The PublishBuildInfo step publishes BuildInfo to Artifactory. BuildInfo provides a manifest for the build and includes metadata about the modules, dependencies and other environment variables.
BuildInfo can also be published by any of the language-specific publish steps, when its autoPublishBuildInfo
tag is set to true
.
Note
A base exclude pattern always applies to published build info from Pipelines, to prevent environment variables containing security information (e.g., secrets) and other unnecessary data from being published. The base exclude pattern is:
buildinfo.env.res_*;buildinfo.env.int_*;buildinfo.env.current_*;*password*;*secret*;*key*;*token*
YAML Schema
The YAML schema for PublishBuildInfo native step is as follows:
PublishBuildInfo
pipelines: - name: <string> steps: - name: <string> type: PublishBuildInfo configuration: #inherits all the tags from bash envInclude: <string> envExclude: <string> forceXrayScan: <boolean> # default false failOnScan: <boolean> # default true inputSteps: - name: <any of the build steps or Bash step> # required outputResources: - name: <BuildInfo resource> # required execution: onStart: - echo "Preparing for work..." onSuccess: - echo "Job well done!" onFailure: - echo "uh oh, something went wrong" onComplete: #always - echo "Cleaning up some stuff"
Tags
name
An alphanumeric string (underscores are permitted) that identifies the step.
type
Must be PublishBuildInfo
for this step type.
configuration
Specifies all configuration selections for the step's execution environment. This step inherits the Bash/ PowerShell step configuration tags, including these pertinenttags:
Tag | Description of usage | Required/Optional |
---|---|---|
| Must specify a named step of one of the following types: The step must not have set | Required |
| Must specify a BuildInfo resource to publish. The NoteIf | Required |
In addition, these tags can be defined to support the step's native operation:
Note
All native steps derive from the Bash step. This means that all steps share the same base set of tags from Bash, while native steps have their own additional tags as well that support the step's particular function. So it's important to be familiar with the Bash step definition, since it's the core of the definition of all other steps.
Tag | Description of usage | Required/Optional |
---|---|---|
| Pattern for which environment variables to include. Default is to include all the environment variables. | Optional |
| Pattern for which environment variables to exclude. This is applied in addition to the base exclude pattern applied to all build info. | Optional |
| When set to true, forces an Xray scan after publishing to Artifactory. Default is false. | Optional |
| When set to true, and when the Xray Policy Rule Fail Build checkbox is checked, a failed Xray scan will result in a failure of the step. Default is true. | Optional |
execution
Declares collections of shell command sequences to perform for pre- and post-execution phases:
Tag | Description of usage | Required/Optional |
---|---|---|
| Commands to execute in advance of the native operation | Optional |
| Commands to execute on successful completion | Optional |
| Commands to execute on failed completion | Optional |
| Commands to execute on any completion | Optional |
The actions performed for the onExecute
phase are inherent to this step type and may not be overridden.
Examples
The following examples show how to configure a PublishBuildInfo step.
Full Pipeline Example
Pushes the image created by the DockerBuild input step and published BuildInfo to Artifactory.
This example requires an Artifactory Integration and a GitHub Integration.
The Pipelines DSL for this example is available in this repository in the JFrog GitHub account.
DockerPush
# This config file is templatized so that it can be easily customized. Values can be provided with a values.yml file. template: true # required for local templates valuesFilePath: ./values.yml resources: - name: app_repo1 type: GitRepo configuration: gitProvider: {{ .Values.gitIntegration }} path: {{ .Values.gitRepositoryPath }} branches: include: master - name: app_buildinfo1 type: BuildInfo configuration: sourceArtifactory: {{ .Values.artifactoryIntegration }} - name: app_promoted_buildinfo1 type: BuildInfo configuration: sourceArtifactory: {{ .Values.artifactoryIntegration }} pipelines: - name: app_dev_pipeline steps: - name: app_build type: DockerBuild configuration: affinityGroup: docker_group dockerFileLocation: . dockerFileName: Dockerfile dockerImageName: {{ .Values.artifactoryUrl }}/{{ .Values.sourceRepository }}/{{ .Values.imageName }} dockerImageTag: ${run_number} inputResources: - name: app_repo integrations: - name: {{ .Values.artifactoryIntegration }} - name: app_push type: DockerPush configuration: affinityGroup: docker_group targetRepository: {{ .Values.sourceRepository }} integrations: - name: {{ .Values.artifactoryIntegration }} inputSteps: - name: app_build - name: publish_app_build type: PublishBuildInfo configuration: affinityGroup: docker_group inputSteps: - name: app_push outputResources: - name: app_buildinfo
MvnBuild Example
This extends the first MvnBuild example to publish the build info using a PublishBuildInfo step.
PublishBuildInfo
pipelines: - name: MyMavenPipeline steps: - name: MavenWithArtifactory type: MvnBuild configuration: integrations: - name: art inputResources: - name: mvn_repo - name: publishBuildInfoStep type: PublishBuildInfo configuration: inputSteps: - name: MavenWithArtifactory outputResources: - name: buildInfoResource
NpmBuild and NpmPublish Example
An NpmBuild and NpmPublish example publishing the build info using a PublishBuildInfo step and triggering an Xray scan in the PublishBuildInfo step.
PublishBuildInfo
pipelines: - name: npmBuildPipeline steps: - name: npmBuildStep type: NpmBuild configuration: inputResources: - name: gitRepoResource integrations: - name: artifactory_integration - name: npmPublishStep type: NpmPublish configuration: deployerRepo: npm-repo inputSteps: - name: npmBuildStep outputResources: - name: outputBuildInfo - name: publishBuildInfoStep type: PublishBuildInfo configuration: forceXrayScan: true inputSteps: - name: npmPublishStep outputResources: - name: buildInfoResource
Bash and GoPublishModule Step
A Bash step input to the PublishBuildInfo step following an earlier GoPublishModule step.
PublishBuildInfo
pipelines: - name: goPublishModulePipeline steps: - name: goPublishModuleStep type: GoPublishModule configuration: version: "v0.0.${run_number}" targetRepository: go-repo self: true deps: ALL inputResources: - name: gitRepoResource integrations: - name: artifactory_integration - name: moduleTestStep type: Bash configuration: inputSteps: - name: goPublishModuleStep execution: onExecute: - "echo 'Running some tests.'" - name: publishBuildInfoStep type: PublishBuildInfo configuration: environmentVariables: buildStepName: goPublishModuleStep inputSteps: - name: moduleTestStep outputResources: - name: buildInfoResource
How it Works
When you use the PublishBuildInfo native step in a pipeline, it performs the following functions in the background:
jfrog rt config (configure the JFrog CLI with the BuildInfo output credentials)
jfrog rt use (specify the configured credentials to use)
restore_run_files (copy the output and build info from the input step)
jfrog rt build-publish (publish the build info)
jfrog rt build-scan (if forceXrayScan is true, trigger a scan)
write_output (if autoPublishBuildInfo is true, update the output BuildInfo resource)
add_run_files (update the build info saved in run state)