centersl/docker-docs
1
0
Fork 0
mirror of https://github.com/docker/docs.git synced 2026-03-27 14:28:47 +07:00
Code Issues Packages Projects Releases Wiki Activity

vendor: github.com/docker/buildx v0.26.0

Browse Source 
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
This commit is contained in:
crazy-max
2025-07-21 15:39:39 +00:00
committed by github-actions[bot]
parent fad8c0eeab
commit c72b904803
12 changed files with 840 additions and 106 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
_vendor/github.com/docker/buildx/docs/bake-reference.md generated
View File

@@ -1399,8 +1399,7 @@ $ docker buildx bake
## Function
A [set of general-purpose functions][bake_stdlib]
provided by [go-cty][go-cty]
A [set of general-purpose functions][bake_stdlib] provided by [go-cty][go-cty]
are available for use in HCL files:
```hcl
@@ -1440,7 +1439,7 @@ target "webapp-dev" {
[add-host]: https://docs.docker.com/reference/cli/docker/buildx/build/#add-host
[attestations]: https://docs.docker.com/build/attestations/
[bake_stdlib]: https://github.com/docker/buildx/blob/master/bake/hclparser/stdlib.go
[bake_stdlib]: https://github.com/docker/buildx/blob/master/docs/bake-stdlib.md
[build-arg]: https://docs.docker.com/reference/cli/docker/image/build/#build-arg
[build-context]: https://docs.docker.com/reference/cli/docker/buildx/build/#build-context
[cache-backends]: https://docs.docker.com/build/cache/backends/

2
_vendor/modules.txt
View File

@@ -1,6 +1,6 @@
# github.com/moby/moby v28.3.2+incompatible
# github.com/moby/buildkit v0.23.2
# github.com/docker/buildx v0.25.0
# github.com/docker/buildx v0.26.0
# github.com/docker/cli v28.3.3-0.20250711132746-c69d8bde4adc+incompatible
# github.com/docker/compose/v2 v2.38.2
# github.com/docker/model-cli v0.1.33-0.20250703103301-d4e4936a9eb2

2
data/buildx/docker_buildx.yaml
View File

@@ -8,6 +8,7 @@ cname:
- docker buildx bake
- docker buildx build
- docker buildx create
- docker buildx dap
- docker buildx debug
- docker buildx dial-stdio
- docker buildx du
@@ -24,6 +25,7 @@ clink:
- docker_buildx_bake.yaml
- docker_buildx_build.yaml
- docker_buildx_create.yaml
- docker_buildx_dap.yaml
- docker_buildx_debug.yaml
- docker_buildx_dial-stdio.yaml
- docker_buildx_du.yaml

17
data/buildx/docker_buildx_bake.yaml
View File

@@ -311,6 +311,11 @@ examples: |-
The file can be an HCL, JSON or Compose file. If multiple files are specified,
all are read and the build configurations are combined.
Alternatively, the environment variable `BUILDX_BAKE_FILE` can be used to specify the build definition to use.
This is mutually exclusive with `-f` / `--file`; if both are specified, the environment variable is ignored.
Multiple definitions can be specified by separating them with the system's path separator
(typically `;` on Windows and `:` elsewhere), but can be changed with `BUILDX_BAKE_PATH_SEPARATOR`.
You can pass the names of the targets to build, to build only specific target(s).
The following example builds the `db` and `webapp-release` targets that are
defined in the `docker-bake.dev.hcl` file:
@@ -366,12 +371,15 @@ examples: |-
```console
$ docker buildx bake --list=variables
VARIABLE VALUE DESCRIPTION
REGISTRY docker.io/username Registry and namespace
IMAGE_NAME my-app Image name
GO_VERSION <null>
VARIABLE TYPE VALUE DESCRIPTION
REGISTRY string docker.io/username Registry and namespace
IMAGE_NAME string my-app Image name
GO_VERSION <null>
DEBUG bool false Add debug symbols
```
Variable types will be shown when set using the `type` property in the Bake file.
