Shipwright is an extensible framework for building container images on Kubernetes.
With Shipwright, developers get a simplified approach for building container images, by defining a minimal YAML that does not require any previous knowledge of containers or container tooling. All you need is your source code in git and access to a container registry.
Shipwright supports any tool that can build container images in Kubernetes clusters, such as:
-
We assume you already have a Kubernetes cluster (v1.29+). If you don't, you can use KinD, which you can install by running
./hack/install-kind.sh
. -
We also require a Tekton installation (v0.56.+). To install the latest LTS release, run:
kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.65.1/release.yaml
If you are using OpenShift cluster refer Running on OpenShift for some more configurations.
-
Install the Shipwright deployment. To install the latest version, run:
kubectl apply --filename https://github.com/shipwright-io/build/releases/download/v0.14.0/release.yaml --server-side curl --silent --location https://raw.githubusercontent.com/shipwright-io/build/v0.14.0/hack/setup-webhook-cert.sh | bash curl --silent --location https://raw.githubusercontent.com/shipwright-io/build/main/hack/storage-version-migration.sh | bash
To install the latest nightly release, run:
kubectl apply --filename "https://github.com/shipwright-io/build/releases/download/nightly/nightly-$(curl --silent --location https://github.com/shipwright-io/build/releases/download/nightly/latest.txt).yaml" --server-side curl --silent --location https://raw.githubusercontent.com/shipwright-io/build/main/hack/setup-webhook-cert.sh | bash curl --silent --location https://raw.githubusercontent.com/shipwright-io/build/main/hack/storage-version-migration.sh | bash
-
Install the Shipwright strategies. To install the latest version, run:
kubectl apply --filename https://github.com/shipwright-io/build/releases/download/v0.14.0/sample-strategies.yaml --server-side
To install the latest nightly release, run:
kubectl apply --filename "https://github.com/shipwright-io/build/releases/download/nightly/nightly-$(curl --silent --location https://github.com/shipwright-io/build/releases/download/nightly/latest.txt)-sample-strategies.yaml" --server-side
-
Generate a secret to access your container registry, such as one on Docker Hub or Quay.io:
REGISTRY_SERVER=https://index.docker.io/v1/ REGISTRY_USER=<your_registry_user> REGISTRY_PASSWORD=<your_registry_password> kubectl create secret docker-registry push-secret \ --docker-server=$REGISTRY_SERVER \ --docker-username=$REGISTRY_USER \ --docker-password=$REGISTRY_PASSWORD \ --docker-email=<your_email>
-
Create a Build object, replacing
<REGISTRY_ORG>
with the registry username yourpush-secret
secret have access to:REGISTRY_ORG=<your_registry_org> cat <<EOF | kubectl apply -f - apiVersion: shipwright.io/v1beta1 kind: Build metadata: name: buildpack-nodejs-build spec: source: type: Git git: url: https://github.com/shipwright-io/sample-nodejs contextDir: source-build strategy: name: buildpacks-v3 kind: ClusterBuildStrategy output: image: docker.io/${REGISTRY_ORG}/sample-nodejs:latest pushSecret: push-secret EOF
To view the Build which you just created:
$ kubectl get builds NAME REGISTERED REASON BUILDSTRATEGYKIND BUILDSTRATEGYNAME CREATIONTIME buildpack-nodejs-build True Succeeded ClusterBuildStrategy buildpacks-v3 68s
-
Submit your BuildRun:
cat <<EOF | kubectl create -f - apiVersion: shipwright.io/v1beta1 kind: BuildRun metadata: generateName: buildpack-nodejs-buildrun- spec: build: name: buildpack-nodejs-build EOF
-
Wait until your BuildRun is completed and then you can view it as follows:
$ kubectl get buildruns NAME SUCCEEDED REASON STARTTIME COMPLETIONTIME buildpack-nodejs-buildrun-xyzds True Succeeded 69s 2s
or
kubectl get buildrun --output name | xargs kubectl wait --for=condition=Succeeded --timeout=180s
-
After your BuildRun is completed, check your container registry, you will find the new generated image uploaded there.
If you are running on OpenShift and if the pipeline
service account isn't already created,
here are the steps to create the same:
oc create serviceaccount pipeline
oc adm policy add-scc-to-user privileged -z pipeline
oc adm policy add-role-to-user edit -z pipeline
Depending on your source code, you might want to build it differently with Shipwright.
To find out more on what's the best strategy or what else can Shipwright do for you, please visit our tutorial!
Dependency | Supported versions |
---|---|
Kubernetes | v1.29.*, v1.30.*, v1.31.* |
Tekton | v0.56.*, v0.59.*, v0.62.*, v0.65.* |
We are building container images of the Shipwright Build controller for all platforms supported by the base image that we are using which is registry.access.redhat.com/ubi9/ubi-minimal. Those are:
- linux/amd64
- linux/arm64
- linux/ppc64le
- linux/s390x
All these platforms are also supported by our Tekton Pipelines dependency. Our own tests as part of our CI pipeline are all only running on and testing the linux/amd64 platform.
Our sample build strategies are all functional on linux/amd64. Their support on other platforms relies on the tools being used there to be available for other platforms. For detailed information, please see Available ClusterBuildStrategies.
We host weekly meetings for users, contributors, maintainers and anyone interested in the project. The weekly meetings take place on Mondays at 1pm UTC.
We are so excited to have you!
- See CONTRIBUTING.md for an overview of our processes.
- This community has a Code of Conduct, please make sure to follow it.
- See DEVELOPMENT.md for how to get started.
- See HACK.md for how to build, test & run (advanced reading material).
- Look at our good first issues and our help wanted issues.
- Contact us:
- Kubernetes Slack: #shipwright.
- Users can discuss help, feature requests, or potential bugs at [email protected]. Click here to join.
- Contributors can discuss active development topics at [email protected]. Click here to join.
Shipwright is a Cloud Native Computing Foundation (CNCF) Sandbox project.