This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

How to authenticate/authorize cloud functions from Jfrog Artifactory webhooks

Posted on 04-11-2022 03:06 AM
gpkmr-genesys
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hello Team - I have a function app which is hosted in my GCP project with authentication turned on.

This app will be triggered from Jfrog artifactory event based webhook. 

 

The issue I face here is to authenticate/authorize the HTTP request. I tried using "Authorization: bearer <identity token>" header, which works good. But that token seems to expire after 60 minutes.

 

Q: Is there a permanent way to authorize/authenticate the HTTP requests ? There isn't any custom options available in Artifactory except adding additional headers. I am finding it hard to get a solution from GCP documentation. I do have the service account created with "roles/cloudfunctions.invoker" role.

Reference about Jfrog artifactory webhooks: https://www.jfrog.com/confluence/display/JFROG/Webhooks 

0 1 530
Topic Labels
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
ghayas_muhammad
Staff
Reply posted on --/--/---- --:-- AM

The solution downgrade the security level from a short lived token (1h) to long lived token (no limit). But you can use API Gateway to ensure the API Key check and query forward.

A much simpler pattern is to remove the authentication check on Cloud Functions (and make it public) and to perform that API key (in fact a random string comparison) in your functions itself.

0 Likes