TrustRadius Insights for JFrog Artifactory are summaries of user sentiment data from TrustRadius reviews and, when necessary, third party data sources.
Business Problems Solved
JFrog Artifactory has become a go-to solution for many enterprises looking for a comprehensive binary repository. Users have successfully utilized this product to store a wide range of artifacts, including application artifacts, Docker images, NPM, Maven, and Python packages. With its integration into Azure DevOps CI/CD pipelines, developers are able to seamlessly scan and retrieve Docker images from the artifact registry before deploying them to Kubernetes clusters. This integration has not only streamlined the deployment process but also added an extra layer of security by performing necessary scans.
One of the primary advantages of JFrog Artifactory is its ability to easily integrate with existing technology stacks. Development teams have praised the product for providing consistency in their CI/CD processes and eliminating the complexity that arises when working with different software package management systems. For software engineering teams, JFrog Artifactory has proven to be invaluable in solving artifactory caching and security scan problems. It ensures that dependencies are managed efficiently while also ensuring compliance with license/privacy requirements and maintaining robust security.
In addition to its versatility in storing various types of artifacts, JFrog Artifactory is capable of organizing them effectively. Users have found sophisticated categorization options within the product to keep their artifacts well-organized. The product has not only been used for development purposes but also for production deployments. Its robust pipeline augmentation process includes checks for known vulnerabilities before releasing builds, providing an additional layer of assurance.
Overall, JFrog Artifactory serves as a trusted private artifact registry that effectively manages and stores application packages, component dependencies, application libraries, Docker containers and images, as well as Helm charts. The positive experiences shared by users highlight its value in streamlining development processes, ensuring compliance and security, and providing a reliable repository for enterprise-wide artifacts.
Manages all of our dependencies for all of of our cloud applications. Used for dev, test and production build pipelines.
Pros
Very reliable
One central place for all artifacts
Scales up well
Cons
The User UI could be a bit nicer.
Likelihood to Recommend
The only real option when building large production grade applications. Scales extremely well and has the enterprise grade features that are needed. Features such as security are a must in a large enterprise grade application, JFrog Artifactory delivers here really well.
It is one of the excellent repositories that allow integration with Docker and CLI and can be coupled with repositories like Maven, Yum, etc. This allows streamlined collaboration within the team or across teams, which helps faster deployment.
Pros
Range of repository type support
Pluggables with XRay which allow scanning with 3rd Party
Integration with CI/CD tool is easy
Cons
Performance is an issue when a large number of artifacts exist.
There is less documentation compared to API artifact support.
It needs a search of jar files in the repository.
Likelihood to Recommend
The main advantage or upper hand of this tool (Artifactory) is to avoid when work teams use different repositories, with different versions or different sources, centralizing in a single site and in a single storage space with all the dependencies of a project and its management during the development cycles, even in distributed development environments. This can be integrated with any development tool.
We are improving container security with artifacts and enabling deployments on AWS. For production deployments with a pipeline augmentation process and check for any known vulnerabilities when releasing the build. We'll use managed docker pipelines to integrate with pipelines to get the benefits of automatically updating new repository models, pushing container images, and extracting artifacts.
Pros
Artifact solves the problem of internal packages when there are new dependencies.
Package managers like pip for python yarn/npm have become toolkits for mainstream developers.
It can be configured as the main and mirror repository source for public packages.
Cons
If the website you're trying to access doesn't require authentication, you'll need to whitelist it, which can create performance issues.
Likelihood to Recommend
It works at scale and a large number of accessible pipelines for searching, repository updates and indexing will become easier. JFrog provides end-to-end solutions for all DevOps needs. With this, Jfrog Artifactory specifically implements the management of highly available repositories, with a smooth interface and integration with all the main CI tools on the market.
VU
Verified User
Analyst in Information Technology (11-50 employees)
JFrog Artifactory has been used in my organization primarily as private artifact registry to manage and store application packages, component dependencies, application libraries, Docker containers and images, and Helm charts. As a business usecase, the product has been integrated in our Azure Devops CI/CD pipeline which means the docker images are scanned and pulled in from the artifact registry before the images gets eventually deployed from the release pipeline to our Kubernetes cluster, in our case its Openshift. The product can easily integrate with our existing technology stack and thereby overcome the complexity of working with different software package management systems, and hence provides consistency to our Cl/CD process.
