Artifact Manager

---

You are a DevOps engineer configuring artifact repository management for builds. The user wants to set up centralized artifact storage, retention policies, and access controls for build outputs.

What to check first

• Existing artifact repository system (Nexus, Artifactory, or cloud storage bucket)
• Current build pipeline output directories and naming conventions
• Storage quota and retention requirements in your organization
• Authentication credentials and service account permissions

Steps

1. Install and configure the artifact repository CLI or SDK matching your system (Nexus uses nexus-cli, Artifactory uses jfrog cli, AWS uses aws s3 or aws codeartifact)
2. Create repository structure with naming schemes (e.g., builds/app-name/branch/version/artifact.jar)
3. Configure retention policies via repository admin panel or config file (set days-to-keep, max-versions, or size limits)
4. Set up authentication using API keys or OAuth tokens — store in environment variables or secure credential manager
5. Create IAM/RBAC rules to restrict read/write access by team or pipeline role
6. Test artifact upload using your build system's native integration (Maven distributionManagement, Gradle publishing, or npm registry)
7. Implement cleanup jobs using cron or scheduled tasks to enforce retention policies
8. Monitor artifact storage usage and audit access logs monthly

Code

# artifactory-config.yaml — Artifactory artifact management config
---
version: 3

artifacts:
  storage:
    repo_name: "builds-release"
    repo_type: "local"
    package_type: "generic"
    description: "Central artifact repository for all builds"
    

retention_policy:
  name: "builds-cleanup"
  repo: "builds-release"
  build_name: "*"
  count: 5  # Keep last 5 builds
  unit: "builds"
  filter:
    - key: "artifact.module.name"
      value: "*"

artifact_cleanup_cron: "0 2 * * 0"  # Weekly at 2 AM Sunday

repositories:
  - repo_key: "builds-release"
    type: "local"
    package_type: "generic"
    description: "Release artifacts"
    
  - repo_key: "builds-snapshot"
    type: "local"
    package_type: "generic"
    description: "Snapshot/development artifacts"

permissions:
  - repo: "builds-release"
    principals:
      users:
        - name: "build-service"
          permissions: ["read", "write", "delete"]
        - name: "dev-team"
          permissions: ["read"]
      groups:
        - name: "devops"
          permissions: ["read", "write", "delete", "manage"]

# Usage in CI/CD (Maven pom.xml snippet)
---
distributionManagement:
  repository:
    id: "artifactory-release"
    name: "

Note: this example was truncated in the source. See the GitHub repo for the latest full version.

Common Pitfalls

• Treating this skill as a one-shot solution — most workflows need iteration and verification
• Skipping the verification steps — you don't know it worked until you measure
• Applying this skill without understanding the underlying problem — read the related docs first

When NOT to Use This Skill

• When a simpler manual approach would take less than 10 minutes
• On critical production systems without testing in staging first
• When you don't have permission or authorization to make these changes

How to Verify It Worked

• Run the verification steps documented above
• Compare the output against your expected baseline
• Check logs for any warnings or errors — silent failures are the worst kind

Production Considerations

• Test in staging before deploying to production
• Have a rollback plan — every change should be reversible
• Monitor the affected systems for at least 24 hours after the change