By default, the output of `docker buildx bake --list` is presented in a table
format. Alternatively, you can use a long-form CSV syntax and specify a
`format` attribute to output the list in JSON.
@@ -531,6 +539,7 @@ examples: |-
* `context`
* `dockerfile`
* `entitlements`
* `extra-hosts`
* `labels`
* `load`
* `no-cache`

125
data/buildx/docker_buildx_build.yaml
View File

@@ -703,13 +703,15 @@ examples: |-
Define additional build context with specified contents. In Dockerfile the context can be accessed when `FROM name` or `--from=name` is used.
When Dockerfile defines a stage with the same name it is overwritten.
The value can be a local source directory, [local OCI layout compliant directory](https://github.com/opencontainers/image-spec/blob/main/image-layout.md), container image (with docker-image:// prefix), Git or HTTP URL.
The value can be a:
Replace `alpine:latest` with a pinned one:
- local source directory
- [local OCI layout compliant directory](https://github.com/opencontainers/image-spec/blob/main/image-layout.md)
- container image
- Git URL
- HTTP URL
```console
$ docker buildx build --build-context alpine=docker-image://alpine@sha256:0123456789 .
```
#### Use a local path {#local-path}
Expose a secondary local source directory:
@@ -718,6 +720,16 @@ examples: |-
# docker buildx build --build-context project=https://github.com/myuser/project.git .
```
#### Use a container image {#docker-image}
Use the `docker-image://` scheme.
Replace `alpine:latest` with a pinned one:
```console
$ docker buildx build --build-context alpine=docker-image://alpine@sha256:0123456789 .
```
```dockerfile
# syntax=docker/dockerfile:1
FROM alpine
@@ -726,7 +738,10 @@ examples: |-
#### Use an OCI layout directory as build context {#source-oci-layout}
Source an image from a local [OCI layout compliant directory](https://github.com/opencontainers/image-spec/blob/main/image-layout.md),
Use the `oci-layout:///` scheme.
Source an image from a local
[OCI layout compliant directory](https://github.com/opencontainers/image-spec/blob/main/image-layout.md),
either by tag, or by digest:
```console
@@ -744,7 +759,6 @@ examples: |-
```
The OCI layout directory must be compliant with the [OCI layout specification](https://github.com/opencontainers/image-spec/blob/main/image-layout.md).
You can reference an image in the layout using either tags, or the exact digest.
### Override the configured builder instance (--builder) {#builder}
@@ -756,25 +770,25 @@ examples: |-
--cache-from=[NAME|type=TYPE[,KEY=VALUE]]
```
Use an external cache source for a build. Supported types are `registry`,
`local`, `gha` and `s3`.
Use an external cache source for a build. Supported types are:
- [`registry` source](https://github.com/moby/buildkit#registry-push-image-and-cache-separately)
- [`registry`](/build/cache/backends/registry/)
can import cache from a cache manifest or (special) image configuration on the
registry.
- [`local` source](https://github.com/moby/buildkit#local-directory-1) can
- [`local`](/build/cache/backends/local/) can
import cache from local files previously exported with `--cache-to`.
- [`gha` source](https://github.com/moby/buildkit#github-actions-cache-experimental)
- [`gha`](/build/cache/backends/gha/)
can import cache from a previously exported cache with `--cache-to` in your
GitHub repository
- [`s3` source](https://github.com/moby/buildkit#s3-cache-experimental)
GitHub repository.
- [`s3`](/build/cache/backends/s3/)
can import cache from a previously exported cache with `--cache-to` in your
S3 bucket
S3 bucket.
- [`azblob`](/build/cache/backends/azblob/)
can import cache from a previously exported cache with `--cache-to` in your
Azure bucket.
If no type is specified, `registry` exporter is used with a specified reference.
`docker` driver currently only supports importing build cache from the registry.
```console
$ docker buildx build --cache-from=user/app:cache .
$ docker buildx build --cache-from=user/app .
@@ -784,7 +798,43 @@ examples: |-
$ docker buildx build --cache-from=type=s3,region=eu-west-1,bucket=mybucket .
