github.com/ouraigua/jenkins-library@v0.0.0-20231028010029-fbeaf2f3aa9b/resources/metadata/cnbBuild.yaml (about) 1 metadata: 2 name: cnbBuild 3 description: Executes Cloud Native Buildpacks. 4 longDescription: |- 5 Executes a Cloud Native Buildpacks build for creating Docker image(s). 6 **Important:** Please note, that the cnbBuild step is in **beta** state, and there could be breaking changes before we remove the beta notice. 7 spec: 8 inputs: 9 secrets: 10 - name: dockerConfigJsonCredentialsId 11 description: | 12 Jenkins 'Secret file' credentials ID containing Docker config.json (with registry credential(s)) in the following format: 13 14 ```json 15 { 16 "auths": { 17 "$server": { 18 "auth": "base64($username + ':' + $password)" 19 } 20 } 21 } 22 ``` 23 24 Example: 25 26 ```json 27 { 28 "auths": { 29 "example.com": { 30 "auth": "dXNlcm5hbWU6cGFzc3dvcmQ=" 31 } 32 } 33 } 34 ``` 35 type: jenkins 36 params: 37 - name: containerImageName 38 aliases: 39 - name: dockerImageName 40 type: string 41 description: | 42 Name of the container which will be built 43 `cnbBuild` step will try to identify a containerImageName using the following precedence: 44 45 1. `containerImageName` parameter. 46 2. `project.id` field of a `project.toml` file. 47 3. `git/repository` parameter of the `commonPipelineEnvironment`. 48 4. `github/repository` parameter of the `commonPipelineEnvironment`. 49 50 If none of the above was found - an error will be raised. 51 scope: 52 - GENERAL 53 - PARAMETERS 54 - STAGES 55 - STEPS 56 - name: containerImageAlias 57 type: string 58 description: | 59 Logical name used for this image. 60 scope: 61 - GENERAL 62 - PARAMETERS 63 - STAGES 64 - STEPS 65 - name: containerImageTag 66 aliases: 67 - name: artifactVersion 68 type: string 69 mandatory: true 70 description: Tag of the container which will be built 71 scope: 72 - GENERAL 73 - PARAMETERS 74 - STAGES 75 - STEPS 76 resourceRef: 77 - name: commonPipelineEnvironment 78 param: artifactVersion 79 - name: commonPipelineEnvironment 80 param: git/commitId 81 - name: containerRegistryUrl 82 aliases: 83 - name: dockerRegistryUrl 84 type: string 85 mandatory: true 86 description: | 87 Container registry where the image should be pushed to. 88 89 **Note**: `containerRegistryUrl` should include only the domain. If you want to publish an image under `docker.io/example/my-image`, you must set `containerRegistryUrl: "docker.io"` and `containerImageName: "example/my-image"`. 90 scope: 91 - GENERAL 92 - PARAMETERS 93 - STAGES 94 - STEPS 95 resourceRef: 96 - name: commonPipelineEnvironment 97 param: container/registryUrl 98 - name: buildpacks 99 type: "[]string" 100 description: List of custom buildpacks to use in the form of `$HOSTNAME/$REPO[:$TAG]`. When this property is specified, buildpacks which are part of the builder will be ignored. 101 scope: 102 - PARAMETERS 103 - STAGES 104 - STEPS 105 resourceRef: 106 - name: commonPipelineEnvironment 107 param: container/buildpacks 108 - name: preBuildpacks 109 type: "[]string" 110 description: Buildpacks to prepend to the groups in the builder's order. 111 scope: 112 - PARAMETERS 113 - STAGES 114 - STEPS 115 resourceRef: 116 - name: commonPipelineEnvironment 117 param: container/preBuildpacks 118 - name: postBuildpacks 119 type: "[]string" 120 description: Buildpacks to append to the groups in the builder's order. 121 scope: 122 - PARAMETERS 123 - STAGES 124 - STEPS 125 resourceRef: 126 - name: commonPipelineEnvironment 127 param: container/postBuildpacks 128 - name: buildEnvVars 129 type: "map[string]interface{}" 130 description: | 131 Map of custom environment variables used during a build. 