From cd8843b8b4c3f585fb2fd6511a2f0ccbf1f430a2 Mon Sep 17 00:00:00 2001 From: kritka sahni Date: Wed, 15 Nov 2023 05:07:28 +0000 Subject: [PATCH 1/6] Platform API changes to enable exporting app image and cache image in parallel Signed-off-by: kritka sahni --- platform.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/platform.md b/platform.md index dd50486..2234f77 100644 --- a/platform.md +++ b/platform.md @@ -698,6 +698,7 @@ Usage: [-layout] \ # sets [-layout-dir] \ # sets [-log-level ] \ + [-parallel] \ [-process-type ] \ [-project-metadata ] \ [-report ] \ @@ -727,6 +728,7 @@ Usage: | `` | `CNB_USE_LAYOUT` | false | (**[experimental](#experimental-features)**) Export image to disk in OCI layout format | | `` | `CNB_LAYOUT_DIR` | | (**[experimental](#experimental-features)**) Path to a root directory where the images are saved in OCI layout format | | `` | `CNB_LOG_LEVEL` | `info` | Log Level | +| `` | `CNB_PARALLEL_EXPORT` | false | Export app image and cache image in parallel | | `` | `CNB_PROCESS_TYPE` | | Default process type to set in the exported image | | `` | `CNB_PROJECT_METADATA_PATH` | `/project-metadata.toml` | Path to a project metadata file (see [`project-metadata.toml`](#project-metadatatoml-toml) | | `` | `CNB_REPORT_PATH` | `/report.toml` | Path to report (see [`report.toml`](#reporttoml-toml) | From 36695bacab1cea241d167babe1461c94568fd803 Mon Sep 17 00:00:00 2001 From: Natalie Arellano Date: Wed, 15 Nov 2023 10:48:22 -0500 Subject: [PATCH 2/6] Update platform.md Signed-off-by: Natalie Arellano --- platform.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/platform.md b/platform.md index 2234f77..70254ee 100644 --- a/platform.md +++ b/platform.md @@ -728,7 +728,7 @@ Usage: | `` | `CNB_USE_LAYOUT` | false | (**[experimental](#experimental-features)**) Export image to disk in OCI layout format | | `` | `CNB_LAYOUT_DIR` | | (**[experimental](#experimental-features)**) Path to a root directory where the images are saved in OCI layout format | | `` | `CNB_LOG_LEVEL` | `info` | Log Level | -| `` | `CNB_PARALLEL_EXPORT` | false | Export app image and cache image in parallel | +| `` | `CNB_PARALLEL_EXPORT` | false | Export app image and cache in parallel | | `` | `CNB_PROCESS_TYPE` | | Default process type to set in the exported image | | `` | `CNB_PROJECT_METADATA_PATH` | `/project-metadata.toml` | Path to a project metadata file (see [`project-metadata.toml`](#project-metadatatoml-toml) | | `` | `CNB_REPORT_PATH` | `/report.toml` | Path to report (see [`report.toml`](#reporttoml-toml) | From b19fdbdaa8d8d8e4eff94765ce535977b2fbf4b9 Mon Sep 17 00:00:00 2001 From: Ralf Pannemans Date: Tue, 9 Jan 2024 12:52:11 +0100 Subject: [PATCH 3/6] Platform API changes for image extension build contexts Signed-off-by: Ralf Pannemans Co-authored-by: Philipp Stehle Co-authored-by: Ralf Pannemans Co-authored-by: Pavel Busko --- platform.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/platform.md b/platform.md index dd50486..52763e1 100644 --- a/platform.md +++ b/platform.md @@ -605,14 +605,15 @@ When extending the build image: | `1-10`, `13-19` | Generic lifecycle errors | | `100-109` | Extension-specific lifecycle errors | -- For each extension in `` in order, if a Dockerfile exists in `//`, the lifecycle: +- For each extension in `` in order, if a Dockerfile exists in `//.Dockerfile`, the lifecycle: - SHALL apply the Dockerfile to the environment according to the process outlined in the [Image Extension Specification](image-extension.md). + - SHALL set the build context to the folder according to the process outlined in the [Image Extension Specification](image-extension.md). - The extended image MUST be an extension of: - The `build-image` in `` when `` is `build`, or - The `run-image` in `` when `` is `run` -- When extending the build image, after all `build.Dockefile`s are applied, the lifecycle: +- When extending the build image, after all `build.Dockerfile`s are applied, the lifecycle: - SHALL proceed with the `build` phase using the provided `` and `` -- When extending the run image, after all `run.Dockefile`s are applied, the lifecycle: +- When extending the run image, after all `run.Dockerfile`s are applied, the lifecycle: - **If** any `run.Dockerfile` set the label `io.buildpacks.rebasable` to `false` or left the label unset: - SHALL set the label `io.buildpacks.rebasable` to `false` on the extended run image - **If** after the final `run.Dockerfile` the run image user is `root`, From 3bb19203e3838ad0cb5623dc8c967f8d7bd15f05 Mon Sep 17 00:00:00 2001 From: Ralf Pannemans Date: Tue, 9 Jan 2024 13:09:03 +0100 Subject: [PATCH 4/6] Add recoring of build-image.extend Signed-off-by: Ralf Pannemans Co-authored-by: Philipp Stehle --- platform.md | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/platform.md b/platform.md index 52763e1..8d8df1c 100644 --- a/platform.md +++ b/platform.md @@ -77,6 +77,7 @@ Examples of a platform might include: - [Launch Environment](#launch-environment) - [Caching](#caching) - [Build Reproducibility](#build-reproducibility) + - [Map an image reference to a path in the layout directory](#map-an-image-reference-to-a-path-in-the-layout-directory) - [Data Format](#data-format) - [Files](#files) - [`analyzed.toml` (TOML)](#analyzedtoml-toml) @@ -443,9 +444,6 @@ The lifecycle: When image extensions are present in the order (optional and **[experimental](#experimental-features)**), the lifecycle: - SHALL execute all image extensions in the order defined in `` according to the process outlined in the [Buildpack Interface Specification](buildpack.md). - SHALL filter the build plan with dependencies provided by image extensions. -- SHALL copy any generated run.Dockerfiles to `/run//Dockerfile`. -- SHALL copy any generated build.Dockerfiles to `/build//Dockerfile`. -- SHALL copy any generated `` files to `/build//`. - SHALL replace `run-image` in `` with the selected run image. To select the run image, the lifecycle SHALL inspect each `run.Dockerfile` output by image extensions, in the order defined in ``: - **If** all `run.Dockerfile`s declare `FROM ${base_image}`, the selected run image SHALL be the original run image in ``, with `extend = true` - **Else** the selected run image SHALL be the last image referenced in the `FROM` statement of the last `run.Dockerfile` not to declare `FROM ${base_image}` @@ -457,6 +455,11 @@ When image extensions are present in the order (optional and **[experimental](#e - **Else** - `run-image.extend` SHALL be `true` - SHALL warn if the selected run image is not found in `` +- SHALL record `build-image` in `` + - **If** there are no `build.Dockerfile`s: + - `build-image.extend` SHALL be `false` + - **Else** + - `build-image.extend` SHALL be `true` #### `restorer` From 334893105d73e3de238a91f2e1f5ba2f6ede838f Mon Sep 17 00:00:00 2001 From: Natalie Arellano Date: Wed, 17 Jan 2024 15:00:51 -0500 Subject: [PATCH 5/6] Add insecure registries flags and env var Signed-off-by: Natalie Arellano --- platform.md | 153 +++++++++++++++++++++++++++------------------------- 1 file changed, 81 insertions(+), 72 deletions(-) diff --git a/platform.md