Knowledge Base

A collection of knowledge related to software development, binary repositories, artifacts and more.

Artifacts

With all the terms like ‘artifact’, ‘library’, ‘repository’, and other technical terms, it can sometimes be difficult to understand exactly what an artifact repository like CloudRepo is and what benefits it can provide.

This page attempts to provide some background information to those just becoming familiar with artifact repositories.

What is an Artifact?

The term artifact is a very broad term and can apply to almost any type of file used in the development, building, or execution of a software application.

The most common types of artifacts are:

  • Software Libraries
    • Dependencies and their dependencies (also known as transitive dependencies)
  • Source Code and Documentation Archives
  • Machine Learning Models

When you build a software application, you’ll typically bring in many artifacts with existing functionality so that you can reuse previously written code.

What is an Artifact Repository?

An artifact repository provides a centralized storage and retrieval API for developers to publish and retrieve the artifacts they need to build their code.

Typically, a software development team will share a single artifact repository so that the entire team can go to a single shared place for their artifacts.

Who uses Artifact Repositories?

Software development teams are the largest user of artifact repositories. As the complexity of software applications has increased, so has the number of dependencies required to build each application.

Whether the software development team is commercial, non-profit, or open source, artifact repositories are widely used for teams to collaborate and share common code via artifacts.

What are the benefits of an artifact repository?

Perhaps the best way to illustrate the benefits of an artifact repository is to look back to the days before repositories were in wide spread usage:

Before artifact repositories, when you wanted to include a library into your program you would have to download it from somewhere on the internet and then include it in your compile or runtime path.

For a single library this didn’t seem too bad but what would happen if the library we included also required another set of libraries? And if those libraries required others? Well, you could quickly find yourself trying to manage dozens of dependencies just because you needed one function from that first library.

Tools like Maven were introduced to handle all of this complexity and pull in your entire tree of dependencies. In order to pull in dependencies Maven had to know where to pull them in from. Without artifact repositories, Maven would not have a place to pull artifacts from.

What are the traditional artifact repositories?

Traditional artifact repositories are software applications which you would host on your own internal hardware.

Available in open source and commercial offerings, these repositories would typically run on a single set of hardware and would serve an entire organization’s needs.

What are the downsides of a traditional artifact repository?

Artifact repositories can increase your operational costs in three ways:

  1. Licensing Costs
    • Annual license fees for artifact repository licenses can be quite expensive and must be paid every year.
    • Open source alternatives do exist but they lack support and certain enterprise level features such as high availability.
  2. Hardware Costs
    • After you’ve purchased a license, you’ll still need to install and setup the hardware to host the artifact repository.
  3. Operational costs
    • A system administrator or similarly skilled developer is required to setup, maintain, and upgrade your artifact repository.

Additionally, traditional artifact repositories could increase your risk caused by hardware failure. Many hardware teams have experienced the pain of having their internal artifact repository crash causing them to lose months, if not years, of artifacts.

If the source code has been maintained in version control and properly tagged, it is possible to rebuild from source. However, this can be very costly and time consuming and could cost your development team several days of downtime while they await recovery.