Red Hat SummitCe contenu n'est pas disponible dans la langue sélectionnée.
Chapter 1. Overview of Builds
Builds is a Shipwright-based framework for building container images on OpenShift Container Platform. It is designed for developers seeking automated image creation and administrators managing secure, reusable build strategies at scale.
1.1. Builds capabilities and resources
Builds provides Kubernetes-native APIs to build container images from source code and Dockerfiles. It supports S2I and Buildah strategies, allows custom build strategies, executes builds from local directories, offers a CLI for managing builds, and integrates with the Developer perspective of the OpenShift Container Platform console.
Builds consists of the following custom resources (CRs):
-
Build -
BuildStrategyandClusterBuildStrategy -
BuildRun
1.1.1. Build resource
The Build resource defines the source code of your application and the location where your application images will be pushed. The following example shows a simple build that consists of a Git source, a build strategy, and an output image:
apiVersion: shipwright.io/v1beta1
kind: Build
metadata:
name: buildah-golang-build
spec:
source:
git:
url: https://github.com/username/taxi
strategy:
name: buildah
kind: ClusterBuildStrategy
output:
image: registry.mycompany.com/my-org/taxi-app:latest
You can also extend a Build resource to push your images to a private registry or use a Dockerfile.
1.1.2. BuildStrategy and ClusterBuildStrategy resources
The BuildStrategy and ClusterBuildStrategy resources define the steps needed to build an application.
A BuildStrategy is namespace-scoped and can be created, managed, and used only within a specific namespace and not shared across the cluster.
A ClusterBuildStrategy is cluster-scoped and can be shared across namespaces.
Both resources include a steps section. The following example shows a ClusterBuildStrategy named buildah.
apiVersion: shipwright.io/v1beta1
kind: ClusterBuildStrategy
metadata:
name: buildah
spec:
steps:
- name: build-and-push
image: quay.io/containers/buildah:v1.31.0
workingDir: $(params.shp-source-root)
command:
- /bin/bash
# ...
# ...1.1.3. BuildRun resource
A BuildRun resource invokes a build on the cluster similar to a Tekton task run. It represents a workload that instantiates a build for execution with specific parameters. Each BuildRun defines a unique name for monitoring, references a Build instance, and specifies a service account within a namespace.
A BuildRun resource helps you to define the following elements:
-
A unique
BuildRunname to monitor the status of the build -
A referenced
Buildinstance to use during the build - A service account to host all secrets for the build
Each BuildRun resource is available within a namespace.
1.1.4. Build controller
The build controller monitors any updates in the Build resource and performs the following tasks:
-
Validates if the referenced
Strategyobject exists in theBuildresource. -
Validates if the specified parameters in the
BuildCR exist in the referenced build strategy. It also validates if the parameter names collide with any reserved names. -
Validates if the container registry output secret exists in the
Buildresource. -
Validates if the referenced
spec.source.git.urlendpoint URL exists in theBuildresource.
The build run controller monitors any updates in the Build or TaskRun resource and performs the following tasks:
-
Searches for any existing
TaskRunresource and updates its parentBuildRunresource status. -
Retrieves the specified service account and sets it along with the output secret in the
Buildresource. -
If a
TaskRunresource does not exist, the controller generates a new TektonTaskRunresource and sets a reference to theTaskRunresource. -
For any subsequent updates in the
TaskRunresource, the controller updates the parentBuildRunresource.
1.1.5. Build validations
The build controller validates BuildRun resources in advance to prevent failures from incorrect or missing dependencies and configuration settings. Validations check for strategy existence, secret references, parameter definitions, Git repository accessibility, and environment variable completeness.
| status.reason field | Description |
|---|---|
|
| The referenced strategy at namespace level does not exist. |
|
| The referenced strategy at cluster level does not exist. |
|
|
Setting owner references between a |
|
| The secret used to authenticate to Git does not exist. |
|
| The secret used to authenticate to the container registry does not exist. |
|
| The secret used to authenticate to the container registry does not exist. |
|
| Multiple secrets used for authentication are missing. |
|
|
One or many defined |
|
|
The parameters are not defined in the referenced strategy. You must define those parameters in the |
|
|
The defined |
|
|
The build name in the |
|
| Indicates that the name for a user-provided environment variable is blank. |
|
| Indicates that the value for a user-provided environment variable is blank. |
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}