This is the multi-page printable view of this section. Click here to print.
API Reference
1 - Build Resources
Packages
shipwright.io/v1beta1
Package v1beta1 contains API Schema definitions for the build v1beta1 API group
Resource Types
- Build
- BuildList
- BuildRun
- BuildRunList
- BuildStrategy
- BuildStrategyList
- ClusterBuildStrategy
- ClusterBuildStrategyList
Build
Build is the Schema representing a Build definition
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
apiVersion string | shipwright.io/v1beta1 | ||
kind string | Build | ||
metadata ObjectMeta | Refer to Kubernetes API documentation for fields of metadata. | ||
spec BuildSpec | |||
status BuildStatus |
BuildList
BuildList contains a list of Build
| Field | Description | Default | Validation |
|---|---|---|---|
apiVersion string | shipwright.io/v1beta1 | ||
kind string | BuildList | ||
metadata ListMeta | Refer to Kubernetes API documentation for fields of metadata. | ||
items Build array |
BuildReason
Underlying type: string
BuildReason is a type used for populating the Build Status.Reason field
Appears in:
| Field | Description |
|---|---|
Succeeded | SucceedStatus indicates that all validations Succeeded |
UnknownBuildStrategyKind | UnknownBuildStrategyKind indicates that neither namespace-scope or cluster-scope strategy kind was used |
BuildStrategyNotFound | BuildStrategyNotFound indicates that a namespaced-scope strategy was not found in the namespace |
ClusterBuildStrategyNotFound | ClusterBuildStrategyNotFound indicates that a cluster-scope strategy was not found |
SetOwnerReferenceFailed | SetOwnerReferenceFailed indicates that setting ownerReferences between a Build and a BuildRun failed |
SpecSourceSecretRefNotFound | SpecSourceSecretRefNotFound indicates the referenced secret in source is missing |
SpecOutputSecretRefNotFound | SpecOutputSecretRefNotFound indicates the referenced secret in output is missing |
SpecBuilderSecretRefNotFound | SpecBuilderSecretRefNotFound indicates the referenced secret in builder is missing |
MultipleSecretRefNotFound | MultipleSecretRefNotFound indicates that multiple secrets are missing |
SpecEnvNameCanNotBeBlank | SpecEnvNameCanNotBeBlank indicates that the name for an environment variable is blank |
SpecEnvOnlyOneOfValueOrValueFromMustBeSpecified | SpecEnvOnlyOneOfValueOrValueFromMustBeSpecified indicates that both value and valueFrom were specified |
RuntimePathsCanNotBeEmpty | RuntimePathsCanNotBeEmpty indicates that the spec.runtime feature is used but the paths were not specified |
RestrictedParametersInUse | RestrictedParametersInUse indicates the definition of reserved shipwright parameters |
WrongParameterValueType | WrongParameterValueType indicates that a single value was provided for an array parameter, or vice-versa |
UndefinedParameter | UndefinedParameter indicates the definition of param that was not defined in the strategy parameters |
InconsistentParameterValues | InconsistentParameterValues indicates that parameter values have more than one of configMapValue, secretValue, or value set |
EmptyArrayItemParameterValues | EmptyArrayItemParameterValues indicates that array parameters contain an item where none of configMapValue, secretValue, or value is set |
IncompleteConfigMapValueParameterValues | IncompleteConfigMapValueParameterValues indicates that a configMapValue is specified where the name or the key is empty |
IncompleteSecretValueParameterValues | IncompleteSecretValueParameterValues indicates that a secretValue is specified where the name or the key is empty |
RemoteRepositoryUnreachable | RemoteRepositoryUnreachable indicates the referenced repository is unreachable |
BuildNameInvalid | BuildNameInvalid indicates the build name is invalid |
VolumeDoesNotExist | VolumeDoesNotExist indicates that volume referenced by the Build does not exist, therefore Build cannot be run |
VolumeNotOverridable | VolumeNotOverridable indicates that volume defined by build is not set as overridable in the strategy |
UndefinedVolume | UndefinedVolume indicates that volume defined by build is not found in the strategy |
TriggerNameCanNotBeBlank | TriggerNameCanNotBeBlank indicates the trigger condition does not have a name |
