ship.zone/szci
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 3 Wiki Activity

BREAKING CHANGE(szci): delegate Docker operations to @git.zone/tsdocker, remove internal Docker managers and deprecated modules, simplify CLI and env var handling

Browse Source
This commit is contained in:
Jürgen Kunz
2026-02-06 16:12:41 +00:00
parent 5d18e53e30
commit 9d295f2633
28 changed files with 346 additions and 1181 deletions
Download Patch File Download Diff File Expand all files Collapse all files

410
readme.md
View File

@@ -1,28 +1,44 @@
# @ship.zone/szci
**Serve Zone CI** - A powerful CI/CD tool for streamlining Node.js and Docker workflows within CI environments (GitLab CI, GitHub CI, Gitea CI). Now powered by Deno with standalone executables.
A lightweight CI/CD orchestrator built with Deno that unifies Node.js, Docker, NPM, SSH, and Git workflows into a single CLI. Compiles to standalone binaries — no runtime required.
## ✨ Features
## Issue Reporting and Security
- 🚀 **Standalone Executables** - No Node.js installation required
- 🐳 **Docker Integration** - Build, tag, and push Docker images
- 📦 **NPM Management** - Install, test, and publish npm packages
- 🔧 **Node.js Version Management** - Install and switch between Node versions
- 🔐 **SSH Key Management** - Deploy SSH keys from environment variables
- ☁️ **Multi-Registry Support** - Push to multiple Docker registries
- 🎯 **Cross-Platform** - Binaries for Linux, macOS, and Windows
For reporting bugs, issues, or security vulnerabilities, please visit [community.foss.global/](https://community.foss.global/). This is the central community hub for all issue reporting. Developers who sign and comply with our contribution agreement and go through identification can also get a [code.foss.global/](https://code.foss.global/) account to submit Pull Requests directly.
## 🏗️ Architecture
szci is a **thin orchestrator** — it doesn't reinvent the wheel. Instead, it wires up best-in-class tools and handles the CI-specific glue:
| Domain | What szci does | Delegates to |
|--------|---------------|-------------|
| 🐳 Docker | Bridges `SZCI_LOGIN_DOCKER*` env vars, auto-detects GitLab CI tokens | [`@git.zone/tsdocker`](https://code.foss.global/git.zone/tsdocker) |
| 📦 NPM | Generates `.npmrc` from `SZCI_TOKEN_NPM*` env vars, handles multi-registry publish | `pnpm` + `npm publish` |
| 🟢 Node.js | Manages Node versions via NVM with named aliases | `nvm` |
| 🔑 SSH | Deploys SSH keys from env vars to `~/.ssh` | `@push.rocks/smartssh` |
| 🔀 Git | Mirrors repos to GitHub | `git remote` |
```
CLI Input (Deno.args)
SmartCLI Router
├─ szci docker * → env var bridging → npx @git.zone/tsdocker
├─ szci npm * → .npmrc generation → pnpm / npm publish
├─ szci node * → version aliasing → nvm install
├─ szci git * → token injection → git push --mirror
└─ szci ssh * → key parsing → write to ~/.ssh
```
## 📥 Installation
### NPM (Recommended)
### Via NPM (downloads pre-compiled binary)
```sh
npm install -g @ship.zone/szci
```
The package will automatically download the appropriate pre-compiled binary for your platform.
### From Source (Deno Required)
### From Source
```sh
git clone https://code.foss.global/ship.zone/szci.git
@@ -30,86 +46,186 @@ cd szci
deno task compile
```
The compiled binaries land in `dist/binaries/` for Linux (x64/arm64), macOS (x64/arm64), and Windows (x64).
## 🚀 Quick Start
```sh
# Install Node.js
# Setup Node.js environment
szci node install stable
# Install dependencies
# Install project dependencies
szci npm install
# Build Docker images
# Build & push Docker images
szci docker build
szci docker push registry.example.com
# Run tests
szci npm test
# Push Docker images
szci docker push registry.example.com
```
## 📖 Usage
## 📖 CLI Reference
### Node.js Management
### `szci docker` — Docker Operations
All Docker commands delegate to `@git.zone/tsdocker` after bridging environment variables.
