Home / Companies / JFrog / Blog / February 2019

February 2019 Summaries

9 posts from JFrog

Filter
Month: Year:
Post Summaries Back to Blog
Atlassian Bitbucket users can leverage JFrog Artifactory and Xray as their artifact repository and DevSecOps tools, respectively, to enhance the security and reliability of software delivery pipelines. The introduction of Atlassian's Pipes for Bitbucket Pipelines simplifies the management of software releases by enabling developers to configure CI/CD procedures using a YAML file. JFrog offers a range of Bitbucket Pipes that streamline common Artifactory and Xray operations, such as uploading and downloading artifacts, triggering builds for Maven and npm, uploading Docker images, promoting builds, and conducting security scans with Xray. These pipes are easily accessible through the Bitbucket online editor and can be integrated by replacing placeholders in the YAML configuration with specific parameters. This integration allows Bitbucket users to efficiently manage their builds and artifact flows while maintaining security and compliance, making the software delivery process smoother and more reliable.
Feb 28, 2019 608 words in the original blog post.
JFrog offers a streamlined process for deploying Artifactory High Availability (HA) on Microsoft Azure through the Azure Marketplace, enabling organizations to manage their own Bring Your Own License (BYOL) installations in their Azure environment. The automated installation simplifies the setup of Artifactory HA, which includes multiple server nodes, a load balancer, an NGINX server, a SQL server, and Azure blob storage, all configured using an Azure Resource Manager (ARM) template. This setup ensures enterprise-grade scalability, performance, and security, catering to larger load bursts while maintaining high uptime. Users also have the option to customize the installation using JFrog's ARM template or opt for a SaaS Cloud Enterprise license for a fully managed solution. The deployment process involves a series of steps that require an Azure subscription and Artifactory Enterprise licenses, with the entire installation typically taking about 20 minutes. Once deployed, users can explore Artifactory's features, such as setting up package managers, remote repositories, and Docker registries for container deployment.
Feb 26, 2019 1,048 words in the original blog post.
JFrog has enhanced its DevSecOps capabilities by integrating the VulnDB database into JFrog Xray, a move that provides users with comprehensive security intelligence at no additional cost. Initially announced at JFrog's swampUP event in 2017, Xray is designed to help DevOps teams identify and address open-source vulnerabilities and software license compliance issues early in the development phase, embodying a "shift left" approach. The partnership with Risk Based Security (RBS) further strengthens Xray's functionality, as VulnDB is a leading vulnerability intelligence database containing nearly 200,000 vulnerabilities, with new ones added daily. This integration ensures that JFrog Xray offers one of the most extensive security scanning solutions on the market, and customers benefit from an enriched database without losing existing data. JFrog emphasizes that the integration is not a mere plugin but a deep incorporation into the Xray database, enhancing protection as software progresses from development to production.
Feb 25, 2019 732 words in the original blog post.
NuGet is an open-source package manager tailored for the Microsoft development platform, facilitating the management of DLL files with associated metadata. It integrates with JFrog Artifactory, which supports the application lifecycle from development to distribution, encompassing security and artifact management. After setting up a NuGet repository in Artifactory, developers can configure their builds to consume dependencies and publish packages to Artifactory, which also manages build metadata. Using JFrog CLI, exhaustive build information, including details about the build environment and dependencies, can be stored and published, providing enhanced traceability and visibility. Artifactory's BuildInfo feature allows for promoting builds, scanning for vulnerabilities with JFrog Xray, and viewing license violations, offering a higher level of abstraction in build pipeline management by focusing on entire builds rather than individual packages.
Feb 20, 2019 337 words in the original blog post.
