Table of contents
Universal Repository Manager
Artifactory supports a wide range of packaging formats, including Maven, Gradle, Docker, npm, and more. This makes it extremely versatile for organizations using multiple types of build artifacts.
Integration with CI/CD Tools
Artifactory integrates seamlessly with a variety of continuous integration and continuous deployment tools like Jenkins, CircleCI, and GitLab, which helps streamline the build and release process.
Security and Access Control
It provides robust security features including fine-grained access control, LDAP integration, and advanced auditing capabilities to ensure that only authorized personnel can access specific artifacts.
High Availability
Artifactory offers high availability setups, enabling it to be configured in a redundant and load-balanced setup to ensure maximum uptime and reliability.
Efficient Storage Management
It provides advanced storage management capabilities, such as artifact de-duplication, and optimization features to better manage storage resources.
Performance and Scalability
Artifactory is designed to handle large-scale deployments and provides caching mechanisms to significantly improve performance and reduce build times.
Enterprise-Grade Features
Artifactory comes with enterprise-grade features such as disaster recovery, multi-push replication, and advanced metrics, which are particularly useful for large organizations.
Yes, Artifactory by JFrog is generally considered a good choice for managing and automating binary storage and distribution across different software development and deployment processes.
We have collected here some useful links to help you find out if Artifactory is good.
Check the traffic stats of Artifactory on SimilarWeb. The key metrics to look for are: monthly visits, average visit duration, pages per visit, and traffic by country. Moreoever, check the traffic sources. For example "Direct" traffic is a good sign.
Check the "Domain Rating" of Artifactory on Ahrefs. The domain rating is a measure of the strength of a website's backlink profile on a scale from 0 to 100. It shows the strength of Artifactory's backlink profile compared to the other websites. In most cases a domain rating of 60+ is considered good and 70+ is considered very good.
Check the "Domain Authority" of Artifactory on MOZ. A website's domain authority (DA) is a search engine ranking score that predicts how well a website will rank on search engine result pages (SERPs). It is based on a 100-point logarithmic scale, with higher scores corresponding to a greater likelihood of ranking. This is another useful metric to check if a website is good.
The latest comments about Artifactory on Reddit. This can help you find out how popualr the product is and what people think about it.
Does anyone recommend some pull-through registry to use? Docker Docs has some recommendations [0], but I wonder how feature complete it is. I'd like to find something that: - Can pull and serve private images - Has UI to show a list of downloaded images, and some statistics on how much storage and bandwidth they use - Can run periodic GC to delete unused images - (maybe) Can be set up to pre-download new tags IIRC... - Source: Hacker News / 7 months ago
This site is hilariously fucked on mobile https://jfrog.com/artifactory. - Source: Hacker News / 10 months ago
JFrog Artifactory is a universal artifact repository manager that enables organizations to store, manage, and distribute software packages and artifacts across the entire development lifecycle. It supports a wide range of package formats, including Docker, Maven, npm, PyPI, and more, making it a versatile solution for DevOps and CI/CD pipelines. - Source: dev.to / 11 months ago
For advanced customization requirements, EKS Blueprints offers flexibility by allowing easy overrides of default Helm values. For instance, you can effortlessly replace Docker images specified in the values.yaml file with private Docker repositories like ECR or Artifactory. - Source: dev.to / 12 months ago
I kind of hate it, but Artifactory seems popular at companies: https://jfrog.com/artifactory/. Source: about 2 years ago
When not providing all dependencies yourself, you might suffer from people deleting the packages you depend on (IMHO a very rare scenario). If it is really that critical (hint: usually it isn't), create a local mirror of Pypi (full or only the packages you need). Devpi, Artifactory, etc. Can do that or you just dump the necessary files into Cloud storage, so you have a backup. Source: over 2 years ago
Operate a pull-through cache registry, like Artifactory or the open source reference Docker registry. This will allow you to pull images from Docker Hub less frequently, improving your chances of staying under the anonymous usage limit. - Source: dev.to / over 2 years ago
Like suppose for a second that . . . Idk . . . a product team wants our ci workflows to start using Artifactory. Okay great, I don't know Artifactory integration but I'm going to tell them "Sure, I'll get right on that.". Source: over 2 years ago
If these "assets" have an independent release schedule I would treat them separately (especially if they are externally provided). If they are not built from source then treat them as artefacts, they don't belong in git. You can store the in an artefact repository (like Artifactory of Nexus) or (as u/nekokattt points out) in something like S3. Source: over 2 years ago
And all of those have packages that could technically disappear, or you could have network issues and so on (when I build my container images, I sometimes even have apt fail, even though very rarely). I think a safe bet is to run your own package proxy, like Sonatype Nexus: https://www.sonatype.com/products/nexus-repository (there's also JFrog Artifactory in this space, probably others too:... - Source: Hacker News / over 2 years ago
Artifactory will do what you need, as an APT cache and as container registry as well, however im not sure how "Free" this is for your case. Source: almost 3 years ago
Tools like Artifactory from jfrog provide a more formalized mechanism to add to your company's IT environment. Source: almost 3 years ago
Yes. Many companies will set up, essentially, a proxy to public package repositories. A popular one is Artifactory. Source: about 3 years ago
