Skip to content

cnbBuild

Executes Cloud Native Buildpacks.

Description

Executes a Cloud Native Buildpacks build for creating Docker image(s). Important: Please note, that the cnbBuild step is in beta state, and there could be breaking changes before we remove the beta notice.

Usage

We recommend to define values of step parameters via .pipeline/config.yml file.
In this case, calling the step is essentially reduced to defining the step name.
Calling the step can be done either in an orchestrator specific way (e.g. via a Jenkins library step) or on the command line.

library('piper-lib-os')

cnbBuild script: this
piper cnbBuild

Outputs

Output type Details
commonPipelineEnvironment
  • container/registryUrl
  • container/imageNameTag

see Examples

Prerequisites

When pushing to a container registry, you need to maintain the respective credentials in your Jenkins credentials store:

cnbBuild expects a Docker config.json file containing the credential information for registries. You can create it like explained in the protocodeExecuteScan Prerequisites section.

Please copy this file and upload it to your Jenkins for example
via Jenkins -> Credentials -> System -> Global credentials (unrestricted) -> Add Credentials ->

  • Kind: Secret file
  • File: upload your config.json file
  • ID: specify id which you then use for the configuration of dockerConfigJsonCredentialsId (see below)

Parameters

Overview - Step

Name Mandatory Additional information
containerImageTag yes
containerRegistryUrl yes
script (yes) Jenkins only reference to Jenkins main pipeline script
additionalTags no
bindings no
buildEnvVars no
buildpacks no
containerImageName no
customTlsCertificateLinks no
dockerConfigJSON no Vault Secret pass via ENV, Vault or Jenkins credentials (dockerConfigJsonCredentialsId)
path no
projectDescriptor no
verbose no activates debug output

Overview - Execution Environment

Orchestrator-specific only

These parameters are relevant for orchestrator usage and not considered when using the command line option.

Name Mandatory Additional information
containerCommand no Jenkins only
containerShell no Jenkins only
dockerEnvVars no
dockerImage no
dockerName no
dockerOptions no
dockerPullImage no
dockerVolumeBind no Jenkins only
dockerWorkspace no Jenkins only

Details

additionalTags

List of tags which will be pushed to the registry (additionally to the provided containerImageTag), e.g. "latest".

back to overview

Scope Details
Aliases -
Type []string
Mandatory no
Default $PIPER_additionalTags (if set)
Secret no
Configuration scope
  • ☒ parameter
  • ☐ general
  • ☒ steps
  • ☒ stages
Resource references none

bindings

Map of bindings that should be offered to the buildpack. The type of bindings depend on the buildpack. For documentation about bindings in general see the paketo documentation.

Example: Custom maven settings.xml for the Java Buildpack

bindings:
  maven-settings:
    type: maven
    key: settings.xml
    file: path/to/settings.xml

inline:

bindings:
  maven-settings:
    type: maven
    key: settings.xml
    content: "inline settings.xml"

from url:

bindings:
  maven-settings:
    type: maven
    key: settings.xml
    fromUrl: https://url-to/setting.xml

back to overview

Scope Details
Aliases -
Type map[string]interface{}
Mandatory no
Default $PIPER_bindings (if set)
Secret no
Configuration scope
  • ☒ parameter
  • ☐ general
  • ☒ steps
  • ☒ stages
Resource references none

buildEnvVars

Map of custom environment variables used during a build. Example:

buildEnvVars:
  foo: bar

back to overview

Scope Details
Aliases -
Type map[string]interface{}
Mandatory no
Default $PIPER_buildEnvVars (if set)
Secret no
Configuration scope
  • ☒ parameter
  • ☐ general
  • ☒ steps
  • ☒ stages
Resource references none

buildpacks

List of custom buildpacks to use in the form of '$HOSTNAME/$REPO[:$TAG]'.

back to overview

Scope Details
Aliases -
Type []string
Mandatory no
Default $PIPER_buildpacks (if set)
Secret no
Configuration scope
  • ☒ parameter
  • ☐ general
  • ☒ steps
  • ☒ stages
Resource references commonPipelineEnvironment:
  reference to: container/buildpacks

containerCommand

Jenkins-specific: Used for proper environment setup.

Kubernetes only: Allows to specify start command for container created with dockerImage parameter to overwrite Piper default (/usr/bin/tail -f /dev/null).

back to overview

Scope Details
Aliases -
Type string
Mandatory no
Default
Secret no
Configuration scope
  • ☒ parameter
  • ☒ general
  • ☒ steps
  • ☒ stages
Resource references none

containerImageName

Name of the container which will be built cnbBuild step will try to identify a containerImageName using the following precedence: 1. containerImageName parameter. 2. project.id field of a project.toml file. 3. git/repository parameter of the commonPipelineEnvironment. If none of the above was found - an error will be raised.

back to overview

Scope Details
Aliases dockerImageName
Type string
Mandatory no
Default $PIPER_containerImageName (if set)
Secret no
Configuration scope
  • ☒ parameter
  • ☒ general
  • ☒ steps
  • ☒ stages
Resource references none

containerImageTag

Tag of the container which will be built

back to overview

Scope Details
Aliases artifactVersion
Type string
Mandatory yes
Default $PIPER_containerImageTag (if set)
Secret no
Configuration scope
  • ☒ parameter
  • ☒ general
  • ☒ steps
  • ☒ stages
Resource references commonPipelineEnvironment:
  reference to: artifactVersion

containerRegistryUrl

Container registry where the image should be pushed to

back to overview

Scope Details
Aliases dockerRegistryUrl
Type string
Mandatory yes
Default $PIPER_containerRegistryUrl (if set)
Secret no
Configuration scope
  • ☒ parameter
  • ☒ general
  • ☒ steps
  • ☒ stages
Resource references commonPipelineEnvironment:
  reference to: container/registryUrl

containerShell

Jenkins-specific: Used for proper environment setup.

Allows to specify the shell to be executed for container with containerName.

back to overview

Scope Details
Aliases -
Type string
Mandatory no
Default
Secret no
Configuration scope
  • ☒ parameter
  • ☒ general
  • ☒ steps
  • ☒ stages
Resource references none

List containing download links of custom TLS certificates. This is required to ensure trusted connections to registries with custom certificates.

back to overview

Scope Details
Aliases -
Type []string
Mandatory no
Default $PIPER_customTlsCertificateLinks (if set)
Secret no
Configuration scope
  • ☒ parameter
  • ☐ general
  • ☒ steps
  • ☒ stages
Resource references none

dockerConfigJSON

Path to the file .docker/config.json - this is typically provided by your CI/CD system. You can find more details about the Docker credentials in the Docker documentation.

back to overview

Scope Details
Aliases -
Type string
Mandatory no
Default $PIPER_dockerConfigJSON (if set)
Secret yes
Configuration scope
  • ☒ parameter
  • ☐ general
  • ☐ steps
  • ☐ stages
Resource references commonPipelineEnvironment:
  reference to: custom/dockerConfigJSON
Jenkins credential id:
  id: dockerConfigJsonCredentialsId

Vault paths:
  • $(vaultPath)/docker-config
  • $(vaultBasePath)/$(vaultPipelineName)/docker-config
  • $(vaultBasePath)/GROUP-SECRETS/docker-config

dockerEnvVars

Jenkins-specific: Used for proper environment setup.

Environment variables to set in the container, e.g. [http_proxy: "proxy:8080"].

back to overview

Scope Details
Aliases -
Type map[string]string
Mandatory no
Default
Secret no
Configuration scope
  • ☒ parameter
  • ☒ general
  • ☒ steps
  • ☒ stages
Resource references none

dockerImage

Jenkins-specific: Used for proper environment setup.

Name of the docker image that should be used. If empty, Docker is not used and the command is executed directly on the Jenkins system.

back to overview

Scope Details
Aliases -
Type string
Mandatory no
Default
Secret no
Configuration scope
  • ☒ parameter
  • ☒ general
  • ☒ steps
  • ☒ stages
Resource references none

dockerName

Jenkins-specific: Used for proper environment setup.

Kubernetes only: Name of the container launching dockerImage. SideCar only: Name of the container in local network.

back to overview

Scope Details
Aliases -
Type string
Mandatory no
Default
Secret no
Configuration scope
  • ☒ parameter
  • ☒ general
  • ☒ steps
  • ☒ stages
Resource references none

dockerOptions

Jenkins-specific: Used for proper environment setup.

Docker options to be set when starting the container.

back to overview

Scope Details
Aliases -
Type []string
Mandatory no
Default
Secret no
Configuration scope
  • ☒ parameter
  • ☒ general
  • ☒ steps
  • ☒ stages
Resource references none

dockerPullImage

Jenkins-specific: Used for proper environment setup.

Set this to 'false' to bypass a docker image pull. Useful during development process. Allows testing of images which are available in the local registry only.

back to overview

Scope Details
Aliases -
Type bool
Mandatory no
Default false
Possible values - true
- false
Secret no
Configuration scope
  • ☒ parameter
  • ☒ general
  • ☒ steps
  • ☒ stages
Resource references none

dockerVolumeBind

Jenkins-specific: Used for proper environment setup.

