Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Build Volumes #478

Open
adambkaplan opened this issue Nov 10, 2020 · 3 comments
Open

Build Volumes #478

adambkaplan opened this issue Nov 10, 2020 · 3 comments
Labels
kind/feature Categorizes issue or PR as related to a new feature.

Comments

@adambkaplan
Copy link
Member

Dockerfile-based builds tools (kaniko [1], buildah [2]) support two kinds of inputs:

  1. Build context - this is typically source code or artifacts, and reside in the build context. These files are either COPYed or ADDed, and as a result a layer is added to the final image.
  2. Volumes - these are often things like caches (image layers, npm, maven, etc). These are bind-mounted into the build container and do not directly result in layers being added to the final image. This can also be used to bind mount sensitive information that should not be present in a distributed image (ex - certificate authorities for private registries).

We should support volumes as a separate input for Build/BiuldRun objects, and provide a means for BuildStrategy authors to consume these volume mounts within the build process.

[1] https://github.com/GoogleContainerTools/kaniko#caching
[2] https://github.com/containers/buildah/blob/master/docs/buildah-mount.md

@adambkaplan
Copy link
Member Author

This was split out from #57 - one thing proxied clusters need is the ability to bind-mount a trust bundle.

@adambkaplan
Copy link
Member Author

/kind feature

@openshift-ci-robot openshift-ci-robot added the kind/feature Categorizes issue or PR as related to a new feature. label Nov 10, 2020
This was referenced Nov 10, 2020
@adambkaplan
Copy link
Member Author

adambkaplan commented Nov 19, 2020

Perhaps this should be re-phrased as "Build Mounts":

  1. Mounts are typically read-only
  2. Mounts are not present in the resulting image

Volume and mounts are used interchangeably by docker and podman, so 🤷

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
kind/feature Categorizes issue or PR as related to a new feature.
Projects
None yet
Development

No branches or pull requests

2 participants