Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Makes changes to the “CI Integration” page #659

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Makes changes to the “CI Integration” page #659

Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
0a8f7fe
Adds an Azure DevOps example
AkimaLunar May 14, 2022
a162be6
Makes edits
AkimaLunar May 14, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
97 changes: 93 additions & 4 deletions docs/concepts/ci-integration.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ category: doc

For the repository and package owners who want to automate the bumping of versions based on change files with `beachball`, you'll need to provide some information for your Continuous Integration (CI) systems. These one-time setup steps will be unique for different CI system naturally, but the general idea remain the same. `beachball publish` needs write access to with are the git repo and npm registry.

### Git Authentication
## Git Authentication

There are several ways to authenticate against a git repository. Here's one way to do so with a personal token. Put this in your publishing build scripts:

Expand All @@ -22,7 +22,7 @@ git remote set-url origin https://$(user):$(pat)@github.com/someuser/someproject

These commands will give the git user a name and email. Also, the last command will set a different URL for the git remote named "origin". If you have SSH key pairs setup, you would not need to run that last line in your scripts.

### NPM Authentication
## NPM Authentication

To publish to a npm registry, you'll need to have access to the write-enabled access token. npm registry has [documentation](https://docs.npmjs.com/creating-and-viewing-authentication-tokens) on how to create automation tokens. Pass this token into the command line:

Expand All @@ -36,16 +36,105 @@ A common requirement is to be able to publish to a private registry other than n
beachball publish -n SOME_AUTH_TOKEN -r http://SOME_REGISTRY_URL/
```

### package.json script
## package.json script

It's recommended to encapsulate any custom options in a `package.json` script:

> Note: When running Beachball in CI, add the `-y` flag (or `--yes`). That skips the intractive prompts that are commonly unavailable in CI consoles.

```json
{
"scripts": {
"publish:beachball": "beachball publish -n $(npm.token)"
"publish:beachball": "beachball publish -y -n $(npm.token)"
}
}
```

Then inside the CI script, simply call `yarn publish:beachball` or `npm run publish:beachball`.


## Examples

### With Azure DevOps

**1 Npm authentication**. Azure DevOps has `npmAuthenticate@0` available to create a temporary npm auth token for publishing.

```yml
- task: npmAuthenticate@0
inputs:
workingFile: .npmrc
```

**2 Git authentication**.

**2.1 Add env variables.** First, you need to add environment variables. One way to do it is through a _Variable group_. Find it in Library → “+ Variable group” → “+ Add”.

Add 4 env vars:
- git.pat
- git.user
- git.name
- git.email

Give your pipeline permissins to access these variables in _Pipeline permissions_.

**2.1 Configure Git.** You can set up your Azure DevOps pipeline to add git credentials with Git CLI or you can extrapolate it in a Node script like this:

```js
const shell = require('shelljs');
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why don't we give example in terms of the yaml pipeline itself? shelling out to a task in just-scripts seems overkill?

I'm thinking something like this:

steps:
  - script: git config ....

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You have most of it down below in the yaml example

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👌👌 Good point! I was kind of on a fence on this one. Ideally, I would want ADO to have a pre-built task for this.

const { logger } = require('just-scripts');

shell.set('-e');

module.exports = function gitAuth() {
logger.info('Authenticating Git');
shell.exec(`git config user.email "${process.env.GIT_EMAIL}"`);
shell.exec(`git config user.name "${process.env.GIT_NAME}"`);
shell.exec(
`git remote set-url origin https://${process.env.GIT_USER}:${process.env.GIT_PAT}@github.com/someuser/someproject.git`,
);
};
```

**2.2 Add Npm script.** Add your script to `package.json`, e.g. `"git-auth": "node ./scripts/git-auth.js"`.

**2.3 Add task.** Add a task to configure Git.

```yml
- script: |
npm run git-auth
displayName: 'Configure git'
env:
GIT_PAT: $(git.pat)
GIT_USER: $(git.user)
GIT_NAME: $(git.name)
GIT_EMAIL: $(git.email)
```

**3 Add publish script** Final step is adding a publish script to `package.json` like e.g. `"beachball:publish": "beachball publish --yes"`. Note, that `npmAuthenticate@0` task is taking care of publishing access, so you do not need to pass an Npm token here.

Add a task to run the script in the pipeline.

```yml
- script: |
npm run beachball:publish
displayName: 'Publishing'
```

**4 Final configuration**

```yml
- task: npmAuthenticate@0
inputs:
workingFile: .npmrc
- script: |
npm run git-auth
displayName: 'Configure git'
env:
GIT_PAT: $(git.pat)
GIT_USER: $(git.user)
GIT_NAME: $(git.name)
GIT_EMAIL: $(git.email)
- script: |
npm run beachball:publish
displayName: 'Publishing'
```