The PublishBuildInfo step publishes BuildInfo to Artifactory. BuildInfo provides a manifest for the build and includes metadata about the modules, dependencies and other environment variables.
BuildInfo can also be published by any of the language-specific publish steps, when its autoPublishBuildInfo tag is set to true.
Note
A base exclude pattern always applies to published build info from Pipelines, to prevent environment variables containing security information (e.g., secrets) and other unnecessary data from being published. The base exclude pattern is:
buildinfo.env.res_*;buildinfo.env.int_*;buildinfo.env.current_*;*password*;*secret*;*key*;*token*
YAML Schema
The YAML schema for PublishBuildInfo native step is as follows:
PublishBuildInfo
pipelines:
- name: <string>
steps:
- name: <string>
type: PublishBuildInfo
configuration:
#inherits all the tags from bash
envInclude: <string>
envExclude: <string>
forceXrayScan: <boolean> # default false
failOnScan: <boolean> # default true
inputSteps:
- name: <any of the build steps or Bash step> # required
outputResources:
- name: <BuildInfo resource> # required
execution:
onStart:
- echo "Preparing for work..."
onSuccess:
- echo "Job well done!"
onFailure:
- echo "uh oh, something went wrong"
onComplete: #always
- echo "Cleaning up some stuff"
Tags
name
An alphanumeric string (underscores are permitted) that identifies the step.
type
Must be PublishBuildInfo for this step type.
configuration
Specifies all configuration selections for the step's execution environment. This step inherits the Bash/ PowerShell step configuration tags, including these pertinenttags:
Tag | Description of usage | Required/Optional |
|---|---|---|
| Must specify a named step of one of the following types: The step must not have set | Required |
| Must specify a BuildInfo resource to publish. The NoteIf | Required |
In addition, these tags can be defined to support the step's native operation:
Note
All native steps derive from the Bash step. This means that all steps share the same base set of tags from Bash, while native steps have their own additional tags as well that support the step's particular function. So it's important to be familiar with the Bash step definition, since it's the core of the definition of all other steps.
Tag | Description of usage | Required/Optional |
|---|---|---|
| Pattern for which environment variables to include. Default is to include all the environment variables. | Optional |
| Pattern for which environment variables to exclude. This is applied in addition to the base exclude pattern applied to all build info. | Optional |
| When set to true, forces an Xray scan after publishing to Artifactory. Default is false. | Optional |
| When set to true, and when the Xray Policy Rule Fail Build checkbox is checked, a failed Xray scan will result in a failure of the step. Default is true. | Optional |
execution
Declares collections of shell command sequences to perform for pre- and post-execution phases:
Tag | Description of usage | Required/Optional |
|---|---|---|
| Commands to execute in advance of the native operation | Optional |
| Commands to execute on successful completion | Optional |
| Commands to execute on failed completion | Optional |
| Commands to execute on any completion | Optional |
The actions performed for the onExecute phase are inherent to this step type and may not be overridden.
Examples
The following examples show how to configure a PublishBuildInfo step.
Full Pipeline Example
Pushes the image created by the DockerBuild input step and published BuildInfo to Artifactory.
This example requires an Artifactory Integration and a GitHub Integration.
The Pipelines DSL for this example is available in this repository in the JFrog GitHub account.
DockerPush
# This config file is templatized so that it can be easily customized. Values can be provided with a values.yml file.
template: true # required for local templates
valuesFilePath: ./values.yml
resources:
- name: app_repo1
type: GitRepo
configuration:
gitProvider: {{ .Values.gitIntegration }}
path: {{ .Values.gitRepositoryPath }}
branches:
include: master
- name: app_buildinfo1
type: BuildInfo
configuration:
sourceArtifactory: {{ .Values.artifactoryIntegration }}
- name: app_promoted_buildinfo1
type: BuildInfo
configuration:
sourceArtifactory: {{ .Values.artifactoryIntegration }}
pipelines:
- name: app_dev_pipeline
steps:
- name: app_build
type: DockerBuild
configuration:
affinityGroup: docker_group
dockerFileLocation: .
dockerFileName: Dockerfile
dockerImageName: {{ .Values.artifactoryUrl }}/{{ .Values.sourceRepository }}/{{ .Values.imageName }}
dockerImageTag: ${run_number}
inputResources:
- name: app_repo
integrations:
- name: {{ .Values.artifactoryIntegration }}
- name: app_push
type: DockerPush
configuration:
affinityGroup: docker_group
targetRepository: {{ .Values.sourceRepository }}
integrations:
- name: {{ .Values.artifactoryIntegration }}
inputSteps:
- name: app_build
- name: publish_app_build
type: PublishBuildInfo
configuration:
affinityGroup: docker_group
inputSteps:
- name: app_push
outputResources:
- name: app_buildinfoMvnBuild Example
This extends the first MvnBuild example to publish the build info using a PublishBuildInfo step.
PublishBuildInfo
pipelines:
- name: MyMavenPipeline
steps:
- name: MavenWithArtifactory
type: MvnBuild
configuration:
integrations:
- name: art
inputResources:
- name: mvn_repo
- name: publishBuildInfoStep
type: PublishBuildInfo
configuration:
inputSteps:
- name: MavenWithArtifactory
outputResources:
- name: buildInfoResource
NpmBuild and NpmPublish Example
An NpmBuild and NpmPublish example publishing the build info using a PublishBuildInfo step and triggering an Xray scan in the PublishBuildInfo step.
PublishBuildInfo
pipelines:
- name: npmBuildPipeline
steps:
- name: npmBuildStep
type: NpmBuild
configuration:
inputResources:
- name: gitRepoResource
integrations:
- name: artifactory_integration
- name: npmPublishStep
type: NpmPublish
configuration:
deployerRepo: npm-repo
inputSteps:
- name: npmBuildStep
outputResources:
- name: outputBuildInfo
- name: publishBuildInfoStep
type: PublishBuildInfo
configuration:
forceXrayScan: true
inputSteps:
- name: npmPublishStep
outputResources:
- name: buildInfoResource
Bash and GoPublishModule Step
A Bash step input to the PublishBuildInfo step following an earlier GoPublishModule step.
PublishBuildInfo
pipelines:
- name: goPublishModulePipeline
steps:
- name: goPublishModuleStep
type: GoPublishModule
configuration:
version: "v0.0.${run_number}"
targetRepository: go-repo
self: true
deps: ALL
inputResources:
- name: gitRepoResource
integrations:
- name: artifactory_integration
- name: moduleTestStep
type: Bash
configuration:
inputSteps:
- name: goPublishModuleStep
execution:
onExecute:
- "echo 'Running some tests.'"
- name: publishBuildInfoStep
type: PublishBuildInfo
configuration:
environmentVariables:
buildStepName: goPublishModuleStep
inputSteps:
- name: moduleTestStep
outputResources:
- name: buildInfoResourceHow it Works
When you use the PublishBuildInfo native step in a pipeline, it performs the following functions in the background:
jfrog rt config (configure the JFrog CLI with the BuildInfo output credentials)
jfrog rt use (specify the configured credentials to use)
restore_run_files (copy the output and build info from the input step)
jfrog rt build-publish (publish the build info)
jfrog rt build-scan (if forceXrayScan is true, trigger a scan)
write_output (if autoPublishBuildInfo is true, update the output BuildInfo resource)
add_run_files (update the build info saved in run state)