On this page
JFrog Pipelines, through acquisition of Shippable, is a functional CI-CD product. JFrog Pipelines attempts to make it simpler to do CI-CD by building ‘Native Steps’. This is akin to a prebuilt component or step in the CI-CD process that can be described in Yaml, thereby hiding all the low level complexity from the user. Some examples of Native Steps are Docker Build, Docker Push, NPM Build, NPM Publish, and XrayScan. JFrog Pipelines has several strengths and weaknesses. The main impact of its weaknesses are longer build times and lower collaboration.
JFrog Pipelines Strengths
- Tight integration with Artifactory.
- Ability to mix and match Native Steps with Custom Code - which reduces out of the box effort but provides flexibility to customize.
- Well architected with core concepts of Steps (Native & Custom), Resources, Pipelines which can all be reused.
JFrog Pipelines Gaps
- Lacks enterprise grade features such as AutoDevOps - ability to recognize the code and pre-build a pipeline.
- No concept of a Merge Request or a container like object that enables multiple developers to easily collaborate.
- Cannot self-optimize builds and pipelines when a queue of submissions are made.
- Lack of tight integration with testing - i.e. there is no native step that drives tests.
- Lack of scalability of testing during the build process through innovative use of parent-child pipelines that can run in parallel.
Similarities between JFrog Pipelines and Gitlab
||Pipelines use YAML Syntax
||Can daisy chain steps and reuse steps in multiple different contexts. Native or out of box steps are atomic.
||Scales horizontally. As it grows u can add nodes into your system. Scales horizontally to support 1000s of apps. One tool for all OSs, elastic build nodes.
|Integrates within their suite
||The recent JFrog Platform product is well integrated. Pipelines integrates with Artifactory and Xray.
GitLab Capabilities missing in JFrog Pipelines
||Merge Requests are an organizing entity that capture facilitate all notes, actions and activity needed to drive change. It also developers collaborate around changes. This capability is missing in JFrog Pipelines, forcing customers to rely on third party products to bridge this gap.
||Merge Trains enable users to schedule, manage and optimize builds. This feature is very useful when many distributed developers contribute code to the same project.
||AutoDevOps recognizes the source code language and automatically sets up the pipelines necessary to build and deploy. This saves time to build and maintain pipelines. Smart capability such as this is missing in JFrog Pipelines.
|Parent child pipelines
||Parent-Child pipelines capability enables multiple parallel builds. These builds are self orchestrated and enables several capabilities such as - parallelizing testing, building and testing a matrix of conditions etc. JFrog is missing this critical capability.
||Review Apps allow developers to quickly review the changes and approve. This prevents need for traditionally expensive dev-test cycles. Furthremore, it also enables distributed teams to review changes and take action. This capability is provided as a standard part of GitLab’s CI-CD solution. JFrog does not support Review Apps. Customers need additional software and infrastructure when using JFrog.
||Feature Flags allow various deployment models such as Blue-Green deployments to test changes against a small sub-set of customers before making it widely available. This capability is missing in JFrog and requires purchase of additional third party software licenses.
|Developer productivity features
||Developer Productivity is a key driver for DevOps adoption. GitLab increases developer productivity through features such as kicking off builds via comments in Merge Requests. These capabilities are currently missing in JFrog.
|Integration to Testing and Security
||GitLab’s integration to Security software and testing is seamless. JFrog has integrated separate products into a single platform. The user experience is not as seamless as in GitLab.