Skip to content

Instantly share code, notes, and snippets.

@akanchhaS

akanchhaS/README.md

Last active July 29, 2022 03:32
Show Gist options
  • Save akanchhaS/2fd0f4d6b68b7f7ea2f045db4dd51796 to your computer and use it in GitHub Desktop.
Save akanchhaS/2fd0f4d6b68b7f7ea2f045db4dd51796 to your computer and use it in GitHub Desktop.
Download ZIP
Snyk Broker instructions
Raw
README.md

Connecting Snyk UI with on-prem SCM and JIRA requires setting up a broker client.

When setting up a Snyk broker, the client access is only enabled for Open Source manifest files and dockerfile access. However, to hook up the repositories for Snyk Code and IAC, one would need to set up "code agent" as well.

Note: The broker client and code-agent MUST be present in the same network.

Steps to set-up the broker client and code agent.

In this example we will set up broker + code agent with Gitab.

Step 0 - Before getting started with the following sets up ensure that: A. The broker support for the specific integration has been enabled by your Snyk point of contact or you have created it using API B. Your Snyk Point of contact has enabled code-agent support.

You will find your SCM or JIRA broker token in the Snyk UI under Integration Settings. Once you have the token please proceed with the following steps.

  1. Pull the appropriate broker client image. Details for individual image can be found here: https://github.com/snyk/broker

docker pull snyk/broker:gitlab

  1. Pull the code-agent image.

docker pull snyk/code-agent

  1. Create a network (this network will be run both code agent and broker client). Note: You can provide any name to the network - here I am calling it mySnykBrokerNetwork

docker network create mySnykBrokerNetwork

  1. Now ensure that you have the accept.json in the directory structure example; /home/private on teh host machine so that you can map it to the container. Note: The accept.json would be different based on different integration(Github vs gitlab etc). Make sure you have the appropriate one copied locally.

  2. run the broker container:

docker run --restart=always \           
           -p 8000:8000 \
           -e BROKER_TOKEN=<YOUR-BROKER-TOKEN> \
           -e GITLAB_TOKEN=<YOUR-GITLAB-TOKEN> \
           -e GITLAB=<YOUR-GITLAB-HOSTNAME> \
           -e BROKER_CLIENT_URL=http://my.broker.client:8000 \
           -e PORT=8000 \
           -e ACCEPT=/private/accept.json -v /path/on/local/private:/private \
           -e GIT_CLIENT_URL=http://code-agent:3000 \
           --network mySnykBrokerNetwork \
       snyk/broker:gitlab
  1. Run the code-agent
 docker run --name code-agent \
    -p 3000:3000 \
    -e PORT=3000 -e SNYK_TOKEN=<token> --network mySnykBrokerNetwork \
     snyk/code-agent

  1. At this point your logs for broker client should display "msg":"successfully established a websocket connection to the broker server" and in app.snyk.io under the integration you would see "Connected". Also, see the logs of the code-agent to confirm its working.

  2. You can now seemlessly import your repos on the UI.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment