Present Habitus to TOC

[khash]

Who, What, Why?

Habitus is a build workflow tool for Docker images. Using Habitus, users can:

• Build multi-stepped Docker images across a shared cluster of build servers.
• Use and move build artifacts between different steps
• Provide secrets during build (for example private SSH keys to pull build dependencies in private repositories) without leaving trace
• Squashing layers in Docker images after build
• Enforce build step dependencies
• Building images on a multi-tenanted environment like a SaaS CI provider

Through these features Habitus makes the following possible:

• Construction of complex multi-stepped builds
• Reduction of attach surface and image size by moving the build artifacts from a build-time image to a runtime image
• Keeping their private repositories secure by preventing secrets being left inside of images by mistake


GitHub: https://github.com/cloud66-oss/habitus
Website: http://www.habitus.io/
License: Apache 2.0



Adopters: Adopters: Cloud 66 VMware Sony Bank of America More: A great deal of Github users at their respective companies: https://github.com/cloud66-oss/habitus/stargazers

Cloud-Native and CNCF Alignment

With containers being a core tenant of cloud native computing, a flexible, easy to use and robust tool to facilitate building of container images is a critical part of developing a successful cloud native infrastructure setup at any company aiming to use containers.

Donation Goals



By making it possible, safe and simple to build container images, Habitus lowers one of the first and big barriers of entry into cloud native infrastructure for many users by promoting and simplifying best practices around secret control, facilitating build of compiled languages like Java or Golang in multiple steps and improving operation security by reducing attack surface of runtime images.

Habitus needs a well respected, vendor-neutral home that can help serve as a starting point for promoting better standards for building containers. In addition to increased visibility, we hope that inclusion in the CNCF will foster communication between Habitus and other projects in the ecosystem. As the project grows, we would want to leverage the CNCF’s expertise around project governance and community standards as those are fundamental to the long term success of the project.

The project does not have any infrastructure requests at this time. CI is currently hosted on Codeship and covered by the free tier for open source projects.

[caniszczyk]

We will discuss this at the next TOC meeting on August 7th to see if the @cncf/toc is interested in inviting you to present, hanks for your patience.

Also @khash can you speak to competing solutions out there in this space, along with pros and cons and where habitus fits.

[khash]

@caniszczyk Habitus is a build workflow tool for containers. It supports Docker but unlike docker multi-staged builds, is not limited to building Docker images. It can be used to decouple builds from the underlying image format.

On the surface, Habitus is similar with Docker multi-stage builds. However it supports the following:

• Providing secrets during build (like private SSH keys needed during build when dependencies are in private repos)
• Squashing images to remove layers
• Unlinke Docker multi-stage builds, Habitus steps are not limited to builds: it can have a step that builds an image and another one that uploads an artefact to S3, or obfuscates non-compiled code.
• Habitus steps can run on different machines and in parallel which makes it much more suitable for hosted CI environments

[khash]

@caniszczyk any progress on this?

[caniszczyk]

Sorry @khash the @cncf/toc has a bit of a backlog and still deciding on scheduling projects

[caniszczyk]

Hey @khash we require formal project proposals first before we have project present to the TOC. Can you please do something like this if you're still interested: #256