You're Invited: Meet the Socket team at BSidesSF and RSAC - April 27 - May 1.RSVP
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@codefresh-io/pipeline-autobot

Package Overview
Dependencies
Maintainers
21
Versions
49
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@codefresh-io/pipeline-autobot

Generate yaml depend on repo context

1.4.0
Source
npm
Version published
Weekly downloads
44
7.32%
Maintainers
21
Weekly downloads
 
Created
Source

Repository analyzer

About

Component for analyze github repository use github statistic API and generate codefresh steps according repo info.

Content
  • Usage
  • Component description

Usage

Examples how use repo analyzer

Run analyzer without cf integration

Run test.js with envs

PASSWORD=****2
REPO_OWNER=codefresh-io
REPO_NAME=pipeline-manager
GIT_CONTEXT=github

Run analyzer using CLI

https://codefresh-io.github.io/cli/analyzer/

Example of analyzer flow

    analyzer
        .step(clone)
        .step(build)
        .step(push)
        .step(packageJson)
        .header(stages)
        .enrich(stagesEnricher)
        .transform(codefreshYaml)
        .resolve()

Handler types that analyzer support

  • Transformers - ability to transform from some info to whole yaml file , use cases :

    • Check that repo contain codefresh.yaml (source github context -> output codefresh yaml path)
    • Convert from gitlab to codefresh yaml (source github context -> output codefresh yaml with steps) Important : after transformer execution if we have result we terminate whole chain (not make any sense to continue)

  • Headers - ability to add some yaml parts before steps key use cases:

    • Add codefresh yaml stages
    • Add yaml version

  • Steps - ability to add some step to generated pipeline, like git clone, build, notifications, etc

  • Enricher - ability to enrich each step some additional information, like stage for each step

Adding new handler

For add new handler you should create .js in related folder (like analyzer.steps)

Each step has as input analyzer.context (you can access from it githup api, credentials, everything that you need)

module.exports = (context) => {
   
       const { repo: { repoOwner, repoName, branch } , git } = context.getContext();
   
       return {
           step : {
               type: 'git-clone',
               description: 'Cloning main repository...',
               repo: `${repoOwner}/${repoName}`,
               revision: branch,
               git
           },
           key: 'clone',
           group: 'clone'
       };
   };

Where
key - it is step name
group - logical group, like test, linters, etc, will be helpful in future . (For now using it for stages)

FAQs

Package last updated on 10 Jul 2019

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Turtles, Clams, and Cyber Threat Actors: Shell Usage

Security Fundamentals

Turtles, Clams, and Cyber Threat Actors: Shell Usage

The Socket Threat Research Team uncovers how threat actors weaponize shell techniques across npm, PyPI, and Go ecosystems to maintain persistence and exfiltrate data.

By Olivia Brown, Kirill Boychenko  -  Apr 11, 2025
A New Design for GitHub PR Comments

Product

A New Design for GitHub PR Comments

We redesigned our GitHub PR comments to deliver clear, actionable security insights without adding noise to your workflow.

By André Staltz  -  Apr 10, 2025