In the Getting Started tutorial, you used the Paketo builder to build a Node.js app. One of the core pieces to Buildpacks and Builders are Stack Images. Stacks provide the buildpack lifecycle with build-time and run-time environments in the form of images.
stack consists of two images:
build image: the environment in which your app is built
run image: the OS layer on which your app runs
To learn more about the concept of
The Paketo project releases several stacks. We currently support two Ubuntu distributions: 18.04 Bionic Beaver and 22.04 Jammy Jellyfish. Tiny, Base, and Full stack variants differ in the number of packages installed in the OS layer. The available stacks, from smallest to largest, are:
In general, it is a best practice to select the smallest stack that supports the apps you are trying to build.
Paketo stacks are distributed in builders, which are necessary for buildpack builds. (See the Builders concepts page for more information.) You can also create your own builder based on a Paketo stack. See the Cloud Native Buildpacks Create a builder documentation for a step by step guide.
Stacks are rebuilt whenever a package is patched to fix a CVE. For more information about CVEs, see Common Vulnerabilities and Exposures (CVE). Stacks are also rebuilt weekly to ensure packages without CVEs are also up to date.
We aim to release stack updates that fix High and Critical CVEs within 48 hours of the patch release. For stack updates fixing Low and Medium CVEs, we aim to release within two weeks.
Note: Security scanning tools might report vulnerabilities in apps even when using the latest stack. This can occur when a CVE patch is not yet available upstream or if Canonical determines that the vulnerability is not severe enough to fix.
Stacks are backwards compatible. A stack can safely be upgraded to the most recent version within the major version line. If for some reason backwards compatibility is broken, it happens when a new major version is released.
Last modified: September 28, 2023