Artifactory 7.63.5 Self-Hosted

JFrog Release Information

Content Type
Release Notes
ft:sourceType
Paligo

Released July 12, 2023

API Key Deprecation

As notified in Artifactory 7.47.10, support for API Key is slated to be removed in a future release. To ease customer migration to reference tokens, which replaces API key, we are disabling the ability to create new API keys at the end of Q3 2024. The ability to use API keys will be removed at the end of Q4 2024. For more information, see JFrog API Key Deprecation Process.User ProfileJFrog API Key Deprecation Process

Known Issue in this Version

under some circumstances, users who attempt to modify their binary-store.xml configuration file might experience files being deleted. Users with Sharding Cluster and Eventual Cluster configured should upgrade to version 7.63.11 or higher. For more information, see Known Issues.

Join Key issue when you upgrade to Artifactory 7.59.9 - 7.63.7

If you used Join Key to register a remote JPD, the Mission Control microservice in the home JPD fails to connect to the remote JPD and the remote JPD appears as offline in the topology after a certain period.Join Key

Cause

This issue occurs because the Access microservice in the remote JPD fails to recognize the Mission Control microservice of the home JPD and marks it as a stale service. When the Access cleanup process runs, the join key is revoked.

Result

As a result, you cannot distribute release bundles to the remote JPD, access federation with the remote JPD fails, and affects your license buckets.

Solution

To avoid this issue, you must re-register the remote JPDs that you registered using join keys with Pairing Tokens before you upgrade.Pairing Tokens

If you upgraded to an affected version, you must re-register the remote JPDs with Pairing Tokens so the remote JPDs are accessible again.Pairing Tokens

Breaking Change for Artifactory Bootstrap YAML

From Artifactory version 7.58 and forward, the Artifactory Bootstrap YAML no longer contains LDAP (from Artifactory version 7.54), Crowd (from Artifactory version 7.57), or HTTP SSO (from Artifactory version 7.58) authentication provider configuration settings. You can now use the Access Configuration Bootstrap YAML to set up HTTP SSO, LDAP, and Crowd authentication provider configuration for your self-hosted JFrog Platform.Artifactory Bootstrap YAML FileAccess Bootstrap YAML File

Breaking Change for Global Configuration Descriptor

From Artifactory version 7.59 and later, the Global Configuration Descriptor file no longer contains LDAP, Crowd, or HTTP SSO Authentication Provider Configuration. You can use the Authentication Provider REST API to modify authentication provider configuration. Alternatively, from Artifactory version 7.63 and forward, you can use the Access Configuration Bootstrap YAML to set up authentication provider configuration.Authentication Providers Configuration REST APIsAccess Bootstrap YAML File

Breaking Change for Docker Installation

Installation of Artifactory 7.55 and later, may not work on versions prior to Docker 20.10.10 because older Docker versions do not support certain changes to the JFrog Products Container Base Image. Previously, Docker installation was supported on Docker version 18 and above. Docker version 18 and 19 are now end of life.JFrog Products Container Base Image

New Features

  • Release Lifecycle Management

    JFrog introduces the Release Lifecycle Management solution for managing release candidate versions throughout your SDLC, from the time the build is created until the version is distributed to users. Release Lifecycle Management is based on Release Bundles v2, a new version of Release Bundles that specifies the files and packages that comprise a release, along with their metadata. Release Bundles are signed and immutable, which guarantees their integrity as they are moved through the stages of your SDLC.

    For more information, see Release Lifecycle Management.Release Lifecycle Management

    Note

    The existing Release Bundles that can be created in JFrog Distribution (now known as Release Bundles v1) are still available, but they are not forward-compatible with Release Bundles v2.

    The ability to create Release Bundles v2 and promote them to different environments (for example, DEV, QA, STG, and PROD) is available to all license levels from Pro and above. The ability to distribute Release Bundles v2 to Distribution Edge nodes and other distribution targets is limited to Enterprise+ users.

