Greenkeeper Lockfile
��
��
✨
Greenkeeper now has built-in support for updating lockfiles
✨
��
��
Read all about it here: https://blog.greenkeeper.io/announcing-native-lockfile-support-85381a37a0d0
❗ If you have annpm-shrinkwrap.jsonfile or are using private npm packages you will still needgreenkeeper-lockfile.
Package Managers
-
✅ npm (including npm5) -
✅ yarn
CI Services
✅ Travis CI✅ Circle CI Thank you @ethanrubio�� ✅ Jenkins✅ Wercker✅ Bitrise Thank you @zetaron�� ✅ Buildkite Thank you @justindowning�� ✅ Codeship Thank you @selbyk�� ✅ Semaphore Thank you @cbothner�� ✅ TeamCity Thank you @tagoro9 & @dbrockman�� ✅ Drone.io Thank you @donny-dont�� ✅ AppVeyor Thank you @patkub�� ✅ GitLab CI Thank you @baer95��
How does it work
- Detect whether the current CI build is caused by Greenkeeper
- Update the lockfile with the latest version of the updated dependency using the package manager’s built in mechanism
- Push a commit with the updated lockfile back to the Greenkeeper branch
Setup
- create a GitHub access token with push access to your repository and make it available to your CI's environment as
GH_TOKEN.
If you use Travis CI, you may add the token using the CLI app as follows:
travis encrypt GH_TOKEN=<token> --add
Configure your CI to use the npm/yarn version you want your lockfiles to be generated with before it installs your dependencies. Install
greenkeeper-lockfileas well.Configure your CI to run
greenkeeper-lockfile-updateright before it executes your tests andgreenkeeper-lockfile-uploadright after it executed your tests.
The next Step is only applicable greenkeeper-lockfile version 2 (with monorepo support)
- If you use a default branch that is not
masterthen you have to add the environment variableGK_LOCK_DEFAULT_BRANCHwith the name of your default branch to your CI.
Example Travis CI configurations
npm
before_install:
# package-lock.json was introduced in npm@5
- '[[ $(node -v) =~ ^v9.*$ ]] || npm install -g npm@latest' # skipped when using node 9
- npm install -g greenkeeper-lockfile
install: npm install
before_script: greenkeeper-lockfile-update
after_script: greenkeeper-lockfile-upload
If dependencies in the package lock do not match those in package.json, npm ci will exit with an error, instead of updating the package lock.
Travis will use npm ci by default if lockfiles are present so you'll need to explicitly tell your CI to run npm install instead of npm ci
install: npm install
yarn
before_install: yarn global add greenkeeper-lockfile@1
before_script: greenkeeper-lockfile-update
after_script: greenkeeper-lockfile-upload
Custom yarn command line arguments
To run the lockfile-update script with custom command line arguments, set the GK_LOCK_YARN_OPTS environment variable to your needs (set it to --ignore-engines, for example). They will be appended to the yarn add command.
Using Greenkeeper with Monorepos
greenkeeper-lockfile 2.0.0 offers support for monorepos. To use it make sure you install greenkeeper-lockfile@2 explicitly.
If you are using a default branch on Github that is not called master, please set an Environment Variable GK_LOCK_DEFAULT_BRANCH with the name of your default branch in your CI.
Testing multiple node versions
It is common to test multiple node versions and therefor have multiple test jobs for one build. In this case the lockfile will automatically be updated for every job, but only uploaded for the first one.
node_js:
- 6
- 4
before_install:
- npm install -g npm
- npm install -g greenkeeper-lockfile@1
install: npm install
before_script: greenkeeper-lockfile-update
# Only the node version 6 job will upload the lockfile
after_script: greenkeeper-lockfile-upload
CircleCI workflows
In order to use greenkeeper-lockfile with CircleCI workflows, greenkeeper-lockfile-update must be run in the first job, while greenkeeper-lockfile-upload can be run in any job.If you want to upload the lockfile in a later job, the .git directory needs to be saved to cache after updating, and restored before uploading. (example workflow config)Use sequential job execution to ensure the job that runs greenkeeper-lockfile-update is always executed first.For example, if greenkeeper-lockfile-update is run in the lockfile job, all other jobs in the workflow must require the lockfile job to finish before running:
workflows:
version: 2
workflow_name:
jobs:
- lockfile
- job1:
requires:
- lockfile
TeamCity Setup
In order for this to work with TeamCity, the build configuration needs to setthe following environment variables:
- VCS_ROOT_URL from the vcsroot..url parameter
- VCS_ROOT_BRANCH from the teamcity.build.branch parameter
Configuration options
| Environment Variable | default value | what is it for? |
|---|---|---|
| GK_LOCK_YARN_OPTS | '' | Add yarn options that greenkeeper should use e.g. --ignore-engines |
| GK_LOCK_DEFAULT_BRANCH | 'master' | Set your default github branch name |
| GK_LOCK_COMMIT_AMEND | false | Lockfile commit should be amended to the regular Greenkeeper commit |
| GK_LOCK_COMMIT_NAME | 'greenkeeperio-bot' | Set your prefered git commit name |
| GK_LOCK_COMMIT_EMAIL | 'support@greenkeeper.io' | Set your prefered git commit email |
Contributing a CI Service
Environment information
In order to support a CI service this package needs to extract some information from the environment.
