Distribution 2.9
Released: August 4, 2021
Feature Enhancements
Maven Shared Library Upgrade
Upgraded the Maven shared utils library to version 3.3.4 to fix some vulnerabilities issues related to the following:
Distribution 2.9.1
Released: August 8, 2021
Distribution 2.9.1 is Available as a Cloud Version
Distribution 2.9.1 is Available as a Cloud Version
Resolved Issues
- Fixed an issue whereby, in some cases, conflicts in target paths for Docker layers were present upon Release Bundle creation.
- Fixed an issue whereby, the Distribution service was shutting down the Release Bundle distribution transaction in a non-optimal manner.
Distribution 2.9.2
Released: August 22, 2021
Resolved Issues
This release contains resolved security vulnerability issues.
Distribution 2.9.3
Released: September 30, 2021
Resolved Issues
- Fixed an issue whereby, a Distribution instance connected to the remote Mission Control while using a Circle of Trust for Token validation failed.
- Fixed issue whereby, a token generated using the UI, had fewer permissions in the Distribution process.
Distribution 2.8
This section describes all of the Distribution 2.8 releases.
Distribution 2.8.1
Released: June 30, 2021
Highlights
Dynamic Release Bundle
Introduced the capability to create, sign and distribute an ad-hoc Release Bundle dynamically through a single REST API request. For more information, see Creating a Dynamic Release Bundle.
Multiple GPG keys for Signing Release Bundles
Distribution now supports signing Release Bundles using multiple GPG keys and not one key pair for all Release Bundles. This enables you to use different keys according to your organizational requirements, such as keys used in different departments. For more information, see Multiple GPG Signing Keys
Target Repository Auto-Creation
Automatically create repositories on the target edges if no repositories exist when distributing Release Bundles. For more information, see Target Repository Auto-Creation
Feature Enhancements
Distribution Service
To introduce efficiencies within the JFrog Platform, the services that were previously under the Distributor service has been moved under the Distribution service. This does not affect the Distribution's functionality.
Live Logs Enhancement
Added a new distribution-service log to the System Logs Viewer.
Distribution 2.8.2
Released: July 12, 2021
Resolved Issues
- Fixed an issue regarding the Distribution Support Bundle creation in Distribution version 2.8.1.
Distribution 2.7
This section describes all of the Distribution 2.7 releases.
Distribution 2.7.1
Released: March 31, 2021
Highlights
HashiCorp Vault Integration with the JFrog Platform
The Jfrog Platform integration with HashiCorp Vault enables you to configure an external vault connection to use as a centralized secret management tool. Using vault allows you to store signing keys as secrets and provides you with the capability to generate and manage keys in a centralized tool for security and compliance. To learn more, see HashiCorp Vault Integration with the JFrog Platform.
Resolved Issues
- Fixed an issue whereby, in some cases, Release Bundles were stuck and blocking distribution.
Distribution 2.6
Released: January 13, 2021
Highlights
Webhooks for Distribution
You can now use event-driven Webhooks to send important events occurring in Distribution. You have a number of events that you can choose from, such as Release Bundle status changes, Release Bundle distribution status changes, and Release Bundle deletion from Edge nodes.
These events are sent to other applications by setting a URL. To learn more, see Webhooks.
Distribution 2.6.1
Released: February 25, 2021
Resolved Issue
- Fixed an issue whereby, when creating a Release Bundle, the Docker manifest resolver, in some cases, duplicated artifacts causing a conflict.
Distribution 2.5
Released: 29 September, 2020
Highlights
Distributing Release Bundles in an Air Gap Environment
JFrog Distribution supports distributing your Release Bundles to remote Artifactory nodes within an Air Gap self-hosted environment. This use case is mainly intended for organizations such as financial institutions and military installations that have two or more Artifactory instances that have no network connection between them. To distribute the Release Bundles in an Air Gap environment, you need to export the Release Bundle on the Source Artifactory either directly from the WebUI or using REST API. For more information, see Distributing Release Bundles in an Air Gap Environment.
Distribution 2.5.1
Released: 5 October, 2020
Resolved Issue
- JFrog Distribution now externalizes the configuration parameter allowing users to set the required time interval for Xray to complete the Release Bundle scanning process.