```sh
# Install specific Node.js version
szci node install lts
szci node install stable
szci node install 18
# Install from .nvmrc
szci node install legacy
szci docker build # Build all Dockerfiles in cwd
szci docker login # Login to all configured registries
szci docker prepare # Alias for login
szci docker push registry.example.com # Push images to a registry
szci docker pull registry.example.com # Pull images from a registry
szci docker test # Test Dockerfiles
```
### NPM Commands
**Env var bridging:** Before delegating, szci converts its own env var format to tsdocker's expected format:
```
SZCI_LOGIN_DOCKER_1 → DOCKER_REGISTRY_1
SZCI_LOGIN_DOCKER_2 → DOCKER_REGISTRY_2
...
```
In GitLab CI, `CI_JOB_TOKEN` is automatically bridged as `DOCKER_REGISTRY_0` for `registry.gitlab.com`.
### `szci npm` — NPM/pnpm Workflows
```sh
# Install dependencies
szci npm install
# Run tests
szci npm test
# Publish package
szci npm publish
szci npm install # Runs pnpm install
szci npm build # Runs pnpm run build
szci npm test # Runs pnpm test
szci npm prepare # Generates ~/.npmrc from SZCI_TOKEN_NPM* env vars
szci npm publish # Full workflow: prepare → install → build → clean → npm publish
```
### Docker Workflows
The `publish` command supports multi-registry publishing. If `npmAccessLevel` is `public` and a Verdaccio registry is configured, it publishes to both npm and Verdaccio automatically.
### `szci node` — Node.js Version Management
```sh
# Prepare Docker environment
szci docker prepare
# Build all Dockerfiles
szci docker build
# Push to registry
szci docker push registry.example.com
# Pull from registry
szci docker pull registry.example.com
# Test Dockerfiles
szci docker test
szci node install stable # Node.js 22
szci node install lts # Node.js 20
szci node install legacy # Node.js 18
szci node install 21 # Any specific version
```
### SSH Key Management
Uses NVM under the hood (auto-detected at `/usr/local/nvm/nvm.sh` or `~/.nvm/nvm.sh`). After installing, it:
1. Sets the installed version as `nvm alias default`
2. Upgrades npm to latest
3. Installs any global tools listed in `npmextra.json``npmGlobalTools`
### `szci ssh` — SSH Key Deployment
```sh
# Deploy SSH keys from environment
szci ssh prepare
szci ssh prepare # Deploy SSH keys from env vars to ~/.ssh
```
Set environment variables like `NPMCI_SSHKEY_1`, `NPMCI_SSHKEY_2`, etc.
Reads all `SZCI_SSHKEY_*` env vars and writes the keys to disk.
## 🔧 CI/CD Integration
### `szci git` — Git Mirroring
```sh
szci git mirror # Mirror repository to GitHub
```
Pushes all branches and tags to a GitHub mirror. Requires `SZCI_GIT_GITHUBTOKEN`. Refuses to mirror packages marked as `private` in `package.json`.
## ⚙️ Configuration
### `npmextra.json`
Place this in your project root to configure szci behavior:
```json
{
"@ship.zone/szci": {
"npmGlobalTools": ["typescript", "pnpm"],
"npmAccessLevel": "public",
"npmRegistryUrl": "registry.npmjs.org",
"urlCloudly": "https://cloudly.example.com"
}
}
```
| Option | Type | Default | Description |
|--------|------|---------|-------------|
| `npmGlobalTools` | `string[]` | `[]` | Global npm packages to install during `node install` |
| `npmAccessLevel` | `"public" \| "private"` | `"private"` | Access level for `npm publish` |
| `npmRegistryUrl` | `string` | `"registry.npmjs.org"` | Default npm registry |
| `urlCloudly` | `string?` | — | Cloudly endpoint URL (can also be set via `SZCI_URL_CLOUDLY`) |
## 🔐 Environment Variables
### Docker Registry Authentication
Pipe-delimited format: `registry|username|password`
```sh
SZCI_LOGIN_DOCKER_1="registry.example.com|myuser|mypass"
SZCI_LOGIN_DOCKER_2="ghcr.io|token|ghp_xxxx"
```
In **GitLab CI**, the `CI_JOB_TOKEN` is automatically used for `registry.gitlab.com` — no manual config needed.
