Added spec changes for Image Extension #267
Conversation
Signed-off-by: Joe Kutner <[email protected]>
|
@sclevine @natalieparellano PTAL and let me know if this is on the right track |
|
|
||
| ## Image Extension API Version | ||
|
|
||
| This document specifies Image Extension API version `0.1`. |
There was a problem hiding this comment.
Per @sclevine, we should not introduce a new API version, but instead tie this to one of the existing APIs. We also need to address this in the extension.toml
jkutner
requested review from
jromero,
hone,
jabrown85,
natalieparellano,
nebhale and
sclevine
| Correspondingly, each `/bin/build` executable: | ||
|
|
||
| - MAY read from the `<app>` directory. | ||
| - MUST NOT write to the `<app>` directory. |
There was a problem hiding this comment.
| - MUST NOT write to the `<app>` directory. | |
| - MUST NOT write to the `<app>` directory. |
Is this one of those places where we hope they won't but can't do anything if they do?
There was a problem hiding this comment.
@jabrown85 i think it depends on the platform. Like, if it's running the extension in it's own container, it might be able to exclude <app> dir changes from it's snapshot. But if it's all running on the same filesystem/volume it won't be able to.
This isn't actually a suggested change right?
There was a problem hiding this comment.
Yeah, not a suggested change. I must have clicked the wrong button :)
| - MAY log output from the build process to `stdout`. | ||
| - MAY emit error, warning, or debug messages to `stderr`. | ||
| - SHOULD write BOM (Bill-of-Materials) entries to `<output>/launch.toml` describing any contributions to the app image. | ||
| - MAY write key-value pairs to `<output>/launch.toml` that are provided as build args to run.Dockerfile or Dockerfile |
There was a problem hiding this comment.
This is the first time run.Dockerfile is mentioned, should we omit this specific file name here in favor of keeping that in the image-extensions.md? Just refer to Dockerfile here in a generic sense maybe...
| All `Dockerfile`s are provided with `base_image` and `build_id` args. | ||
| The `base_image` arg allows the Dockerfile to reference the original base image. | ||
| The `build_id` arg allows the Dockerfile to invalidate the cache after a certain layer and must be defaulted to `0`. The executor of the Dockerfile will provide the `build_id` as a UUID (this eliminates the need to track this variable). | ||
| When the `$build_id` arg is referenced in a `RUN` instruction, all subsequent layers will be rebuilt on the next build (as the value will change). |
There was a problem hiding this comment.
I would love to see a section on how a platform should use this $build_id. I kind of forgot how/why it is done this way and when a platform would ever be able to safely use the same UUID.
| [-plan <plan>] | ||
| ``` | ||
|
|
||
| ##### Inputs |
There was a problem hiding this comment.
I think we may need /workspace | CNB_APP_DIR as well, since they are allowed/expected to read from that directory.
| Image extensions participate in the buildpack [detection](#detector) process, with the same `UID`, `GID`, and interface for `/bin/detect`. However: | ||
| - Detection is optional for extensions, and they are assumed to pass detection when it is not present. A `/bin/detect` that exits with a 0 exit code passes detection, and fails otherwise. | ||
| - Extensions MUST only output `provides` entries to the build plan. They MUST NOT output `requires`. | ||
| - Extensions MUST all precede buildpacks in [order](#ordertoml-toml) definitions. |
There was a problem hiding this comment.
https://github.com/buildpacks/samples/pull/113/files#r726206827 talks about creating a separate [[order-ext]] in builder.toml - would that translate into a separate file?
| - MAY modify or delete any existing `<output>` directories. | ||
| - MAY create new `<output>` directories. | ||
| - MAY name any new `<output>` directories without restrictions except those imposed by the filesystem and the ones noted below. |
There was a problem hiding this comment.
I'm not quite sure what to make of these bullets. I think they could be removed (when talking about <layers> they make sense but we don't really care about the output directory for extensions, only the files contained there).
| [-exts <exts>] \ | ||
| [-output <output>] \ | ||
| [-log-level <log-level>] \ | ||
| [-plan <plan>] |
| `Dockerfile`s MUST be applied to their corresponding base images after all extensions are executed and before any regular buildpacks are executed. `Dockerfile`s MUST be applied in the order determined during buildpack detection. | ||
|
|
||
| All `Dockerfile`s are provided with `base_image` and `build_id` args. | ||
| The `base_image` arg allows the Dockerfile to reference the original base image. |
There was a problem hiding this comment.
| The `base_image` arg allows the Dockerfile to reference the original base image. | |
| The `base_image` arg MUST be the original base image. |
|
|
||
| All `Dockerfile`s are provided with `base_image` and `build_id` args. | ||
| The `base_image` arg allows the Dockerfile to reference the original base image. | ||
| The `build_id` arg allows the Dockerfile to invalidate the cache after a certain layer and must be defaulted to `0`. The executor of the Dockerfile will provide the `build_id` as a UUID (this eliminates the need to track this variable). |
There was a problem hiding this comment.
| The `build_id` arg allows the Dockerfile to invalidate the cache after a certain layer and must be defaulted to `0`. The executor of the Dockerfile will provide the `build_id` as a UUID (this eliminates the need to track this variable). | |
| The `build_id` arg MUST be a UUID. This allows the Dockerfile to invalidate the cache after a certain layer. |
|
|
||
| ### Files | ||
|
|
||
| #### `extension.toml` (TOML) |
There was a problem hiding this comment.
We should also mention (somewhere) that meta-buildpacks may not contain extensions.
|
Just making a quick note for posterity on what we'll probably still want to add:
|
Signed-off-by: Joe Kutner <[email protected]> Co-authored-by: Jesse Brown <[email protected]>
Signed-off-by: Joe Kutner <[email protected]> Co-authored-by: Jesse Brown <[email protected]>
Signed-off-by: Joe Kutner <[email protected]> Co-authored-by: Natalie Arellano <[email protected]>
Signed-off-by: Joe Kutner <[email protected]> Co-authored-by: Natalie Arellano <[email protected]>
Signed-off-by: Joe Kutner <[email protected]> Co-authored-by: Natalie Arellano <[email protected]>
Signed-off-by: Joe Kutner <[email protected]> Co-authored-by: Natalie Arellano <[email protected]>
Signed-off-by: Joe Kutner <[email protected]> Co-authored-by: Natalie Arellano <[email protected]>
Signed-off-by: Joe Kutner <[email protected]> Co-authored-by: Natalie Arellano <[email protected]>
Signed-off-by: Joe Kutner <[email protected]> Co-authored-by: Natalie Arellano <[email protected]>
Signed-off-by: Joe Kutner <[email protected]> Co-authored-by: Natalie Arellano <[email protected]>
Signed-off-by: Joe Kutner <[email protected]> Co-authored-by: Natalie Arellano <[email protected]>
Signed-off-by: Joe Kutner <[email protected]> Co-authored-by: Natalie Arellano <[email protected]>
Signed-off-by: Joe Kutner <[email protected]> Co-authored-by: Natalie Arellano <[email protected]>
Signed-off-by: Joe Kutner <[email protected]> Co-authored-by: Natalie Arellano <[email protected]>
Signed-off-by: Joe Kutner <[email protected]> Co-authored-by: Natalie Arellano <[email protected]>
Signed-off-by: Joe Kutner <[email protected]> Co-authored-by: Natalie Arellano <[email protected]>
Signed-off-by: Joe Kutner <[email protected]> Co-authored-by: Natalie Arellano <[email protected]>
|
I started working on a POC lifecycle that can:
|
WIP specification of buildpacks/rfcs#173