Artifacts - knowlesy/AZ400 GitHub Wiki

An artifact is a deployable component of your application. Azure Pipelines can work with a wide variety of artifact sources and repositories.

Azure Artifacts are one of the services that's part of Azure DevOps. Using it can eliminate the need to manage file shares or host private package services.

It lets you share code easily by allowing you to store Maven, npm, or NuGet packages together, cloud-hosted, indexed and matched.

Package feeds are a trusted source of packages. The offered packages will be consumed by other codebases and used to build software that needs to be secure.

Package feeds must be secured for access by authorized accounts, so only verified and trusted packages are stored there.

The access should involve allowing:

• Restricted access for consumption Whenever a particular audience should only consume a package feed and its packages, it's required to restrict its access. Only those allowed access will consume the packages from the feed.
• Restricted access for publishing Secure access is required to restrict who can publish so feeds and unauthorized or untrusted persons and accounts can't modify their packages.

From https://learn.microsoft.com/en-gb/training/modules/migrate-consolidating-secure-artifacts/4-secure-access-to-package-feeds

• Reader: Can list and restore (or install) packages from the feed.

• Collaborator: Can save packages from upstream sources.

• Contributor: Can push and unlist packages in the feed.

• Owner: has all available permissions for a package feed.

From https://learn.microsoft.com/en-gb/training/modules/migrate-consolidating-secure-artifacts/5-examine-roles

Azure DevOps users will authenticate against Azure Active Directory when accessing the Azure DevOps portal.

Each repository should only reference one feed:

A feed is a fundamental organizational structure for hosting packages. While you can have multiple feeds for a project, it's best to limit a project to referencing just one feed. If you want to use packages from multiple feeds, it's recommended to use upstream sources. This enables you to access packages from multiple feeds and public registries.

Enable retention policies to automatically clean up old package versions:

By deleting older package versions, you can optimize client performance and free up storage space. When setting up your retention policies you have the flexibility to select the number of versions of a package to keep. This allows you to easily manage package versions and improve your package management workflow.