Help Center/ CodeArts Artifact/ User Guide/ Self-hosted Repo/ Uploading a Private Component
Updated on 2023-11-28 GMT+08:00

Uploading a Private Component

Only repository administrators and developers can upload private components. You can set repository roles on the Repository Permissions page.

Procedure

  1. Access the self-hosted repo homepage. In the left pane, choose the repository to which the private component is to be uploaded.
  2. Click Upload.

  3. Set the component parameters, select the file, and click Upload. The detailed configuration for each type of component is described below.

    1. The maximum size of a file uploaded to the self-hosted repo is 100 MB for the Maven/npm/PyPI/RPM/Debian and 20 MB for the NuGet.
    2. You are advised not to upload files containing sensitive information such as plaintext accounts and passwords to the self-hosted repo.

Introduction to Maven Components

  • POM: Project Object Model (POM) is the basic working unit of a Maven project. It is an XML file that contains basic project information to describe how to build a project and declare project dependencies. When a build task is executed, Maven searches for POM in the current directory, reads the POM, obtains the required configuration information, and constructs the target component.
  • Maven coordinates: X, Y, and Z are used to uniquely identify a point in the three-dimensional space. In Maven, GAV is used to identify a unique Maven component package. GAV is short for groupId, artifactId, and version. groupId indicates a company or organization. For example, Maven core components are in the org.apache.maven organization. artifactId indicates the name of a component package. version indicates the version of the component package.
  • Maven dependency: The dependency list is the cornerstone of POM. The building and running of most projects depend on the dependency on other components. Add the dependency list to the POM file. If the App component depends on the App-Core and App-Data components, the configuration is as follows:
    <project xmlns="http://maven.apache.org/POM/4.0.0"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
       http://maven.apache.org/xsd/maven-4.0.0.xsd">
          <modelVersion>4.0.0</modelVersion>
          <groupId>com.companyname.groupname</groupId>
          <artifactId>App</artifactId>
          <version>1.0</version>
          <packaging>jar</packaging>
          <dependencies>
             <dependency>
                <groupId>com.companyname.groupname</groupId>
                <artifactId>App-Core</artifactId>
                <version>1.0</version>
             </dependency>
          </dependencies>  
          <dependencies>
             <dependency>
                <groupId>com.companyname.groupname</groupId>
                <artifactId>App-Data</artifactId>
                <version>1.0</version>
             </dependency>
          </dependencies>  
    </project>

Uploading a Maven Component

A self-hosted repo supports two upload modes: POM and GAV.

Upload Mode

Description

POM

GAV parameters are obtained from the POM file. The system retains transitive dependencies of components.

GAV

GAV, short for Group ID, Artifact ID, and Version, is the unique identifier of a JAR package. In this mode, GAV parameters are manually specified. The system automatically generates a POM file without any transitive dependency.

  • POM

    In POM mode, you can upload only the POM file or upload the POM file and related components. The name of the uploaded file must be the same as the artifactId value and version value in the POM file. As shown in the following figure, the artifactId value is demo and the version value is 1.0 in the POM. The uploaded file must be demo-1.0.jar.

    The POM file structure is as follows:

    <project>
      <modelVersion>4.0.0</modelVersion>
      <groupId>demo</groupId>
      <artifactId>demo</artifactId>
      <version>1.0</version>
    </project>

    The modelVersion tag must exist and the value must be 4.0.0, indicating that Maven2 is used.

    If you upload files in both the POM and File area, the artifactId and version parameter values in the uploaded POM file must match the name of the file uploaded in the File area. For example, if artifactId is demo and version is 1.0 in the POM file, the name of the file to be uploaded in the File area must be demo-1.0. Otherwise, the upload will fail.

  • GAV

    In the GAV mode, the Group ID, Artifact ID, and Version parameters must be manually specified and they determine the name of the file to be uploaded. Extension indicates the packaging type, which determines the type of the file to be uploaded.

    Classifiers are used to distinguish artifacts that are constructed from the same POM and have different contents. This field is optional. It can contain letters, digits, underscores (_), hyphens (-), and dots (.). If you enter a value, it will be appended to the file name.

    Common Usage Scenario

    • Differentiate versions by names, such as demo-1.0-jdk13.jar and demo-1.0-jdk15.jar.
    • Differentiate usage by names, such as demo-1.0-javadoc.jar and demo-1.0-sources.jar.

Introduction to npm Components

Node Package Manager (npm) is a JavaScript package management tool. The npm component package is the object managed by the npm, and the self-hosted npm repo is for managing and storing the npm component package.

The npm component package consists of the structure and file description.

  • Package structure: organizes various files in a package, such as source code files and resource files.
  • Description file: describes package information. Example: package.json, bin, and lib files

The package.json file in the package is a description file of a project or module package. It contains information such as the name, description, version, and author. The npm install command downloads all dependent modules based on this file.

An example of the package.json file is as follows:

{
  "name": "third_use",			//Package name
  "version": "0.0.1",           //Version number
"description": "this is a test project", // Description
  "main": "index.js",			//Entry file
  "scripts": {					//Script commands
    "test": "echo \"Error: no test specified\" && exit 1"
  },
  "keywords": [					//Keyword
    "show"
  ],
  "author": "f",				//Developer name
  "license": "ISC",				//License agreement
  "dependencies": {				//Project production dependencies
    "jquery": "^3.6.0",
    "mysql": "^2.18.1"
  },
  "devDependencies": {			//Project development dependencies
    "less": "^4.1.2",
    "sass": "^1.45.0"
  }
}

The name and version are the most important fields and must exist. Otherwise, the current package cannot be installed. The two attributes together form the unique identifier of an npm package.

name indicates the name of a package. The first part of the name, such as @scope, is used as the namespace. The other part is name. Generally, you can search for the name field to install and use the required package.

{
  "name": "@scope/name"
}

version indicates the version of a package, which is in the x.y.z format.

{
  "version": "1.0.0"
}

Uploading an npm Component

A self-hosted repo allows you to upload npm component packages in .tgz format. When uploading a package, you need to set the following parameters.

Parameter

Description

PackageName

The value must be the same as the value of name in the package.json file.

Version

The value must be the same as that of version in the package.json file.

When uploading a component, ensure that the package name starts with a path in the path list added during repository creation. For details, see Configuring Repository Items in the help guide.

Example:

The path @test is added during the creation of an npm repository.

When uploading an npm component to the repository, make sure that the value of PackageName starts with @test. If a path outside the path list is used, for example, @npm, the upload will fail.

After the upload is successful, you can view the component package in .tgz format in the repository component list and the corresponding metadata is generated in the .npm directory.

Uploading a Go Component

Go (also called Golang) is a programming language developed by Google. Golang 1.11 and later versions support modular package management tools. A module is a unit for source code exchange and versioning of Go. A MOD file is used to identify and manage a module. A ZIP file is a source code package. There are two types of Go modules: v2.0 and later versions and v2.0 and earlier versions. The management of the Go module is different between the two versions.

To upload a Go component, upload a ZIP file and a MOD file. You need to set the following parameters.

Parameter

Description

Zip Path

Complete path of the ZIP file. Valid path formats are:

  • Versions earlier than v2.0: {moduleName}/@v/{version}.zip
  • Versions later than v2.0:
    • If the ZIP file contains go.mod and the path ends with /vN, the file path format is: {moduleName}/vX/@v/vX.X.X.zip
    • If the ZIP file does not contain go.mod or the first line in go.mod does not end with /vN, the file path format is: {moduleName}/@v/vX.X.X+incompatible.zip

Zip File

Directory structure of the ZIP file. Valid directory structure formats are:

  • Versions earlier than v2.0: {moduleName}@{version}
  • Versions later than v2.0:
    • If the ZIP file contains go.mod and the path ends with /vN, the directory structure format is: {moduleName}/vX@{version}
    • If the ZIP file does not contain go.mod or the first line in go.mod does not end with /vN, the directory structure format is: {moduleName}@{version}+incompatible

