From 320f719d57fa2945f920f4b1ac77221be6f4701d Mon Sep 17 00:00:00 2001 From: David Karlsson <35727626+dvdksn@users.noreply.github.com> Date: Fri, 17 Nov 2023 09:55:57 +0100 Subject: [PATCH 1/3] vendor: github.com/docker/buildx v0.12.0 Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com> --- .../docker/buildx/docs/bake-reference.md | 137 +++++++++++++- _vendor/modules.txt | 2 +- data/buildx/docker_buildx.yaml | 4 +- data/buildx/docker_buildx_bake.yaml | 12 +- data/buildx/docker_buildx_build.yaml | 145 +++++++-------- data/buildx/docker_buildx_create.yaml | 88 ++++----- data/buildx/docker_buildx_imagetools.yaml | 5 +- .../docker_buildx_imagetools_create.yaml | 10 + .../docker_buildx_imagetools_inspect.yaml | 171 +++++++++--------- data/buildx/docker_buildx_inspect.yaml | 6 +- data/buildx/docker_buildx_rm.yaml | 9 +- data/buildx/docker_buildx_stop.yaml | 2 +- data/buildx/docker_buildx_version.yaml | 2 +- go.mod | 2 +- go.sum | 2 + 15 files changed, 352 insertions(+), 245 deletions(-) diff --git a/_vendor/github.com/docker/buildx/docs/bake-reference.md b/_vendor/github.com/docker/buildx/docs/bake-reference.md index d767504efd..2c113f8a2c 100644 --- a/_vendor/github.com/docker/buildx/docs/bake-reference.md +++ b/_vendor/github.com/docker/buildx/docs/bake-reference.md @@ -12,18 +12,118 @@ You can define your Bake file in the following file formats: By default, Bake uses the following lookup order to find the configuration file: -1. `docker-bake.override.hcl` -2. `docker-bake.hcl` -3. `docker-bake.override.json` -4. `docker-bake.json` -5. `docker-compose.yaml` -6. `docker-compose.yml` +1. `compose.yaml` +2. `compose.yml` +3. `docker-compose.yml` +4. `docker-compose.yaml` +5. `docker-bake.json` +6. `docker-bake.override.json` +7. `docker-bake.hcl` +8. `docker-bake.override.hcl` -Bake searches for the file in the current working directory. You can specify the file location explicitly using the `--file` flag: ```console -$ docker buildx bake --file=../docker/bake.hcl --print +$ docker buildx bake --file ../docker/bake.hcl --print +``` + +If you don't specify a file explicitly, Bake searches for the file in the +current working directory. If more than one Bake file is found, all files are +merged into a single definition. Files are merged according to the lookup +order. That means that if your project contains both a `compose.yaml` file and +a `docker-bake.hcl` file, Bake loads the `compose.yaml` file first, and then +the `docker-bake.hcl` file. + +If merged files contain duplicate attribute definitions, those definitions are +either merged or overridden by the last occurrence, depending on the attribute. +The following attributes are overridden by the last occurrence: + +- `target.cache-to` +- `target.dockerfile-inline` +- `target.dockerfile` +- `target.outputs` +- `target.platforms` +- `target.pull` +- `target.tags` +- `target.target` + +For example, if `compose.yaml` and `docker-bake.hcl` both define the `tags` +attribute, the `docker-bake.hcl` is used. + +```console +$ cat compose.yaml +services: + webapp: + build: + context: . + tags: + - bar +$ cat docker-bake.hcl +target "webapp" { + tags = ["foo"] +} +$ docker buildx bake --print webapp +{ + "group": { + "default": { + "targets": [ + "webapp" + ] + } + }, + "target": { + "webapp": { + "context": ".", + "dockerfile": "Dockerfile", + "tags": [ + "foo" + ] + } + } +} +``` + +All other attributes are merged. For example, if `compose.yaml` and +`docker-bake.hcl` both define unique entries for the `labels` attribute, all +entries are included. Duplicate entries for the same label are overridden. + +```console +$ cat compose.yaml +services: + webapp: + build: + context: . + labels: + com.example.foo: "foo" + com.example.name: "Alice" +$ cat docker-bake.hcl +target "webapp" { + labels = { + "com.example.bar" = "bar" + "com.example.name" = "Bob" + } +} +$ docker buildx bake --print webapp +{ + "group": { + "default": { + "targets": [ + "webapp" + ] + } + }, + "target": { + "webapp": { + "context": ".", + "dockerfile": "Dockerfile", + "labels": { + "com.example.foo": "foo", + "com.example.bar": "bar", + "com.example.name": "Bob" + } + } + } +} ``` ## Syntax @@ -115,6 +215,7 @@ The following table shows the complete list of attributes that you can assign to | Name | Type | Description | | ----------------------------------------------- | ------- | -------------------------------------------------------------------- | | [`args`](#targetargs) | Map | Build arguments | +| [`annotations`](#targetannotations) | List | Exporter annotations | | [`attest`](#targetattest) | List | Build attestations | | [`cache-from`](#targetcache-from) | List | External cache sources | | [`cache-to`](#targetcache-to) | List | External cache destinations | @@ -171,6 +272,26 @@ target "db" { } ``` +### `target.annotations` + +The `annotations` attribute is a shortcut to allow you to easily set a list of +annotations on the target. + +```hcl +target "default" { + output = ["type=image,name=foo"] + annotations = ["key=value"] +} +``` + +is the same as + +```hcl +target "default" { + output = ["type=image,name=foo,annotation.key=value"] +} +``` + ### `target.attest` The `attest` attribute lets you apply [build attestations][attestations] to the target. diff --git a/_vendor/modules.txt b/_vendor/modules.txt index b68e75e055..f36e58198d 100644 --- a/_vendor/modules.txt +++ b/_vendor/modules.txt @@ -1,6 +1,6 @@ # github.com/moby/moby v24.0.5+incompatible # github.com/moby/buildkit v0.13.0-beta1.0.20231113205014-1efcd30d9dd6 -# github.com/docker/buildx v0.11.2 +# github.com/docker/buildx v0.12.0 # github.com/docker/scout-cli v1.0.9 # github.com/docker/cli v24.0.8-0.20231106123152-48ec4f339e2b+incompatible # github.com/docker/compose-cli v1.0.35 diff --git a/data/buildx/docker_buildx.yaml b/data/buildx/docker_buildx.yaml index de0682f081..96a48e5cd6 100644 --- a/data/buildx/docker_buildx.yaml +++ b/data/buildx/docker_buildx.yaml @@ -7,7 +7,7 @@ cname: - docker buildx bake - docker buildx build - docker buildx create - - docker buildx debug-shell + - docker buildx debug - docker buildx du - docker buildx imagetools - docker buildx inspect @@ -21,7 +21,7 @@ clink: - docker_buildx_bake.yaml - docker_buildx_build.yaml - docker_buildx_create.yaml - - docker_buildx_debug-shell.yaml + - docker_buildx_debug.yaml - docker_buildx_du.yaml - docker_buildx_imagetools.yaml - docker_buildx_inspect.yaml diff --git a/data/buildx/docker_buildx_bake.yaml b/data/buildx/docker_buildx_bake.yaml index b907dc78fd..7e72a4c3d2 100644 --- a/data/buildx/docker_buildx_bake.yaml +++ b/data/buildx/docker_buildx_bake.yaml @@ -2,7 +2,7 @@ command: docker buildx bake aliases: docker buildx bake, docker buildx f short: Build from a file long: |- - Bake is a high-level build command. Each specified target will run in parallel + Bake is a high-level build command. Each specified target runs in parallel as part of the build. Read [High-level build options with Bake](/build/bake/) @@ -153,8 +153,8 @@ examples: |- ### Specify a build definition file (-f, --file) {#file} Use the `-f` / `--file` option to specify the build definition file to use. - The file can be an HCL, JSON or Compose file. If multiple files are specified - they are all read and configurations are combined. + The file can be an HCL, JSON or Compose file. If multiple files are specified, + all are read and the build configurations are combined. You can pass the names of the targets to build, to build only specific target(s). The following example builds the `db` and `webapp-release` targets that are @@ -189,9 +189,9 @@ examples: |- See the [Bake file reference](/build/bake/reference/) for more details. - ### Do not use cache when building the image (--no-cache) {#no-cache} + ### Don't use cache when building the image (--no-cache) {#no-cache} - Same as `build --no-cache`. Do not use cache when building the image. + Same as `build --no-cache`. Don't use cache when building the image. ### Print the options without building (--print) {#print} @@ -253,7 +253,7 @@ examples: |- $ docker buildx bake --set foo*.no-cache # bypass caching only for targets starting with 'foo' ``` - Complete list of overridable fields: + You can override the following fields: * `args` * `cache-from` diff --git a/data/buildx/docker_buildx_build.yaml b/data/buildx/docker_buildx_build.yaml index fb5ed3d30c..19918ff662 100644 --- a/data/buildx/docker_buildx_build.yaml +++ b/data/buildx/docker_buildx_build.yaml @@ -6,8 +6,8 @@ long: |- to the UI of `docker build` command and takes the same flags and arguments. For documentation on most of these flags, refer to the [`docker build` - documentation](/engine/reference/commandline/build/). In - here we'll document a subset of the new flags. + documentation](/engine/reference/commandline/build/). + This page describes a subset of the new flags. usage: docker buildx build [OPTIONS] PATH | URL | - pname: docker buildx plink: docker_buildx.yaml @@ -35,6 +35,16 @@ options: experimentalcli: false kubernetes: false swarm: false + - option: annotation + value_type: stringArray + default_value: '[]' + description: Add annotation to the image + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false - option: attest value_type: stringArray default_value: '[]' @@ -94,7 +104,7 @@ options: swarm: false - option: cgroup-parent value_type: string - description: Optional parent cgroup for the container + description: Set the parent cgroup for the `RUN` instructions during build details_url: /engine/reference/commandline/build/#cgroup-parent deprecated: false hidden: false @@ -201,15 +211,6 @@ options: experimentalcli: false kubernetes: false swarm: false - - option: invoke - value_type: string - description: Invoke a command after the build - deprecated: false - hidden: false - experimental: false - experimentalcli: true - kubernetes: false - swarm: false - option: isolation value_type: string description: Container isolation technology @@ -527,7 +528,7 @@ inherited_options: examples: |- ### Create attestations (--attest) {#attest} - ``` + ```text --attest=type=sbom,... --attest=type=provenance,... ``` @@ -554,7 +555,7 @@ examples: |- ### Allow extra privileged entitlement (--allow) {#allow} - ``` + ```text --allow=ENTITLEMENT ``` @@ -565,9 +566,7 @@ examples: |- [related Dockerfile extensions](/engine/reference/builder/#run---securitysandbox). For entitlements to be enabled, the `buildkitd` daemon also needs to allow them - with `--allow-insecure-entitlement` (see [`create --buildkitd-flags`](buildx_create.md#buildkitd-flags)) - - **Examples** + with `--allow-insecure-entitlement` (see [`create --buildkitd-flags`](buildx_create.md#buildkitd-flags)). ```console $ docker buildx create --use --name insecure-builder --buildkitd-flags '--allow-insecure-entitlement security.insecure' @@ -578,24 +577,21 @@ examples: |- Same as [`docker build` command](/engine/reference/commandline/build/#build-arg). - There are also useful built-in build args like: + There are also useful built-in build arguments, such as: - * `BUILDKIT_CONTEXT_KEEP_GIT_DIR=` trigger git context to keep the `.git` directory - * `BUILDKIT_INLINE_BUILDINFO_ATTRS=` inline build info attributes in image config or not - * `BUILDKIT_INLINE_CACHE=` inline cache metadata to image config or not - * `BUILDKIT_MULTI_PLATFORM=` opt into deterministic output regardless of multi-platform output or not + * `BUILDKIT_CONTEXT_KEEP_GIT_DIR=`: trigger git context to keep the `.git` directory + * `BUILDKIT_INLINE_CACHE=`: inline cache metadata to image config or not + * `BUILDKIT_MULTI_PLATFORM=`: opt into deterministic output regardless of multi-platform output or not ```console $ docker buildx build --build-arg BUILDKIT_MULTI_PLATFORM=1 . ``` - > **Note** - > - > More built-in build args can be found in [Dockerfile reference docs](/engine/reference/builder/#buildkit-built-in-build-args). + Learn more about the built-in build arguments in the [Dockerfile reference docs](/engine/reference/builder/#buildkit-built-in-build-args). ### Additional build contexts (--build-context) {#build-context} - ``` + ```text --build-context=name=VALUE ``` @@ -623,7 +619,7 @@ examples: |- COPY --from=project myfile / ``` - #### Source image from OCI layout directory {#source-oci-layout} + #### Use an OCI layout directory as build context {#source-oci-layout} Source an image from a local [OCI layout compliant directory](https://github.com/opencontainers/image-spec/blob/main/image-layout.md), either by tag, or by digest: @@ -651,7 +647,7 @@ examples: |- ### Use an external cache source for a build (--cache-from) {#cache-from} - ``` + ```text --cache-from=[NAME|type=TYPE[,KEY=VALUE]] ``` @@ -687,7 +683,7 @@ examples: |- ### Export build cache to an external cache destination (--cache-to) {#cache-to} - ``` + ```text --cache-to=[NAME|type=TYPE[,KEY=VALUE]] ``` @@ -704,9 +700,8 @@ examples: |- - [`s3` type](https://github.com/moby/buildkit#s3-cache-experimental) exports cache to a S3 bucket. - `docker` driver currently only supports exporting inline cache metadata to image - configuration. Alternatively, `--build-arg BUILDKIT_INLINE_CACHE=1` can be used - to trigger inline cache exporter. + The `docker` driver only supports cache exports using the `inline` and `local` + cache backends. Attribute key: @@ -740,28 +735,9 @@ examples: |- $ docker buildx build --load --metadata-file metadata.json . $ cat metadata.json ``` + ```json { - "containerimage.buildinfo": { - "frontend": "dockerfile.v0", - "attrs": { - "context": "https://github.com/crazy-max/buildkit-buildsources-test.git#master", - "filename": "Dockerfile", - "source": "docker/dockerfile:master" - }, - "sources": [ - { - "type": "docker-image", - "ref": "docker.io/docker/buildx-bin:0.6.1@sha256:a652ced4a4141977c7daaed0a074dcd9844a78d7d2615465b12f433ae6dd29f0", - "pin": "sha256:a652ced4a4141977c7daaed0a074dcd9844a78d7d2615465b12f433ae6dd29f0" - }, - { - "type": "docker-image", - "ref": "docker.io/library/alpine:3.13", - "pin": "sha256:026f721af4cf2843e07bba648e158fb35ecc876d822130633cc49f707f0fc88c" - } - ] - }, "containerimage.config.digest": "sha256:2937f66a9722f7f4a2df583de2f8cb97fc9196059a410e7f00072fc918930e66", "containerimage.descriptor": { "annotations": { @@ -778,14 +754,14 @@ examples: |- ### Set the export action for the build result (-o, --output) {#output} - ``` + ```text -o, --output=[PATH,-,type=TYPE[,KEY=VALUE] ``` Sets the export action for the build result. In `docker build` all builds finish by creating a container image and exporting it to `docker images`. `buildx` makes this step configurable allowing results to be exported directly to the client, - oci image tarballs, registry etc. + OCI image tarballs, registry etc. Buildx with `docker` driver currently only supports local, tarball exporter and image exporter. `docker-container` driver supports all the exporters. @@ -840,15 +816,15 @@ examples: |- specification](https://github.com/docker/docker/blob/v20.10.2/image/spec/v1.2.md) tarball on the client. Tarballs created by this exporter are also OCI compatible. - Currently, multi-platform images cannot be exported with the `docker` export type. - The most common usecase for multi-platform images is to directly push to a registry - (see [`registry`](#registry)). + The default image store in Docker Engine doesn't support loading multi-platform + images. You can enable the containerd image store, or push multi-platform images + is to directly push to a registry, see [`registry`](#registry). Attribute keys: - - `dest` - destination path where tarball will be written. If not specified the - tar will be loaded