Cloud customer?
Start for Free >
Upgrade in MyJFrog >
What's New in Cloud >

Search





Overview

The PublishBuildInfo step publishes BuildInfo to Artifactory. BuildInfo provides a manifest for the build and includes metadata about the modules, dependencies and other environment variables.


BuildInfo can also be published by any of the language-specific publish steps, when its autoPublishBuildInfo tag is set to true.

A base exclude pattern always applies to published build info from Pipelines, to prevent environment variables containing security information (e.g., secrets) and other unnecessary data from being published. The base exclude pattern is:

buildinfo.env.res_*;buildinfo.env.int_*;buildinfo.env.current_*;*password*;*secret*;*key*;*token* 

Page Contents


YAML Schema

The YAML schema for PublishBuildInfo native step is as follows:

PublishBuildInfo
pipelines:
  - name:   <string>
    steps:
      - name: <string>
        type: PublishBuildInfo
        configuration:
          #inherits all the tags from bash; https://www.jfrog.com/confluence/display/JFROG/Bash
          envInclude:       <string>   
          envExclude:       <string>   
          forceXrayScan:    <boolean>    # default false
          failOnScan:       <boolean>    # default true

          inputSteps:
            - name:         <any of the build steps or Bash step>  # required
          outputResources:
            - name:         <BuildInfo resource>           		   # required


        execution:
          onStart:
            - echo "Preparing for work..."
          onSuccess:
            - echo "Job well done!"
          onFailure:
            - echo "uh oh, something went wrong"
          onComplete: #always
            - echo "Cleaning up some stuff"

Tags

name 

An alphanumeric string (underscores are permitted) that identifies the step.

type 

Must be PublishBuildInfo for this step type.

configuration

Specifies all configuration selections for the step's execution environment. This step inherits the Bash/PowerShell step configuration tags, including these pertinent tags:

Tag

Description of usage

Required/Optional

inputSteps 

Must specify a named step of one of the following types:

The step must not have set autoPublishBuildInfo to true.

Required
outputResources 

Must specify a BuildInfo resource to publish. The buildName and buildNumber properties are automatically set to $buildName and $buildNumber if defined, or the JFROG_CLI_BUILD_NAME and/or JFROG_CLI_BUILD_NUMBER from the environment of the named step for native steps. If JFROG_CLI_BUILD_NAME or JFROG_CLI_BUILD_NUMBER was not set when the input step ran, the defaults are $pipeline_name and $run_number.



If inputSteps is a Bash step and $buildName or $buildNumber are not defined, then this step will fail. 



Required


In addition, these tags can be defined to support the step's native operation:

All native steps derive from the Bash step. This means that all steps share the same base set of tags from Bash, while native steps have their own additional tags as well that support the step's particular function. So it's important to be familiar with the Bash step definition, since it's the core of the definition of all other steps.

Tag

Description of usage

Required/Optional
envIncludePattern for which environment variables to include. Default is to include all the environment variables.Optional
envExcludePattern for which environment variables to exclude. This is applied in addition to the base exclude pattern applied to all build info.Optional
forceXrayScan

When set to true, forces an Xray scan after publishing to Artifactory.

Default is false.

Optional
failOnScan

When set to true, and when the Xray Policy Rule Fail Build checkbox is checked, a failed Xray scan will result in a failure of the step.

Default is true.

Optional


execution

Declares collections of shell command sequences to perform for pre- and post-execution phases:

Tag

Description of usage

Required/Optional
onStartCommands to execute in advance of the native operationOptional
onSuccessCommands to execute on successful completionOptional
onFailureCommands to execute on failed completionOptional
onCompleteCommands to execute on any completionOptional

The actions performed for the onExecute phase are inherent to this step type and may not be overridden.


Examples

The following examples show how to configure a PublishBuildInfo step.

Full Pipeline Example

Pushes the image created by the DockerBuild input step and published BuildInfo to Artifactory.

