Thanks so much to the Paketo community for all your hard work over the last year! The project made significant progress on the themes identified in our 2021 Roadmap. We won’t be able to cover everything in this blog post, but here are some highlights.

Solidifying Existing Buildpacks

While the work of standardizing our buildpacks continues, we are proud of the progres we have made, including:

• Moving to environment variables as the primary mode of configuration for all buildpacks
• Standardized handling of language-ecosystem environment variables such as JAVA_TOOL_OPTIONS and NODE_ENV
• Standardized versioning of buildpacks, stacks, and builders
• Standardized configuration options, including log levels and dependency mappings
• Inclusion of utility buildpacks in all language families, allowing users to:
  • Configure additional CA Certificates
  • Apply custom image labels
  • Set runtime environment variables
  • Contribute additional process types

We also restructured the Python buildpack, improving modularity and composability. A similar restructure of the PHP buildpack is nearing completion.

Expanding the Buildpack Ecosystem

We have expanded our buildpack offering to support additional types of applications:

• Production-grade support for Python applications
• Introductory support for Rust applications
• Introductory support for Javascript frontend applications
• Support for additional Java application servers including Apache Tomee, Open Liberty, and Websphere Liberty
• Support for additional JVM implementations including Microsoft OpenJDK, Alibaba Dragonwell, and Oracle
• Support for building Clojure applications with Clojure Tools
• Datadog support for Java applications

A big thank you to our community of users who have provided feedback about your use cases and an especially big thank you to those of you who have helped expand our feature-set with contributions. Keep that feedback coming!

Non-production Use Cases

In order to better support development use cases, we introduced an interface for enabling reloadable process types, which can be used in combination with a dev orchestration tool like Tilt or Skaffold to rapidly iterate in a production-like environment.

We defined a common interface for enabling remote debugging. This interface is supported by the Java buildpack. Expect to see it rolled out more broadly in 2022.

Software Bill-of-Materials (SBOM)

Curious about what’s in your image? Although this wasn’t originally a 2021 roadmap theme, we are happy to share the progress we have made generating SBOMs in a standardized format.

Since the Cloud Native Buildpacks project added support for structured SBOMs, we have rolled out Syft JSON-formatted SBOMs in the Java, Nodejs, and Go buildpacks, and more are on the way. This data can be used to improve the accuracy of security scans and to automate other compliance tasks.

Congratulations on a fantastic 2021!

As great a year as we had in 2021, we’re not stopping there. We’ve got big plans for 2022, which are already underway. Checkout our next blog post on the 2022 Roadmap for details.

Join us!

• Website
• Slack
• Join our Working Group Meetings!
• Github
• Twitter