Try JFrog
Guides
Contact SupportTry JFrog
Start typing to search…
  1. Artifactory
  2. Connect your Package Manager or IDE to Artifactory

Chef Repositories

The JFrog Artifactory integration with Chef Cookbook allows you to manage Chef collections in Artifactory. Cookbook is an open-source platform that enables you to automate IT processes such as provisioning, application deployment, orchestration, and more. For more information, see Chef documentation.

Artifactory support for Chef Cookbook provides:

  • The ability to provision Cookbook packages from Artifactory to the Knife and Berkshelf command line tool from all repository types.
  • Calculation of metadata for Cookbook packages hosted in Artifactory local repositories.
  • Access to remote Cookbook repositories (in particular the Chef supermarket public repository) through Remote Repositories which provide proxy and caching functionality.
  • The ability to access multiple Cookbook repositories from a single URL by aggregating them under a Virtual Repository. This overcomes the limitation of the Knife client, which can only access a single repository at a time.
  • Compatibility with the Knife command line tool to list, show, and install Cookbooks. Compatibility with the Berkshelf command line to resolve Cookbook dependencies.
  • The ability to assign access privileges according to projects or development teams.
📘

Note

Chef uses the concept of a Chef repository to store their own data objects on a workstation. This is different from the use of "repository" in Artifactory.

Chef provides an official "supermarket" for cookbook packages, so Chef repositories in Artifactory are actually Chef supermarkets in Chef terminology. This page refers to Chef Cookbook repositories and Chef supermarkets interchangeably.

Get Started with Chef

To get started working with Chef, complete the following main steps:

  1. Create a Chef Repository
  2. Deploy and Resolve Chef Collections and Roles

Create a Chef Repository

This topic describes how to create a Chef Repository. This is required before publishing and installing Chef packages. There are three primary types of repositories:

  • Local repositories: Where you store and share 1st and 2nd party packages with your organization
  • Remote repositories: Enable you to download from any remote location, including external package registries or other Artifactory instances
  • Virtual repositories: Enable aggregating remote and local repositories, enabling your organization to scale by providing a single URL that provides access to multiple repositories and types

For more information on JFrog repositories, see Repository Management.

Prerequisite: You need Admin or Project Admin permissions to create a Chef repository. If you don't have Admin permissions, the option will not be available.

To create a Chef supermarket repository:

  1. In the Administration tab, click Repositories > Create a Repository

    art-debian-package-create-repository-06-30.png

  2. Select the repository type you want to create.

  3. Select the Chefpackage type.

  4. Configure the required fields for the repository:

    • For local repositories, in the Repository Key field, type a meaningful name for the repository. For example, chef-local. For more information on local repositories and their settings, see Local Repositories.
    • For remote repositories, verify the Repository URL and update as needed. For example, https://supermarket.chef.io. For more information on remote repositories and their settings, see Remote Repositories.
    • For virtual repositories, select one or more local or remote repositories to include in the virtual repository. For more information on virtual repositories and their settings, see Virtual Repositories.

  5. Click Create Repository. The repository is created, and the Repositories window is displayed.

Deploy Chef Packages

Deploying Chef packages makes them available to other users.

The following options are available for publishing Chef packages:

Deploy Chef Package Using the UI

  1. In the Platform tab, click Artifactory | Artifacts, then click ellipsis |Deploy(Upload). Deploy options are displayed.

    art-package-rewrite-chef-deploy-ui-06-10.png

  2. Select your Chef repository as the Target Repository, and upload the file you want to deploy.

  3. Verify the deploy options, then click Deploy. The package is deployed.

Deploy a Chef Package Using cURL

To deploy a cookbook using Knife, run:

knife artifactory share <cookbook-name> [CATEGORY]

Where:

  • <cookbook-name>: This is a placeholder for the name of your cookbook.
  • [CATEGORY]: This is an optional argument specifying the category your cookbook belongs to. It helps organize cookbooks in Artifactory (for example, “Web Servers”, “Databases”, or “Monitoring”).

Example

knife artifactory share nginx "Web Servers"

Resolve Chef Packages

To install the cookbook using Knife, use the command below:

knife artifactory install <cookbook-name> [VERSION]

Example

# Install the latest version of the 'nginx' cookbook from Artifactory
knife artifactory install nginx

# OR install a specific version of the 'nginx' cookbook (for example, version 2.3.0)
knife artifactory install nginx 2.3.0

Additional Chef Actions

The following additional actions are available with Chef repositories:

Work with Artifactory and Chef without Anonymous Access

By default, Artifactory allows anonymous access for Chef repositories. This is defined under Security | General Configuration. For more information, see Allow Anonymous Access.

If you want to be able to trace how users interact with your repositories you need to uncheck the Allow Anonymous Access setting. This means that users will be required to enter their username and password.

The Knife command line tool does not support basic authentication (it only supports authentication with RSA keys).

