Building container images done right with Habitus 1.0!

We are really excited to announce the release of Habitus 1.0 today!

What’s Habitus?

Habitus is a standalone build flow tool for Docker. It is a command line tool that builds Docker images based on their Dockerfile(s) and a build.yml. You get the power to build a small and secure production ready container images.

This means you can create a chain of builds to generate your final Docker image based on a workflow. This is particularly useful if your code is in compiled languages like Java or Go or if you need to use secrets like SSH keys during the build.

A small selection of use cases:

Also handy in the ‘modern-web-techland’ when precompiling your assets (webpack for example). Those intermediate steps can be part of a Habitus build step too.

Habitus feature set

  • Use build.yml to build the image
  • Supports multi-tenancy of builds by using UID parameters
  • Allows to run arbitrary commands inside of the build container
  • Allows dovetailing (sequencing) of the images from different steps
  • After the build, Habitus will run Cleanup command. This will result in ‘squashing’ the image, therefore removing any traces of unwanted layers
  • Allows you to define and manage secrets configuration (file and environment variables based) for your build
  • Allows you specify any artifacts or folder of artifacts — they’ll be copied from the built image onto the working directory, so they’ll be available for next steps.
  • Support for non-TLS connections to Docker daemons.

New 1.0 features

With the release of 1.0, we’ve added more features, thanks to all for the feedback we got from people around the world using Habitus for their own build flow tools.

Check out Habitus 1.0 new features and improvements:

Easy installation

The installation on your local box is much easier! Just run the following command if your run Linux or macOS.

curl -sSL https://raw.githubusercontent.com/cloud66/habitus/master/habitus_install.sh | bash

Or download Habitus straight from our repository if you are running Windows.

Run arbitrary commands after a build step.

With this release, you can run arbitrary commands inside of the container after it’s built or run commands on the host system.

build:    version: 2016-03-14    steps:      step1:         name: step1         dockerfile: Dockerfile         # run on the host after this build step         after_build_command: some_host_command         # will run in the running container after it's built        command: some_container_command

Because of security reasons, you need to enable this explicitly:

$ habitus --after-build-command=true ...

Don’t use cache in a build step

You can specify for each step if you want to use the cache.

build:    version: 2016-03-14    steps:      step1:         name: step1         dockerfile: Dockerfile         no_cache: true

Support to use environment variables as secrets.

Besides using a file to expose secrets to your build process you can also use environment variables. Just select the --sec-providers and you can start using environment variables.

$ habitus --secrets=true --sec-providers="env"

build.yml

build:    version: 2016-03-14    steps:      builder:         name: builder         dockerfile: Dockerfile         no_cache: true         secrets: my_env_secret:         type: env         value: VERY_SECRET_STUFF

In this example when you hit the secret server you get the value of my_env_secret.

Note All values of an EnvVar will be prefixed with HABITUS_. In the above example the value of env VERY_SECRET_STUFF will be taken from the host env called HABITUS_VERY_SECRET_STUFF

The example below shows you how to retrieve the secret from the secret service and use it in your build.

... RUN wget -qO- http://$host:$port/v1/secrets/env/my_env_secret | less ...

Using Habitus with Cloud 66

Of course, we deploy Habitus 1.0 on Buildgrid to give you access to complex build flows. Buildgrid is our docker image build service.

A simple service.yml shows you how to run Habitus on Buildgrid.

service.yml

services:    your-service:      git_url: http://github.com/your-nick/your-service.git     git_branch: master      env_vars:         HABITUS_VERY_SECRET_STUFF: launch_codes     use_habitus: true     use_habitus_step: builder     build_root: microservices/a-small-service

build.yml

build:    version: 2016-03-14    steps:       builder:       name: builder       dockerfile: Dockerfile       no_cache: true       secrets:          my_env_secret:              type: env              value: VERY_SECRET_STUFF

In the above example, Buildgrid will check out your Git repo and run Habitus in the context folder microservices/a-small-service. When Habitus is done the image to use is the step with the name builder.

Dockerfile

FROM ubuntu:16.04 
# install packages
RUN apt-get update RUN apt-get install wget -y RUN apt-get install less -y # values populated by Cloud 66 ARG habitus_host ARG habitus_port ARG habitus_password ARG habitus_user # call secret service RUN wget --http-user=$habitus_user --http-password=$habitus_password -qO- http://$habitus_host:$habitus_port/v1/secrets/env/my_env_secret | less

The Dockerfile is using two build arguments (habitus_host and habitus_port). These are automagically allocated by Buildgrid and you need to use this variable to pull down your secret: http://$habitus_host:$habitus_port/v1/secrets/env/my_env_secret

Let us know what you think and don’t be shy asking questions on Slack, adding support tickets, feature requests or do a pull request (we love them!). Happy coding and welding the perfect container image!

Originally published at blog.cloud66.com on June 29, 2017.

--

--

--

DevOps-as-a-Service to help developers build, deploy and maintain apps on any Cloud. Sign-up for a free trial by visting: www.cloud66.com

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

💧The Biggest Airdrop 💧

21 April 2021 — Venus Vaults Post-Mortem

Girl Script Summer of Code Extended Experience as a Research Participant

Disconnect

Kinesis (AWS)vs PubSub (GCP) and how they stand near Kafka

Run your ownCloud on any server with Containers and Cloud 66

Arduino — Timers & Interrupts

How to use Packer to Build a Debian 10 Template for VMware vSphere

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Cloud 66

Cloud 66

DevOps-as-a-Service to help developers build, deploy and maintain apps on any Cloud. Sign-up for a free trial by visting: www.cloud66.com

More from Medium

Using containers for your project

Simple docker architecture

Install WordPress with Docker Nginx Reverse Proxy to Apache with SSL

Setup Container Redis, run commands, and publish/subscribe messages

What is Kubernetes? Explain like I’m 5