Next, thereโs Artifactory by JFrog. Thereโs a free version and a paid version of Artifactory depending on what you want to use. Other benefits of Artifactory include XRay, which is a way to secure container images by scanning them using CVSS scoring and the National Vulnerability Database (NVD). - Source: dev.to / about 3 years ago
Above, is a demonstration on how to build your own private dependency management system for Python using git and GitHub actions. Is this the best solution for private dependency management? Probably not, if you are in the position to pick technologies and services or are starting a greenfield project, you will be able to pick something that works out of the box (examples include: Artifactory, Nexus, AWS... - Source: dev.to / about 3 years ago
Look into artifactory. Itโs a tool that lets your company control which versions of packages you can use. If you want to keep an older version of a library, or fork/overwrite original functionality, you can do that. Source: over 3 years ago
Publishing to Pypi or Artifactory by creating a new release on GitHub. Source: over 3 years ago
We use JFrog Artifactory, because that's what is used for package management for other languages in our company. Source: over 3 years ago
A DevOps Engineer will also need to make numerous decisions on whether to buy or build certain parts of the DevOps process. For example, does your team roll its own artifact storage features? Or does it leverage a tool like Artifactory? DevOps Engineers need to remain up to speed on the tools marketplace so they can make these critical buy vs. Build decisions. - Source: dev.to / over 3 years ago
If you work in a large company, for security reasons you may already be required to use in-house mirrors of libraries or container images. There are commercial products for doing this, e.g. https://jfrog.com/artifactory/ All the command line package management tools then need to be configured to point at the custom in-house package mirror, rather than connecting to the default public package server over the internet. - Source: Hacker News / almost 4 years ago
Projects like Linux distributions create source packages that they can retain and control so that they can build without relying on third parties. Systems like Artifactory will cache dependencies for you - generally your build system will let you set up Artifactory as a proxy and Artifactory will make sure your dependencies don't disappear at some point in the future. Source: almost 4 years ago
JFrog Artifactory has established itself as a leading and highly versatile repository management tool in the software development ecosystem. Its reputation as an enterprise-ready solution is underscored by its robust support for secure, clustered, high-availability Docker registries. As a universal artifact repository manager, Artifactory seamlessly supports a wide array of software packages, irrespective of programming language or technology, and integrates efficiently with major CI/CD and DevOps tools. This capability ensures a comprehensive end-to-end automated solution for managing artifacts from initial development stages to final production deployment.
Artifactoryโs key selling point is its ability to universally support various package managers like Maven, npm, Go Registry, NuGet, PyPI, RubyGems, Conan, RPM, Debian, and Helm among others. This broad support renders it a favored choice for developers seeking to centralize binary resources including remote artifacts and proprietary libraries. The tool's ability to cache remote artifacts locally to reduce redundant downloads appeals to developers focused on optimizing build speeds and maintaining operational efficiency.
Public opinion generally positions Artifactory positively, especially within organizations that prioritize reliable artifact management and distribution. Its comprehensive support across multiple artifact types coupled with strong integration capabilities makes it a preferred choice for businesses aiming towards a unified DevOps practice. Artifactoryโs versatility is underpinned by additional features such as XRay, which enhances security by scanning container images for vulnerabilities.
However, some users perceive Artifactory as being a "heavy" solution, potentially too expansive for smaller scale projects or individual use. In scenarios requiring simple private registry setups or cache solutions, alternatives like Sonatype Nexus or even basic setups using cloud storage solutions may be recommended over Artifactory. Concerns about complexity and resource requirements are thus balanced against the extensive feature set and integration capabilities that Artifactory offers.
In contrast, developers discussing Artifactory within online forums and technical blogs appreciate its robust feature set that caters exceptionally well to enterprise-level needs and large-scale DevOps practices. The tool's ability to standardize the management and distribution of artifacts is highlighted as a crucial advantage, especially amidst fluctuating requirements in rapidly evolving development environments.
Noteworthy is Artifactoryโs enduring presence since pre-2009, which solidifies its reputation as a pioneer in universal binary repository management. Its continued relevance in a competitive landscape signifies ongoing community and organizational trust.
For companies deliberating between buying versus building DevOps tools, Artifactory often serves as a benchmark for commercial solutions due to its comprehensive support, ease of integration, and reliability. Nonetheless, as with any robust enterprise tool, thoughtful consideration is advised in evaluating the specific needs of the project against the features offered by Artifactory to ensure alignment and optimal resource utility.
Do you know an article comparing Artifactory to other products?
Suggest a link to a post with product alternatives.
Is Artifactory good? This is an informative page that will help you find out. Moreover, you can review and discuss Artifactory here. The primary details have not been verified within the last quarter, and they might be outdated. If you think we are missing something, please use the means on this page to comment or suggest changes. All reviews and comments are highly encouranged and appreciated as they help everyone in the community to make an informed choice. Please always be kind and objective when evaluating a product and sharing your opinion.
