Overview
Starting with FDA-1.1.5, support for querying Artifactory and Nexus private repositories has been introduced.
This functionality enables FDA to fetch component information such as available versions and POM file contents directly from your Artifactory or Nexus instance.
Currently, FDA supports only the Maven ecosystem:
- Artifactory:
Maven,Gradle, andIvyrepositories. - Nexus:
MavenandGradlerepositories.
To enable this integration, add the following configuration entries to your fossid.conf file, depending on which private repository system you are using.
Artifactory Integration
Configuration Options
-
da_artifactory_userArtifactory username used for authentication. This can be an administrator account or a dedicated service account created for automated access. Used for HTTP Basic Authentication together with the password.
-
da_artifactory_passwordPassword associated with da_artifactory_user. Used to authenticate with Artifactory over HTTPS or HTTP using basic authentication.
-
da_artifactory_tokenGenerated access token. Can be used instead of a username and password for authentication.
-
da_artifactory_base_urlBase URL of the Artifactory server. All API and repository paths are derived from this root address.
Example:
da_artifactory_base_url="http://localhost:8082/artifactory/"
-
da_artifactory_maven_repoName of the Maven-style repository where
.jar,.pom, and related artifacts are stored. Used when fetching Maven component data.
Example:
da_artifactory_maven_repo="maven-local"
da_artifactory_maven_repo="maven-private"
-
da_artifactory_ivy_repoName of the Ivy-style repository used for components following the Apache Ivy layout (ivy.xml files and artifacts).
Example:
da_artifactory_ivy_repo="ivy-local"
da_artifactory_ivy_repo="ivy-private"
-
da_artifactory_gradle_repoName of the Gradle-style repository used for dependencies or artifacts built and published by Gradle projects.
Example:
da_artifactory_ivy_repo="gradle-local"
da_artifactory_ivy_repo="gradle-private"
Example fossid.conf setup:
da_artifactory_user="USER"
da_artifactory_password="PASSWORD"
da_artifactory_token="TOKEN"
da_artifactory_base_url="http://<ARTIFACTORY_URL>/artifactory/"
da_artifactory_maven_repo="maven-local"
da_artifactory_ivy_repo="ivy-local"
da_artifactory_gradle_repo="gradle-local"
da_artifactory_mirror_repo="maven-all"
Data Access and Usage
Note: When querying Artifactory, FDA only retrieves:
- The list of existing versions within a repository.
- The contents of the corresponding POM file or ivy.xml file for a specific version.
Nexus Integration
Configuration Options
-
da_nexus_userNexus username used for authentication. This can be an administrator account or a dedicated service account created for automated access. Used for HTTP Basic Authentication together with the password.
-
da_nexus_passwordPassword associated with da_artifactory_user. Used to authenticate with Nexus over HTTPS or HTTP using basic authentication.
-
da_nexus_tokenScoped access token. Can be used instead of a username and password for authentication.
-
da_nexus_base_urlBase URL of the Nexus server. All API and repository paths are derived from this root address.
Example:
da_nexus_base_url="http://localhost:8082/"
-
da_nexus_maven_repoName of the Maven-style repository where
.jar,.pom, and related artifacts are stored. Used when fetching Maven component data.
Example:
da_nexus_maven_repo="maven-local"
da_nexus_maven_repo="maven-private"
-
da_nexus_gradle_repoName of the Gradle-style repository used for dependencies or artifacts built and published by Gradle projects.
Example:
da_nexus_gradle_repo="gradle-local"
da_nexus_gradle_repo="gradle-private"
Example fossid.conf setup:
da_nexus_user="USER"
da_nexus_password="PASSWORD"
da_nexus_token="TOKEN"
da_nexus_base_url="http://<NEXUS_URL>/"
da_nexus_maven_repo="maven-local"
da_nexus_gradle_repo="gradle-local"
Data Access and Usage
Note: When querying Nexus, FDA only retrieves:
- The list of existing versions within a repository.
- The contents of the corresponding POM file for a specific version.