b/platform.md index dd50486..9718147 100644 --- a/platform.md +++ b/platform.md @@ -300,6 +300,7 @@ Usage: [-cache-image ] \ [-daemon] \ # sets [-gid ] \ + [-insecure-registry ...] \ [-launch-cache ] \ [-layers ] \ [-layout] \ # sets @@ -316,24 +317,25 @@ Usage: ##### Inputs -| Input | Environment Variable | Default Value | Description | -|--------------------|------------------------|--------------------------|-----------------------------------------------------------------------------------------------------------------------| -| `` | `CNB_ANALYZED_PATH` | `/analyzed.toml` | Path to output analysis metadata (see [`analyzed.toml`](#analyzedtoml-toml) | -| `` | `CNB_CACHE_IMAGE` | | Reference to a cache image in an OCI registry | -| `` | `CNB_USE_DAEMON` | `false` | Analyze image from docker daemon | -| `` | `CNB_GROUP_ID` | | Primary GID of the build image `User` | -| `` | `CNB_LAYERS_DIR` | `/layers` | Path to layers directory | -| `` | `CNB_USE_LAYOUT` | false | (**[experimental](#experimental-features)**) Analyze image from disk in OCI layout format | -| `` | `CNB_LAYOUT_DIR` | | (**[experimental](#experimental-features)**) Path to a root directory where the images are saved in OCI layout format | -| `` | | | Tag reference to which the app image will be written | -| `` | `CNB_LAUNCH_CACHE_DIR` | | Path to a cache directory containing launch layers | -| `` | `CNB_LOG_LEVEL` | `info` | Log Level | -| `` | `CNB_PREVIOUS_IMAGE` | `` | Image reference to be analyzed (usually the result of the previous build) | -| `` | `CNB_RUN_PATH` | `/cnb/run.toml` | Path to run file (see [`run.toml`](#runtoml-toml)) | -| `` | `CNB_RUN_IMAGE` | resolved from `` | Run image reference | -| `` | `CNB_SKIP_LAYERS` | `false` | Do not restore SBOM layer from previous image | -| `...` | | | Additional tag to apply to exported image | -| `` | `CNB_USER_ID` | | UID of the build image `User` | +| Input | Environment Variable | Default Value | Description | +|--------------------------|---------------------------|--------------------------|-----------------------------------------------------------------------------------------------------------------------| +| `` | `CNB_ANALYZED_PATH` | `/analyzed.toml` | Path to output analysis metadata (see [`analyzed.toml`](#analyzedtoml-toml) | +| `` | `CNB_CACHE_IMAGE` | | Reference to a cache image in an OCI registry | +| `` | `CNB_USE_DAEMON` | `false` | Analyze image from docker daemon | +| `` | `CNB_GROUP_ID` | | Primary GID of the build image `User` | +| `...` | `CNB_INSECURE_REGISTRIES` | | When fetching images from this registry, do not use TLS encryption or certificate verification | +| `` | `CNB_LAYERS_DIR` | `/layers` | Path to layers directory | +| `` | `CNB_USE_LAYOUT` | false | (**[experimental](#experimental-features)**) Analyze image from disk in OCI layout format | +| `` | `CNB_LAYOUT_DIR` | | (**[experimental](#experimental-features)**) Path to a root directory where the images are saved in OCI layout format | +| `` | | | Tag reference to which the app image will be written | +| `` | `CNB_LAUNCH_CACHE_DIR` | | Path to a cache directory containing launch layers | +| `` | `CNB_LOG_LEVEL` | `info` | Log Level | +| `` | `CNB_PREVIOUS_IMAGE` | `` | Image reference to be analyzed (usually the result of the previous build) | +| `` | `CNB_RUN_PATH` | `/cnb/run.toml` | Path to run file (see [`run.toml`](#runtoml-toml)) | +| `` | `CNB_RUN_IMAGE` | resolved from `` | Run image reference | +| `` | `CNB_SKIP_LAYERS` | `false` | Do not restore SBOM layer from previous image | +| `...