JFrog Overview

JFrog has transitioned from an artifact repository to a DevOps Platform that includes CI and CD capabilities through its acquisition of Shippable in Feb 2019. Recently in March 2020, JFrog announced the launch of its DevOps platform called ‘JFrog Platform’, a pre-integrated solution with a common UI across JFrog Pipelines, JFrog X-Ray and JFrog Source Composition Analysis products. This solution is backed by a common meta data model that facilitates information integration between these separate product. In addition to three primary products JFrog Artifactory, JFrog Pipelines and JFrog Xray, JFrog also provides other products such as JFrog Distribution, JFrog Mission Control and JFrog Container Registry.

JFrog Artifactory is a tool designed to store the binary output of the build process for use in distribution and deployment. Artifactory provides support for a number of package formats. JFrog Artifactory provides a single source of truth for build artifacts and works with JFrog Distribution to efficiently distribute large artifacts across the enterprise.

JFrog Pipelines is a CI-CD product that works well with its Artifactory repository. JFrog pipelines works through a combination of native steps (a set of higher order steps built on bash) and resources (inputs into or outputs from native steps, can be any type such as a build, integration etc.). JFrog pipelines is a functional CI-CD product, though it lacks several capabilities typically foudn in enterprise class products.

JFrog Xray is the security product that can be built-into various steps within a JFrog pipeline. Xray supports detecting security vulnerabilities in all dependent code and also provides license compliance capabilities.