TriggerInvalidType | TriggerInvalidType indicates the trigger type is invalid |
TriggerInvalidGitHubWebHook | TriggerInvalidGitHubWebHook indicates the trigger type GitHub is invalid |
TriggerInvalidImage | TriggerInvalidImage indicates the trigger type Image is invalid |
TriggerInvalidPipeline | TriggerInvalidPipeline indicates the trigger type Pipeline is invalid |
OutputTimestampNotSupported | OutputTimestampNotSupported indicates that an unsupported output timestamp setting was used |
OutputTimestampNotValid | OutputTimestampNotValid indicates that the output timestamp value is not valid |
NodeSelectorNotValid | NodeSelectorNotValid indicates that the nodeSelector value is not valid |
TolerationNotValid | TolerationNotValid indicates that the Toleration value is not valid |
SchedulerNameNotValid | SchedulerNameNotValid indicates that the Scheduler name is not valid |
BuildRetention
BuildRetention struct for buildrun cleanup
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
failedLimit integer | FailedLimit defines the maximum number of failed buildruns that should exist. | Maximum: 10000 Minimum: 1 | |
succeededLimit integer | SucceededLimit defines the maximum number of succeeded buildruns that should exist. | Maximum: 10000 Minimum: 1 | |
ttlAfterFailed Duration | TTLAfterFailed defines the maximum duration of time the failed buildrun should exist. | Format: duration | |
ttlAfterSucceeded Duration | TTLAfterSucceeded defines the maximum duration of time the succeeded buildrun should exist. | Format: duration | |
atBuildDeletion boolean | AtBuildDeletion defines if related BuildRuns should be deleted when deleting the Build. |
BuildRun
BuildRun is the Schema representing an instance of build execution
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
apiVersion string | shipwright.io/v1beta1 | ||
kind string | BuildRun | ||
metadata ObjectMeta | Refer to Kubernetes API documentation for fields of metadata. | ||
spec BuildRunSpec | |||
status BuildRunStatus |
BuildRunList
BuildRunList contains a list of BuildRun
| Field | Description | Default | Validation |
|---|---|---|---|
apiVersion string | shipwright.io/v1beta1 | ||
kind string | BuildRunList | ||
metadata ListMeta | Refer to Kubernetes API documentation for fields of metadata. | ||
items BuildRun array |
BuildRunRequestedState
Underlying type: string
BuildRunRequestedState defines the buildrun state the user can provide to override whatever is the current state.
Appears in:
BuildRunRetention
BuildRunRetention struct for buildrun cleanup
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
ttlAfterFailed Duration | TTLAfterFailed defines the maximum duration of time the failed buildrun should exist. | Format: duration | |
ttlAfterSucceeded Duration | TTLAfterSucceeded defines the maximum duration of time the succeeded buildrun should exist. | Format: duration |
BuildRunSource
BuildRunSource describes the local source to use
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
type BuildSourceType | Type is the BuildRunSource qualifier, the type of the source. Only Local is supported. | ||
local Local | Local contains the details for the source of type Local |
BuildRunSpec
BuildRunSpec defines the desired state of BuildRun
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
build ReferencedBuild | Build refers to an embedded build specification This field is mandatory | ||
source BuildRunSource | Source refers to the location where the source code is, this could only be a local source | ||
serviceAccount string | ServiceAccount refers to the kubernetes serviceaccount which is used for resource control. Default serviceaccount will be set if it is empty | ||
timeout Duration | Timeout defines the maximum run time of this BuildRun. | Format: duration | |
paramValues ParamValue array | Params is a list of key/value that could be used to set strategy parameters | ||
output Image | Output refers to the location where the generated image would be pushed to. It will overwrite the output image in build spec | ||
state BuildRunRequestedState | State is used for canceling a buildrun (and maybe more later on). | ||
