Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Overview

Artifactory brings continuous integration to Atlassian Bitbucket Pipelines through the JFrog Artifactory pipes. 

 The JFrog Artifactory pipes for Bitbucket Pipelines supports:

  • Resolving your build dependencies from Artifactory. 
  • Deploying your build artifacts to Artifactory. 
  • Gaining full traceability of your builds by capturing your build-info from your builds and publishing to Artifactory.

About Pipes

Pipes are Atlassian’s way to simplify configuring your Bitbucket Pipeline. They’re very useful for frequently performed actions that would otherwise take several lines of script, especially when working with a supporting tool like Artifactory or Xray.

Just like a subroutine or object method in code, you invoke a pipe to perform a specific function according to parameters you provide.



Installation and Setup

No special setup is needed to use JFrog Artifactory pipes. They are readable in a public Bitbucket repository. You can select them, along with all other Atlassian-supported pipes, through the Bitbucket online editor, in the rightmost side panel.



Prerequisites

To use JFrog Artifactory pipes, you will need a licensed installation of Artifactory, and to know its addressable URL, and your credentials for access.

How a pipe works

In the YAML file that configures your Bitbucket Pipeline, you specify a path to the pipe, followed by a few key pieces of information.

Selecting one of the available pipes will present you the information from the pipe's README.md that you will need to put it to use.


To use a pipe in a Bitbucket Pipeline, copy the offered snippet to the Bitbucket YAML file, and replace the placeholder parameter text with the needed information. A best practice is to reference commonly needed parameters, such the base Artifactory URL, and your credentials, as environment settings.


For more information about Build Info, see Artifactory Build Integration.


Panel
titlePage Contents

Table of Contents
maxLevel4
minLevel2

Upload Generic Artifacts to Artifactory

The Artifactory Generic Upload pipe uploads your generated build artifact(s) from the local file system to an Artifactory repository. 

The task triggers JFrog CLI to perform the upload in the background. 

The artifacts to upload may be defined using File Specs. By default, the pipe will also capture build-info and publish it to Artifactory as metadata associated with the uploaded file. 

When configuring the pipe you must specify:

  1. Your Artifactory service URL
  2. Your credentials
  3. Whether you will use a File Spec or directly specify the artifact(s) to upload.
  4. The path to the artifcact(s) to upload (wild cards may be used), or the path to the File Spec.
  5. The target path of the Artifactory repository that will receive the upload.
  6. Other pipe options, such as a build name to associate with the artifact.
Code Block
languageyml
titleExample: Upload generic artifacts to Artifactory
# Upload artifacts to Artifactory
- pipe: JfrogDev/artifactory-generic-upload:0.2.11
  variables:
    ARTIFACTORY_URL: $ARTIFACTORY_URL
    ARTIFACTORY_USER: $ARTIFACTORY_USER
    ARTIFACTORY_PASSWORD: $ARTIFACTORY_PASSWORD
    FILE_SPEC: "false"
    SOURCE_PATH: "generic/*.zip"
    TARGET_PATH: "generic-local/"
    BUILD_NAME: "generic-pipe-example"

See the pipe's README.md for the full list of variables you may specify.

Downloading Generic Artifacts from Artifactory

The Artifactory Generic Download pipe downloads your built artifact(s) from an Artifactory repository to the local file system. 

The task triggers JFrog CLI to perform the upload in the background. 

The artifacts to download may be defined using File Specs. By default, the pipe will also capture build-info published to Artifactory as metadata associated with the downloaded file.

When configuring the pipe you must specify:

  1. Your Artifactory service URL
  2. Your credentials
  3. Whether you will use a File Spec or directly specify the artifact(s) to download.
  4. The source path of the Artifactory repository where the file to download is stored. You may use wildcards to specify multiple artifacts.
  5. Other pipe options, such as the local file system target path for the downloaded artifact.
Code Block
languageyml
titleExample: Download generic artifacts from Artifactory
# Download artifacts from Artifactory
- pipe: JfrogDev/artifactory-generic-download:0.2.11
  variables:
    ARTIFACTORY_URL: $ARTIFACTORY_URL
    ARTIFACTORY_USER: $ARTIFACTORY_USER
    ARTIFACTORY_PASSWORD: $ARTIFACTORY_PASSWORD
    FILE_SPEC: "false"
    SOURCE_PATH: "generic-local/*.zip"
    TARGET_PATH: "./generic/"
    BUILD_NAME: "generic-pipe-example"

See the pipe's README.md for the full list of variables you may specify.

Triggering Builds

You can trigger the following builds.

Triggering Maven Builds

TBD

Triggering Npm Builds

TBD

The Artifactory Maven pipe triggers a Maven build, while resolving Maven dependencies and deploying Maven packages from and to Artifactory as a Maven repository.

By default, this pipe will also capture build-info and publish it to Artifactory as metadata associated with the built artifacts.

