HiddenLayer Security Plugin for JFrog Artifactory scans machine learning models stored in the Artifactory repository.
- JFrog Artifactory Pro
The HiddenLayer Security Plugin is available on GitHub.
To install the HiddenLayer Security Plugin, add the plugin to the $ARTIFACTORY_HOME/etc/plugin directory.
The Artifactory administrator must set up a repository and provide an Artifactory Repository Key. You can configure the HiddenLayer plugin using the Repository Key.
While the HiddenLayer plugin can work with any Artifactory repository, proper scan results are provided for large language model scans only. It is recommended to use the HiddenLayer with a Hugging Face repository or your own repository with large language models. The HiddenLayer model scanner starts to scan when a file begins to download.
Edit the
hiddenlayer.propertiesfile, located at$ARTIFACTORY_HOME/etc/plugin/.In the
hiddenlayer.propertiesfile, change the following.- Add your HiddenLayer client id to
hiddenlayer.auth.client_id=. - Add your HiddenLayer client secret to
hiddenlayer.auth.client_secret=. - Add your repository keys to
hiddenlayer.scan.repo_ids=. For multiple keys, separate the keys with commas.
- Add your HiddenLayer client id to
Save the properties file.
If you add more repositories to the hiddenlayer.properties file, use the following command to reload the security plugin. Change localhost to the correct URL you are using.
curl -XPOST -uadmin:<password> localhost:8081/artifactory/api/plugins/reload