Documentation
¶
Overview ¶
Package config provides the internal representation of Blubber configuration parsed from YAML. Each configuration type may implement its own hooks for injecting build instructions into the compiler.
Index ¶
- Constants
- func BuildIncludesDepGraph(config *Config)
- func ExpandIncludesAndCopies(config *Config, name string) error
- func HumanizeValidationError(err error) string
- func InsertElement(slice []string, el string, pos int) []string
- func IsUnmarshalTypeError(err error) bool
- func IsValidationError(err error) bool
- func PosOf(slice []string, el string) int
- func ResolveJSONPath(path string, cfg interface{}) (interface{}, error)
- func Validate(config interface{}) error
- type AptConfig
- type AptPackages
- type AptProxy
- type AptSource
- type ArtifactsConfig
- func (ac ArtifactsConfig) EffectiveDestination() string
- func (ac ArtifactsConfig) Expand(appDirectory string) []ArtifactsConfig
- func (ac ArtifactsConfig) InstructionsForPhase(phase build.Phase) []build.Instruction
- func (ac ArtifactsConfig) NormalizedDestination() string
- func (ac ArtifactsConfig) NormalizedSource() string
- type BuilderConfig
- type BuildersConfig
- type CommonConfig
- type Config
- type CopiesConfig
- type DepGraph
- type Enforcement
- type Flag
- type LivesConfig
- type Node
- type NodeConfig
- type PhpConfig
- type PoetryConfig
- type Policy
- type PythonConfig
- type RequirementsConfig
- type RunsConfig
- type UserConfig
- type VariantConfig
- type VersionConfig
Examples ¶
Constants ¶
const ( // DefaultTargetKeyword defines a special keyword indicating that the // packages to be installed should use the default target release // DefaultTargetKeyword = "default" // AptSourceConfigurationPath is the file that source configuration will be // written to for each defined source. // AptSourceConfigurationPath = "/etc/apt/sources.list.d/99blubber.list" // AptProxyConfigurationPath is the file that configuration will be written // to for each defined proxy. // AptProxyConfigurationPath = "/etc/apt/apt.conf.d/99blubber-proxies" )
const CurrentVersion string = "v4"
CurrentVersion declares the currently supported config version.
const DefaultConfig = `` /* 144-byte string literal not displayed */
DefaultConfig contains YAML that is applied before the user's configuration.
const LocalArtifactKeyword = "local"
LocalArtifactKeyword defines a special keyword indicating file/directory artifacts to be copied from the local build host context.
const LocalLibPrefix = "/opt/lib"
LocalLibPrefix declares the shared directory into which application level dependencies will be installed.
const PythonLibPrefix = LocalLibPrefix + "/python"
PythonLibPrefix is the path to installed dependency wheels.
const PythonPoetryVenvs = LocalLibPrefix + "/poetry"
PythonPoetryVenvs is the path where Poetry will create virtual environments.
const PythonSiteBin = PythonSitePackages + "/bin"
PythonSiteBin is the path to installed Python packages bin files.
const PythonSitePackages = PythonLibPrefix + "/site-packages"
PythonSitePackages is the path to installed Python packages.
Variables ¶
This section is empty.
Functions ¶
func BuildIncludesDepGraph ¶ added in v0.10.0
func BuildIncludesDepGraph(config *Config)
BuildIncludesDepGraph constructs the 'includes' dependency graph
Example ¶
package main
import (
"fmt"
"gerrit.wikimedia.org/r/blubber/config"
)
func main() {
cfg, _ := config.ReadYAMLConfig([]byte(`---
version: v4
variants:
varA: { includes: [varB, varC] }
varB: { includes: [varD, varE] }
varC: {}
varD: { includes: [varF] }
varE: {}
varF: {}`))
config.BuildIncludesDepGraph(cfg)
includes, _ := cfg.IncludesDepGraph.GetDeps("varA")
fmt.Printf("%v\n", includes)
}
Output: [varF varD varE varB varC]
func ExpandIncludesAndCopies ¶ added in v0.10.0
ExpandIncludesAndCopies resolves 'includes' for the specified variant. It also expands any variants that are referenced directly or indirectly via 'copies' directives. Finally, it also validates the newly generated configuration.