automatically to the current docker instance. - - `context` - name for the docker context where to import the result + - `dest` - destination path where tarball will be written. If not specified, + the tar will be loaded automatically to the local image store. + - `context` - name for the Docker context where to import the result #### `image` @@ -859,7 +835,7 @@ examples: |- Attribute keys: - `name` - name (references) for the new image. - - `push` - boolean to automatically push the image. + - `push` - Boolean to automatically push the image. #### `registry` @@ -867,7 +843,7 @@ examples: |- ### Set the target platforms for the build (--platform) {#platform} - ``` + ```text --platform=value[,value] ``` @@ -896,12 +872,12 @@ examples: |- instance supports by running `docker buildx inspect --bootstrap`. Inside a `Dockerfile`, you can access the current platform value through - `TARGETPLATFORM` build argument. Please refer to the [`docker build` + `TARGETPLATFORM` build argument. Refer to the [`docker build` documentation](/engine/reference/builder/#automatic-platform-args-in-the-global-scope) for the full description of automatic platform argument variants . - The formatting for the platform specifier is defined in the [containerd source - code](https://github.com/containerd/containerd/blob/v1.4.3/platforms/platforms.go#L63). + You can find the formatting definition for the platform specifier in the + [containerd source code](https://github.com/containerd/containerd/blob/v1.4.3/platforms/platforms.go#L63). ```console $ docker buildx build --platform=linux/arm64 . @@ -911,11 +887,11 @@ examples: |- ### Set type of progress output (--progress) {#progress} - ``` + ```text --progress=VALUE ``` - Set type of progress output (auto, plain, tty). Use plain to show container + Set type of progress output (`auto`, `plain`, `tty`). Use plain to show container output (default "auto"). > **Note** @@ -949,15 +925,18 @@ examples: |- `--provenance=mode=max` can be used as an abbreviation for `--attest=type=provenance,mode=max`. - Additionally, `--provenance` can be used with boolean values to broadly enable - or disable provenance attestations. For example, `--provenance=false` can be - used to disable all provenance attestations, while `--provenance=true` can be - used to enable all provenance attestations. + Additionally, `--provenance` can be used with Boolean values to enable or disable + provenance attestations. For example, `--provenance=false` disables all provenance attestations, + while `--provenance=true` enables all provenance attestations. By default, a minimal provenance attestation will be created for the build - result, which will only be attached for images pushed to registries. + result. Note that the default image store in Docker Engine doesn't support + attestations. Provenance attestations only persist for images pushed directly + to a registry if you use the default image store. Alternatively, you can switch + to using the containerd image store. - For more information, see [here](/build/attestations/slsa-provenance/). + For more information about provenance attestations, see + [here](/build/attestations/slsa-provenance/). ### Push the build result to a registry (--push) {#push} @@ -971,15 +950,19 @@ examples: |- `--sbom=generator=/` can be used as an abbreviation for `--attest=type=sbom,generator=/`. - Additionally, `--sbom` can be used with boolean values to broadly enable or - disable SBOM attestations. For example, `--sbom=false` can be used to disable - all SBOM attestations. + Additionally, `--sbom` can be used with Boolean values to enable or disable + SBOM attestations. For example, `--sbom=false` disables all SBOM attestations. + + Note that the default image store in Docker Engine doesn't support + attestations. Provenance attestations only persist for images pushed directly + to a registry if you use the default image store. Alternatively, you can switch + to using the containerd image store. For more information, see [here](/build/attestations/sbom/). ### Secret to expose to the build (--secret) {#secret} - ``` + ```text --secret=[type=TYPE[,KEY=VALUE] ``` @@ -992,7 +975,7 @@ examples: |- Attribute keys: - - `id` - ID of the secret. Defaults to basename of the `src` path. + - `id` - ID of the secret. Defaults to base name of the `src` path. - `src`, `source` - Secret filename. `id` used if unset. ```dockerfile @@ -1034,7 +1017,7 @@ examples: |- ### SSH agent socket or keys to expose to the build (--ssh) {#ssh} - ``` + ```text --ssh=default|[=|[,]] ``` @@ -1074,8 +1057,8 @@ examples: |- > **Note** > - > If you do not provide a `hard limit`, the `soft limit` is used - > for both values. If no `ulimits` are set, they are inherited from + > If you don't provide a `hard limit`, the `soft limit` is used + > for both values. If no `ulimits` are set, they're inherited from > the default `ulimits` set on the daemon. deprecated: false hidden: false diff --git a/data/buildx/docker_buildx_create.yaml b/data/buildx/docker_buildx_create.yaml index 7ad0cbaf45..36594a4a43 100644 --- a/data/buildx/docker_buildx_create.yaml +++ b/data/buildx/docker_buildx_create.yaml @@ -1,9 +1,9 @@ command: docker buildx create short: Create a new builder instance long: |- - Create makes a new builder instance pointing to a docker context or endpoint, + Create makes a new builder instance pointing to a Docker context or endpoint, where context is the name of a context from `docker context ls` and endpoint is - the address for docker socket (eg. `DOCKER_HOST` value). + the address for Docker socket (eg. `DOCKER_HOST` value). By default, the current Docker configuration is used for determining the context/endpoint value. @@ -155,7 +155,7 @@ examples: |- ### Specify options for the buildkitd daemon (--buildkitd-flags) {#buildkitd-flags} - ``` + ```text --buildkitd-flags FLAGS ``` @@ -163,13 +163,13 @@ examples: |- configuration file specified by [`--config`](#config). See `buildkitd --help` for the available flags. - ``` + ```text --buildkitd-flags '--debug --debugaddr 0.0.0.0:6666' ``` ### Specify a configuration file for the buildkitd daemon (--config) {#config} - ``` + ```text --config FILE ``` @@ -177,7 +177,8 @@ examples: |- can be overridden by [`--buildkitd-flags`](#buildkitd-flags). See an [example buildkitd configuration file](https://github.com/moby/buildkit/blob/master/docs/buildkitd.toml.md). - If the configuration file is not specified, will look for one by default in: + If you don't specify a configuration file, Buildx looks for one by default in: + * `$BUILDX_CONFIG/buildkitd.default.toml` * `$DOCKER_CONFIG/buildx/buildkitd.default.toml` * `~/.docker/buildx/buildkitd.default.toml` @@ -189,23 +190,30 @@ examples: |- ### Set the builder driver to use (--driver) {#driver} - ``` + ```text --driver DRIVER ``` - Sets the builder driver to be used. There are two available drivers, each have - their own specificities. + Sets the builder driver to be used. A driver is a configuration of a BuildKit + backend. Buildx supports the following drivers: + + * `docker` (default) + * `docker-container` + * `kubernetes` + * `remote` + + For more information about build drivers, see [here](/build/drivers/). #### `docker` driver - Uses the builder that is built into the docker daemon. With this driver, + Uses the builder that is built into the Docker daemon. With this driver, the [`--load`](buildx_build.md#load) flag is implied by default on `buildx build`. However, building multi-platform images or exporting cache is not currently supported. #### `docker-container` driver - Uses a BuildKit container that will be spawned via docker. With this driver, + Uses a BuildKit container that will be spawned via Docker. With this driver, both building multi-platform images and exporting cache are supported. Unlike `docker` driver, built images will not automatically appear in @@ -214,7 +222,7 @@ examples: |- #### `kubernetes` driver - Uses a kubernetes pods. With this driver, you can spin up pods with defined + Uses Kubernetes pods. With this driver, you can spin up pods with defined BuildKit container image to build your images. Unlike `docker` driver, built images will not automatically appear in @@ -233,48 +241,18 @@ examples: |- ### Set additional driver-specific options (--driver-opt) {#driver-opt} - ``` + ```text --driver-opt OPTIONS ``` Passes additional driver-specific options. + For information about available driver options, refer to the detailed + documentation for the specific driver: - Note: When using quoted values for example for the `nodeselector` or - `tolerations` options, ensure that quotes are escaped correctly for your shell. - - #### `docker` driver - - No driver options. - - #### `docker-container` driver - - - `image=IMAGE` - Sets the container image to be used for running buildkit. - - `network=NETMODE` - Sets the network mode for running the buildkit container. - - `cgroup-parent=CGROUP` - Sets the cgroup parent of the buildkit container if docker is using the "cgroupfs" driver. Defaults to `/docker/buildx`. - - #### `kubernetes` driver - - - `image=IMAGE` - Sets the container image to be used for running buildkit. - - `namespace=NS` - Sets the Kubernetes namespace. Defaults to the current namespace. - - `replicas=N` - Sets the number of `Pod` replicas. Defaults to 1. - - `requests.cpu` - Sets the request CPU value specified in units of Kubernetes CPU. Example `requests.cpu=100m`, `requests.cpu=2` - - `requests.memory` - Sets the request memory value specified in bytes or with a valid suffix. Example `requests.memory=500Mi`, `requests.memory=4G` - - `limits.cpu` - Sets the limit CPU value specified in units of Kubernetes CPU. Example `limits.cpu=100m`, `limits.cpu=2` - - `limits.memory` - Sets the limit memory value specified in bytes or with a valid suffix. Example `limits.memory=500Mi`, `limits.memory=4G` - - `serviceaccount` - Sets the created pod's service account. Example `serviceaccount=example-sa` - - `"nodeselector=label1=value1,label2=value2"` - Sets the kv of `Pod` nodeSelector. No Defaults. Example `nodeselector=kubernetes.io/arch=arm64` - - `"tolerations=key=foo,value=bar;key=foo2,operator=exists;key=foo3,effect=NoSchedule"` - Sets the `Pod` tolerations. Accepts the same values as the kube manifest tolera>tions. Key-value pairs are separated by `,`, tolerations are separated by `;`. No Defaults. Example `tolerations=operator=exists` - - `rootless=(true|false)` - Run the container as a non-root user without `securityContext.privileged`. Needs Kubernetes 1.19 or later. [Using Ubuntu host kernel is recommended](https://github.com/moby/buildkit/blob/master/docs/rootless.md). Defaults to false. - - `loadbalance=(sticky|random)` - Load-balancing strategy. If set to "sticky", the pod is chosen using the hash of the context path. Defaults to "sticky" - - `qemu.install=(true|false)` - Install QEMU emulation for multi platforms support. - - `qemu.image=IMAGE` - Sets the QEMU emulation image. Defaults to `tonistiigi/binfmt:latest` - - #### `remote` driver - - - `key=KEY` - Sets the TLS client key. - - `cert=CERT` - Sets the TLS client certificate to present to buildkitd. - - `cacert=CACERT` - Sets the TLS certificate authority used for validation. - - `servername=SERVER` - Sets the TLS server name to be used in requests (defaults to the endpoint hostname). + * [`docker` driver](/build/drivers/docker/) + * [`docker-container` driver](/build/drivers/docker-container/) + * [`kubernetes` driver](/build/drivers/kubernetes/) + * [`remote` driver](/build/drivers/remote/) ### Remove a node from a builder (--leave) {#leave} @@ -288,7 +266,7 @@ examples: |- ### Specify the name of the builder (--name) {#name} - ``` + ```text --name NAME ``` @@ -297,17 +275,17 @@ examples: |- ### Specify the name of the node (--node) {#node} - ``` + ```text --node NODE ``` The `--node` flag specifies the name of the node to be created or modified. If - none is specified, it is the name of the builder it belongs to, with an index - number suffix. + you don't specify a name, the node name defaults to the name of the builder it + belongs to, with an index number suffix. ### Set the platforms supported by the node (--platform) {#platform} - ``` + ```text --platform PLATFORMS ``` @@ -319,7 +297,7 @@ examples: |- ```console $ docker buildx create --platform linux/amd64 - $ docker buildx create --platform linux/arm64,linux/arm/v8 + $ docker buildx create --platform linux/arm64,linux/arm/v7 ``` ### Automatically switch to the newly created builder (--use) {#use} diff --git a/data/buildx/docker_buildx_imagetools.yaml b/data/buildx/docker_buildx_imagetools.yaml index ff6c511ca8..b3cad026cb 100644 --- a/data/buildx/docker_buildx_imagetools.yaml +++ b/data/buildx/docker_buildx_imagetools.yaml @@ -1,8 +1,9 @@ command: docker buildx imagetools short: Commands to work on images in registry long: |- - Imagetools contains commands for working with manifest lists in the registry. - These commands are useful for inspecting multi-platform build results. + The `imagetools` commands contains subcommands for working with manifest lists + in container registries. These commands are useful for inspecting manifests + to check multi-platform configuration and attestations. pname: docker buildx plink: docker_buildx.yaml cname: diff --git a/data/buildx/docker_buildx_imagetools_create.yaml b/data/buildx/docker_buildx_imagetools_create.yaml index dc00e866fa..4a5104282e 100644 --- a/data/buildx/docker_buildx_imagetools_create.yaml +++ b/data/buildx/docker_buildx_imagetools_create.yaml @@ -9,6 +9,16 @@ usage: docker buildx imagetools create [OPTIONS] [SOURCE] [SOURCE...] pname: docker buildx imagetools plink: docker_buildx_imagetools.yaml options: + - option: annotation + value_type: stringArray + default_value: '[]' + description: Add annotation to the image + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false - option: append value_type: bool default_value: "false" diff --git a/data/buildx/docker_buildx_imagetools_inspect.yaml b/data/buildx/docker_buildx_imagetools_inspect.yaml index c3df9052e4..9162ae62ba 100644 --- a/data/buildx/docker_buildx_imagetools_inspect.yaml +++ b/data/buildx/docker_buildx_imagetools_inspect.yaml @@ -139,23 +139,93 @@ examples: |- #### JSON output - A `json` go template func is also available if you want to render fields as - JSON bytes: + A `json` template function is also available if you want to render fields in + JSON format: ```console - $ docker buildx imagetools inspect crazymax/loop --format "{{json .Manifest}}" + $ docker buildx imagetools inspect crazymax/buildkit:attest --format "{{json .Manifest}}" ``` + ```json { - "mediaType": "application/vnd.docker.distribution.manifest.v2+json", - "digest": "sha256:a9ca35b798e0b198f9be7f3b8b53982e9a6cf96814cb10d78083f40ad8c127f1", - "size": 949 + "schemaVersion": 2, + "mediaType": "application/vnd.oci.image.index.v1+json", + "digest": "sha256:7007b387ccd52bd42a050f2e8020e56e64622c9269bf7bbe257b326fe99daf19", + "size": 855, + "manifests": [ + { + "mediaType": "application/vnd.oci.image.manifest.v1+json", + "digest": "sha256:fbd10fe50b4b174bb9ea273e2eb9827fa8bf5c88edd8635a93dc83e0d1aecb55", + "size": 673, + "platform": { + "architecture": "amd64", + "os": "linux" + } + }, + { + "mediaType": "application/vnd.oci.image.manifest.v1+json", + "digest": "sha256:a9de632c16998489fd63fbca42a03431df00639cfb2ecb8982bf9984b83c5b2b", + "size": 839, + "annotations": { + "vnd.docker.reference.digest": "sha256:fbd10fe50b4b174bb9ea273e2eb9827fa8bf5c88edd8635a93dc83e0d1aecb55", + "vnd.docker.reference.type": "attestation-manifest" + }, + "platform": { + "architecture": "unknown", + "os": "unknown" + } + } + ] + } + ``` + + ```console + $ docker buildx imagetools inspect crazymax/buildkit:attest --format "{{json .Image}}" + ``` + + ```json + { + "created": "2022-12-01T11:46:47.713777178Z", + "architecture": "amd64", + "os": "linux", + "config": { + "Env": [ + "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + ], + "Cmd": [ + "/bin/sh" + ] + }, + "rootfs": { + "type": "layers", + "diff_ids": [ + "sha256:ded7a220bb058e28ee3254fbba04ca90b679070424424761a53a043b93b612bf", + "sha256:d85d09ab4b4e921666ccc2db8532e857bf3476b7588e52c9c17741d7af14204f" + ] + }, + "history": [ + { + "created": "2022-11-22T22:19:28.870801855Z", + "created_by": "/bin/sh -c #(nop) ADD file:587cae71969871d3c6456d844a8795df9b64b12c710c275295a1182b46f630e7 in / " + }, + { + "created": "2022-11-22T22:19:29.008562326Z", + "created_by": "/bin/sh -c #(nop) CMD [\"/bin/sh\"]", + "empty_layer": true + }, + { + "created": "2022-12-01T11:46:47.713777178Z", + "created_by": "RUN /bin/sh -c apk add curl # buildkit", + "comment": "buildkit.dockerfile.v0" + } + ] } ``` ```console $ docker buildx imagetools inspect moby/buildkit:master --format "{{json .Manifest}}" ``` + ```json { "schemaVersion": 2, @@ -300,11 +370,13 @@ examples: |- } ``` - Following command provides [SLSA](https://github.com/moby/buildkit/blob/master/docs/attestations/slsa-provenance.md) JSON output: + The following command provides [SLSA](https://github.com/moby/buildkit/blob/master/docs/attestations/slsa-provenance.md) + JSON output: ```console $ docker buildx imagetools inspect crazymax/buildkit:attest --format "{{json .Provenance}}" ``` + ```json { "SLSA": { @@ -359,11 +431,13 @@ examples: |- } ``` - Following command provides [SBOM](https://github.com/moby/buildkit/blob/master/docs/attestations/sbom.md) JSON output: + The following command provides [SBOM](https://github.com/moby/buildkit/blob/master/docs/attestations/sbom.md) + JSON output: ```console $ docker buildx imagetools inspect crazymax/buildkit:attest --format "{{json .SBOM}}" ``` + ```json { "SPDX": { @@ -388,6 +462,7 @@ examples: |- ```console $ docker buildx imagetools inspect crazymax/buildkit:attest --format "{{json .}}" ``` + ```json { "name": "crazymax/buildkit:attest", @@ -456,75 +531,6 @@ examples: |- "comment": "buildkit.dockerfile.v0" } ] - }, - "Provenance": { - "SLSA": { - "builder": { - "id": "" - }, - "buildType": "https://mobyproject.org/buildkit@v1", - "materials": [ - { - "uri": "pkg:docker/docker/buildkit-syft-scanner@stable-1", - "digest": { - "sha256": "b45f1d207e16c3a3a5a10b254ad8ad358d01f7ea090d382b95c6b2ee2b3ef765" - } - }, - { - "uri": "pkg:docker/alpine@latest?platform=linux%2Famd64", - "digest": { - "sha256": "8914eb54f968791faf6a8638949e480fef81e697984fba772b3976835194c6d4" - } - } - ], - "invocation": { - "configSource": {}, - "parameters": { - "frontend": "dockerfile.v0", - "locals": [ - { - "name": "context" - }, - { - "name": "dockerfile" - } - ] - }, - "environment": { - "platform": "linux/amd64" - } - }, - "metadata": { - "buildInvocationID": "02tdha2xkbxvin87mz9drhag4", - "buildStartedOn": "2022-12-01T11:50:07.264704131Z", - "buildFinishedOn": "2022-12-01T11:50:08.243788739Z", - "reproducible": false, - "completeness": { - "parameters": true, - "environment": true, - "materials": false - }, - "https://mobyproject.org/buildkit@v1#metadata": {} - } - } - }, - "SBOM": { - "SPDX": { - "SPDXID": "SPDXRef-DOCUMENT", - "creationInfo": { - "created": "2022-12-01T11:46:48.063400162Z", - "creators": [ - "Tool: syft-v0.60.3", - "Tool: buildkit-1ace2bb", - "Organization: Anchore, Inc" - ], - "licenseListVersion": "3.18" - }, - "dataLicense": "CC0-1.0", - "documentNamespace": "https://anchore.com/syft/dir/run/src/core-0a4ccc6d-1a72-4c3a-a40e-3df1a2ffca94", - "files": [...], - "spdxVersion": "SPDX-2.2" - } } } ``` @@ -538,6 +544,7 @@ examples: |- ```console $ docker buildx imagetools inspect --format '{{json (index .Image "linux/s390x")}}' moby/buildkit:master ``` + ```json { "created": "2022-11-30T17:42:26.414957336Z", @@ -604,15 +611,14 @@ examples: |- } ``` - ### Show original, unformatted JSON manifest (--raw) {#raw} + ### Show original JSON manifest (--raw) {#raw} - Use the `--raw` option to print the unformatted JSON manifest bytes. - - > `jq` is used here to get a better rendering of the output result. + Use the `--raw` option to print the raw JSON manifest. ```console - $ docker buildx imagetools inspect --raw crazymax/loop | jq + $ docker buildx imagetools inspect --raw crazymax/loop ``` + ```json { "mediaType": "application/vnd.docker.distribution.manifest.v2+json", @@ -645,6 +651,7 @@ examples: |- ```console $ docker buildx imagetools inspect --raw moby/buildkit:master | jq ``` + ```json { "mediaType": "application/vnd.docker.distribution.manifest.list.v2+json", diff --git a/data/buildx/docker_buildx_inspect.yaml b/data/buildx/docker_buildx_inspect.yaml index 242ebe07ad..54af047043 100644 --- a/data/buildx/docker_buildx_inspect.yaml +++ b/data/buildx/docker_buildx_inspect.yaml @@ -32,7 +32,7 @@ examples: |- Use the `--bootstrap` option to ensure that the builder is running before inspecting it. If the driver is `docker-container`, then `--bootstrap` starts - the buildkit container and waits until it is operational. Bootstrapping is + the BuildKit container and waits until it's operational. Bootstrapping is automatically done during build, and therefore not necessary. The same BuildKit container is used during the lifetime of the associated builder node (as displayed in `buildx ls`). @@ -50,7 +50,9 @@ examples: |- > **Note** > - > Asterisk `*` next to node build platform(s) indicate they had been set manually during `buildx create`. Otherwise, it had been autodetected. + > The asterisk (`*`) next to node build platform(s) indicate they have been + > manually set during `buildx create`. Otherwise the platforms were + > automatically detected. ```console $ docker buildx inspect elated_tesla diff --git a/data/buildx/docker_buildx_rm.yaml b/data/buildx/docker_buildx_rm.yaml index a4d043606e..e47d287987 100644 --- a/data/buildx/docker_buildx_rm.yaml +++ b/data/buildx/docker_buildx_rm.yaml @@ -87,13 +87,16 @@ examples: |- ### Keep the buildkitd daemon running (--keep-daemon) {#keep-daemon} - Keep the buildkitd daemon running after the buildx context is removed. This is useful when you manage buildkitd daemons and buildx contexts independently. - Currently, only supported by the [`docker-container` and `kubernetes` drivers](buildx_create.md#driver). + Keep the BuildKit daemon running after the buildx context is removed. This is + useful when you manage buildkitd daemons and buildx contexts independently. + Only supported by the + [`docker-container`](/build/drivers/docker-container/) + and [`kubernetes`](/build/drivers/kubernetes/) drivers. ### Keep BuildKit state (--keep-state) {#keep-state} Keep BuildKit state, so it can be reused by a new builder with the same name. - Currently, only supported by the [`docker-container` driver](buildx_create.md#driver). + Currently, only supported by the [`docker-container` driver](/build/drivers/docker-container/). deprecated: false hidden: false experimental: false diff --git a/data/buildx/docker_buildx_stop.yaml b/data/buildx/docker_buildx_stop.yaml index 1d11d833ad..b7de4703f6 100644 --- a/data/buildx/docker_buildx_stop.yaml +++ b/data/buildx/docker_buildx_stop.yaml @@ -1,7 +1,7 @@ command: docker buildx stop short: Stop builder instance long: |- - Stops the specified or current builder. This will not prevent buildx build to + Stops the specified or current builder. This does not prevent buildx build to restart the builder. The implementation of stop depends on the driver. usage: docker buildx stop [NAME] pname: docker buildx diff --git a/data/buildx/docker_buildx_version.yaml b/data/buildx/docker_buildx_version.yaml index 688875fd6b..570c429c56 100644 --- a/data/buildx/docker_buildx_version.yaml +++ b/data/buildx/docker_buildx_version.yaml @@ -5,7 +5,7 @@ long: |- ```console $ docker buildx version - github.com/docker/buildx v0.5.1-docker 11057da37336192bfc57d81e02359ba7ba848e4a + github.com/docker/buildx v0.11.2 9872040b6626fb7d87ef7296fd5b832e8cc2ad17 ``` usage: docker buildx version pname: docker buildx diff --git a/go.mod b/go.mod index 224b1cf00d..653526ddd6 100644 --- a/go.mod +++ b/go.mod @@ -6,7 +6,7 @@ toolchain go1.21.1 require ( github.com/compose-spec/compose-spec v0.0.0-20230927132538-f223c5150d5d // indirect - github.com/docker/buildx v0.11.2 // indirect + github.com/docker/buildx v0.12.0 // indirect github.com/docker/cli v24.0.8-0.20231106123152-48ec4f339e2b+incompatible // indirect github.com/docker/compose-cli v1.0.35 // indirect github.com/docker/compose/v2 v2.23.1 // indirect diff --git a/go.sum b/go.sum index 2e16b8815e..fcd70556ba 100644 --- a/go.sum +++ b/go.sum @@ -48,6 +48,8 @@ github.com/docker/buildx v0.11.1 h1:xfmrAkOJrN+NLRcwhZn1iBgJVAK1dEBEv8lWu1Wxg14= github.com/docker/buildx v0.11.1/go.mod h1:qAxs3bsJEfVo7DOc9riES/f9Z187CeGM5nLPmadk8AA= github.com/docker/buildx v0.11.2 h1:R3p9F0gnI4FwvQ0p40UwdX1T4ugap4UWxY3TFHoP4Ws= github.com/docker/buildx v0.11.2/go.mod h1:CWAABt10iIuGpleypA3103mplDfcGu0A2AvT03xfpTc= +github.com/docker/buildx v0.12.0 h1:pI4jr4SeH9oHa0SmMvH/lz+Rdqkg+dRa9H/1VXbYgws= +github.com/docker/buildx v0.12.0/go.mod h1:SBLnQH9q+77aVvpvS5LLIly9+nHVlwscl5GEegGMD5g= github.com/docker/cli v24.0.2+incompatible h1:QdqR7znue1mtkXIJ+ruQMGQhpw2JzMJLRXp6zpzF6tM= github.com/docker/cli v24.0.2+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/cli v24.0.4+incompatible h1:Y3bYF9ekNTm2VFz5U/0BlMdJy73D+Y1iAAZ8l63Ydzw= From 6ae0fd34c2670529ed65bee95185c5c2cbaf4a39 Mon Sep 17 00:00:00 2001 From: David Karlsson <35727626+dvdksn@users.noreply.github.com> Date: Fri, 17 Nov 2023 10:04:47 +0100 Subject: [PATCH 2/3] build: add buildx debug Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com> --- ...{buildx_debug-shell.md => buildx_debug.md} | 6 +- .../commandline/buildx_debug_build.md | 14 + ...ug-shell.yaml => docker_buildx_debug.yaml} | 39 +- data/buildx/docker_buildx_debug_build.yaml | 509 ++++++++++++++++++ data/toc.yaml | 6 +- 5 files changed, 561 insertions(+), 13 deletions(-) rename content/engine/reference/commandline/{buildx_debug-shell.md => buildx_debug.md} (79%) create mode 100644 content/engine/reference/commandline/buildx_debug_build.md rename data/buildx/{docker_buildx_debug-shell.yaml => docker_buildx_debug.yaml} (54%) create mode 100644 data/buildx/docker_buildx_debug_build.yaml diff --git a/content/engine/reference/commandline/buildx_debug-shell.md b/content/engine/reference/commandline/buildx_debug.md similarity index 79% rename from content/engine/reference/commandline/buildx_debug-shell.md rename to content/engine/reference/commandline/buildx_debug.md index d66d067009..bdd00b2a02 100644 --- a/content/engine/reference/commandline/buildx_debug-shell.md +++ b/content/engine/reference/commandline/buildx_debug.md @@ -1,7 +1,7 @@ --- datafolder: buildx -datafile: docker_buildx_debug-shell -title: docker buildx debug-shell +datafile: docker_buildx_debug +title: docker buildx debug layout: cli --- @@ -11,4 +11,4 @@ suggest a change to the text that appears here, open a ticket or pull request in the source repository on GitHub: https://github.com/docker/buildx ---> \ No newline at end of file +--> diff --git a/content/engine/reference/commandline/buildx_debug_build.md b/content/engine/reference/commandline/buildx_debug_build.md new file mode 100644 index 0000000000..2925d7d179 --- /dev/null +++ b/content/engine/reference/commandline/buildx_debug_build.md @@ -0,0 +1,14 @@ +--- +datafolder: buildx +datafile: docker_buildx_debug_build +title: docker buildx debug_build +layout: cli +--- + + diff --git a/data/buildx/docker_buildx_debug-shell.yaml b/data/buildx/docker_buildx_debug.yaml similarity index 54% rename from data/buildx/docker_buildx_debug-shell.yaml rename to data/buildx/docker_buildx_debug.yaml index 218609a941..2f4787b1fd 100644 --- a/data/buildx/docker_buildx_debug-shell.yaml +++ b/data/buildx/docker_buildx_debug.yaml @@ -1,14 +1,37 @@ -command: docker buildx debug-shell -short: Start a monitor -long: Start a monitor -usage: docker buildx debug-shell +command: docker buildx debug +short: Start debugger +long: Start debugger +usage: docker buildx debug pname: docker buildx plink: docker_buildx.yaml +cname: + - docker buildx debug build +clink: + - docker_buildx_debug_build.yaml options: - option: detach value_type: bool default_value: "true" - description: Detach buildx server (supported only on linux) + description: Detach buildx server for the monitor (supported only on linux) + deprecated: false + hidden: false + experimental: false + experimentalcli: true + kubernetes: false + swarm: false + - option: invoke + value_type: string + description: Launch a monitor with executing specified command + deprecated: false + hidden: false + experimental: false + experimentalcli: true + kubernetes: false + swarm: false + - option: "on" + value_type: string + default_value: error + description: When to launch the monitor ([always, error]) deprecated: false hidden: false experimental: false @@ -19,7 +42,7 @@ options: value_type: string default_value: auto description: | - Set type of progress output (`auto`, `plain`, `tty`). Use plain to show container output + Set type of progress output (`auto`, `plain`, `tty`) for the monitor. Use plain to show container output deprecated: false hidden: false experimental: false @@ -28,7 +51,7 @@ options: swarm: false - option: root value_type: string - description: Specify root directory of server to connect + description: Specify root directory of server to connect for the monitor deprecated: false hidden: false experimental: false @@ -38,7 +61,7 @@ options: - option: server-config value_type: string description: | - Specify buildx server config file (used only when launching new server) + Specify buildx server config file for the monitor (used only when launching new server) deprecated: false hidden: false experimental: false diff --git a/data/buildx/docker_buildx_debug_build.yaml b/data/buildx/docker_buildx_debug_build.yaml new file mode 100644 index 0000000000..0ef8996fa3 --- /dev/null +++ b/data/buildx/docker_buildx_debug_build.yaml @@ -0,0 +1,509 @@ +command: docker buildx debug build +aliases: docker buildx debug build, docker buildx debug b +short: Start a build +long: Start a build +usage: docker buildx debug build [OPTIONS] PATH | URL | - +pname: docker buildx debug +plink: docker_buildx_debug.yaml +options: + - option: add-host + value_type: stringSlice + default_value: '[]' + description: 'Add a custom host-to-IP mapping (format: `host:ip`)' + details_url: /engine/reference/commandline/build/#add-host + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: allow + value_type: stringSlice + default_value: '[]' + description: | + Allow extra privileged entitlement (e.g., `network.host`, `security.insecure`) + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: annotation + value_type: stringArray + default_value: '[]' + description: Add annotation to the image + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: attest + value_type: stringArray + default_value: '[]' + description: 'Attestation parameters (format: `type=sbom,generator=image`)' + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: build-arg + value_type: stringArray + default_value: '[]' + description: Set build-time variables + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: build-context + value_type: stringArray + default_value: '[]' + description: Additional