to | [Optional] To update date in YYYY-MM-DD format. |
| --version | [Optional] Xray API version. |
| --target | [Default: ./] Path for downloaded update files. |
| --dbsyncv3 | [Default: false] Set to true to use Xray DBSync V3. |
| --periodic | [Default: false] Set to true to get the Xray DBSync V3 Periodic Package (Use with dbsyncv3 flag). |
| Command arguments | The command accepts no arguments. |
| + | + |
|---|---|
| Command name | +xr offline-update | +
| Abbreviation | +xr ou | +
| Command options | ++ |
| --license-id | +[Mandatory] Xray license ID. |
+
| --from | +[Optional] From update date in YYYY-MM-DD format. |
+
| --to | +[Optional] To update date in YYYY-MM-DD format. |
+
| --version | +[Optional] Xray API version. |
+
| --target | +[Default: ./] Path for downloaded update files. |
+
| --stream | +[Default: false] Set to true to use Xray DBSync V3 stream, Possible values are: public_data, exposures and contextual_analysis. |
+
| --periodic | +[Default: false] Set to true to get the Xray DBSync V3 Periodic Package (Use with stream flag). |
+
| Command arguments | +The command accepts no arguments. | +
[Optional]
Server ID configured using the jf c add command. If not specified, the default configured server is used.
[Optional]
Server ID configured by the jf c add command. If not specified, the default configured server is used.
[Optional]
Set if you'd like to receive all vulnerabilities, regardless of the policy configured in Xray.
[Default: true]
When set, the command returns exit code 3 if a 'Fail Build' rule is matched by Xray.
Set to false if you do not wish the command to return exit code 3 in such case, and an exit code 0 will be returned.
[Default: table]
Defines the output format of the command. The accepted values are: table and json.
[Optional]
JFrog project key
[Default: false]
Set to true when scanning an already successfully scanned build, for example after adding an ignore rule.
[Optional]
Server ID configured by the jf c add command. If not specified, the default configured server is used.
[Optional]
Set if you'd like to receive all vulnerabilities, regardless of the policy configured in Xray.
[Default: true]
When using one of the flags --watches, --project or --repo-path and a Fail build rule is matched the command will return exit code 3. Set to false if you'd like to see violations with exit code 0.
[Default: table]
Defines the output format of the command. The accepted values are: table and json.
[Optional]
JFrog project key
[Default: false]
Set to true when scanning an already successfully scanned build, for example after adding an ignore rule.
[Optional]
Server ID configured using the jf c add command. If not specified, the default configured server is used.
[Optional]
Path to a file specifying the files to scan. If the pattern argument is provided to the command, this option should not be provided.
[Optional]
JFrog project key, to enable Xray to determine security violations accordingly. The command accepts this option only if the --repo-path and --watches options are not provided. If none of the three options are provided, the command will show all known vulnerabilities.
[Optional]
Artifactory repository path in the form of <repository>/<path in the repository>, to enable Xray to determine violations accordingly. The command accepts this option only if the --project and --watches options are not provided. If none of the three options are provided, the command will show all known vulnerabilities.
[Optional]
A comma-separated list of Xray watches, to enable Xray to determine violations accordingly. The command accepts this option only if the --project and --repo-path options are not provided. If none of the three options are provided, the command will show all known vulnerabilities.
[Default: false]
Set if you also require the list of licenses to be displayed.
[Optional]
Produces a JSON file containing the scan results.
[Optional]
Server ID configured using the jf c add command. If not specified, the default configured server is used.
[Optional]
Path to a file specifying the files to scan. If the pattern argument is provided to the command, this option should not be provided.
[Optional]
JFrog project key, to enable Xray to determine security violations accordingly. The command accepts this option only if the --repo-path and --watches options are not provided. If none of the three options are provided, the command will show all known vulnerabilities.
[Optional]
Artifactory repository path, to enable Xray to determine violations accordingly. The command accepts this option only if the --project and --watches options are not provided. If none of the three options are provided, the command will show all known vulnerabilities.
[Optional]
A comma-separated(,) list of Xray watches, to enable Xray to determine violations accordingly. The command accepts this option only if the --project and --repo-path options are not provided. If none of the three options are provided, the command will show all known vulnerabilities.
[Default: false]
Set if you also require the list of licenses to be displayed.
[Optional]
Produces a JSON file containing the scan results.
