Comments (10)
today openshift build v1 can build registries.conf files with associated auth and certs
Gabe, could you please provide details about the interaction points which lead to this?
from build.
today openshift build v1 can build registries.conf files with associated auth and certs
Gabe, could you please provide details about the interaction points which lead to this?
Sure @sbose78 ... so again I've captured the more novel things in obu
... see https://github.com/gabemontero/obu/blob/master/pkg/cmd/cli/cmd/mirrors.go
So you have
- the
obu mirror --docker-cfg-file
which builds you the registries.conf file thatbuildah
understands ... that translates to the--registries-conf
and--registries-conf-dir
options forbuildah
obu mirror --ca-data
captures the necessary certs for the mirrored registries- I didn't add any special logic, at least yet, for getting the auth ...
- the secrets users create for their different registries can be associated with the
pipeline
service account for use by build v2 somewhat similar to what the operator does for the internal registry today ... - but in fact an aggregated auth file with all possible registries (i.e. the mirror registry and whatever registry the mirror is overriding) translating to one secret is best, as that seems to make things easier for
buildah
- since there are no well known locations for the mirror auth secrets, right now this is a manual step in openshift, so I don't see how the pipeline operator would do it automatically.
I have no idea what the level of support for mirroring is with the other build tools besides buildah
... certainly s2i doe not do anything with mirrors
from build.
According to @sbose78 we have api fields to supply/override the command line parameters supplied to the image building command (whether it is buildah, buildpacks, kaniko, etc.)
https://github.com/shipwright-io/build/master/pkg/apis/build/v1alpha1/Fbuild_types.go
But the reconciler/controller does not yet process whatever fields exist.
A possible MVP line that would be to complete the loop on this, and in this way, buildah users would have a path for supplying --registries-conf
and --registries-config-dir
, where mounting volumes/secrets/configsmaps would be the way to supply the actual contents.
Then, items
from build.
A more detailed rationale available here
https://github.com/shipwright-io/build/blob/master/docs/proposals/buildstrategy.md#parameterization
from build.
Most likely we will open up a new feature around parametrization. And @sbose78 is going to bring this up in the community meeting.
from build.
My understanding is that an strategy can be extended to support any params we want to define for the tooling, e.g. buildah
. Wondering if this issue is stale and can be closed? @gabemontero @sbose78
from build.
If the more generic parameterization feature is opened to complete the work @sbose78 noted still needs to be done, I'm good with closing this.
@sbose78 can you open that feature with the details you had in mind?
from build.
The discussion on spec.parameters
is here #184
from build.
#537 Created a fresh issue.
I added a note in the description. If this is fixed by #537 , we should keep this open as a way to track the use case & document once #537 is in.
from build.
thanks @sbose78
closing this out
from build.
Related Issues (20)
- [FEATURE] Move Readme Try It Section to BETA HOT 5
- [FEATURE] v0.13 Bump Tekton and Kubernetes dependencies
- [FEATURE] Document usage of OCIArtifact source type HOT 2
- [BUG] Endless reconcile of build when strategy kind is unknown
- [SHIP-0038] Use Release Branches for Releasing HOT 4
- [tech-debt] Release Workflow Action No Longer Maintained HOT 1
- [BUG] BuildStrategy: Cannot Use Context Dir as Working Directory HOT 4
- [FEATURE] Conditional step HOT 1
- [FEATURE] Build Strategy from Tekton Task/Pipeline HOT 1
- [BUG] Automatic release README update needs to be fixed HOT 4
- [FEATURE] Provide Storage Version Migration from v1alpha1 to v1beta1 HOT 1
- [BUG] git clone issue on newest Git version HOT 3
- [FEATURE] Windows Containers/Node Support HOT 2
- [FEATURE] Support another technology to define and orchestrate the image creation inside a pod HOT 2
- [BUG] Unit tests run fine with `go test`, but fail when used with Ginkgo CLI HOT 1
- SHIP-0039: Allow node selector on `Build` and `BuildRun` to be set HOT 7
- SHIP-0039: Allow tolerations on `Build` and `BuildRun` to be set
- SHIP-0039: Allow custom scheduler to be used for `Build` and `BuildRun`
- [FEATURE] Establish a release cadence based on Tekton LTS releases HOT 3
- [BUG] The container name for shipwright build webhook doesn't match the environment variable HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from build.