SHIP-0042: Extending Build Volumes

[avinal]

Changes

Propose extending build volumes for Build and BuildRuns
Refer #258

Submitter Checklist

• Includes tests if functionality changed/was added
• Includes docs if changes are user-facing
• Set a kind label on this PR
• Release notes block has been filled in, or marked NONE

See the contributor guide
for details on coding conventions, github and prow interactions, and the code review process.

For pull requests that don't need to be mentioned at release time, use the /release-note-none Prow command to add the release-note-none label to the PR. You can also write the string "NONE" as a release note in your PR description:

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign saschaschwarze0 for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[adambkaplan]

@avinal can you please re-number the SHIP to 0042? We have #263 as "reserved" for SHIP-0040

[SaschaSchwarze0]

I am concerned a little bit on exposing volumes generically to Build users. A Build user should not know the file system structure of any of the step's container images. Shipwright usually is opinionated/specific on capabilities. Trusted certificates would imo be a good fit for that and would therefore be an API extension. Interesting questions would then be:

• How would the API extension look like = do we make generic additional certs somewhere under .spec or specific places under .spec.source and .spec.output ? I tend to use the generic place because then those could also be made available to the strategy steps and not just our system steps.
• For our own steps, we will be able to mount them and consume them.
• We should think about how this works for strategy steps. Can we mount it just somewhere and all distros will magically pick it up? Or do we need to add some new system parameters that point to the directory with the custom certs in there (like we have other system parameters: https://shipwright.io/docs/build/buildstrategies/#system-parameters).