` | | | Additional tag to apply to exported image | +| `` | `CNB_USER_ID` | | UID of the build image `User` | -`` MUST be a valid image reference - **If** the platform provides one or more `` inputs, each `` MUST be a valid image reference. @@ -470,6 +472,7 @@ Usage: [-daemon] \ # sets [-gid ] \ [-group ] \ + [-insecure-registry ...] \ [-layers ] \ [-log-level ] \ [-skip-layers ] \ @@ -478,20 +481,21 @@ Usage: ##### Inputs -| Input | Environment Variable | Default Value | Description | -|------------------|----------------------|--------------------------|---------------------------------------------------------------------------------------------------| -| `` | `CNB_ANALYZED_PATH` | `/analyzed.toml` | Path to output analysis metadata (see [`analyzed.toml`](#analyzedtoml-toml) | -| ``* | `CNB_BUILD_IMAGE` | | Reference to the current build image in an OCI registry (if used `` must be provided) | -| `` | `CNB_CACHE_DIR` | | Path to a cache directory | -| `` | `CNB_CACHE_IMAGE` | | Reference to a cache image in an OCI registry | -| ``^ | `CNB_USE_DAEMON` | `false` | Read additional target data for run image from docker daemon | -| `` | `CNB_GROUP_ID` | | Primary GID of the build image `User` | -| `` | `CNB_GROUP_PATH` | `/group.toml` | Path to group definition (see [`group.toml`](#grouptoml-toml)) | -| ``^ | | | Kaniko directory (must be `/kaniko`) | -| `` | `CNB_LAYERS_DIR` | `/layers` | Path to layers directory | -| `` | `CNB_LOG_LEVEL` | `info` | Log Level | -| `` | `CNB_SKIP_LAYERS` | `false` | Do not perform [layer restoration](#layer-restoration) | -| `` | `CNB_USER_ID` | | UID of the build image `User` | +| Input | Environment Variable | Default Value | Description | +|--------------------------|---------------------------|--------------------------|---------------------------------------------------------------------------------------------------| +| `` | `CNB_ANALYZED_PATH` | `/analyzed.toml` | Path to output analysis metadata (see [`analyzed.toml`](#analyzedtoml-toml) | +| ``* | `CNB_BUILD_IMAGE` | | Reference to the current build image in an OCI registry (if used `` must be provided) | +| `` | `CNB_CACHE_DIR` | | Path to a cache directory | +| `` | `CNB_CACHE_IMAGE` | | Reference to a cache image in an OCI registry | +| ``^ | `CNB_USE_DAEMON` | `false` | Read additional target data for run image from docker daemon | +| `` | `CNB_GROUP_ID` | | Primary GID of the build image `User` | +| `` | `CNB_GROUP_PATH` | `/group.toml` | Path to group definition (see [`group.toml`](#grouptoml-toml)) | +| `...` | `CNB_INSECURE_REGISTRIES` | | When fetching images from this registry, do not use TLS encryption or certificate verification | +| ``^ | | | Kaniko directory (must be `/kaniko`) | +| `` | `CNB_LAYERS_DIR` | `/layers` | Path to layers directory | +| `` | `CNB_LOG_LEVEL` | `info` | Log Level | +| `` | `CNB_SKIP_LAYERS` | `false` | Do not perform [layer restoration](#layer-restoration) | +| `` | `CNB_USER_ID` | | UID of the build image `User` | > ^ Only needed when using image extensions @@ -691,6 +695,7 @@ Usage: [-extended ] \ [-gid ] \ [-group ] \ + [-insecure-registry ...] \ [-launch-cache ] \ [-launcher ] \ [-launcher-sbom ] \ @@ -708,31 +713,32 @@ Usage: ##### Inputs -| Input | Environment Variable | Default Value | Description | -|---------------------------------|-----------------------------|----------------------------------|--------------------------------------------------------------------------------------------| -| `` | `CNB_ANALYZED_PATH` | `/analyzed.toml` | Path to analysis