[Optional]
Set if you'd like to receive all vulnerabilities, regardless of the policy configured in Xray.
[Optional]
Server ID configured using the jf c add command. If not specified, the default configured server is used.
[Optional]
JFrog project key, to enable Xray to determine security violations accordingly. The command accepts this option only if the --repo-path and --watches options are not provided. If none of the three options are provided, the command will show all known vulnerabilities.
[Optional]
Artifactory repository path in the form of <repository>/<path in the repository>, to enable Xray to determine violations accordingly. The command accepts this option only if the --project and --watches options are not provided. If none of the three options are provided, the command will show all known vulnerabilities.
[Optional]
A comma separated list of Xray watches, to enable Xray to determine violations accordingly. The command accepts this option only if the --repo-path and --repo-path options are not provided. If none of the three options are provided, the command will show all known vulnerabilities.
[Default: false]
Set if you also require the list of licenses to be displayed.
[Optional]
Produces a JSON file containing the scan results.
[Optional]
Server ID configured using the jf c add command. If not specified, the default configured server is used.
[Optional]
JFrog project key, to enable Xray to determine security violations accordingly. The command accepts this option only if the --repo-path and --watches options are not provided. If none of the three options are provided, the command will show all known vulnerabilities.
[Optional]
Artifactory repository path, to enable Xray to determine violations accordingly. The command accepts this option only if the --project and --watches options are not provided. If none of the three options are provided, the command will show all known vulnerabilities.
[Optional]
A comma-separated(,) list of Xray watches, to enable Xray to determine violations accordingly. The command accepts this option only if the --repo-path and --repo-path options are not provided. If none of the three options are provided, the command will show all known vulnerabilities.
[Default: false]
Set if you also require the list of licenses to be displayed.
[Default: false] Triggers token validation on found secrets
| +| --format=json |[Optional]
Produces a JSON file containing the scan results.
[Optional]
Set if you'd like to receive all vulnerabilities, regardless of the policy configured in Xray.
[Optional]
Server ID configured using the jf c add command. If not specified, the default configured server is used.
[Optional]
JFrog project key, to enable Xray to determine security violations accordingly. The command accepts this option only if the --repo-path and --watches options are not provided. If none of the three options are provided, the command will show all known vulnerabilities
[Optional]
Artifactory repository path in the form of <repository>/<path in the repository>, to enable Xray to determine violations accordingly. The command accepts this option only if the --project and --watches options are not provided. If none of the three options are provided, the command will show all known vulnerabilities
[Optional]
A comma-separated list of Xray watches, to enable Xray to determine violations accordingly. The command accepts this option only if the --repo-path and --repo-path options are not provided. If none of the three options are provided, the command will show all known vulnerabilities
[Default: false]
Set if you'd also like the list of licenses to be displayed.
[Default: table]
Defines the output format of the command. Acceptable values are: table and json.
[Default: true]
Set to false if you do not wish the command to return exit code 3, even if the 'Fail Build' rule is matched by Xray.
[Default: false] [Gradle]
Set to true if you'd like to use the Gradle wrapper.
[Default: all] [npm]
Defines npm dependencies type. Possible values are: all, devOnly and prodOnly
[Default: false] [Gradle]
Set to true if you'd like to exclude Gradle test dependencies from Xray scanning.
[Optional] [Pip]
Defines pip requirements file name. For example: 'requirements.txt'
[Optional]
A comma-separated list of relative working directories, to determine the audit targets locations.
[Default: *.git*;*node_modules*;*target*;*venv*;*test*]
List of exclusions separated by semicolons, utilized to skip sub-projects from undergoing an audit. These exclusions may incorporate the * and ? wildcards.
[Optional]
Set to true if you wish to display issues that have a fix version only.
[Optional]
Set the minimum severity of issues to display. The following values are accepted: Low, Medium, High or Critical
[Default: false]
Set to true to request audit for a Go project.
[Default: false]
Set to true to request audit for a Gradle project.
[Default: false]
Set to true to request audit for a Maven project.
[Default: false]
Set to true to request audit for a npm project.
[Default: false]
Set to true to request audit for a pnpm project.
[Default: false]
Set to true to request audit for a .Net project.
[Default: false]
Set to true to request audit for a Pip project.
[Default: false]
Set to true to request audit for a Pipenv project.
[Default: false]
Set to true to request audit for a Yarn project.
[Optional]
Server ID configured using the jf c add command. If not specified, the default configured server is used.
[Optional]
JFrog project key, to enable Xray to determine security violations accordingly. The command accepts this option only if the --repo-path and --watches options are not provided. If none of the three options are provided, the command will show all known vulnerabilities
[Optional]
Artifactory repository path, to enable Xray to determine violations accordingly. The command accepts this option only if the --project and --watches options are not provided. If none of the three options are provided, the command will show all known vulnerabilities
[Optional]
A comma-separated(,) list of Xray watches, to enable Xray to determine violations accordingly. The command accepts this option only if the --repo-path and --repo-path options are not provided. If none of the three options are provided, the command will show all known vulnerabilities
[Default: false]
Set if you'd also like the list of licenses to be displayed.
[Default: table]
Defines the output format of the command. Acceptable values are: table and json.
[Default: true]
When using one of the flags --watches, --project or --repo-path and a Fail build rule is matched the command will return exit code 3. Set to false if you'd like to see violations with exit code 0.
[Default: false] [Gradle]
Set to true if you'd like to use the Gradle wrapper.
[Default: all] [npm]
Defines npm dependencies type. Possible values are: all, devOnly and prodOnly
[Default: false] [Gradle]
Set to true if you'd like to exclude Gradle test dependencies from Xray scanning.
[Optional] [Pip]
Defines pip requirements file name. For example: 'requirements.txt'
[Optional]
A comma-separated(,) list of relative working directories, to determine the audit targets locations.
If flag isn't provided, a recursive scan is triggered from the root directory of the project.
| +| `--exclusions` |[Default: .git;node_modules;target;venv;test]
List of semicolon-separated(;) exclusions, utilized to skip sub-projects from undergoing an audit. These exclusions may incorporate the * and ? wildcards.
[Optional]
Set to true if you wish to display issues that have a fix version only.
[Optional]
Set the minimum severity of issues to display. The following values are accepted: Low, Medium, High or Critical
[Default: 3]
The number of parallel threads used to scan the source code project.
[Default: false]
Set to true to request audit for a Go project.
[Default: false]
Set to true to request audit for a Gradle project.
[Default: false]
Set to true to request audit for a Maven project.
[Default: false]
Set to true to request audit for a npm project.
[Default: false]
Set to true to request audit for a pnpm project.
[Default: false]
Set to true to request audit for a .Net project.
[Default: false]
Set to true to request audit for a Pip project.
[Default: false]
Set to true to request audit for a Pipenv project.
[Default: false]
Set to true to request audit for a Yarn project.
[Default: false] Selective scanners mode: Execute SCA (Software Composition Analysis) sub-scan. By default, runs both SCA and Contextual Analysis. Can be combined with --secrets, --sast, --iac, and --without-contextual-analysis.
| +| `--iac` |[Default: false] Selective scanners mode: Execute IaC sub-scan. Can be combined with --sca, --secrets and --sast.
| +| `--secrets` |[Default: false] Selective scanners mode: Execute Secrets sub-scan. Can be combined with --sca, --sast and --iac.
| +| `--sast` |[Default: false] Selective scanners mode: Execute SAST sub-scan. Can be combined with --sca, --secrets and --iac.
| +| `--without-contextual-analysis` |[Default: false] Selective scanners mode: Disable Contextual Analysis scanner after SCA. Relevant only with --sca flag.
| +| `--vuln` |[Optional]
Set if you'd like to receive all vulnerabilities, regardless of the policy configured in Xray.
[Default: false] Triggers token validation on found secrets
| +| **Command arguments** | The command accepts no arguments | #### **Output Example** @@ -94,7 +102,7 @@ jf audit --watches "watch1" #### Example 4 -Audit the project at the current directory using _watch1_ and \_watch2\_defined in Xray. +Audit the project at the current directory using _watch1_ and \_watch2\_ defined in Xray. ``` jf audit --watches "watch1,watch2" @@ -123,34 +131,3 @@ Audit the project in the current directory, excluding all files inside the _node ``` jf audit --exclusions "*node_modules*;*to_exclude" ``` - -### Running cUrl - -Execute a cUrl command, using the configured Xray details. The command expects the cUrl client to be included in the PATH. - -#### Commands Params - -| | | -|--------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| Command name | xr curl | -| Abbreviation | xr cl | -| Command options | | -| --server-id |[Optional]
Server ID configured using the jf c add command. If not specified, the default configured server is used.
The same list of arguments and flags passed to cUrl, except for the following changes:
1. The full Xray URL should not be passed. Instead, the REST endpoint URI should be sent.
2. The login credentials should not be passed. Instead, the --server-id should be used.
[Optional]
A space-separated list of the other instances or services that should accept this token identified by their Service-IDs.
| -| --description |[Optional]
Free text token description. Useful for filtering and managing tokens. Limited to 1024 characters.
| -| --expiry |[Optional]
The amount of time, in seconds, it would take for the token to expire. Must be non-negative. If not provided, the platform default will be used. To specify a token that never expires, set to zero. Non-admin may only set a value that is equal or lower than the platform default that was set by an administrator (1 year by default).
| -| --grant-admin |[Default: false]
Set to true to provide admin privileges to the access token. This is only available for administrators.
| -| --groups |[Optional]
A list of comma-separated groups for the access token to be associated with. This is only available for administrators.
| -| --project |[Optional]
The project for which this token is created. Enter the project name on which you want to apply this token.
| -| --reference |[Default: false]
Generate a Reference Token (alias to Access Token) in addition to the full token (available from Artifactory 7.38.10).
| -| --refreshable |[Default: false]
Set to true if you'd like the token to be refreshable. A refresh token will also be returned in order to be used to generate a new token once it expires.
| -| --scope |[Optional]
The scope of access that the token provides. This is only available for administrators.
| +| **Command options:** | | +| `--audience` |[Optional]
A space-separated list of the other instances or services that should accept this token identified by their Service-IDs.
| +| `--description` |[Optional]
Free text token description. Useful for filtering and managing tokens. Limited to 1024 characters.
| +| `--expiry` |[Optional]
The amount of time, in seconds, it would take for the token to expire. Must be non-negative. If not provided, the platform default will be used. To specify a token that never expires, set to zero. Non-admin may only set a value that is equal or lower than the platform default that was set by an administrator (1 year by default).
| +| `--grant-admin` |[Default: false]
Set to true to provide admin privileges to the access token. This is only available for administrators.
| +| `--groups` |[Optional]
A list of comma-separated(,) groups for the access token to be associated with. This is only available for administrators.
| +| `--project` |[Optional]
The project for which this token is created. Enter the project name on which you want to apply this token.
| +| `--reference` |[Default: false]
Generate a Reference Token (alias to Access Token) in addition to the full token (available from Artifactory 7.38.10).
| +| `--refreshable` |[Default: false]
Set to true if you'd like the token to be refreshable. A refresh token will also be returned in order to be used to generate a new token once it expires.
| +| `--scope` |[Optional]
The scope of access that the token provides. This is only available for administrators.
| ### Examples @@ -54,28 +54,28 @@ jf atc toad The **config add** and **config edit** commands are used to add and edit JFrog Platform server configuration, stored in JFrog CLI's configuration storage. These configured servers can be used by the other commands. The configured servers' details can be overridden per command by passing in alternative values for the URL and login credentials. The values configured are saved in file under the JFrog CLI home directory. | | | -| ---------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +|------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | Command Name | config add / config edit | | Abbreviation | c add / c edit | -| Command options | | -| --access-token |[Optional]
Access token.
| -| --artifactory-url |[Optional]
Artifactory URL.
| -| --basic-auth-only |[Default: false]
Used for Artifactory authentication. Set to true to disable replacing username and password/API key with automatically created access token that's refreshed hourly. Username and password/API key will still be used with commands which use external tools or the JFrog Distribution service. Can only be passed along with username and password/API key options.
| -| --client-cert-key-path |[Optional]
Private key file for the client certificate in PEM format.
| -| --client-cert-path |[Optional]
Client certificate file in PEM format.
| -| --dist-url |[Optional]
Distribution URL.
| -| --enc-password |[Default: true]
If true, the configured password will be encrypted using Artifactory'sencryption API before being stored. If false, the configured password will not be encrypted.
[Default: false]
Set to true to skip TLS certificates verification, while encrypting the Artifactory password during the config process.
| -| --interactive |[Default: true, unless $CI is true]
Set to false if you do not want the config command to be interactive.
| -| --mission-control-url |[Optional]
Mission Control URL.
| -| --password |[Optional]
JFrog Platform password.
| -| --pipelines-url |[Optional]
Pipelines URL.
| -| --ssh-key-path |[Optional]
For authentication with Artifactory. SSH key file path.
| -| --url |[Optional]
JFrog platform URL.
| -| --user |[Optional]
JFrog Platform username.
| -| --xray-url | \[Optional] Xray URL. | -| --overwrite |[Available for config add only]
[Default: false]
Overwrites the instance configuration if an instance with the same ID already exists.
