It takes a large team to manage enterprise DevOps, and it can take a large team of binary repository managers, too. It’s vital to get all team members going the same way, and quickly.
A growing developer organization will have many instances of Artifactory to help them scale, on multiple nodes for high availability and multi-site repository replication. Configuring them all precisely, with the same set of repositories, users, and permissions, can’t be done effectively one at a time.
Now, with the Artifactory Provider plugin for Terraform, you can use your infrastructure management tool to configure your entire set of Artifactory instances. You can consistently replicate Artifactory server configuration through automation from day 1 of installation and beyond.
Terraform is the infrastructure as code tool from HashiCorp that enables building, changing, and managing infrastructure in a safe, repeatable way. Using a configuration language called HashiCorp Configuration Language (HCL), operators and infrastructure teams can manage environments through human-readable, automated deployments.
The Artifactory Provider for Terraform is a free plugin that extends HCL to be able to command an Artifactory instance. It enables infrastructure managers to configure Artifactory repositories, permissions, and more through Terraform scripts.
Once able to automate configuration of Artifactory, it’s fast and easy to replicate those configurations reliably across several instances of Artifactory, or several hundred.
Using the Artifactory Provider
You must enable the plugin in your Terraform script by adding the following snippet to your
.tf file. The
required_providers declaration will automatically load the plugin from the Terraform registry.
Note that for best security practice, you should never include secrets (such as the Artifactory username and password) in your plaintext Terraform file. In the above example, we rely on Terraform environment variables to contain our secrets as well as the base URL for our Artifactory deployment. You can learn about other methods in this guide to managing secrets for Terraform.
The example shows how to access Artifactory using basic auth. If you prefer, you can authorize by
Configure Artifactory Repositories
In our example above, we create a new PyPi local repository called
terraform-pypi-libs using the simple default repository layout settings.
Configure Artifactory Users, Groups, and Permissions
You can add resources to your Terraform script to configure the set of users and groups that can access Artifactory repositories with specific permissions.
For example, you might script to create a set of users for the team of front-end developers that can access the repositories you create.
Additional Resource Options
In addition to managing repositories and credentials, the Artifactory Terraform Provider supports the following:
You can create and manage Artifactory repository replications through the provider. Facilities are available for multi-site replication configuration, or for single Artifactory replication.
An Artifactory certificate resource can be used to create and manage Artifactory certificates for client authentication against remote repositories.
Data sources enable data to be fetched or computed for use elsewhere in Terraform configuration. The Artifactory Provider makes available data sources for Artifactory repository files and for metadata of files stored in Artifactory repositories.
Once your Terraform script is completed, you can run it with Terraform.
For our example that uses basic auth, you would need to set the environment variables with your credential secrets:
Then you need to run the Terraform init command to deploy the configuration file and initialize the directory:
Once properly set up, you can apply Terraform to configure Artifactory:
With the Artifactory Provider, you’re able to include your binary repository management in your automated infrastructure configuration, in conformance with all features such as Terraform state management.
To explore more, you can browse the Artifactory Provider documentation.
And you can also watch the JFrog/Hashicorp webinar, where experts from both companies walk you through best practices for helping to enhance your team’s artifact experiences.
Together, HashiCorp and JFrog can enable you to automate your application infrastructure end-to-end.