This should be run before policy verification so that the policy enforcement is applied to the final blubber spec
func HumanizeValidationError ¶ added in v0.2.0
HumanizeValidationError transforms the given validator.ValidationErrors into messages more likely to be understood by human beings.
func InsertElement ¶ added in v0.10.0
InsertElement - insert el into slice at pos
func IsUnmarshalTypeError ¶ added in v0.10.0
IsUnmarshalTypeError returns true if the provided error is of type json.UnmarshalTypeError.
func IsValidationError ¶ added in v0.2.0
IsValidationError tests whether the given error is a validator.ValidationErrors and can be safely iterated over as such.
func PosOf ¶ added in v0.10.0
PosOf - find position of an element in a slice
func ResolveJSONPath ¶ added in v0.10.0
ResolveJSONPath returns the config value found at the given JSON-ish namespace/path (e.g. "variants.production.runs.as").
Types ¶
type AptConfig ¶
type AptConfig struct {
// Packages keys are the name of the targeted release, or 'default' to
// specify no target and use the base image's target release,
// Packages values are a list of the desired packages
Packages AptPackages `json:"packages" validate:"dive,keys,omitempty,debianrelease,endkeys,dive,debianpackage"`
// Proxies provides APT HTTP/HTTPS proxies to use for certain sources
Proxies []AptProxy `json:"proxies" validate:"dive,omitempty"`
// Sources provides APT sources for packages
Sources []AptSource `json:"sources" validate:"dive,omitempty"`
}
AptConfig represents configuration pertaining to package installation from existing APT sources.
func (AptConfig) InstructionsForPhase ¶
func (apt AptConfig) InstructionsForPhase(phase build.Phase) []build.Instruction
InstructionsForPhase injects build instructions that will install the declared packages during the privileged phase.
PhasePrivileged ¶
Updates the APT cache, installs configured packages, and cleans up.
type AptPackages ¶ added in v0.10.0
AptPackages represents lists of packages to install. Each entry is keyed by the release that should be targetted during installation, i.e. `apt-get install -t release package`.
func (*AptPackages) UnmarshalJSON ¶ added in v0.10.0
func (ap *AptPackages) UnmarshalJSON(unmarshal []byte) error
UnmarshalJSON implements json.Unmarshaler to handle both shorthand and longhand apt packages configuration.
Shorthand packages configuration: ["package1", "package2"] Longhand packages configuration: { "release1": ["package1, package2"], "release2": ["package3"]}
type AptProxy ¶ added in v0.10.0
type AptProxy struct {
// URL of the proxy, e.g. "http://webproxy.example:8080"
URL string `json:"url" validate:"required,httpurl"`
// Source is a URL representing the APT source, e.g.
// "http://security.debian.org/". If none is given
Source string `json:"source" validate:"omitempty,httpurl"`
}
AptProxy represents an APT proxy to use for a specific or all sources.
func (AptProxy) Configuration ¶ added in v0.10.0
Configuration returns the APT configuration for this proxy.
func (*AptProxy) UnmarshalJSON ¶ added in v0.10.0
UnmarshalJSON implements json.Unmarshaler to handle both shorthand and longhand apt proxies configuration.
Shorthand: ["http://proxy.example:8080"] Longhand: [
{
"url": "http://proxy.example:8080",
"source": "http://security.debian.org"
}
]
type AptSource ¶ added in v0.10.0
type AptSource struct {
// URL of the APT source, e.g. "http://apt.wikimedia.org"
URL string `json:"url" validate:"required,httpurl"`
// Distribution is the Debian distribution/release name (e.g. buster)
Distribution string `json:"distribution" validate:"required,debianrelease"`
// Components is a list of the source components to index (e.g. main, contrib)
Components []string `json:"components" validate:"dive,omitempty,debiancomponent"`
}
AptSource represents an APT source to set up prior to package installation.
type ArtifactsConfig ¶
type ArtifactsConfig struct {
From string `json:"from" validate:"required,artifactfrom"`
Source string `json:"source" validate:"requiredwith=destination,relativelocal"`
Destination string `json:"destination" validate:"relativelocal"`
}
ArtifactsConfig declares files and directories to be copied from one place to another during the build, either from the "local" build context or from another variant.