DockerPush
# This config file is templatized so that it can be easily customized. Values can be provided with a values.yml file.
template: true   # required for local templates
valuesFilePath: ./values.yml

resources:
  - name: app_repo1
    type: GitRepo
    configuration:
      gitProvider: {{ .Values.gitIntegration }}                      
      path: {{ .Values.gitRepositoryPath }}    
      branches:
        include: master

  - name: app_buildinfo1
    type: BuildInfo
    configuration:
      sourceArtifactory: {{ .Values.artifactoryIntegration }}

  - name: app_promoted_buildinfo1
    type: BuildInfo
    configuration:
      sourceArtifactory: {{ .Values.artifactoryIntegration }}

pipelines:
  - name: app_dev_pipeline
    steps:
      - name: app_build
        type: DockerBuild
        configuration:
          affinityGroup: docker_group
          dockerFileLocation: .
          dockerFileName: Dockerfile
          dockerImageName: {{ .Values.artifactoryUrl }}/{{ .Values.sourceRepository }}/{{ .Values.imageName }}  
          dockerImageTag: ${run_number}
          inputResources:
            - name: app_repo
          integrations:
            - name: {{ .Values.artifactoryIntegration }}         
            
      - name: app_push
        type: DockerPush
        configuration:
          affinityGroup: docker_group
          targetRepository: {{ .Values.sourceRepository }}
          integrations:
            - name: {{ .Values.artifactoryIntegration }}                            
          inputSteps:
            - name: app_build

      - name: publish_app_build
        type: PublishBuildInfo
        configuration:
          affinityGroup: docker_group
          inputSteps:
            - name: app_push
          outputResources:
            - name: app_buildinfo

MvnBuild Example

This extends the first MvnBuild example to publish the build info using a PublishBuildInfo step.

PublishBuildInfo
pipelines:
  - name: MyMavenPipeline
    steps:
      - name: MavenWithArtifactory
        type: MvnBuild
        configuration:
          integrations:
            - name: art
          inputResources:
            - name: mvn_repo
      - name: publishBuildInfoStep
        type: PublishBuildInfo
        configuration:
          inputSteps:
            - name: MavenWithArtifactory
          outputResources:
            - name: buildInfoResource

NpmBuild  and NpmPublish Example

An NpmBuild  and NpmPublish example publishing the build info using a PublishBuildInfo step and triggering an Xray scan in the PublishBuildInfo step.

PublishBuildInfo
pipelines:
  - name: npmBuildPipeline
    steps:
      - name: npmBuildStep
        type: NpmBuild
        configuration:
          inputResources:
            - name: gitRepoResource
          integrations:
            - name: artifactory_integration
      - name: npmPublishStep
        type: NpmPublish
        configuration:
          deployerRepo: npm-repo
          inputSteps:
            - name: npmBuildStep
          outputResources:
            - name: outputBuildInfo
      - name: publishBuildInfoStep
        type: PublishBuildInfo
        configuration:
          forceXrayScan: true
          inputSteps:
            - name: npmPublishStep
          outputResources:
            - name: buildInfoResource

Bash and GoPublishModule Step

A Bash step input to the PublishBuildInfo step following an earlier GoPublishModule step. 

PublishBuildInfo
pipelines:
  - name: goPublishModulePipeline
    steps:
      - name: goPublishModuleStep
        type: GoPublishModule
        configuration:
          version: "v0.0.${run_number}"
          targetRepository: go-repo
          self: true
          deps: ALL
          inputResources:
            - name: gitRepoResource
          integrations:
            - name: artifactory_integration
      - name: moduleTestStep
        type: Bash
        configuration:
          inputSteps:
            - name: goPublishModuleStep
        execution:
          onExecute:
            - "echo 'Running some tests.'"
      - name: publishBuildInfoStep
        type: PublishBuildInfo
        configuration:
          environmentVariables:
            buildStepName: goPublishModuleStep
          inputSteps:
            - name: moduleTestStep
          outputResources:
            - name: buildInfoResource

How it Works

When you use the PublishBuildInfo native step in a pipeline, it performs the following functions in the background:

  • jfrog rt config (configure the JFrog CLI with the BuildInfo output credentials)
  • jfrog rt use (specify the configured credentials to use)
  • restore_run_files (copy the output and build info from the input step)
  • jfrog rt build-publish (publish the build info)
  • jfrog rt build-scan (if forceXrayScan is true, trigger a scan)
  • write_output (if autoPublishBuildInfo is true, update the output BuildInfo resource)
  • add_run_files (update the build info saved in run state)
  • No labels
Copyright © 2021 JFrog Ltd.