Cloud customer?
Start for Free >
Upgrade in MyJFrog >
What's New in Cloud >

Search





Overview

The JFrog IntelliJ IDEA plugin also supports the WebStorm and GoLand IDEs. Since version 1.6.2, the plugin requires version 2020.1 of IDEA.

The plugin allows developers to see valuable information about the status of their code by continuously scanning it locally with JFrog Xray. Since version 1.8.0, the plugin also allows developers to track the status of the code while it is being built, tested and scanned on the CI server.



Source Code 

The JFrog IDEA Plugin code is available on Github.

Page contents


Installation and Setup

To install and work with the plugin:

  1. Install the JFrog plugin, using one of these options:
  2. Configure the plugin to connect to JFrog Xray.
  3. Scan and view the results.
  4. Filter Xray Scanned Results.

Prerequisites

  • IntelliJ IDEA version 2016.2 and above.
  • JFrog Xray version 1.7.2.3 and above.

Installing from the IntelliJ Plugin Repository

  1. Under Settings (Preferences) | Plugins, click Browse repositories and search for JFrog.
  2. Once the plugin is found, click Install JetBrains Plugin.

Installing Plugin from Disk

  1. See the procedure on how to build the plugin from sources in GitHub.
  2. Under Settings (Preferences) | Plugins, click Install plugin from disk...
  3. Select the plugin file and click OK.

Connecting the Plugin to Your JFrog Platform Instance 

Once the plugin is successfully installed, connect the plugin to your instance of the JFrog Platform.

  1. If your JFrog Platform instance is behind an HTTP proxy, configure the proxy settings as described here. Manual proxy configuration is supported since version 1.3.0 of the JFrog IDEA Plugin. Auto-detect proxy settings is supported since version 1.7.0.
  2. Under Settings (Preferences) | Other Settings, click JFrog Global Configuration.
  3. Set your JFrog Platform URL and login credentials.
  4. As you can see in the below image, you also have the option of storing the connection details in environment variables, which should be set before starting up the IDE. 
  5. Test your connection to Xray using the Test Connection button.

Self-signed Xray domain

If your JFrog Platform instance uses a domain with a self-signed certificate, add the certificate to IDEA as described here.


Using the Plugin - General

After the JFrog Plugin is installed, a new JFrog panel is added at the bottom of the screen. Opening the JFrog panel displays two views - Local and CI

  • The Local view displays information about the local code as it is being developed in IDEA. JFrog Xray continuously scans the project's dependencies locally, and the information is displayed in the Local view. 
  • The CI view allows the tracking of the code as it is built, tested and scanned by the CI server. It displays information about the status of the build and includes a link to the build log on the CI server.

The Local View

Overview

The JFrog Plugin continuously scans your project's dependencies with JFrog Xray and displays this information under the Local View. The plugin currently supports Xray scanning of Maven, Gradle, Go and npm projects. It allows developers to view vulnerability information about the components and their dependencies. With this information, a developer can make an informed decision on whether to use a component or not before the code is pushed into the source control.

The view allows you to filter the scanned results according to the issues severity, licenses or dependencies' scopes.

From JFrog Xray version 1.9 to version 2.x, IntelliJ IDEA users connecting to Xray from IntelliJ are required to be granted the ‘View Components’ action in Xray.
From JFrog Xray version 3.x, as part of the JFrog Platform, IntelliJ IDEA users connecting to Xray from IntelliJ require ‘Read’ permission. For more information, see Permissions.

Scanning and Viewing the Results

JFrog Xray automatically performs a scan whenever there is a change in the dependencies in the project.

To manually invoke a scan: 

  1. Click Refresh in the JFrog plugin.
  2. View the scanned results in the plugin.


When hovering above a dependency in the editor, the information about it is displayed.


You can navigate from the editor to the dependency tree


You can right-click on a dependency in the tree view and choose Show in project descriptor.

In Maven projects, you also have the option of excluding a transitive dependency from the pom.xml, by right-clicking on the dependency in the tree and selecting Exclude dependency.


The CI View

Overview

The JFrog IDEA Plugin allows you to view information about your builds directly from your CI system. This allows developers to keep track of the status of their code, while it is being built, tested and scanned as part of the CI pipeline, regardless of the CI provider used.

This information can be viewed inside IntelliJ IDEA, from the JFrog Panel, under the CI tab.

The following details can be made available in the CI view.

  • Status of the build run (passed or failed)
  • Build run start time
  • Git branch and latest commit message
  • Link to the CI run log
  • Security information about the build artifacts and dependencies

How Does It Work?

The CI information displayed in IDEA is pulled by the JFrog IDEA Plugin directly from JFrog Artifactory. This information is stored in Artifactory as part of the build-info, which is published to Artifactory by the CI server. Read more about build-info in the Build Integration documentation page. If the CI pipeline is also configured to scan the build-info by JFrog Xray, the JFrog IDEA Plugin will pull the results of the scan from JFrog Xray and display them in the CI view as well.


Setting up CI integration

General

Setting up CI integration for IDEA requires the following steps.

  1. Configuring the CI pipeline to record and publish build-info to JFrog Artifactory
  2. Creating a JFrog Platform user to be set in IDEA
  3. Configuring IDEA to display the CI information

Step 1 - Configuring Your CI Pipeline to record and publish build-info to JFrog Artifactory

To set up your CI to expose the information to IDEA, you need to include the following as part of your pipeline script.

  1.  Download JFrog CLI, so that it can be used in the pipeline:

    curl -fL https://getcli.jfrog.io | sh && chmod +x jfrog
  2. Set the following environment variables with the build name and build run number. 

    export JFROG_CLI_BUILD_NAME=<the build name>
    export JFROG_CLI_BUILD_NUMBER=<the build run number>
  3. Set the following environment variable, with the URL to the pipeline log on the CI. 

    export JFROG_CLI_BUILD_URL=<url to the pipeline log>
  4. If needed, configure JFrog CLI using the following command.

    ./jfrog c add
  5. If needed, configure the repositories for your project. For example, if your code is built using maven, run:

    ./jfrog rt mvnc

     

  6. Run the command that builds your code using JFrog CLI. For example, if your code is built using maven, run: 

    ./jfrog rt mvn clean install
  7. Set the following environment variable, to indicate that the build finished successfully.

    export JFROG_BUILD_STATUS=PASS

    Make sure to set the environment variable's value to FAIL, to indicate a failure of the CI pipeline.


  8. Record the environment variables and the project's git information as part of the build-info and then, publish the build-info to Artifactory. Make sure your pipeline always executes these commands, even in the case of a failure.

    ./jfrog rt bce
    ./jfrog rt bag
    ./jfrog rt bp
  9. Optionally scan the published build with JFrog Xray by running 

    ./jfrog rt bs

JFrog Pipelines Example

 Click here to expand...
resources:
- name: mvn_example_pipelines_gitResource
  type: GitRepo
  configuration:
    path: jfrog/project-examples
    gitProvider: github_mvn_example_pipelines_integration
    buildOn:
      pullRequestCreate: true
    branches:
      include: main
- name: mvn_example_pipelines_pipeline_bi
  type: BuildInfo
  configuration:
    sourceArtifactory:    rt_mvn_example_pipelines_integration
pipelines:
  - name: mvn_example_pipelines_pipeline
    steps:
      - name: MvnBuild
        type: MvnBuild
        configuration:
          environmentVariables:
            'JFROG_CLI_BUILD_URL': $step_url
            'JFROG_BUILD_STATUS': 'PASS'
          mvnCommand:           clean install
          sourceLocation:       maven-example    
          resolverSnapshotRepo: maven-virtual
          resolverReleaseRepo:  maven-virtual
          autoPublishBuildInfo: true
          forceXrayScan:        true
          integrations:
            - name:         rt_mvn_example_pipelines_integration
          inputResources:
            - name:         mvn_example_pipelines_gitResource
          outputResources:
            - name:         mvn_example_pipelines_pipeline_bi
        execution:
          onFailure:
            - export JFROG_BUILD_STATUS=FAIL
            - jfrog rt bce
            - jfrog rt bp

Jenkins Example

 Click here to expand...
pipeline {
  agent any
  environment {
    JFROG_CLI_BUILD_NAME = "${JOB_NAME}"
    JFROG_CLI_BUILD_NUMBER = "${BUILD_NUMBER}"
    JFROG_CLI_BUILD_URL = "https://<my-jenkins-domain>/<my-job-uri>/${BUILD_NUMBER}/console"
  }
  stages {
      stage ('Clone') {
          steps {
              git branch: 'master', url: "https://github.com/jfrog/project-examples.git"
          }
      }

      stage ('Config') {
          steps {
              sh 'curl -fL https://getcli.jfrog.io | sh && chmod +x jfrog'
              sh "./jfrog c add rt-server --url https://ecosysjfrog.jfrog.io --user ${RT_USERNAME} --password ${RT_PASSWORD}"
              sh './jfrog rt mvnc --server-id-deploy rt-server --server-id-resolve rt-server --repo-resolve-releases releases --repo-resolve-snapshots snapshots --repo-deploy-releases releases-local --repo-deploy-snapshots snapshots-local' 
          }
      }

      stage ('Exec Maven') {
          steps {
              dir('maven-example') {
                  sh '../jfrog rt mvn clean install'
              }
          }
      }
  }
    
  post {
      success {
          script {
              env.JFROG_BUILD_STATUS="PASS"
          }
      }
      
      failure {
          script {
              env.JFROG_BUILD_STATUS="FAIL"
          }
      }
      
      cleanup {
          sh './jfrog rt bce'
          sh './jfrog rt bag'
          sh './jfrog rt bp'
      }
  }
}

GitHub Actions Example

 Click here to expand...

