Building the image by using Hyper Protect Secure Build
After you create the Hyper Protect Secure Build server instance, complete the following steps to build you image securely:
-
Run the following command to check the status of your Secure Build Server instance:
./build.py status --env <path>/sbs-config.jsonThe response is as the following example:
INFO:__main__:status: response={ "status": "" }The following snippet shows the example output for the case where the command does not complete successfully. This message typically indicates that
/etc/hostsis not set correctly:INFO:__main__:build: status NewConnectionError e=HTTPSConnectionPool(host='test.ibm.com', port=443): Max retries exceeded with url: /image (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f3f00dc0780>: Failed to establish a new connection: [Errno 111] Connection refused',)) -
Use the following command to initialize the configuration for your Secure Build server instance:
./build.py init --env <path>/sbs-config.json -
To build the application image, run the following command:
./build.py build --env <path>/sbs-config.json -
Use the following command to display the status of your build:
./build.py status --env <path>/sbs-config.jsonAs the build progresses, the status response shows the last completed step. Here is a typical sequence of responses for a successful build.
{ ... "status": "cleaned up" } { ... "status": "github cloned" } { ... "status": "image built" } { ... "status": "image pushed" } { ... "status": "success" }When an error occurs, the status response shows the command that caused the error. Typically, you need to examine the build log to fix the issue.
{ ... "status": "exiting due to a non-zero return value: 1, cmd: docker build --disable-content-trust=false -t docker.io/ <user_name>/nginxapp:latest -f Dockerfile ." } -
To display the build log, run the following command:
./build.py log --log build --env <path>/sbs-config.json