```
More info about cache exporters and available attributes: https://github.com/moby/buildkit#export-cache
> [!NOTE]
> More info about cache exporters and available attributes can be found in the
> [Cache storage backends documentation](/build/cache/backends/)
### Export build cache to an external cache destination (--cache-to) {#cache-to}
```text
--cache-to=[NAME|type=TYPE[,KEY=VALUE]]
```
Export build cache to an external cache destination. Supported types are:
- [`registry`](/build/cache/backends/registry/) exports
build cache to a cache manifest in the registry.
- [`local`](/build/cache/backends/local/) exports
cache to a local directory on the client.
- [`inline`](/build/cache/backends/inline/) writes the
cache metadata into the image configuration.
- [`gha`](/build/cache/backends/gha/) exports cache
through the GitHub Actions Cache service API.
- [`s3`](/build/cache/backends/s3/) exports cache to a
S3 bucket.
- [`azblob`](/build/cache/backends/azblob/) exports
cache to an Azure bucket.
```console
$ docker buildx build --cache-to=user/app:cache .
$ docker buildx build --cache-to=type=inline .
$ docker buildx build --cache-to=type=registry,ref=user/app .
$ docker buildx build --cache-to=type=local,dest=path/to/cache .
$ docker buildx build --cache-to=type=gha .
$ docker buildx build --cache-to=type=s3,region=eu-west-1,bucket=mybucket .
```
> [!NOTE]
> More info about cache exporters and available attributes can be found in the
> [Cache storage backends documentation](/build/cache/backends/)
### Invoke a frontend method (--call) {#call}
@@ -947,45 +997,6 @@ examples: |-
release (default) is an empty scratch image with only compiled assets
```
### Export build cache to an external cache destination (--cache-to) {#cache-to}
```text
--cache-to=[NAME|type=TYPE[,KEY=VALUE]]
```
Export build cache to an external cache destination. Supported types are
`registry`, `local`, `inline`, `gha` and `s3`.
- [`registry` type](https://github.com/moby/buildkit#registry-push-image-and-cache-separately) exports build cache to a cache manifest in the registry.
- [`local` type](https://github.com/moby/buildkit#local-directory-1) exports
cache to a local directory on the client.
- [`inline` type](https://github.com/moby/buildkit#inline-push-image-and-cache-together)
writes the cache metadata into the image configuration.
- [`gha` type](https://github.com/moby/buildkit#github-actions-cache-experimental)
exports cache through the [GitHub Actions Cache service API](https://github.com/tonistiigi/go-actions-cache/blob/master/api.md#authentication).
- [`s3` type](https://github.com/moby/buildkit#s3-cache-experimental) exports
cache to a S3 bucket.
The `docker` driver only supports cache exports using the `inline` and `local`
cache backends.
Attribute key:
- `mode` - Specifies how many layers are exported with the cache. `min` on only
exports layers already in the final build stage, `max` exports layers for
all stages. Metadata is always exported for the whole build.
```console
$ docker buildx build --cache-to=user/app:cache .
$ docker buildx build --cache-to=type=inline .
$ docker buildx build --cache-to=type=registry,ref=user/app .
$ docker buildx build --cache-to=type=local,dest=path/to/cache .
$ docker buildx build --cache-to=type=gha .
$ docker buildx build --cache-to=type=s3,region=eu-west-1,bucket=mybucket .