The most common use of the latter such "multi-stage" build is to compile and test the application using one variant image that contains a comprehensive set of development dependencies, and copy the application binaries or production only source files over into a smaller image that contains only production dependencies.
func NewArtifactsConfigFromSource ¶ added in v0.10.0
func NewArtifactsConfigFromSource(source string) ArtifactsConfig
NewArtifactsConfigFromSource creates an local ArtifactsConfig from the given source. This helps to support legacy requirements definitions.
func (ArtifactsConfig) EffectiveDestination ¶ added in v0.10.0
func (ac ArtifactsConfig) EffectiveDestination() string
EffectiveDestination returns the destination as a file path that amounts to the location of the artifact after a copy is performed.
If the destination is a file path or source is a directory, the effective destination is identical to the normalized destination path.
If the source is a file path (e.g. "foo/bar"), and the destination is a directory (e.g. "foo2/"), the effective destination is the directory + the base name of the source file (e.g. "foo2/bar").
func (ArtifactsConfig) Expand ¶ added in v0.10.0
func (ac ArtifactsConfig) Expand(appDirectory string) []ArtifactsConfig
Expand returns the longhand configured artifact and/or the default artifacts for any configured by shorthand notation (i.e. on the `From` field).
func (ArtifactsConfig) InstructionsForPhase ¶
func (ac ArtifactsConfig) InstructionsForPhase(phase build.Phase) []build.Instruction
InstructionsForPhase injects instructions into the given build phase that copy configured artifacts.
PhaseInstall ¶
In the case of a "local" build context copy, simply return a build.Copy with the configured source and destination. In the case of a variant copy, return a build.CopyFrom instruction for the variant name, source and destination paths.
func (ArtifactsConfig) NormalizedDestination ¶ added in v0.10.0
func (ac ArtifactsConfig) NormalizedDestination() string
NormalizedDestination returns the destination defaulted to the source directory and sanitized by path.Clean but with any original trailing '/' retained to indicate a directory path.
func (ArtifactsConfig) NormalizedSource ¶ added in v0.10.0
func (ac ArtifactsConfig) NormalizedSource() string
NormalizedSource returns the source sanitized by path.Clean but retaining any terminating "/" to denote a directory.
type BuilderConfig ¶ added in v0.4.0
type BuilderConfig struct {
Command []string `json:"command"`
Requirements RequirementsConfig `json:"requirements" validate:"omitempty,unique,dive"`
}
BuilderConfig contains configuration for the definition of an arbitrary build command and the files required to successfully execute the command.
func (BuilderConfig) InstructionsForPhase ¶ added in v0.4.0
func (bc BuilderConfig) InstructionsForPhase(phase build.Phase) []build.Instruction
InstructionsForPhase injects instructions into the build related to builder commands and required files.
PhasePreInstall ¶
Creates directories for requirements files, copies in requirements files, and runs the builder command.
func (*BuilderConfig) Merge ¶ added in v0.4.0
func (bc *BuilderConfig) Merge(bc2 BuilderConfig)
Merge takes another BuilderConfig and merges its fields into this one's, overwriting the builder command and requirements.
