Overview

This page describes the general and JFrog product-specific changes applied in the JFrog Platform for self-hosted (on-prem) users, including:

  • JFrog Artifactory 7.0
  • JFrog Xray 3.0
  • JFrog Mission Control 4.0
  • JFrog Distribution 2.0
  • JFrog Pipelines 1.0
If you are Cloud a (SaaS) user, check out what's new in Cloud.

Get Started with the JFrog Platform >>

     

Features and Functionality

Unified Experience

The user interface provides a consistent experience across all JFrog products. It is designed to support the most commonly used workflows, including improved package management, security and compliance, and package distribution, continuing to provide you with full flexibility. To support this experience the internal architecture (defined as a JPD) is designed to provide JFrog users with the same user experience across the JFrog products that have been installed.                                                                                   

To support the different user workflows, the UI is divided into two main modules:

  • Application Module providing an easy to use interface for viewing your packages, builds and artifacts in Artifactory. Including Xray security vulnerabilities and violations, Dashboard topology and trends, Distribution release bundles and Pipelines DevOps automation.

  • Administration Module providing a consolidated place for configurations of all JFrog products (common and product specific). Including centralized settings, such as monitoring (storage, replication, service status), security and compliance, proxies, license and user management. As well as, property sets, backups, indexed resources, database sync and webhooks.

Both modules include an advanced search mechanism.

Flexible Permissions Model

Administrators get fine-grained permissions control over how users and groups access the different resources (repositories, builds, Release Bundles, destinations).

Security and Compliance Across your DevOps Pipeline

Fully integrated into the JFrog Platform, JFrog Xray protects your artifacts, repositories, builds and release bundles across the entire CI/CD pipeline.

  • Get JFrog's vulnerability database that is continuously updated with new component vulnerability data. Including VulnDB, the industry's most comprehensive security vulnerability database.
  • Identify security vulnerabilities and license violations according to your organization's needs. A dedicated Security and Compliance section in the UI allows you to set policies and watches on all your JFrog resources.
  • Configure watches and policies with the option to block artifact download, Release Bundle distribution to Edge nodes, and even break Builds.
  • Use advanced filtering that allows you to configure include /exclude patterns when setting indexed resources or when setting a Watch on the resources.

Simplified Installation

The JFrog platform installation/upgrade includes the following highlights:

Secure Distribution Process

Manage the creation and distribution of Release Bundles to your Artifactory Edge Nodes. Gain better visibility and traceability into your distribution process with a complete view of all contents and package references of your Release Bundles.

User Interface

The following table is a quick reference to common functionalities in the JFrog Platform, including their new locations and any functional changes.

JFrog Product

Functionality

Location in the New UI

Comments 

Artifactory

Custom Base URL
Date Format
Look and Feel Settings
Custom Message		Administration module | General | Settings


Dedicated Artifactory Settings


Administration module | Artifactory

General: Settings, Property Sets, HTTP Settings
Services: Backups, Maven Indexer
Security: Anonymous access, Revoke API Keys, SSH Server, Signing Keys Trusted Keys, Certificated


Xray

Xray Permissions

Administration module | Identity and Access | Permissions

As part of the JFrog Platform permissions unification, permission targets that were previously separated per product are now represented as one permission target with multiple permission options for the different JFrog products. Changes include:

  • Manage Components is now  Manage Xray Metadata

  • View Components is now included in the Read permission

As part of the permission migration process:

  • Users/Groups with Xray Admin and Artifactory Admin permissions will be converted to Administrators in the JFrog Platform. 
  • Users/Groups with only Xray Admin permissions will be converted to have Read, Manage, Manage Policies and Manage Watch permissions on all the resources.

For more information, see JFrog Platform Permission Migration.

Administration module | Identity and Access | Users

Administration module | Identity and Access | Groups

  • Manage Policies and Manage Watches are now a global permissions that are enabled on the user or group level. Previously this was a permission option in the permission target.
  • View Watches is now integrated with the Manage Watches global permission. It is not available as a separate permission.
Policies and Watches

Application module  | Security & Compliance 

  • Watch resources scope of repositories, builds and Release Bundles can be set by name or by Exclude/Include Patterns.
  • Manually invoking a re-scan of a watch will apply on all resources defined in the watch. Previously you could set the re-scan on part of the resources.
Dedicated Xray Settings

Administration module | Xray

General: Indexed Resources, Database Sync, Webhooks, Integrations
Advanced: System Parameters and Queue Workers, Xray System Messages, etc.

  • When setting the indexed resources scope of repositories, builds and Release Bundles you now set by name or by Exclude/Include Patterns.
Release Bundles are scanned by Xray
  • JFrog Xray supports indexing and scanning of Release Bundles as well as defining Watches and Policies on Release Bundles. You can apply a policy on a Watch containing a Block Release Bundle Distribution action to prevent distributing a Release Bundle to edge nodes if it meets a security or License policy defined in JFrog Xray. For more information, see Xray Scanning of Release Bundles.

Mission Control




Access FederationAdministration module | Identity and Access | Access Federation

Services

Administration module | Platform Deployments | Services

Administration module | Monitoring | Service Status


License and Licence BucketsAdministration module | License ManagementConsolidated Licenses for all the JFrog products.

Mission Control Site Explorer

Application module | Dashboard | Topology

Dashboard displays JPD topology.

Mission Control Insight 

Application module | Dashboard | Trends


Distribution

Distributable and Received Release BundlesApplication module | Distribution


Coming Soon

The following table describes features that are currently under development and will be available in later JFrog Platform releases.
Not available in the initial JFrog Platform release.

JFrog Product

Functionality

Artifactory

  • Artifactory Homepage: will be available in later JFrog Platform releases. For Mission Control installations, administrators can use the Topology page.

  • Native Tree Browser (from UI)The Artifactory native tree browser allows browsing the contents of a repository in a plain html structured tree.
    This will not be available via the new UI.     The old URL will still be available for clients who are relying on the tree browser. 

Mission Control

  • Projects 

  • Notifications

  • Disaster Recovery


Deprecated Features

JFrog Product

Feature

Artifactory

  • License Control is deprecated. Its functionality is included in the Xray integration and provides richer information and support for additional package types.

  • Stash Search Results: allowing you to save your search results and go back to them later, has been removed.

  • User Plugins: Now is a good time to check the READMEs of any user plugins you got from our User Plugins GitHub to ensure they are still valid and relevant.  All non-deprecated plugins should now work with Artifactory 7.x. If you wrote a custom user plugin that relies on a non-public API you should test it in Artifactory 7.x before deploying to production.

  • AJP Connector has been removed and will no longer work, HTTP should be used as an alternative.

Xray

  • Out of the box integrations: Aqua, WhiteSource and Black Duck, out of the box integrations are deprecated in the Xray UI integrations page. 
    However, custom integrations are still available, supporting integrating to any external source of your choice. The VulnDB integration, now transparently integrated into Xray, provides the industry's most comprehensive security vulnerability database. This eliminates the need for these out of the box 3rd party integrations.

  • Xray Homepage: as part of the JFrog Platform UI unification, this page has been removed.

Mission Control

  • Scripts are deprecated in favour of using the CLI.
  • Disaster Recovery is deprecated. 
Browsers
Internet ExplorerThe Internet Explorer browser is not supported in the JFrog Platform. For a list of supported browsers, see Browsers.

Breaking Changes

When upgrading to Artifactory version 7.x from a previous major version (e.g. 6.x), all other associated JFrog services must be upgraded to these compatible versions:

Mission Control

4.x

Xray

3.x

Distribution 

2.x

Artifactory 7.x will not work with any previous major versions of these services. 

Additionally, none of these new versions of Mission Control(4.x), Xray(3.x), or Distribution(2.x) will be compatible with Artifactory 6.x.

When upgrading to the JFrog Platform, Xray must be connected only to a single Artifactory instance. If you have one Xray instance connected to more than one Artifactory instances, use one of the following options before proceeding with any upgrade: 

Option 1 (recommended): Keep one connected Artifactory instance to your single Xray instance, and upgrade the rest to version 7.x with newly installed Xray version 3.x instances. This option will require re-indexing the additional Artifactory instances, and will cause some loss of configuration data. Learn More >

Option 2: Install additional Xray version 2.x instances for each Artifactory instance that you have, and restore all MongoDB and PostgreSQL data. Continue to upgrade each Artifactory and Xray pairs to version 7.x and version 3.x. This procedure is only suggested if you must keep all your Xray configurations and easily reconfigure them in the new instances. Learn More >

CategoryFeature

System Architecture

  • Artifactory and Xray Pairing: When upgrading to the JFrog Platform, Xray must be connected only to a single Artifactory instance. If you have a single Xray instance connected to multiple Artifactory instances, before upgrading Artifactory and Xray, you will need to split your Xray instance to multiple instances to support this requirement. See details here.
  • Artifactory and Distribution Pairing: The upgrade to the JFrog Platform requires mapping a source Artifactory to a single Distribution service. If you are creating and distributing release bundles from multiple source Artifactory instances and one Distribution instance, you will now need to deploy a Distribution service in every JPD that contains these source Artifactory instances. If your Mission Control instance is part of another JPD, you'll need to register it in the new Distribution instance. See details here.
  • Oracle database: Working with an Oracle database requires a new driver and setup. See details here.
  • MongoDB database, used by Xray prior to the Platform, is no longer needed (except during the data migration). If you are upgrading to the new JFrog Platform, your data will be automatically migrated over to PostgreSQL as part of the upgrade process.
  • Inter-product communication
  • Custom logback and Sumo Logic Integration

