Artifactory Reviews and details

Social recommendations and mentions

• Where to store executables shared by a team/project

  I kind of hate it, but Artifactory seems popular at companies: https://jfrog.com/artifactory/. Source: 10 months ago

• Adding Virtual Environments to Git Repo

  When not providing all dependencies yourself, you might suffer from people deleting the packages you depend on (IMHO a very rare scenario). If it is really that critical (hint: usually it isn't), create a local mirror of Pypi (full or only the packages you need). Devpi, Artifactory, etc. Can do that or you just dump the necessary files into Cloud storage, so you have a backup. Source: about 1 year ago

• Authenticated Docker Hub image pulls in Kubernetes

  Operate a pull-through cache registry, like Artifactory or the open source reference Docker registry. This will allow you to pull images from Docker Hub less frequently, improving your chances of staying under the anonymous usage limit. - Source: dev.to / about 1 year ago

• Concretely, how do you trust the experts? That is, how do you a) identify experts relevant to something and b) determine if they have a consensus (and if so, what it is) on a given topic?

  Like suppose for a second that . . . Idk . . . a product team wants our ci workflows to start using Artifactory. Okay great, I don't know Artifactory integration but I'm going to tell them "Sure, I'll get right on that.". Source: about 1 year ago

• What do I do with large "asset" files?

  If these "assets" have an independent release schedule I would treat them separately (especially if they are externally provided). If they are not built from source then treat them as artefacts, they don't belong in git. You can store the in an artefact repository (like Artifactory of Nexus) or (as u/nekokattt points out) in something like S3. Source: over 1 year ago

• Take More Screenshots

  And all of those have packages that could technically disappear, or you could have network issues and so on (when I build my container images, I sometimes even have apt fail, even though very rarely). I think a safe bet is to run your own package proxy, like Sonatype Nexus: https://www.sonatype.com/products/nexus-repository (there's also JFrog Artifactory in this space, probably others too:... - Source: Hacker News / over 1 year ago

• "LanCache" style network level cache to speed-up repository cloning & apt-get downloads?

  Artifactory will do what you need, as an APT cache and as container registry as well, however im not sure how "Free" this is for your case. Source: over 1 year ago

• At what point does an unstable company become a risk in your tech stack? (more Twitter fallout)

  Tools like Artifactory from jfrog provide a more formalized mechanism to add to your company's IT environment. Source: over 1 year ago

• Does your company backup copies of open-source libraries?

  Yes. Many companies will set up, essentially, a proxy to public package repositories. A popular one is Artifactory. Source: over 1 year ago

• Using Container Registries (Getting Started)

  Next, there’s Artifactory by JFrog. There’s a free version and a paid version of Artifactory depending on what you want to use. Other benefits of Artifactory include XRay, which is a way to secure container images by scanning them using CVSS scoring and the National Vulnerability Database (NVD). - Source: dev.to / almost 2 years ago

• Lightweight artifact repository with Python and GitHub

  Above, is a demonstration on how to build your own private dependency management system for Python using git and GitHub actions. Is this the best solution for private dependency management? Probably not, if you are in the position to pick technologies and services or are starting a greenfield project, you will be able to pick something that works out of the box (examples include: Artifactory, Nexus, AWS... - Source: dev.to / almost 2 years ago

• Thoughts on custom implementation around 3rd party libraries?

  Look into artifactory. It’s a tool that lets your company control which versions of packages you can use. If you want to keep an older version of a library, or fork/overwrite original functionality, you can do that. Source: almost 2 years ago

• I developed a template for starting new Python projects! Features: Poetry, GitHub CI/CD, MkDocs, publishing to PyPi/Artifactory, Pytest, Tox, black and isort.

  Publishing to Pypi or Artifactory by creating a new release on GitHub. Source: about 2 years ago

• How do you share your corporate crates?

  We use JFrog Artifactory, because that's what is used for package management for other languages in our company. Source: about 2 years ago

• What Does a DevOps Engineer Do?

  A DevOps Engineer will also need to make numerous decisions on whether to buy or build certain parts of the DevOps process. For example, does your team roll its own artifact storage features? Or does it leverage a tool like Artifactory? DevOps Engineers need to remain up to speed on the tools marketplace so they can make these critical buy vs. Build decisions. - Source: dev.to / over 2 years ago

• Pull Through Cache Repositories for Amazon Elastic Container Registry

  If you work in a large company, for security reasons you may already be required to use in-house mirrors of libraries or container images. There are commercial products for doing this, e.g. https://jfrog.com/artifactory/ All the command line package management tools then need to be configured to point at the custom in-house package mirror, rather than connecting to the default public package server over the internet. - Source: Hacker News / over 2 years ago

• Woke brigade breaks the Internet (again)

  Projects like Linux distributions create source packages that they can retain and control so that they can build without relying on third parties. Systems like Artifactory will cache dependencies for you - generally your build system will let you set up Artifactory as a proxy and Artifactory will make sure your dependencies don't disappear at some point in the future. Source: over 2 years ago

• Best way to store and distribute private packages (npm-like)?

  Artfactory: https://jfrog.com/artifactory/. Source: almost 3 years ago

• What is the difference between a repository and a server? What exactly is "artifactory"?

  Artifactory is a specific product: https://jfrog.com/artifactory/ . It can do many things, but primarily stores files. A company I used to work for used it as an internal npm registry and nuget feed for packages we created but did not share outside the company. Source: about 3 years ago

• How to change repository url from https://oss.sonatype.org to https://s01.oss.sonatype.org?

  So, you can publish from CI like Jenkins/Teamcity/etc, then for it, you need to have only one account. Or if you work in a large company the best way is to have your own Nexus-like server, on my previous work we used Artifactory (https://jfrog.com/artifactory/) to save/and manage pom/npm/rpm/etc sources. Source: about 3 years ago