When configuring the pipe you must specify:

  1. Your Artifactory service URL
  2. Your credentials
  3. The Artifactory Maven repository that will be used to resolve snapshots.
  4. The Artifactory Maven repository that will be used to resolve releases.
  5. Other pipe options, such as a build name to associate with the artifacts.
Code Block
languageyml
titleExample: Build and publish Maven packages to Artifactory
# Build and publish Maven packages to Artifactory
- pipe: JfrogDev/artifactory-maven:0.2.9
  variables:
    ARTIFACTORY_URL: $ARTIFACTORY_URL
    ARTIFACTORY_USER: $ARTIFACTORY_USER
    ARTIFACTORY_PASSWORD: $ARTIFACTORY_PASSWORD
    MAVEN_SNAPSHOT_REPO: "libs-snapshot"
    MAVEN_RELEASE_REPO: "libs-release"
    BUILD_NAME: "maven-pipe-example"
    EXTRA_BAG_ARGS: "../"

See the pipe's README.md for the full list of variables you may specify.

Triggering Npm Builds

The Artifactory Maven pipe triggers a Maven build, while resolving Maven dependencies and deploying Maven packages from and to Artifactory as a Maven repository.

By default, this pipe will also capture build-info and publish it to Artifactory as metadata associated with the built artifacts.

When configuring the pipe you must specify:

  1. Your Artifactory service URL
  2. Your credentials
  3. The npm command to perform (install or publish)
  4. The Artifactory npm repository that will be used to download and push artifacts.
  5. Other pipe options, such as a build name to associate with the artifacts.
Code Block
languageyml
titleExample: Build and publish npm packages to Artifactory
# Publish NPM package to Artifactory
- pipe: JfrogDev/artifactory-npm:0.2.3
    variables:
      ARTIFACTORY_URL: $ARTIFACTORY_URL
      ARTIFACTORY_USER: $ARTIFACTORY_USER
      ARTIFACTORY_PASSWORD: $ARTIFACTORY_PASSWORD
      NPM_COMMAND: "publish"
      NPM_TARGET_REPO: "npm-local"
      BUILD_NAME: "npm-pipe-example"

See the pipe's README.md for the full list of variables you may specify.

Pushing and Pulling Docker Images to and from Artifactory

Promoting Published

The Artifactory Docker pipe pushes a docker image to a docker repository in Artifactory.

By default, this pipe will also capture build-info and publish it to Artifactory as metadata associated with the docker image. In addition to details about the build and the build environment, the build info includes the image layers as build dependencies and build artifacts. 

When configuring the pipe you must specify:

  1. Your Artifactory service URL
  2. Your credentials
  3. The Docker image tag.
  4. The Artifactory Docker registry to store the Docker image.
  5. Other pipe options, such as a build name to associate with the Docker image.
Code Block
languageyml
titleExample: Build and publish a Docker image to Artifactory
# Build and publish Docker image to Artifactory
- pipe: JfrogDev/artifactory-docker:0.2.11
  variables:
    ARTIFACTORY_URL: $ARTIFACTORY_URL
    ARTIFACTORY_USER: $ARTIFACTORY_USER
    ARTIFACTORY_PASSWORD: $ARTIFACTORY_PASSWORD
    DOCKER_IMAGE_TAG: "art-docker.mycompany.team/docker-pipe-example:${BITBUCKET_BUILD_NUMBER}"
    DOCKER_TARGET_REPO: "docker-stage-local"
    BUILD_NAME: "docker-pipe-example"

See the pipe's README.md for the full list of variables you may specify.

Promoting Builds in Artifactory

To support the artifacts life-cycle, Artifactory supports promoting published builds from one repository to another.

The Artifactory Build Promotion pipe promotes a build, by either copying or moving the build artifacts and/or dependencies to a target repository. 

This task can be added as part of a Build or Release pipeline.

Scanning Published Builds with JFrog Xray

When configuring the pipe you must specify:

  1. Your Artifactory service URL
  2. Your credentials
  3. The Artifactory repository to receive the promoted build's artifacts

  4. The status message to set during promotion.

  5. Other pipe options, such as a build name to associate with the promoted build.

Code Block
languageyml
titleExample: Promote a build in Artifactory
# Promote Build in Artifactory
- pipe: JfrogDev/artifactory-build-promotion:0.2.10
    variables:
      ARTIFACTORY_URL: $ARTIFACTORY_URL
      ARTIFACTORY_USER: $ARTIFACTORY_USER
      ARTIFACTORY_PASSWORD: $ARTIFACTORY_PASSWORD
      TARGET_REPO: "npm-prod-local"
      STATUS: "Staged"
      BUILD_NAME: "npm-pipe-example"

See the pipe's README.md for the full list of variables you may specify.

Scanning Published Builds with JFrog Xray

The Artifactory Xray Scan pipe triggers a build scan with JFrog Xray.

When the scan is triggered, Artifactory will pass on the build to Xray, which will then scan the build artifacts. The action is synchronous, meaning it will wait for the scan to finish before returning control to the script.

If the Allow fail build task option is set and Xray is configured to fail the build, the build pipeline will fail, if vulnerabilities are found.

When configuring the pipe you must specify:

  1. Your Artifactory service URL
  2. Your credentials
  3. Other pipe options, such as the name of the build to scan.

Code Block
languageyml
titleExample: Promote a build in Artifactory
# Scan published build through Xray
- pipe: JfrogDev/artifactory-xray-scan:0.2.7
    variables:
      ARTIFACTORY_URL: $ARTIFACTORY_URL
      ARTIFACTORY_USER: $ARTIFACTORY_USER
      ARTIFACTORY_PASSWORD: $ARTIFACTORY_PASSWORD
      BUILD_NAME: "npm-pipe-example"

See the pipe's README.md for the full list of variables you may specify.