jfrog-cli icon indicating copy to clipboard operation
jfrog-cli copied to clipboard
verified publisher icon jfrog

Access to calling curl through JF CLI based on the JFrog Platform URL

Open moegwsa opened this issue 1 year ago • 3 comments

Is your feature request related to a problem? Please describe. Currently, the JFrog CLI allows us to perform a number of tasks to maintain the JFrog Platform and the associated applications having the credentials stored away safely.

However not all services which are provided through the REST API which are also fully accessible through the JFrog CLI. This may result in credential information being leaked through build pipeline logs if the REST API's are invoked and insufficient care is given ir order to avoid presenting the information.

Examples of this are that it is possible to create new release bundles, but getting a list of existing release bundles require The REST API's to be called directly.

Describe the solution you'd like to see I would like to be able to call the REST API from the JFrog CLI based on the JFrog Platform URL instead of being restricted to do so based on the "jf rt curl..." and the "jf xr curl..." which limit which endpoints are available.

An example of this could be: jf curl -XPOST "/lifecycle/api/v2/promotion...

Describe alternatives you've considered The alternatives would be to either be limited by which commands have been implemented in the JFrog CLI, or to using the JFrog REST API specifying credentials directly and hoping no credentials are leaked into the build logs.

moegwsa avatar Aug 29 '24 13:08 moegwsa

This would be a great addition!

DavidRadoorHummel avatar Sep 04 '24 09:09 DavidRadoorHummel

jf curl would be an invaluable addition to the JFrog CLI

krishnamanchikalapudi avatar Sep 05 '24 01:09 krishnamanchikalapudi

related: https://github.com/jfrog/jfrog-cli/issues/2595

mgriffin13 avatar Jan 24 '25 19:01 mgriffin13

This issue has been marked as stale due to 6 months of inactivity. As part of our effort to address every issue properly, please feel free to remove the stale label or keep this issue active by leaving a comment. Otherwise, it will be closed in 7 days

github-actions[bot] avatar Sep 24 '25 09:09 github-actions[bot]

This is still pending.

mgriffin13 avatar Sep 28 '25 02:09 mgriffin13

We do not plan to support this. In order to make it work, create a token with the CLI and then use that token for regular curl calls.

RemiBou avatar Oct 17 '25 13:10 RemiBou

We do not plan to support this. In order to make it work, create a token with the CLI and then use that token for regular curl calls.

Can you elaborate on the reason you're not going to support it? You already support the feature for jfrog rt curl and jfrog xr curl, it seems strange to limit this very useful feature to a relatively small subset of API endpoints.

mgriffin13 avatar Oct 17 '25 16:10 mgriffin13