type BuildersConfig ¶ added in v0.10.0
type BuildersConfig []build.PhaseCompileable
BuildersConfig holds the configuration of multiple different builders. The order in which they appear in the slice, is the order in which their associated instructions are generated
func (BuildersConfig) InstructionsForPhase ¶ added in v0.10.0
func (bc BuildersConfig) InstructionsForPhase(phase build.Phase) []build.Instruction
InstructionsForPhase injects instructions into the given build phase for builder. The relative order of each instruction set is the same as the order of the builders
func (*BuildersConfig) Merge ¶ added in v0.10.0
func (bc *BuildersConfig) Merge(bc2 BuildersConfig)
Merge takes another BuildersConfig and merges its fields into this one's, with the following rules:
* Builders common to both will be merged, with builders from bc2 taking precedence. They will retain their relative positions as defined by bc2
* Non-common builders in bc will be placed before builders of bc2 (custom builders are considered non-common)
func (*BuildersConfig) UnmarshalJSON ¶ added in v0.10.0
func (bc *BuildersConfig) UnmarshalJSON(unmarshal []byte) error
UnmarshalJSON implements json.Unmarshaler to manually handle different builder types
type CommonConfig ¶
type CommonConfig struct {
Base string `json:"base" validate:"omitempty,imageref"` // name/path to base image
Apt AptConfig `json:"apt"` // APT related
Builders BuildersConfig `json:"builders" validate:"uniquetypesexcept=config.BuilderConfig,notallowedwith=Node Php Python Builder"` // Builders related
Node NodeConfig `json:"node"` // Node related
Php PhpConfig `json:"php"` // Php related
Python PythonConfig `json:"python"` // Python related
Builder BuilderConfig `json:"builder"` // Builder related
Lives LivesConfig `json:"lives"` // application owner/dir
Runs RunsConfig `json:"runs"` // runtime environment
EntryPoint []string `json:"entrypoint"` // entry-point executable
}
CommonConfig holds the configuration fields common to both the root config and each configured variant.
func (*CommonConfig) InstructionsForPhase ¶
func (cc *CommonConfig) InstructionsForPhase(phase build.Phase) []build.Instruction
InstructionsForPhase injects instructions into the given build phase for each member field that supports it.
func (*CommonConfig) IsScratch ¶ added in v0.10.0
func (cc *CommonConfig) IsScratch() bool
IsScratch returns whether this is configuration for a scratch image (no base image).
func (*CommonConfig) Merge ¶
func (cc *CommonConfig) Merge(cc2 CommonConfig)
Merge takes another CommonConfig and merges its fields this one's.
func (*CommonConfig) PhaseCompileableConfig ¶
func (cc *CommonConfig) PhaseCompileableConfig() []build.PhaseCompileable
PhaseCompileableConfig returns all fields that implement build.PhaseCompileable in the order that their instructions should be injected.
type Config ¶
type Config struct {
CommonConfig `json:",inline"`
Variants map[string]VariantConfig `json:"variants" validate:"variants,dive"`
VersionConfig `json:",inline"`
IncludesDepGraph *DepGraph
CopiesDepGraph *DepGraph
}
Config holds the root fields of a Blubber configuration.
func ReadConfig ¶
ReadConfig unmarshals the given YAML bytes into a new Config struct.
func ReadConfigFile ¶
ReadConfigFile unmarshals the given YAML file contents into a Config struct.
type CopiesConfig ¶ added in v0.10.0
type CopiesConfig []ArtifactsConfig
CopiesConfig holds configuration for which files to copy into the variant from local and other variant sources.
func (*CopiesConfig) Expand ¶ added in v0.10.0
func (cc *CopiesConfig) Expand(appDirectory string) CopiesConfig
Expand returns a version of this CopiesConfig with its shorthand configurations expanded.
func (CopiesConfig) InstructionsForPhase ¶ added in v0.10.0
func (cc CopiesConfig) InstructionsForPhase(phase build.Phase) []build.Instruction
InstructionsForPhase delegates to its member ArtifactsConfig.
func (*CopiesConfig) Merge ¶ added in v0.10.0
func (cc *CopiesConfig) Merge(cc2 CopiesConfig)
Merge takes another CopiesConfig and overwrites this struct's fields.