- repoSlug The GitHub repo slug e.g.
greenkeeper/greenkeeper-lockfile - branchName The name of the current branch e.g.
greenkeeper/lodash-4.0.0 - firstPush Is this the first push on this branch i.e. the Greenkeeper commit
- correctBuild Is this a regular build (not a pull request for example)
- uploadBuild Should the lockfile be uploaded from this build (relevant for testing multiple node versions)
The following optional information may be needed:
- ignoreOutput The method to ignore command output when staging the updated lockfile (e.g.
2>NUL || (exit 0)on Windows)
Have a look at our Travis CI reference implementation.
Detecting your service
Write a test that returns whether this package runs in your CI service’s environment and add it to our ci-services/tests.
Testing your service
In order to test this plugin with your own CI service install your fork directly from git.
+ npm i -g you/greenkeeper-lockfile#my-ci
- npm i -g greenkeeper-lockfile@1
We are looking forward to your contributions
-
一个lock file的python实现 如果多个进程,或者多个独立程序要写同一个文件,那么就存在大家同时写文件的可能,这就不妙了,数据可能会出问题。最近在网上找到一个开源的python实现,有效简洁,列出来分析下代码看看: 文件名:lockfile.py,内容如下,有部分注释加了中文,添加了一些注释。 import os import time import errno class FileLo
-
Lin-MacBoo$ pod install Analyzing dependencies [!] The version of CocoaPods used to generate the lockfile (1.2.0) is higher than the version of the current executable (1.0.1). Incompatibility issues m
-
[!] The version of CocoaPods used to generate the lockfile (1.9.3) is higher than the version of the
pod install 时 [!] The version of CocoaPods used to generate the lockfile (1.9.3) is higher than the version of the current executable (1.9.1). Incompatibility issues may arise. pod --version gem sourc
-
问题内容: ➜ vue-next git:(fe853a5a) npm install yarn -g changed 1 package in 679ms ➜ vue-next git:(fe853a5a) yarn install yarn install v1.22.17 info No lockfile found. $ node ./scripts/preinstal
-
1 完整异常信息 File "/usr/bin/airflow", line 32, in <module> args.func(args) File "/usr/lib/python2.7/site-packages/airflow/utils/cli.py", line 74, in wrapper return f(*args, **kwargs) File "/us
-
vscode 在package.json中增加private字段; 将项目声明为私有项目:"private": true, 再重新运行,notice就没有了
-
今天打开程序,报下面这个错误 $ bundle install You must use Bundler 2 or greater with this lockfile. 这个错误的原因的bundler插件版本过低,可能是因为某些gem更新了,所以我们来安装更高版本的bundler插件,这样错误就解决了 $ gem install bundler -v2.0.2 Fetching: bundl
-
解决The version of CocoaPods used to generate the lockfile (1.1.1) is higher than the version of...的问题
执行pod install时,提示如下信息 The version of CocoaPods used to generate the lockfile (1.1.1) is higher than the version of the current executable (1.0.0). Incompatibility issues may arise. 这是因为当前CocoaPods版本低了
-
“yum lockfile is held by another process” 解决方法: # rm -f /var/run/yum.pid
-
https://docs.python.org/3/library/fcntl.html#fcntl.lockf https://stackoverflow.com/questions/32592698/how-to-lock-a-directory-between-python-processes-in-linux https://www.google.com/search?q=Python+w
-
VB声明 Declare Function LockFile Lib "kernel32" Alias "LockFile" (ByVal hFile As Long, ByVal dwFileOffsetLow As Long, ByVal dwFileOffsetHigh As Long, ByVal nNumberOfBytesToLockLow As Long, ByVal nNumber
-
执行pod install时,提示如下信息: The version of CocoaPods used to generate the lockfile (1.2.0.beta.1) is higher than the version of the current executable (1.1.1). Incompatibility issues may arise解决方法: 执行:pod
-
执行pod install时出错,提示如下: The version of CocoaPods used to generate the lockfile is higher that the one of the current executable. Incompatibility issues might arise. 问题原因:CocoaPods版本低了 解决办法:执行gem update
-
fix this problem by flowing steps one by one 1.sudo pip uninstall lockfile 2.sudo rm /usr/lib/python2.7/dist-packages/lockfile.py 3.sudo rm /usr/lib/python2.7/dist-packages/lockfile.pyc 4.sudo -E pip
-
☝️ Important announcement: Greenkeeper will be saying goodbye �� and passing the torch to Snyk on June 3rd, 2020! New installations are no longer possible. Find out how to migrate to Snyk and more at
-
The lockfile command isn’t necessary. yarn install will produce a lockfile.
-
lockfile linting �� lint lockfiles for improved security and trust policies About Lockfiles are used as trusted whitelist of resources manifest to fetch packages from.However, keeping track of the cha
-
在使用 Travis Ci 构建 Hexo 时出现了构件失败的情况,报错信息为 :