Air-gapped environments are isolated from the public internet. To enable security scanning in such environments, you’ll need to configure a local Artifactory repository that mirrors https://releases.jfrog.io, and update your tools to use this repository for downloading required components.
Set Up a Local Releases Repository
- In the JFrog Platform, go to Administration > Repositories > Remote.
- Click Create a remote repository.
- Set the following values:
- Package Type: Generic
- Repository Key: e.g.,
jfrog-releases-repo - URL:
https://releases.jfrog.io
- (Optional) Uncheck Store Artifacts Locally to save storage space.
- Click Save & Finish.
Configure Tools to Use Your Local Repo
After setting up the repository, you must configure your tools to pull all required components, such as binaries, analyzer tools, or metadata, from your internal Artifactory instance instead of the public internet.
Use the appropriate environment variable depending on the tool:
| Tool | Environment Variable |
|---|---|
| JFrog CLI | JFROG_CLI_RELEASES_REPO |
| Frogbot | JF_RELEASES_REPO |
| IDE Plugins | Create a remote repository in Artifactory and specify its name in your IDE's JFrog plugin settings, under External Resources Repository. |