Artifactory supports build integration whether you are running builds on one of the common CI servers in use today, on cloud-based CI servers or standalone without a CI server.
Integration of Artifactory into your build ecosystem provides important information that supports fully reproducible builds through visibility of artifacts deployed, dependencies and information on the build environment.
The Artifactory Build Integration Add-on provides a set of plugins you can use with industry standard CI systems and build tools that enable you to:
- See all the builds that are published and their build results in Artifactory.
- Explore the modules of each build, including published artifacts and corresponding dependencies.
- Obtain information about the build environment.
- Check if a specific artifact is required for or is a result of a build, and providing alerts if such an artifact should be targeted for removal.
- Treat all the artifacts and/or dependencies from a specific build as a single unit and perform bulk operations such as move, copy, export etc.
- Receive bidirectional links between build and artifact information inside the build server and Artifactory pages.
Running Builds on a CI Server
Artifactory can easily be added to a continuous integration build ecosystem by treating the CI server as a regular build client, so that it resolves dependencies from Artifactory, and deploys artifacts into a dedicated repository within Artifactory.
CI servers that are currently supported, each through a specific plugin are:
The build tools supported on all of these CI servers are: Maven 3 and 2, Gradle, Ivy/Ant, .Net, MSBuild as well as Generic build tools. For details please refer to the documentation for each CI server plugin.
In addition to the plugins supported by Artifactory, there is also the Gradle Bintray Plugin which provides integration between Gradle builds directly with JFrog Bintray.
Running Standalone Builds or on a Cloud-based CI Server
In the last few years, the popularity of cloud-based CI servers has grown. Some examples are, CircleCI, Travis CI, drone.io and Codeship. The problem is that none of these are "pluggable" in the traditional way. Therefore, to support builds running on cloud-based build servers, as well as standalone builds, Artifactory provides plugins for industry standard build tools such as Maven, Gradle, Ivy/Ant and MSBuild. These plugins provide all the benefits of Artifactory that facilitate fully reproducible builds without the need for a CI server. For more details please refer to Maven Repository, Working with Gradle, Working with Ivy and MSBuild Artifactory Plugin.
Build Integration for Artifactory open source version vs. Artifactory Pro
When using the OSS version of Artifactory, Build Integration includes the Generic
BuildInfo View and the ability to traverse and view build information using Artifactory's REST APIs.
Artifactory Power Pack extends these capabilities and provides Module Artifacts and Dependencies View, Repository View of Builds and the ability to export and manipulate build items.
Builds and Build History
All CI server projects that deploy their output to Artifactory can be viewed in the Build Browser which is accessed in the Artifacts module under Builds.
Selecting a project displays all runs of that build reflecting the build history in the CI server.
Selecting a build item from the list displays complete build-level information. You can also view the build in the CI server by selecting the corresponding link under the CI Server column.
To view build information you must have the 'deploy' permission on some repository path.
You can select the Build Number to drill down into a specific build. This displays detailed information about the build, and enables you to compare it with another build as described in the following sections.
There are three categories of information:
- General build information about the build and its environment.
- Build modules along with their artifacts and dependencies.
- Generic view of the build information in JSON format.
General Build Information
This tab displays general information about the build:
|The name assigned to the component being built|
|The specific run of the build|
|The build tool used|
|The CI server managing the build|
|The specific version of build tool used|
|The time stamp when the build was started|
|The duration of the build|
|The factor that triggered this build. This may be a CI server user, or another build|
|The Artifactory user that triggered this build|
|Link to the build information directly on the build server|
This tab displays the modules published into Artifactory as a result of the build, along with the number of artifacts and dependencies that they contain.
Module Artifacts and Dependencies
Selecting a published module that was built will display its artifacts and dependencies. You can group these by type or scope by clicking the corresponding column header.
You can click any item to download it directly, or click its Repo Path to view it in the Tree Browser.
The Environment tab displays an extensive list of properties and environment settings defined for the selected build. You can use these to reproduce the environment precisely if you need to rerun the build.
The Issues provides integration between Artifactory, Jenkins CI server and JIRA issue tracker. When using Jenkins CI, if you to set the Enable JIRA Integration option in the Jenkins Artifactory Plugin, the Issues tab will display any JIRA issues that have been addressed by this build.
The Licenses tab displays the results of a detailed license analysis of all artifacts and their dependencies.
The Summary line displays the number of artifacts found with the following statuses:
The license found has not been approved for use
You can approve a license for use in the Admin tab under Configuration | Licenses. For details please refer to License Control.
|No license requirements were found for the artifact.|
|The artifact requires a license that is unknown to Artifactory|
|A license requirement that is not approved has been found for the artifact, however there is another license that is approved.|
|All license requirements for the artifact are approved in Artifactory.|
The Governance tab displays the results of running the selected build through Black Duck Code Center license analysis.
In addition to viewing the licensing status of components in the build, you can see a list of security vulnerabilities that were detected.
The report displays one of the following statuses for components:
|The component has been approved by the Black Duck Code Center analysis|
|The component is pending examination by Black Duck|
|The component was rejected by the Black Duck Code Center analysis|
See the Black Duck Code Center Integration to learn more about this feature.
The Diff tab allows you to compare the selected build with any other build. Once you select a build number in the Select A Build To Compare Against field, Artifactory displays all the differences between the builds that were detected including new artifacts added, dependencies deleted, properties changed and more.
The Release History tab displays a list of the selected build's release landmarks.
Build Info JSON
This tab displays the raw
BuildInfo JSON representation of the build information in Artifactory. This data can be accessed via the REST API or used for debugging and is also available in the Artifactory OSS version.
Exporting and Manipulating Build Items
You can view a build in the repository browser and perform actions on it as a whole with all its artifacts and dependencies. For example, you could promote it to another repository, copy it, or export it to a disk.
Repository View of Builds
When viewing an artifact within the Tree Browser, you can see all of the builds with which that artifact is associated, whether directly or as a dependency in the Builds tab
Moreover, if you try to remove the artifact you will receive a warning that the build will no longer be reproducible.
The association of an artifact with a build is retained even if you move or copy it within Artifactory, because the association linked to the artifact's checksum which remains constant, regardless of the its location.
Behind the Scenes
Behind the scenes, the Artifactory plug-in for your CI server performs two major tasks:
- It resolves all dependencies from a resolution repository in Artifactory.
- It deploys all the artifacts to Artifactory as an atomic operation at the end of the build, guaranteeing a more coherent deployment when building multi-module projects
(Maven and Ivy deploy each module at the end of its build cycle. If one of the modules fails, this can result in partial deployments).
- It sends a
BuildInfodata object to Artifactory via the REST API at the end of deployment. This is a structured JSON object containing all the data about the build environment, artifacts and dependencies, in a standard and open format.
Change values for the release and next development version
Choose a target staging repository to which to deploy the release
Create a VCS tag for the release
Staged release builds can later be promoted or rolled-back, changing their release status in Artifactory, with the option to move the build artifacts to a different target repository.
Inside Artifactory, the history of all build status change activities (staged, promoted, rolled-back, etc.) is recorded and displayed for full traceability.
To learn more about release management specific to your CI server, please refer to: