Maven Integration
Maven resolves artifacts using the configured remote repositories in settings.xml. To route Maven through the Lineaje Proxy, you redirect all repositories and mirror traffic to the Proxy's Maven endpoint. Proxy Maven URL:
// Enforce Mode: block all non-compliant builds
https://enforce.fortknox.v2.prod.veedna.com/artifactory/gos-all-proxy-maven
// Observe Mode: Report all non-compliant dependency downloads
https://observe.fortknox.v2.prod.veedna.com/artifactory/gos-all-proxy-maven Settings.xml Configuration
Place this file at the root of your repository (or reference it via the -s flag in the Maven command). It configures authentication, mirrors all Maven traffic through the Proxy, and activates a profile that sets the Proxy as the primary repository.
<?xml version="1.0" encoding="UTF-8"?>
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
https://maven.apache.org/xsd/settings-1.0.0.xsd">
<!-- 1. Credentials for the Proxy endpoint -->
<servers>
<server>
<id>lineaje-fortknox</id>
<username>${env.ARTIFACTORY_CREDS_USR}</username>
<password>${env.ARTIFACTORY_CREDS_PSW}</password>
<configuration>
<httpConfiguration>
<all>
<usePreemptive>true</usePreemptive>
</all>
</httpConfiguration>
</configuration>
</server>
</servers>
<!-- 2. Mirror ALL Maven traffic through the Proxy -->
<mirrors>
<mirror>
<id>lineaje-fortknox</id>
<name>Lineaje FortKnox Proxy</name>
<url>https://enforce.fortknox.v2.prod.veedna.com/artifactory/gos-all-proxy-maven</url>
<mirrorOf>*</mirrorOf>
</mirror>
</mirrors>
<!-- 3. Active profile defining the Proxy as the repository -->
<profiles>
<profile>
<id>lineaje-fortknox-profile</id>
<repositories>
<repository>
<id>lineaje-fortknox</id>
<name>Lineaje FortKnox Proxy</name>
<url>https://enforce.fortknox.v2.prod.veedna.com/artifactory/gos-all-proxy-maven</url>
<releases> <enabled>true</enabled> </releases>
<snapshots><enabled>false</enabled></snapshots>
</repository>
</repositories>
<pluginRepositories>
<pluginRepository>
<id>central</id>
<url>https://repo.maven.apache.org/maven2</url>
</pluginRepository>
</pluginRepositories>
</profile>
</profiles>
<activeProfiles>
<activeProfile>lineaje-fortknox-profile</activeProfile>
</activeProfiles>
</settings> File: settings.xml. Commit to repository root alongside pom.xml.
Jenkinsfile Configuration Example
pipeline {
agent any
environment {
ARTIFACTORY_CREDS = credentials(‘<ID>’)
ARTIFACTORY_URL = 'https://enforce.fortknox.v2.prod.veedna.com' +
'/artifactory/api/pypi/gos-all-proxy-python/simple'
}
stages {
stage('Build') {
steps {
script {
// Set up the pip index URL with authentication
// We encode the URL to include the credentials safely in the environment
def pipIndexUrl = "https://${ARTIFACTORY_CREDS_USR}:${ARTIFACTORY_CREDS_PSW}@${ARTIFACTORY_URL}"
withEnv(["PIP_INDEX_URL=${pipIndexUrl}"]) {
// Optional: Create a virtual environment
sh 'python3 -m venv venv'
// Install dependencies
// PIP_INDEX_URL env var is automatically picked up by pip
sh './venv/bin/python -m pip install -vvv --no-cache-dir --index-url "${PIP_INDEX_URL}" --trusted-host enforce.fortknox.v2.prod.veedna.com -r requirements.txt'
// Run the script
sh './venv/bin/python main.py'
}
}
}
}
}
} Verifying Proxy Routing
With the -X (debug) flag enabled, Maven prints the repository URL for each resolved artifact. Confirm that all resolution lines reference the Proxy URL:
# Expected in build log:
Downloaded from lineaje-fortknox:
https://enforce.fortknox.v2.prod.veedna.com/artifactory/gos-all-proxy-maven/
org/json/json/20230227/json-20230227.jar To detect policy violations, search build logs for the string. To learn more, see Detecting Policy Violations in Build Logs.
PyPI Integration
Last updated