This example uses the setup-jfrog-cli GitHub Action, which already sets the JFROG_CLI_BUILD_NAME, JFROG_CLI_BUILD_NUMBER and JFROG_CLI_BUILD_URL behind the scenes.

name: 'JFrog CI Integration'
on: [push]
jobs:
 jfrog-ci-integration:
   runs-on: ubuntu-latest
   env:
     JF_ARTIFACTORY_1: ${{ secrets.JF_ARTIFACTORY_SECRET_1 }}
     JFROG_BUILD_STATUS: PASS
   steps:
     - name: Checkout
       uses: actions/checkout@v2
     - name: Setup JFrog CLI
       uses: jfrog/setup-jfrog-cli@v1
     - name: Set up JDK 11
       uses: actions/setup-java@v2
       with:
         java-version: '11'
         distribution: 'adopt'
     - name: Run Maven build
       run: |
         # Init JFrog CLI Maven config
         MVN_PATH=`which mvn` && export M2_HOME=`readlink -f $MVN_PATH | xargs dirname | xargs dirname`
         # Replace ‘my_art_server’ with your imported server
         jfrog rt mvn-config --server-id-resolve=my_art_server --repo-resolve-releases=libs-release-remote --repo-resolve-snapshots=libs-snapshot-remote
         # Build the maven project
         jfrog rt mvn clean install
     - name: Failure check
       run: |
         echo "JFROG_BUILD_STATUS=FAIL" >> $GITHUB_ENV
       if: failure()
     - name: Publish Maven build
       run: |
         # Collect environment variables for the build
         jfrog rt bce
         # Collect VCS details from git and add them to the build
         jfrog rt bag
         # Publish build info
         jfrog rt bp
         # Scan build
         jfrog rt bs
       if: always()


Step 2 - Creating a JFrog Platform user to be set in IDEA

Follow these steps to create a JFrog Platform user for IntelliJ IDEA. The user will have limited permissions, which only allows viewing the CI information inside IDEA.

  1. Make sure JFrog CLI is installed on your local machine by running 

    jfrog -v

    If it is not installed, install it.

  2. Run the following command to create a Users Group in the JFrog Platform. We'll use the name ide-developers for the Group. Feel free to choose a different name. 

    jfrog rt group-create ide-developers
  3. Run the following commands to create a Permission in the JFrog Platform. We'll use the name ide-developers-perm for the Permission. Feel free to choose a different name. Notice that the Group name we created is also included in the following commands. 

    echo {\"build\":{\"include-patterns\":\"**\"\,\"actions-groups\":{\"ide-developers\":\"read\"}}\,\"name\":\"ide-developers-perm\"} > ./perm-temp
    jfrog rt ptc ./perm-temp
    rm ./perm-temp
  4. Create the JFrog Platform user by running the following command, after replacing the <username>, <password> and <email> tokens. Notice that the Group name we created is also included in the following command. 

    jfrog rt user-create <username> <password> <email> --users-groups ide-developers

Step 3 - Now that your CI pipeline records and publishes the build-info to Artifactory, you can configure IntelliJ IDEA to display the CI information, Follow these steps to configure IDEA.

  1. Under Settings (Preferences) | Other Settings, click JFrog Global Configuration. configure the JFrog Platform URL and the user you created.
  2. Under Settings (Preferences) | Other Settings, click JFrog CI Integration. Set your CI build name in the Build name pattern field. This is the name of the build published to Artifactory by your CI pipeline. You have the option of setting * to view all the builds published to Artifactory.
  3. Click Apply and open the CI tab under the JFrog panel at the bottom of the screen and click the Refresh button.

Release Notes

The release notes are available here.


Troubleshooting

The JFrog Plugin uses the IntelliJ IDEA log files. By default, the log level used used by the plugin is INFO.

You have the option of increasing the log level to DEBUG. Here's how you do this:

  1. Go to Help | Diagnostic Tools | Debug Log Settings...
  2. Inside the Custom Debug Log Configuration window add the following line:
#com.jfrog.ide.idea.log.Logger

To see the Intellij IDEA log file, depends on the IDE version and OS as described here, go to Help | Show/reveal Log in Explorer/finder/Konqueror/Nautilus.


Reporting Issues

Please report issues by opening an issue on Github.


Watch the Screencast

Watch this screencast to learn how the JFrog IntelliJ IDEA plugin adds JFrog Xray scanning of Maven project dependencies to your IntelliJ IDEA.

 

  • No labels
Copyright © 2021 JFrog Ltd.