JFrog CLI Issue with OIDC Token Expiry

[krishnamanchikalapudi]

Describe the bug

When using an OIDC token configured to expire after 1 minute in a GitHub action to download Maven jars and build a Docker image, the download fails with a 401 error ("Token failed verification expired"). The token expires before the process completes, causing an incomplete download.

Current behavior

The token expires in 1 minute, and JFrog CLI does not automatically refresh it, leading to a 401 error and incomplete downloads. Refer GitHub Action job# https://github.com/krishnamanchikalapudi/spring-petclinic/actions/runs/11005259480/job/30557614565

Reproduction steps

1. Configure GitHub Integration:

• Set the OIDC token expiration duration to 1 minute in Artifactory's GitHub integration.

2. Run Maven Build:

• Use the configured OIDC token in a GitHub Action to initiate a Maven build that requires downloading dependencies from Artifactory.

3. Build Docker Image:

• As part of the same workflow, attempt to build a Docker image that pulls from the Maven artifacts.
  Observe Issue:

The token expires before the process completes, resulting in a 401 error (Token failed verification: expired) and incomplete artifact download.

Expected behavior

The JFrog CLI should refresh the token upon expiration to ensure that the download completes without requiring a long-duration token.

Setup JFrog CLI version

jfrog/setup-jfrog-cli@v4

JFrog CLI version

2.67.0

Workflow operating system type and version

ubuntu:latest

JFrog Artifactory version (if relevant)

No response

JFrog Xray version (if relevant)

No response