metadata (see [`analyzed.toml`](#analyzedtoml-toml) | -| `` | `CNB_APP_DIR` | `/workspace` | Path to application directory | -| `` | `CNB_CACHE_DIR` | | Path to a cache directory | -| `` | `CNB_CACHE_IMAGE` | | Reference to a cache image in an OCI registry | -| `` | `CNB_USE_DAEMON` | `false` | Export image to docker daemon | -| ``** | `CNB_EXTENDED_DIR` | `/extended` | Path to directory containing extended run image layers | -| `` | `CNB_GROUP_ID` | | Primary GID of the build image `User` | -| `` | `CNB_GROUP_PATH` | `/group.toml` | Path to group file (see [`group.toml`](#grouptoml-toml)) | -| `` | | | Tag reference to which the app image will be written | -| `` | `CNB_LAUNCH_CACHE_DIR` | | Path to a cache directory containing launch layers | -| `` | | `/cnb/lifecycle` | Path to directory containing SBOM files describing the `launcher` executable | -| `` | | `/cnb/lifecycle/launcher` | Path to the `launcher` executable | -| `/config/metadata.toml` | | | Build metadata (see [`metadata.toml`](#metadatatoml-toml) | -| `` | `CNB_LAYERS_DIR` | `/layers` | Path to layer directory | -| `` | `CNB_USE_LAYOUT` | false | (**[experimental](#experimental-features)**) Export image to disk in OCI layout format | +| Input | Environment Variable | Default Value | Description | +|---------------------------------|-----------------------------|----------------------------------|-----------------------------------------------------------------------------------------------------------------------| +| `` | `CNB_ANALYZED_PATH` | `/analyzed.toml` | Path to analysis metadata (see [`analyzed.toml`](#analyzedtoml-toml) | +| `` | `CNB_APP_DIR` | `/workspace` | Path to application directory | +| `` | `CNB_CACHE_DIR` | | Path to a cache directory | +| `` | `CNB_CACHE_IMAGE` | | Reference to a cache image in an OCI registry | +| `` | `CNB_USE_DAEMON` | `false` | Export image to docker daemon | +| ``** | `CNB_EXTENDED_DIR` | `/extended` | Path to directory containing extended run image layers | +| `` | `CNB_GROUP_ID` | | Primary GID of the build image `User` | +| `` | `CNB_GROUP_PATH` | `/group.toml` | Path to group file (see [`group.toml`](#grouptoml-toml)) | +| `` | | | Tag reference to which the app image will be written | +| `...` | `CNB_INSECURE_REGISTRIES` | | When fetching images from this registry, do not use TLS encryption or certificate verification | +| `` | `CNB_LAUNCH_CACHE_DIR` | | Path to a cache directory containing launch layers | +| `` | | `/cnb/lifecycle` | Path to directory containing SBOM files describing the `launcher` executable | +| `` | | `/cnb/lifecycle/launcher` | Path to the `launcher` executable | +| `/config/metadata.toml` | | | Build metadata (see [`metadata.toml`](#metadatatoml-toml) | +| `` | `CNB_LAYERS_DIR` | `/layers` | Path to layer directory | +| `` | `CNB_USE_LAYOUT` | false | (**[experimental](#experimental-features)**) Export image to disk in OCI layout format | | `` | `CNB_LAYOUT_DIR` | | (**[experimental](#experimental-features)**) Path to a root directory where the images are saved in OCI layout format | -| `` | `CNB_LOG_LEVEL` | `info` | Log Level | -| `` | `CNB_PROCESS_TYPE` | | Default process type to set in the exported image | -| `` | `CNB_PROJECT_METADATA_PATH` | `/project-metadata.toml` | Path to a project metadata file (see [`project-metadata.toml`](#project-metadatatoml-toml) | -| `` | `CNB_REPORT_PATH` | `/report.toml` | Path to report (see [`report.toml`](#reporttoml-toml) | -| `` | `CNB_RUN_PATH` | `/cnb/run.toml` | Path to run file (see [`run.toml`](#runtoml-toml) | -| `` | `CNB_USER_ID` | | UID