  • Support for CocoaPods CDN

    Artifactory now supports CocoaPods CDN for remote repositories, a CocoaPods endpoint that greatly reduces the time required to create a new repository. For more information, see Using CocoaPods CDN.CocoaPods Repositories

  • Support for OpenShift

    Artifactory now supports the installation on OpenShift environment using the artifactory and artifactory-ha Helm Charts. For more information, see Install Artifactory Single Node on OpenShift and Install Artifactory HA on OpenShift.Install Artifactory Single Node on OpenShiftInstall Artifactory HA on OpenShift

    If you previously used the OpenShift operator to install Artifactory in OpenShift, you can continue to use the operator.

  • Support for RHEL 9

    Artifactory now supports RHEL 9.

  • JFrog Workers (Beta)

    JFrog Workers is a service in the JFrog Platform that provides a serverless execution environment with which you can create workers that react to events in the JFrog Platform. Workers Service is currently in beta and is being gradually rolled out for JFrog Cloud customers. For more information, see Workers Service.Workers Service

  • Rest API

    • REST API Key User Collection for Cloud Users

      As notified in Artifactory 7.47.10, API Key is slated to be removed at the end of Q1 2024. You can now download the list of users in your JFrog Cloud environment that are using the REST API key so that you can warn users that are using the REST API key and move them to use user tokens.Create a User Scoped Token

    • New Get Token Default Expiry REST API

      This new API endpoint allows you to get the default expiry value for the tokens in your account. For more information, see Get Token Default Expiry Value.Get Token Default Expiry Value

    • New Put Token Default Expiry REST API

      This new API endpoint allows you to put the default expiry value for the tokens in your account. For more information, see Put Token Default Expiry Value. You can also set the value in the JFrog Platform UI. For more information, see Token Expiration.Put Token Default Expiry ValueToken Expiration

    • New Get All Repository Configurations REST API

      The new Artifactory API allows you to get a list of all repository configurations. For more information, see Get All Repository Configurations.Get All Repository Configurations

Feature Enhancements

  • Federation

    • Warning when converting to a Federated repository

      A message now appears when converting a local repository to a Federated repository warning the user that this action is irreversible.

    • Federated repository Full Sync improvements

      Artifactory 7.63.2 features important improvements to the Federated repository Full Sync feature that can significantly optimize this operation:

      • In-Memory sorting: Full Sync queries can take a long time to perform, and under extreme circumstances can sometimes fail to complete. Users who determine that their database is not sufficiently robust or scalable to accommodate heavy loads now have the option to sort queries in memory instead of in the database. The sort is performed according to depth, path, and name.

        In-memory sorting is enabled using a new system property. For more information, see Working with Federated Repositories.Working with Federated Repositories

      • Streaming results from the database: Artifactory now streams results from the database instead of holding them in the database memory until all results are collected. Streaming the results reduces the memory load on the database and greatly reduces the chances of a timeout during the Full Sync process.

      • Internal caching mechanism: In Artifactory 7.63.2, Full Sync now uses a new internal caching mechanism that greatly improves operation performance among multiple Federation members

    • REST APIs

      • Crowd Authentication REST APIs

        You can now use Crowd Authentication REST APIs to configure Crowd authentication provider configuration settings.Crowd

      • Update to Create Token REST API

        The Create Token REST API now allows users with basic credentials to generate identity tokens. For more information, see Create Token. You have to enable creation of such tokens in the JFrog Platform UI before you can use the API. For more information, see Enable Token Generation via API .Create TokenEnable Token Generation via API

      • Update to GET Users REST API

        The GET Users REST API now allows you to fetch the details of all users. Previously, the API fetched the details of only the first 20 users. For more information, see GET Users.GET Users

      • Update to Get Groups REST API

        The Get Groups REST API now allows you to fetch the details of all groups. Previously, the API fetched the details of only the first 20 users. For more information, see Get Groups.Get Groups

    • Split Service Containers in Helm Installation

      The value of the splitServicesToContainers attribute is now set as true by default in the artifactory and artifactory-ha Helm Charts installation/upgrade. The different microservices of Artifactory now runs as separate containers in a single pod. For more information about the microservices, see JFrog Artifactory Service.JFrog Artifactory Service

      If you do not wish to have split containers, you can pass a values.yaml file with the splitServicesToContainers attribute is set as false along with the Helm Chart installation/upgrade. Note that the ability to set the attribute as false will be deprecated in a future.