env EnvVar array | Env contains additional environment variables that should be passed to the build container | ||
retention BuildRunRetention | Contains information about retention params | ||
volumes BuildVolume array | Volumes contains volume Overrides of the BuildStrategy volumes in case those are allowed to be overridden. Must only contain volumes that exist in the corresponding BuildStrategy | ||
nodeSelector object (keys:string, values:string) | NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node’s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ | ||
tolerations Toleration array | If specified, the pod’s tolerations. | ||
schedulerName string | SchedulerName specifies the scheduler to be used to dispatch the Pod |
BuildRunStatus
BuildRunStatus defines the observed state of BuildRun
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
source SourceResult | Source holds the results emitted from the source step | ||
output Output | Output holds the results emitted from step definition of an output | ||
conditions Conditions | Conditions holds the latest available observations of a resource’s current state. | ||
taskRunName string | TaskRunName is the name of the TaskRun responsible for executing this BuildRun. | ||
startTime Time | StartTime is the time the build is actually started. | ||
completionTime Time | CompletionTime is the time the build completed. | ||
buildSpec BuildSpec | BuildSpec is the Build Spec of this BuildRun. | ||
failureDetails FailureDetails | FailureDetails contains error details that are collected and surfaced from TaskRun |
BuildSourceType
Underlying type: string
BuildSourceType enumerates build source type names.
Appears in:
| Field | Description |
|---|---|
Local | |
Git | |
OCI |
BuildSpec
BuildSpec defines the desired state of Build
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
source Source | Source refers to the location where the source code is, this could be a git repository, a local source or an oci artifact | ||
trigger Trigger | Trigger defines the scenarios where a new build should be triggered. | ||
strategy Strategy | Strategy references the BuildStrategy to use to build the container image. | ||
paramValues ParamValue array | Params is a list of key/value that could be used to set strategy parameters | ||
output Image | Output refers to the location where the built image would be pushed. | ||
timeout Duration | Timeout defines the maximum amount of time the Build should take to execute. | Format: duration | |
env EnvVar array | Env contains additional environment variables that should be passed to the build container | ||
retention BuildRetention | Contains information about retention params | ||
volumes BuildVolume array | Volumes contains volume Overrides of the BuildStrategy volumes in case those are allowed to be overridden. Must only contain volumes that exist in the corresponding BuildStrategy | ||
nodeSelector object (keys:string, values:string) | NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node’s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ | ||
tolerations Toleration array | If specified, the pod’s tolerations. | ||
schedulerName string | SchedulerName specifies the scheduler to be used to dispatch the Pod |
BuildStatus
BuildStatus defines the observed state of Build
NOTICE: This is deprecated and will be removed in a future release.
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
registered ConditionStatus | The Register status of the Build | ||
reason BuildReason | The reason of the registered Build, it’s an one-word camelcase | ||
message string | The message of the registered Build, either an error or succeed message |
BuildStrategy
BuildStrategy is the Schema representing a strategy in the namespace scope to build images from source code.
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
apiVersion string | shipwright.io/v1beta1 | ||
kind string | BuildStrategy | ||
metadata ObjectMeta | Refer to Kubernetes API documentation for fields of metadata. | ||
spec BuildStrategySpec | |||
status BuildStrategyStatus |
BuildStrategyKind
Underlying type: string
BuildStrategyKind defines the type of BuildStrategy used by the build.