of the build image `User` | -| | `SOURCE_DATE_EPOCH` | | Timestamp for `created` time in app image config | +| `` | `CNB_LOG_LEVEL` | `info` | Log Level | +| `` | `CNB_PROCESS_TYPE` | | Default process type to set in the exported image | +| `` | `CNB_PROJECT_METADATA_PATH` | `/project-metadata.toml` | Path to a project metadata file (see [`project-metadata.toml`](#project-metadatatoml-toml) | +| `` | `CNB_REPORT_PATH` | `/report.toml` | Path to report (see [`report.toml`](#reporttoml-toml) | +| `` | `CNB_RUN_PATH` | `/cnb/run.toml` | Path to run file (see [`run.toml`](#runtoml-toml) | +| `` | `CNB_USER_ID` | | UID of the build image `User` | +| | `SOURCE_DATE_EPOCH` | | Timestamp for `created` time in app image config | > ** Only needed when extending the run image @@ -830,6 +836,7 @@ Usage: [-cache-image ] \ [-daemon] \ # sets [-gid ] \ + [-insecure-registry ...] \ [-launch-cache ] \ [-launcher ] \ [-layers ] \ @@ -854,11 +861,11 @@ Usage: Running `creator` SHALL be equivalent to running `detector`, `analyzer`, `restorer`, `builder` and `exporter` in order with identical inputs where they are accepted, with the following exceptions. -| Input | Environment Variable| Default Value| Description -|-------------------|---------------------|--------------|---------------------- -| ``| `CNB_PREVIOUS_IMAGE`| `` | Image reference to be analyzed (usually the result of the previous build) -| `` | `CNB_SKIP_RESTORE` | `false` | Prevent buildpacks from reusing layers from previous builds, by skipping the restoration of any data to each buildpack's layers directory, with the exception of `store.toml`. -| `...` | | | Additional tag to apply to exported image +| Input | Environment Variable | Default Value | Description | +|--------------------|----------------------|---------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| `` | `CNB_PREVIOUS_IMAGE` | `` | Image reference to be analyzed (usually the result of the previous build) | +| `` | `CNB_SKIP_RESTORE` | `false` | Prevent buildpacks from reusing layers from previous builds, by skipping the restoration of any data to each buildpack's layers directory, with the exception of `store.toml`. | +| `...` | | | Additional tag to apply to exported image | - **If** `` is `true` the `creator` SHALL skip the restoration of any data to each buildpack's layers directory, with the exception of `store.toml`. - **If** the platform provides one or more `` inputs they SHALL be treated as additional `` inputs to the `exporter` @@ -887,6 +894,7 @@ Usage: [-daemon] \ # sets [-force] \ [-gid ] \ + [-insecure-registry ...] \ [-log-level ] \ [-previous-image ] \ [-report ] \ @@ -897,17 +905,18 @@ Usage: ##### Inputs -| Input | Environment Variable | Default Value | Description | -|--------------------|----------------------|------------------------|-------------------------------------------------------| -| `` | `CNB_USE_DAEMON` | `false` | Export image to docker daemon | -| `` | `CNB_FORCE_REBASE` | `false` | Allow unsafe rebase | -| `` | `CNB_GROUP_ID` | | Primary GID of the build image `User` | -| `` | | | App image to rebase | -| `` | `CNB_LOG_LEVEL` | `info` | Log Level | -| `` | | derived from `` | Previous image reference | -| `` | `CNB_REPORT_PATH` | `/report.toml` | Path to report (see [`report.toml`](#reporttoml-toml) | -| `` | `CNB_RUN_IMAGE` | derived from `` | Run image reference | -| `` | `CNB_USER_ID` | | UID of the build image `User` | +| Input | Environment Variable | Default Value | Description | +|--------------------------|---------------------------|------------------------|------------------------------------------------------------------------------------------------| +| `` | `CNB_USE_DAEMON` | `false` | Export image to docker daemon | +| `` | `CNB_FORCE_REBASE` | `false` | Allow unsafe rebase | +| `` | `CNB_GROUP_ID` | | Primary GID of the build image `User` | +| `` | | | App image to rebase | +| `...