Released: 28 April, 2022
Artifactory 7.38.4 is Available as a Cloud Version
Artifactory 7.38.4 is available as a Cloud version. This JFrog Artifactory 7.38.4 is aligned with the Artifactory 7.38.7 Self-Hosted version.
Highlights
Terraform Package Support
JFrog provides a fully-fledged Terraform repository solution giving you full control of your deployment and resolution process of Terraform Modules, Providers, and Backend packages.
The Terraform Registry in the JFrog Platform offers the following benefits:
Secure and private local Terraform Modules registry
Secure and private local Terraform Providers registry
Proxy remote Terraform Module and Provider resources with caching to keep you independent of the network and the remote resource.
Virtual Terraform repositories that support a single URL through which to manage the resolution and deployment of all your Terraform Modules and Providers.
The Terraform Backend Repository in the JFrog Platform offers the following benefits:
A Remote State Storage Provider
Support for multiple Workspaces
Built-in Secure State Encryption storage
Comprehensive State snapshot history
State content viewer with advanced search abilities
To learn more about the Terraform repository solution in the JFrog Platform, see Terraform Repositories.
Feature Enhancements
Enhancements to the JFrog Platform WebUI
From version 7.38.4, we have implemented the first phase of the JFrog Platform WebUI redesign that is intended to provide a more intuitive user experience based on our customer's feedback.
Note that the changes in this phase only include changes to the Tab name changes and do not include changes to the WebUI structure.
Location in the UI | Tab Name (Prior to 7.38) | New Tab Name (from 7.38) |
---|---|---|
Administration | Identity & Access | User Management |
Security | Authentication Providers | |
Platform Deployments | Platform Management |
Authentication of Users using mTLS is Now Supported
From Artifactory 7.38.4, self-hosted customers can authentication users using mTLS (to configure a reverse proxy to support mTLS in the Cloud, you will need to contact JFrog Support to set this up for you). This will require you to perform some setup on the front reverse proxy (e.g., Nginx). See Configuring a Reverse Proxy to Support mTLS.
TOKEN ENHANCEMENTS
Scoped Admin Access Tokens
From Artifactory release 7.38.4, JFrog enables companies to create their own Admin-scoped access token without using the JFrog Platform UI or via another token. This Access admin-scoped token is designed to be used for a short time only and its purpose is to start up the system. This provides customers with the option of setting up their JFrog Platform in an automated, fully UI-free setup. See Creating an Automatic Admin Token.
Scoped Tokens Now Include Resource Permissions
From Artifactory 7.38.4, scoped tokens also support resource permissions. See Create Token endpoints table.
New Identity Token Format and API Key Replacement
Artifactory release 7.38.4, includes a new Identity Token format, also called a Reference Token, which can also be used to replace the API Keys that will be deprecated in a future version.
API Key Deprecation Process
The deprecation process of the API Keys will be as follows:
From Artifactory version 7.41.x, administrators have the option to block the creation of API Keys to all users using the
artifactory.security.apiKey.blockCreate
Artifactory system property.An upcoming Artifactory version will include the option to log users' authentication methods. This will allow administrators to view and warn users using API Keys regarding the upcoming deprecation.
In a future version (currently planned for H1 2023), the option to block the usage/creation of API Keys will be enabled by default, with the option for admins to change it back to enable API Keys.
In a later 2023 version, API Keys will be deprecated all together and the option to use them will no longer be available.
The new Reference Token includes an option to create a "shortened," 128-character key, thereby providing an alias for the Identity Token. To learn more about how to generate an identity token, see Identity Token.
The new Reference Token is also enabled for Access scoped tokens in the Access Tokens UI, enabling you to generate a scoped access token in the format you prefer - full Identity Token or Reference Token. For more information, see Generating Scoped Tokens.
Added PKCE Support for OAuth Integrations
Artifactory supports enabling the PKCE extension over OAuth to gain an additional level of security and serves as an alternative to the basic Secret mechanism. By selecting the Enabled PCKE
field in the OAuth Provider dialog in the UI, you will enable this feature and the Secret option will be automatically disabled. For more information, see Enabling Authorization Code Flow with PKCE.
Please note that backward compatibility for the authorization Code Flow without PKCE is retained.
Resolved Issues
JIRA Issue | Description |
---|---|
Fixed an issue related to Federated repositories, whereby federating artifacts were routed through the system default proxy when performing a full sync. | |
Fixed an issue, whereby resolving a NuGet package from the DevExpress.com registry resulted in a timeout. | |
Fixed an issue, related to an altered | |
Fixed an issue whereby, when resolving private NuGet packages from a Virtual repository, Artifactory cached the empty feed in the | |
Fixed an issue whereby empty folders of a Release Bundle were not deleted as part of its deletion from both target Repositories and Release Bundles Repository. A new parameter has been added to the Artifactory |