Source-to-Image (s2i) is a framework that makes it easy to write images that take application source code as an input and produce a new image that runs the assembled application as output.
The main advantage of using s2i for building reproducible Docker images is the ease of use for developers. As a builder image author, you must understand two basic concepts in order for your images to provide the best possible s2i performance: the build process and s2i scripts.
The build process consists of the following three fundamental elements, which are combined into a final Docker image:
sources
s2i scripts
builder image
During the build process, s2i must place sources and scripts inside the builder
image. To do so, s2i creates a tar file that contains the sources and
scripts, then streams that file into the builder image. Before executing the
assemble script, s2i untars that file and places its contents into the
location specified with the --destination
flag or the io.openshift.s2i.destination
label from the builder image, with the default location being the
/tmp directory.
For this process to happen, your image must supply the tar archiving
utility (the tar
command available in $PATH
) and the command line
interpreter (the /bin/sh
command); this allows your image to use the fastest
possible build path. If the tar
or /bin/sh
command is not available, the
sti build
process is forced to automatically perform an additional Docker build
to put both the sources and the scripts inside the image, and only then run the
usual sti build
procedure.
See the following diagram for the basic s2i build workflow:
Run build’s responsibility is to untar the sources, scripts and artifacts (if such exist) and invoke the assemble
script. If this is the second run (after catching tar
//bin/sh
not found error) it is responsible only for invoking assemble
script, since both scripts and sources are already there.
You can write s2i scripts in any programming language, as long as the scripts are
executable inside the builder image. s2i supports multiple options providing
assemble
/run
/save-artifacts
scripts. All of these locations are checked on
each build in the following order:
A script found at the --scripts-url
URL
A script found in the application source .sti/bin
directory
A script found at the default image URL (io.openshift.s2i.scripts-url
label)
Both the io.openshift.s2i.scripts-url
label specified in the image and the --scripts-url
flag
can take one of the following form:
image://path_to_scripts_dir
- absolute path inside the image to a directory where the s2i scripts are located
file://path_to_scripts_dir
- relative or absolute path to a directory on the host where the s2i scripts are located
http(s)://path_to_scripts_dir
- URL to a directory where the s2i scripts are located
In case where the scripts are already placed inside the image (using --scripts-url
or io.openshift.s2i.scripts-url with value image:///path/in/image ) then setting --destination
or io.openshift.s2i.destination label applies only to sources and artifacts.
|
Script | Description | ||
---|---|---|---|
assemble (required) |
The assemble script builds the application artifacts from a source and places them into appropriate directories inside the image. The workflow for this script is:
|
||
run (required) |
The run script executes your application. |
||
save-artifacts (optional) |
The save-artifacts script gathers all dependencies that can speed up the build processes that follow. For example:
These dependencies are gathered into a tar file and streamed to the standard output. |
||
usage (optional) |
The usage script allows you to inform the user how to properly use your image. |
||
test/run (optional) |
The test/run script allows you to create a simple process to check if the image is working correctly. The proposed flow of that process is:
See the Testing s2i Images topic for more information.
|
Example s2i Scripts
The following examples are written in Bash and it is assumed all tar contents are unpacked into the /tmp/sti directory. |
#!/bin/bash # restore build artifacts if [ "$(ls /tmp/sti/artifacts/ 2>/dev/null)" ]; then mv /tmp/sti/artifacts/* $HOME/. fi # move the application source mv /tmp/sti/src $HOME/src # build application artifacts pushd ${HOME} make all # install the artifacts make install popd
#!/bin/bash # run the application /opt/application/run.sh
#!/bin/bash pushd ${HOME} if [ -d deps ]; then # all deps contents to tar stream tar cf - deps fi popd
#!/bin/bash # inform the user how to use the image cat <<EOF This is a s2i sample builder image, to use it, install https://github.com/openshift/source-to-image EOF
ONBUILD
InstructionsThe ONBUILD
instructions can be found in many official Docker images. For
example:
See the Docker documentation
for more information on ONBUILD
.
Upon start s2i detects whether the builder image uses ONBUILD
instructions.
If there are none, the regular s2i build is performed,
otherwise a different strategy is chosen. During such a s2i build,
all ONBUILD
instructions are executed in the order they were defined in the
builder image’s Dockerfile. The s2i scripts are not required for this strategy,
but they can be used as a supplement to existing ONBUILD
instructions.
Many official Docker images that use ONBUILD
do not declare the image CMD
or
ENTRYPOINT
, and for that, s2i must know how to run your application. There are
two methods for defining the ENTRYPOINT
:
Include the run script in your application root folder. s2i recognizes it
and sets it as the application image ENTRYPOINT
.
Use the s2i scripts. If you provide them, the run script
is set as an image ENTRYPOINT
. If the s2i scripts location also includes the
assemble script, that script is executed as the last instruction of the underlying
Docker build.