Volumes that should be mounted into the docker container.

back to overview

Scope Details
Aliases -
Type map[string]string
Mandatory no
Default
Secret no
Configuration scope
  • ☒ parameter
  • ☒ general
  • ☒ steps
  • ☒ stages
Resource references none

dockerWorkspace

Jenkins-specific: Used for proper environment setup.

Kubernetes only: Specifies a dedicated user home directory for the container which will be passed as value for environment variable HOME.

back to overview

Scope Details
Aliases -
Type string
Mandatory no
Default
Secret no
Configuration scope
  • ☒ parameter
  • ☒ general
  • ☒ steps
  • ☒ stages
Resource references none

path

The path should either point to a directory with your sources or an artifact in zip format. This property determines the input to the buildpack.

back to overview

Scope Details
Aliases -
Type string
Mandatory no
Default $PIPER_path (if set)
Secret no
Configuration scope
  • ☒ parameter
  • ☐ general
  • ☒ steps
  • ☒ stages
Resource references none

projectDescriptor

Path to the project.toml file. See buildpacks.io for the reference. Parameters passed to the cnbBuild step will take precedence over the parameters set in the project.toml file, except the env block. Environment variables declared in a project descriptor file, will be merged with the buildEnvVars property, with the buildEnvVars having a precedence.

Note: Inline buildpacks (see specification) are not supported yet.

back to overview

Scope Details
Aliases -
Type string
Mandatory no
Default project.toml
Secret no
Configuration scope
  • ☒ parameter
  • ☐ general
  • ☒ steps
  • ☒ stages
Resource references none

script

Jenkins-specific: Used for proper environment setup.

The common script environment of the Jenkinsfile running. Typically the reference to the script calling the pipeline step is provided with the this parameter, as in script: this. This allows the function to access the commonPipelineEnvironment for retrieving, e.g. configuration parameters.

back to overview

Scope Details
Aliases -
Type Jenkins Script
Mandatory yes
Default
Secret no
Configuration scope
  • ☐ parameter
  • ☐ general
  • ☐ steps
  • ☐ stages
Resource references none

verbose

verbose output

back to overview

Scope Details
Aliases -
Type bool
Mandatory no
Default false
Possible values - true
- false
Secret no
Configuration scope
  • ☒ parameter
  • ☒ general
  • ☒ steps
  • ☒ stages
Resource references none

dockerConfigJsonCredentialsId

Jenkins-specific: Used for proper environment setup. See using credentials for details.

Jenkins 'Secret file' credentials ID containing Docker config.json (with registry credential(s)) in the following format:

{
    "auths": {
            "$server": {
                    "auth": "base64($username + ':' + $password)"
            }
    }
}

Example:

{
    "auths": {
            "example.com": {
                    "auth": "dXNlcm5hbWU6cGFzc3dvcmQ="
            }
    }
}

back to overview

Scope Details
Aliases -
Type string
Configuration scope
  • ☒ parameter
  • ☒ general
  • ☒ steps
  • ☒ stages

Additional hints

To run the cnbBuild with a different builder, you can specify the dockerImage parameter. Without specifying it, the step will run with the paketobuildpacks/builder:full builder.

Examples

Example 1: simple usage

cnbBuild(
    script: script,
    dockerConfigJsonCredentialsId: 'DOCKER_REGISTRY_CREDS',
    containerImageName: 'images/example',
    containerImageTag: 'v0.0.1',
    containerRegistryUrl: 'gcr.io'
)

Example 2: User provided builder

cnbBuild(
    script: script,
    dockerConfigJsonCredentialsId: 'DOCKER_REGISTRY_CREDS',
    dockerImage: 'paketobuildpacks/builder:base',
    containerImageName: 'images/example',
    containerImageTag: 'v0.0.1',
    containerRegistryUrl: 'gcr.io'
)

Example 3: User provided buildpacks

cnbBuild(
    script: script,
    dockerConfigJsonCredentialsId: 'DOCKER_REGISTRY_CREDS',
    containerImageName: 'images/example',
    containerImageTag: 'v0.0.1',
    containerRegistryUrl: 'gcr.io',
    buildpacks: ['gcr.io/paketo-buildpacks/nodejs', 'paketo-community/build-plan']
)

Example 4: Build environment variables

cnbBuild(
    script: script,
    dockerConfigJsonCredentialsId: 'DOCKER_REGISTRY_CREDS',
    containerImageName: 'images/example',
    containerImageTag: 'v0.0.1',
    containerRegistryUrl: 'gcr.io',
    buildEnvVars: [
        "FOO": "BAR"
    ]
)