Navigating the Artifact Jungle, Where Development Meets Delivery
Note: This post was updated on April 7, 2024.
As developers, we spend most of our time thinking about code: how to design it, write it, debug it, integrate it. Our thoughts are of our source files, our attention is on the repositories and branches that populate our version control system. That’s our job, that’s our world.
But to become DevOps professionals, we must think about what happens to take our code to the clusters where it runs. DevOps means taking our applications from development to delivery.
To succeed at DevOps, our focus must be on artifacts — the building blocks of software.
Every delivered application is composed of artifacts — binaries, dependencies, images — that connect to each other. Understanding the diverse ecosystem of artifacts that go into making a deliverable software application is the first step in accelerating releases into production.
The Artifacts Ecosystem
In nature, an ecosystem consists of all the organisms and the physical environment that interact together. Each sustains the other in balance.
The artifacts ecosystem in your continuous integration pipeline is much the same. Artifacts rely on other artifacts; artifacts produced by one process will be consumed by another.
The Artifact Ecosystem
Packages
Your applications rely on the open source or proprietary dependencies that are distributed through a package management technology such as Maven, npm, PyPi, or Conan. Between direct and transitive dependencies, these components typically comprise the decisive majority of your resulting application code.
Builds
Deployable applications that are built from your source code, dependencies, and supporting files, and may be collected into WAR, ZIP, or other archive formats. Artifactory records your builds through “build info” metadata that enables you to trace every component back to its origin.
Containers
Your applications can be packaged as Docker or OCI images for use as containers, and stored in a private registry in Artifactory.
Configuration Files
Your applications will likely require configuration files like Helm for orchestration in Kubernetes, and infrastructure-as-code files such as for Chef or Puppet. Artifactory’s native support for these repository types enables you to keep these essential files within your single source of truth.
Releases
Modern applications are typically composed of interoperating microservices that must be delivered as a versioned set. JFrog Distribution enables you to collect your application components into signed release bundles that can be traced and securely delivered to edge servers.
Artifactory’s Single Source of Truth
Artifactory is a universal repository manager for all of your artifacts, providing you a single source of truth for your diverse artifact ecosystem.
With native support for over 30 package types, including generic repositories, it’s your single source for storing, organizing, and tracing the entire artifact ecosystem of your development organization. Developers can store and retrieve their packages or images in Artifactory repositories through the same package management services they use every day.
Artifactory Repository Types
Artifactory’s universal binaries management serves all the developers in your organization. Whether they develop programs in Java, JavaScript, Python, Go, C++, or C#, Swift, Rust, or more, Artifactory is the central home for everyone’s packages and builds.
Metadata
Artifactory maintains metadata — natively for package types as well as what we call “build info” — so that you are never in the dark about where an artifact came from, how it was created, or where it was deployed. With this comprehensive metadata, you can trace every artifact back to where it came from and outward to every place it’s been put into service.
Proxy Remote Repositories
A remote repository in Artifactory is a local proxy that caches your remote resource dependencies within your single source of truth. Developers never access a remote resource directly, but build using an on-demand, immutable copy of the dependency in Artifactory.
This helps eliminate network latencies inherent in physical distance or an unstable service connection, and keeps builds running as fast as possible. The proxy also protects against disruption due to connectivity breaks or if the remote site itself is unavailable.
From Development to DevOps
Understanding your artifacts ecosystem and how to manage their flow through your continuous integration pipeline is the first step in going from development to DevOps.
When all of your artifacts are governed through Artifactory’s single source of truth, your entire enterprise can align onto the same SDLC workflows and best practices that will assure quality and accelerate release velocity. This is why Artifactory is the central component of a fully-automated software distribution pipeline that powers the JFrog DevOps Platform.
Begin exploring the possibilities. Get started with Artifactory through a free JFrog cloud account!