forked from SchemaStore/schemastore
-
Notifications
You must be signed in to change notification settings - Fork 0
/
cloudbuild.json
379 lines (379 loc) · 19.5 KB
/
cloudbuild.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
{
"$id": "https://json.schemastore.org/cloudbuild",
"$schema": "http://json-schema.org/draft-07/schema#",
"definitions": {
"BuildStep": {
"description": "A step in the build pipeline.",
"type": "object",
"properties": {
"name": {
"description": "Required. The name of the container image that will run this particular\nbuild step.\n\nIf the image is available in the host's Docker daemon's cache, it\nwill be run directly. If not, the host will attempt to pull the image\nfirst, using the builder service account's credentials if necessary.\n\nThe Docker daemon's cache will already have the latest versions of all of\nthe officially supported build steps\n([https://github.com/GoogleCloudPlatform/cloud-builders](https://github.com/GoogleCloudPlatform/cloud-builders)).\nThe Docker daemon will also have cached many of the layers for some popular\nimages, like \"ubuntu\", \"debian\", but they will be refreshed at the time you\nattempt to use them.\n\nIf you built an image in a previous build step, it will be stored in the\nhost's Docker daemon's cache and is available to use as the name for a\nlater build step.",
"type": "string"
},
"waitFor": {
"description": "The ID(s) of the step(s) that this build step depends on.\nThis build step will not start until all the build steps in `wait_for`\nhave completed successfully. If `wait_for` is empty, this build step will\nstart when all previous build steps in the `Build.Steps` list have\ncompleted successfully.",
"type": "array",
"items": {
"type": "string"
}
},
"env": {
"description": "A list of environment variable definitions to be used when running a step.\n\nThe elements are of the form \"KEY=VALUE\" for the environment variable \"KEY\"\nbeing given the value \"VALUE\".",
"type": "array",
"items": {
"type": "string"
}
},
"entrypoint": {
"description": "Entrypoint to be used instead of the build step image's default entrypoint.\nIf unset, the image's default entrypoint is used.",
"type": "string"
},
"volumes": {
"description": "List of volumes to mount into the build step.\n\nEach volume is created as an empty volume prior to execution of the\nbuild step. Upon completion of the build, volumes and their contents are\ndiscarded.\n\nUsing a named volume in only one step is not valid as it is indicative\nof a build request with an incorrect configuration.",
"type": "array",
"items": {
"$ref": "#/definitions/Volume"
}
},
"args": {
"description": "A list of arguments that will be presented to the step when it is started.\n\nIf the image used to run the step's container has an entrypoint, the `args`\nare used as arguments to that entrypoint. If the image does not define\nan entrypoint, the first element in args is used as the entrypoint,\nand the remainder will be used as arguments.",
"type": "array",
"items": {
"type": "string"
}
},
"timeout": {
"type": "string",
"description": "Time limit for executing this build step. If not defined, the step has no\ntime limit and will be allowed to continue to run until either it completes\nor the build itself times out.",
"format": "google-duration",
"pattern": "^\\d+(\\.\\d{0,9})?s$",
"default": "600s",
"examples": ["3.5s"]
},
"id": {
"description": "Unique identifier for this build step, used in `wait_for` to\nreference this build step as a dependency.",
"type": "string"
},
"secretEnv": {
"description": "A list of environment variables which are encrypted using a Cloud Key\nManagement Service crypto key. These values must be specified in the\nbuild's `Secret`.",
"type": "array",
"items": {
"type": "string"
}
},
"dir": {
"description": "Working directory to use when running this step's container.\n\nIf this value is a relative path, it is relative to the build's working\ndirectory. If this value is absolute, it may be outside the build's working\ndirectory, in which case the contents of the path may not be persisted\nacross build step executions, unless a `volume` for that path is specified.\n\nIf the build specifies a `RepoSource` with `dir` and a step with a `dir`,\nwhich specifies an absolute path, the `RepoSource` `dir` is ignored for\nthe step's execution.",
"type": "string"
}
}
},
"BuildOptions": {
"description": "Optional arguments to enable specific features of builds.",
"type": "object",
"properties": {
"machineType": {
"enum": [
"UNSPECIFIED",
"N1_HIGHCPU_8",
"N1_HIGHCPU_32",
"E2_HIGHCPU_8",
"E2_HIGHCPU_32"
],
"description": "Compute Engine machine type on which to run the build.",
"type": "string",
"enumDescriptions": [
"Standard machine type.",
"Highcpu machine with 8 CPUs.",
"Highcpu machine with 32 CPUs.",
"Highcpu e2 machine with 8 CPUs.",
"Highcpu e2 machine with 32 CPUs."
