Artifactory
What Is Artifactory?
The core of the JFrog DevOps Platform, Artifactory provides a single source of truth for binaries, dependencies and build artifacts for release management. It’s a universal binary repository Read more manager, supporting 30+ build packages, artifacts, and their corresponding metadata. DevOps teams can standardize on build bill-of-materials across the Dev, Test, Stage, and Prod steps for both continuous integration (CI) and continuous delivery (CD). Artifactory integrates with your preferred DevOps tools. Read lessWho Uses Artifactory?
Since software development is an integral part of business operations in nearly every vertical market, Artifactory serves companies in all major industry sectors.
Not sure about Artifactory?
Compare with a popular alternative
Artifactory
Reviews of Artifactory
Sachin
Artifacts management become easy
Comments: As a Devops team we are offering JFrog Artifactory to developers where they can store their dependencies, packages, binaries, images and etc. We have integrated it with CI/CD tools such as Jenkins, Azure DevOps made a service connection between these so whenever a pipeline got executed it can retrieve and upload artifacts. Hence, we are able to manage all the artifacts at a single universal location. All of these features reduced our work very much.
Pros:
Artifactory makes easy to manage artifacts, binaries and containers at a single universal location. It is very crucial parts of devOps. Managing artifacts becomes challenging when we grow. It supports mostly all sort of packages such as maven, gradle. While running CI/CD pipelines we are making a call to a the repository where all the dependent packages are stored. With REST API we can retrieve and upload the packages as well about logging into the UI. Cross region replication is easily implemented.
Cons:
Nothing major I can think of. But, there is one part where I can think improvement can be done while uploading any package manually there's numerous values which which need to fill in until unless it's a non-generic package.
Gil
Alternatives Considered:
The Best Binary Repository
Comments: It's very intuative and a standard of binary repositories, the basic verion supports all packages and Jenkins and other tools. Highly recommended!
Pros:
We use the WebDAV shares functionality to our source control so when a developer commits/delivers code and binary to the source control (RTC) it moves the binaries to Artifactory so it keeps the source control safe from binaries. I also like the support for all types of packages including Conan C/C++ packages. It has a connector to almost anything including Jenkins, Docker, K8S, etc.
Cons:
The free/open source version lacks functionality comparing to it competitors such as supporting comiting more than one file and some packages support.
Daniel
Perhaps Not Needed, But Interesting?
Comments: Cool graphics, easy to understand, but ultimately not needed.
Pros:
I'll admit that I've been very intrigued by the fancy digital mapping used in JFrog's general interface, and especially so in Artifactory. Cool graphics let me know exactly what all my information is doing or going, and is intended to provide clarity.
Cons:
The software provides so much clarity that I'm not actually sure if I need it! Seriously, it's a cool product, but the features are so automatically included in other products that we already use... it seems like an unnecessary add-on.
Verified Reviewer
A good companion for Java software crafters
Pros:
Any software company, after a while, has its own internal tools that you can't keep copying to each new project. Also, any Continuous Integration/Deployment system needs a repository for the artifacts. Artifactory serves perfectly to these needs. The web UI is simple enough, with a nice search engine, good integration with main CI servers and a REST API. Maven support is available in the OOS version and many other packages are supported in the Pro one (eg. NPM, Docker). If you're behind a corporate proxy you'll love the repository mirroring to limit the hassle with IT. Available on-premise and as cloud service. Upgrade is easy.
Cons:
It mostly works transparently, but be careful if you're behind a too strict proxy: recently our client's IT security decided that many JARs from Maven Central were dangerous, redirecting to a "forbidden" page. We soon ended up with the repository full of JARs actually containing that page. It took a while to figure out, so remember to keep the MD5 check enabled. Sometimes it seems that Artifactory starts leaking memory and we need to restart it. The Pro version is not really cheap.
Verified Reviewer
Securely store and scan all your container artifacts with Artifactory!
Comments: We are using artifactory for storing all our container images and even gold standard images are well. We have different repo's for different use cases and IAM is built on top of artifactory to restrict access to sensitive images. X-Ray scan is also used in our CI/CD pipelines to make sure secure and quality images are being developed.
Pros:
1. X-Ray scanning: scans your container images which are stored on Artifactory and then publish results for the developers use. Admins can build policies to restrict allowance of vulnerable images and set thresholds. 2. Categories for repositories can be built: Local vs remote vs virtual repos can be created which is very usful. You can even onboard remote repos on your central artifactory instance and also create virtual repos which include both local and remote.
Cons:
GUI for artifactory is not that great. One can simply get lost in tons of options and strugle to find the right menus. This increases the learning curve for the application which is frustrating at times. However, great documentation is available on vendor's website which helps a lot to find solutions.