You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When using a custom artifactory such as jfrog - e.g. in an airgapped context - it is currently possible to work with basic authentication by embedding the credentials in the url. The same way sometimes works for a bearer token (even though discouraged) but sometimes it is necessary to add a http header instead. With jfrog this is an issue as their documentation recommends bearer token auth to be used in CICD pipelines, see https://jfrog.com/help/r/jfrog-platform-administration-documentation/authorization-headers.
This is especially useful for authenticating CI servers with Artifactory instead of using credentials, since you don't need to have a user defined in Artifactory
Various tasks (e.g. 'Download Remote Plugins' in roles/kafka_connect/tasks/connect_plugins.yml) use ansible.builtin.get_url which allows for custom header definition, there is just no way to configure the cp-ansible task. One could work around with an own playbook; for package manager a custom repofile could be provided. There are various other locations where there artifactory is used, working around these is problematic.
It would be preferable to have a variable like artifactory_bearer_token, or artifactory_custom_headers.
The text was updated successfully, but these errors were encountered:
Feature request:
When using a custom artifactory such as jfrog - e.g. in an airgapped context - it is currently possible to work with basic authentication by embedding the credentials in the url. The same way sometimes works for a bearer token (even though discouraged) but sometimes it is necessary to add a http header instead. With jfrog this is an issue as their documentation recommends bearer token auth to be used in CICD pipelines, see https://jfrog.com/help/r/jfrog-platform-administration-documentation/authorization-headers.
Various tasks (e.g. 'Download Remote Plugins' in roles/kafka_connect/tasks/connect_plugins.yml) use ansible.builtin.get_url which allows for custom header definition, there is just no way to configure the cp-ansible task. One could work around with an own playbook; for package manager a custom repofile could be provided. There are various other locations where there artifactory is used, working around these is problematic.
It would be preferable to have a variable like artifactory_bearer_token, or artifactory_custom_headers.
The text was updated successfully, but these errors were encountered: