apko

Required: Name of the certificate entry

Required: PEM-encoded certificate content to install in the image. Must contain exactly one certificate. The certificate will be:

1. Appended to the default certificate bundles (e.g., /etc/ssl/certs/ca-certificates.crt)
2. Installed as an individual file in the ca-certificates.

Required: Path to the base image OCI layout. Right now only local files are supported.

Required: Path to file representing installed packages in the base image in APKINDEX format. (Assumes regular Alpine repository layout, that is: set /foo/bar if the index is /foo/bor/{aarch64|x86_64}/APKINDEX

Required: The name of the group

Required: The group ID

Required: The list of members of the group

Required: The user to run the container as. This can be a username or UID.

Required: List of users to populate the image with

Required: List of groups to populate the image with

Additional certificates to install in the image

Providers is a list of virtual package names that identify packages containing CA certificate files to be assembled into the system CA bundle.

Optional: The command of the container image

These are the additional arguments to pass to the entrypoint.

Optional: The stop signal used to suspend the execution of the containers process

Optional: The working directory of the container

Optional: List of CPU architectures to build the container image for

The list of supported architectures is: 386, amd64, arm64, arm/v6, arm/v7, ppc64le, riscv64, s390x, loong64

Optional: Environment variables to set in the container image

Optional: List of paths mutations

Optional: The link to version control system for this container's source code

Optional: Annotations to apply to the images manifests

Optional: Path to a local file containing additional image configuration

The included configuration is deep merged with the parent configuration

Deprecated: This will be removed in a future release.

Optional: A list of volumes to configure

This is not the same as Paths, but refers to the OCI spec "volumes" field used by some container runtimes (docker) to create volumes at runtime. For most use cases, this is not needed, but consider using this when the image requires special volume configuration at runtime for supported container runtimes.

A list of apk repositories to use for pulling packages at build time, which are not installed into /etc/apk/repositories in the image (to install packages at runtime)

A list of apk repositories that are installed into /etc/apk/repositories in the image but not used at build time

A list of apk repositories to use for pulling packages during both the initial construction of the image, and also at runtime by seeding them into /etc/apk/repositories in the resulting image.

A list of public keys used to verify the desired repositories

A list of packages to include in the image

Optional: The type of entrypoint. Only "service-bundle" is supported.

Required: The command of the entrypoint

Optional: The shell fragment of the entrypoint command

The target path to mutate

The type of mutation to perform

This can be one of: directory, empty-file, hardlink, symlink, permissions

The mutation's desired user ID

The mutation's desired group ID

The permission bits for the path

The source path to mutate

Toggle whether to mutate recursively

Required: The name of the user

Required: The user ID

Required: The user's group ID

Optional: The user's shell

Optional: The user's home directory