System Directories

  • Directory structure: has been updated for all JFrog products to create a standardized structure.
  • HA: HA installations with a shared NFS that mount the $ARTIFACTORY_HOME/data directory should now mount the $JFROG_HOME/artifactory/var/data/artifactory directory.
  • Logs structure has been updated from version 6.x, additional logs for new microservices have been added, log names have been changed to be aligned with all products and log output format has been changed to be aligned with all products.
    • Log file names are now prefixed by the service name and a dash. For example, the Artifactory log file name has been changed from application.log to artifactory-service.log.
    • Additional logs are now included for the new Router, Metadata, and Frontend.

System Configuration

  • Authentication Provider: You no longer configure an Artifactory as an Authentication Provider for Authentication as the new JFrog Platform architecture is based on a join-key method that automatically connects between the JPD and its services.
    For more information, see System Architecture.
  • Accessing the UI: The JFrog Platform web UI is now accessed through port 8082 (For example, http://SERVER_HOSTNAME:8082/ui/). Accessing Artifactory directly for REST API and downloads is still possible through port 8081. For more information, see System Requirements.
  • Reverse Proxy: The reverse proxy configuration should only be configured for the JFrog Platform, where previously it was configured for each JFrog Product separately. You will need to create a new reverse proxy configuration.
  • Load balancer health check endpoint: has been changed from api/system/ping to /router/api/v1/system/pingSee instructions here.
  • Using a Custom Context Path for OAuth or SAML SSO Authentication Providers: You will receive an error from your Identity Provider, if you have configured OAuth or your SAML SSO authentication providers, in versions prior to Artifactory 7.x, with the following settings:
    • Your Artifactory Context path was set using a custom context path, for example, mycompany.com/mycompany_test. To preserve this configuration, set the following system property, artifactory.override.context.path as your custom context path.
    • You are using an empty context path, for example: mycompany.com/. To continue using the emtpy context path configuration, set the following system property artifactory.override.context.path=Empty in the artifactory.system.properties file.

JFrog Artifactory

  • Replicator: All configurations have been moved from the replicator.yaml to the Artifacotry system.yaml file. See details here.

  • Viewing Packages/Builds/Release Bundles: The UI will only load only up to 100 results and up to 100 versions per package/builds/Release Bundle.
  • User Plugins: All Artifactory user plugins have been modified and must be updated to their latest version, when upgrading to Artifactory version 7.x. This is due to the file structure change that is introduced in this new Platform version. For example, haAwareEtcDir has been updated to etcDir. See GitHub changes.
  • Artifactory as Root Application in Tomcat: Artifactory can no longer be configured as the Tomcat root application. To remove the /artifactory context, you'll need to set the relevant configuration in your reverse proxy (load-balancer). See details here.
  • Artifact search via UI/API: By default, the artifact search in Artifactory is set to case-insensitive. This can be modified by applying this system property:

    artifactory.ui.search.artifacts.caseInsensitive=false.

JFrog Xray

  • Component Search: searching for components that are not artifacts in your Artifactory instance, but are known to Xray as a result of its recursive scan capability. This functionality will be available in later JFrog Platform releases.
  • Xray Permissions
    • The Manage Watch permission is now available as a global permission on the user/group level. Previously manage watches was an option per permission target that was defined with a scope of resources. Now, users/groups with the Manage Watch permission will enable permissions for all resources. When upgrading to the JFrog Platform, the permission conversion will remove the Manage Watch permission for all users and groups. After upgrading, this permission will need to be reconfigured for all required users and groups. Defining a scope will be available in later JFrog Platform releases, as part of the Projects functionality.
    • The View Watches permission is deprecated. To view watches, enable the Manage Watches permission option for users/groups.

REST API Changes

The JFrog Platform release introduces a new unified way to access all JFrog services, with the exception of Artifactory, using a single server_url and port, using the following format:

<JFrog Base URL>:<Router Port>/<Service Context>/api/<Version>

JFrog Artifactory will continue to work as before, 

<JFrog Base URL>:<Artifactory Port>/artifactory/api/

The REST API documentation for all JFrog products has been updated to use the new shared base url.

Note: For backward compatibility, each JFrog product will continue to have its own server_url and port.

The following table summarizes the list of changes from previous JFrog products versions to the JFrog Platform.

JFrog Product

Deprecated

NewUpdated
Artifactory



Xray
                                                                                                                                                                                                                                                                                                                                                                               
Distribution