From d3fc2d2212152f435e9868ceac7174bba016b5bd Mon Sep 17 00:00:00 2001 From: Muhammad Atif Ali Date: Fri, 26 Jan 2024 09:20:21 +0300 Subject: [PATCH] docs(jfrog-oauth): improve docs (#129) * docs(jfrog-oauth): improve docs Adds additional step and screenshot to show creating an OAuth app in JFrog platform * Update README.md * Add files via upload * fmt * move JFrog Artifactory integration setup instructions * Update JFrog token documentation --- jfrog-oauth/README.md | 62 +++++++------------------------------------ jfrog-token/README.md | 9 +------ 2 files changed, 10 insertions(+), 61 deletions(-) diff --git a/jfrog-oauth/README.md b/jfrog-oauth/README.md index f81d837..3231e2e 100644 --- a/jfrog-oauth/README.md +++ b/jfrog-oauth/README.md @@ -10,18 +10,16 @@ tags: [integration, jfrog] # JFrog -Install the JF CLI and authenticate package managers with Artifactory using OAuth configured via the Coder `external-auth` feature. +Install the JF CLI and authenticate package managers with Artifactory using OAuth configured via the Coder [`external-auth`](https://coder.com/docs/v2/latest/admin/external-auth) feature. -

- JFrog OAuth -

+![JFrog OAuth](../.images/jfrog-oauth.png) ```hcl module "jfrog" { source = "registry.coder.com/modules/jfrog-oauth/coder" version = "1.0.0" agent_id = coder_agent.example.id - jfrog_url = "https://jfrog.example.com" + jfrog_url = "https://example.jfrog.io" username_field = "username" # If you are using GitHub to login to both Coder and Artifactory, use username_field = "username" package_managers = { "npm": "npm", @@ -36,49 +34,7 @@ module "jfrog" { ## Prerequisites -Coder [`external-auth`](https://coder.com/docs/v2/latest/admin/external-auth) configured with Artifactory. This requires a [custom integration](https://jfrog.com/help/r/jfrog-installation-setup-documentation/enable-new-integrations) in Artifactory with **Callback URL** set to `https:///external-auth/jfrog/callback`. - -To set this up, - -1. Modify your `values.yaml` for JFrog Artifactory to add, - -```yaml -artifactory: - enabled: true - frontend: - extraEnvironmentVariables: - - name: JF_FRONTEND_FEATURETOGGLER_ACCESSINTEGRATION - value: "true" - access: - accessConfig: - integrations-enabled: true - integration-templates: - - id: "1" - name: "CODER" - redirect-uri: "https://CODER_URL/external-auth/jfrog/callback" - scope: "applied-permissions/user" -``` - -> Note -> Replace `CODER_URL` with your Coder deployment URL, e.g., - -2. Add a new [external authetication](https://coder.com/docs/v2/latest/admin/external-auth) to Coder by setting these env variables, - -```env -# JFrog Artifactory External Auth -CODER_EXTERNAL_AUTH_1_ID="jfrog" -CODER_EXTERNAL_AUTH_1_TYPE="jfrog" -CODER_EXTERNAL_AUTH_1_CLIENT_ID="YYYYYYYYYYYYYYY" -CODER_EXTERNAL_AUTH_1_CLIENT_SECRET="XXXXXXXXXXXXXXXXXXX" -CODER_EXTERNAL_AUTH_1_DISPLAY_NAME="JFrog Artifactory" -CODER_EXTERNAL_AUTH_1_DISPLAY_ICON="/icon/jfrog.svg" -CODER_EXTERNAL_AUTH_1_AUTH_URL="https://JFROG_URL/ui/authorization" -CODER_EXTERNAL_AUTH_1_TOKEN_URL="https://JFROG_URL/access/api/v1/integrations/YYYYYYYYYYYYYYY/token" -CODER_EXTERNAL_AUTH_1_SCOPES="applied-permissions/user" -``` - -> Note -> Replace `JFROG_URL` with your JFrog Artifactory base URL, e.g., +This module is usable by JFrog self-hosted (on-premises) Artifactory as it requires configuring a custom integration. This integration benefits from Coder's [external-auth](https://coder.com/docs/v2/latest/admin/external-auth) feature and allows each user to authenticate with Artifactory using an OAuth flow and issues user-scoped tokens to each user. For configuration instructions, see this [guide](coder.com/docs/v2/latest/guides/artifactory-integration#jfrog-oauth) on the Coder documentation. ## Examples @@ -89,8 +45,7 @@ module "jfrog" { source = "registry.coder.com/modules/jfrog-oauth/coder" version = "1.0.0" agent_id = coder_agent.example.id - jfrog_url = "https://jfrog.example.com" - auth_method = "oauth" + jfrog_url = "https://example.jfrog.io" username_field = "email" package_managers = { "pypi": "pypi" @@ -117,7 +72,7 @@ module "jfrog" { source = "registry.coder.com/modules/jfrog-oauth/coder" version = "1.0.0" agent_id = coder_agent.example.id - jfrog_url = "https://jfrog.example.com" + jfrog_url = "https://example.jfrog.io" username_field = "username" # If you are using GitHub to login to both Coder and Artifactory, use username_field = "username" configure_code_server = true # Add JFrog extension configuration for code-server package_managers = { @@ -133,13 +88,14 @@ module "jfrog" { JFrog Access token is also available as a terraform output. You can use it in other terraform resources. For example, you can use it to configure an [Artifactory docker registry](https://jfrog.com/help/r/jfrog-artifactory-documentation/docker-registry) with the [docker terraform provider](https://registry.terraform.io/providers/kreuzwerker/docker/latest/docs). ```hcl - provider "docker" { ... registry_auth { - address = "https://YYYY.jfrog.io/artifactory/api/docker/REPO-KEY" + address = "https://example.jfrog.io/artifactory/api/docker/REPO-KEY" username = module.jfrog.username password = module.jfrog.access_token } } ``` + +> Here `REPO_KEY` is the name of docker repository in Artifactory. diff --git a/jfrog-token/README.md b/jfrog-token/README.md index 2cba7ad..3ea0f9a 100644 --- a/jfrog-token/README.md +++ b/jfrog-token/README.md @@ -27,14 +27,7 @@ module "jfrog" { } ``` -Get a JFrog access token from your Artifactory instance. The token must be an [admin token](https://registry.terraform.io/providers/jfrog/artifactory/latest/docs#access-token). It is recommended to store the token in a secret terraform variable. - -```hcl -variable "artifactory_access_token" { - type = string - sensitive = true -} -``` +For detailed instructions, please see this [guide](https://coder.com/docs/v2/latest/guides/artifactory-integration#jfrog-token) on the Coder documentation. > Note > This module does not install `npm`, `go`, `pip`, etc but only configure them. You need to handle the installation of these tools yourself.