sfdx-bitbucket-package
For a fully guided walkthrough of setting up and configuring continuous integration using scratch orgs and Salesforce CLI, see the Continuous Integration Using Salesforce DX Trailhead module.
This repository shows one way you can successfully use scratch orgs to create new package versions with Bitbucket Pipelines. We make a few assumptions in this README. Continue only if you have completed these critical configuration prerequisites.
You know how to get your Bitbucket repository set up with Bitbucket Pipelines. (Need help? See the Bitbucket Getting Started guide.)
You have properly set up JWT-based authorization flow (headless). We recommend using these steps for generating your self-signed SSL certificate.
Fork this repo to your GitHub account using the fork link at the top of the page.
Clone your forked repo locally: git clone https://github.com/<git_username>/sfdx-bitbucket-package.git
Make sure that you have Salesforce CLI installed. Run sfdx force --help
and confirm you see the command output. If you don't have it installed, download and install it from here.
Setup a JWT-based auth flow for the target orgs that you want to deploy to. This step creates a server.key
file that is used in subsequent steps. (https://developer.salesforce.com/docs/atlas.en-us.sfdx_dev.meta/sfdx_dev/sfdx_dev_auth_jwt_flow.htm)
Confirm that you can perform a JWT-based auth: sfdx force:auth:jwt:grant --clientid <your_consumer_key> --jwtkeyfile server.key --username <your_username> --setdefaultdevhubusername
Note: For more info on setting up JWT-based auth, see Authorize an Org Using the JWT-Based Flow in the Salesforce DX Developer Guide.
Encrypt and store the generated server.key
. IMPORTANT! Don't store the server.key
within the project.
First, generate a key and initializtion vector (iv) to encrypt your server.key
file locally. The key
and iv
are used by Bitbucket Pipeplines to decrypt your server key in the build environment.
$ openssl enc -aes-256-cbc -k <passphrase here> -P -md sha1 -nosalt key=E5E9FA1BA31ECD1AE84F75CAAA474F3A663F05F412028F81DA65D26EE56424B2 iv =E93DA465B309C53FEC5FF93C9637DA58
Make note of the
key
andiv
values output to the screen. You'll use the values followingkey=
andiv =
to encrypt yourserver.key
.
Encrypt the server.key
using the newly generated key
and iv
values. Use the key
and iv
values only once. Don't use them to encrypt more than the server.key
. While you can re-use this pair to encrypt other things, it's considered a security violation to do so. Every time you run the command above, it generates a new key
and iv
value. You can't regenerate the same pair. If you lose these values, generate new ones and encrypt again.
openssl enc -nosalt -aes-256-cbc -in assets/server.key -out assets/server.key.enc -base64 -K <key from above> -iv <iv from above>
This step replaces the existing server.key.enc
with your encrypted version.
Store the key
, and iv
values somewhere safe. You'll use these values in a subsequent step in the Bitbucket Pipeplines UI. These values are considered secret so please treat them as such.
From your JWT-based connected app on Salesforce, retrieve the generated Consumer Key
from your Dev Hub org.
Set your Consumer Key
in a Bitbucket Pipelines environment variable named HUB_CONSUMER_KEY
using the Bitbucket Pipelines UI. Set your Username
in a Bitbucket Pipelines environment variable named HUB_USER_NAME
using the Bitbucket Pipelines UI. Note that this username is the username that you use to access your Dev Hub.
Store the key
and iv
values used above in Bitbucket Pipelines environment variables named DECRYPTION_KEY
and DECRYPTION_IV
, respectively. When finished setting environment variables, the environment variables setup screen should look like the one below.
Copy all the contents of package-sfdx-project.json
into sfdx-project.json
and save.
Create the sample package: sfdx force:package:create -r force-app/main/default/ -n "BitbucketPipelines" -d "Bitbucket Pipelines Package Example" -t Unlocked
Create the first package version: sfdx force:package:version:create --package "BitbucketPipelines" --installationkeybypass --wait 10 --json --targetdevhubusername HubOrg
In the config.yml
: Update the value in the PACKAGENAME
variable to be the Package ID in your sfdx-project.json
file. This ID starts with 0Ho
.
Commit the updated sfdx-project.json
,config.yml
, and server.key.enc
files.
Now you're ready to go! When you commit and push a change, you change kicks off a Bitbucket Pipelines build.
Enjoy!
If you find any issues or opportunities for improving this repository, fix them! Feel free to contribute to this project by forking this repository and making changes to the content. Once you've made your changes, share them back with the community by sending a pull request. See How to send pull requests for more information about contributing to GitHub projects.
If you find any issues with this demo that you can't fix, feel free to report them in the issues section of this repository.
上一篇: shane-sfdx-plugins
下一篇:sfdx-jenkins-org
还没有评论,说两句吧!
热门资源
seetafaceJNI
项目介绍 基于中科院seetaface2进行封装的JAVA...
spark-corenlp
This package wraps Stanford CoreNLP annotators ...
Keras-ResNeXt
Keras ResNeXt Implementation of ResNeXt models...
capsnet-with-caps...
CapsNet with capsule-wise convolution Project ...
shih-styletransfer
shih-styletransfer Code from Style Transfer ...
智能在线
400-630-6780
聆听.建议反馈
E-mail: support@tusaishared.com