In our product releases, we like to make a splash with the latest new features. Usually, these are features that you access through Artifactory’s UI or its REST API.
Not this time!
This time, the most significant addition to Artifactory 5.4 is invisible (well, sort of). I say “invisible” because outwardly, there’s no change in functionality, but under the hood lies one of the most significant changes Artifactory has ever gone through.
As a major step towards breaking Artifactory up into a set of smaller services, I’d like to introduce the Access Service. Currently, the Access Service has one primary raison d’etre; it takes over the Access Tokens functionality introduced in Artifactory 5.0, but there is no change in how you work with access tokens. You create, refresh and revoke tokens using the REST API in exactly the same way you did before. And, as before, tokens can be expirable and refreshable. However, now, instead of being an integral part of the Artifactory library, all functionality related to access tokens is implemented as a separate library, access.war, which is installed under the same Tomcat. Eventually, as its name implies, the Access Service will have an all-encompassing role to manage how you provide any user, group or “thing” access to any JFrog product (or element) in your ecosystem. Keep a lookout for things like Single Sign On to all JFrog products using the same credentials.
Don’t Look Back
One thing you need to keep in mind about the new Access Service is version compatibility. The new service handles tokens created with previous versions of Artifactory transparently. They just work, however, the reverse is not true. Any tokens you create with the new service are not recognized by earlier versions of Artifactory. This may have implications for your circle of trust if it includes both instances with older versions of Artifactory together with newer versions (v5.4+). If that’s the case, maybe it’s time to upgrade to the latest version.
Log and Monitor
Another thing administrators need to remember is that this new service needs to be monitored just like all other services that make up Artifactory, and that it creates its own set of log files.
One thing is certain. The importance of the Access Service will continue to increase as it becomes a mission critical element with a central role of the JFrog Platform recently announced at swampUP.
Keep Your Head in the Cloud
We’re also taking our mantra of being universal a step further in the domain of Artifactory’s filestore and have added support for Azure Blob Storage as an option on which you can store your artifacts in the cloud. This option joins S3 Object Store and Google Cloud Storage which we have supported for a while now. While we already supported running the Artifactory on Azure, whether you set it up yourself, or use Artifactory SaaS, you can now put your filestore on the same cloud. In fact, if you’re already running your DevOps ecosystem on Azure, you can now co-locate Artifactory and its filestore with the same cloud provider.
Who Needs Client Certificates?
You do! That is if you want to proxy remote repositories such as Red Hat Networks that require you to install their SSL/TLS certificate to establish a secure connection. Using the new Certificates screen you can manage client certificates that you can use to authenticate your remote repositories against the remote resources that require them. And naturally, you can automate these processes using the new REST API endpoints to get, add or delete certificates.
While those are the three highlights of this release, there were also several other feature enhancements and issues resolved. These are “many little improvements” that make a big impact on several domains such as RPM, npm and Debian repositories, sharding-cluster binary providers for HA filestore management, system import and export and more.
If you want to read about all the goodies, check out the release notes.
But if you want to really taste these goodies, you’ll have to download the latest version.
And don’t worry, even if you don’t have a license, you can always start a free trial.