### NPM Registry Authentication
Pipe-delimited format: `registry|token[|plain]`
```sh
# Base64-encoded token (default)
SZCI_TOKEN_NPM_1="registry.npmjs.org|dGhlLXRva2VuLWhlcmU="
# Plain text token
SZCI_TOKEN_NPM_2="verdaccio.example.com|the-token-here|plain"
```
### SSH Keys
Pipe-delimited format: `host|privKeyBase64|pubKeyBase64`
```sh
SZCI_SSHKEY_1="github.com|BASE64_PRIVATE_KEY|BASE64_PUBLIC_KEY"
SZCI_SSHKEY_2="gitlab.com|BASE64_PRIVATE_KEY|##" # Use ## to skip a field
```
### Git Mirroring
```sh
SZCI_GIT_GITHUBTOKEN="ghp_your_personal_access_token"
SZCI_GIT_GITHUBGROUP="your-org" # Defaults to repo owner
SZCI_GIT_GITHUB="your-repo" # Defaults to repo name
```
### Debugging & Testing
```sh
DEBUG_SZCI="true" # Log all shell commands before execution
SZCI_TEST="true" # Test mode: mocks bash execution, skips SSH disk writes
```
### Full Environment Variable Reference
| Variable | Purpose |
|----------|---------|
| `SZCI_LOGIN_DOCKER_*` | Docker registry credentials (pipe-delimited) |
| `SZCI_TOKEN_NPM_*` | NPM registry auth tokens (pipe-delimited) |
| `SZCI_SSHKEY_*` | SSH key pairs (pipe-delimited) |
| `SZCI_GIT_GITHUBTOKEN` | GitHub personal access token for mirroring |
| `SZCI_GIT_GITHUBGROUP` | GitHub org/user for mirror target |
| `SZCI_GIT_GITHUB` | GitHub repo name for mirror target |
| `SZCI_URL_CLOUDLY` | Cloudly endpoint URL |
| `SZCI_COMPUTED_REPOURL` | Override auto-detected repo URL |
| `DEBUG_SZCI` | Enable verbose shell command logging |
| `SZCI_TEST` | Enable test mode (mock execution) |
## 🔄 CI/CD Integration Examples
### GitLab CI
```yaml
image: denoland/deno:alpine
image: node:22
stages:
- prepare
@@ -117,13 +233,8 @@ stages:
- test
- deploy
variables:
SZCI_VERSION: "latest"
before_script:
- deno install --allow-all --global --name szci https://code.foss.global/ship.zone/szci/raw/branch/master/mod.ts
# OR use the npm package:
# - npm install -g @ship.zone/szci
- npm install -g @ship.zone/szci
prepare:
stage: prepare
@@ -149,10 +260,12 @@ deploy:
- master
```
> 💡 In GitLab CI, `CI_JOB_TOKEN` is automatically detected — szci will login to `registry.gitlab.com` without any extra config.
### GitHub Actions
```yaml
name: CI Pipeline
name: CI/CD
on:
push:
@@ -161,147 +274,104 @@ on:
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- name: Install SZCI
- name: Install szci
run: npm install -g @ship.zone/szci
- name: Setup Node.js
run: szci node install stable
- name: Install Dependencies
run: szci npm install
- name: Install & Build
run: |
szci npm install
szci npm build
- name: Build Docker Images
run: szci docker build
- name: Run Tests
- name: Test
run: szci npm test
- name: Push Images
- name: Push Docker
if: github.ref == 'refs/heads/main'
run: szci docker push ghcr.io
env:
SZCI_LOGIN_DOCKER_1: "ghcr.io|${{ github.actor }}|${{ secrets.GITHUB_TOKEN }}"
```
## ⚙️ Configuration
### Gitea CI (Woodpecker)
Create an `npmextra.json` file in your project root:
```json
{
"npmci": {
"npmGlobalTools": [],
"npmAccessLevel": "public",
"npmRegistryUrl": "registry.npmjs.org",
"dockerRegistries": [
"registry.gitlab.com"
],
"dockerRegistryRepoMap": {
"registry.gitlab.com": "mygroup/myrepo"
},
"dockerBuildargEnvMap": {
"ARG_NAME": "ENV_VAR_NAME"
}
}
}
```yaml
steps:
- name: ci
image: node:22
commands:
- npm install -g @ship.zone/szci
- szci node install stable
- szci npm install
- szci docker build
- szci npm test
```
## 🐳 Docker Registry Authentication
## 🔄 Migration from npmci
SZCI supports automatic authentication with:
Upgrading from `@ship.zone/npmci`? Three steps:
- GitLab CI Registry (via `CI_JOB_TOKEN`)
- Custom registries via environment variables
1. **Rename the binary** — replace `npmci` with `szci` in all CI scripts
2. **Rename env vars**`NPMCI_*``SZCI_*` (same formats, just the prefix changed)