Artifacts are merged additively and duplicates are removed. Uniqueness is ensured by taking the latest definition over the previous.
func (*CopiesConfig) UnmarshalJSON ¶ added in v0.10.0
func (cc *CopiesConfig) UnmarshalJSON(unmarshal []byte) error
UnmarshalJSON implements json.Unmarshaler to handle both shorthand and longhand copies configuration.
type DepGraph ¶ added in v0.10.0
type DepGraph struct {
// contains filtered or unexported fields
}
DepGraph represents a dependency graph
func (*DepGraph) AddDependency ¶ added in v0.10.0
AddDependency adds a record indicating that 'key' depends on 'dep' (both strings). The order of dependencies is preserved and duplicates are excluded. Cycles are not detected at add time but they will be detected by GetDeps
func (*DepGraph) EnsureNode ¶ added in v0.10.0
EnsureNode ensures that there is a node in DepGraph with the specified key
type Enforcement ¶ added in v0.3.0
Enforcement represents a policy rule and config path on which to apply it.
type Flag ¶
Flag represents a nullable boolean value that is considered null until either parsed from YAML or merged in from another Flag value.
func (*Flag) Merge ¶
Merge takes another flag and, if set, merged its boolean value into this one.
type LivesConfig ¶ added in v0.3.0
type LivesConfig struct {
In string `json:"in" validate:"omitempty,abspath"` // application directory
UserConfig `json:",inline"`
}
LivesConfig holds configuration fields related to the livesship of installed dependencies and application files.
func (LivesConfig) InstructionsForPhase ¶ added in v0.3.0
func (lives LivesConfig) InstructionsForPhase(phase build.Phase) []build.Instruction
InstructionsForPhase injects build instructions related to creation of the application lives.
PhasePrivileged ¶
Creates LocalLibPrefix directory and application lives's user home directory, creates the lives user and its group, and sets up directory permissions.
func (*LivesConfig) Merge ¶ added in v0.3.0
func (lives *LivesConfig) Merge(lives2 LivesConfig)
Merge takes another LivesConfig and overwrites this struct's fields.
type Node ¶ added in v0.10.0
type Node struct {
// contains filtered or unexported fields
}
Node represents a node in a dependency graph
type NodeConfig ¶
type NodeConfig struct {
// Install requirements from given files
Requirements RequirementsConfig `json:"requirements" validate:"omitempty,unique,dive"`
// Environment name ("production" install)
Env string `json:"env" validate:"omitempty,nodeenv"`
// Whether to run npm ci
UseNpmCi Flag `json:"use-npm-ci"`
}
NodeConfig holds configuration fields related to the Node environment and whether/how to install NPM packages.
func (NodeConfig) InstructionsForPhase ¶
func (nc NodeConfig) InstructionsForPhase(phase build.Phase) []build.Instruction
InstructionsForPhase injects instructions into the build related to Node dependency installation and setting of the NODE_ENV.
PhasePreInstall ¶
Installs Node package dependencies declared in requirements files into the application directory. Only production related packages are install if NodeConfig.Env is set to "production" in which case `npm dedupe` is also run. Installing dependencies during the build.PhasePreInstall phase allows a compiler implementation (e.g. Docker) to produce cache-efficient output so only changes to package.json will invalidate these steps of the image build.
PhasePostInstall ¶
Injects build.Env instructions for NODE_ENV, setting the environment according to the configuration.
func (*NodeConfig) Merge ¶
func (nc *NodeConfig) Merge(nc2 NodeConfig)
Merge takes another NodeConfig and merges its fields into this one's, overwriting useNpmCi, the environment, and the requirements files.
type PhpConfig ¶ added in v0.10.0
type PhpConfig struct {
// Install requirements from given files
Requirements RequirementsConfig `json:"requirements" validate:"omitempty,unique,dive"`
// Whether to use the no-dev flag
Production Flag `json:"production"`
}
PhpConfig holds configuration for whether/how to install php packages.
func (PhpConfig) InstructionsForPhase ¶ added in v0.10.0
func (pc PhpConfig) InstructionsForPhase(phase build.Phase) []build.Instruction
InstructionsForPhase injects instructions into the build related to PHP dependency installation.
PhasePreInstall ¶
Installs Php package dependencies declared in composer files into the application directory. Installing dependencies during the build.PhasePreInstall phase allows a compiler implementation (e.g. Docker) to produce cache-efficient output so only changes to composer json will invalidate these steps of the image build.
type PoetryConfig ¶ added in v0.10.0
type PoetryConfig struct {
Version string `json:"version" validate:"omitempty,pypkgver"`
Devel Flag `json:"devel"`
}
PoetryConfig holds configuration fields related to installation of project dependencies via Poetry.
func (*PoetryConfig) Merge ¶ added in v0.10.0
func (pc *PoetryConfig) Merge(pc2 PoetryConfig)
Merge two PoetryConfig structs.
type Policy ¶ added in v0.3.0
type Policy struct {
Enforcements []Enforcement `json:"enforcements"`
}
Policy validates a number of rules against a given configuration.
func ReadPolicy ¶ added in v0.3.0
ReadPolicy unmarshals the given YAML/json bytes into a new Policy struct.
func ReadPolicyFromURI ¶ added in v0.3.0
ReadPolicyFromURI fetches the policy file from the given URL or file path and loads its contents with ReadPolicy.
func ReadYAMLPolicy ¶ added in v0.10.0
ReadYAMLPolicy converts YAML input to JSON and returns a new Policy struct.
type PythonConfig ¶ added in v0.3.0
type PythonConfig struct {
// Python binary to use when installing dependencies
Version string `json:"version"`
// Install requirements from given files
Requirements RequirementsConfig `json:"requirements" validate:"omitempty,unique,dive"`
// Inject the --system flag into the install command (T227919)
UseSystemFlag Flag `json:"use-system-flag"`
UseNoDepsFlag Flag `json:"no-deps"`
// Use Poetry for package management
Poetry PoetryConfig `json:"poetry"`
}
PythonConfig holds configuration fields related to pre-installation of project dependencies via PIP.
func (PythonConfig) InstructionsForPhase ¶ added in v0.3.0
func (pc PythonConfig) InstructionsForPhase(phase build.Phase) []build.Instruction
InstructionsForPhase injects instructions into the build related to Python dependency installation.
PhasePrivileged ¶
Ensures that the newest versions of setuptools, wheel, tox, and pip are installed.
PhasePreInstall ¶
Sets up Python wheels under the shared library directory (/opt/lib/python) for dependencies found in the declared requirements files. Installing dependencies during the build.PhasePreInstall phase allows a compiler implementation (e.g. Docker) to produce cache-efficient output so only changes to the given requirements files will invalidate these steps of the image build.
Injects build.Env instructions for PIP_WHEEL_DIR and PIP_FIND_LINKS that will cause future executions of `pip install` (and by extension, `tox`) to consider packages from the shared library directory first.
PhasePostInstall ¶
Injects a build.Env instruction for PIP_NO_INDEX that will cause future executions of `pip install` and `tox` to consider _only_ packages from the shared library directory, helping to speed up image builds by reducing network requests from said commands.
func (*PythonConfig) Merge ¶ added in v0.3.0
func (pc *PythonConfig) Merge(pc2 PythonConfig)
Merge takes another PythonConfig and merges its fields into this one's, overwriting both the dependencies flag and requirements.
func (PythonConfig) RequirementsArgs ¶ added in v0.3.0
func (pc PythonConfig) RequirementsArgs() []string
RequirementsArgs returns the configured requirements as pip `-r` arguments.
type RequirementsConfig ¶ added in v0.10.0
type RequirementsConfig []ArtifactsConfig
RequirementsConfig holds configuration for which files to copy into the variant from local and other variant sources.
func (RequirementsConfig) InstructionsForPhase ¶ added in v0.10.0
func (rc RequirementsConfig) InstructionsForPhase(phase build.Phase) []build.Instruction
InstructionsForPhase injects instructions into the given build phase that copy configured artifacts.
