4 Outcomes of an Advanced Repo Manager Strategy


Published on

Each individual component often relies on dozens to hundreds of other components. Even mid-sized organizations consume tens of thousands of components per month. Your developers waste time downloading a massive library of dependencies from the internet. With a repository your organization can reduce build times, improve collaboration, enhance control, and more.

To learn more about the benefits of a repository manager visit http://www.sonatype.com/nexus/why-nexus/why-use-a-repo-manager

Published in: Technology
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Pleasantries…We are here to discuss the ecosystem of modern software development and the opportunities to transform the historical conflict between developing feature-rich applications quickly for operational benefit, and the increasing need for applications to be developed methodically, securely, in ways that reduce organizational risk.
  • Now, approximately 90% of modern software is comprised of binary components.In a recent survey, 86% of the more than 3,500 respondents said that at least 80% of their projects were open source components.The evolution from the days when software was written to modern software, which is primarily assembled from components has been TRANSFORMATIVE in terms of productivity.Reduced project delivery risk.Extremely sophisticated applications, even with moderately skilled development teams.Radically improved time to delivery.But… with all of this transformative goodness…
  • This reality is compounded by the ecosystem itself.Each individual component often relies on dozens to hundreds of other componentsMillions of moving partsEven mid-sized organizations consume tens of thousands of components per monthAnd on average these components are being updated four times per year.
  • Developers Waste Time downloading a massive library of dependencies from the internet. Source Control System is Clogged with binary files since it becomes the ad-hoc repository.Continuous Integration is Slowed & can be impacted by internet availability.Production Deployments Require Entire Build to Run which wastes time & could mean extra testing or deploying something that hasn’t been tested.Sharing Requires Granting Access to SCM or some other mechanism needs to be created to share files internally and externally.
  • 4 Outcomes of an Advanced Repo Manager Strategy

    1. 1. The Component Lifecycle Management Company 4 Outcomes of an Advanced Repo Manager Strategy What a Repository Can Do for You Go Fast. Be Secure. The Webinar will start at 12 PM EDT Tweet your thoughts: #sonatype
    2. 2. The Component Lifecycle Management Company - 1,000 2,000 3,000 4,000 5,000 6,000 7,000 8,000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 RequestsinMillions 8 Billion Requests in 2012 Growth Drivers Mobile Cloud Web Apps Big Data The Component Revolution #sonatype
    3. 3. The Component Lifecycle Management Company 90%Assembled A Sea Change in Application Development Written Source: 2012 / 2013 Sonatype analysis of more than 1,000 enterprise applications #sonatype
    4. 4. The Component Lifecycle Management Company A Highly Complex Ecosystem Complexity Diversity Volume Change One component may rely on 00s of others 40,000 Projects 200MM Classes 400K Components Typical Enterprise Consumes 000s of Components Monthly Typical Component is Updated 4X per Year #sonatype
    5. 5. The Component Lifecycle Management Company The Need for Repository Management Why Use a Repository? Reduce Build Times by proxying cloud repositories and caching components locally. Improve Collaboration by providing a central location to store, manage, and share common components used across developers and teams. Enhance Control by providing a mechanism to observe, manage, and govern component usage. #sonatype
    6. 6. The Component Lifecycle Management Company Nexus Professional & Nexus Pro CLM Edition Go Beyond Basic Repository Management Deliver on time with smart proxy to ensure your repos are always available and your teams are in sync. Meet quality standards with automated control of release management staging and promotion. Make intelligent decisions by validating the health of the components in your repository. Protect your assets with access control and secure connectivity to the Central Repository. #sonatype Nexus Pro: the foundation for complete Component Lifecycle Management
    7. 7. The Component Lifecycle Management Company Exclusive Pro Features: Smart Proxy Reduce build times, improve availability and keep teams in sync with Nexus Smart Proxy. #sonatype
    8. 8. The Component Lifecycle Management Company Smart Proxy & Component Storage Options Speed Development Efforts Faster build times since all components & dependencies are available locally. Better reliability since you are not dependent on public internet and external network access. Constant availability eliminates unplanned downtime using Nexus HA configuration option. Free your source control system of components & their dependencies (they don’t need to be version controlled). Facilitate collaboration & sharing for internal and external teams. Simplify access to components using a single virtual location where developers access their components. #sonatype
    9. 9. The Component Lifecycle Management Company Exclusive Pro Features: Repository Health Check Repository Health Check lets you assess the security, licensing and popularity of your components. #sonatype
    10. 10. The Component Lifecycle Management Company Repository Health Check Allows you to Analyze Component Risk Avoid using tainted components that put your organization at risk – security & licensing risk. Quickly assess your security posture by viewing a breakdown of vulnerabilities based on severity and threat level. Quickly analyze your license risk by viewing the licenses by category and number of conflicting licenses. Easily perform detailed analysis by drilling into comprehensive license and security analysis. Repo analysis is good starting point for CLM which applies policy to staging and promotion and extends component management throughout the software lifecycle. #sonatype
    11. 11. The Component Lifecycle Management Company Exclusive Pro Features: Build Promotion and Staging Streamline workflow and control how components flow through development, QA, and production with Nexus Pro staging. #sonatype
    12. 12. The Component Lifecycle Management Company Nexus Pro CLM Edition: Use Policy to Manage Releases Define and enforce build promotion and staging rules based on component security, licensing, and popularity information. #sonatype • Policies can be defined based on security, licensing & quality metadata • Releases can be stopped, warnings created & notifications generated • Other enforcement points available as part of Sonatype CLM
    13. 13. The Component Lifecycle Management Company Staging & Promotion with Automated Policies Provides Better Release Management Easily manage releases by creating isolated candidates that can be promoted or discarded based on release tests. Manage release promotion for “dev to test to prod” & coordinate releases between multiple project teams (for example GUI, Data Services, & Business Logic teams). Improve collaboration between internal and external development teams through controlled sharing of releases. Automated policy provides control with minimal effort, ensuring that releases meet your security, licensing & architecture policies. #sonatype
    14. 14. The Component Lifecycle Management Company Exclusive Pro Features: Access Control & SSL Control access with LDAP and user tokens. Atlassian Crowd supports Single Sign-On efforts. Communications with the Central Repository are SSL encrypted to prevent man-in-the-middle attacks. #sonatype
    15. 15. The Component Lifecycle Management Company Nexus Security Ensures Trusted Access & Component Delivery Ease administrative burden & support authentication failover by using LDAP to support authentication. Strengthen authentication efforts with user tokens that eliminate the need to store plaintext passwords. Simplify access to Nexus by providing your users the ability to leverage Nexus using Single Sign-On. Protect your critical assets by partitioning repositories to permission individual sets of assets. Ensure the components you download are delivered securely by using SSL to support a tamper resistant connection to the Central Repository. #sonatype
    16. 16. The Component Lifecycle Management Company Foundation for Agile, Component-Based Development Nexus Pro: Repository Foundation for Complete Component Lifecycle Management Extend component management to your entire software development including your IDE, & build/CI/CD process. Ensure your production applications are trusted using the Sonatype CLM to monitor & identify newly discovered vulnerabilities. #sonatype
    17. 17. The Component Lifecycle Management Company Sonatype Product Family Nexus OSS Sonatype CLM Component Lifecycle Management • Centrally define governance policies • Enforce throughout the lifecycle • Integrate with existing developer tools • Build security in from the start • Continuous trust for production apps Sonatype Nexus Repository Management • Improve collaboration • Controlled release process Industry standard open source repository manager Nexus Pro Enterprise features, enterprise support Nexus Pro CLM Edition Component governance in the repo Sonatype CLM Nexus OSS Repository • Speed Builds #sonatype
    18. 18. The Component Lifecycle Management Company Questions
    19. 19. The Component Lifecycle Management Company Don’t Miss the Rest of the Nexus Series #sonatype Download a Free Trial – Updated Trial Guide and New Ant & Gradle Samples http://www.sonatype.com/nexus/free-trial Join Nexus Live – An Insider’s Tech Talk with Product Experts https://plus.google.com/u/0/events/cfopeju15jdp61fv76kv3a8n0bs Take a Training Course- Full Day Training to Maximize use of Nexus & Maven http://www.sonatype.com/nexus/training The Golden Repo is a Great First Step: October 15th at 12 EDT Yes, Policies Can Speed Development: November 6th at 12pm EDT Register Now - http://www.sonatype.com/request/nexus-webinar-series