# Artifactory Publish your artifacts to an Artifactory instance. ## How it works You can declare multiple Artifactory instances. All binaries generated by your `builds` section will be pushed to each configured Artifactory. If you have only one Artifactory instance, the configuration is as easy as adding the upload target, and a username to your `.goreleaser.yaml` file: ```yaml artifactories: - name: production target: http://:8081/artifactory/example-repo-local/{{ .ProjectName }}/{{ .Version }}/ username: goreleaser ``` Prerequisites: - A running Artifactory instances - A user + password / client x509 certificate / API key with grants to upload an artifact ### Target The `target` is the URL to upload the artifacts to (_without_ the name of the artifact). An example configuration for `goreleaser` in upload mode `binary` with the target can look like ```yaml - mode: binary target: "http://artifacts.company.com:8081/artifactory/example-repo-local/{{ .ProjectName }}/{{ .Version }}/{{ .Os }}/{{ .Arch }}{{ if .Arm }}{{ .Arm }}{{ end }}" ``` And will result in a final deployment like `http://artifacts.company.com:8081/artifactory/example-repo-local/goreleaser/1.0.0/Darwin/x86_64/goreleaser`. Supported variables: - `Version` - `Tag` - `ProjectName` - `Os` - `Arch` - `Arm` !!! info Variables _Os_, _Arch_ and _Arm_ are only supported in upload mode `binary`. ### Username Your configured username needs to be authenticated against your Artifactory. You can have the username set in the configuration file as shown above, or you can have it read from an environment variable. The configured name of your Artifactory instance will be used to build the environment variable name. This way we support authentication for multiple instances. This also means that the `name` per configured instance needs to be unique per GoReleaser configuration. The name of the environment variable will be `ARTIFACTORY_NAME_USERNAME`. If your instance is named `production`, you can store the username in the environment variable `ARTIFACTORY_PRODUCTION_USERNAME`. The name will be transformed to uppercase. If a configured username is found in the configuration file, then the environment variable is not used at all. ### Password / API Key The password or API key will be stored in an environment variable. The configured name of your Artifactory instance will be used. With this way we support auth for multiple instances. This also means that the `name` per configured instance needs to be unique per goreleaser configuration. The name of the environment variable will be `ARTIFACTORY_NAME_SECRET`. If your instance is named `production`, you need to store the secret in the environment variable `ARTIFACTORY_PRODUCTION_SECRET`. The name will be transformed to uppercase. ### Client authorization with x509 certificate (mTLS / mutual TLS) If your artifactory server supports authorization with mTLS (client certificates), you can provide them by specifying the location of an x509 certificate/key pair of pem-encode files. ```yaml artifactories: - name: production target: http://:8081/artifactory/example-repo-local/{{ .ProjectName }}/{{ .Version }}/ client_x509_cert: path/to/client.cert.pem client_x509_key: path/to/client.key.pem ``` This will offer the client certificate during the TLS handshake, which your artifactory server may use to authenticate and authorize you to upload. ### Server authentication You can authenticate your Artifactory TLS server adding a trusted X.509 certificate chain in your configuration. The trusted certificate chain will be used to validate the server certificates. You can set the trusted certificate chain using the `trusted_certificates` setting the artifactory section with PEM encoded certificates on a YAML literal block like this: ```yaml puts: - name: "some artifactory server with a private TLS certificate" #...(other settings)... trusted_certificates: | -----BEGIN CERTIFICATE----- MIIDrjCCApagAwIBAgIIShr2zchZo+8wDQYJKoZIhvcNAQENBQAwNTEXMBUGA1UE ...(edited content)... TyzMJasj5BPZrmKjJb6O/tOtEIJ66xPSBTxPShkEYHnB7A== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIDrjCCApagAwIBAgIIShr2zchZo+8wDQYJKoZIhvcNAQENBQAwNTEXMBUGA1UE ...(edited content)... TyzMJasj5BPZrmKjJb6O/tOtEIJ66xPSBTxPShkEYHnB7A== -----END CERTIFICATE----- ``` ## Customization Of course, you can customize a lot of things: ```yaml # .goreleaser.yaml artifactories: # You can have multiple Artifactory instances. - # Unique name of your artifactory instance. Used to identify the instance name: production # IDs of the artifacts you want to upload. ids: - foo - bar # File extensions to filter for. # This might be useful if you have multiple packages with different # extensions with the same ID, and need to upload each extension to # a different place (e.g. nFPM packages). # # Since: v1.7 exts: - deb - rpm # Matrix will run the upload for each possible combination of the given # values. # The keys will be available as template variables in the `target` and # `custom_headers` fields. # # This feature is only available in GoReleaser Pro. # Since: v1.20 (pro) matrix: foo: [bar zaz] something: [foobar somethingelse anotherthing] # Upload mode. Valid options are `binary` and `archive`. # # If mode is `archive`, variables _Os_, _Arch_ and _Arm_ for target name # are not supported. In that case these variables are empty. # # If mode is `binary`, you'll need to have the archives section setup with # format "binary" as well. # # Default: 'archive' mode: archive # URL of your Artifactory instance + path to deploy to target: http://artifacts.company.com:8081/artifactory/example-repo-local/{{ .ProjectName }}/{{ .Version }}/ # Tells goreleaer not to append the artifact name to the target URL. You must do this manually custom_artifact_name: true # User that will be used for the deployment username: deployuser # Client certificate and key (when provided, added as client cert to TLS connections) # # Since: v1.11 client_x509_cert: /path/to/client.cert.pem client_x509_key: /path/to/client.key.pem # Upload checksums. checksum: true # Upload signatures. signature: true # Certificate chain used to validate server certificates trusted_certificates: | -----BEGIN CERTIFICATE----- MIIDrjCCApagAwIBAgIIShr2zchZo+8wDQYJKoZIhvcNAQENBQAwNTEXMBUGA1UE ...(edited content)... TyzMJasj5BPZrmKjJb6O/tOtEIJ66xPSBTxPShkEYHnB7A== -----END CERTIFICATE----- ``` !!! success "GoReleaser Pro" Some options are only available in [GoReleaser Pro feature](/pro/). These settings should allow you to push your artifacts into multiple **Artifactory** instances. !!! tip Learn more about the [name template engine](/customization/templates/).