10 reasons why you should use artifact repository manager
Are you in the decision making process of whether or not to use binary repository for your project or are you trying to understand how it will benefit your project?
Either way, let us begin to deep dive to understand the usability of binary repos.
What are Artifact Repositories?
In a typical CI CD pipeline we will typically have a lot of builds created on a regular basis. The artifact repo is required to store all the builds at a common location.
Apart from storing project artifacts, artifact repos can also maintain a proxy or remote repository for all project API inputs. The third party APIs can be cached in this repo. Hence this repo can serve as a single point for all remote APIs. In addition, most artifact repos can also host any in-house APIs which are required as inputs to your project.
The leading repo managers support most of the programming or scripting languages being used nowdays.
The leading artifact repository managers like nexus and artifactory can maintain following different repo types:
- Proxy or remote repos to store artifacts fetched from third party repos
- Local or hosted repos to store project and other inhouse artifacts
- Group or virtual repos to group different repo types into a single virtual repo for all project needs. For example, proxy and local repos required for a project can be grouped under one virtual or group repository for simplicity.
Difference between Artifact Repository and Source Control
In order to understand advantages of using artifact repos, we should first understand the difference between source control and binary repositories.
Binary repository manager as the name implies, manages your product artifacts other than your source code. This would mainly include the Project dependency artifacts, Packages, Build files and other project artifacts.
In the early days, before the binary repo managers had gained traction, many software developers used to store their binaries in the source control, commonly known as version control.
The point to note here is that binary artifacts are neither a source code nor a new version of same artifact is being produced. Even though we tend to version the binaries for better traceability, it is an entirely new artifact unlike source code where few changes lead to a new version, which is built on top of previous one and can be moved back once the top layer of changes are removed.
Advantages of using Binary Artifact Repository
We have seen what are artifact repositories and how they work, now let us check out why we should use artifact repositories within our project/ program.
Common location for all binaries
Binary repository manager helps in organizing the projects where development as well as production artifacts can be found in one place with all the relevant details. This could be even more beneficial for large programs running multiple applications.
Group Repos
Most leading artifact repositories available today have the option to combine different repo types into a single group repo so that the application or the project under development has all its third party and internal dependencies catered to from a single repo.
Traceability
Artifacts can easily be traced to the functionality based on the meta data provided for the artifacts.
Similarly, production releases can be easily traced back to the artifacts. So that if any issue occurs, the build can be easily deployed on test environment to reproduce and fix the issue.
Authentication and Authorization
Most leading artifact repositories come with an inbuilt functionality for user authentication and mapping with company LDAP for Single sign on. This can lead to better traceability of the artifacts. You can also control access to the repos for the users. This feature is usually available in the paid version.
Brings dev and ops teams together
The common location for all artifacts provides visibility into the status of the artifacts to development and operations team members.
Third party artifacts
One very important aspect that repo managers maintain is a proxy repository for all the third party artifacts. The artifact repos have the ability to cache the third party APIs. The artifact will be downloaded by the artifact repository the first time it is required by a project and will then be stored in the cache. The project teams will use this cached artifact from here on.
Availability of cached artifacts
As mentioned above, the third party artifacts get stored in artifact repository’s cache. This also implies that the artifacts will be available for as long as the team wants to retain them. They will be available even when the artifact at the remote location gets removed.
Reproduce Issues quickly
Having a repo for all third party artifacts will reduce the number of issues related to third party artifacts as these artifacts will have already been tested in test and staging environments before moving to production. As there will be consistency in the artifacts used, there will be a reduction in the so-called system specific issues. The API usage can be also be monitored from the repo for any discrepancy by the architect team members.
Licensing
The licensing team will be able to monitor and audit the third party artifacts to ensure that any third party artifacts used have licensing which complies with company policy in order to avoid costly litigation at a later stage.
Security and Compliance
Last but not the least, binary repos can facilitate security compliance for both internal as well as third party artifacts. As there is a single location for all artifacts which have access across the company firewall, the process of security audits and monitoring of artifacts becomes simpler.
