-
Notifications
You must be signed in to change notification settings - Fork 577
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Update Buildpacks task to use Creator binary, in place of calling ind…
…ividual phases With the release of Platform API 0.3 (implemented in github.com/buildpacks/lifecycle v0.7.0), there is a creator binary that simplifies the CNB experience; calling it runs all of the individual lifecycle phases, and minimizes the number of separate containers needed for the process. As such, we moved the buildpacks task to use it. At the same time, it is also helpful, in some scenarios, to run the individual phases; it allows for greater control of secrets, amongst other things. As such, we moved the original task to buildpacks-separate-phases to allow users the choice. This commit also updates the READMEs, making them a bit clearer about what CNBs are and what the tasks do, as well as adding in the Paketo builders to the example builders. Signed-off-by: David Freilich <[email protected]>
- Loading branch information
Showing
9 changed files
with
454 additions
and
79 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| approvers: | ||
| - jkutner | ||
| - hone | ||
| - nebhale | ||
| - sclevine | ||
| - ekcasey | ||
| - jromero | ||
| - ameyer-pivotal | ||
| - simonjjones | ||
|
|
||
| reviewers: | ||
| - vdemeester | ||
| - ImJasonH | ||
| - jkutner | ||
| - hone | ||
| - sclevine | ||
| - ekcasey | ||
| - jromero | ||
| - ameyer-pivotal | ||
| - simonjjones |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,122 @@ | ||
| # Cloud Native Buildpacks | ||
|
|
||
| This build template builds source into a container image using [Cloud Native | ||
| Buildpacks](https://buildpacks.io). To do that, it uses [builders](https://buildpacks.io/docs/concepts/components/builder/#what-is-a-builder) to run buildpacks against your application. | ||
|
|
||
| Cloud Native Buildpacks are pluggable, modular tools that transform application source code into OCI images. They replace Dockerfiles in the app development lifecycle, and enable for swift rebasing of images and modular control over images (through the use of builders), among other benefits. This command uses a builder to construct the image, and pushes it to the registry provided. | ||
|
|
||
| See also [`buildpacks`](../buildpacks) for the combined version of this task, which uses the [creator binary](https://github.com/buildpacks/spec/blob/platform/0.3/platform.md#operations), to run all of the [lifecycle phases](https://buildpacks.io/docs/concepts/components/lifecycle/#phases). This task, in contrast, runs all of the phases separately. | ||
|
|
||
| ## Install the Task | ||
|
|
||
| ``` | ||
| kubectl apply -f https://raw.githubusercontent.com/tektoncd/catalog/master/task/buildpacks-separate-phases/0.1/buildpacks-separate-phases.yaml | ||
| ``` | ||
|
|
||
| > **NOTE:** This task is currently only compatible with Tekton **v0.11.0** and above, and CNB Platform API 0.3 (lifecycle v0.7.0 and above). For previous Platform API versions, [see below](#previous-platform-api-versions). | ||
| ## Parameters | ||
|
|
||
| * **`BUILDER_IMAGE`**: The image on which builds will run. (must include lifecycle and compatible buildpacks; _required_) | ||
|
|
||
| * **`CACHE`**: The name of the persistent app cache volume. (_default:_ an empty directory -- effectively no cache) | ||
|
|
||
| * **`PLATFORM_DIR`**: A directory containing platform provided configuration, such as environment variables. | ||
| Files of the format `/platform/env/MY_VAR` with content `my-value` will be translated by the lifecycle into environment variables provided to buildpacks. For more information, see the [buildpacks spec](https://github.com/buildpacks/spec/blob/master/buildpack.md#provided-by-the-platform). (_default:_ an empty directory) | ||
|
|
||
| * **`USER_ID`**: The user ID of the builder image user, as a string value. (_default:_ `"1000"`) | ||
|
|
||
| * **`GROUP_ID`**: The group ID of the builder image user, as a string value. (_default:_ `"1000"`) | ||
|
|
||
| * **`PROCESS_TYPE`**: The default process type to set on the image. (_default:_ `"web"`) | ||
|
|
||
| * **`SOURCE_SUBPATH`**: A subpath within the `source` input where the source to build is located. (_default:_ `""`) | ||
|
|
||
| ### Outputs | ||
|
|
||
| * **`image`**: An `image`-type `PipelineResource` specifying the image that should | ||
| be built. | ||
|
|
||
| ## Workspaces | ||
|
|
||
| The `source` workspace holds the source to build. See `SOURCE_SUBPATH` above if source is located within a subpath of this input. | ||
|
|
||
| ## Usage | ||
|
|
||
| This `TaskRun` will use the `buildpacks` task to build the source code, then publish a container image. | ||
|
|
||
| ``` | ||
| apiVersion: tekton.dev/v1beta1 | ||
| kind: TaskRun | ||
| metadata: | ||
| name: example-run | ||
| spec: | ||
| taskRef: | ||
| name: buildpacks | ||
| podTemplate: | ||
| volumes: | ||
| # Uncomment the lines below to use an existing cache | ||
| # - name: my-cache | ||
| # persistentVolumeClaim: | ||
| # claimName: my-cache-pvc | ||
| # Uncomment the lines below to provide a platform directory | ||
| # - name: my-platform-dir | ||
| # persistentVolumeClaim: | ||
| # claimName: my-platform-dir-pvc | ||
| params: | ||
| - name: SOURCE_SUBPATH | ||
| value: <optional subpath within your source repo, e.g. "apps/java-maven"> | ||
| - name: BUILDER_IMAGE | ||
| value: <your builder image tag, see below for suggestions, e.g. "builder-repo/builder-image:builder-tag"> | ||
| # Uncomment the lines below to use an existing cache | ||
| # - name: CACHE | ||
| # value: my-cache | ||
| # Uncomment the lines below to provide a platform directory | ||
| # - name: PLATFORM_DIR | ||
| # value: my-platform-dir | ||
| resources: | ||
| outputs: | ||
| - name: image | ||
| resourceSpec: | ||
| type: image | ||
| params: | ||
| - name: url | ||
| value: <your output image tag, e.g. "gcr.io/app-repo/app-image:app-tag"> | ||
| workspaces: | ||
| - name: source | ||
| persistentVolumeClaim: | ||
| claimName: my-source-pvc | ||
| ``` | ||
|
|
||
| ### Example builders | ||
| Paketo: | ||
| - `gcr.io/paketo-buildpacks/builder:base` → Ubuntu bionic base image with buildpacks for Java, NodeJS and Golang | ||
| - `gcr.io/paketo-buildpacks/builder:tiny` → Tiny base image (bionic build image, distroless run image) with buildpacks for Golang | ||
| - `gcr.io/paketo-buildpacks/builder:full-cf` → cflinuxfs3 base image with buildpacks for Java, .NET, NodeJS, Golang, PHP, HTTPD and NGINX | ||
| > NOTE: The `gcr.io/paketo-buildpacks/builder:full-cf` requires setting the USER_ID and GROUP_ID parameters to 2000, in order to work. | ||
| Heroku: | ||
| - `heroku/buildpacks:18` → heroku-18 base image with buildpacks for Ruby, Java, Node.js, Python, Golang, & PHP | ||
|
|
||
| Google: | ||
| - `gcr.io/buildpacks/builder:v1` → Ubuntu 18 base image with buildpacks for .NET, Go, Java, Node.js, and Python | ||
|
|
||
| ## Previous Platform API Versions | ||
|
|
||
| Use one of the following commands to install a previous version of this task. Be sure to also supply a compatible builder image (`BUILDER_IMAGE` input) when running the task (i.e. one that has a lifecycle implementing the expected platform API). | ||
