Try JFrog
Guides
Contact SupportTry JFrog
Start typing to search…
  1. Install Individual Products
  2. Install
  3. Installing Catalog

Install JFrog Catalog with Helm and OpenShift

This page describes how to install or upgrade JFrog Catalog using Helm on Kubernetes and OpenShift.

This page describes how to install or upgrade JFrog Catalog using Helm on Kubernetes and OpenShift.

JFrog Catalog provides a centralized view of software packages and their security posture.

Starting with Xray chart version 103.111.9, Catalog is included as a dependent sub-chart of the JFrog Platform and Xray charts. Starting with Xray version 3.137.x, Catalog can also be deployed decoupled from Xray, allowing it to run independently for improved availability and scaling.

📘

Although Catalog can be installed as a standalone service, it is most commonly enabled and managed through the parent JFrog Platform or Xray Helm chart using values.yaml.

System Requirements

Ensure that the nodes running the Catalog service meet the following minimum requirements:

ResourceRequirement
CPU2 cores minimum (4 cores recommended)
Memory6 GB RAM per node
DatabasePostgreSQL 13.x – 17.x
CacheValkey (required for Catalog 3.131.x and later)

Secure Configuration Using Kubernetes Secrets (Recommended)

To avoid storing sensitive keys in plain text, use Kubernetes Secrets for the joinKey and masterKey.

  1. Create the Secret
kubectl create secret generic jfrog-keys \
  --from-literal=join-key=<YOUR_JOIN_KEY> \
  --from-literal=master-key=<YOUR_MASTER_KEY> \
  -n <your-namespace>
  1. Reference the Secret in values.yaml
joinKeySecretName: jfrog-keys
masterKeySecretName: jfrog-keys

Kubernetes Installation (EKS, GKE, AKS, and Vanilla Kubernetes)

JFrog Platform (Umbrella Chart)

xray:
  enabled: true
  catalog:
    enabled: true
    cache:
      enabled: true
    database:
      url: "postgres://<DB_HOST>:5432/catalogdb?sslmode=disable"
      user: "catalog"
      password: "password"

  valkey:
    enabled: true

JFrog Xray (Standalone Chart)

catalog:
  enabled: true
  cache:
    enabled: true
  database:
    url: "postgres://<DB_HOST>:5432/catalogdb?sslmode=disable"
    user: "catalog"
    password: "password"

valkey:
  enabled: true

JFrog Catalog (Standalone Installation)

jfrogUrl: "https://jfrog.example.com"

joinKey: "YOUR_JOIN_KEY"
masterKey: "YOUR_MASTER_KEY"

cache:
  enabled: true

database:
  url: "postgres://<DB_HOST>:5432/catalogdb?sslmode=disable"
  user: "catalog"
  password: "password"

valkey:
  enabled: true

OpenShift Installation

On OpenShift, container and pod security contexts must be disabled to allow OpenShift to assign user IDs.

JFrog Platform (Umbrella Chart)

xray:
  enabled: true
  catalog:
    enabled: true
    cache:
      enabled: true
    containerSecurityContext:
      enabled: false
    podSecurityContext:
      enabled: false
    database:
      url: "postgres://<DB_HOST>:5432/catalogdb?sslmode=disable"
      user: "catalog"
      password: "password"

  valkey:
    enabled: true
    containerSecurityContext:
      enabled: false

JFrog Xray (Standalone Chart)

catalog:
  enabled: true
  cache:
    enabled: true
  containerSecurityContext:
    enabled: false
  podSecurityContext:
    enabled: false
  database:
    url: "postgres://<DB_HOST>:5432/catalogdb?sslmode=disable"
    user: "catalog"
    password: "password"

valkey:
  enabled: true
  containerSecurityContext:
    enabled: false

JFrog Catalog (Standalone – OpenShift)

jfrogUrl: "https://jfrog.example.com"

joinKey: "YOUR_JOIN_KEY"
masterKey: "YOUR_MASTER_KEY"

cache:
  enabled: true

database:
  url: "postgres://<DB_HOST>:5432/catalogdb?sslmode=disable"
  user: "catalog"
  password: "password"

containerSecurityContext:
  enabled: false
podSecurityContext:
  enabled: false

valkey:
  enabled: true
  containerSecurityContext:
    enabled: false

Install or Upgrade Using Helm

Update the Helm Repository

helm repo add jfrog https://charts.jfrog.io
helm repo update

Install or Upgrade

JFrog Platform

helm upgrade --install jfrog-platform jfrog/jfrog-platform \
  -n jfrog \
  -f values.yaml

JFrog Xray

helm upgrade --install xray jfrog/xray \
  -n xray \
  -f values.yaml

Standalone Catalog

helm upgrade --install catalog jfrog/catalog \
  -n catalog \
  --create-namespace \
  -f values.yaml

Verify the Installation

Verify Pod Status

kubectl get pods -n <your-namespace> | grep -E "catalog|valkey"

Verify Service Health

curl http://catalog-service:8046/catalog/api/v1/system/app_health

Expected response:

{
  "entitlements": {
    "entitled_for_catalog": true,
    "has_central_token": true
  },
  "db_connection_working": true,
  "status": "ok"
}

Updated 5 days ago