Appears in:
| Field | Description |
|---|---|
BuildStrategy | NamespacedBuildStrategyKind indicates that the buildstrategy type has a namespaced scope. |
ClusterBuildStrategy | ClusterBuildStrategyKind indicates that buildstrategy type has a cluster scope. |
BuildStrategyList
BuildStrategyList contains a list of BuildStrategy
| Field | Description | Default | Validation |
|---|---|---|---|
apiVersion string | shipwright.io/v1beta1 | ||
kind string | BuildStrategyList | ||
metadata ListMeta | Refer to Kubernetes API documentation for fields of metadata. | ||
items BuildStrategy array |
BuildStrategySecurityContext
BuildStrategySecurityContext defines a UID and GID for the build that is to be used for the build strategy steps as well as for shipwright-managed steps such as the source retrieval, or the image processing. The value can be overwritten on the steps for the strategy steps. If omitted, then UID and GID from the Shipwright configuration will be used for the shipwright-managed steps.
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
runAsUser integer | The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. Can be overwritten by the security context on the step level. | ||
runAsGroup integer | The GID to run the entrypoint of the container process. Defaults to group specified in image metadata if unspecified. Can be overwritten by the security context on the step level. |
BuildStrategySpec
BuildStrategySpec defines the desired state of BuildStrategy
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
steps Step array | |||
parameters Parameter array | |||
securityContext BuildStrategySecurityContext | |||
volumes BuildStrategyVolume array |
BuildStrategyStatus
BuildStrategyStatus defines the observed state of BuildStrategy
Appears in:
BuildStrategyVolume
BuildStrategyVolume is a volume that will be mounted in build pod during build step of the Build Strategy
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
overridable boolean | Indicates that this Volume can be overridden in a Build or BuildRun. Defaults to false | ||
name string | Name of the Build Volume | ||
description string | Description of the Build Volume | ||
hostPath HostPathVolumeSource | hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath — TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. | ||
emptyDir EmptyDirVolumeSource | emptyDir represents a temporary directory that shares a pod’s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir | ||
gcePersistentDisk GCEPersistentDiskVolumeSource | gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk | ||
awsElasticBlockStore AWSElasticBlockStoreVolumeSource | awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore | ||
gitRepo GitRepoVolumeSource | gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod’s container. | ||
secret SecretVolumeSource | secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret | ||
nfs NFSVolumeSource | nfs represents an NFS mount on the host that shares a pod’s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs | ||
iscsi ISCSIVolumeSource | iscsi represents an ISCSI Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md | ||
glusterfs GlusterfsVolumeSource | glusterfs represents a Glusterfs mount on the host that shares a pod’s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md | ||
persistentVolumeClaim PersistentVolumeClaimVolumeSource | persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims | ||
rbd RBDVolumeSource | rbd represents a Rados Block Device mount on the host that shares a pod’s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md | ||
flexVolume FlexVolumeSource | flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. | ||
cinder CinderVolumeSource | cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md | ||
cephfs CephFSVolumeSource | cephFS represents a Ceph FS mount on the host that shares a pod’s lifetime | ||
flocker FlockerVolumeSource | flocker represents a Flocker volume attached to a kubelet’s host machine. This depends on the Flocker control service being running | ||
downwardAPI DownwardAPIVolumeSource | downwardAPI represents downward API about the pod that should populate this volume | ||
fc FCVolumeSource | fc represents a Fibre Channel resource that is attached to a kubelet’s host machine and then exposed to the pod. | ||
azureFile AzureFileVolumeSource | azureFile represents an Azure File Service mount on the host and bind mount to the pod. | ||
configMap ConfigMapVolumeSource | configMap represents a configMap that should populate this volume | ||
vsphereVolume VsphereVirtualDiskVolumeSource | vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine | ||
quobyte QuobyteVolumeSource | quobyte represents a Quobyte mount on the host that shares a pod’s lifetime | ||
azureDisk AzureDiskVolumeSource | azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. | ||
