The NpmCI template creates a pipeline that showcases the features of the NpmBuild and NpmPublish native steps. These features include:
Building an npm project and pushing the resulting artifacts to Artifactory
Publishing an Artifactory build and updating an output BuildInfo resource
Utilizing JFrog Xray to scan the artifacts for security vulnerabilities
Writing to an output FileSpec resource that can be connected to another pipeline.
This template requires a few configurations to be set up:
An Artifactory integration or JFrog Platform Access Token Integration for resolving dependencies and publishing artifacts
A Git integration (like GitHub) that can connect with your npm project
Resolver and deployer Artifactory repositories
NpmCI YAML
resources:
- name: {{ .Values.namePrefix }}_repo
type: GitRepo
configuration:
path: {{ .Values.repo.path }}
gitProvider: {{ .Values.repo.gitIntegration }}
branches:
include: {{ .Values.repo.branchPattern | default "main" }}
{{ if .Values.publishBuild }}
- name: {{ .Values.namePrefix }}_info
type: BuildInfo
configuration:
sourceArtifactory: {{ .Values.artIntegration }}
- name: {{ .Values.namePrefix }}_spec
type: FileSpec
configuration:
sourceArtifactory: {{ .Values.artIntegration }}
pattern: '{{ .Values.buildSpecPattern | default "*" }}'
buildName: ${JFROG_CLI_BUILD_NAME}
buildNumber: ${JFROG_CLI_BUILD_NUMBER}
{{ end }}
pipelines:
- name: {{ .Values.namePrefix }}_npm_ci
configuration:
affinityGroup: {{ .Values.namePrefix }}_npm_ci
{{ if .Values.publishBuild }}
environmentVariables:
readOnly:
JFROG_CLI_BUILD_NAME: ${pipeline_name}
JFROG_CLI_BUILD_NUMBER: ${run_id}
{{ end }}
steps:
- name: build
type: NpmBuild
configuration:
integrations:
- name: {{ .Values.artIntegration }}
inputResources:
- name: {{ .Values.namePrefix }}_repo
{{ if .Values.npmConfig.npmArgs }}
npmArgs: {{ .Values.npmConfig.npmArgs }}
{{ end }}
{{ if .Values.npmConfig.sourceLocation }}
sourceLocation: {{ .Values.npmConfig.sourceLocation }}
{{ end }}
{{ if .Values.npmConfig.resolverRepo }}
resolverRepo: {{ .Values.npmConfig.resolverRepo }}
{{ end }}
- name: publish
type: NpmPublish
configuration:
integrations:
- name: {{ .Values.artIntegration }}
inputSteps:
- name: build
{{ if .Values.publishBuild }}
outputResources:
- name: {{ .Values.namePrefix }}_info
- name: {{ .Values.namePrefix }}_spec
{{ end }}
{{ if .Values.publishBuild }}
autoPublishBuildInfo: true
{{ end }}
{{ if and .Values.scanBuild .Values.publishBuild }}
forceXrayScan: true
{{ end }}
{{ if .Values.npmConfig.deployerRepo }}
deployerRepo: {{ .Values.npmConfig.deployerRepo }}
{{ end }}
{{ if .Values.publishBuild }}
execution:
onSuccess:
- write_output {{ .Values.namePrefix }}_spec buildName="${JFROG_CLI_BUILD_NAME}"
- write_output {{ .Values.namePrefix }}_spec buildNumber="${JFROG_CLI_BUILD_NUMBER}"
{{ end }}values.yml: This is a samplevalues.yml. This can be edited to create your own version of the file.
## This string will prefix the resources and pipeline, allowing you to add
## the pipeline source multiple times with unique names.
namePrefix: sample
## The name of your Artifactory integration
artIntegration: myArtIntegrationName
##### Artifactory Build Info
## set this to `true` to publish a build
#publishBuild: true
## set this to `true` to scan the published build
#scanBuild: true
## When publishBuild is enabled, a FileSpec resource will be created
## that points to the published build. Here you can specify a pattern
## to further narrow down the Artifacts that are referenced by the spec.
#buildSpecPattern: "*"
##### Repository Details
repo:
path: org/repo
gitIntegration: myGitIntegration
branchPattern: "^main$"
npmConfig:
## Here you specify any additional arguments to the command to execute
## it is executed as `npm install {{ npmArgs }}`
npmArgs: "--no-install"
sourceLocation: "."
## These repositories must first be created in Artifactory.
## The resolver is used to resolve dependencies. It is recommended to
## use a remote repository so that any external dependencies will be cached
## in your local Artifactory instance. Deployer is where your Artifacts
## will be uploaded.
resolverRepo: npm-remote
deployerRepo: npm-local