The value of externalizing configuration into git

[aegershman]

Apologies, I doubt this is the right place to put this?

For me, the biggest pain point of Nexus is management.

• If a user wants something done, they have to log an issue, an admin has to coax more info from them, the admin has to login as a superuser, make changes, document them, and then the user has to validate everything works as expected.
• There's a lot of issue-management & doc involved, there's little traceability, it's hard to review admin's work, and it's hard for users to validate exactly what an admin did / what the state of the world is.

I'm not currently an artifactory user, but I'm interested. I'm especially interested in this page about yml configuration files to manage artifactory.

If this yml config can be stored in git and made accessible to teams to see on github, that would be a major operational and security victory for us. I want to enable development teams to fork the configuration repository and submit PRs with the changes they want. Then an admin can review + merge the changes into master, a ci/cd process could apply the config to artifactory. This provides consistency, a review process, transparency to the state of the world, and significantly reduced ticketing.

If this is true, and the entire state of artifactory can be managed via yml, and the yml is safe to check into git (which it should be), then that's a massive deal that could be hyped up and sold.

If it's not true, and I'm misunderstanding what the "yaml configuration file" is for, then please consider doing everything I just described above 😉

Thanks for your time and consideration

[retgits]

Hi @aegershman, if you have any questions on our tech I think there is no wrong place to ask 😉

Your understanding is indeed correct. The snippets that are listed on the YAML Configuration File page can be used to configure JFrog Artifactory. For example the below snippet would create a new local repository with a generic layout:

localRepositories:
  retgits-repo:
    type: generic
    description: "Awesome Repo for Leon's stuff"
    repoLayout: simple-default
    xray:
      enabled: false
    handleReleases: true

You could most certainly store these in any version control system and have people contribute to the repository if they require a change (I really like your idea of using a Git repo to store these to also keep track of comments) and use any CI/CD tool to execute the configuration changes. In fact, I just tried it with GitHub Actions.

Feel free to add/ask questions in this "issue" on GitHub or close it if the answer helps you move forward 😄

If you haven't done so, you can sign up for a trial on try.jfrog.com, which will spin up an environment in the cloud so you can test a few config scripts before rolling this out at your company.