Bring Artifactory Docker script up to date

.gitignore

@@ -15,3 +15,4 @@ lib/
 coverage.txt
 .scannerwork
 *.code-workspace
+scripts/artifactory*/

scripts/access.config.patch.yml

@@ -0,0 +1,11 @@
+token:
+  persistency:
+    persistent-expiry-threshold: 10800 # Available from Artifactory 7.8.0 - (seconds) token with expiry (expirationTime-issuedAt) below this value will not be persistent. set to -1 to make all tokens persistent. lowering this value will effectively revoke all tokens with expiry below the old value and above the new revocable-expiry-threshold.
+integrations-enabled: true
+integration-templates: 
+  - id: "1" 
+    name: "Slack integration" 
+    redirect-uri: "https://<your saas connector hostname>/v1/oauth2/login/redirect"
+    scope: "applied-permissions/user"
+security:
+  tls: false

scripts/get-access-key.sh

@@ -0,0 +1,36 @@
+#!/usr/bin/env bash
+
+function getAccessKey() {
+  local url=${1?You must supply the artifactory url to obtain an access key}
+  echo "### Generate Admin Access Key ###" > /dev/stderr
+
+  local cookies
+  cookies=$(curl -s -c - "${url}/ui/api/v1/ui/auth/login?_spring_security_remember_me=false" \
+                --header "accept: application/json, text/plain, */*" \
+                --header "content-type: application/json;charset=UTF-8" \
+                --header "x-requested-with: XMLHttpRequest" \
+                -d '{"user":"admin","password":"password","type":"login"}' | grep TOKEN)
+
+  local refresh_token
+  refresh_token=$(echo "${cookies}" | grep REFRESHTOKEN | awk '{print $7 }')
+
+  local access_token
+  access_token=$(echo "${cookies}" | grep ACCESSTOKEN | awk '{print $7 }')
+
+  local access_key
+  local scoped_access_key
+  access_key=$(curl -s -g --request GET "${url}/ui/api/v1/system/security/token?services[]=all" \
+                      --header "accept: application/json, text/plain, */*" \
+                      --header "x-requested-with: XMLHttpRequest" \
+                      --header "cookie: ACCESSTOKEN=${access_token}; REFRESHTOKEN=${refresh_token}")
+
+  scoped_access_key=$(curl --location --request POST "${url}/access/api/v1/tokens" \
+                      --header "Authorization: Bearer ${access_key}" \
+                      --header "Content-Type: application/x-www-form-urlencoded" \
+                      --data-urlencode "expires_in=0" \
+                      --data-urlencode "username=admin" \
+                      --data-urlencode "scope=applied-permissions/admin" \
+                      --data-urlencode "description=Created_with_script_in_TF_provider" | jq -r .access_token)
+
+  echo "${scoped_access_key}"
+}

scripts/run-artifactory.sh

@@ -1,17 +1,35 @@
-#!/usr/bin/env sh
+#!/usr/bin/env bash
 
 SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" > /dev/null && pwd )"
+source "${SCRIPT_DIR}/get-access-key.sh"
+source "${SCRIPT_DIR}/wait-for-rt.sh"
+
+export ARTIFACTORY_VERSION=${ARTIFACTORY_VERSION:-7.84.15}
+echo "ARTIFACTORY_VERSION=${ARTIFACTORY_VERSION}" > /dev/stderr
 
 set -euf
 
-docker run -i -t -d --rm -v "${SCRIPT_DIR}/artifactory.lic:/artifactory_extra_conf/artifactory.lic:ro" \
-  -p8081:8081 -p8082:8082 -p8080:8080 releases-docker.jfrog.io/jfrog/artifactory-pro:7.27.10
-
-echo "Waiting for Artifactory to start"
-until curl -sf -u admin:password http://localhost:8081/artifactory/api/system/licenses/; do
-    printf '.'
-    sleep 4
-done
-echo ""
-# Use decrypted passwords
-curl -u admin:password  --output /dev/null --silent --fail localhost:8080/projects/api/system/decrypt -X POST
+sudo rm -rf ${SCRIPT_DIR}/artifactory/
+
+mkdir -p ${SCRIPT_DIR}/artifactory/extra_conf
+mkdir -p ${SCRIPT_DIR}/artifactory/var/etc/access
+
+cp ${SCRIPT_DIR}/artifactory.lic ${SCRIPT_DIR}/artifactory/extra_conf
+cp ${SCRIPT_DIR}/system.yaml ${SCRIPT_DIR}/artifactory/var/etc/
+cp ${SCRIPT_DIR}/access.config.patch.yml ${SCRIPT_DIR}/artifactory/var/etc/access
+
+docker run -i --name artifactory -d --rm \
+  -e JF_FRONTEND_FEATURETOGGLER_ACCESSINTEGRATION=true \
+  -v ${SCRIPT_DIR}/artifactory/extra_conf:/artifactory_extra_conf \
+  -v ${SCRIPT_DIR}/artifactory/var:/var/opt/jfrog/artifactory \
+  -p 8081:8081 -p 8082:8082 \
+  releases-docker.jfrog.io/jfrog/artifactory-pro:${ARTIFACTORY_VERSION}
+
+export ARTIFACTORY_URL=http://localhost:8081
+export ARTIFACTORY_UI_URL=http://localhost:8082
+
+# Wait for Artifactory to start
+waitForArtifactory "${ARTIFACTORY_URL}" "${ARTIFACTORY_UI_URL}"
+
+# With this trick you can do $(./run-artifactory-container.sh) and it will directly be setup for you without the terminal output
+echo "export JFROG_ACCESS_TOKEN=$(getAccessKey "${ARTIFACTORY_UI_URL}")"

scripts/wait-for-rt.sh

@@ -0,0 +1,18 @@
+function waitForArtifactory() {
+  local url=${1?You must supply the artifactory url}
+  local url_ui=${2?You must supply the artifactory UI url}
+  echo "### Wait for Artifactory to start at ${url} ###" > /dev/stderr
+
+  until $(curl -sf -o /dev/null -m 5 ${url}/artifactory/api/system/ping/); do
+      printf '.'
+      sleep 5
+  done
+  echo ""
+
+  echo "### Waiting for Artifactory UI to start at ${url_ui} ###"
+  until $(curl -sf -o /dev/null -m 5 ${url_ui}/ui/login/); do
+      printf '.'
+      sleep 5
+  done
+  echo ""
+}