The NpmCI template creates a pipeline that showcases the features of the NpmBuild and NpmPublish native steps. These features include:
Building an npm project and pushing the resulting artifacts to Artifactory
Publishing an Artifactory build and updating an output BuildInfo resource
Utilizing JFrog Xray to scan the artifacts for security vulnerabilities
Writing to an output FileSpec resource that can be connected to another pipeline.
This template requires a few configurations to be set up:
An Artifactory integration for resolving dependencies and publishing artifacts
A Git integration (like GitHub) that can connect with your npm project
Resolver and deployer Artifactory repositories
NpmCI YAML
resources: - name: {{ .Values.namePrefix }}_repo type: GitRepo configuration: path: {{ .Values.repo.path }} gitProvider: {{ .Values.repo.gitIntegration }} branches: include: {{ .Values.repo.branchPattern | default "main" }} {{ if .Values.publishBuild }} - name: {{ .Values.namePrefix }}_info type: BuildInfo configuration: sourceArtifactory: {{ .Values.artIntegration }} - name: {{ .Values.namePrefix }}_spec type: FileSpec configuration: sourceArtifactory: {{ .Values.artIntegration }} pattern: '{{ .Values.buildSpecPattern | default "*" }}' buildName: ${JFROG_CLI_BUILD_NAME} buildNumber: ${JFROG_CLI_BUILD_NUMBER} {{ end }} pipelines: - name: {{ .Values.namePrefix }}_npm_ci configuration: affinityGroup: {{ .Values.namePrefix }}_npm_ci {{ if .Values.publishBuild }} environmentVariables: readOnly: JFROG_CLI_BUILD_NAME: ${pipeline_name} JFROG_CLI_BUILD_NUMBER: ${run_id} {{ end }} steps: - name: build type: NpmBuild configuration: integrations: - name: {{ .Values.artIntegration }} inputResources: - name: {{ .Values.namePrefix }}_repo {{ if .Values.npmConfig.npmArgs }} npmArgs: {{ .Values.npmConfig.npmArgs }} {{ end }} {{ if .Values.npmConfig.sourceLocation }} sourceLocation: {{ .Values.npmConfig.sourceLocation }} {{ end }} {{ if .Values.npmConfig.resolverRepo }} resolverRepo: {{ .Values.npmConfig.resolverRepo }} {{ end }} - name: publish type: NpmPublish configuration: integrations: - name: {{ .Values.artIntegration }} inputSteps: - name: build {{ if .Values.publishBuild }} outputResources: - name: {{ .Values.namePrefix }}_info - name: {{ .Values.namePrefix }}_spec {{ end }} {{ if .Values.publishBuild }} autoPublishBuildInfo: true {{ end }} {{ if and .Values.scanBuild .Values.publishBuild }} forceXrayScan: true {{ end }} {{ if .Values.npmConfig.deployerRepo }} deployerRepo: {{ .Values.npmConfig.deployerRepo }} {{ end }} {{ if .Values.publishBuild }} execution: onSuccess: - write_output {{ .Values.namePrefix }}_spec buildName="${JFROG_CLI_BUILD_NAME}" - write_output {{ .Values.namePrefix }}_spec buildNumber="${JFROG_CLI_BUILD_NUMBER}" {{ end }}
values.yml: This is a samplevalues.yml
. This can be edited to create your own version of the file.
## This string will prefix the resources and pipeline, allowing you to add ## the pipeline source multiple times with unique names. namePrefix: sample ## The name of your Artifactory integration artIntegration: myArtIntegrationName ##### Artifactory Build Info ## set this to `true` to publish a build #publishBuild: true ## set this to `true` to scan the published build #scanBuild: true ## When publishBuild is enabled, a FileSpec resource will be created ## that points to the published build. Here you can specify a pattern ## to further narrow down the Artifacts that are referenced by the spec. #buildSpecPattern: "*" ##### Repository Details repo: path: org/repo gitIntegration: myGitIntegration branchPattern: "^main$" npmConfig: ## Here you specify any additional arguments to the command to execute ## it is executed as `npm install {{ npmArgs }}` npmArgs: "--no-install" sourceLocation: "." ## These repositories must first be created in Artifactory. ## The resolver is used to resolve dependencies. It is recommended to ## use a remote repository so that any external dependencies will be cached ## in your local Artifactory instance. Deployer is where your Artifacts ## will be uploaded. resolverRepo: npm-remote deployerRepo: npm-local