Uploaded image for project: 'Artifactory Binary Repository'
  1. Artifactory Binary Repository
  2. RTFACT-5383

Save search results not finding all dependencies

    XMLWordPrintable

    Details

    • Severity:
      Medium

      Description

      At our company we have to avoid that projects can download any dependencies they want.
      To solve this my setup I have setup Artifactory into 2 zones (JFrog recommendation)
      One zone where an admin are allowed to download remote artifacts and the other zone where projects can use project blessed artifacts.

      1 - I start to build the maven project from an "admin" jenkins,
      Artifactory downloads all remote dependencies and I manually upload "Inhouse" and "3rd party" company dependencies into artifactory.
      This step is working smooth.
      2 - I create project specific account and repositories (Project-A-Snapshot, Project-A-Release, Project-A-Blessed)
      3 - Now I want to track all dependencies from step 1
      I build from my admin Jenkins and publish the artifacts to Artifactory (use the Jenkins Artifactory Plugin)
      In Artifactory I can find the build and use the Artifactory Pro feature "Save to Search Results"
      From the search result I can now copy all (almost) dependencies to the "Project-A-Blessed" repository.
      4 - Now I want to validate that the project uses can build the project, which is only allowed to fetch remote artifacts from the Project-A-Blessed repository.
      The build fails and I have to manually copy many meta information files to the blessed repo. In this case see the example with slf-parent-1.5.8.pom. This have to be repeated many times until all dpendencies are found.

      I would really see that Artifactory could find all dependencies when using the search feature

      Sometimes I feel that this setup is overcomplex and we should really allow everyone to download whatever internet artifact they need, and then only focus on the type of licences the different projects are using. I have hard time to convince people that this would probably be the best appoach for all involved roles, developers, administrators, legal licence staff.

      BR Jyrg

        Attachments

          Activity

              People

              Assignee:
              Unassigned
              Reporter:
              jyrg71 Jyrg (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Sync Status

                  Connection: RTFACT Sync
                  RTMID-5383 -
                  SYNCHRONIZED
                  • Last Sync Date: