Released: 1 July, 2021
Tomcat Future Breaking Change: Action Required
Towards the end of 2021, JFrog is planning to upgrade the Tomcat version that is bundled with Artifactory from version 8.5 to 9.0.48, in preparation for the upcoming end-of-life of Tomcat version 8.5. From Tomcat version 9.0.48, the Reason-Phrase feature will no longer be supported by this Tomcat version or retrievable as part of the automation responses. More information can be found here.
To help you evaluate the impact of this change in advance, and to gain a better understanding of this update's impact on your CI/CD flows, especially if your CI/CD flows rely on responses with Reason-Phrase (versus responses with numeric IDs only), we have released Artifactory 7.21 with Tomcat 8.5 withsendReasonPhrase
set to 'false'
in the Artifactory System YAML.
If this change is affecting your flows, you can reset the value to 'true
'; however, you will need to make the necessary adjustments to your automation so that they work properly without the need to consume the Reason-Phrase. This will mitigate any effect in the future when new versions of Tomcat 9 are released.
Bintray Premium Offering Sunset Announcement
As of July 4th, 2021, JFrog Bintray Premium will no longer be supported and will be replaced with a set of advanced JFrog Cloud hosting solutions that are based on Artifactory's enhanced capabilities, which include a set of dedicated features for managing, controlling, and distributing your software packages. To learn more about migrating to JFrog's Advanced Cloud hosting solutions, see the JFrog Bintray Migration Guide.
Feature Enhancements
Docker Enhancements
As part of our ongoing effort to provide the best Docker-related experience, we have introduced the following enhancements:
Improved the Docker remote repository flow by reducing the number of requests to the remote repositories.
Added Docker Buildx support, allowing you to easily build and push multi-architecture images using the
Docker buildx
CLI. For more information, see Pushing Multi-Architecture Docker Images to Artifactory.
Added support for promoting Docker images with a Docker
manifest.list
from one Docker local repository to another.
Announcing a New Outbound Repository Request Log
Announcing the release of the new Outbound Remote Repository Request log, which allows you to track every request initiated by a remote repository including requests related to replication.
Extended the Priority Resolution feature to Support Puppet Packages
You can now declare local and remote repositories as ‘safe’ by enabling the ‘Priority Resolution’ field for Local and Remote repositories for Puppet packages.
Improved Metadata Request Performance for Remote Repositories
You can now configure the Metadata Retrieval Cache Timeout (Sec) parameter in the Remote Repository Cache Settings to control the Metadata timeout performance. If the timeout is reached, the local cached artifact is served and the previous metadata is returned to the client (the default value is 60 seconds).
Native Artifacts Browser Accessible from the UI
The Artifactory native artifacts browser, which allows browsing the contents of a repository in a plain HTML structured tree, is now available via the artifact URL or via the artifacts Actions menu. Authenticated users will not need to re-authenticate to access the native browser.
Note
PowerShell users
Due to Known Issues, this feature will affect the users that are using PowerShell automation and configuration management program to download the content from JFrog Platform. Please use the suggested workaround until the issue will be addressed.
Expanded Additional Security Manager Role and Additional Scanning Capabilities in Project Functionality
The new Security Manager role enables a user to perform security-related project actions such as Manage Xray Data, Manage Reports, Manage Watches and Policies, and Ignore Global Violations. This version also introduces additional functionalities for Xray in Projects, such as generating Global Xray Report for a Project scope and applying Global Watches to Projects. This expanded role and capabilities require using Xray version 3.27 and above.
Docker/Conan GetToken Request Improvements
Improved the response time of Docker / Conan getToken
requests and reduced the number of DB calls.
Support for Multiple HashiCorp Vault Connectors in the JFrog Platform UI
CLOUD: Enterprise with Security Pack | Enterprise+ SELF-HOSTED: Enterprise X | Enterprise+
The JFrog Platform integration with HashiCorp Vault now enables you to configure multiple external vault connectors through the Platform UI. You can see the list of available connectors in the new HashiCorp Vault Connectors window. To learn more, see Vault.
Managing Multiple Signing Keys
CLOUD: Enterprise with Security Pack | Enterprise+ SELF-HOSTED: Enterprise X | Enterprise+
The JFrog Platform now enables you to manage multiple RSA and GPG signing keys through the Keys Management UI and REST API. The JFrog Platform supports managing multiple pairs of GPG signing keys to sign packages for authentication of several package types such as Debian, Opkg, and RPM through the Keys Management UI and REST API. To learn more, see Manage Signing Keys.
Generating an Identity Token through the Profile UI
The user profile now enables users to generate identity tokens. Any user can create a user identity token for themselves via the UI or via REST API. Identity tokens are scoped tokens, which means that they provide limited and focused permissions, making them more secure and, therefore, preferable to API keys. In addition, when a user is deleted/disabled, their tokens are also revoked. To learn more, see Identity Token.
Added Capability to Ignore Download Statistics
The new skipUpdateStats
parameter can now be added to Rest requests, allowing you to ignore statistics generated by 3rd party tools.
Resolved Issues
Jira Issue | Description |
---|---|
Fixed an issue whereby, running the Docker Promote API failed to promote images using a multiplatform image or against images that included a | |
Fixed an issue whereby, Helm Charts containing artifact hub complex annotations disrupted working with Artifactory Helm repositories. | |
Fixed an issue whereby, uploading artifacts using the REST API in Artifactory version 7.19.4 tagged the URL to the files in the JSON response as ' | |
Fixed an issue whereby, deploying to Debian local repositories caused the | |
Fixed an issue whereby, running Docker Pulls from Docker Hub failed due to case-sensitivity HTTP header handling. | |
RTFACT-25936 | Fixed an issue whereby, running virtual Helm repository indexing returned a |
Fixed an issue whereby, the time in the UI was displayed incorrectly for certain timezones. | |
Fixed an issue whereby, archiving and browsing of executable spring boot JAR/WAR files was permitted. | |
Fixed an issue whereby, performance issues were encountered for RubyGems virtual repositories with the Bundler compact index. | |
Fixed an issue whereby, emails sent by Artifactory 7.x Mail Server integration contained legacy URLs causing incorrect redirects. | |
Fixed an issue whereby, uploading an artifact using the REST API generated errors when null values were retrieved. | |
Fixed an issue whereby, users that were deleted and then re-created in the same cache period, received a 401 error. | |
Fixed an issue whereby, Artifactory HA nodes were out of sync. | |
Fixed an issue whereby, all the requests via a virtual repository were stuck when one of the Docker remote repositories was marked with token authentication that was not supported. | |
Fixed an issue whereby, pushing images using Docker | |
Fixed an issue whereby, accessing a repository native browser, triggered a pop-up that constantly requested a username and password even after accessing with a valid user. | |
Fixed an issue whereby, after upgrading from Artifactory 7.12.6 to 7.16.3, the | |
Fixed an issue whereby, the | |
Fixed an issue whereby, build promotion failed for Artifactory. | |
Fixed an issue whereby, RPM consumed part of the metadata by adding a missing condition, causing a number of entries to be filtered out incorrectly. |