]
},
"volumes": {
"description": "Global list of volumes to mount for ALL build steps\n\nEach volume is created as an empty volume prior to starting the build\nprocess. Upon completion of the build, volumes and their contents are\ndiscarded. Global volume names and paths cannot conflict with the volumes\ndefined a build step.\n\nUsing a global volume in a build with only one step is not valid as\nit is indicative of a build request with an incorrect configuration.",
"type": "array",
"items": {
"$ref": "#/definitions/Volume"
}
},
"logStreamingOption": {
"enum": ["STREAM_DEFAULT", "STREAM_ON", "STREAM_OFF"],
"description": "Option to define build log streaming behavior to Google Cloud\nStorage.",
"type": "string",
"enumDescriptions": [
"Service may automatically determine build log streaming behavior.",
"Build logs should be streamed to Google Cloud Storage.",
"Build logs should not be streamed to Google Cloud Storage; they will be\nwritten when the build is completed."
]
},
"workerPool": {
"description": "Option to specify a `WorkerPool` for the build. User specifies the pool\nwith the format \"[WORKERPOOL_PROJECT_ID]/[WORKERPOOL_NAME]\".\nThis is an experimental field.",
"type": "string"
},
"env": {
"description": "A list of global environment variable definitions that will exist for all\nbuild steps in this build. If a variable is defined in both globally and in\na build step, the variable will use the build step value.\n\nThe elements are of the form \"KEY=VALUE\" for the environment variable \"KEY\"\nbeing given the value \"VALUE\".",
"type": "array",
"items": {
"type": "string"
}
},
"logging": {
"enum": [
"LOGGING_UNSPECIFIED",
"LEGACY",
"GCS_ONLY",
"CLOUD_LOGGING_ONLY",
"NONE"
],
"description": "Option to specify the logging mode, which determines where the logs are\nstored.",
"type": "string",
"enumDescriptions": [
"The service determines the logging mode. The default is `LEGACY`. Do not\nrely on the default logging behavior as it may change in the future.",
"Stackdriver logging and Cloud Storage logging are enabled.",
"Only Cloud Storage logging is enabled.",
"Only Cloud Logging is enabled. Note that logs for both the Cloud Console UI and Cloud SDK are based on Cloud Storage logs, so neither will provide logs if this option is chosen.",
"Turn off all logging. No build logs will be captured."
]
},
"requestedVerifyOption": {
"description": "Requested verifiability options.",
"type": "string",
"enumDescriptions": [
"Not a verifiable build. (default)",
"Verified build."
],
"enum": ["NOT_VERIFIED", "VERIFIED"]
},
"substitutionOption": {
"enum": ["MUST_MATCH", "ALLOW_LOOSE"],
"description": "Option to specify behavior when there is an error in the substitution\nchecks.",
"type": "string",
"enumDescriptions": [
"Fails the build if error in substitutions checks, like missing\na substitution in the template or in the map.",
"Do not fail the build if error in substitutions checks."
]
},
"diskSizeGb": {
"description": "Requested disk size for the VM that runs the build. Note that this is *NOT*\n\"disk free\"; some of the space will be used by the operating system and\nbuild utilities. Also note that this is the minimum disk size that will be\nallocated for the build -- the build may run with a larger disk than\nrequested. At present, the maximum disk size is 1000GB; builds that request\nmore than the maximum are rejected with an error.",
"format": "int64",
"type": "string"
},
"secretEnv": {
"description": "A list of global environment variables, which are encrypted using a Cloud\nKey Management Service crypto key. These values must be specified in the\nbuild's `Secret`. These variables will be available to all build steps\nin this build.",
"type": "array",
"items": {
"type": "string"
}
},
"sourceProvenanceHash": {
"enumDescriptions": [
"No hash requested.",
"Use a sha256 hash.",
"Use a md5 hash."
],
"description": "Requested hash for SourceProvenance.",
"type": "array",
"items": {
"enum": ["NONE", "SHA256", "MD5"],
"type": "string"
}
}
}
},
"Secret": {
"description": "Pairs a set of secret environment variables containing encrypted\nvalues with the Cloud KMS key to use to decrypt the value.",
"type": "object",
"properties": {
"kmsKeyName": {
"type": "string",
"description": "Cloud KMS key name to use to decrypt these envs."
},
"secretEnv": {
"type": "object",
"additionalProperties": {
"format": "byte",
"type": "string"
},
"description": "Map of environment variable name to its encrypted value.\n\nSecret environment variables must be unique across all of a build's\nsecrets, and must be used by at least one build step. Values can be at most\n64 KB in size. There can be at most 100 secret values across all of a\nbuild's secrets."
}
}
},
"Source": {
"description": "Location of the source in a supported storage service.",
"type": "object",
"properties": {
"storageSource": {
"description": "If provided, get the source from this location in Google Cloud Storage.",
"$ref": "#/definitions/StorageSource"
},
"repoSource": {
"description": "If provided, get the source from this location in a Cloud Source\nRepository.",
"$ref": "#/definitions/RepoSource"
}
}
},
"StorageSource": {
"description": "Location of the source in an archive file in Google Cloud Storage.",
"type": "object",
"properties": {
"generation": {
"type": "string",
"description": "Google Cloud Storage generation for the object. If the generation is\nomitted, the latest generation will be used.",
"format": "int64"
},
"bucket": {
"description": "Google Cloud Storage bucket containing the source (see\n[Bucket Name\nRequirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)).",
"type": "string"
},
"object": {
"description": "Google Cloud Storage object containing the source.\n\nThis object must be a gzipped archive file (`.tar.gz`) containing source to\nbuild.",
"type": "string"
}
},
"$id": "StorageSource"
},
"RepoSource": {
"description": "Location of the source in a Google Cloud Source Repository.",
"type": "object",
"properties": {
"tagName": {
"description": "Name of the tag to build.",
"type": "string"
},
"projectId": {
"description": "ID of the project that owns the Cloud Source Repository. If omitted, the\nproject ID requesting the build is assumed.",
"type": "string"
},
"repoName": {
"description": "Name of the Cloud Source Repository. If omitted, the name \"default\" is\nassumed.",
"type": "string"
},
"commitSha": {
"description": "Explicit commit SHA to build.",
"type": "string"
},
"dir": {
"description": "Directory, relative to the source root, in which to run the build.\n\nThis must be a relative path. If a step's `dir` is specified and is an\nabsolute path, this value is ignored for that step's execution.",
"type": "string"
},
"branchName": {
"description": "Name of the branch to build.",
"type": "string"
}
}
},
"Artifacts": {
"description": "Artifacts produced by a build that should be uploaded upon\nsuccessful completion of all build steps.",
"type": "object",
"properties": {
"objects": {
"description": "A list of objects to be uploaded to Cloud Storage upon successful\ncompletion of all build steps.\n\nFiles in the workspace matching specified paths globs will be uploaded to\nthe specified Cloud Storage location using the builder service account's\ncredentials.\n\nThe location and generation of the uploaded objects will be stored in the\nBuild resource's results field.\n\nIf any objects fail to be pushed, the build is marked FAILURE.",
"$ref": "#/definitions/ArtifactObjects"
},
"images": {
"description": "A list of images to be pushed upon the successful completion of all build\nsteps.\n\nThe images will be pushed using the builder service account's credentials.\n\nThe digests of the pushed images will be stored in the Build resource's\nresults field.\n\nIf any of the images fail to be pushed, the build is marked FAILURE.",
"type": "array",
"items": {
"type": "string"
}
}
}
},
"ArtifactObjects": {
"description": "Files in the workspace to upload to Cloud Storage upon successful\ncompletion of all build steps.",
