Artifactory 7.38.4 Cloud

JFrog Release Information

ft:sourceType
Paligo

Released: 28 April, 2022

Artifactory 7.38.4 is Available as a Cloud Version

Artifactory 7.38.4 is available as a Cloud version. This JFrog Artifactory 7.38.4 is aligned with the Artifactory 7.38.7 Self-Hosted version.

Highlights

Terraform Package Support

JFrog provides a fully-fledged Terraform repository solution giving you full control of your deployment and resolution process of Terraform Modules, Providers, and Backend packages.

The Terraform Registry in the JFrog Platform offers the following benefits:Terraform Registry

  • Secure and private local Terraform Modules registry

  • Secure and private local Terraform Providers registry

  • Proxy remote Terraform Module and Provider resources with caching to keep you independent of the network and the remote resource.

  • Virtual Terraform repositories that support a single URL through which to manage the resolution and deployment of all your Terraform Modules and Providers.

The Terraform Backend Repository in the JFrog Platform offers the following benefits:Terraform Backend Repository

  • A Remote State Storage Provider

  • Support for multiple Workspaces

  • Built-in Secure State Encryption storage

  • Comprehensive State snapshot history

  • State content viewer with advanced search abilities

To learn more about the Terraform repository solution in the JFrog Platform, see Terraform Repositories.Terraform Repositories

Feature Enhancements

Enhancements to the JFrog Platform WebUI

From version 7.38.4, we have implemented the first phase of the JFrog Platform WebUI redesign that is intended to provide a more intuitive user experience based on our customer's feedback.

Note that the changes in this phase only include changes to the Tab name changes and do not include changes to the WebUI structure.

Location in the UI

Tab Name (Prior to 7.38)

New Tab Name (from 7.38)

Administration

Identity & Access

User Management

Security

Authentication Providers

Platform Deployments

Platform Management

Authentication of Users using mTLS is Now Supported

From Artifactory 7.38.4, self-hosted customers can authentication users using mTLS (to configure a reverse proxy to support mTLS in the Cloud, you will need to contact JFrog Support to set this up for you). This will require you to perform some setup on the front reverse proxy (e.g., Nginx). See Configuring a Reverse Proxy to Support mTLS.HTTP Settings

TOKEN ENHANCEMENTS

Scoped Admin Access Tokens

From Artifactory release 7.38.4, JFrog enables companies to create their own Admin-scoped access token without using the JFrog Platform UI or via another token. This Access admin-scoped token is designed to be used for a short time only and its purpose is to start up the system. This provides customers with the option of setting up their JFrog Platform in an automated, fully UI-free setup. See Creating an Automatic Admin Token.Create an automatic admin token

Scoped Tokens Now Include Resource Permissions

From Artifactory 7.38.4, scoped tokens also support resource permissions. See Create Token endpoints table.Create Token (Deprecated)

New Identity Token Format and API Key Replacement

Artifactory release 7.38.4, includes a new Identity Token format, also called a Reference Token, which can also be used to replace the API Keys that will be deprecated in a future version.

API Key Deprecation Process

The deprecation process of the API Keys will be as follows:

  1. From Artifactory version 7.41.x, administrators have the option to block the creation of API Keys to all users using the artifactory.security.apiKey.blockCreate Artifactory system property.

  2. An upcoming Artifactory version will include the option to log users' authentication methods. This will allow administrators to view and warn users using API Keys regarding the upcoming deprecation.

  3. In a future version (currently planned for H1 2023), the option to block the usage/creation of API Keys will be enabled by default, with the option for admins to change it back to enable API Keys.

  4. In a later 2023 version, API Keys will be deprecated all together and the option to use them will no longer be available.

The new Reference Token includes an option to create a "shortened," 128-character key, thereby providing an alias for the Identity Token. To learn more about how to generate an identity token, see Identity Token.User Profile

The new Reference Token is also enabled for Access scoped tokens in the Access Tokens UI, enabling you to generate a scoped access token in the format you prefer - full Identity Token or Reference Token. For more information, see Generating Scoped Tokens.Generate Scoped Tokens

Added PKCE Support for OAuth Integrations

Artifactory supports enabling the PKCE extension over OAuth to gain an additional level of security and serves as an alternative to the basic Secret mechanism. By selecting the Enabled PCKE field in the OAuth Provider dialog in the UI, you will enable this feature and the Secret option will be automatically disabled. For more information, see Enabling Authorization Code Flow with PKCE.OAuth SSO

Please note that backward compatibility for the authorization Code Flow without PKCE is retained.

Resolved Issues

JIRA Issue

Description

RTFACT-26090

Fixed an issue related to Federated repositories, whereby federating artifacts were routed through the system default proxy when performing a full sync.

RTFACT-26719

Fixed an issue, whereby resolving a NuGet package from the DevExpress.com registry resulted in a timeout.

Fixed an issue, related to an altered RepoPath function with user plugins, which changes the remote repository outgoing request instead of just changing the path where the cached artifact should be stored, resulting in a 404 error.

Fixed an issue whereby, when resolving private NuGet packages from a Virtual repository, Artifactory cached the empty feed in the .nuget folder located under the NuGet-remote-cache repository.

Fixed an issue whereby empty folders of a Release Bundle were not deleted as part of its deletion from both target Repositories and Release Bundles Repository. A new parameter has been added to the Artifactory system.yaml file calledreleasebundle.cleanup.deleteEmptyFolder, which is set to true by default.