Maven Repository tools Comparison


There are several maven repository tools available but biggest players are Artifactory and Nexus (sonatype). 
I am taking these 2 repository provider tools for comparison.
Artifactory and Nexus

Summary

Main purpose of this document is to compare the 2 maven repository providers (Tools).
  • Artifactory
  • Nexus (Sonatype)
I am trying to review both repo managers. This is on basis of few points like features, cost, support etc.

Objective

Currently both of them offer free version of  maven repo managers. This has limited features and only fulfills basic need for maven repository.
I am taking this as need and want to expand our repository serving feature to extend the Release-mgmt capabilities to meet the large development and ops movement along with additional features.

Release management objective is to make sure that “whatever goes to production should be traced back and reproducible with standard predefined configuration”. There are many vulnerable holes where something goes into production cannot be identified with its source. These maven repo managers solve this issue.

Analysis

  • Features
Artifact licensing verification-> License verification is available in both the tools. 
Tight integration with CI system -> Artifactory has tight integration with Jenkins and each artifact can be easily traced back to Jenkins job. Build information will be available with artifact stored in repository. Nexus also have same sort of mechanism using nexus-metadata-plugin, This Jenkins Plugin adds additional metadata to artifacts that are deployed to Nexus repository, But this is only available via jenkins for nexus Pro, Not available for free version of nexus.
Integrated support for all types of repos -> Artifactory provides support for many other types of repositories under one umbrella. It supports multiple repository type like Maven, Docker, Pypi, debian, yum, ruby, npm etc., Current version of Sonatype nexus lags the complete feature (I think Nexus started supporting docker repo with latest version).
Mirroring of external Repos -> Both tools have similar features to mirror the repository  from external world and cached in locally for the internal use and for auditing purpose. Artifactory extend this feature for other types of repos like debian, yum etc.
  • Cost
Nexus and artifactory both provides free and paid supported version with pro features.
Direct Cost -> Nexus charge per seat basis which makes is costly as we grow the number of users, Artifactory charges for software tool in one shot instead of per user which make it cheap for more users.
Indirect cost -> You can merge all types of repository being used in company under one umbrella which will reduce unnecessary pain and resource of managing them separately.


  • API Support
Artifactory and nexus both provide Rest API support in detail to fetch the information from repository. Jenkins is using API to upload the artifact to nexus maven repo. Same features are available with artifactory to upload artifact via API.

  • Data Store (flat files or DB).
Artifactory provide option to store data in flat file or data base, It stores metadata in database. Though it may store data in flat file system but not exactly in readable format. Whereas nexus stored complete data in flat file which you can copy as it is. I like this feature of nexus. However you can still recover flatfiles in human readable format from backup directory in artifactory. 
Flat file storage makes easy to move/migrate data without any external tool.

Adoption

Adoption strategy would depend on various facts such as
  • Existing tool
  • Changes needed in various places
  • Educating users
  • Usage and need of repos
  • CI systems

Popular posts from this blog

Manage Docker images on local disk

Gradle or Maven - A Dilemma

Setup Docker slaves for Jenkins