Distribution 2.5.2
Released: 11 November, 2020
Highlights
Release Bundle Release Notes
You can now add and distribute Release Notes with a Release Bundle.
PostgreSQL Version Support
Distribution now supports PostgreSQL version 12.3.
Resolved Issue
- Fixed an issue whereby, the timezone differed between the
request.loganddistribution-service.log.
Distribution 2.5.3
Released: 8 December, 2020
Resolved Issue
- Fixed an issue, whereby a proxy configuration from Artifactory cannot be used in distribution due to an expired token.
Distribution 2.5.4
Released: 29 December, 2020
Resolved Issue
- Fixed an issue, whereby a proxy configuration from Artifactory cannot be used in distribution due to an expired token.
- Fixed an issue, whereby a Release Bundle version added properties that might override existing artifact properties.
- Fixed an issue, whereby using multiple AQL queries in a single Release Bundle version may cause the Release Bundle creation to fail due to token expiration.
- Fixed an issue whereby, in some cases, Distribution may remain in an in-progress state due to a failed close transaction flow.
Distribution 2.4
Released: July 5, 2020
Highlights
Hybrid Distribution
JFrog SaaS supports Hybrid Distribution allowing you to distribute your Release Bundles from Artifactory Cloud to multiple Cloud and On-Prem Edge nodes within the same organisation. Hybrid Cloud promotes scalability and flexibility allowing you to distribute sensitive and highly regulated and mission critical Release Bundles to Artifactory On-Prem edges while using the Artifactory Cloud for mainstream public distributions and thereby gaining significant cost savings. For more information, see Hybrid Distribution.
Added Manual Linux Archive Installation
You can now install JFrog Distribution using a Linux Archive installer in addition to the existing options giving more control over how to set up your environment. For more information, see Manual Linux Archive Installation.
Feature Enhancements
Automated GPG Public Key Propagation to Edge Nodes
The automatic propagation of signed public GPG Keys to the Artifactory source and edge nodes is now an integral part of the upload process of the GPG keys to Distribution. To support this, the Upload and Propagate GPG Signing Keys for Distribution REST API has been introduced and replaces the Upload GPG Signing Key for Distribution REST API command that is now deprecated from version Distribution version 2.4. For more information, see GPG Signing.
Export/Import Release Bundle Metadata to Support One To One Pairing
To support the Artifactory to Distribution One to One paring ratio in the JFrog Platform, you can now migrate Release Bundle metadata of the relevant Artifactory Instance to the correlating Distribution Service. For more information, see Distribution and Artifactory One to One Pairing.
Distribution to the source Artifactory without Proxy
The requirement to Distribute to the source Artifactory via a proxy has been removed.
Distribution Load Balancing Mechanism Improvements
Improved the load balancing mechanism in High Availability environments.
PostgreSQL Version Support
Distribution is now certified to run with PostgreSQL versions 10.X, 11.X, and 12.X. Note that, all JFrog’s installers bundling PostgreSQL have been updated to use a newer PostgreSQL version 10.13.
Resolved Issues
- Fixed an issue whereby you could not distribute Release Bundles from Artifactory version 7.x to Artifactory Edge 6.x edge nodes.
- When creating a Release Bundle, exclude Release Bundle repositories from the source.
Distribution 2.4.1
Released: 26 July 2020
Feature Enhancements
Distribution to Artifactory Edge nodes behind a proxy is now supported.
Distribution 2.3
Released: May 27, 2020
Feature Enhancements
Retrieve the Latest Version of a Release Bundle REST API
You can now retrieve the Last Release Bundle Version through the Rest API which enables you to distribute the latest version of the Release Bundle to your dedicated Edge nodes.
Improved Release Bundle Distribution Auditiblity and Tracking
A new set of parameters have been added to the Release Bundle APIs providing you with more audibility into the Distribution process:
The
created_byanddistributed_byparameters provide information on who created and distributed the Release Bundles.- The
start_time,finish_timeanddurationparameters provide information on the Distribution timeline of the Release Bundle.
Get Public GPG Key REST API
The Artifactory Edge Node verifies the Release Bundle signature with a public GPG key. You can now view the assigned public GPG Key by running the Get Public Key REST API command.
