GoCI

JFrog Pipelines Documentation

Products
JFrog Pipelines
Content Type
User Guide
ft:sourceType
Paligo

The GoCI template creates a pipeline that showcases the features of the GoBuild, GoPublishBinary, and GoPublishModule native steps. These features include:

  • Building a Go binary and pushing the resulting artifact to Artifactory

  • Building a Go module and pushing the resulting artifact to Artifactory

  • Publishing Artifactory builds and updating output BuildInfo resources

  • Utilizing JFrog Xray to scan the artifacts for security vulnerabilities

  • Writing to output FileSpec resources that can be connected other pipelines.

This template can be used for binaries, modules, or both and the required configurations vary depending on the ultimate goal. Configuration must include the required settings for either GoBuild, GoPublishBinary, or GoPublishModule and may include both to publish a binary and module.

In all cases these configurations must be set up:

  • An Artifactory integration or JFrog Platform Access Token Integration for resolving dependencies and publishing artifacts

  • A Git integration (like Github ) that can connect with your Gradle projectGitHub Integration

  • A resolver Artifactory repository from which to resolve dependencies

Publishing a binary with GoBuild and GoPublishBinary requires:

  • A binaryTargetRepository Artifactory repository to which to publish

  • A command to run as part of the GoBuild step (the part following "go")

  • An output file name

Publishing a binary with GoPublishBinary requires:

  • A moduleTargetRepository Artifactory repository to which to publish

  • A version

GoCI YAML

resources:
  - name: {{ .Values.namePrefix }}_repo
    type: GitRepo
    configuration:
      path: {{ .Values.repo.path }}
      gitProvider: {{ .Values.repo.gitIntegration }}
      branches:
        include: {{ .Values.repo.branchPattern | default "main" }}

{{ if .Values.publishBuild }}
  {{ if .Values.goConfig.binaryTargetRepository }}
  - name: {{ .Values.namePrefix }}_binary_info
    type: BuildInfo
    configuration:
      sourceArtifactory: {{ .Values.artIntegration }}

  - name: {{ .Values.namePrefix }}_binary_spec
    type: FileSpec
    configuration:
      sourceArtifactory: {{ .Values.artIntegration }}
      pattern: '{{ .Values.binaryBuildSpecPattern | default "*" }}'
      buildName: ${JFROG_CLI_BUILD_NAME}
      buildNumber: ${JFROG_CLI_BUILD_NUMBER}
  {{ end }}

  {{ if .Values.goConfig.moduleTargetRepository }}
  - name: {{ .Values.namePrefix }}_module_info
    type: BuildInfo
    configuration:
      sourceArtifactory: {{ .Values.artIntegration }}

  - name: {{ .Values.namePrefix }}_module_spec
    type: FileSpec
    configuration:
      sourceArtifactory: {{ .Values.artIntegration }}
      pattern: '{{ .Values.moduleBuildSpecPattern | default "*" }}'
      buildName: ${JFROG_CLI_BUILD_NAME}
      buildNumber: ${JFROG_CLI_BUILD_NUMBER}
  {{ end }}

{{ end }}


pipelines:
  - name: {{ .Values.namePrefix }}_go_ci
    steps:
    {{ if .Values.goConfig.binaryTargetRepository }}
      - name: build
        type: GoBuild
        configuration:
          affinityGroup: {{ .Values.namePrefix }}_go_binary_ci
          environmentVariables:
            JFROG_CLI_BUILD_NAME: {{ .Values.namePrefix }}_go_binary_ci
            JFROG_CLI_BUILD_NUMBER: ${run_id}
          integrations:
            - name: {{ .Values.artIntegration }}
          inputResources:
            - name: {{ .Values.namePrefix }}_repo
        {{ if .Values.goConfig.command }}
          goCommand: {{ .Values.goConfig.command }}
        {{ end }}
        {{ if .Values.goConfig.sourceLocation }}
          sourceLocation: {{ .Values.goConfig.sourceLocation }}
        {{ end }}
        {{ if .Values.goConfig.resolverRepo }}
          resolverRepo: {{ .Values.goConfig.resolverRepo }}
        {{ end }}
        {{ if .Values.goConfig.outputLocation }}
          outputLocation: {{ .Values.goConfig.outputLocation }}
        {{ end }}
        {{ if .Values.goConfig.outputFile }}
          outputFile: {{ .Values.goConfig.outputFile }}
        {{ end }}