` | `CNB_INSECURE_REGISTRIES` | | When fetching images from this registry, do not use TLS encryption or certificate verification | +| `` | `CNB_LOG_LEVEL` | `info` | Log Level | +| `` | | derived from `` | Previous image reference | +| `` | `CNB_REPORT_PATH` | `/report.toml` | Path to report (see [`report.toml`](#reporttoml-toml) | +| `` | `CNB_RUN_IMAGE` | derived from `` | Run image reference | +| `` | `CNB_USER_ID` | | UID of the build image `User` | - At least one `` must be provided - **If** `` has the label `io.buildpacks.rebasable` set to `false`, the lifecycle SHALL fail unless `` is `true` From ae39fb0367a862075c382dbab4de729f41ccca65 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20von=20L=C3=B6wenstein?= Date: Fri, 2 Feb 2024 14:45:34 +0000 Subject: [PATCH 6/6] Remove `experimental` mark on extensions MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jan von Löwenstein --- platform.md | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/platform.md b/platform.md index 8d8df1c..45b4084 100644 --- a/platform.md +++ b/platform.md @@ -40,7 +40,7 @@ Examples of a platform might include: - [Inputs](#inputs-2) - [Outputs](#outputs-2) - [Layer Restoration](#layer-restoration) - - [`extender` (optional and **experimental**)](#extender-optional-and-experimental) + - [`extender` (optional)](#extender-optional) - [Inputs](#inputs-3) - [Outputs](#outputs-3) - [`builder`](#builder) @@ -246,7 +246,7 @@ A single app image build* consists of the following phases: 1. Analysis 2. Detection 3. Cache Restoration -4. (Optional and Experimental) Base Image Extension +4. (Optional) Base Image Extension 5. Build* 6. Export @@ -254,7 +254,7 @@ A platform MUST execute these phases either by invoking the following phase-spec 1. `/cnb/lifecycle/analyzer` 2. `/cnb/lifecycle/detector` 3. `/cnb/lifecycle/restorer` -4. `/cnb/lifecycle/extender` (Optional and [Experimental](#experimental-features)) +4. `/cnb/lifecycle/extender` (Optional) 5. `/cnb/lifecycle/builder` 6. `/cnb/lifecycle/exporter` @@ -398,8 +398,8 @@ Usage: | `` | `CNB_APP_DIR` | `/workspace` | Path to application directory | | `` | `CNB_BUILD_CONFIG_DIR` | `/cnb/build-config` | Path to build config directory | | `` | `CNB_BUILDPACKS_DIR` | `/cnb/buildpacks` | Path to buildpacks directory (see [Buildpacks Directory Layout](#buildpacks-directory-layout)) | -| ``^ | `CNB_EXTENSIONS_DIR` | `/cnb/extensions` | (**[experimental](#experimental-features)**) Path to image extensions directory (see [Image Extensions Directory Layout](#image-extensions-directory-layout) | -| ``^ | `CNB_GENERATED_DIR` | `/generated` | (**[experimental](#experimental-features)**) Path to output directory for generated Dockerfiles | +| ``^ | `CNB_EXTENSIONS_DIR` | `/cnb/extensions` | Path to image extensions directory (see [Image Extensions Directory Layout](#image-extensions-directory-layout) | +| ``^ | `CNB_GENERATED_DIR` | `/generated` | Path to output directory for generated Dockerfiles | | `` | `CNB_GROUP_PATH` | `/group.toml` | Path to output group definition | | `` | `CNB_LAYERS_DIR` | `/layers` | Path to layers directory | | `` | `CNB_LOG_LEVEL` | `info` | Log Level | @@ -441,7 +441,7 @@ The lifecycle: - SHALL write the resolved build plan from the detected group to `` - SHALL provide `run-image.target` data in `` to buildpacks according to the process outlined in the [Buildpack Interface Specification](buildpack.md). -When image extensions are present in the order (optional and **[experimental](#experimental-features)**), the lifecycle: +When image extensions are present in the order (optional), the lifecycle: - SHALL execute all image extensions in the order defined in `` according to the process outlined in the [Buildpack Interface Specification](buildpack.md). - SHALL filter the build plan with dependencies provided by image extensions. - SHALL replace `run-image` in `` with the selected run image. To select the run image, the lifecycle SHALL inspect each `run.Dockerfile` output by image extensions, in the order defined in ``: @@ -525,7 +525,7 @@ Usage: - For each buildpack in ``, if persistent metadata for that buildpack exists in the analysis metadata, lifecycle MUST write a toml representation of the persistent metadata to `//store.toml` - **If** `` is `true` the lifecycle MUST NOT perform layer restoration. - **Else** the lifecycle MUST perform [layer restoration](#layer-restoration) for any app image layers or cached layers created by any buildpack present in the provided ``. -- When `` is provided (optional and **[experimental](#experimental-features)**), the lifecycle: +- When `` is provided (optional), the lifecycle: - MUST record the digest reference to the provided `` in `` - MUST copy the OCI manifest and config file for `` to `/cache` - The lifecycle: @@ -538,7 +538,7 @@ Usage: lifeycle MUST use the provided `cache-dir` or `cache-image` to retrieve cache contents. The [rules](https://github.com/buildpacks/spec/blob/main/buildpack.md#layer-types) for restoration MUST be followed when determining how and when to store cache layers. -#### `extender` (optional and **[experimental](#experimental-features)**) +#### `extender` (optional) If using `extender`, the platform MUST execute `extender` in either or both of: the **build environment**, the **run environment** @@ -570,7 +570,7 @@ Usage: | `` | `CNB_BUILD_CONFIG_DIR` | `/cnb/build-config` | Path to build config directory | | ``* | `CNB_BUILDPACKS_DIR` | `/cnb/buildpacks` | Path to buildpacks directory (see [Buildpacks Directory Layout](#buildpacks-directory-layout)) | | ``** | `CNB_EXTENDED_DIR` | `/extended` | Path to output directory for extended run image layers | -| `` | `CNB_GENERATED_DIR` | `/generated` | (**[experimental](#experimental-features)**) Path to directory containing generated Dockerfiles | +| `` | `CNB_GENERATED_DIR` | `/generated` | Path to directory containing generated Dockerfiles | | ``* | `CNB_GROUP_ID` | | Primary GID of the build image `User` | | `` | `CNB_GROUP_PATH` | `/group.toml` | Path to group definition (see [`group.toml`](#grouptoml-toml)) | | `` | `CNB_KANIKO_CACHE_TTL` | 2 weeks | Kaniko cache TTL | @@ -1363,7 +1363,7 @@ Where: - `entries` MAY be empty - Each entry: - MUST contain at least one buildpack or image extension in `providers` - - If the provider is an image extension (optional and **[experimental](#experimental-features)**), `extension` MUST be `true`; the value of `extension` MUST default to `false` if not specified + - If the provider is an image extension (optional), `extension` MUST be `true`; the value of `extension` MUST default to `false` if not specified - MUST contain at least one dependency requirement in `requires` - MUST exclusively contain dependency requirements with the same ``