"type": "object",
"properties": {
"location": {
"description": "Cloud Storage bucket and optional object path, in the form\n\"gs://bucket/path/to/somewhere/\". (see [Bucket Name\nRequirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)).\n\nFiles in the workspace matching any path pattern will be uploaded to\nCloud Storage with this location as a prefix.",
"type": "string"
},
"paths": {
"description": "Path globs used to match files in the build's workspace.",
"type": "array",
"items": {
"type": "string"
}
}
}
},
"Volume": {
"description": "Volume describes a Docker container volume which is mounted into build steps\nin order to persist files across build step execution.",
"type": "object",
"properties": {
"name": {
"description": "Name of the volume to mount.\n\nVolume names must be unique per build step and must be valid names for\nDocker volumes. Each named volume must be used by at least two build steps.",
"type": "string"
},
"path": {
"description": "Path at which to mount the volume.\n\nPaths must be absolute and cannot conflict with other volume paths on the\nsame build step or with certain reserved volume paths.",
"type": "string"
}
}
}
},
"description": "A build resource in the Cloud Build API.\n\nAt a high level, a `Build` describes where to find source code, how to build\nit (for example, the builder image to run on the source), and where to store\nthe built artifacts.\n\nFields can include the following variables, which will be expanded when the\nbuild is created:\n\n- $PROJECT_ID: the project ID of the build.\n- $BUILD_ID: the autogenerated ID of the build.\n- $REPO_NAME: the source repository name specified by RepoSource.\n- $BRANCH_NAME: the branch name specified by RepoSource.\n- $TAG_NAME: the tag name specified by RepoSource.\n- $REVISION_ID or $COMMIT_SHA: the commit SHA specified by RepoSource or\n resolved from the specified branch or tag.\n- $SHORT_SHA: first 7 characters of $REVISION_ID or $COMMIT_SHA.",
"properties": {
"steps": {
"type": "array",
"items": {
"$ref": "#/definitions/BuildStep"
},
"description": "Required. The operations to be performed on the workspace."
},
"logsBucket": {
"description": "Google Cloud Storage bucket where logs should be written (see\n[Bucket Name\nRequirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)).\nLogs file names will be of the format `${logs_bucket}/log-${build_id}.txt`.",
"type": "string"
},
"tags": {
"type": "array",
"items": {
"type": "string"
},
"description": "Tags for annotation of a `Build`. These are not docker tags."
},
"substitutions": {
"additionalProperties": {
"type": "string"
},
"description": "Substitutions data for `Build` resource.",
"type": "object"
},
"images": {
"description": "A list of images to be pushed upon the successful completion of all build\nsteps.\n\nThe images are pushed using the builder service account's credentials.\n\nThe digests of the pushed images will be stored in the `Build` resource's\nresults field.\n\nIf any of the images fail to be pushed, the build status is marked\n`FAILURE`.",
"type": "array",
"items": {
"type": "string"
}
},
"options": {
"$ref": "#/definitions/BuildOptions",
"description": "Special options for this build."
},
"source": {
"$ref": "#/definitions/Source",
"description": "The location of the source files to build."
},
"artifacts": {
"$ref": "#/definitions/Artifacts",
"description": "Artifacts produced by the build that should be uploaded upon\nsuccessful completion of all build steps."
},
"timeout": {
"description": "Amount of time that this build should be allowed to run, to second\ngranularity. If this amount of time elapses, work on the build will cease\nand the build status will be `TIMEOUT`.\n\nDefault time is ten minutes.",
"format": "google-duration",
"type": "string",
"pattern": "^\\d+(\\.\\d{0,9})?s$",
"default": "600s",
"examples": ["3.5s"]
},
"secrets": {
"description": "Secrets to decrypt using Cloud Key Management Service.",
"type": "array",
"items": {
"$ref": "#/definitions/Secret"
}
}
},
"required": ["steps"],
"title": "Google Cloud Build build config file",
"type": "object"
}