...
This procedure describes how to integrate WhiteSource Mend Unified Agent with Artifactory Docker registries.
...
The following code snippets assume you have a virtual Docker repository named docker-virtual that contains ‘hello-world:latest’ image in Artifactory test.whitesourcesoftwaretestMendsoftwaretest.com on port 8081.
Verify that your Docker client can access Artifactory by running the following command (ensure that the return code is 200):
Code Block $ curl -I -k -v http://test.whitesourcesoftwaretestMendsoftwaretest.com:8081/artifactory/api/system/ping
Proceed to test your Docker registry. First, login to Artifactory as your Docker registry.
Code Block $ docker login -u admin -p password test.whitesourcesoftwaretestMendsoftwaretest.com:8081
Pull the "hello-world" image from the docker-virtual repository.
Code Block $ docker pull test.whitesourcesoftwaretestMendsoftwaretest.com:8081/docker-virtual/hello-world:latest
List all Docker repositories hosted in under an Artifactory Docker repository. For example, using ‘docker-virtual’ repository:
Code Block $ curl -u <user>:<password> -X GET "http://test.whitesourcesoftwaretestMendsoftwaretest.com:8081/artifactory/api/docker/docker-virtual/v2/_catalog“
(The following API requires admin user credentials only.) Rest API retrieves the reverse proxy configuration:
Code Block $ curl -u <user>:<password> -X GET "http://test.whitesourcesoftwaretestMendsoftwaretest.com:8081/artifactory/api/system/configuration/webServer“
...
docker.scanImages=true
docker.pull.enable=true
docker.artifactory.enable=true
docker.artifactory.url= http/s://<artifactory hostname>:<artifactory port>/<context path>
# Example: docker.artifactory.url=http://test.whitesourcesoftwaretestMendsoftwaretest.com:8081/artifactory
docker.artifactory.userName=<user name>
docker.artifactory.userPassword=<user password>
docker.artifactory.repositoriesNames=<repositories names separated by space>
#docker.artifactory.repositoriesNames=docker-virtual docker-local docker-remote
docker.artifactory.dockerAccessMethod=repopath // (optional for admin user)
...
NOTE: The following screenshot assumes that artifactory hostname is test.whitesourcesoftwaretestMendsoftwaretest.com.
...
Step 2: Reverse Proxy
...
Let’s assume we have a docker registry named docker-virtual artifactory server on IP 172.19.231.225 and the artifactory hostname is test.whitesourcesoftwaretestMendsoftwaretest.com.
Add the following to your DNS or to the client's /etc/hosts file: <ip-address> <artifactory-hostname> <repository-key>. <artifactory-hostname>
The Hosts file should contain this line: “172.19.231.225 test.whitesourcesoftwaretestMendsoftwaretest.comdocker-virtual.test.whitesourcesoftwaretestMendsoftwaretest.com”
If you use a secured artifactory server (using HTTPS), then there is no need to complete this procedure - simply continue to the next procedure.
Configure the Docker client to work with an insecure registry as described in the Docker documentation.
Restart your Docker daemon/engine to apply the insecure registry flag.
Running $ docker info will list the Insecure registries that have been applied under the Insecure Registries entry.
...
The following code snippets assume you have a virtual docker repository named docker-virtual that contains ‘hello-world:latest’ image in image in Artifactory test.whitesourcesoftwaretestMendsoftwaretest.com on port 8081.
Verify that your Docker client can access Artifactory by run the following command (ensure that the return code is 200):
Code Block z$ curl -I -k -v http://test.whitesourcesoftwaretestMendsoftwaretest.com:8081/artifactory/api/system/ping
Login to Artifactory as your Docker registry:
Code Block $ docker login -u admin -p password docker-virtual.test.whitesourcesoftwaretestMendsoftwaretest.com:8081
Pull the "hello-world" image from the docker-virtual repository:
Code Block $ docker pull docker-virtual.test.whitesourcesoftwaretestMendsoftwaretest.com: 8081/hello-world:latest
List all Docker repositories hosted in under an Artifactory Docker repository. For example, using ‘docker-virtual’ repository:
Code Block $ curl -u <user>:<password> -X GET "http://test.whitesourcesoftwaretestMendsoftwaretest.com:8081/artifactory/api/docker/docker-virtual/v2/_catalog“
(The following API requires admin user credentials only) Rest API retrieves the reverse proxy configuration:
Code Block $ curl -u <user>:<password> -X GET "http://test.whitesourcesoftwaretestMendsoftwaretest.com:8081/artifactory/api/system/configuration/webServer“
...
docker.scanImages=true
docker.pull.enable=true
docker.artifactory.enable=true
docker.artifactory.url= http/s://<artifactory hostname>:<artifactory port>/<context path>
# Example: docker.artifactory.url=http://test.whitesourcesoftwaretestMendsoftwaretest.com:8081/artifactory
docker.artifactory.userName=<user name>
docker.artifactory.userPassword=<user password>
docker.artifactory.repositoriesNames=<repositories names separated by space>
#docker.artifactory.repositoriesNames=docker-virtual docker-local docker-remote
docker.artifactory.dockerAccessMethod=subdomain // (optional for admin user)
...
Let’s assume we have the artifactory server on IP 172.19.231.225 and the artifactory hostname is test.whitesourcesoftwaretestMendsoftwaretest.com.
Add the following to your DNS or to the client's /etc/hosts file: <ip-address> <artifactory-hostname>
Verify that the Hosts file contains the line: “172.19.231.225 test.whitesourcesoftwaretestMendsoftwaretest.com”
If you use secured artifactory server (using HTTPS) then there is no need to complete this procedure - simply continue to the next procedure.
Configure the Docker client to work with an insecure registry as described in the Docker documentation.
Restart your Docker daemon/engine to apply the insecure registry flag.
Running $ docker info will list the Insecure registries that have been applied under the Insecure Registries entry.
...
Verify that your Docker client can access Artifactory by run the following command (ensure that the return code is 200):
Code Block $ curl -I -k -v http://test.whitesourcesoftwaretestMendsoftwaretest.com:8081/artifactory/api/system/ping
The following commands use docker-virtual registry port 6556 instead of artifactory server port since we are using the PORT access method.
Login to Artifactory as your Docker registry.
Code Block $ docker login -u admin -p password test.whitesourcesoftwaretestMendsoftwaretest.com:6556
Pull the "hello-world" image from the docker-virtual repository.
Code Block $ docker pull test.whitesourcesoftwaretestMendsoftwaretest.com :6556/hello-world:latest
List all Docker repositories hosted in under an Artifactory Docker repository. For example, use the ‘docker-virtual’ repository:
Code Block $ curl -u <user>:<password> -X GET "http://test.whitesourcesoftwaretestMendsoftwaretest.com:8081/artifactory/api/docker/docker-virtual/v2/_catalog“
(The following API requires admin user credentials only). Rest API retrieves the reverse proxy configuration; verify that the repositories' ports appear and have correct values:
Code Block $ curl -u <user>:<password> -X GET "http://test.whitesourcesoftwaretestMendsoftwaretest.com:8081/artifactory/api/system/configuration/webServer“
...
docker.scanImages=true
docker.pull.enable=true
docker.artifactory.enable=true
# docker.artifactory.url= http/s://<artifactory hostname>:<artifactory port>/<context path>
docker.artifactory.url=http://test.whitesourcesoftwaretestMendsoftwaretest.com:8081/artifactory
docker.artifactory.userName=<user name>
docker.artifactory.userPassword=<user password>
docker.artifactory.dockerAccessMethod=subdomain // (optional for admin user)
# docker.artifactory.repositoriesNames=<repositories names separated by space>
# If user is ‘read-only’ user then you must add each repository port as <repo-name>:<repo-port> (optional for admin user)
docker.artifactory.repositoriesNames=docker-virtual docker-local docker-remote
# for read-only user, Its optional for admin user to add repository port:
docker.artifactory.repositoriesNames=docker-virtual:6556 docker-local:6555