Shipwright is an extensible framework for building container images on Kubernetes.

Why?

With Shipwright, developers get a simplified approach for building container images, by defining a minimal YAML that does not require any previous knowledge of containers or container tooling. All you need is your source code in git and access to a container registry.

Shipwright supports any tool that can build container images in Kubernetes clusters, such as:

• Kaniko
• Cloud Native Buildpacks
• BuildKit
• Buildah

Try It!

• We assume you already have a Kubernetes cluster (v1.29+). If you don't, you can use KinD, which you can install by running ./hack/install-kind.sh.

• We also require a Tekton installation (v0.56.+). To install the latest LTS release, run:

  kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.65.1/release.yaml

  If you are using OpenShift cluster refer Running on OpenShift for some more configurations.

• Install the Shipwright deployment. To install the latest version, run:

  kubectl apply --filename https://github.com/shipwright-io/build/releases/download/v0.14.0/release.yaml --server-side
  curl --silent --location https://raw.githubusercontent.com/shipwright-io/build/v0.14.0/hack/setup-webhook-cert.sh | bash
  curl --silent --location https://raw.githubusercontent.com/shipwright-io/build/main/hack/storage-version-migration.sh | bash

  To install the latest nightly release, run:

  kubectl apply --filename "https://github.com/shipwright-io/build/releases/download/nightly/nightly-$(curl --silent --location https://github.com/shipwright-io/build/releases/download/nightly/latest.txt).yaml" --server-side
  curl --silent --location https://raw.githubusercontent.com/shipwright-io/build/main/hack/setup-webhook-cert.sh | bash
  curl --silent --location https://raw.githubusercontent.com/shipwright-io/build/main/hack/storage-version-migration.sh | bash

• Install the Shipwright strategies. To install the latest version, run:

  kubectl apply --filename https://github.com/shipwright-io/build/releases/download/v0.14.0/sample-strategies.yaml --server-side

  To install the latest nightly release, run:

  kubectl apply --filename "https://github.com/shipwright-io/build/releases/download/nightly/nightly-$(curl --silent --location https://github.com/shipwright-io/build/releases/download/nightly/latest.txt)-sample-strategies.yaml" --server-side

• Generate a secret to access your container registry, such as one on Docker Hub or Quay.io:

  REGISTRY_SERVER=https://index.docker.io/v1/ REGISTRY_USER=<your_registry_user> REGISTRY_PASSWORD=<your_registry_password>
  kubectl create secret docker-registry push-secret \
    --docker-server=$REGISTRY_SERVER \
    --docker-username=$REGISTRY_USER \
    --docker-password=$REGISTRY_PASSWORD  \
    --docker-email=<your_email>

• Create a Build object, replacing <REGISTRY_ORG> with the registry username your push-secret secret have access to:

  REGISTRY_ORG=<your_registry_org>
  cat <<EOF | kubectl apply -f -
  apiVersion: shipwright.io/v1beta1
  kind: Build
  metadata:
  name: buildpack-nodejs-build
  spec:
  source:
    type: Git
    git:
      url: https://github.com/shipwright-io/sample-nodejs
    contextDir: source-build
  strategy:
    name: buildpacks-v3
    kind: ClusterBuildStrategy
  output:
    image: docker.io/${REGISTRY_ORG}/sample-nodejs:latest
    pushSecret: push-secret
  EOF

  To view the Build which you just created:

  $ kubectl get builds
  
  NAME                     REGISTERED   REASON      BUILDSTRATEGYKIND      BUILDSTRATEGYNAME   CREATIONTIME
  buildpack-nodejs-build   True         Succeeded   ClusterBuildStrategy   buildpacks-v3       68s

• Submit your BuildRun:

  cat <<EOF | kubectl create -f -
  apiVersion: shipwright.io/v1beta1
  kind: BuildRun
  metadata:
  generateName: buildpack-nodejs-buildrun-
  spec:
  build:
    name: buildpack-nodejs-build
  EOF

• Wait until your BuildRun is completed and then you can view it as follows:

  $ kubectl get buildruns
  
  NAME                              SUCCEEDED   REASON      STARTTIME   COMPLETIONTIME
  buildpack-nodejs-buildrun-xyzds   True        Succeeded   69s         2s

  or

  kubectl get buildrun --output name | xargs kubectl wait --for=condition=Succeeded --timeout=180s

• After your BuildRun is completed, check your container registry, you will find the new generated image uploaded there.

Running on OpenShift

If you are running on OpenShift and if the pipeline service account isn't already created, here are the steps to create the same:

oc create serviceaccount pipeline
oc adm policy add-scc-to-user privileged -z pipeline
oc adm policy add-role-to-user edit -z pipeline

Please tell us more!

Depending on your source code, you might want to build it differently with Shipwright.

To find out more on what's the best strategy or what else can Shipwright do for you, please visit our tutorial!

More information

Read the Docs

Dependencies

Platform support

We are building container images of the Shipwright Build controller for all platforms supported by the base image that we are using which is registry.access.redhat.com/ubi9/ubi-minimal. Those are:

• linux/amd64
• linux/arm64
• linux/ppc64le
• linux/s390x

All these platforms are also supported by our Tekton Pipelines dependency. Our own tests as part of our CI pipeline are all only running on and testing the linux/amd64 platform.

Our sample build strategies are all functional on linux/amd64. Their support on other platforms relies on the tools being used there to be available for other platforms. For detailed information, please see Available ClusterBuildStrategies.

Want to get involved?

Community meetings

We host weekly meetings for users, contributors, maintainers and anyone interested in the project. The weekly meetings take place on Mondays at 1pm UTC.

• Meeting minutes
• Public calendar invite

Want to contribute

We are so excited to have you!

• See CONTRIBUTING.md for an overview of our processes.
• This community has a Code of Conduct, please make sure to follow it.
• See DEVELOPMENT.md for how to get started.
• See HACK.md for how to build, test & run (advanced reading material).
• Look at our good first issues and our help wanted issues.
• Contact us:
  • Kubernetes Slack: #shipwright.
  • Users can discuss help, feature requests, or potential bugs at shipwright-users@lists.shipwright.io. Click here to join.
  • Contributors can discuss active development topics at shipwright-dev@lists.shipwright.io. Click here to join.

Shipwright is a Cloud Native Computing Foundation (CNCF) Sandbox project.