To enable basic authentication, you will need to install the knife-art plugin.

Install knife-art plugin

chef gem install knife-art

If properly installed you should see the following specific Artifactory commands:

Knife Artifactory plugin commands

** ARTIFACTORY COMMANDS **
knife artifactory download COOKBOOK [VERSION] (options)
knife artifactory install COOKBOOK [VERSION] (options)
knife artifactory list (options)
knife artifactory search QUERY (options)
knife artifactory share COOKBOOK [CATEGORY] (options)
knife artifactory show COOKBOOK [VERSION] (options)
knife artifactory unshare COOKBOOK VERSION

These commands are a wrapper around the standard Knife supermarket commands, that enable basic authentication. To add these credentials, pre-pend them to the URL of the Chef supermarket configured in your knife.rb file:

Setting the default Chef supermarket for Knife with credentials

knife[:supermarket_site] = 'https://company.jfrog.io/artifactory/api/chef/chef-local'

Use an encrypted password

Use an encrypted password instead of clear-text; see Centrally Secure Passwords.

Use the Knife Command Line

📘

Chef repositories must be prefixed with api/chef in the path

When accessing a Chef supermarket through Artifactory, the repository URL must be prefixed with api/chef in the path. This applies to all Knife commands.

For example, if you are using Artifactory standalone or as a local service, you would access your Chef supermarket using the following URL:

https://localhost:8081/artifactory/api/chef/<repository key>

Or, if you are using Artifactory Cloud, the URL would be:

https://<server name>.jfrog.io/artifactory/api/chef/<repository key>

The Knife command line is installed automatically as part of Chef Workstation.

Once you have created your Chef supermarket, you can select it in the Tree Browser and click Set Me Up to get code snippets you can use to change your Chef supermarket URL, and deploy and resolve packages using the knife command line tool.

Set the default Chef supermarket with a URL pointing to a Chef supermarket in Artifactory by editing your ~/.chef/knife.rb configuration file (the example below uses a repository with the key chef-virtual ). You authenticate the request using your username and password or with your Artifactory API key :

Setting the default Chef supermarket for Knife with credentials

In order to configure your Knife client to work with Artifactory, you need to edit its knife.rb file (which can usually be found under <user-home-dir>/.chef/) and add a reference to your Artifactory Chef repository as a "supermarket_site". For example:

knife[:supermarket_site] = 'https://company.jfrog.io/artifactory/api/chef/chef-local'

To support authentication, which may be required by Artifactory, you need to install the knife-art plugin.

config.rb file location

The config.rb file, which replaces the knife.rb file, doesn't exist by default. It can be created with the knife configure command. For more information, including possible file locations, see knife documentation. The location of this file can be overidden with the --config parameter when running a knife command.

If there is no config.rb file, knife looks for a knife.rb file as a fallback.

Use the Berkshelf Command Line

📘

Note

From version 6.1.0, Berkshelf supports authenticated access to Artifactory using an API Key. Previous versions of Berkshelf only supported Anonymous access to Artifactory.

Berkshelf is a dependency manager for Chef Cookbooks and is a part of the ChefDK.

To resolve dependencies from a Chef supermarket in Artifactory, first configure your Artifactory API Key using config.rb:

Setting the Artifactory API key for use by Berkshelf

artifactory_api_key "<APIKEY>"

Then set the default supermarket in your Berksfile's Cookbook:

Setting the default Chef supermarket for Berkshelf

source artifactory: 'https://localhost:8081/artifactory/api/chef/chef-virtual'

Then you can execute the berks command to download the required dependencies from Artifactory:

Resolving dependencies with Berkshelf

vagrant@default-ubuntu-1404:~/chef-zero/mycookbook$ berks
Resolving cookbook dependencies...
Fetching 'mycookbook' from source at .
Fetching cookbook index from http://localhost:8081/artifactory/api/chef/chef-virtual...
Installing apt (5.0.0) from http://localhost:8081/artifactory/api/chef/chef-virtual ([opscode] http://localhost:8081/artifactory/api/chef/chef-virtual/api/v1)
Installing chef-apt-docker (1.0.0) from http://localhost:8081/artifactory/api/chef/chef-virtual ([opscode] http://localhost:8081/artifactory/api/chef/chef-virtual/api/v1)
Installing chef-yum-docker (1.0.1) from http://localhost:8081/artifactory/api/chef/chef-virtual ([opscode] http://localhost:8081/artifactory/api/chef/chef-virtual/api/v1)
Installing compat_resource (12.16.2) from http://localhost:8081/artifactory/api/chef/chef-virtual ([opscode] http://localhost:8081/artifactory/api/chef/chef-virtual/api/v1)
Using mycookbook (0.1.0) from source at .
Installing yum (4.1.0) from http://localhost:8081/artifactory/api/chef/chef-virtual ([opscode] http://localhost:8081/artifactory/api/chef/chef-virtual/api/v1)

Updated 3 months ago