Skip to content

Commit 554c351

Browse files
EyalDelareaEyalDelarea
committed
Update
1 parent 25123d1 commit 554c351

File tree

1 file changed

+8
-5
lines changed

1 file changed

+8
-5
lines changed

content/actions/security-for-github-actions/security-hardening-your-deployments/configuring-openid-connect-in-jfrog.md

Lines changed: 8 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,7 @@ For an example {% data variables.product.prodname_actions %} workflow using the
3535

3636
For example, you can set `iss` to `https://token.actions.githubusercontent.com`, and the `repository` to something like "octo-org/octo-repo"`. This will ensure only Actions workflows from the specified repository will have access to your JFrog platform. The following is an example Claims JSON when configuring identity mappings.
3737

38-
```json
38+
```json copy
3939
{
4040
"iss": "https://token.actions.githubusercontent.com",
4141
"repository": "octo-org/octo-repo"
@@ -72,19 +72,22 @@ jobs:
7272
uses: jfrog/setup-jfrog-cli@v4
7373
with:
7474
JF_URL: ${{ env.JF_URL }}
75-
oidc-provider-name: 'my-github-provider' # Replace with your configured provider name
76-
oidc-audience: 'jfrog-github' # Replace with your configured audience
75+
oidc-provider-name: 'YOUR_PROVIDER_NAME'
76+
oidc-audience: 'YOUR_AUDIENCE'
7777

7878
- name: Upload artifact
7979
run: jf rt upload "dist/*.zip" my-repo/
8080

8181
```
8282

8383
> [!TIP]
84-
> When OIDC authentication is used, the `setup-jfrog-cli` action automatically provides short-lived (`oidc-user` and `oidc-token`) as step outputs. These can be used for Docker, Helm, and other integrations that require authentication with JFrog. No additional configuration is needed to enable these outputs.
84+
> When OIDC authentication is used, the `setup-jfrog-cli` action automatically provides `oidc-user` and `oidc-token` as step outputs.
85+
> These can be used for other integrations that require authentication with JFrog.
86+
> To reference these outputs, ensure the step has an explicit `id` defined (e.g., `id: setup-jfrog-cli`).
8587
88+
### Example: Using OIDC Credentials in Other Steps
8689
```yaml
87-
- name: Login to Artifactory
90+
- name: Login to Artifactory Docker Registry
8891
uses: docker/login-action@v3
8992
with:
9093
registry: ${{ env.JF_URL }}

0 commit comments

Comments
 (0)