132 Example: 133 ```yaml 134 buildEnvVars: 135 foo: bar 136 ``` 137 scope: 138 - PARAMETERS 139 - STAGES 140 - STEPS 141 - name: path 142 type: string 143 description: | 144 Glob that should either point to a directory with your sources or one artifact in zip format. 145 This property determines the input to the buildpack. 146 scope: 147 - PARAMETERS 148 - STAGES 149 - STEPS 150 - name: projectDescriptor 151 type: string 152 description: | 153 Relative path to the project.toml file. 154 See [buildpacks.io](https://buildpacks.io/docs/reference/config/project-descriptor/) for the reference. 155 Parameters passed to the cnbBuild step will take precedence over the parameters set in the project.toml file, except the `env` block. 156 Environment variables declared in a project descriptor file, will be merged with the `buildEnvVars` property, with the `buildEnvVars` having a precedence. 157 158 *Note*: The project descriptor path should be relative to what is set in the [path](#path) property. If the `path` property is pointing to a zip archive (e.g. jar file), project descriptor path will be relative to the root of the workspace. 159 160 *Note*: Inline buildpacks (see [specification](https://buildpacks.io/docs/reference/config/project-descriptor/#build-_table-optional_)) are not supported yet. 161 default: project.toml 162 scope: 163 - PARAMETERS 164 - STAGES 165 - STEPS 166 - name: dockerConfigJSON 167 type: string 168 description: Path to the file `.docker/config.json` - this is typically provided by your CI/CD system. You can find more details about the Docker credentials in the [Docker documentation](https://docs.docker.com/engine/reference/commandline/login/). 169 scope: 170 - PARAMETERS 171 secret: true 172 resourceRef: 173 - name: dockerConfigJsonCredentialsId 174 type: secret 175 - type: vaultSecretFile 176 name: dockerConfigFileVaultSecretName 177 default: docker-config 178 - name: dockerConfigJSONCPE 179 type: string 180 description: This property is intended only for reading the `dockerConfigJSON` from the Common Pipeline Environment. If you want to provide your own credentials, please refer to the [dockerConfigJSON](#dockerConfigJSON) property. If both properties are set, the config files will be merged, with the [dockerConfigJSON](#dockerConfigJSON) having higher priority. 181 secret: true 182 resourceRef: 183 - name: commonPipelineEnvironment 184 param: custom/dockerConfigJSON 185 - name: customTlsCertificateLinks 186 type: "[]string" 187 description: List containing download links of custom TLS certificates. This is required to ensure trusted connections to registries with custom certificates. 188 scope: 189 - PARAMETERS 190 - STAGES 191 - STEPS 192 - name: additionalTags 193 type: "[]string" 194 description: List of tags which will be pushed to the registry (additionally to the provided `containerImageTag`), e.g. "latest". 195 scope: 196 - PARAMETERS 197 - STAGES 198 - STEPS 199 - name: bindings 200 type: "map[string]interface{}" 201 description: | 202 Map of bindings that should be offered to the buildpack. The type of bindings depend on the buildpack. For documentation about bindings in general see [the paketo documentation](https://paketo.io/docs/howto/configuration/#bindings). 203 204 Example: Custom maven settings.xml for the Java Buildpack 205 206 ```yaml 207 bindings: 208 maven-settings: 209 type: maven 210 data: 211 - key: settings.xml 212 file: path/to/settings.xml 213 ``` 214 215 inline: 216 ```yaml 217 bindings: 218 maven-settings: 219 type: maven 220 data: 221 - key: settings.xml 222 content: "inline settings.xml" 223 ``` 224 225 from url: 226 ```yaml 227 bindings: 228 maven-settings: 229 type: maven 230 data: 231 - key: settings.xml 232 fromUrl: https://url-to/setting.xml 233 ``` 234 235 using [Vault general purpose credentials](https://www.project-piper.io/infrastructure/vault/#using-vault-for-general-purpose-and-test-credentials): 236 ```yaml 237 bindings: 238 dynatrace: 239 type: Dynatrace 240 data: 241 - key: api-token 242 vaultCredentialKey: dynatrace-api-token 243 vaultCredentialPath: cnb-bindings 244 vaultCredentialKeys: ['dynatrace-api-token'] 245 ``` 246 247 Deprecated: A binding with a single key, could be written like this: 248 249 ```yaml 250 bindings: 251 maven-settings: 252 type: maven 253 key: settings.xml 254 file: path/to/settings.xml 255 ``` 256 257 scope: 258 - PARAMETERS 259 - STAGES 260 - STEPS 261 - name: multipleImages 262 aliases: 263 - name: images 264 type: "[]map[string]interface{}" 265 description: | 266 This parameter is only needed if `cnbBuild` should create multiple images. 267 Otherwise it can be ignored!!! 268 269 In case of multiple images, this array contains one entry for each image. That 270 entry can override any parameter from the main section, e.g. 271 272 ```yaml 273 containerImageTag: latest 274 containerRegistryUrl: docker.io 275 dockerConfigJsonCredentialsId: CREDENTIALS 276 multipleImages: 277 - containerImageName: example/java-app 278 containerImageAlias: java 279 buildpacks: 280 - "gcr.io/paketo-buildpacks/java" 281 path: "source/java" 282 - containerImageName: example/nodejs-app 283 containerImageAlias: nodejs 284 containerImageTag: v1.0.0 285 buildpacks: 286 - "gcr.io/paketo-buildpacks/nodejs" 287 path: "source/nodejs" 288 ``` 289 scope: 290 - PARAMETERS 291 - STAGES 292 - STEPS 293 - name: preserveFiles 294 type: "[]string" 295 description: | 296 List of globs, for keeping build results in the Jenkins workspace. 297 298 *Note*: globs will be calculated relative to the [path](#path) property. 299 scope: 300 - PARAMETERS 301 - STAGES 302 - STEPS 303 - name: buildSettingsInfo 304 type: string 305 description: Build settings info is typically filled by the step automatically to create information about the build settings that were used during the mta build. This information is typically used for compliance related processes. 306 scope: 307 - STEPS 308 - STAGES 309 - PARAMETERS 310 resourceRef: 311 - name: commonPipelineEnvironment 312 param: custom/buildSettingsInfo 313 - name: createBOM 314 type: bool 315 description: Creates the bill of materials (BOM) using Syft and stores it in a file in CycloneDX 1.4 format. 316 scope: 317 - GENERAL 318 - STEPS 319 - STAGES 320 - PARAMETERS 321 - name: syftDownloadUrl 322 type: string 323 description: Specifies the download url of the Syft Linux amd64 tar binary file. This can be found at https://github.com/anchore/syft/releases/. 324 scope: 325 - PARAMETERS 326 - STEPS 327 default: "https://github.com/anchore/syft/releases/download/v0.62.3/syft_0.62.3_linux_amd64.tar.gz" 328 - name: runImage 329 type: string 330 description: "Base image from which application images are built. Will be defaulted to the image provided by the builder." 331 scope: 332 - GENERAL 333 - STEPS 334 - STAGES 335 - PARAMETERS 336 - name: defaultProcess 337 type: string 338 description: "Process that should be started by default. See https://buildpacks.io/docs/app-developer-guide/run-an-app/" 339 scope: 340 - GENERAL 341 - STEPS 342 - STAGES 343 - PARAMETERS 344 outputs: 345 resources: 346 - name: commonPipelineEnvironment 347 type: piperEnvironment 348 params: 349 - name: container/registryUrl 350 - name: container/imageDigest 351 - name: container/imageNameTag 352 - name: container/imageNames 353 type: "[]string" 354 - name: container/imageNameTags 355 type: "[]string" 356 - name: container/imageDigests 357 type: "[]string" 358 - name: custom/buildSettingsInfo 359 - name: reports 360 type: reports 361 params: 362 - filePattern: "**/bom-*.xml" 363 type: sbom 364 containers: 365 - image: "paketobuildpacks/builder:base"