Shipwright is an extensible framework for building container images on Kubernetes.
Why?
With Shipwright, developers get a simplified approach for building container images, by defining a minimal YAML that does not require any previous knowledge of containers or container tooling. All you need is your source code in git and access to a container registry.
Shipwright supports any tool that can build container images in Kubernetes clusters, such as:
Try It!
-
We assume you already have a Kubernetes cluster (v1.27+). If you don't, you can use KinD, which you can install by running
./hack/install-kind.sh. -
We also require a Tekton installation (v0.50.+). To install it, run:
kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.50.5/release.yamlIf you are using OpenShift cluster refer Running on OpenShift for some more configurations.
-
Install the Shipwright deployment. To install the latest version, run:
kubectl apply --filename https://github.com/shipwright-io/build/releases/download/v0.12.0/release.yaml --server-side curl --silent --location https://raw.githubusercontent.com/shipwright-io/build/v0.12.0/hack/setup-webhook-cert.sh | bashTo install the latest nightly release, run:
kubectl apply --filename "https://github.com/shipwright-io/build/releases/download/nightly/nightly-$(curl --silent --location https://github.com/shipwright-io/build/releases/download/nightly/latest.txt).yaml" --server-side curl --silent --location https://raw.githubusercontent.com/shipwright-io/build/main/hack/setup-webhook-cert.sh | bash -
Install the Shipwright strategies. To install the latest version, run:
kubectl apply --filename https://github.com/shipwright-io/build/releases/download/v0.12.0/sample-strategies.yaml --server-sideTo install the latest nightly release, run:
kubectl apply --filename "https://github.com/shipwright-io/build/releases/download/nightly/nightly-$(curl --silent --location https://github.com/shipwright-io/build/releases/download/nightly/latest.txt)-sample-strategies.yaml" --server-side -
Generate a secret to access your container registry, such as one on Docker Hub or Quay.io:
REGISTRY_SERVER=https://index.docker.io/v1/ REGISTRY_USER=<your_registry_user> REGISTRY_PASSWORD=<your_registry_password> kubectl create secret docker-registry push-secret \ --docker-server=$REGISTRY_SERVER \ --docker-username=$REGISTRY_USER \ --docker-password=$REGISTRY_PASSWORD \ --docker-email=<your_email> -
Create a Build object, replacing
<REGISTRY_ORG>with the registry username yourpush-secretsecret have access to:REGISTRY_ORG=<your_registry_org> cat <<EOF | kubectl apply -f - apiVersion: shipwright.io/v1beta1 kind: Build metadata: name: buildpack-nodejs-build spec: source: type: Git git: url: https://github.com/shipwright-io/sample-nodejs contextDir: source-build strategy: name: buildpacks-v3 kind: ClusterBuildStrategy output: image: docker.io/${REGISTRY_ORG}/sample-nodejs:latest pushSecret: push-secret EOFTo view the Build which you just created:
$ kubectl get builds NAME REGISTERED REASON BUILDSTRATEGYKIND BUILDSTRATEGYNAME CREATIONTIME buildpack-nodejs-build True Succeeded ClusterBuildStrategy buildpacks-v3 68s -
Submit your BuildRun:
cat <<EOF | kubectl create -f - apiVersion: shipwright.io/v1beta1 kind: BuildRun metadata: generateName: buildpack-nodejs-buildrun- spec: build: name: buildpack-nodejs-build EOF -
Wait until your BuildRun is completed and then you can view it as follows:
$ kubectl get buildruns NAME SUCCEEDED REASON STARTTIME COMPLETIONTIME buildpack-nodejs-buildrun-xyzds True Succeeded 69s 2sor
kubectl get buildrun --output name | xargs kubectl wait --for=condition=Succeeded --timeout=180s -
After your BuildRun is completed, check your container registry, you will find the new generated image uploaded there.
Running on OpenShift
If you are running on OpenShift and if the pipeline service account isn't already created,
here are the steps to create the same:
oc create serviceaccount pipeline
oc adm policy add-scc-to-user privileged -z pipeline
oc adm policy add-role-to-user edit -z pipelinePlease tell us more!
Depending on your source code, you might want to build it differently with Shipwright.
To find out more on what's the best strategy or what else can Shipwright do for you, please visit our tutorial!
More information
Read the Docs
Dependencies
| Dependency | Supported versions |
|---|---|
| Kubernetes | v1.27.*, v1.28.*, v1.29.* |
| Tekton | v0.50.*, v0.53.*, v0.56.* |
Platform support
We are building container images of the Shipwright Build controller for all platforms supported by the base image that we are using which is registry.access.redhat.com/ubi9/ubi-minimal. Those are:
- linux/amd64
- linux/arm64
- linux/ppc64le
- linux/s390x
All these platforms are also supported by our Tekton Pipelines dependency. Our own tests as part of our CI pipeline are all only running on and testing the linux/amd64 platform.
Our sample build strategies are all functional on linux/amd64. Their support on other platforms relies on the tools being used there to be available for other platforms. For detailed information, please see Available ClusterBuildStrategies.
Want to get involved?
Community meetings
We host weekly meetings for users, contributors, maintainers and anyone interested in the project. The weekly meetings take place on Mondays at 1pm UTC.
Want to contribute
We are so excited to have you!
- See CONTRIBUTING.md for an overview of our processes
- See DEVELOPMENT.md for how to get started
- See HACK.md for how to build, test & run (advanced reading material)
- Look at our good first issues and our help wanted issues
- Contact us:
- Kubernetes Slack: #shipwright
- Users can discuss help, feature requests, or potential bugs at shipwright-users@lists.shipwright.io. Click here to join.
- Contributors can discuss active development topics at shipwright-dev@lists.shipwright.io. Click here to join.