IBM Cloud Private (ICP) and JFrog Artifactory seamlessly integrate to support containerization and cloud-native microservices deployment, offering a robust solution for enterprise-level Kubernetes environments. ICP, built on Kubernetes, operates as a private cloud within on-premises infrastructure, providing a secure environment suitable for sensitive data, and when combined with the public IBM Cloud, it forms a powerful hybrid cloud system. Artifactory serves as a comprehensive Kubernetes registry, offering secure storage, metadata tracking, and vulnerability scanning for binaries, enhancing trust and compliance in the DevOps pipeline. It facilitates automation and links directly to Kubernetes, enabling frictionless DevOps processes that allow organizations to release software quickly and safely. The installation process for Artifactory on ICP involves configuring a high-availability setup using JFrog’s Helm chart, ensuring zero downtime and high reliability for demanding workloads. This setup empowers enterprises to establish a trusted continuous delivery pipeline from code to cluster, utilizing Artifactory's capabilities to manage binaries and ensure reliable builds.
Feb 14, 2019 1,158 words in the original blog post.
The article outlines a comprehensive guide for hosting applications on the cloud using Amazon's Elastic Container Services (ECS) and Elastic Container Registries (ECR) while employing a multi-cloud strategy. It highlights the growing trend of developers opting for cloud services from major providers like Google, Amazon, and Microsoft to ensure applications can scale, be deployed faster, and meet robust security and automation requirements. The guide walks through five key steps: creating and pushing images to ECR, defining task definitions with required containers, creating an ECS cluster, running tasks within the cluster, and configuring services with Elastic Load Balancing (ELB) and Auto Scaling Groups (ASG). ECS and ECR facilitate cloud automation by eliminating the need for self-managed clusters and configuration systems, offering two hosting approaches—AWS Fargate for serverless infrastructure and Amazon EC2 for more control. Additionally, it mentions that tools like Artifactory Cloud can be integrated for managing Docker registries and that AWS's other services, such as S3 and RDS, can further enhance applications' cloud-native capabilities.
Feb 12, 2019 1,167 words in the original blog post.
IBM Cloud offers a robust platform for DevOps with tools like IBM Cloud Kubernetes Service (IKS), providing an ideal environment for cloud-native development. By integrating JFrog Artifactory, developers can enhance their DevOps strategy with greater control and visibility over software components, ensuring compliance and security throughout the continuous integration and delivery (CI/CD) pipeline. Artifactory's High Availability (HA) setup on IBM Cloud ensures high reliability and zero downtime through a cluster of multiple nodes, with the configuration supported by IBM's block storage plugin. The setup process involves creating a Kubernetes cluster, installing necessary storage plugins, and deploying Artifactory using Helm charts. Once installed, Artifactory seamlessly integrates into the DevOps pipeline, offering features like Kubernetes registries, proxy creation for package managers, and build integrations, ultimately enabling a secure and efficient path from code to deployment on IKS clusters.
Feb 07, 2019 1,213 words in the original blog post.
The blog post series explores the integration of JFrog CLI, Artifactory, and GitHub Actions to streamline the development and distribution of software, specifically focusing on building and storing a Go module binary in Artifactory. The final installment in the series details a three-step workflow: building the application, uploading the binary to Artifactory, and collecting build information. The process demonstrates the automated configuration of Artifactory servers, the efficient upload of binaries using JFrog CLI, and the importance of gathering build data for environment consistency. The series highlights the synergy between JFrog CLI and GitHub Actions, emphasizing their role in accelerating app development and publication. The post encourages readers to explore GitHub Actions and JFrog Artifactory through available demo environments, inviting further engagement and feedback through social media platforms.
Feb 04, 2019 866 words in the original blog post.
Ensuring the availability of binaries in a DevOps pipeline, whether for a small JFrog Artifactory instance or a complex cross-region setup, is crucial for maintaining operational continuity. Various strategies can be employed to protect these binaries from disasters, such as conducting system backups directly through the Artifactory UI or leveraging third-party solutions like Amazon S3 for redundancy by storing multiple data copies across different locations. Another approach involves implementing a disaster recovery architecture by establishing a secondary Artifactory cluster equipped with Federated Repositories and Access Federation. This white paper explores these recommended strategies, offering insights tailored to different organizational structures and Artifactory setups.
Feb 01, 2019 111 words in the original blog post.