Deploy packages

This topic describes guidelines, limitations, and common use cases for deploying packages to a vault.

Package deployment guidelines

These are the common use cases for storing binaries in a vault:

Internal Binaries built from your software. When you publish these package types, they typically do not need to be approved and can be consumed by developers.
External

Components downloaded from third-party vendors, such as Maven or Python PIP. After a package of this type is added to a vault, it can be reviewed, approved, and then consumed by developers.

You can use external packages in build and deployment processes only after the packages have been approved. For details, see Review and approve packages.

Guidelines for deploying packages:

  • PulseUno supports Maven, npm, Docker, PyPI, and NuGet packages.

  • You can deploy artifacts to both local and remote vaults.

  • NuGet: Before you can deploy NuGet packages, add your PulseUno vault as a package source and enable V3 protocol. For details, see Configure NuGet to use vaults.

  • Maven and npm: You can manually upload packages to Maven and npm vaults. For details, see Upload Maven or npm artifacts.

  • To deliver to a remote vault, make sure the vault is not set to read-only. For details, see Create and manage vaults.

  • Only the chains that run from trusted products can deliver to a vault. For details, see Define trusted products for vault.

  • When building software, you need to specify the URL for the vault you are deploying to or pulling from. The URL configuration depends on the package type, build systems, and IDEs you are using. For details, see your package manager's user help.

Back to top

Configure NuGet to use vaults

To work with PulseUno NuGet vaults, use the NuGet CLI or Visual Studio Package Manager.

Because PulseUno uses the NuGet V3 API, it doesn't support the nuget list NuGet CLI command. To deploy packages, run the nuget install command.

Before you can deploy packages, add your PulseUno vault as a package source and enable V3 protocol in the NuGet configuration.

To configure NuGet for a PulseUno vault:

  1. Add your PulseUno vault as a package source. Run this command, replacing the URL, username, and password with your own:

    Copy code 
    nuget sources Add -Name Vault -Source http://<pulseuno-server>:<port>/vault-server/nuget/<my-space>/<my-nuget-vault>/v3 -username <my-username> -password <my-password>


    For details on where to find your vault's URL, see Copy vault URL.

  2. To ensure that NuGet uses the V3 API, manually edit the NuGet.Config file in your user directory, for example:

    Windows %AppData%\NuGet\NuGet.Config
    Linux ~/.nuget/NuGet/NuGet.Config
    ~/.config/NuGet/NuGet.Config

    Add the protocolVersion="3" attribute to the Vault package source, for example:

    Copy code 
    <packageSources>
        <add key="Vault" value="http://<pulseuno-server>:<port>/vault-server/nuget/<my-space>/<my-nuget-vault>/v3" protocolVersion="3" />
    </packageSources>

Back to top

Copy vault URL

Copy your vault's URL so that you can specify it in your build and deployment processes to point to the vault location and deliver packages to the vault.

After you deliver packages to a vault, publish them so that they can be reviewed by approvers. For details, see Publish packages.

Vault URL format

The following URL format specifies the vault location in PulseUno:

Maven, npm, PyPI, NuGet http://<hostname>:<port>/vault-server/<vault-type>/<space-name>/<vault-name>
Docker <hostname>:<port>/<space-name>/<vault-name>

where:

Parameter Description
<hostname>:<port> Specifies the machine name and port number where the PulseUno vault is located, for example, dev:8080.
vault-server All package types except Docker: Identifies the Vault server component.
<vault-type> Specifies the vault type: maven, npm, docker, PyPI, or NuGet.
<space-name> Specifies the PulseUno space where the vault is located, for example, app.
<vault-name> Specifies the vault to be populated with package contents, for example, dev-cache.

Example: Maven vault URL: http://dev:8080/vault-server/maven/app/dev-cache

To copy a vault's URL:

  1. From the spaces list at the top right, select a space.

  2. In the sidebar, select Vaults.
  3. On the Vaults page, click a vault to open it. On the vault details page, the vault's URL is displayed in the Repository section on the right.

  4. To copy the URL, click Copy to clipboard .

    You can then paste the link into your IDE or build scripts.

Back to top

Upload Maven or npm artifacts

You can upload Maven .jar or .war files and npm .tgz files directly in the user interface. Each upload creates a new package version.

After you upload packages to a vault, publish them so that they can be reviewed by approvers. For details, see Publish packages.

To upload a Maven or npm package:

  1. From the spaces list at the top right, select a space.

  2. In the sidebar, select Vaults.
  3. On the Vaults page, click a Maven or npm vault to open it.
  4. Click Upload in the toolbar.
  5. In the Upload Artifact dialog box, click the upload area and select the file you want to upload.

  6. Enter the Artifact ID, Group ID (optional for npm), and Version coordinates to identify the file. If the coordinates are included in the file, PulseUno detects them and prefills the fields.

    npm: The prefilled coordinates are read-only and cannot be changed.

  7. Click Upload Artifact.

For details on how to review package contents, see Review and approve packages.

Back to top

See also: