What software assets does your organization use? What sounds like a simple question is anything but. If we include every package and dependency that ends up in the code we produce then for most development teams the truthful answer is ‘we don’t know’. As we’ve said enough times already, that really isn’t good enough anymore. And that’s one of the core motivations behind Cloudsmith.

At this year’s swamUP 2020 conference, we were fortunate to have several customers who showcased their skillful use of our products for achieving ambitious goals. One such session presentation was delivered by Navin Ramineni, Director of Infrastructure Engineering at Salesforce.

Most modern software today has moved aggressively into using third-party open source dependencies to reduce duplication and accelerate development by using pre-existing code.

Platform operators, you continue to amaze us. You’ve embraced DevOps and site reliability engineering. You’ve applied these philosophies to your daily work. And you’ve used Concourse CI (the “continuous thing-doer”) to address all manner of operational workflows. When we created the project in 2016, we couldn’t have imagined all the ways you’d use Concourse to deliver fantastic stability and scalability outcomes to your stakeholders.

Developers are building and deploying to production with greater frequency. Elite organizations are deploying to production multiple times per day. All the while we continue to distribute our applications even wider with the adoption of micro-services, and global deployments. This consistent churn and increasing code complexity create the perfect storm that makes finding problems even harder. How do you know the changes just committed actually deployed? How do you know the changes worked?

Long release cycles are no longer viable in the world of software development. The promise of DevOps has been to materially shrink time to value. Like most meaningful transitions, this one hasn’t always been a simple flip of a switch. For many organizations, development teams have become complex and unwieldy. So, the custodians of DevOps have found it difficult to achieve broader adoption of DevOps principles across engineering teams.

In the annual roadmap keynote of our SwampUP 2020 conference, JFrog CTO and co-founder Yoav Landman, CPO Dror Bereznitsky and VP of Engineering Avi Cavale delivered a landmark message: If you’re not focused on binaries and distributing them to the edge, you’re risking the future of your business. Under the theme DevOps, Fast Forward, JFrog’s annual user conference showcased how the impact of the global pandemic has accelerated companies’ digital transformation plans.

At Cloudsmith, you will often hear us refer to our mantra of “Automate Everything”. It a quest that we never deviate from, and we believe that anything that can be automated, should be automated. With that in mind, we would like to show you how simple it is to integrate a Cloudsmith repository with your Buildkite pipeline, and automate the pushing of your build artifacts into your own private repository for further CI/CD steps or even as a source for your global distribution needs.

DevOps teams rely on Artifactory as the bread and butter tool of universal binary repo managers, but observing its operations can be challenging. With multiple high availability nodes and unification with Xray as the JFrog DevOps Platform, that operations data is spread out across logs for each service in the JFrog Platform deployment. Operations teams need a view into valuable data insights that can only be gained through real time data mining and observation of the platform.

One reason for building a ‘single source of truth’ for software assets is that it gives the organization control over who can use what when. The ‘wild West’ of public repositories gives no control at all and can lead to a situation in which packages and dependencies of dubious provenance are integrated into builds without a second thought. Within the Cloudsmith world, we want to have the maximum security and control possible.