build contexts (e.g., name=path) + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: cache-from + value_type: stringArray + default_value: '[]' + description: | + External cache sources (e.g., `user/app:cache`, `type=local,src=path/to/dir`) + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: cache-to + value_type: stringArray + default_value: '[]' + description: | + Cache export destinations (e.g., `user/app:cache`, `type=local,dest=path/to/dir`) + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: cgroup-parent + value_type: string + description: Set the parent cgroup for the `RUN` instructions during build + details_url: /engine/reference/commandline/build/#cgroup-parent + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: compress + value_type: bool + default_value: "false" + description: Compress the build context using gzip + deprecated: false + hidden: true + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: cpu-period + value_type: int64 + default_value: "0" + description: Limit the CPU CFS (Completely Fair Scheduler) period + deprecated: false + hidden: true + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: cpu-quota + value_type: int64 + default_value: "0" + description: Limit the CPU CFS (Completely Fair Scheduler) quota + deprecated: false + hidden: true + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: cpu-shares + shorthand: c + value_type: int64 + default_value: "0" + description: CPU shares (relative weight) + deprecated: false + hidden: true + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: cpuset-cpus + value_type: string + description: CPUs in which to allow execution (`0-3`, `0,1`) + deprecated: false + hidden: true + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: cpuset-mems + value_type: string + description: MEMs in which to allow execution (`0-3`, `0,1`) + deprecated: false + hidden: true + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: detach + value_type: bool + default_value: "false" + description: Detach buildx server (supported only on linux) + deprecated: false + hidden: false + experimental: false + experimentalcli: true + kubernetes: false + swarm: false + - option: file + shorthand: f + value_type: string + description: 'Name of the Dockerfile (default: `PATH/Dockerfile`)' + details_url: /engine/reference/commandline/build/#file + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: force-rm + value_type: bool + default_value: "false" + description: Always remove intermediate containers + deprecated: false + hidden: true + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: iidfile + value_type: string + description: Write the image ID to the file + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: isolation + value_type: string + description: Container isolation technology + deprecated: false + hidden: true + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: label + value_type: stringArray + default_value: '[]' + description: Set metadata for an image + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: load + value_type: bool + default_value: "false" + description: Shorthand for `--output=type=docker` + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: memory + shorthand: m + value_type: string + description: Memory limit + deprecated: false + hidden: true + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: memory-swap + value_type: string + description: | + Swap limit equal to memory plus swap: `-1` to enable unlimited swap + deprecated: false + hidden: true + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: metadata-file + value_type: string + description: Write build result metadata to the file + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: network + value_type: string + default_value: default + description: Set the networking mode for the `RUN` instructions during build + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: no-cache + value_type: bool + default_value: "false" + description: Do not use cache when building the image + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: no-cache-filter + value_type: stringArray + default_value: '[]' + description: Do not cache specified stages + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: output + shorthand: o + value_type: stringArray + default_value: '[]' + description: 'Output destination (format: `type=local,dest=path`)' + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: platform + value_type: stringArray + default_value: '[]' + description: Set target platform for build + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: print + value_type: string + description: Print result of information request (e.g., outline, targets) + deprecated: false + hidden: false + experimental: false + experimentalcli: true + kubernetes: false + swarm: false + - option: progress + value_type: string + default_value: auto + description: | + Set type of progress output (`auto`, `plain`, `tty`). Use plain to show container output + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: provenance + value_type: string + description: Shorthand for `--attest=type=provenance` + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: pull + value_type: bool + default_value: "false" + description: Always attempt to pull all referenced images + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: push + value_type: bool + default_value: "false" + description: Shorthand for `--output=type=registry` + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: quiet + shorthand: q + value_type: bool + default_value: "false" + description: Suppress the build output and print image ID on success + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: rm + value_type: bool + default_value: "true" + description: Remove intermediate containers after a successful build + deprecated: false + hidden: true + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: root + value_type: string + description: Specify root directory of server to connect + deprecated: false + hidden: false + experimental: false + experimentalcli: true + kubernetes: false + swarm: false + - option: sbom + value_type: string + description: Shorthand for `--attest=type=sbom` + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: secret + value_type: stringArray + default_value: '[]' + description: | + Secret to expose to the build (format: `id=mysecret[,src=/local/secret]`) + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: security-opt + value_type: stringSlice + default_value: '[]' + description: Security options + deprecated: false + hidden: true + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: server-config + value_type: string + description: | + Specify buildx server config file (used only when launching new server) + deprecated: false + hidden: false + experimental: false + experimentalcli: true + kubernetes: false + swarm: false + - option: shm-size + value_type: bytes + default_value: "0" + description: Size of `/dev/shm` + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: squash + value_type: bool + default_value: "false" + description: Squash newly built layers into a single new layer + deprecated: false + hidden: true + experimental: false + experimentalcli: true + kubernetes: false + swarm: false + - option: ssh + value_type: stringArray + default_value: '[]' + description: | + SSH agent socket or keys to expose to the build (format: `default|[=|[,]]`) + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: tag + shorthand: t + value_type: stringArray + default_value: '[]' + description: 'Name and optionally a tag (format: `name:tag`)' + details_url: /engine/reference/commandline/build/#tag + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: target + value_type: string + description: Set the target build stage to build + details_url: /engine/reference/commandline/build/#target + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: ulimit + value_type: ulimit + default_value: '[]' + description: Ulimit options + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false +inherited_options: + - option: builder + value_type: string + description: Override the configured builder instance + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false +deprecated: false +hidden: false +experimental: false +experimentalcli: true +kubernetes: false +swarm: false + diff --git a/data/toc.yaml b/data/toc.yaml index 05843adad0..af87969383 100644 --- a/data/toc.yaml +++ b/data/toc.yaml @@ -292,8 +292,10 @@ Reference: title: docker buildx build - path: /engine/reference/commandline/buildx_create/ title: docker buildx create - - path: /engine/reference/commandline/buildx_debug-shell/ - title: docker buildx debug-shell + - path: /engine/reference/commandline/buildx_debug/ + title: docker buildx debug + - path: /engine/reference/commandline/buildx_debug_build/ + title: docker buildx debug build - path: /engine/reference/commandline/buildx_du/ title: docker buildx du - path: /engine/reference/commandline/buildx_imagetools/ From 51f533bcf7da2c29b477b8c89f7799cd14d8b996 Mon Sep 17 00:00:00 2001 From: David Karlsson <35727626+dvdksn@users.noreply.github.com> Date: Fri, 17 Nov 2023 09:55:10 +0100 Subject: [PATCH 3/3] build: buildx v0.12.0 release notes Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com> --- content/build/release-notes.md | 93 ++++++++++++++++++++++++++++++++++ 1 file changed, 93 insertions(+) diff --git a/content/build/release-notes.md b/content/build/release-notes.md index 69dd8e94fb..a8300e812d 100644 --- a/content/build/release-notes.md +++ b/content/build/release-notes.md @@ -8,6 +8,99 @@ toc_max: 2 This page contains information about the new features, improvements, and bug fixes in [Docker Buildx](https://github.com/docker/buildx). +## 0.12.0 + +{{< release-date date="2023-11-16" >}} + +The full release note for this release is available +[on GitHub](https://github.com/docker/buildx/releases/tag/v0.12.0). + +### New + +- New `--annotation` flag for the `buildx build`, and an `annotations` key in the Bake file, that lets you add OCI Annotations to build results. + [#2020](https://github.com/docker/buildx/pull/2020), + [#2098](https://github.com/docker/buildx/pull/2098) +- New experimental debugging features, including a new `debug` command and an interactive debugging console. + This feature currently requires setting `BUILDX_EXPERIMENTAL=1`. + [#2006](https://github.com/docker/buildx/pull/2006), + [#1896](https://github.com/docker/buildx/pull/1896), + [#1970](https://github.com/docker/buildx/pull/1970), + [#1914](https://github.com/docker/buildx/pull/1914), + [#2026](https://github.com/docker/buildx/pull/2026), + [#2086](https://github.com/docker/buildx/pull/2086) + +### Bug fixes and enhancements + +- The special `host-gateway` IP mapping can now be used with the `--add-host` flag during build. + [#1894](https://github.com/docker/buildx/pull/1894), + [#2083](https://github.com/docker/buildx/pull/2083) +- Bake now allows adding local source files when building from remote definition. + [#1838](https://github.com/docker/buildx/pull/1838) +- The status of uploading build results to Docker is now shown interactively on progress bar. + [#1994](https://github.com/docker/buildx/pull/1994) +- Error handling has been improved when bootstrapping multi-node build clusters. + [#1869](https://github.com/docker/buildx/pull/1869) +- The `buildx imagetools create` command now allows adding annotation when creating new images in the registry. + [#1965](https://github.com/docker/buildx/pull/1965) +- OpenTelemetry build trace delegation from buildx is now possible with Docker and Remote driver. + [#2034](https://github.com/docker/buildx/pull/2034) +- Bake command now shows all files where the build definition was loaded from on the progress bar. + [#2076](https://github.com/docker/buildx/pull/2076) +- Bake files now allow the same attributes to be defined in multiple definition files. + [#1062](https://github.com/docker/buildx/pull/1062) +- Using the Bake command with a remote definition now allows this definition to use local Dockerfiles. + [#2015](https://github.com/docker/buildx/pull/2015) +- Docker container driver now explicitly sets BuildKit config path to make sure configurations are loaded from same location for both mainline and rootless images. + [#2093](https://github.com/docker/buildx/pull/2093) +- Improve performance of detecting when BuildKit instance has completed booting. + [#1934](https://github.com/docker/buildx/pull/1934) +- Container driver now accepts many new driver options for defining the resource limits for BuildKit container. + [#2048](https://github.com/docker/buildx/pull/2048) +- Inspection commands formatting has been improved. + [#2068](https://github.com/docker/buildx/pull/2068) +- Error messages about driver capabilities have been improved. + [#1998](https://github.com/docker/buildx/pull/1998) +- Improve errors when invoking Bake command without targets. + [#2100](https://github.com/docker/buildx/pull/2100) +- Allow enabling debug logs with environment variables when running in standalone mode. + [#1821](https://github.com/docker/buildx/pull/1821) +- When using Docker driver the default image resolve mode has been updated to prefer local Docker images for backward compatibility. + [#1886](https://github.com/docker/buildx/pull/1886) +- Kubernetes driver now allows setting custom annotations and labels to the BuildKit deployments and pods. + [#1938](https://github.com/docker/buildx/pull/1938) +- Kubernetes driver now allows setting authentication token with endpoint configuration. + [#1891](https://github.com/docker/buildx/pull/1891) +- Fix possible issue with chained targets in Bake that could result in build failing or local source for a target uploaded multiple times. + [#2113](https://github.com/docker/buildx/pull/2113) +- Fix issue when accessing global target properties when using the matrix feature of the Bake command. + [#2106](https://github.com/docker/buildx/pull/2106) +- Fixes for formatting validation of certain build flags + [#2040](https://github.com/docker/buildx/pull/2040) +- Fixes to avoid locking certain commands unnecessarily while booting builder nodes. + [#2066](https://github.com/docker/buildx/pull/2066) +- Fix cases where multiple builds try to bootstrap the same builder instance in parallel. + [#2000](https://github.com/docker/buildx/pull/2000) +- Fix cases where errors on uploading build results to Docker could be dropped in some cases. + [#1927](https://github.com/docker/buildx/pull/1927) +- Fix detecting capabilities for missing attestation support based on build output. + [#1988](https://github.com/docker/buildx/pull/1988) +- Fix the build for loading in Bake remote definition to not show up in build history records. + [#1961](https://github.com/docker/buildx/pull/1961), + [#1954](https://github.com/docker/buildx/pull/1954) +- Fix errors when building Compose files using the that define profiles with Bake. + [#1903](https://github.com/docker/buildx/pull/1903) +- Fix possible time correction errors on progress bar. + [#1968](https://github.com/docker/buildx/pull/1968) +- Fix passing custom cgroup parent to builds that used the new controller interface. + [#1913](https://github.com/docker/buildx/pull/1913) + +### Packaging + +- Compose support has been updated to 1.20, enabling "include" functionality when using the Bake command. + [#1971](https://github.com/docker/buildx/pull/1971), + [#2065](https://github.com/docker/buildx/pull/2065), + [#2094](https://github.com/docker/buildx/pull/2094) + ## 0.11.2 {{< release-date date="2023-07-18" >}}