    • Prune Unreferenced Data Support for Azure

      Artifactory now supports the Prune Unreferenced Data storage maintenance operation for providers using Azure, GCP, and S3 storage. Note that since the Prune Unreferenced Data mechanism induces many interactions with remote file storage, this operation may be time-consuming.

    • Create Multiple SSH Keys

      It is now possible to generate more than one SSH Public Key through the WebUI on the Edit Profile page. For more information, see SSH Key.User Profile

    • Custom Login Dialog

      You can now add a custom login dialog that users must accept before they can log into the JFrog Platform. For more information, see Custom Login Dialog.Custom Login Dialog

    • Enhanced Shard Health Check in Sharding Binary Provider and Sharding Cluster Binary Provider

      In this Artifactory version, you can now configure options (balancerThreads, accessibleCheckThreads, and accessibleCheckTimeoutMillis) in the Sharding Binary Provider and Sharding Cluster Binary Provider to check the health of shards and provide stability to a sharded filestore. The logging for the health check of the shards has also improved and now the logs provide warnings for the shards that are not accessible. If you set the logger to debug level, you can see the status of the health check of shards and metrics about the latency check of each shard.

    • Access Configuration Bootstrap YAML

      You can now use the Access Configuration Bootstrap YAML to set up HTTP SSO, LDAP, and Crowd authentication provider configuration for your self-hosted JFrog Platform, instead of the Artifactory Bootstrap YAML.Access Bootstrap YAML FileArtifactory Bootstrap YAML File

    • Authentication Provider Configuration Options

      You can use the Authentication Provider REST APIs or the Access Configuration Bootstrap YAML to set up HTTP SSO, LDAP, and Crowd authentication provider configuration. From Artifactory version 7.59 and later, the Global Configuration Descriptor file no longer contains LDAP, Crowd, or HTTP SSO authentication provider settings.Authentication Providers Configuration REST APIsAccess Bootstrap YAML File

    • Cold Storage Package Archiving

      It is now possible to archive packages in Cold Storage and, if needed, restore them back in Live Artifactory afterwards. For instructions on how to set up a retention policy for archiving packages in Cold Storage, see Set Up Archive Retention Policies. For instructions on how to search for archived packages in Cold Storage and restore them in Live Artifactory, see Search and Restore Archived Artifacts or Packages.Set Up Archive Retention PoliciesSearch and Restore Archived Artifacts or Packages

    • Support for the Organization Field in GitHub Authentication

      Artifactory now supports setting the Organization field in GitHub Enterprise Cloud OAuth, allowing you to limit JFrog subscription access to users who belong to the same organization. For more information, see the GitHub Documentation.

      To use this feature, go to Authentication Providers > OAuth SSO on your JFrog WebUI, and enter your organization in the Organization field.

    • Update to Creating Access Tokens Via the WebUI

      You can create group scoped tokens, which can be used by all the members in the group. For more information, see Create a Group Scoped Token.Create a Group Scoped Token

Resolved Issues

JIRA Issue

Description

JA-5089

Fixed an issue related to the Create Token REST API whereby, when creating a refreshable token with a scope set to a group and then using this token as authentication to refresh itself, Artifactory returned an error.Create Token

JA-5693

Fixed an issue whereby, When creating a group with the name admins, Artifactory returned an error.

JA-5698

Fixed an issue whereby, when trying to log in to the WebUI using Crowd, Artifactory returned an error.

JA-6017

Fixed an issue whereby, Artifactory did not support modifying the httpSsoConfig, ldapGroupsConfig, and ldapSettingsConfig sections through the Configuration Descriptors.

JA-6076

Fixed an issue that prevented a user from creating a token while using mTLS authentication.

JA-6254

Fixed an issue in the WebUI whereby, when selecting a project that is out of the first scroll scope and refreshing the page, the project selection dropdown did not display the selected project.

JFUI-11840

Fixed an issue whereby, when logging in to the WebUI, the developer console displayed error messages.

RTDEV-30603

Fixed an issue whereby, Artifactory returned 500 Error instead of 401 Bad credentials when a user entered the wrong username and reference token.

RTDEV-30604

Fixed an issue whereby, users who performed a search in a Conan repository with insufficient permissions could not perform any searches afterward in Conan, even with sufficient permissions.

RTDEV-32818

Fixed an issue whereby, under certain circumstances, metadata files were generated with partial content when triggered by a user with limited read permissions.

RTDEV-32925

Fixed an issue related to Debian whereby, when fetching a Debian local repository using the getAllRepositories REST API, Artifactory returned an error. This also affected other REST APIs using the getAllRepositories REST API, such as the one used to assign resources to a virtual repository.

RTDEV-33083

Fixed an issue whereby, the httpSsoSettings, LdapSettings, LdapGroupSettings, CrowdSettings configurations (keys) cannot be defined as part of the Artifactory YAML Configuration. see more in Known issues.

RTDEV-33502

Fixed an issue whereby, when getting the Crowd settings using the Artifactory WebUI, the settings were not fetched correctly.

RTDEV-33659

Fixed an issue whereby, Artifactory served the entire versions file (Gems compact index) instead of the delta.

RTFACT-26143

Fixed an issue whereby, SHA-256 checksum was not implemented in the Puppet repository metadata.

RTFACT-29308

Fixed an issue whereby, creation of new indexes failed during Artifactory upgrade when Microsoft SQL Server (MSSQL) was running with a non-enterprise edition.

RTFACT-29310

Fixed an issue whereby, when performing a search in a Conan repository with insufficient permissions, future Conan searches did not work as expected, even with sufficient permissions.

RTFACT-29504

Fixed an issue that prevented users from deleting a repository that has "-cache" at the end of its name. You can now delete such repositories with the Apply Artifactory YAML Configuration Changes API.Apply Artifactory YAML Configuration Changes

RTFACT-29570

Fixed an issue related to Conan whereby, when replicating a local repository, the metadata file package.ref.json was not updated as expected.

RTFACT-29585

Fixed an issue related to Cocoapods whereby, when using the Fetch Index REST API on a Smart Remote repository, Artifactory returned a 500 error.

RTFACT-29615

Fixed an issue whereby, Artifactory did not cache all the Yum remote repository metadata when the repomd.xml file was downloaded.

RTFACT-29625

Fixed an issue related to Maven whereby, when changing the value of the Cleanup Repository References in POMs field in the JFrog WebUI, the setting was not updated as expected.

RTFACT-29668

Fixed an issue related to NuGet whereby, when requesting the package metadata for a package in a virtual repository pointing to a local repository, Artifactory returned a 400 error.

RTFACT-29674

Fixed an issue whereby, when logging in to the JFrog Platform using SAML SSO with the permissions to Edit Profile, the Configure screen of the Set Me Up was missing from the WebUI.

RTFACT-29726

Fixed an issue whereby, anonymous users were not getting the configuration settings from the Set Me Up instructions for the corresponding repositories.

RTFACT-29785

Fixed an issue whereby, Artifactory returned an error while publising an npm package with a size exceeding 5MB.

RTFACT-29785

Fixed an issue related to npm whereby, when publishing a package with a size exceeding 5 MB, Artifactory returned an error.