Client: Nokia

Nokia is one of the world’s leading communication service providers with a focus on building and maintaining communication networks. Additionally, Nokia is currently heavily involved in the research and development of 5G networks. Nokia can look back on 155 years of experience and currently employs around 98,000 people worldwide.

Initial Situation and Challenges

The Software Monetization Platform department is responsible for providing various software packages for Nokia customers. The focus is on achieving the highest possible degree of automation in the process from upload to deployment. A JFrog Enterprise+ installation handles the central management of the individual software packages. Nokia extends this platform with additional services to better adapt to the rest of the environment. The task of digatus was to integrate new features into the system through various services and to provide advice on technical issues.

The first requirement was to create a way to provide software packages via an SFTP server. The SFTP server was to be secured using certificate-based authentication. Customers should receive the current software packages via the SFTP server without having to access an Artifactory instance.

The second requirement was to establish a malware scanning process to scan all software packages for unintentionally introduced viruses or other malware before delivery and to interrupt the delivery process if infections were found.

Another task that digatus took on was the establishment of new JFrog Enterprise+ environments in the Microsoft Azure Cloud to increase coverage of software deliveries to additional key Nokia customers and to provide internal build pipeline verification capabilities for multiple development units at Nokia.

“In summary, all team members have performed excellently and managed to meet the expectations placed on the team. It was a pleasure to work with the high-performing digatus team, and I look forward to continuing the collaboration with them in the coming period.”

Andor Fauszt – SW Monetization Product Owner, Nokia

Solution

The digatus crew was integrated into the existing team by a Product Owner on Nokia’s side. The project was organized according to the SAFe framework.

For the first requirement, the following solution was agreed upon and implemented by the team: The release bundle is to be delivered to the SFTP server. Afterwards, a publication process is initiated, which typically transfers the release bundle to a so-called Artifactory Edge Node. An Artifactory plugin intercepts this request and forwards it to a Golang service on the SFTP server. This service authenticates itself to Artifactory and downloads the required files to a folder that is shared with the SFTP service. Installing the services in separate containers ensures that in case of a compromised SFTP server, Artifactory cannot be accessed.

A plugin and an additional service took over malware scanning in Artifactory. Each individual upload to Artifactory is done in a separate area that is not accessible to customers. The service downloads the files for scanning and forwards the request to a malware scanner. Based on the scan result, the file is either quarantined or published. This ensures that no file can be delivered to the customer without being scanned.

The digatus team also took over the installation of two new JFrog Enterprise+ instances in an Azure environment. Artifactory is run in a high availability configuration to ensure increased fail-safety and fault tolerance.

Customer Benefits

digatus was able to contribute to increasing the coverage of software deliveries to customers and internal verification capabilities, ensuring faster feedback loops and better quality of software deliveries, thus achieving higher customer satisfaction. Through the SFTP service, an important Nokia customer can be served via the SFTP protocol. Additionally, the malware scan process ensures the security and integrity of the delivered software.

The implemented improvements and technical consultation by digatus promote progress towards the automated software monetization platform.