{ "$schema": "https://json-schema.org/draft/2020-12/schema", "$id": "https://chainguard.dev/apko/pkg/build/types/image-configuration", "$ref": "#/$defs/ImageConfiguration", "$defs": { "BaseImageDescriptor": { "properties": { "image": { "type": "string", "description": "Required: Path to the base image OCI layout. Right now only local files are supported." }, "apkindex": { "type": "string", "description": "Required: Path to file representing installed packages in the base image in APKINDEX format.\n(Assumes regular Alpine repository layout, that is: set /foo/bar if the index is /foo/bor/{aarch64|x86_64}/APKINDEX" } }, "additionalProperties": false, "type": "object" }, "Group": { "properties": { "groupname": { "type": "string", "description": "Required: The name of the group" }, "gid": { "type": "integer", "description": "Required: The group ID" }, "members": { "items": { "type": "string" }, "type": "array", "description": "Required: The list of members of the group" } }, "additionalProperties": false, "type": "object" }, "ImageAccounts": { "properties": { "run-as": { "type": "string", "description": "Required: The user to run the container as. This can be a username or UID." }, "users": { "items": { "$ref": "#/$defs/User" }, "type": "array", "description": "Required: List of users to populate the image with" }, "groups": { "items": { "$ref": "#/$defs/Group" }, "type": "array", "description": "Required: List of groups to populate the image with" } }, "additionalProperties": false, "type": "object" }, "ImageConfiguration": { "properties": { "contents": { "$ref": "#/$defs/ImageContents", "description": "Required: The apk packages in the container image" }, "entrypoint": { "$ref": "#/$defs/ImageEntrypoint", "description": "Required: The entrypoint of the container image\n\nThis typically is the path to the executable to run. Since many of\nimages do not include a shell, this should be the full path\nto the executable." }, "cmd": { "type": "string", "description": "Optional: The command of the container image\n\nThese are the additional arguments to pass to the entrypoint." }, "stop-signal": { "type": "string", "description": "Optional: The stop signal used to suspend the execution of the containers process" }, "work-dir": { "type": "string", "description": "Optional: The working directory of the container" }, "accounts": { "$ref": "#/$defs/ImageAccounts", "description": "Optional: Account configuration for the container image" }, "archs": { "items": { "type": "string" }, "type": "array", "description": "Optional: List of CPU architectures to build the container image for\n\nThe list of supported architectures is: 386, amd64, arm64, arm/v6, arm/v7, ppc64le, riscv64, s390x, loong64" }, "environment": { "additionalProperties": { "type": "string" }, "type": "object", "description": "Optional: Environment variables to set in the container image" }, "paths": { "items": { "$ref": "#/$defs/PathMutation" }, "type": "array", "description": "Optional: List of paths mutations" }, "vcs-url": { "type": "string", "description": "Optional: The link to version control system for this container's source code" }, "annotations": { "additionalProperties": { "type": "string" }, "type": "object", "description": "Optional: Annotations to apply to the images manifests" }, "include": { "type": "string", "description": "Optional: Path to a local file containing additional image configuration\n\nThe included configuration is deep merged with the parent configuration\n\nDeprecated: This will be removed in a future release." }, "volumes": { "items": { "type": "string" }, "type": "array", "description": "Optional: A list of volumes to configure\n\nThis is _not_ the same as Paths, but refers to the OCI spec \"volumes\"\nfield used by some container runtimes (docker) to create volumes at\nruntime. For most use cases, this is not needed, but consider using this\nwhen the image requires special volume configuration at runtime for\nsupported container runtimes." }, "layering": { "$ref": "#/$defs/Layering", "description": "Optional: Configuration to control layering of the OCI image." } }, "additionalProperties": false, "type": "object" }, "ImageContents": { "properties": { "build_repositories": { "items": { "type": "string" }, "type": "array", "description": "A list of apk repositories to use for pulling packages at build time,\nwhich are not installed into /etc/apk/repositories in the image (to\ninstall packages at runtime)" }, "runtime_repositories": { "items": { "type": "string" }, "type": "array", "description": "A list of apk repositories that are installed into /etc/apk/repositories in the image but not used\nat build time" }, "repositories": { "items": { "type": "string" }, "type": "array", "description": "A list of apk repositories to use for pulling packages during both the\ninitial construction of the image, and also at runtime by seeding them\ninto /etc/apk/repositories in the resulting image." }, "keyring": { "items": { "type": "string" }, "type": "array", "description": "A list of public keys used to verify the desired repositories" }, "packages": { "items": { "type": "string" }, "type": "array", "description": "A list of packages to include in the image" }, "baseimage": { "$ref": "#/$defs/BaseImageDescriptor", "description": "Optional: Base image to build on top of. Warning: Experimental." } }, "additionalProperties": false, "type": "object" }, "ImageEntrypoint": { "properties": { "type": { "type": "string", "description": "Optional: The type of entrypoint. Only \"service-bundle\" is supported." }, "command": { "type": "string", "description": "Required: The command of the entrypoint" }, "shell-fragment": { "type": "string", "description": "Optional: The shell fragment of the entrypoint command" }, "services": { "additionalProperties": { "type": "string" }, "type": "object" } }, "additionalProperties": false, "type": "object" }, "Layering": { "properties": { "strategy": { "type": "string" }, "budget": { "type": "integer" } }, "additionalProperties": false, "type": "object" }, "PathMutation": { "properties": { "path": { "type": "string", "description": "The target path to mutate" }, "type": { "type": "string", "description": "The type of mutation to perform\n\nThis can be one of: directory, empty-file, hardlink, symlink, permissions" }, "uid": { "type": "integer", "description": "The mutation's desired user ID" }, "gid": { "type": "integer", "description": "The mutation's desired group ID" }, "permissions": { "type": "integer", "description": "The permission bits for the path" }, "source": { "type": "string", "description": "The source path to mutate" }, "recursive": { "type": "boolean", "description": "Toggle whether to mutate recursively" } }, "additionalProperties": false, "type": "object" }, "User": { "properties": { "username": { "type": "string", "description": "Required: The name of the user" }, "uid": { "type": "integer", "description": "Required: The user ID" }, "gid": { "type": "integer", "description": "Required: The user's group ID" }, "shell": { "type": "string", "description": "Optional: The user's shell" }, "homedir": { "type": "string", "description": "Optional: The user's home directory" } }, "additionalProperties": false, "type": "object" } } }