The modern software supply chain is complex. JFrog internal data shows that most enterprises use 12+ package types and 90 percent of applications depend on open source software. Additionally, there is a wide array of tools to support the software development process, including Source Code Managers (SCMs), Integrated Development Environments (IDEs), CI/CD suites, and more.
But managing the diverse activities associated with the software supply chain with separately administered tools can be tricky. It slows the application of consistent DevOps practices across an organization, increasing risk and limiting the speed, safety, and quality of software delivery.
To mitigate those risks and streamline the DevOps process, the world’s leading companies use tools like JFrog Artifactory: an artifact repository and binary manager designed to make it easy to distribute and manage software in a secure way.
Keep reading for an explanation of what Artifactory is, how DevOps teams use it and how tools like Artifactory add value to the software delivery process.
|Try Artifactory For Free|
What is JFrog Artifactory?
Artifactory is a universal DevOps solution for hosting, managing, and distributing binaries and artifacts. Any type of software in binary form – such as application installers, container images, libraries, configuration files, etc. – can be curated, secured, stored, and delivered using Artifactory.
The name “Artifactory” reflects the fact that it can host any type of “artifact” needed in your software development “factory.” In software development, an artifact is any object produced during the software development and delivery process. Artifacts include the files used to install and run applications, as well as any complementary information necessary to configure or manage software.
Artifactory serves as the central hub for your DevOps processes. All artifacts, dependencies, packages, etc. ultimately get put into and pulled from Artifactory.
To see Artifactory in action, watch the Introduction of Artifactory video.
What is an artifact repository?
An artifact repository, sometimes referred to as a binary repository, is designed to house, manage, version, and deploy various types of artifacts from a central location.
Artifacts need to be stored and shared with all of the developers on a given project as well as different tools needed in typical CI/CD processes. To ensure quality, reliability, and auditability, all artifacts need to be managed, versioned, and deployed across development teams and even sometimes across multiple sites. This can be a real challenge without the right tool.
Artifact repositories are widely considered the best solution for managing an ever-expanding number of artifacts.
Benefits of a universal artifact manager
A universal artifact manager, also referred to as a universal repository manager, gives organizations control over all of the components of their software supply chain (i.e. artifacts, binaries, packages, components, etc.).
From proxying public repositories and managing dependencies to screening and approving binaries for usage, a universal artifact manager provides a single source of truth for software development, acting as a central hub for your binaries as they enter and advance through your pipelines.
Artifactory takes this a step further with full automation. It is a universal artifact manager with native support, meaning it “speaks the same language” as your packages, build tools, automation scripts etc. Other universal repository managers may offer native support, but Artifactory is the only one that supports at the local, remote, and virtual repository levels, with high availability (HA) and replication for all package types.
Learn more about artifact management with JFrog Artifactory.
What does Artifactory do?
There are four essential functions at the core of Artifactory:
- A centralized place to store software binaries and artifacts from both first and third party sources, with automatic deduping.
- Version control tooling, which makes it possible to introduce immutability and track how software binaries and artifacts change over time.
- A way to distribute software binaries and artifacts to developers and clients based on granular access control rules.
- Multisite support for scalability, providing reliable access of software components to globally distributed dev teams or consumption points.
For more information about the Artifactory feature set, see the JFrog Artifactory Solution Sheet.
What Artifactory doesn’t do: Source Code Management
It’s worth noting that Artifactory is not designed for hosting, managing, or version-controlling the source code used to build applications. For that work, you’d want an SCM solution like Git, Apache Subversion, or CVS.
Instead, Artifactory is designed specifically for managing software binaries and artifacts. These resources are typically based on source code, but they are distinct from source code and include significant information that is not available at the source code level.
How DevOps teams use Artifactory
For DevOps teams, Artifactory fills the crucial gap that exists in CI/CD pipelines between software development and software delivery.
DevOps teams typically use tools like SCMs, IDEs and Continuous Integration (CI) servers to build software. Then, they have to deliver it to the deployment environments where it will run. Storage of software artifacts intended for later delivery is not typically handled by SCMs, IDEs, CI servers or other tools used during the software development process.
Artifactory bridges this gap by providing a place to store and manage binaries and artifacts until they are needed – whether for other devs, CI Pipelines, distribution to runtime environments, or any other consumption point. The entire lifecycle of a binary – including curation, creation, promotion, distribution, and even archival – is seamlessly handled by Artifactory.
DevOps teams also use Artifactory to proxy public repositories and provide a robust caching strategy, which serves to prevent latency and outage issues and allow devs to apply the same security measures they would to their own local repositories. Additionally, storing all of your binaries in one place means that you can immediately find and remediate any issues when vulnerabilities are discovered.
Watch this video guide to learn best practices for using Artifactory as part of your CI/CD pipelines.
Artifactory serves internal and external consumers
In addition to housing all of the components that comprise a piece of software that’s ultimately consumed by end-users, Artifactory also provides a way to distribute binaries and artifacts to other developers, who may need them for other projects.
For example, if one development team within a business creates software for accessing the organization’s database systems, another development team in the same company may need to access that software in order to incorporate it into an application it’s building. If the first team makes the software available via Artifactory, the second team has a secure, easily findable place from which it can pull the product of the first team.
And if the teams are far away, organizations can easily stand up connected instances of Artifactory close to each development team to ensure fast and reliable access to required software components. In this way, Artifactory helps businesses to keep internal development operations efficient and streamlined.
Artifactory supports multiple technologies
A major draw for DevOps teams, and one of the qualities that differentiates Artifactory from other solutions, is that it can host binaries and artifacts that are produced using virtually any type of programming language or framework.
Thus, unlike some software distribution platforms dedicated to certain languages or types of packaging models, Artifactory is software-agnostic. Whether your application is written in Java, C, Rust or any other language, and whether it’s packaged using Maven, Cargo, Docker, Helm, Vagrant, Debian or virtually any other package format, Artifactory supports it.
Artifactory supports 30+ software build packages and file types, all major CI/CD platforms, and many of the DevOps tools that organizations already use. In addition to packages built from application code, Artifactory supports Open Container Initiative (OCI) and Docker containers, Helm Charts for deployments to Kubernetes clusters, and comes with full CLI and REST APIs, customizable to any ecosystem.
As a result, Artifactory is equipped to support DevOps teams as they evolve over time. No matter which software they use today, or which ones they’ll need tomorrow, Artifactory can remain a constant resource.
For a more in-depth look,
|Register for the Weely Demo of Artifactory|
Following are some frequently asked questions about Artifactory.
What is the difference between JFrog and Artifactory?
Most developers have either used or know of Artifactory. What many don’t know is that JFrog is the company that makes Artifactory. Artifactory is at the heart of the JFrog DevOps Platform, which enables software creators to power their entire software supply chain throughout the full binary lifecycle, so they can build, secure, distribute, and connect any source with any production environment.
The JFrog DevOps Platform includes other solutions, such as:
- A devops security solution that’s integrated into the entire pipeline for simplified compliance and trusted software delivery.
- JFrog Pipelines, an automation CI/CD solution for building, testing, and deploying software as part of the CI/CD pipeline.
- A software distribution solution for speeding up deployments and concurrent downloads throughout the Software Development Lifecycle (SDLC).
- An IoT with JFrog Connect, an all-in-one device management solution to update, control, monitor and secure remote Linux & IoT devices at scale.
How do you get an Artifactory license?
Artifactory is available both self-hosted and in the cloud as a managed service. To purchase Artifactory, select the plan you want on the JFrog pricing page, then click the “Get Started” button.
What is the purpose of Artifactory?
Artifactory offers a solution for managing and distributing software binaries and artifacts – such as application packages and installers, container images, libraries, configuration files and virtually any other type of binary data that is produced during the software development and delivery process.
By making it easy and secure to manage these types of resources, Artifactory solves a problem that other popular DevOps tools don’t address.
Artifactory is the only universal artifact repository manager that enables full binary lifecycle management across an organization in a single system. To keep up in an increasingly complex world, it’s imperative to use tools that secure integrity, improve observability, and enable the best practices that accelerate production.
With Artifactory, along with JFrog’s other solutions, organizations are building trust into every software delivery through a secure single source of truth for all artifacts as they move through the DevOps pipeline from build to edge or cloud.
You can try Artifactory today, for free.