```
More info about cache exporters and available attributes: https://github.com/moby/buildkit#export-cache
### Use a custom parent cgroup (--cgroup-parent) {#cgroup-parent}
When you run `docker buildx build` with the `--cgroup-parent` option,

37
data/buildx/docker_buildx_dap.yaml Normal file
View File

@@ -0,0 +1,37 @@
command: docker buildx dap
short: Start debug adapter protocol compatible debugger
long: Start debug adapter protocol compatible debugger
pname: docker buildx
plink: docker_buildx.yaml
cname:
- docker buildx dap build
clink:
- docker_buildx_dap_build.yaml
inherited_options:
- option: builder
value_type: string
description: Override the configured builder instance
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: debug
shorthand: D
value_type: bool
default_value: "false"
description: Enable debug logging
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
deprecated: false
hidden: false
experimental: false
experimentalcli: true
kubernetes: false
swarm: false

34
data/buildx/docker_buildx_dap_attach.yaml Normal file
View File

@@ -0,0 +1,34 @@
command: docker buildx dap attach
short: Attach to a container created by the dap evaluate request
long: Attach to a container created by the dap evaluate request
usage: docker buildx dap attach PATH
pname: docker buildx dap
plink: docker_buildx_dap.yaml
inherited_options:
- option: builder
value_type: string
description: Override the configured builder instance
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: debug
shorthand: D
value_type: bool
default_value: "false"
description: Enable debug logging
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
deprecated: false
hidden: true
experimental: false
experimentalcli: true
kubernetes: false
swarm: false

539
data/buildx/docker_buildx_dap_build.yaml Normal file
View File

@@ -0,0 +1,539 @@
command: docker buildx dap build
short: Start a build
long: |-
Start a debug session using the [debug adapter protocol](https://microsoft.github.io/debug-adapter-protocol/overview) to communicate with the debugger UI.
Arguments are the same as the `build`
> [!NOTE]
> `buildx dap build` command may receive backwards incompatible features in the future
> if needed. We are looking for feedback on improving the command and extending
> the functionality further.
usage: docker buildx dap build [OPTIONS] PATH | URL | -
pname: docker buildx dap
plink: docker_buildx_dap.yaml
options:
- option: add-host
value_type: stringSlice
default_value: '[]'
description: 'Add a custom host-to-IP mapping (format: `host:ip`)'
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: allow
value_type: stringArray
default_value: '[]'
description: |
Allow extra privileged entitlement (e.g., `network.host`, `security.insecure`)
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: annotation
value_type: stringArray
default_value: '[]'
description: Add annotation to the image
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: attest
value_type: stringArray
default_value: '[]'
description: 'Attestation parameters (format: `type=sbom,generator=image`)'
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: build-arg
value_type: stringArray
default_value: '[]'
description: Set build-time variables
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: build-context
value_type: stringArray
default_value: '[]'
description: Additional build contexts (e.g., name=path)
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: cache-from
value_type: stringArray
default_value: '[]'
description: |
External cache sources (e.g., `user/app:cache`, `type=local,src=path/to/dir`)
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: cache-to
value_type: stringArray
default_value: '[]'
description: |
Cache export destinations (e.g., `user/app:cache`, `type=local,dest=path/to/dir`)
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: call
value_type: string
default_value: build
description: Set method for evaluating build (`check`, `outline`, `targets`)
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: cgroup-parent
value_type: string
description: Set the parent cgroup for the `RUN` instructions during build
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: check
value_type: bool
description: Shorthand for `--call=check`
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: compress
value_type: bool
default_value: "false"
description: Compress the build context using gzip
deprecated: false
hidden: true
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: cpu-period
value_type: int64
default_value: "0"
description: Limit the CPU CFS (Completely Fair Scheduler) period
deprecated: false
hidden: true
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: cpu-quota
value_type: int64
default_value: "0"
description: Limit the CPU CFS (Completely Fair Scheduler) quota
deprecated: false
hidden: true
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: cpu-shares
shorthand: c
value_type: int64
default_value: "0"
description: CPU shares (relative weight)
deprecated: false
hidden: true
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: cpuset-cpus
value_type: string
description: CPUs in which to allow execution (`0-3`, `0,1`)
deprecated: false
hidden: true
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: cpuset-mems
value_type: string
description: MEMs in which to allow execution (`0-3`, `0,1`)
deprecated: false
hidden: true
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: file
shorthand: f
value_type: string
description: 'Name of the Dockerfile (default: `PATH/Dockerfile`)'
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: force-rm
value_type: bool
default_value: "false"
description: Always remove intermediate containers
deprecated: false
hidden: true
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: iidfile
value_type: string
description: Write the image ID to a file
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: isolation
value_type: string
description: Container isolation technology