|
|
||
| ### CNB Platform API 0.2 | ||
|
|
||
| Commit: [8c34055](https://github.com/tektoncd/catalog/tree/8c34055ea728413fb72af061e7bcbf1859a9fbd6/buildpacks#inputs) | ||
|
|
||
| ``` | ||
| kubectl -f https://raw.githubusercontent.com/tektoncd/catalog/8c34055ea728413fb72af061e7bcbf1859a9fbd6/buildpacks/buildpacks-v3.yaml | ||
| ``` | ||
|
|
||
| ### CNB Platform API 0.1 | ||
|
|
||
| Commit: [5c2ab7d6](https://github.com/tektoncd/catalog/tree/5c2ab7d6c3b2507d43b49577d7f1bee9c49ed8ab/buildpacks#inputs) | ||
|
|
||
| ``` | ||
| kubectl -f https://raw.githubusercontent.com/tektoncd/catalog/5c2ab7d6c3b2507d43b49577d7f1bee9c49ed8ab/buildpacks/buildpacks-v3.yaml | ||
| ``` |
158 changes: 158 additions & 0 deletions
158
task/buildpacks-separate-phases/0.1/buildpacks-separate-phases.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,158 @@ | ||
| --- | ||
| apiVersion: tekton.dev/v1beta1 | ||
| kind: Task | ||
| metadata: | ||
| name: buildpacks-separate-phases | ||
| labels: | ||
| app.kubernetes.io/version: "0.1" | ||
| annotations: | ||
| tekton.dev/pipelines.minVersion: "0.12.1" | ||
| tekton.dev/tags: image-build | ||
| tekton.dev/displayName: "buildpacks-separate-phases" | ||
| spec: | ||
| description: >- | ||
| The Buildpacks-Separate-Phases task builds source into a container image and pushes it to | ||
| a registry, using Cloud Native Buildpacks. This command separately calls the aspects of the | ||
| Cloud Native Buildpacks lifecycle, to provide more granular control over the construction of | ||
| the image. | ||
| Cloud Native Buildpacks are pluggable, modular tools that transform application source code | ||
| into OCI images. They replace Dockerfiles in the app development lifecycle, and allow for swift | ||
| rebasing of images, and give modular control over images through the use of builders, among other | ||
| benefits. This command uses a builder to construct the image, and pushes it to the registry provided. | ||
| params: | ||
| - name: BUILDER_IMAGE | ||
| description: The image on which builds will run (must include lifecycle and compatible buildpacks). | ||
| - name: CACHE | ||
| description: The name of the persistent app cache volume. | ||
| default: empty-dir | ||
| - name: PLATFORM_DIR | ||
| description: The name of the platform directory. | ||
| default: empty-dir | ||
| - name: USER_ID | ||
| description: The user ID of the builder image user. | ||
| default: "1000" | ||
| - name: GROUP_ID | ||
| description: The group ID of the builder image user. | ||
| default: "1000" | ||
| - name: PROCESS_TYPE | ||
| description: The default process type to set on the image. | ||
| default: "web" | ||
| - name: SOURCE_SUBPATH | ||
| description: A subpath within the `source` input where the source to build is located. | ||
| default: "" | ||
|
|
||
| resources: | ||
| outputs: | ||
| - name: image | ||
| type: image | ||
|
|
||
| workspaces: | ||
| - name: source | ||
|
|
||
| stepTemplate: | ||
| env: | ||
| - name: CNB_PLATFORM_API | ||
| value: "0.3" | ||
|
|
||
| steps: | ||
| - name: prepare | ||
| image: alpine | ||
| imagePullPolicy: Always | ||
| command: ["/bin/sh"] | ||
| args: | ||
| - "-c" | ||
| - > | ||
| chown -R "$(params.USER_ID):$(params.GROUP_ID)" "/tekton/home" && | ||
| chown -R "$(params.USER_ID):$(params.GROUP_ID)" "/layers" && | ||
| chown -R "$(params.USER_ID):$(params.GROUP_ID)" "/cache" && | ||
| chown -R "$(params.USER_ID):$(params.GROUP_ID)" "$(workspaces.source.path)" | ||
| volumeMounts: | ||
| - name: layers-dir | ||
| mountPath: /layers | ||
| - name: $(params.CACHE) | ||
| mountPath: /cache | ||
| securityContext: | ||
| privileged: true | ||
|
|
||
| - name: detect | ||
| image: $(params.BUILDER_IMAGE) | ||
| imagePullPolicy: Always | ||
| command: ["/cnb/lifecycle/detector"] | ||
| args: | ||
| - "-app=$(workspaces.source.path)/$(params.SOURCE_SUBPATH)" | ||
| - "-group=/layers/group.toml" | ||
| - "-plan=/layers/plan.toml" | ||
| volumeMounts: | ||
| - name: layers-dir | ||
| mountPath: /layers | ||
| - name: $(params.PLATFORM_DIR) | ||
| mountPath: /platform | ||
|
|
||
| - name: analyze | ||
| image: $(params.BUILDER_IMAGE) | ||
| imagePullPolicy: Always | ||
| command: ["/cnb/lifecycle/analyzer"] | ||
| args: | ||
| - "-layers=/layers" | ||
| - "-group=/layers/group.toml" | ||
| - "-cache-dir=/cache" | ||
| - "$(resources.outputs.image.url)" | ||
| volumeMounts: | ||
| - name: $(params.CACHE) | ||
| mountPath: /cache | ||
| - name: layers-dir | ||
| mountPath: /layers | ||
|
|
||
| - name: restore | ||
| image: $(params.BUILDER_IMAGE) | ||
| imagePullPolicy: Always | ||
| command: ["/cnb/lifecycle/restorer"] | ||
| args: | ||
| - "-group=/layers/group.toml" | ||
| - "-layers=/layers" | ||
| - "-cache-dir=/cache" | ||
| volumeMounts: | ||
| - name: $(params.CACHE) | ||
| mountPath: /cache | ||
| - name: layers-dir | ||
| mountPath: /layers | ||
|
|
||
| - name: build | ||
| image: $(params.BUILDER_IMAGE) | ||
| imagePullPolicy: Always | ||
| command: ["/cnb/lifecycle/builder"] | ||
| args: | ||
| - "-app=$(workspaces.source.path)/$(params.SOURCE_SUBPATH)" | ||
| - "-layers=/layers" | ||
| - "-group=/layers/group.toml" | ||
| - "-plan=/layers/plan.toml" | ||
| volumeMounts: | ||
| - name: layers-dir | ||
| mountPath: /layers | ||
| - name: $(params.PLATFORM_DIR) | ||
| mountPath: /platform | ||
|
|
||
| - name: export | ||
| image: $(params.BUILDER_IMAGE) | ||
| imagePullPolicy: Always | ||
| command: ["/cnb/lifecycle/exporter"] | ||
| args: | ||
| - "-app=$(workspaces.source.path)/$(params.SOURCE_SUBPATH)" | ||
| - "-layers=/layers" | ||
| - "-group=/layers/group.toml" | ||
| - "-cache-dir=/cache" | ||
| - "-process-type=$(params.PROCESS_TYPE)" | ||
| - "$(resources.outputs.image.url)" | ||
| volumeMounts: | ||
| - name: layers-dir | ||
| mountPath: /layers | ||
| - name: $(params.CACHE) | ||
| mountPath: /cache | ||
|
|
||
| volumes: | ||
| - name: empty-dir | ||
| emptyDir: {} | ||
| - name: layers-dir | ||
| emptyDir: {} |
8 changes: 8 additions & 0 deletions
8
task/buildpacks-separate-phases/0.1/tests/pre-apply-task-hook.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,8 @@ | ||
| #!/usr/bin/env bash | ||
|
|
||
| # Add an internal registry as sidecar to the task so we can upload it directly | ||
| # from our tests without having to go to an external registry. | ||
| add_sidecar_registry ${TMPF} | ||
|
|
||
| # Add git-clone | ||
| kubectl -n ${tns} apply -f ./task/git-clone/0.1/git-clone.yaml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,31 @@ | ||
| apiVersion: tekton.dev/v1alpha1 | ||
| kind: PipelineResource | ||
| metadata: | ||
| name: buildpacks-app-image | ||
| spec: | ||
| type: image | ||
| params: | ||
| - name: url | ||
| value: localhost:5000/buildpacks-app | ||
| --- | ||
| apiVersion: v1 | ||
| kind: PersistentVolumeClaim | ||
| metadata: | ||
| name: buildpacks-source-pvc | ||
| spec: | ||
| accessModes: | ||
| - ReadWriteOnce | ||
| resources: | ||
| requests: | ||
| storage: 500Mi | ||
| --- | ||
| apiVersion: v1 | ||
| kind: PersistentVolumeClaim | ||
| metadata: | ||
| name: buildpacks-cache-pvc | ||
| spec: | ||
| accessModes: | ||
| - ReadWriteOnce | ||
| resources: | ||
| requests: | ||
| storage: 500Mi |
Oops, something went wrong.