I'm working on creating a Tekton pipeline on my Kind cluster. I have a Task where the first step builds a container image using buildah. And now I want to verify that the container image was actually created.
So in the next step, I try to "view" my container image (with ls). I've mounted an emptyDir volume to the Task, and my mount path is /var/lib/containers (where buildah puts its artifacts by default). I have tried doing an ls /var/lib/containers in a following step, but I get a no such file or directory response. I guess this is because the second step is happening in a new container? But I thought that the volume existed in all my containers for this specific Task. I'm not very educated on how this works, as you can see.
So is there any good way to verify that my container image was actually created? Can I for instance stop the pod from terminating after the Task is finished, so that I can shell into the container and browse the file system or something?
Here is the Task definition:
---
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: build-and-deploy
spec:
params:
- name: contextDir
default: .
- name: destinationImage
default: "$(outputs.resources.app-image.url)"
- name: dockerFile
default: Dockerfile
resources:
inputs:
- name: repo
type: git
outputs:
- name: app-image
type: image
steps:
- name: build-image
image: quay.io/buildah/stable
workingDir: "/workspace/repo/$(inputs.params.contextDir)"
command: ["buildah", "bud", "--layers", "-f", "$(inputs.params.dockerFile)", "-t", "$(inputs.params.destinationImage)", "."]
volumeMounts:
- name: varlibcontainers
mountPath: /var/lib/containers
securityContext:
privileged: true
runAsUser: 0
volumes:
- name: varlibcontainers
emptyDir: {}
So is there any good way to verify that my container image was actually created?
You seem to have created a custom Buildah-task. I would recommend to use the Buildah-task from Tekton Catalog, or at least use it as inspiration.
The Buildah-task in the catalog use a digestfile that is written by buildah when pushed (I guess you want to push it so that you can deploy it?) and then the Task has a Task Result that returns the image digest - if any step fails that step is shown as failed and you can see it in e.g. a Dashboard or using the cli client.