Gain Visibility into Your NuGet Builds Using Build-Info in JFrog Artifactory
NuGet is an open-source package manager designed for the Microsoft development platform designed to support packaging DLL files with metadata. NuGet repositories in JFrog Artifactory support the application lifecycle from the developer’s fingertips through distribution to consumers while covering application security, vulnerability analysis, and artifact flow control.
After creating your NuGet repository in Artifactory, you can set up your builds to consume their NuGet dependencies from Artifactory, as well as publishing your code, packaged as a NuGet package to Artifactory. While Artifactory stores your NuGet packages it also manages the metadata about your NuGet builds.
Running your NuGet builds with JFrog CLI, allows you to store exhaustive build information in Artifactory. The build-info includes information about the build agent, build tool, environment variables, the user who initiated the build, the build duration, list of dependencies, artifacts and a lot more.
You will be able to collect and publish your NuGet build information to Artifactory, trace your builds easily, gain visibility of the used dependencies, generate information about the build environment and promote your build. Once published, the build info can be viewed in the Build Browser under Builds.
Once you set up your builds to publish build-info to Artifactory, you can:
- Promote a whole build from one repository to another.
- Scan a complete build for security vulnerabilities using JFrog Xray.
- View license violations.
- Search for artifacts by builds.
The way we see it, the Artifactory BuildInfo approach provides a higher level of abstraction when you manage your build pipelines as you no longer manage individual NuGet packages, but rather relate to entire builds. Making this one of the most powerful features of Artifactory as a NuGet repository.
To get started!
Check out these resources to help you get started: