This repository hosts the upload-to-jfrog GitHub Action along with a workflow designed to test this action using a dummy .jar and a corresponding pom.xml file.
The action expects that the JAR file and its pom.xml have already been generated. It utilizes JFrog CLI to manage uploads to Artifactory. Distribution management settings are provided directly via action inputs rather than through the pom.xml.
Ensure the job calling the action has the following permissions:
permissions:
id-token: write
contents: read
security-events: write| Operating System | Supported Versions | Minimum Required Version |
|---|---|---|
| RHEL | 8 and above | 8 |
| CentOS | 9 and above | 9 |
| Ubuntu | 18.04, 20.04, 22.04 | 18.04 |
Ensure these dependencies are installed:
- Docker
- Curl
- RPM or Yum (according to Linux distribution)
To deploy in air-gapped environments (no internet access), you need a local Artifactory repository that mirrors JFrog Releases:
- Create a local generic repository in your Artifactory instance.
- Download necessary resources from JFrog Analyzer Manager from a machine with internet access.
- Upload these files into the newly created generic repository.
- Configure your tools (CLI, IDE, or automation tools) to use this repository for dependencies.
Here's a usage example derived from the workflow (.github/workflows/test-upload.yml):
name: Test JFrog Maven Deploy (CLI-only)
on: [push, workflow_dispatch]
jobs:
upload:
runs-on: ubuntu-latest
environment: ${{ matrix.env }}
permissions:
id-token: write
contents: read
strategy:
fail-fast: false
matrix:
env: [development, qa]
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Generate dummy artifacts
id: gen
shell: bash
run: |
ts=$(date +%s)
ver="1.0-${{ matrix.env }}.$ts"
pom="dummy-artifact-$ver.pom"
jar="dummy-artifact-$ver.jar"
cat >"$pom" <<EOF
<project>
<modelVersion>4.0.0</modelVersion>
<groupId>com.test.local</groupId>
<artifactId>dummy-artifact</artifactId>
<version>$ver</version>
<packaging>jar</packaging>
</project>
EOF
printf 'Test content – %s\n' "$ts" >content.txt
zip "$jar" content.txt && rm content.txt
echo "pom=$pom" >>"$GITHUB_OUTPUT"
echo "jar=$jar" >>"$GITHUB_OUTPUT"
- name: Deploy via JFrog CLI
uses: ./.github/actions/upload-to-jfrog
with:
pom-path: ${{ steps.gen.outputs.pom }}
jar-path: ${{ steps.gen.outputs.jar }}
jfrog-url: ${{ vars.JF_URL }}
jfrog-repo-path: ${{ vars.JF_REPO_PATH }}
jf-access-token: ${{ secrets.JF_ACCESS_TOKEN }}Defined in .github/actions/upload-to-jfrog/action.yml:
| Input | Description | Required |
|---|---|---|
jar-path |
Absolute path to the JAR file | Yes |
pom-path |
Absolute path to the POM file | Yes |
jfrog-url |
URL to your JFrog instance | Yes |
jfrog-repo-path |
Target repository path in JFrog Artifactory | Yes |
oidc-provider-name |
OIDC integration name | Yes |
oidc-audience |
Optional audience claim | No |
jf-access-token |
JFrog Access Token | Yes |
The action executes the following steps:
- Validate Artifacts: Confirms the existence of the specified JAR and POM files.
- Setup JFrog CLI: Configures JFrog CLI with provided inputs using the Setup JFrog CLI GitHub Action.
- Upload Artifacts: Executes JFrog CLI commands to upload artifacts to the specified repository.
The primary authentication method uses a JFrog Access Token provided as the jf-access-token input. Alternatively, JFrog CLI supports short-lived OIDC credentials if configured correctly.
For more details, refer to JFrog CLI Authentication Methods.