A wrapper for buildah(1) commands. Create OCI containers in Lua instead of Dockerfile, Containerfile instructions or shell scripts. With buildah you have built-in layer squashing, faster builds, daemon-less operation, and capability for regular(non-root) users to create containers among other things. This wrapper also has useful abstractions such as removing whole toolchains from the container’s filesystem like Alpine apk-tools and Debian apt/dpkg.
A DSL module for LadyLua.
You can use selene and stylua for linting and formatting your code. A selene configuration is bundled with buildah.lua.
Check the sample directory in the repo for a sample of a non-trivial Dockerfile converted to Lua.
Besides the documented commands below, this DSL module also has a string interpolation extension.
JENKINS_HOME = "/var/jenkins_home" CONFIG.ENV = "JENKINS_HOME=%s" % JENKINS_HOME
-
buildah
-
coreutils
-
rsync
-
crun
|
ℹ️
|
All instructions will signal an exit on error. |
|
ℹ️
|
Any instructions before FROM() is skipped. |
- FROM ([IMAGE][, ID][, ASSETS])
- ADD (SOURCE, DESTINATION[, CHOWN][, CHMOD])
- RUN (COMMAND)
- SCRIPT (FILE)
- SH (COMMAND)
- APT_GET (COMMAND)
- APT_PURGE (PACKAGE)
- APK (COMMAND)
- COPY (SOURCE, DESTINATION[, CHOWN][, CHMOD])
- UPLOAD (SOURCE, DESTINATION)
- DOWNLOAD (SOURCE[, DESTINATION])
- MKDIR (DIRECTORY[, MODE])
- CHMOD (PATH, MODE)
- RM (PATH)
- NOTIFY (MAP)
- CONFIG (MAP)
- ENTRYPOINT (…)
- COMMIT (NAME)
- PUSH (NAME, URL)
- ARCHIVE (PATH)
- DIR (PATH)
- TAR (PATH)
- PURGE (OPTION)
Creates a new working container, either from scratch, an image, or using an existing container as a starting point.
| Required | Type | Description | Default | Example |
|---|---|---|---|---|
No |
string |
Container image |
scratch |
docker://docker.io/library/debian:buster-slim |
No |
string |
A 27-character KSUID. If set, reuses the previously created container with specified ID |
Generated KSUID |
1kk… |
No |
string |
Assets directory |
current directory "." |
/home/ed/buildah |
Adds the contents of a file, URL, or directory to a destination path within the container.
Copy file to a destination path within the container.
| Required | Type | Description | Default | Example |
|---|---|---|---|---|
Yes |
string |
File, without a leading (/) it attempts to copy from the ASSETS directory set in |
sysctl.conf |
|
No |
string |
Path |
Copies SOURCE to the container’s root(/) directory |
/etc/sysctl.conf |
No |
string |
chown string, user and group ownership of destination |
ed:ed |
|
No |
string |
chmod string, access permissions of destination |
0644 |
Copy file to a destination path within the container. Difference with COPY is that this can read .dockerignore.
Send start and end instruction notification.
| Key | Description | Example |
|---|---|---|
TELEGRAM |
Send to Telegram channel, requires a |
string: "-123123123" |
PUSHOVER |
Send to Pushover registered device, requires a |
string: "a09mfg9349vmv" |
SLACK |
Send message to Slack webhook, requires a |
string: "T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX" |
Apply configuration settings to container.
| Key | Description | Example |
|---|---|---|
ANNOTATION |
Annotation |
|
ARCH |
Architecture |
|
AUTHOR |
Author |
|
CMD |
Default command |
|
COMMENT |
Comment |
|
DOMAINNAME |
Domain name |
|
ENV |
environment variable |
|
healthcheck |
Health check command |
|
healthcheck-interval |
Health check command interval |
|
healthcheck-retries |
Health check command number of retries |
|
healthcheck-start-period |
Amount of time to wait after starting a container before a failed health check counts as a failure |
|
healthcheck-timeout |
Maximum time to wait for health check command |
|
HOSTNAME |
Host name |
|
LABEL |
Labels |
|
OS |
Operating system |
|
PORT |
Ports to expose |
|
SHELL |
Shell |
|
STOP-SIGNAL |
Signal e.g. SIGTERM |
|
USER |
Default user |
|
VOLUME |
Volume |
/home/e |
WORKINGDIR |
Default working directory |