      - name: publish
        type: GoPublishBinary
        configuration:
          affinityGroup: {{ .Values.namePrefix }}_go_binary_ci
          environmentVariables:
            JFROG_CLI_BUILD_NAME: {{ .Values.namePrefix }}_go_binary_ci
            JFROG_CLI_BUILD_NUMBER: ${run_id}
          integrations:
            - name: {{ .Values.artIntegration }}
          inputSteps:
            - name: build
        {{ if .Values.publishBuild }}
          outputResources:
            - name: {{ .Values.namePrefix }}_binary_info
            - name: {{ .Values.namePrefix }}_binary_spec
        {{ end }}
        {{ if .Values.publishBuild }}
          autoPublishBuildInfo: true
        {{ end }}
        {{ if and .Values.scanBuild .Values.publishBuild }}
          forceXrayScan: true
        {{ end }}
          targetRepository: {{ .Values.goConfig.binaryTargetRepository }}

      {{ if .Values.publishBuild }}
        execution:
          onSuccess:
            - write_output {{ .Values.namePrefix }}_binary_spec buildName="${JFROG_CLI_BUILD_NAME}"
            - write_output {{ .Values.namePrefix }}_binary_spec buildNumber="${JFROG_CLI_BUILD_NUMBER}"
      {{ end }}
    {{ end }}

    {{ if .Values.goConfig.moduleTargetRepository }}
      - name: module
        type: GoPublishModule
        configuration:
          environmentVariables:
            JFROG_CLI_BUILD_NAME: {{ .Values.namePrefix }}_go_module_ci
            JFROG_CLI_BUILD_NUMBER: ${run_id}
          integrations:
            - name: {{ .Values.artIntegration }}
          inputResources:
            - name: {{ .Values.namePrefix }}_repo
        {{ if .Values.publishBuild }}
          outputResources:
            - name: {{ .Values.namePrefix }}_module_info
            - name: {{ .Values.namePrefix }}_module_spec
        {{ end }}
        {{ if .Values.goConfig.sourceLocation }}
          sourceLocation: {{ .Values.goConfig.sourceLocation }}
        {{ end }}
        {{ if .Values.goConfig.version }}
          version: {{ .Values.goConfig.version }}
        {{ end }}
          targetRepository: {{ .Values.goConfig.moduleTargetRepository }}
        {{ if .Values.goConfig.resolverRepo }}
          resolverRepo: {{ .Values.goConfig.resolverRepo }}
        {{ end }}
        {{ if .Values.publishBuild }}
          autoPublishBuildInfo: true
        {{ end }}
        {{ if and .Values.scanBuild .Values.publishBuild }}
          forceXrayScan: true
        {{ end }}
      {{ if .Values.publishBuild }}
        execution:
          onSuccess:
            - write_output {{ .Values.namePrefix }}_module_spec buildName="${JFROG_CLI_BUILD_NAME}"
            - write_output {{ .Values.namePrefix }}_module_spec buildNumber="${JFROG_CLI_BUILD_NUMBER}"
      {{ end }}
    {{ end }}

values.yml: This is a samplevalues.yml. This can be edited to create your own version of the file.

## This string will prefix the resources and pipeline, allowing you to add
## the pipeline source multiple times with unique names.
namePrefix: sample

## The name of your Artifactory integration
artIntegration: myArtIntegrationName

##### Artifactory Build Info
## set this to `true` to publish builds
#publishBuild: true
## set this to `true` to scan the published build(s)
#scanBuild: true
## When publishBuild is enabled, a FileSpec resource will be created
## that points to each published build. Here you can specify a pattern
## to further narrow down the Artifacts that are referenced by the specs.
## The binaryBuildSpecPattern filters the files included for the FileSpec
## output by the GoPublishBinary step.
#binaryBuildSpecPattern: "*"
## The moduleBuildSpecPattern filters the files included for the FileSpec
## output by the GoPublishModule step.
#moduleBuildSpecPattern: "*"

##### Repository Details
repo:
  path: org/repo
  gitIntegration: myGitIntegration
  branchPattern: "^main$"

goConfig:
  ### Settings used for both modules and binaries:
  ## The location of the source code in your repository.
  ## Commands will be executed here.
  sourceLocation: "."
  ## This repository, if specified, must first be created in Artifactory.
  ## The resolver is used to resolve dependencies. It is recommended to
  ## use a remote repository so that any external dependencies will be cached
  ## in your local Artifactory instance.
  resolverRepo: go-remote

  ### Settings used only for GoBuild and GoPublishBinary:
  ## Required to use these steps, the repository to which to upload the binary.
  ## The repository must first be created in Artifactory.
  binaryTargetRepository: go-local
  ## Here you specify any additional arguments to the command to execute
  ## it is executed as `go {{ command }}`
  command: "build -o $outputLocation/$outputFile"
  outputLocation: "GoBuild"
  outputFile: "myOutputFile"

  ### Settings used only for GoPublishModule:
  ## Required to use this step, the repository to which to upload the module.
  ## The repository must first be created in Artifactory.
  moduleTargetRepository: go-local
  ## The version specified in the go-publish command.
  version: v1.0.${run_number}