Click on the gear icon in the JFrog panel to access the plugin settings.
The JFrog Plugin requires external resources for scanning projects. By default, these resources are downloaded from https://releases.jfrog.io. If the machine running the IDE does not have access to this URL, configure Artifactory as a proxy:
-
Log in to the JFrog Platform UI as an administrator.
-
Create a Remote Repository with the following settings:
- Basic Tab:
- Package Type: Generic
- Repository Key:
jfrog-releases-repository - URL:
https://releases.jfrog.io
- Advanced Tab:
- Uncheck Store Artifacts Locally.
- Basic Tab:
-
In the JFrog Plugin settings, navigate to JFrog Global Configuration > Advanced.
-
Click Download resources through Artifactory.
-
Enter the Repository Key you created in the Repository Key field.
-
Alternatively, set the environment variable:
plaintextCopyEditJFROG_IDE_RELEASES_REPO = [Repository Key]
The JFrog Plugin can enforce security policies created in JFrog Xray. Policies define security rules and automated actions that are applied when linked to Watches.
If your policies are associated with a JFrog Project, follow these steps:
- Create a JFrog Project or obtain an existing Project Key.
- Create a Policy in JFrog Xray.
- Create a Watch in JFrog Xray and assign your Policy and Project to it.
- Configure the Project Key in the plugin settings:
- Go to Settings (Preferences) > Other Settings > JFrog Global Configuration.
- Navigate to the Settings tab and enter the Project Key.
If your policies are managed through Xray Watches, follow these steps:
- Create one or more Watches in JFrog Xray.
- Configure the Watches in the plugin settings:
- Go to Settings (Preferences) > Other Settings > JFrog Global Configuration.
- Navigate to the Settings tab and enter the Watch details.