New support structure helps developers complete their cloud Kubernetes registry.

This week, JFrog announced native support for Terraform files, allowing users to maintain consistent workflows and processes across multiple cloud platforms. Terraform comes as an Infrastructure-as-Code (IaC) technology, which manages an application’s technology infrastructure as code via Terraform files. 

Due to the new Artifactory support for Terraform, developers are enabled to manage IaC configurations with existing DevOps processes in order to manage shared binaries. 

Ben Ifrach, a Product Manager at JFrog’s Artifactory team, detailed the new features in a blog post. “When developing container-based services that will be orchestrated by Kubernetes, Terraform is an essential part of your artifact ecosystem,” he explains. “These infrastructure-as-code configuration files help automate the provisioning and maintenance of the cloud environments where your K8s applications will run.”

“That’s why it’s great news that you can now store your Terraform modules, providers, and remote state files in Artifactory as a part of your software supply chain,” he adds. Keeping these IaC files in JFrog-powered repositories alongside those for Docker images and Helm charts puts Artifactory to use as a comprehensive Kubernetes registry. The result is a” traceable path for all your cloud native apps that are delivered through your secure circle of trust.”

Adding Terraform modules to the “circle of trust”

Terraform is a widely used open source infrastructure-as-code software tool to manage the entire lifecycle of cloud service infrastructure. By codifying cloud APIs into declarative configuration files, Terraform enables a uniform way to provision, adjust, and tear down infrastructure in a cloud provider, across many instances.

“By keeping your Terraform modules and providers in Artifactory registries, they become part of your software supply chain’s secure circle of trust,” Ifrach says. They remain protected through the JFrog Platform’s authenticated access, checksum verification, and fine-grained permissions management.

“You can better associate those Terraform assets with the immutable builds and other artifacts they are meant for,” he continues.

“Co-locating your Terraform modules, providers, and Helm Charts with your Docker images, you can more easily manage them through all promotion stages of your SDLC from development to testing and production.”

Also read: Vulnerability in Apache Cassandra opens door for remote code execution.