Mod Path

Complete path of the MOD file. Valid path formats are:

  • Versions earlier than v2.0: {moduleName}/@v/{version}.mod
  • Versions later than v2.0:
    • If the ZIP file contains go.mod and the path ends with /vN, the file path format is: {moduleName}/vX/@v/vX.X.X.mod
    • If the ZIP file does not contain go.mod or the first line in go.mod does not end with /vN, the file path format is: {moduleName}/@v/vX.X.X+incompatible.mod

Mod File

MOD file content. Valid content formats are:

  • Versions earlier than v2.0: module {moduleName}
  • Versions later than v2.0:
    • If the ZIP file contains go.mod and the path ends with /vN, the content format is: module {moduleName}/vX
    • If the ZIP file does not contain go.mod or the first line in go.mod does not end with /vN, the content format is: module {moduleName}

Uploading a PyPI Component

You are advised to go to the project directory (which must contain the setup.py configuration file) and run the following command to compress the components to be uploaded into a wheel (.whl) installation package. By default, the installation package is generated in the dist directory of the project directory. The Python software package management tool pip supports only wheel installation packages.

python setup.py sdist bdist_wheel

You need to set the following parameters.

Parameter

Description

PackageName

The value must be the same as the value of name in the setup.py file.

Version

The value must be the same as the value of version in the setup.py file.

After the upload is successful, you can view the installation package in .whl format in the repository component list. In addition, the corresponding metadata is generated in the .pypi directory, which can be used for pip installation.

Uploading an RPM Component

Introduction to RPM

  • Red Hat Package Manager (RPM) is proposed by Red Hat and used by many Linux distributions. It is a software management mechanism that installs required software to Linux in database recording mode.
  • You are advised to package and name the RPM binary file according to the following rules:

Software name-Main version number of the software.Minor version number of the software.Software revision number-Number of software compilation times.Hardware platform suitable for the software.rpm

For example, hello-0.17.2-54.x86_64.rpm. hello is the software name, 0 is the major version number of the software, 17 is the minor version number, 2 is the revision number, 54 is the number of times that the software is compiled, and x86_64 is the hardware platform suitable for the software.

Software Name

Major Version

Minor Version

Revision No.

Compilation Times

Applicable Hardware Platform

hello

0

17

2

54

x86_64

Note: You need to set the following parameters when uploading components.

Parameter

Description

Component

Component name

Version

Version of the RPM binary package

  1. Access the self-hosted repo homepage. In the left pane, choose the repository to which the private component is to be uploaded.
  2. Click Upload.
  3. Set the component parameters, select the file, and click Upload.

After the upload is successful, you can view the RPM binary package in the repository component list and the corresponding metadata repodata directory is generated in the component name directory. You can use Yum to install the component.

Uploading a Debian Component

When uploading a Debian component, you need to set the following parameters:

Parameter

Description

Distribution

Release version of the software package

Component

Name of a software package component

Architecture

Software package architecture

Path

Path for storing the software package. By default, the software package is uploaded to the root path.

File

Local storage path of the software package

After the upload is successful, you can view the installation package in .deb format in the repository component list. In addition, the corresponding metadata is generated in the dists directory, which can be used for Debian installation.

Uploading a NuGet Component

The NuGet package is a single ZIP file with the .nupkg extension. As a shareable unit of code, developers can publish it to a dedicated server to share it with other members of the team.

CodeArts Artifact creates a self-hosted NuGet repo to host the NuGet package.

  • You are advised to package and name the NuGet file according to the following rules:

    Software name-Major version number of the software.nupkg

    Example: automapper.12.0.0.nupkg

  1. Access the self-hosted repo homepage. In the left pane, choose the NuGet repository to which the private component is to be uploaded.
  2. Click Upload, select the NuGet file to be uploaded from the local host, and click Upload.

  3. View components that are successfully uploaded in the repository list.

    metadata stores metadata and is named after the component name. metadata cannot be deleted. It will be deleted or added when the corresponding component is deleted or restored.

    package stores components.