Tracks and builds Docker images.
Note: docker registry must be v2.
-
git_repo: Optional. A url for a git repo that you want to use as the tag. Right now you can only use master as the branch. -
git_private_key: Optional. Private key for the git repo -
fail_when_missing: Optional. Default: false. Even if you make a commit, until there is a new image available with the sha as the tag we will use an older image. If set to true the resource check will fail and halt the pipeline until there is a matching tag.
-
repository: Required. The name of the repository, e.g.concourse/docker-image-resource.Note: When configuring a private registry, you must include the port (e.g. :443 or :5000) even though the docker CLI does not require it.
-
tag: Optional. The tag to track. Defaults tolatest. -
username: Optional. The username to authenticate with when pushing. -
password: Optional. The password to use when authenticating. -
aws_access_key_id: Optional. AWS access key to use for acquiring ECR credentials. -
aws_secret_access_key: Optional. AWS secret key to use for acquiring ECR credentials. -
insecure_registries: Optional. An array of CIDRs orhost:portaddresses to whitelist for insecure access (eitherhttpor unverifiedhttps). This option overrides any entries inca_certswith the same address. -
registry_mirror: Optional. A URL pointing to a docker registry mirror service. -
ca_certs: Optional. An array of objects with the following format:ca_certs: - domain: example.com:443 cert: | -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE----- - domain: 10.244.6.2:443 cert: | -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE-----
Each entry specifies the x509 CA certificate for the trusted docker registry residing at the specified domain. This is used to validate the certificate of the docker registry when the registry's certificate is signed by a custom authority (or itself).
The domain should match the first component of
repository, including the port. If the registry specified inrepositorydoes not use a custom cert, addingca_certswill break the check script. This option is overridden by entries ininsecure_registrieswith the same address or a matching CIDR. -
client_certs: Optional. An array of objects with the following format:client_certs: - domain: example.com:443 cert: | -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE----- key: | -----BEGIN RSA PRIVATE KEY----- ... -----END RSA PRIVATE KEY----- - domain: 10.244.6.2:443 cert: | -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE----- key: | -----BEGIN RSA PRIVATE KEY----- ... -----END RSA PRIVATE KEY-----
Each entry specifies the x509 certificate and key to use for authenticating against the docker registry residing at the specified domain. The domain should match the first component of
repository, including the port. -
max_concurrent_downloads: Optional. Maximum concurrent downloads.Limits the number of concurrent download threads.
-
max_concurrent_uploads: Optional. Maximum concurrent uploads.Limits the number of concurrent upload threads.
The current image digest is fetched from the registry for the given tag of the repository.
Pulls down the repository image by the requested digest.
The following files will be placed in the destination:
/image: Ifsaveistrue, thedocker saved image will be provided here./repository: The name of the repository that was fetched./tag: The tag of the repository that was fetched./image-id: The fetched image ID./digest: The fetched image digest./rootfs.tar: Ifrootfsistrue, the contents of the image will be provided here./metadata.json: Collects custom metadata. Contains the containerenvvariables and runninguser./docker_inspect.json: Output of thedocker inspectonimage_id. Useful if collectingLABELmetadata from your image.
save: Optional. Place adocker saved image in the destination.rootfs: Optional. Place a.tarfile of the image in the destination.skip_download: Optional. Skipdocker pullof image. Artifacts based on the image will not be present.
Push a Docker image to the source's repository and tag. The resulting version is the image's digest.
-
build: Optional. The path of a directory containing aDockerfileto build. -
load: Optional. The path of a directory containing an image that was fetched using this same resource type withsave: true. -
dockerfile: Optional. The path of theDockerfilein the directory if it's not at the root of the directory. -
cache: Optional. Defaultfalse. When thebuildparameter is set, first pullimage:tagfrom the Docker registry (so as to use cached intermediate images when building). This will cause the resource to fail if it is set totrueand the image does not exist yet. -
cache_tag: Optional. Defaulttag. The specific tag to pull before building whencacheparameter is set. Instead of pulling the same tag that's going to be built, this allows picking a different tag likelatestor the previous version. This will cause the resource to fail if it is set to a tag that does not exist yet. -
load_base: Optional. A path to a directory containing an image todocker loadbefore runningdocker build. The directory must haveimage,image-id,repository, andtagpresent, i.e. the tree produced by/in. -
load_bases: Optional. Same asload_base, but takes an array to load multiple images. -
load_file: Optional. A path to a file todocker loadand then push. Requiresload_repository. -
load_repository: Optional. The repository of the image loaded fromload_file. -
load_tag: Optional. Defaultlatest. The tag of image loaded fromload_file -
import_file: Optional. A path to a file todocker importand then push. -
pull_repository: Optional. DEPRECATED. Usegetandloadinstead. A path to a repository to pull down, and then push to this resource. -
pull_tag: Optional. DEPRECATED. Usegetandloadinstead. Defaultlatest. The tag of the repository to pull down viapull_repository. -
tag: Optional. The value should be a path to a file containing the name of the tag. -
tag_prefix: Optional. If specified, the tag read from the file will be prepended with this string. This is useful for addingvin front of version numbers. -
tag_as_latest: Optional. Defaultfalse. If true, the pushed image will be tagged aslatestin addition to whatever other tag was specified. -
build_args: Optional. A map of Docker build arguments.Example:
build_args: do_thing: true how_many_things: 2 email: me@yopmail.com
-
build_args_file: Optional. Path to a JSON file containing Docker build arguments.Example file contents:
{ "email": "me@yopmail.com", "how_many_things": 1, "do_thing": false }
resources:
- name: git-resource
type: git
source: # ...
- name: git-resource-image
type: docker-image
source:
repository: concourse/git-resource
username: username
password: password
- name: git-resource-rootfs
type: s3
source: # ...
jobs:
- name: build-rootfs
plan:
- get: git-resource
- put: git-resource-image
params: {build: git-resource}
get_params: {rootfs: true}
- put: git-resource-rootfs
params: {file: git-resource-image/rootfs.tar}- golang is required - version 1.9.x is tested; earlier versions may also work.
- docker is required - version 17.06.x is tested; earlier versions may also work.
The tests have been embedded with the Dockerfile; ensuring that the testing
environment is consistent across any docker enabled platform. When the docker
image builds, the test are run inside the docker container, on failure they
will stop the build.
Build the image and run the tests with the following command:
docker build -t docker-image-resource .To use the newly built image, push it to a docker registry that's accessible to Concourse and configure your pipeline to use it:
resource_types:
- name: docker-image-resource
type: docker-image
privileged: true
source:
repository: example.com:5000/docker-image-resource
tag: latest
resources:
- name: some-image
type: docker-image-resource
...Please make all pull requests to the master branch and ensure tests pass
locally.