CI/CD
Using snpm in continuous integration and deployment
Learn how to use snpm in your CI/CD pipelines.
Quick Start
# Install snpm
cargo install --path snpm-cli
# Install dependencies with frozen lockfile
snpm install --frozen-lockfile
# Run your build
snpm run buildGitHub Actions
name: CI
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup Rust
uses: actions-rs/toolchain@v1
with:
toolchain: stable
- name: Install snpm
run: cargo install --path snpm-cli
- name: Install dependencies
run: snpm install --frozen-lockfile
- name: Build
run: snpm run build
- name: Test
run: snpm run testGitLab CI
image: rust:latest
cache:
paths:
- ~/.local/share/snpm
stages:
- build
- test
before_script:
- cargo install --path snpm-cli
- snpm install --frozen-lockfile
build:
stage: build
script:
- snpm run build
test:
stage: test
script:
- snpm run testCircleCI
version: 2.1
jobs:
build:
docker:
- image: cimg/rust:1.70
steps:
- checkout
- run:
name: Install snpm
command: cargo install --path snpm-cli
- run:
name: Install dependencies
command: snpm install --frozen-lockfile
- run:
name: Build
command: snpm run build
- run:
name: Test
command: snpm run test
workflows:
build-and-test:
jobs:
- buildBest Practices
Use Frozen Lockfile
Always use --frozen-lockfile in CI to ensure the lockfile is up to date:
snpm install --frozen-lockfileThis fails if the lockfile needs updates, catching cases where developers forgot to commit lockfile changes.
Cache the Global Store
Cache the snpm data directory to speed up subsequent builds:
GitHub Actions:
- name: Cache snpm store
uses: actions/cache@v3
with:
path: ~/.local/share/snpm
key: ${{ runner.os }}-snpm-${{ hashFiles('**/snpm-lock.yaml') }}GitLab CI:
cache:
paths:
- ~/.local/share/snpmSet Minimum Version Age
For production deployments, use minimum version age:
- name: Install dependencies
env:
SNPM_MIN_PACKAGE_AGE_DAYS: 7
run: snpm install --frozen-lockfileProduction Installs
Skip dev dependencies in production:
snpm install --production --frozen-lockfileWorkspaces
For monorepos, install from the workspace root:
# Install all workspace packages
snpm install --frozen-lockfile
# Build all packages
snpm run build --recursive
# Test all packages
snpm run test --recursiveDocker
FROM rust:1.70 as builder
WORKDIR /app
# Install snpm
RUN cargo install --path snpm-cli
# Copy package files
COPY package.json snpm-lock.yaml ./
# Install dependencies
RUN snpm install --production --frozen-lockfile
# Copy source
COPY . .
# Build
RUN snpm run build
# Production image
FROM node:20-slim
WORKDIR /app
COPY --from=builder /app/dist ./dist
CMD ["node", "dist/index.js"]Environment Variables
Configure snpm for CI:
# Use custom registry
export SNPM_REGISTRY=https://npm.mycompany.com
# Set auth token
export NPM_TOKEN=${{ secrets.NPM_TOKEN }}
# Increase concurrent registry requests
export SNPM_REGISTRY_CONCURRENCY=128
# Set minimum version age
export SNPM_MIN_PACKAGE_AGE_DAYS=7Troubleshooting
Lockfile Out of Sync
If --frozen-lockfile fails, the lockfile needs updating:
# Locally, update the lockfile
snpm install
# Commit the changes
git add snpm-lock.yaml
git commit -m "Update lockfile"Slow Installs
Enable caching of the global store to speed up subsequent builds.
Authentication Issues
For private registries, set the NPM_TOKEN environment variable:
env:
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}