Glide to JFrog DevSecOps with the New Experience
We’re excited to share with you that we have launched a completely new way to start using the JFrog DevOps Platform that you – as a developer – will love. We’ve provided a super-easy, developer-friendly path to discovering how Artifactory and Xray can help you produce safer apps, faster, getting started through the command line shell and IDE that you use every day.
It’s already easy to get a free JFrog cloud account through our website, which equips you with:
- Artifactory – The industry-leading repository manager and secure source of truth for all packages, images, and artifacts.
- Xray – The software composition analysis tool that helps keep out known open source vulnerabilities.
- Pipelines – Natively integrated CI/CD automation for your DevOps pipeline that powers your JFrog circle of trust.
Now you can not only start the same signup process for a free cloud account through your command line, but we’ll automatically install the JFrog CLI and configure your environment to start using your new JFrog account with your projects. All in under 5 minutes!
Just sit back, run a few simple commands, and we’ll do the rest for you.
Developer-Friendly Setup
To start using JFrog, you only have to run one command from your terminal, then follow the instructions.
Mac or Linux
If you’re using Mac or Linux, you can get started using the curl
utility:
curl -fL https://getcli.jfrog.io/setup | sh
Windows
If your using Windows, run Powershell:
powershell "Start-Process -Wait -Verb RunAs powershell '-NoProfile iwr https://releases.jfrog.io/artifactory/jfrog-cli/v2/[RELEASE]/jfrog-cli-windows-amd64/jfrog.exe -OutFile $env:SYSTEMROOT\system32\jf.exe'" ; jf setup
Running either of these commands launches the setup of your JFrog environment:
- The JFrog CLI is installed on your workstation.
- A browser window opens with a simple registration form.
- After filling out the form and clicking Proceed, we’ll create a new free JFrog account for you. The newly installed JFrog CLI automatically pulls its connection details, and sets up your workstation to work with it.
- In your terminal, you’ll be prompted to run the new jf project init command under the root of your code project.
- Once the project completes initialization, you’ll be able to start using the features of Artifactory and Xray through the JFrog CLI.
Discover the Value
Your new JFrog cloud account is available right away, and you can access it anytime through your browser using your e-mail and password.
But you don’t even have to leave your terminal to start using the JFrog Platform with your projects.
First, change your current directory (through the cd
command) to the root directory of your project. Then, initialize your project for use with JFrog.
cd \myworkspace\myproject
jf project init
Once the project completes initialization, you’ll be able to start using the features of Artifactory and Xray through the JFrog CLI.
Auditing and Scanning
From your command line, you can harness JFrog Xray’s component analysis and extensive vulnerabilities database to produce a security report for the project or for any software package on your workstation
Through a simple JFrog CLI command, you can reveal which of your project’s open source components are vulnerable and replace them with safer versions even before you commit your code.
- To audit your code project for security vulnerabilities, while inside the root directory of your project:
-
jf audit
- To scan a particular software package on your local machine for security vulnerabilities:
-
jf scan path/to/dir/or/package
Your security report will be displayed in the terminal.
IDE Integration
You’re also set up to bring this security visibility into your IDE. If you’re using VS Code, IntelliJ IDEA, WebStorm, PyCharm, Android Studio or GoLand, just install the JFrog extension or plugin. Your IDE will magically become aware of the new environment.
Once your IDE plugin is installed, you’ll be able to view security violation information about your local project in the newly activated JFrog panel. For example, in IntelliJ IDEA:
Build and Deploy
You can perform builds and deploys of your projects through the JFrog CLI as well, which will collect build info that you can then publish to Artifactory.
For example, to perform a Maven install and deploy:
jf mvn install deploy
To publish build info for your build to your JFrog environment, run the following command:
jf rt bp
You can learn much more about the kind of builds and deploys you can do for npm, Gradle, pip, or Golang through the JFrog CLI in our Getting Started Guide.
Just the Start
At JFrog, we’ve been putting a lot of thought into trying to make this flow as automatic, easy to use and convenient as it can be. You don’t need to know what Local, Remote or Virtual repositories are in Artifactory. You don’t need to configure Watches, Rules or Policies in Xray.
But after seeing how JFrog can help you as a developer, we hope you’ll want to learn more, use the power of the JFrog Platform to accelerate development, and invite others on your team to give Artifactory and Xray a try!