photonPersistentDisk PhotonPersistentDiskVolumeSource | photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine | ||
projected ProjectedVolumeSource | projected items for all in one resources secrets, configmaps, and downward API | ||
portworxVolume PortworxVolumeSource | portworxVolume represents a portworx volume attached and mounted on kubelets host machine | ||
scaleIO ScaleIOVolumeSource | scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. | ||
storageos StorageOSVolumeSource | storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. | ||
csi CSIVolumeSource | csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). | ||
ephemeral EphemeralVolumeSource | ephemeral represents a volume that is handled by a cluster storage driver. The volume’s lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. A pod can use both types of ephemeral volumes and persistent volumes at the same time. |
BuildVolume
BuildVolume is a volume that will be mounted in build pod during build step
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
name string | Name of the Build Volume | ||
hostPath HostPathVolumeSource | hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath — TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. | ||
emptyDir EmptyDirVolumeSource | emptyDir represents a temporary directory that shares a pod’s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir | ||
gcePersistentDisk GCEPersistentDiskVolumeSource | gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk | ||
awsElasticBlockStore AWSElasticBlockStoreVolumeSource | awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore | ||
gitRepo GitRepoVolumeSource | gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod’s container. | ||
secret SecretVolumeSource | secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret | ||
nfs NFSVolumeSource | nfs represents an NFS mount on the host that shares a pod’s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs | ||
iscsi ISCSIVolumeSource | iscsi represents an ISCSI Disk resource that is attached to a kubelet’s host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md | ||
glusterfs GlusterfsVolumeSource | glusterfs represents a Glusterfs mount on the host that shares a pod’s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md | ||
persistentVolumeClaim PersistentVolumeClaimVolumeSource | persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims | ||
rbd RBDVolumeSource | rbd represents a Rados Block Device mount on the host that shares a pod’s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md | ||
flexVolume FlexVolumeSource | flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin. | ||
cinder CinderVolumeSource | cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md | ||
cephfs CephFSVolumeSource | cephFS represents a Ceph FS mount on the host that shares a pod’s lifetime | ||
flocker FlockerVolumeSource | flocker represents a Flocker volume attached to a kubelet’s host machine. This depends on the Flocker control service being running | ||
downwardAPI DownwardAPIVolumeSource | downwardAPI represents downward API about the pod that should populate this volume | ||
fc FCVolumeSource | fc represents a Fibre Channel resource that is attached to a kubelet’s host machine and then exposed to the pod. | ||
azureFile AzureFileVolumeSource | azureFile represents an Azure File Service mount on the host and bind mount to the pod. | ||
configMap ConfigMapVolumeSource | configMap represents a configMap that should populate this volume | ||
vsphereVolume VsphereVirtualDiskVolumeSource | vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine | ||
quobyte QuobyteVolumeSource | quobyte represents a Quobyte mount on the host that shares a pod’s lifetime | ||
azureDisk AzureDiskVolumeSource | azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. | ||
photonPersistentDisk PhotonPersistentDiskVolumeSource | photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine | ||
projected ProjectedVolumeSource | projected items for all in one resources secrets, configmaps, and downward API | ||
portworxVolume PortworxVolumeSource | portworxVolume represents a portworx volume attached and mounted on kubelets host machine | ||
scaleIO ScaleIOVolumeSource | scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. | ||
storageos StorageOSVolumeSource | storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. | ||
csi CSIVolumeSource | csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). | ||
ephemeral EphemeralVolumeSource | ephemeral represents a volume that is handled by a cluster storage driver. The volume’s lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. A pod can use both types of ephemeral volumes and persistent volumes at the same time. |
ClusterBuildStrategy
ClusterBuildStrategy is the Schema representing a strategy in the cluster scope to build images from source code.
