Build an OCI image from a Containerfile


All container build APIs are in tech preview. Backwards compatibility when upgrading is not guaranteed.

Users can add new images to a container repository by uploading a Containerfile. The syntax for Containerfile is the same as for a Dockerfile. The same REST API endpoint also accepts a JSON string that maps artifacts in Pulp to a filename. Any artifacts passed in are available inside the build container at /pulp_working_directory.

Create a Repository

#!/usr/bin/env bash
REPO_NAME=$(head /dev/urandom | tr -dc a-z | head -c5)

echo "Creating a new repository named $REPO_NAME."
REPO_HREF=$(http POST $BASE_ADDR/pulp/api/v3/repositories/container/container/ name=$REPO_NAME \
  | jq -r '.pulp_href')

echo "Inspecting repository."

Repository GET Response:

    "pulp_created": "2019-09-05T14:29:43.424822Z",
    "pulp_href": "/pulp/api/v3/repositories/container/container/fcf03266-f0e4-4497-8434-0fe9d94c8053/",
    "latest_version_href": null,
    "versions_href": "/pulp/api/v3/repositories/container/container/ffcf03266-f0e4-4497-8434-0fe9d94c8053/versions/",
    "description": null,
    "name": "codzo"

Create an Artifact

#!/usr/bin/env bash

echo "Create a text file and upload it to Pulp"

echo 'Hello world!' > example.txt

ARTIFACT_HREF=$(http --form POST http://localhost/pulp/api/v3/artifacts/ \
    file@./example.txt \
    | jq -r '.pulp_href')

echo "Inspecting new artifact."

Artifact GET Response:

    "pulp_created": "2019-05-16T20:07:48.066089Z",
    "pulp_href": "/pulp/api/v3/artifacts/cff8078a-826f-4f7e-930d-422c2f134a07/",
    "file": "artifact/97/144ab16c9aa0e6072d471d6aebe7c21083e21359137e676445bfeb4051ba25",
    "md5": "5148c996f375ed5aab94ef6993df90a0",
    "sha1": "a7bd2bcaf1d68505f3e8b2cfe3505d01b31db306",
    "sha224": "18a167922b68a3fb8f2d9a71fa78f9776f5402dce4b3d97d5cea2559",
    "sha256": "97144ab16c9aa0e6072d471d6aebe7c21083e21359137e676445bfeb4051ba25",
    "sha384": "4cd006bfac7f2e41baa8c411536579b134daeb3ad666310d21463f384a7020360703fc5538b4eca724033498d514e144",
    "sha512": "e1aae6bbc6fd24cf890b82ffa824629518e6e93935935a0b7c008fbd9fa59f08aa32a7d8580b31a65b21caa0f48e737d8e555eaa777912bea5772799f64a2dd4",
    "size": 11

Reference (pulpcore): Artifact API Usage

Create a Containerfile

#!/usr/bin/env bash

echo "Create a Containerfile that expects foo/bar/example.txt inside /pulp_working_directory."

echo 'FROM centos:7

# Copy a file using COPY statement. Use the relative path specified in the 'artifacts' parameter.
COPY foo/bar/example.txt /inside-image.txt

# Print the content of the file when the container starts
CMD ["cat", "/inside-image.txt"]' >> Containerfile

Build an OCI image

#!/usr/bin/env bash

echo "Create a task that will build a container image from a Containerfile."

TASK_HREF=$(http --form POST :$REPO_HREF'build_image/' containerfile@./Containerfile \
artifacts="{\"$ARTIFACT_HREF\": \"foo/bar/example.txt\"}"  | jq -r '.task')

# Poll the task (here we use a function defined in docs/_scripts/
wait_until_task_finished $BASE_ADDR$TASK_HREF

# After the task is complete, it gives us a new repository version
echo "Set REPOVERSION_HREF from finished task."
REPOVERSION_HREF=$(http $BASE_ADDR$TASK_HREF| jq -r '.created_resources | first')

echo "Inspecting RepositoryVersion."


Non-staff users, lacking read access to the artifacts endpoint, may encounter restricted functionality as they are prohibited from listing artifacts uploaded to Pulp and utilizing them within the build process.