3. **Docker ops** — now delegate to `@git.zone/tsdocker` (installed automatically via `npx`)
Set `NPMCI_LOGIN_DOCKER*` environment variables:
| Old | New |
|-----|-----|
| `NPMCI_LOGIN_DOCKER*` | `SZCI_LOGIN_DOCKER*` |
| `NPMCI_TOKEN_NPM*` | `SZCI_TOKEN_NPM*` |
| `NPMCI_SSHKEY_*` | `SZCI_SSHKEY_*` |
| `NPMCI_GIT_GITHUBTOKEN` | `SZCI_GIT_GITHUBTOKEN` |
| `NPMCI_URL_CLOUDLY` | `SZCI_URL_CLOUDLY` |
| `DEBUG_NPMCI` | `DEBUG_SZCI` |
| `NPMTS_TEST` | `SZCI_TEST` |
## 🛠️ Development
```sh
NPMCI_LOGIN_DOCKER_1="registry.example.com|username|password"
NPMCI_LOGIN_DOCKER_2="another-registry.com|user2|pass2"
```
## 🏗️ Development
### Prerequisites
- Deno 1.40+ installed
### Building from Source
```sh
# Clone the repository
git clone https://code.foss.global/ship.zone/szci.git
cd szci
# Compile for all platforms
deno task compile
# Compile for current platform only
deno compile --allow-all --output szci mod.ts
# Type check
deno task check
# Run tests
deno task test
# Development mode
deno task dev --help
```
### Testing
SZCI uses Deno's native test framework:
```sh
# Run all tests
deno task test
# Run tests in watch mode
# Watch tests
deno task test:watch
# Run specific test file
deno test --allow-all test/test.cloudly.ts
# Dev mode
deno task dev -- --help
# Compile binaries for all platforms
deno task compile
# Format code
deno task fmt
# Lint
deno task lint
```
## 📦 Binary Sizes
## License and Legal Information
The standalone executables are approximately:
- Linux x64: ~800MB
- Linux ARM64: ~800MB
- macOS x64: ~796MB
- macOS ARM64: ~796MB
- Windows x64: ~804MB
This repository contains open-source code licensed under the MIT License. A copy of the license can be found in the [LICENSE](./LICENSE) file.
Sizes include all dependencies and the Deno runtime.
**Please note:** The MIT License does not grant permission to use the trade names, trademarks, service marks, or product names of the project, except as required for reasonable and customary use in describing the origin of the work and reproducing the content of the NOTICE file.
## 🔄 Migration from npmci
### Trademarks
If you're upgrading from the old `@ship.zone/npmci` package:
This project is owned and maintained by Task Venture Capital GmbH. The names and logos associated with Task Venture Capital GmbH and any related products or services are trademarks of Task Venture Capital GmbH or third parties, and are not included within the scope of the MIT license granted herein.
1. Update package references:
```sh
npm uninstall -g @ship.zone/npmci
npm install -g @ship.zone/szci
```
Use of these trademarks must comply with Task Venture Capital GmbH's Trademark Guidelines or the guidelines of the respective third-party owners, and any usage must be approved in writing. Third-party trademarks used herein are the property of their respective owners and used only in a descriptive manner, e.g. for an implementation of an API or similar.
2. Update CI configuration files - replace `npmci` with `szci`
### Company Information
3. The command interface remains the same, only the binary name changed
Task Venture Capital GmbH
Registered at District Court Bremen HRB 35230 HB, Germany
## 📝 License
For any legal inquiries or further information, please contact us via email at hello@task.vc.
MIT © Lossless GmbH
## 🔗 Links
- [Repository](https://code.foss.global/ship.zone/szci)
- [Issues](https://code.foss.global/ship.zone/szci/issues)
- [Changelog](./changelog.md)
## 🤝 Contributing
Contributions are welcome! Please feel free to submit a Pull Request.
---
**Built with Deno 🦕**
By using this repository, you acknowledge that you have read this section, agree to comply with its terms, and understand that the licensing of the code does not imply endorsement by Task Venture Capital GmbH of any derivative works.