[Optional]
Access token.
| +| `--artifactory-url` |[Optional]
JFrog Artifactory URL. (example: https://acme.jfrog.io/artifactory)
| +| `--basic-auth-only` |[Default: false]
Used for Artifactory authentication. Set to true to disable replacing username and password/API key with automatically created access token that's refreshed hourly. Username and password/API key will still be used with commands which use external tools or the JFrog Distribution service. Can only be passed along with username and password/API key options.
| +| `--client-cert-key-path` |[Optional]
Private key file for the client certificate in PEM format.
| +| `--client-cert-path` |[Optional]
Client certificate file in PEM format.
| +| `--dist-url` |[Optional]
Distribution URL. (example: https://acme.jfrog.io/distribution)
| +| `--enc-password` |[Default: true]
If true, the configured password will be encrypted using Artifactory's encryption API before being stored. If false, the configured password will not be encrypted.
[Default: false]
Set to true to skip TLS certificates verification, while encrypting the Artifactory password during the config process.
| +| `--interactive` |[Default: true, unless $CI is true]
Set to false if you do not want the config command to be interactive.
| +| `--mission-control-url` |[Optional]
JFrog Mission Control URL. (example: https://acme.jfrog.io/ms)
| +| `--password` |[Optional]
JFrog Platform password.
| +| `--pipelines-url` |[Optional]
JFrog Pipelines URL. (example: https://acme.jfrog.io/pipelines)
| +| `--ssh-key-path` |[Optional]
For authentication with Artifactory. SSH key file path.
| +| `--url` |[Optional]
JFrog Platform URL. (example: https://acme.jfrog.io)
| +| `--user` |[Optional]
JFrog Platform username.
| +| `--xray-url` | \[Optional] Xray URL. (example: https://acme.jfrog.io/xray) | +| `--overwrite` |[Available for config add only]
[Default: false]
Overwrites the instance configuration if an instance with the same ID already exists.
[Default: $CI]
Set to true to skip the delete confirmation message.
| -| Command arguments | | +| **Command options:** | | +| `--quiet` |[Default: $CI]
Set to true to skip the delete confirmation message.
| +| **Command arguments:** | | | server ID | The server ID to remove. If no argument is sent, all configured servers are removed. | + ## Showing the Configured Servers The _config show_ command shows the stored configuration. You may show a specific server's configuration by sending its ID as an argument to the command. | | | -| ----------------- | --------------------------------------------------------------------------------------- | +|-------------------|-----------------------------------------------------------------------------------------| | Command name | config show | | Abbreviation | c s | -| Command arguments | | +| **Command arguments:** | | | server ID | The ID of the server to show. If no argument is sent, all configured servers are shown. | ## Setting a Server as Default @@ -107,9 +108,9 @@ The _config show_ command shows the stored configuration. You may show a specifi The _config use_ command sets a configured server as default. The following commands will use this server. | | | -| ----------------- | --------------------------------------- | +|-------------------|-----------------------------------------| | Command name | config use | -| Command arguments | | +| **Command arguments:** | | | server ID | The ID of the server to set as default. | ## Exporting and Importing Configuration @@ -119,19 +120,19 @@ The _config export_ command generates a token, which stores the server configura ### Export | | | -| ----------------- | ------------------------------ | +|-------------------|--------------------------------| | Command name | config export | | Abbreviation | c ex | -| Command arguments | | +| **Command arguments:** | | | server ID | The ID of the server to export | ### Import | | | -| ----------------- | ------------------- | +|-------------------|---------------------| | Command name | config import | | Abbreviation | c im | -| Command arguments | | +| **Command arguments:** | | | server token | The token to import | ## Sensitive Data Encryption diff --git a/jfrog-applications/jfrog-cli/get-started/configurations/proxy-support.md b/jfrog-applications/jfrog-cli/get-started/configurations/proxy-support.md index 069b261..a12de1e 100644 --- a/jfrog-applications/jfrog-cli/get-started/configurations/proxy-support.md +++ b/jfrog-applications/jfrog-cli/get-started/configurations/proxy-support.md @@ -4,8 +4,8 @@ JFrog CLI supports using an HTTP/S proxy. All you need to do is set HTTP\_PROXY HTTP\_PROXY, HTTPS\_PROXY and NO\_PROXY are the industry standards for proxy usages. -| Variable Name | Description | -| ------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| HTTP\_PROXY | Determines a URL to an HTTP proxy. | -| HTTPS\_PROXY | Determines a URL to an HTTPS proxy. | -| NO\_PROXY | Use this variable to bypass the proxy to IP addresses, subnets or domains. This may contain a comma-separated list of hostnames or IPs without protocols and ports. A typical usage may be to set this variable to Artifactory’s IP address. | +| Variable Name | Description | +|---------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| HTTP\_PROXY | Determines a URL to an HTTP proxy. | +| HTTPS\_PROXY | Determines a URL to an HTTPS proxy. | +| NO\_PROXY | Use this variable to bypass the proxy to IP addresses, subnets or domains. This may contain a comma-separated(,) list of hostnames or IPs without protocols and ports. A typical usage may be to set this variable to Artifactory’s IP address. | diff --git a/jfrog-applications/jfrog-cli/get-started/configurations/setting-up-a-ci-pipeline.md b/jfrog-applications/jfrog-cli/get-started/configurations/setting-up-a-ci-pipeline.md deleted file mode 100644 index f2152c2..0000000 --- a/jfrog-applications/jfrog-cli/get-started/configurations/setting-up-a-ci-pipeline.md +++ /dev/null @@ -1,27 +0,0 @@ -# Setting up a CI Pipeline - -The **ci-setup** command allows setting up a basic CI pipeline with the JFrog Platform, while automatically configuring the JFrog Platform to serve the pipeline. It is an interactive command, which prompts you with a series for questions, such as your source control details, your build tool, build command and your CI provider. The command then uses this information to do following: - -* Create the repositories in JFrog Artifactory, to be used by the pipeline to resolve dependencies. -* Configure JFrog Xray to scan the build. -* Generate a basic CI pipeline, which builds and scans your code. - -You can use the generated CI pipeline as a working starting point and then expand it as needed. - -The command currently supports the following package managers: - -* Maven -* Gradle -* npm. - -and the following CI providers: - -* JFrog Pipelines -* Jenkins -* GitHub Actions. - -Usage: - -``` -jf ci-setup -``` diff --git a/jfrog-applications/jfrog-cli/get-started/download-and-install/install.md b/jfrog-applications/jfrog-cli/get-started/download-and-install/install.md index b04a7d5..56cdfbc 100644 --- a/jfrog-applications/jfrog-cli/get-started/download-and-install/install.md +++ b/jfrog-applications/jfrog-cli/get-started/download-and-install/install.md @@ -91,7 +91,7 @@ brew install jfrog-cli #### Install with cUrl ``` -url -fL https://install-cli.jfrog.io | sh +curl -fL https://install-cli.jfrog.io | sh ``` #### Download with cUrl diff --git a/jfrog-applications/jfrog-cli/get-started/download-and-install/usage.md b/jfrog-applications/jfrog-cli/get-started/download-and-install/usage.md index 3324351..cb7f609 100644 --- a/jfrog-applications/jfrog-cli/get-started/download-and-install/usage.md +++ b/jfrog-applications/jfrog-cli/get-started/download-and-install/usage.md @@ -1,8 +1,6 @@ # Usage -To use the CLI, [install](https://jfrog.com/getcli/) it on your local machine, or [download](https://jfrog.com/getcli/) its executable, place it anywhere in your file system and add its location to your - -`PATH` environment variable. +To use the CLI, [install](https://jfrog.com/getcli/) it on your local machine, or [download](https://jfrog.com/getcli/) its executable, place it anywhere in your file system and add its location to your `PATH` environment variable. **Environment Variables** @@ -10,14 +8,14 @@ The **jf options** command displays all the supported environment variables. JFrog CLI makes use of the following environment variables: -| Variable Name | Description | -| ------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| **JFROG\_CLI\_LOG\_LEVEL** |[Default: INFO]
This variable determines the log level of the JFrog CLI. Possible values are: DEBUG, INFO, WARN and ERROR. If set to ERROR, JFrog CLI logs error messages only. It is useful when you wish to read or parse the JFrog CLI output and do not want any other information logged.
| -| **JFROG\_CLI\_LOG\_TIMESTAMP** |[Default: TIME]
Controls the log messages timestamp format. Possible values are: TIME, DATE_AND_TIME, and OFF.
| -| **JFROG\_CLI\_HOME\_DIR** |[Default: ~/.jfrog]
Defines the JFrog CLI home directory.
| -| **JFROG\_CLI\_TEMP\_DIR** |[Default: The operating system's temp directory]
Defines the temp directory used by JFrog CLI.
| -| **JFROG\_CLI\_PLUGINS\_SERVER** |[Default: Official JFrog CLI Plugins registry]
Configured Artifactory server ID from which to download JFrog CLI Plugins.
| -| **JFROG\_CLI\_PLUGINS\_REPO** |[Default: 'jfrog-cli-plugins']
Can be optionally used with the JFROG_CLI_PLUGINS_SERVER environment variable. Determines the name of the local repository to use.
| -| **JFROG\_CLI\_RELEASES\_REPO** |Configured Artifactory repository name from which to download the jar needed by the mvn/gradle command.
This environment variable's value format should be <server ID configured by the 'jf c add' command>/<repo name>.
The repository should proxy https://releases.jfrog.io.
This environment variable is used by the 'jf mvn' and 'jf gradle' commands, and also by the 'jf audit' command, when used for maven or gradle projects.
[Default: false]
If true, disables interactive prompts and progress bar.
| +| Variable Name | Description | +|---------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| **JFROG\_CLI\_LOG\_LEVEL** |[Default: INFO]
This variable determines the log level of the JFrog CLI. Possible values are: DEBUG, INFO, WARN and ERROR. If set to ERROR, JFrog CLI logs error messages only. It is useful when you wish to read or parse the JFrog CLI output and do not want any other information logged.
| +| **JFROG\_CLI\_LOG\_TIMESTAMP** |[Default: TIME]
Controls the log messages timestamp format. Possible values are: TIME, DATE_AND_TIME, and OFF.
| +| **JFROG\_CLI\_HOME\_DIR** |[Default: ~/.jfrog]
Defines the JFrog CLI home directory.
| +| **JFROG\_CLI\_TEMP\_DIR** |[Default: The operating system's temp directory]
Defines the temp directory used by JFrog CLI.
| +| **JFROG\_CLI\_PLUGINS\_SERVER** |[Default: Official JFrog CLI Plugins registry]
Configured Artifactory server ID from which to download JFrog CLI Plugins.
| +| **JFROG\_CLI\_PLUGINS\_REPO** |[Default: 'jfrog-cli-plugins']
Can be optionally used with the JFROG_CLI_PLUGINS_SERVER environment variable. Determines the name of the local repository to use.
| +| **JFROG\_CLI\_RELEASES\_REPO** |Configured Artifactory repository name from which to download the jar needed by the mvn/gradle command.
This environment variable's value format should be server ID configured by the 'jf c add' command.
The repository should proxy https://releases.jfrog.io.
This environment variable is used by the 'jf mvn' and 'jf gradle' commands, and also by the 'jf audit' command, when used for maven or gradle projects.
[Default: false]
If true, disables interactive prompts and progress bar.
| diff --git a/jfrog-applications/jfrog-security-features/sast/README.md b/jfrog-applications/jfrog-security-features/sast/README.md index 6d312c5..844b5b0 100644 --- a/jfrog-applications/jfrog-security-features/sast/README.md +++ b/jfrog-applications/jfrog-security-features/sast/README.md @@ -4,7 +4,7 @@ ### What is JFrog SAST? -| FAST | Easy setup with just a few steps | |
| FOCUSED | Deep analysis with focus on security issues | |
| LOCAL & SECURE | Work locally in your environment |
| FAST | Easy setup with just a few steps | |
| FOCUSED | Deep analysis with focus on security issues | |
| LOCAL SECURE | Work locally in your environment |
| JavaScript/TypeScript | Supports JS up to ECMAScript 2016/ES7. TypeScript is also supported. Note: JSX is not supported | |
| Python | Supports Python versions 3.0 to 3.11 | |
| Java | Supports all Java versions up to version 19 |
| JavaScript/TypeScript | Supports JS up to ECMAScript 2016/ES7. TypeScript is also supported. Note: JSX is not supported | |
| Python | Supports Python versions 3.0 to 3.11 | |
| Java | Supports all Java versions up to version 19 | |
| GO | Supports Go vesions up to version 1.22 |