deprecated: false
hidden: true
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: label
value_type: stringArray
default_value: '[]'
description: Set metadata for an image
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: load
value_type: bool
default_value: "false"
description: Shorthand for `--output=type=docker`
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: memory
shorthand: m
value_type: string
description: Memory limit
deprecated: false
hidden: true
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: memory-swap
value_type: string
description: |
Swap limit equal to memory plus swap: `-1` to enable unlimited swap
deprecated: false
hidden: true
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: metadata-file
value_type: string
description: Write build result metadata to a file
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: network
value_type: string
default_value: default
description: Set the networking mode for the `RUN` instructions during build
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: no-cache
value_type: bool
default_value: "false"
description: Do not use cache when building the image
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: no-cache-filter
value_type: stringArray
default_value: '[]'
description: Do not cache specified stages
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: output
shorthand: o
value_type: stringArray
default_value: '[]'
description: 'Output destination (format: `type=local,dest=path`)'
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: platform
value_type: stringArray
default_value: '[]'
description: Set target platform for build
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: print
value_type: string
description: Print result of information request (e.g., outline, targets)
deprecated: false
hidden: true
experimental: false
experimentalcli: true
kubernetes: false
swarm: false
- option: progress
value_type: string
default_value: auto
description: |
Set type of progress output (`auto`, `quiet`, `plain`, `tty`, `rawjson`). Use plain to show container output
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: provenance
value_type: string
description: Shorthand for `--attest=type=provenance`
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: pull
value_type: bool
default_value: "false"
description: Always attempt to pull all referenced images
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: push
value_type: bool
default_value: "false"
description: Shorthand for `--output=type=registry`
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: quiet
shorthand: q
value_type: bool
default_value: "false"
description: Suppress the build output and print image ID on success
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: rm
value_type: bool
default_value: "true"
description: Remove intermediate containers after a successful build
deprecated: false
hidden: true
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: sbom
value_type: string
description: Shorthand for `--attest=type=sbom`
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: secret
value_type: stringArray
default_value: '[]'
description: |
Secret to expose to the build (format: `id=mysecret[,src=/local/secret]`)
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: security-opt
value_type: stringSlice
default_value: '[]'
description: Security options
deprecated: false
hidden: true
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: shm-size
value_type: bytes
default_value: "0"
description: Shared memory size for build containers
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: squash
value_type: bool
default_value: "false"
description: Squash newly built layers into a single new layer
deprecated: false
hidden: true
experimental: false
experimentalcli: true
kubernetes: false
swarm: false
- option: ssh
value_type: stringArray
default_value: '[]'
description: |
SSH agent socket or keys to expose to the build (format: `default|<id>[=<socket>|<key>[,<key>]]`)
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: tag
shorthand: t
value_type: stringArray
default_value: '[]'
description: 'Name and optionally a tag (format: `name:tag`)'
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: target
value_type: string
description: Set the target build stage to build
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: ulimit
value_type: ulimit
default_value: '[]'
description: Ulimit options
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
inherited_options:
- option: builder
value_type: string
description: Override the configured builder instance
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
- option: debug
shorthand: D
value_type: bool
default_value: "false"
description: Enable debug logging
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
examples: |-
### Launch request arguments {#launch-config}
The following [launch request arguments](https://microsoft.github.io/debug-adapter-protocol/specification#Requests_Launch) are supported. These are sent as a JSON body as part of the launch request.
| Name | Type | Default | Description |
|:--------------------|:--------------|:-------------|:-----------------------------------------------------------------------------|
| `dockerfile` | `string` | `Dockerfile` | Name of the Dockerfile |
| `contextPath` | `string` | `.` | Set the context path for the build (normally the first positional argument) |
| `target` | `string` | | Set the target build stage to build |
| `stopOnEntry` | `boolean` | `false` | Stop on the first instruction |
### Additional Arguments {#additional-args}
Command line arguments may be passed to the debug adapter the same way they would be passed to the normal build command and they will set the value.
Launch request arguments that are set will override command line arguments if they are present.
A debug extension should include an `args` entry in the launch configuration and should append these arguments to the end of the tool invocation.