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
apiVersion string | shipwright.io/v1beta1 | ||
kind string | ClusterBuildStrategy | ||
metadata ObjectMeta | Refer to Kubernetes API documentation for fields of metadata. | ||
spec BuildStrategySpec | |||
status BuildStrategyStatus |
ClusterBuildStrategyList
ClusterBuildStrategyList contains a list of ClusterBuildStrategy
| Field | Description | Default | Validation |
|---|---|---|---|
apiVersion string | shipwright.io/v1beta1 | ||
kind string | ClusterBuildStrategyList | ||
metadata ListMeta | Refer to Kubernetes API documentation for fields of metadata. | ||
items ClusterBuildStrategy array |
Condition
Condition defines the required fields for populating Build controllers Conditions
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
type Type | Type of condition | ||
status ConditionStatus | Status of the condition, one of True, False, Unknown. | ||
lastTransitionTime Time | LastTransitionTime last time the condition transit from one status to another. | ||
reason string | The reason for the condition last transition. | ||
message string | A human readable message indicating details about the transition. |
Conditions
Underlying type: Condition
Conditions defines a list of Condition
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
type Type | Type of condition | ||
status ConditionStatus | Status of the condition, one of True, False, Unknown. | ||
lastTransitionTime Time | LastTransitionTime last time the condition transit from one status to another. | ||
reason string | The reason for the condition last transition. | ||
message string | A human readable message indicating details about the transition. |
FailureDetails
FailureDetails describes an error while building images
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
reason string | |||
message string | |||
location Location |
Git
Git describes the git repository to pull
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
url string | URL describes the URL of the Git repository. | ||
revision string | Revision describes the Git revision (e.g., branch, tag, commit SHA, etc.) to fetch. If not defined, it will fallback to the repository’s default branch. | ||
cloneSecret string | CloneSecret references a Secret that contains credentials to access the repository. |
GitHubEventName
Underlying type: string
GitHubEventName set of WhenGitHub valid event names.
Appears in:
| Field | Description |
|---|---|
PullRequest | GitHubPullRequestEvent github pull-request event name. |
Push | GitHubPushEvent git push webhook event name. |
GitSourceResult
GitSourceResult holds the results emitted from the git source
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
commitSha string | CommitSha holds the commit sha of git source | ||
commitAuthor string | CommitAuthor holds the commit author of a git source | ||
branchName string | BranchName holds the default branch name of the git source this will be set only when revision is not specified in Build object |
IgnoredVulnerabilitySeverity
Underlying type: string
IgnoredVulnerabilitySeverity is an enum for the possible values for the ignored severity
Appears in:
| Field | Description |
|---|---|
high | High indicates that high, medium, and low severity vulnerabilities should be ignored |
medium | Medium indicates that medium, and low severity vulnerabilities should be ignored |
low | High indicates that low severity vulnerabilities should be ignored |
Image
Image refers to an container image with credentials
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
image string | Image is the reference of the image. | ||
insecure boolean | Insecure defines whether the registry is not secure | ||
pushSecret string | Describes the secret name for pushing a container image. | ||
annotations object (keys:string, values:string) | Annotations references the additional annotations to be applied on the image | ||
labels object (keys:string, values:string) | Labels references the additional labels to be applied on the image | ||
vulnerabilityScan VulnerabilityScanOptions | VulnerabilityScan provides configurations about running a scan for your generated image | ||
timestamp string | Timestamp references the optional image timestamp to be set, valid values are: - “Zero”, to set 00:00:00 UTC on 1 January 1970 - “SourceTimestamp”, to set the source timestamp dereived from the input source - “BuildTimestamp”, to set the timestamp of the current build itself - Parsable integer number defined as the epoch seconds - or nil/empty to not set any specific timestamp |
Local
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
timeout Duration | Timeout how long the BuildSource execution must take. | ||
name string | Name of the local step |
Location
Location describes the location where the failure happened
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
pod string | |||
container string |
OCIArtifact
OCIArtifact describes the source code bundle container to pull
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
image string | Image reference, i.e. quay.io/org/image:tag | ||
prune PruneOption | Prune specifies whether the image is suppose to be deleted. Allowed values are ‘Never’ (no deletion) and AfterPull (removal after theimage was successfully pulled from the registry). If not defined, it defaults to ‘Never’. | ||
pullSecret string | PullSecret references a Secret that contains credentials to access the repository. |
ObjectKeyRef
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
name string | Name of the object | ||
key string | Key inside the object | ||
format string | An optional format to add pre- or suffix to the object value. For example ‘KEY=${SECRET_VALUE}’ or ‘KEY=${CONFIGMAP_VALUE}’ depending on the context. |
OciArtifactSourceResult
OciArtifactSourceResult holds the results emitted from the bundle source
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
digest string | Digest hold the image digest result |
Output
Output holds the information about the container image that the BuildRun built
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
digest string | Digest holds the digest of output image | ||
size integer | Size holds the compressed size of output image | ||
vulnerabilities Vulnerability array | Vulnerabilities holds the list of vulnerabilities detected in the image |
ParamValue
ParamValue is a key/value that populates a strategy parameter used in the execution of the strategy steps
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
name string | Name of the parameter | ||
values SingleValue array | Values of an array parameter |
Parameter
Parameter holds a name-description with a default value that allows strategy steps to be parameterize. Build users can set a value for parameter via the Build or BuildRun spec.paramValues object.
