This documentation explains how to create a custom stack based off of the existing Paketo stacks. Check out the stacks concept page for more information about what a stack is and the Paketo offerings.
It’s recommended to use an existent Paketo stack offering, over creating a custom stack in order to leverage the full range of Paketo security patching and compliance standards.
In some cases, a custom stack image may be useful for users who may need an extra system library or user ID, for example. The Cloud Native Buildpacks project already has documentation for creating a stack from scratch, but for some Paketo users it may be simpler and less error-prone to build upon the stack we already provide. It’s recommended to read the CNB documentation regardless, because there are a lot of details and explanations there that still apply.
This guide assumes you know the basics of stacks from the stacks concept page.
Dockerfileand define the
baseimage as one of the Paketo stacks. For example:
FROM paketobuildpacks:full-cnb as base
There are two different options for each of the three (tiny, base, full) stacks you can use.
-cnbsuffix, which can be used as a base image without any CNB metadata added at all. Ex.
-cnbsuffix at the end. This will be the stack that contains buildpack specific metadata already added, and is based off of the non-CNB stack image. Ex.
Check out the
tiny directories in
repo to view the Dockerfiles we have defined for both the base image and CNB images.
Add your desired custom stack change to the Dockerfile such as labels,
environment variables, and/or packages. There are examples in the CNB
Note that the changes need to abide by the CNB spec. For example, setting
CNB_USER_ID to root isn’t allowed.
Build the stack image with
docker build . -t <stack-name>-<run or build>:<tag> --target <target> for both the build and run images.
Push the stack images to a registry with
You will need the following tools installed on your machine:
Create a Dockerfile for the build and run stack images, as in steps 1 and 2 above.
stack.toml, which should resemble the following:
id = "io.paketo.stacks.tiny" platforms = ["linux/amd64"] [build] dockerfile = "<path/to/build/Dockerfile>" gid = 1000 shell = "/bin/bash" uid = 1000 [build.args] sources = """ deb http://archive.ubuntu.com/ubuntu bionic main universe multiverse deb http://archive.ubuntu.com/ubuntu bionic-updates main universe multiverse deb http://archive.ubuntu.com/ubuntu bionic-security main universe multiverse """ # List of packages which should be included in the stack build image packages = """\ <some-package> \ <another-package> \ """ [run] dockerfile = "<path/to/run/Dockerfile>" gid = 1000 shell = "/sbin/nologin" uid = 1000 [run.args] sources = """ deb http://archive.ubuntu.com/ubuntu bionic main universe multiverse deb http://archive.ubuntu.com/ubuntu bionic-updates main universe multiverse deb http://archive.ubuntu.com/ubuntu bionic-security main universe multiverse """ # List of packages which should be included in the stack run image packages = """\ <some-package> \ <another-package> \ """ [deprecated] legacy-sbom = true mixins = true
jam create-stack --config stack.toml --build-output <name>.oci --run-output <name>.oci
skopeo to copy the OCI archives
to the desired registry:
To copy the archives to a remote registry:
skopeo copy oci-archive:///<path/to/oci/archive/> docker://<registry-image-location>:<tag>
To copy the archives to your local Docker daemon:
skopeo copy oci-archive:///<path/to/oci/archive> docker-daemon:<stack-image-name>:<tag>
Check out the builder documentation for details on builders.
builder.tomlfile. For example, if you have built a custom stack based off of the Paketo Full stack, you will want to add it to the Full builder builder.toml file. Modify the bottom
[stack]section to point to the registry location of the build and run images you have pushed to a registry. The
idshould match the stack ID if you specified one in the Dockerfile, or in the base image you used. It will be
io.buildpacks.stacks.bionicif your base image was one of the CNB stack images. This ID implies compatibility with the official
pack builder create <builder-name> —config <path to builder.toml>
builder.tomlby checking the buildpack
stackssection. For example, the node-engine buildpack only supports stacks with ID
io.buildpacks.stacks.bionic. If you build upon one of the Paketo
-cnbstacks, your custom stack will be compatible already, since part of the CNB metadata added is the ID.
Last modified: September 28, 2023