Pros
Artifactory Management acting as a repository manager of docker images, application and component dependencies
Automate pipelines and thereby releasing changes faster
Supports high availability and scalability with multi site replication
Cons
Product support can be improved so that the problem ticket can be addressed quickly
Enterprise version is bit costly
Retrieving images from artifactory registry sometimes result in a cached image which enforce our CI pipeline to rebuild the entire image for the latest changes to reflect
Likelihood to Recommend
It is very well suited to store your docker images in a private artifact registry. It can also be used to integrate seamlessly with your existing Devops Pipelines. If the requirement is to use public repo , then this product may not be effective. Similarly, if there is budget constraint , then using the enterprise license might be bit expensive compared to other products in market.
VU
Verified User
Manager in Information Technology (10,001+ employees)
We used JFrog Artifactory as a binary repository. There are packages that we built for customers that need a private repository to store. Moreover, since we have a wide range of projects with various technologies, our packages are quite diverse in nature. From simple jar files, npm packages, and docker images to even some zip archives. JFrog Artifactory could store all of them with sophisticated categories to keep them organized and & have excellent integration with CI/CD pipelines to make sure the built packages are ready to be deployed.
Pros
Binary repository.
Categories to keep things organized.
Support packages of all types.
Integrate well with CI/CD pipelines.
Cons
Setting up credentials.
Setting up protected/restricted repositories.
Secret rotation.
Likelihood to Recommend
If you need a private repository for your diverse types of packages, then JFrog Artifactory suits you well. Things are well organized with a user-friendly GUI. API support is good enough to integrate with CI/CD pipelines, making the whole process from building the code to deploying artifacts to environments a breeze. Protected/restricted repositories are supported as well, with simple access control.
JFrog Artifactory is being used as the single binary repository for our entire enterprise. We store everything from application artifacts to Docker images to NPM, Maven, and Python packages as dependencies in [JFrog] Artifactory. It's a mission-critical component of our CICD pipelines.
Pros
Stores and Manages build artifacts and packages.
Works as container registry as well.
Easily manages local and remote repositories along with live replication.
Cons
JFrog Artifactory X-Ray isn't mature enough.
There should be some built-in backup and restore features.
Support responsiveness needs to be improved it takes days to get response.
OSS version has very basic features and enterprise one is costly.
Likelihood to Recommend
In terms of hosting packages, artifact repositories, and container registries it's great. But artifact scanning is not up to mark and this feature comes with extra cost.
JFrog Artifactory is being used as the single binary repository for our entire enterprise. We store everything from application binaries to Docker images to Chef cookbooks in [JFrog] Artifactory. It's a mission-critical component of our CICD pipelines.
Pros
The core Artifactory offering is very reliable
Their customer support is outstanding
They put on an excellent conference each year with SwampUp.
They support a highly available architecture to deploy ARtifactory in the public cloud in a resilient manner.
Cons
We can always use support for more different types of packages in Artifactory.
We also would like to see the Artifactory X-Ray produce continue to mature.
Likelihood to Recommend
[JFrog] Artifactory is the gold standard in binary repositories in the tech industry. You can either run a hosted version of [JFrog] Artifactory or leverage their managed SaaS offering. You'll pay a bit more for the SaaS offering but have less overhead to manage than running the hosted version yourself.
VU
Verified User
Engineer in Information Technology (10,001+ employees)
It's used by our software engineering development teams across our IT organization. It solves our artifactory caching, security scan problem. This way, we can confidently build software and apps in which the dependencies are managed and tracked, and also checked for license/privacy compliance, as well as security.
Pros
Handles both Java and Javascript artifactory/dependency.
Support Java very well with some built in features.
Uses relational databases (a well-known technology) to store artifacts, lower barriers to entry.
Preferment
Cons
CI/CD integration. We understood they do have a pipeline, so our organization already started with Jenkins, and my understanding is that not many orgs are using the JFrog pipeline.
Likelihood to Recommend
When an org decides to select an artifactory or repository, JFrog should be high on the list, along with other competitors such as Nexus, to a lesser extent, GitHub and GitLab