PhasePreInstall ¶
In the case of a "local" build context copy, simply return a build.Copy with the configured source and destination. In the case of a variant copy, return a build.CopyFrom instruction for the variant name, source and destination paths.
func (*RequirementsConfig) UnmarshalJSON ¶ added in v0.10.0
func (rc *RequirementsConfig) UnmarshalJSON(unmarshal []byte) error
UnmarshalJSON implements json.Unmarshaler to handle both shorthand and longhand requirements configuration.
type RunsConfig ¶
type RunsConfig struct {
UserConfig `json:",inline"`
Insecurely Flag `json:"insecurely"` // runs user owns application files
Environment map[string]string `json:"environment" validate:"envvars"` // environment variables
}
RunsConfig holds configuration fields related to the application's runtime environment.
func (RunsConfig) InstructionsForPhase ¶
func (run RunsConfig) InstructionsForPhase(phase build.Phase) []build.Instruction
InstructionsForPhase injects build instructions related to the runtime configuration.
PhasePrivileged ¶
Creates LocalLibPrefix directory and unprivileged user home directory, creates the unprivileged user and its group, and sets up directory permissions.
PhasePrivilegeDropped ¶
Injects build.Env instructions for all names/values defined by RunsConfig.Environment.
func (*RunsConfig) Merge ¶
func (run *RunsConfig) Merge(run2 RunsConfig)
Merge takes another RunsConfig and overwrites this struct's fields. All fields except Environment are overwritten if set. The latter is an additive merge.
type UserConfig ¶ added in v0.3.0
type UserConfig struct {
As string `json:"as" validate:"omitempty,username"` // user name
UID uint `json:"uid"` // user ID
GID uint `json:"gid"` // group ID
}
UserConfig holds configuration fields related to a user account.
func (*UserConfig) Merge ¶ added in v0.3.0
func (user *UserConfig) Merge(user2 UserConfig)
Merge takes another UserConfig and overwrites this struct's fields.
type VariantConfig ¶
type VariantConfig struct {
Includes []string `json:"includes" validate:"dive,variantref"`
Copies CopiesConfig `json:"copies" validate:"omitempty,unique,dive"`
CommonConfig `json:",inline"`
// contains filtered or unexported fields
}
VariantConfig holds configuration fields for each defined build variant.
func ExpandVariant ¶
func ExpandVariant(config *Config, name string) (*VariantConfig, error)
ExpandVariant merges a named variant with a config. It also attempts to recursively expand any included variants in the expanded variant.
func GetVariant ¶ added in v0.10.0
func GetVariant(config *Config, name string) (*VariantConfig, error)
GetVariant retrieves a requested *VariantConfig from the main config
func NewVariantConfig ¶ added in v0.10.0
func NewVariantConfig(name string) *VariantConfig
NewVariantConfig constructs a new VariantConfig with the given name.
func (*VariantConfig) InstructionsForPhase ¶
func (vc *VariantConfig) InstructionsForPhase(phase build.Phase) []build.Instruction
InstructionsForPhase injects build instructions related to dropping priviledge and the application entrypoint, then it delegates to its common and copies configurations. It also enforces the correct UID/GID on all copy instructions returned from deeper config structs.
PhasePrivileged ¶
Ensure the process and file owner is root.
PhasePrivilegeDropped ¶
Ensure the process and file owner is the "lives.as" user.
PhasePreInstall ¶
Ensure the process and file owner is the "lives.as" user.
PhaseInstall ¶
Ensure the process and file owner is the "lives.as" user.
PhasePostInstall ¶
Ensure the process and file owner is the "runs.as" user, unless configured to run insecurely as the "lives.as" user. Finally, sets the application entrypoint.
func (*VariantConfig) Merge ¶
func (vc *VariantConfig) Merge(vc2 VariantConfig)
Merge takes another VariantConfig and overwrites this struct's fields.
Source Files