Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

New build task : paketo builder #1660

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
+529 −0
Open

New build task : paketo builder #1660

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
04a09b1
Created the paketo builder task
cmoulliard Nov 28, 2024
05e7400
Task to build a builder image using the paketo pack tool
cmoulliard Nov 28, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions CODEOWNERS
View file
Open in desktop
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
Expand Up @@ -112,6 +112,9 @@
/task/oci-copy @ralphbean
/task/oci-copy-oci-ta @ralphbean

# renovate groupName=buildpack
/task/build-paketo-builder-oci-ta @cmoulliard
chmeliik marked this conversation as resolved.
Show resolved Hide resolved

# These are auto-generated and often require changes when tasks change.
# Allow anyone with write access to approve the changes.
/pipelines/*/README.md
6 changes: 6 additions & 0 deletions renovate.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -176,6 +176,12 @@
"task/rpms-signature-scan/**",
"task/verify-signed-rpms/**"
]
},
{
"groupName": "buildpack",
"matchFileNames": [
"task/build-paketo-builder-oci-ta/**"
]
}
],
"postUpdateOptions": [
Expand Down
30 changes: 30 additions & 0 deletions task/build-paketo-builder-oci-ta/0.1/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
# build-paketo-builder-oci-ta task

The `build-paketo-builder-oci-ta` task builds a builder image (e.g. https://github.com/paketo-community/builder-ubi-base) for paketo using as input the [builder.toml](https://buildpacks.io/docs/reference/config/builder-config/) file. The image is build using the pack tool packaged part of the [paketo-container](https://github.com/konflux-ci/paketo-container/) image.
The task also produces the SBOM which is signed and added to the image.

## Parameters
| name | description | default value | required |
|----------------------|-------------------------------------------------------------------------------------|----------------------------------------------------------------------------|----------|
| BUILD_ARGS | Array of --build-arg values ("arg=value" strings) | [] | false |
| BUILDER_NAME | Name of the paketo builder image containing the tools as: pack, jam, create-package | | true |
| CACHI2_ARTIFACT | The Trusted Artifact URI pointing to the artifact with the prefetched dependencies. | "" | false |
| CONTEXT | Path to the directory to use as context. | . | false |
| HERMETIC | Determines if build will be executed without network access. | false | false |
| IMAGE | Reference of the image buildah will produce. | | true |
| PLATFORM | The platform to build on | | true |
| SOURCE_ARTIFACT | The Trusted Artifact URI pointing to the artifact with the application source code. | | true |
| SOURCE_CODE_DIR | The subpath of the application source code. | "." | true |
| STORAGE_DRIVER | Storage driver to configure for buildah | vfs | false |
| TLSVERIFY | Verify the TLS on the registry endpoint (for push/pull to a non-TLS registry) | true | false |
| caTrustConfigMapKey | The name of the key in the ConfigMap that contains the CA bundle data. | ca-bundle.crt | false |
| caTrustConfigMapName | The name of the ConfigMap to read CA bundle data from. | trusted-ca | false |

## Results
|name|description|
|---|---|
|BASE_IMAGES_DIGESTS|Digests of the base images used for build|
|IMAGE_DIGEST|Digest of the image just built|
|IMAGE_REF|Image reference of the built image|
|IMAGE_URL|Image repository and tag where the built image was pushed|
|SBOM_BLOB_URL|Reference of SBOM blob digest to enable digest-based verification from provenance|
Loading
Loading