Pipelines CI/CD and the JFrog Platform Difference

With the release of the JFrog DevOps Platform, we launched the first general availability of JFrog Pipelines, our powerful system for next-generation CI/CD.

Pipelines’ many great features help make DevOps pipelines automation rapid, repeatable, and secure. With flexible runtime management, a robust DSL, and a real-time interactive UI, Pipelines is a muscular CI/CD solution we know you’ll love.

But what makes Pipelines different? In an established landscape of CI servers, why should you take a look?

To start, Pipelines isn’t just a standalone CI/CD solution, it’s part of the JFrog Platform, with Artifactory and your binaries at its heart. That’s not a side benefit, it’s a vital step toward Liquid Software. Pipelines complements the already rich binary/artifact lifecycle in the platform by empowering users to automate the process of creating binaries from code, managing staging transitions and deploying to production. In this way, Pipelines is a key part of a comprehensive engine for unleashing the full power of DevOps in your organization.

Here are some of the most important ways that being part of the JFrog Platform makes Pipelines essential:

Native Steps: What not How

Most CI servers rely on you to accomplish automation through shell scripting. This means you have to solve every problem, tell your automation server how to do everything, one command at a time through a collection of CLIs or APIs.

You can do that in Pipelines, using the generic Bash step for complete control. Or you can get your pipeline up and running rapidly and reliably using Pipelines’ native steps.

With Pipelines’ native steps, you only have to tell your automation server what to do, not how to do it. As part of the JFrog Platform, Pipelines natively knows the best way to publish your builds to Artifactory, as well as build and deliver release packages through Distribution. Native steps provide you quick building blocks to perform the everyday tasks that fill your Artifactory repositories.

Need to build and push a Docker image to a registry? Let the DockerBuild and DockerPush native steps do the work; you specify only the source, the build name and tag, and the destination registry.

    steps:
      - name: docker_build
        type: DockerBuild
        configuration:
          affinityGroup: dockerGroup
          dockerFileLocation: .
          dockerFileName: Dockerfile
          dockerImageName: pipelines.mycompany.info:8081/docker-local/alpine37'
          dockerImageTag: ${run_number}
          inputResources:
            - name: myDockerRepo
          integrations:
            - name: myArtifactory
 
      - name: docker_push
        type: DockerPush
        configuration:
          affinityGroup: dockerGroup
          targetRepository: docker-local
          integrations:
            - name: myArtifactory
          inputSteps:
            - name: docker_build

• Building a GoLang app? The GoBuild, GoPublishBinary, and GoPublishModule native steps simplify the process. 
• Executing Maven and npm builds with your Artifactory remote repositories is made simple with MvnBuild, NpmBuild, and NpmPublish steps.
• Once your builds are ready for deployment to Kubernetes, the HelmPublish and HelmDeploy native steps can speed them to K8s.

Turning DevOps into DevSecOps is a natural fit. Just add an XrayScan step to your pipeline, or just set the `forceXrayScan` property of your publishing steps to true.

With native steps, the best practices for DevOps through JFrog are built into the Pipelines DSL.

Naturally Integrated

Your CI server never does any work alone, it needs to be tightly connected to your universe of other DevOps automation tools. That starts with your source repository VCS, and can mean dozens of other services for storage, notifications, binaries management, security, and distribution.

Setting up most CI servers, including Jenkins and others, means you have to forge each of those connections individually. Some tool providers may make a plugin or extension readily available to ease the process, but each one needs to be acquired, installed, and configured. Other tools may require you to perform the integration yourself through a CLI or REST APIs.

With Pipelines, building your CI/CD ecosystem is far simpler. To start, Pipelines is naturally joined with the other JFrog Platform tools that are the core of your build pipeline: Artifactory, Xray, and Distribution. The unified tools at the heart of your DevOps universe integrate together just by being installed.

Pipelines also provides out-of-the-box integrations for the most popular tools in your ecosystem, including GitHub, GitLab, BitBucket, Slack, Jira, AWS, GCP, Docker, Kubernetes, and many more. Integrating most of these services with Pipelines is as simple as entering a URL endpoint and user credentials. 

With central secrets management, Pipelines helps keep them secure in an encrypted vault separate from your pipeline code. If you do need to integrate with a service Pipelines doesn’t provide for, Pipelines supports webhooks and keeping any additional secrets in its central store.

That makes getting Pipelines up and running easy, but you’ll find it makes maintenance easier, too. Pipelines stays naturally in sync with all your JFrog tools as you update your JFrog Platform. And rather than tracking updates for third-party services and plugins, you can rely on Pipelines’ built-in integrations to stay current through every JFrog Platform software update. 

Central Permissions

The JFrog Platform offers one-stop administration for your core DevOps tools. Through the same single-sign-on, administrators can set up permissions groups for Artifactory, and use the same groups for Pipelines. This helps ensure consistency of access privileges for your entire group of components.

As an admin can limit individual users or groups to certain repositories in Artifactory, so can they be restricted to only the pipelines that will use those repositories. When controlled through the same single pane of glass, you can be more assured those user permissions are consistent.

One-Stop DevOps

These are only some highlights of Pipelines many features, but they’re integral to being part of the JFrog Platform.

With the addition of Pipelines CI/CD automation, the JFrog Platform is an end-to-end solution for your software delivery from commit to cluster. Pipelines helps to solve many of your DevOps problems with a single, unified platform that promotes efficiency and best practices.

Getting started with Pipelines couldn’t be simpler, as an affordable SaaS add-on to any JFrog Cloud Pro, Cloud Pro X, Cloud Enterprise, or Cloud Enterprise+ plan. For full plan Enterprise+ users, Pipelines for on-prem installation is already included in your JFrog Platform license.

Once you give it a try, you’ll immediately see the JFrog Platform difference.