metadata: name: cnbBuild description: Executes Cloud Native Buildpacks. longDescription: |- Executes a Cloud Native Buildpacks build for creating Docker image(s). **Important:** Please note, that the cnbBuild step is in **beta** state, and there could be breaking changes before we remove the beta notice. spec: inputs: secrets: - name: dockerConfigJsonCredentialsId description: | Jenkins 'Secret file' credentials ID containing Docker config.json (with registry credential(s)) in the following format: ```json { "auths": { "$server": { "auth": "base64($username + ':' + $password)" } } } ``` Example: ```json { "auths": { "example.com": { "auth": "dXNlcm5hbWU6cGFzc3dvcmQ=" } } } ``` type: jenkins params: - name: containerImageName aliases: - name: dockerImageName type: string description: | Name of the container which will be built `cnbBuild` step will try to identify a containerImageName using the following precedence: 1. `containerImageName` parameter. 2. `project.id` field of a `project.toml` file. 3. `git/repository` parameter of the `commonPipelineEnvironment`. 4. `github/repository` parameter of the `commonPipelineEnvironment`. If none of the above was found - an error will be raised. scope: - GENERAL - PARAMETERS - STAGES - STEPS - name: containerImageAlias type: string description: | Logical name used for this image. scope: - GENERAL - PARAMETERS - STAGES - STEPS - name: containerImageTag aliases: - name: artifactVersion type: string mandatory: true description: Tag of the container which will be built scope: - GENERAL - PARAMETERS - STAGES - STEPS resourceRef: - name: commonPipelineEnvironment param: artifactVersion - name: commonPipelineEnvironment param: git/commitId - name: containerRegistryUrl aliases: - name: dockerRegistryUrl type: string mandatory: true description: | Container registry where the image should be pushed to. **Note**: `containerRegistryUrl` should include only the domain. If you want to publish an image under `docker.io/example/my-image`, you must set `containerRegistryUrl: "docker.io"` and `containerImageName: "example/my-image"`. scope: - GENERAL - PARAMETERS - STAGES - STEPS resourceRef: - name: commonPipelineEnvironment param: container/registryUrl - name: buildpacks type: "[]string" description: List of custom buildpacks to use in the form of `$HOSTNAME/$REPO[:$TAG]`. scope: - PARAMETERS - STAGES - STEPS resourceRef: - name: commonPipelineEnvironment param: container/buildpacks - name: buildEnvVars type: "map[string]interface{}" description: | Map of custom environment variables used during a build. Example: ```yaml buildEnvVars: foo: bar ``` scope: - PARAMETERS - STAGES - STEPS - name: path type: string description: | Glob that should either point to a directory with your sources or one artifact in zip format. This property determines the input to the buildpack. scope: - PARAMETERS - STAGES - STEPS - name: projectDescriptor type: string description: | Relative path to the project.toml file. See [buildpacks.io](https://buildpacks.io/docs/reference/config/project-descriptor/) for the reference. Parameters passed to the cnbBuild step will take precedence over the parameters set in the project.toml file, except the `env` block. Environment variables declared in a project descriptor file, will be merged with the `buildEnvVars` property, with the `buildEnvVars` having a precedence. *Note*: The project descriptor path should be relative to what is set in the [path](#path) property. If the `path` property is pointing to a zip archive (e.g. jar file), project descriptor path will be relative to the root of the workspace. *Note*: Inline buildpacks (see [specification](https://buildpacks.io/docs/reference/config/project-descriptor/#build-_table-optional_)) are not supported yet. default: project.toml scope: - PARAMETERS - STAGES - STEPS - name: dockerConfigJSON type: string description: Path to the file `.docker/config.json` - this is typically provided by your CI/CD system. You can find more details about the Docker credentials in the [Docker documentation](https://docs.docker.com/engine/reference/commandline/login/). scope: - PARAMETERS secret: true resourceRef: - name: commonPipelineEnvironment param: custom/dockerConfigJSON - name: dockerConfigJsonCredentialsId type: secret - type: vaultSecretFile name: dockerConfigFileVaultSecretName default: docker-config - name: customTlsCertificateLinks type: "[]string" description: List containing download links of custom TLS certificates. This is required to ensure trusted connections to registries with custom certificates. scope: - PARAMETERS - STAGES - STEPS - name: additionalTags type: "[]string" description: List of tags which will be pushed to the registry (additionally to the provided `containerImageTag`), e.g. "latest". scope: - PARAMETERS - STAGES - STEPS - name: bindings type: "map[string]interface{}" description: | Map of bindings that should be offered to the buildpack. The type of bindings depend on the buildpack. For documentation about bindings in general see [the paketo documentation](https://paketo.io/docs/howto/configuration/#bindings). Example: Custom maven settings.xml for the Java Buildpack ```yaml bindings: maven-settings: type: maven data: - key: settings.xml file: path/to/settings.xml ``` inline: ```yaml bindings: maven-settings: type: maven data: - key: settings.xml content: "inline settings.xml" ``` from url: ```yaml bindings: maven-settings: type: maven data: - key: settings.xml fromUrl: https://url-to/setting.xml ``` using [Vault general purpose credentials](https://www.project-piper.io/infrastructure/vault/#using-vault-for-general-purpose-and-test-credentials): ```yaml bindings: dynatrace: type: Dynatrace data: - key: api-token vaultCredentialKey: dynatrace-api-token vaultCredentialPath: cnb-bindings vaultCredentialKeys: ['dynatrace-api-token'] ``` Deprecated: A binding with a single key, could be written like this: ```yaml bindings: maven-settings: type: maven key: settings.xml file: path/to/settings.xml ``` scope: - PARAMETERS - STAGES - STEPS - name: multipleImages aliases: - name: images type: "[]map[string]interface{}" description: | This parameter is only needed if `cnbBuild` should create multiple images. Otherwise it can be ignored!!! In case of multiple images, this array contains one entry for each image. That entry can override any parameter from the main section, e.g. ```yaml containerImageTag: latest containerRegistryUrl: docker.io dockerConfigJsonCredentialsId: CREDENTIALS multipleImages: - containerImageName: example/java-app containerImageAlias: java buildpacks: - "gcr.io/paketo-buildpacks/java" path: "source/java" - containerImageName: example/nodejs-app containerImageAlias: nodejs containerImageTag: v1.0.0 buildpacks: - "gcr.io/paketo-buildpacks/nodejs" path: "source/nodejs" ``` scope: - PARAMETERS - STAGES - STEPS - name: preserveFiles type: "[]string" description: | List of globs, for keeping build results in the Jenkins workspace. *Note*: globs will be calculated relative to the [path](#path) property. scope: - PARAMETERS - STAGES - STEPS - name: buildSettingsInfo type: string description: Build settings info is typically filled by the step automatically to create information about the build settings that were used during the mta build. This information is typically used for compliance related processes. scope: - STEPS - STAGES - PARAMETERS resourceRef: - name: commonPipelineEnvironment param: custom/buildSettingsInfo - name: createBOM type: bool description: Creates the bill of materials (BOM) using Syft and stores it in a file in CycloneDX 1.4 format. scope: - GENERAL - STEPS - STAGES - PARAMETERS - name: syftDownloadUrl type: string description: Specifies the download url of the Syft Linux amd64 tar binary file. This can be found at https://github.com/anchore/syft/releases/. scope: - PARAMETERS - STEPS default: "https://github.com/anchore/syft/releases/download/v0.62.3/syft_0.62.3_linux_amd64.tar.gz" - name: runImage type: string description: "Base image from which application images are built. Will be defaulted to the image provided by the builder." scope: - GENERAL - STEPS - STAGES - PARAMETERS - name: defaultProcess type: string description: "Process that should be started by default. See https://buildpacks.io/docs/app-developer-guide/run-an-app/" scope: - GENERAL - STEPS - STAGES - PARAMETERS outputs: resources: - name: commonPipelineEnvironment type: piperEnvironment params: - name: container/registryUrl - name: container/imageDigest - name: container/imageNameTag - name: container/imageNames type: "[]string" - name: container/imageNameTags type: "[]string" - name: container/imageDigests type: "[]string" - name: custom/buildSettingsInfo - name: reports type: reports params: - filePattern: "**/bom-*.xml" type: sbom containers: - image: "paketobuildpacks/builder:base"