Distributing Release Bundle UI Improvements
Improved the Release Bundle Distribution management experience in the UI while providing you with the option to delete Release Bundles either from the JFrog Distribution server or from the JFrog Edge nodes.
Resolved Issues
- Fixed an issue whereby multiple Distribution nodes for one Edge Node were not performing well by introducing an algorithm for improving distribution scalability.
- Fixed an issue whereby Distribution was not supporting distributing Release Bundles containing artifacts using Unicode characters in the artifact name.
- Fixed an issue whereby the Release Bundle “In-Progress” status was generated for all distribution issues. This general state has been replaced with specific states to accommodate different distribution issues.
Distribution 2.2
Released: February 23, 2020
Resolved Issues
- Fixed an issue where Distribution did not recover when the Mission Control token was not valid or if the Mission Control service was not running when Distribution started.
Fixed an issue which caused confusion in the use of the Create Release Bundle Version REST API. From this release, the default of the dry_run parameter is now FALSE, so that by default, executing the REST API creates the release bundle object.
Action Required!
Previously triggering this API with the default value=True, resulted in running a dry run only. Note that this new default will execute the action.
Distribution 2.0
Released: January 12, 2020
Deprecated Features
Distribution 2.0 introduces several deprecated features. Learn More >
Also read about the features that are currently out of scope and will be available soon, in forthcoming release. Learn More >
Breaking Changes
For a list of breaking changes in Distribution and other services in the JFrog Platform, click here >
REST API Changes
For a list of REST API changes in Distribution, click here >
Important: The JFrog Platform web UI is now accessed through port 8082 (For example, http://SERVER_HOSTNAME:8082/ui/). Accessing Xray directly for REST API and downloads is still possible through port 8081. Learn More >
Highlights
JFrog Platform
Announcing the new JFrog Platform, designed to provide developers and administrators with a seamless DevOps experience across all JFrog products, supporting the following main features:
- Universal package management with all major packaging formats, build tools, and CI servers.
- Security and Compliance that's fully integrated into the JFrog Platform, providing full trust of your pipeline from code to production.
- Radically simplified administration with all configurations in one place.
- Complete trust in your pipeline all the way from code to production.
- Seamless DevOps experience from on-prem, cloud, hybrid or multi-cloud of your choice.
JFrog Platform New Functionalities
System Architecture
The new Distribution architecture has been updated to align with all JFrog products in the Platform. Learn More >
Distribution system.yaml
This release introduces a new system configuration file, allowing system configurations to be handled externally to the application, before/after the installation process. Learn More >
Installation and Upgrade
Distribution 2.0 comes with a new installer, which affects the installation and upgrade procedures. The file structure has been improved and is now aligned across all JFrog products. Learn More >
Distribution must be connected only to a single Artifactory instance. If you have a single Distribution instance connected to multiple Artifactory instances, the upgrade to the JFrog Platform requires mapping a source Artifactory to a single Distribution service. If you are creating and distributing release bundles from multiple source Artifactory instances, you now need to deploy a Distribution service in every JPD that contains these source Artifactory instances. You would then register multiple Distribution services to one Mission Control.
Unified User Interface
This version introduces a new UI that is unified for the entire JFrog Platform, including all JFrog products. If you are using Artifactory and other JFrog products such as JFrog Xray, JFrog Distribution, JFrog Mission Control and JFrog Insights, you will now be able to access them all from within a single UI with one URL address. Learn More >
Unified Permission Model
This version unifies all JFrog product permissions, allowing easier permission management across all products from one unified UI. The Unified Permission Model enables you to create a single permission target that applies to all products installed in the JFrog Platform. Since the products are unified within the Platform, you can now use a single permission target to control the permissions of all products. Learn More >
Logging
All JFrog products now follow a standardized logging format and naming convention. Learn More >
Feature Enhancements
Xray Integration
Release Bundles can now be scanned for security and compliance issues with JFrog Xray. This means you can now define security and compliance policies for your organization, on the release bundles, to ensure your distributable content is protected and meets your standards. Learn More >
Package View Including Distribution Data
This version includes a Package Viewer, providing a 360 view of your packages from all your available JFrog services, including JFrog Distribution. With this, you can understand which packages are included in release bundles and have been distributed to various Artifactory Edge devices. Learn More >