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
name string | Name of the parameter | ||
description string | Description on the parameter purpose | ||
type ParameterType | Type of the parameter. The possible types are “string” and “array”, and “string” is the default. | ||
default string | Default value for a string parameter | ||
defaults string | Default values for an array parameter |
ParameterType
Underlying type: string
ParameterType indicates the type of a parameter
Appears in:
| Field | Description |
|---|---|
string | |
array |
PruneOption
Underlying type: string
PruneOption defines the supported options for image pruning
Appears in:
| Field | Description |
|---|---|
Never | Do not delete image after it was pulled |
AfterPull | Delete image after it was successfully pulled |
ReferencedBuild
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
spec BuildSpec | Spec refers to an embedded build specification | ||
name string | Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names |
SingleValue
The value type contains the properties for a value, this allows for an easy extension in the future to support more kinds
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
value string | The value of the parameter | ||
configMapValue ObjectKeyRef | The ConfigMap value of the parameter | ||
secretValue ObjectKeyRef | The secret value of the parameter |
Source
Source describes the build source type to fetch.
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
type BuildSourceType | Type is the BuildSource qualifier, the type of the source. | ||
contextDir string | ContextDir is a path to subfolder in the repo. Optional. | ||
ociArtifact OCIArtifact | OCIArtifact contains the details for the source of type OCIArtifact | ||
git Git | Git contains the details for the source of type Git | ||
local Local | Local contains the details for the source of type Local |
SourceResult
SourceResult holds the results emitted from the different sources
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
git GitSourceResult | Git holds the results emitted from the source step of type git | ||
ociArtifact OciArtifactSourceResult | OciArtifact holds the results emitted from the source step of type ociArtifact | ||
timestamp Time | Timestamp holds the timestamp of the source, which depends on the actual source type and could range from being the commit timestamp or the fileystem timestamp of the most recent source file in the working directory |
Step
BuildStep defines a partial step that needs to run in container for building the image. If the build step declares a volumeMount, Shipwright will create an emptyDir volume mount for the named volume. Build steps which share the same named volume in the volumeMount will share the same underlying emptyDir volume. This behavior is deprecated, and will be removed when full volume support is added to build strategies as specified in SHIP-0022.
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
name string | Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated. | ||
image string | Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets. | ||
command string array | Entrypoint array. Not executed within a shell. The container image’s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. “$$(VAR_NAME)” will produce the string literal “$(VAR_NAME)”. Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell | ||
args string array | Arguments to the entrypoint. The container image’s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. “$$(VAR_NAME)” will produce the string literal “$(VAR_NAME)”. Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell | ||
workingDir string | Container’s working directory. If not specified, the container runtime’s default will be used, which might be configured in the container image. Cannot be updated. | ||
env EnvVar array | List of environment variables to set in the container. Cannot be updated. | ||
resources ResourceRequirements | Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ | ||
volumeMounts VolumeMount array | Pod volumes to mount into the container’s filesystem. Cannot be updated. | ||
imagePullPolicy PullPolicy | Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images | ||
securityContext SecurityContext | SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ |
Strategy
Strategy can be used to refer to a specific instance of a buildstrategy. Copied from CrossVersionObjectReference: https://github.com/kubernetes/kubernetes/blob/169df7434155cbbc22f1532cba8e0a9588e29ad8/pkg/apis/autoscaling/types.go#L64
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
name string | Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names | ||
kind BuildStrategyKind | BuildStrategyKind indicates the kind of the buildstrategy, namespaced or cluster scoped. |
Trigger
Trigger represents the webhook trigger configuration for a Build.
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
when TriggerWhen array | When the list of scenarios when a new build should take place. | ||
triggerSecret string | TriggerSecret points to a local object carrying the secret token to validate webhook request. |
TriggerType
Underlying type: string
TriggerType set of TriggerWhen valid names.
Appears in:
| Field | Description |
|---|---|
GitHub | GitHubWebHookTrigger GitHubWebHookTrigger trigger type name. |
Image | ImageTrigger Image trigger type name. |
Pipeline | PipelineTrigger Tekton Pipeline trigger type name. |
TriggerWhen
TriggerWhen a given scenario where the webhook trigger is applicable.
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
name string | Name name or the short description of the trigger condition. | ||
type TriggerType | Type the event type | ||
github WhenGitHub | GitHub describes how to trigger builds based on GitHub (SCM) events. | ||
image WhenImage | Image slice of image names where the event applies. | ||
objectRef WhenObjectRef | ObjectRef describes how to match a foreign resource, either using the name or the label selector, plus the current resource status. |
Type
Underlying type: string
Type used for defining the conditiont Type field flavour
Appears in:
| Field | Description |
|---|---|
Succeeded | Succeeded specifies that the resource has finished. For resources that run to completion. |
Vulnerability
Vulnerability defines a vulnerability by its ID and severity
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
id string | |||
severity VulnerabilitySeverity |
VulnerabilityIgnoreOptions
VulnerabilityIgnoreOptions refers to ignore options for vulnerability scan
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
id string array | ID references the security issues to be ignored in vulnerability scan | ||
severity IgnoredVulnerabilitySeverity | Severity denotes the severity levels of security issues to be ignored, valid values are: - “low”: it will exclude low severity vulnerabilities, displaying only medium, high and critical vulnerabilities - “medium”: it will exclude low and medium severity vulnerabilities, displaying only high and critical vulnerabilities - “high”: it will exclude low, medium and high severity vulnerabilities, displaying only the critical vulnerabilities | Enum: [low medium high] | |
unfixed boolean | Unfixed indicates to ignore vulnerabilities for which no fix exists |
VulnerabilityScanOptions
VulnerabilityScanOptions provides configurations about running a scan for your generated image
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
enabled boolean | Enabled indicates whether to run vulnerability scan for image | ||
failOnFinding boolean | FailOnFinding indicates whether to fail the build run if the vulnerability scan results in vulnerabilities | ||
ignore VulnerabilityIgnoreOptions | Ignore refers to ignore options for vulnerability scan |
VulnerabilitySeverity
Underlying type: string
VulnerabilitySeverity is an enum for the possible values for severity of a vulnerability
Appears in:
| Field | Description |
|---|---|
critical | Critical indicates a critical severity |
high | High indicates a high severity |
medium | Medium indicates a medium severity |
low | Low indicates a low severity |
unknown | Unknown indicates an unknown severity |
WhenGitHub
WhenGitHub attributes to match GitHub events.
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
events GitHubEventName array | Events GitHub event names. | MinItems: 1 | |
branches string array | Branches slice of branch names where the event applies. |
WhenImage
WhenImage attributes to match Image events.
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
names string array | Names fully qualified image names. |
WhenObjectRef
WhenObjectRef attributes to reference local Kubernetes objects.
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
name string | Name target object name. | ||
status string array | Status object status. | ||
selector object (keys:string, values:string) | Selector label selector. |