For example, a launch configuration in Visual Studio Code with the following:
```json
{
"args": ["--build-arg", "FOO=AAA"]
}
```
This should cause the debug adapter to be invoked as `docker buildx dap build --build-arg FOO=AAA`.
deprecated: false
hidden: false
experimental: false
experimentalcli: true
kubernetes: false
swarm: false

12
data/buildx/docker_buildx_debug.yaml
View File

@@ -1,7 +1,6 @@
command: docker buildx debug
short: Start debugger
long: Start debugger
usage: docker buildx debug
pname: docker buildx
plink: docker_buildx.yaml
cname:
@@ -28,17 +27,6 @@ options:
experimentalcli: true
kubernetes: false
swarm: false
- option: progress
value_type: string
default_value: auto
description: |
Set type of progress output (`auto`, `plain`, `tty`, `rawjson`) for the monitor. Use plain to show container output
deprecated: false
hidden: false
experimental: false
experimentalcli: false
kubernetes: false
swarm: false
inherited_options:
- option: builder
value_type: string

167
data/buildx/docker_buildx_history_inspect_attachment.yaml
View File

@@ -4,13 +4,14 @@ long: |-
Inspect a specific attachment from a build record, such as a provenance file or
SBOM. Attachments are optional artifacts stored with the build and may be
platform-specific.
usage: docker buildx history inspect attachment [OPTIONS] REF [DIGEST]
usage: docker buildx history inspect attachment [OPTIONS] [REF [DIGEST]]
pname: docker buildx history inspect
plink: docker_buildx_history_inspect.yaml
options:
- option: platform
value_type: string
description: Platform of attachment
details_url: '#platform'
deprecated: false
hidden: false
experimental: false
@@ -49,48 +50,160 @@ inherited_options:
kubernetes: false
swarm: false
examples: |-
### Inspect a provenance attachment from a build (--type) {#type}
Supported types include `provenance` and `sbom`.
### Inspect an attachment by platform (--platform) {#platform}
```console
$ docker buildx history inspect attachment qu2gsuo8ejqrwdfii23xkkckt --type provenance
$ docker buildx history inspect attachment --platform linux/amd64
{
"_type": "https://slsa.dev/provenance/v0.2",
"buildDefinition": {
"buildType": "https://build.docker.com/BuildKit@v1",
"externalParameters": {
"target": "app",
"platforms": ["linux/amd64"]
}
"schemaVersion": 2,
"mediaType": "application/vnd.oci.image.manifest.v1+json",
"config": {
"mediaType": "application/vnd.oci.image.config.v1+json",
"digest": "sha256:814e63f06465bc78123775714e4df1ebdda37e6403e0b4f481df74947c047163",
"size": 600
},
"runDetails": {
"builder": "docker",
"by": "ci@docker.com"
}
"layers": [
{
"mediaType": "application/vnd.oci.image.layer.v1.tar+gzip",
"digest": "sha256:36537f3920ae948ce3e12b4ae34c21190280e6e7d58eeabde0dff3fdfb43b6b0",
"size": 21664137
}
]
}
```
### Inspect a SBOM for linux/amd64
### Inspect an attachment by type (--type) {#type}
Supported types include:
* `index`
* `manifest`
* `image`
* `provenance`
* `sbom`
#### Index
```console
$ docker buildx history inspect attachment ^0 \
--type sbom \
--platform linux/amd64
$ docker buildx history inspect attachment --type index
{
"bomFormat": "CycloneDX",
"specVersion": "1.5",
"version": 1,
"components": [
"schemaVersion": 2,
"mediaType": "application/vnd.oci.image.index.v1+json",
"manifests": [
{
"type": "library",
"name": "alpine",
"version": "3.18.2"
"mediaType": "application/vnd.oci.image.manifest.v1+json",
"digest": "sha256:a194e24f47dc6d0e65992c09577b9bc4e7bd0cd5cc4f81e7738918f868aa397b",
"size": 481,
"platform": {
"architecture": "amd64",
"os": "linux"
}
},
{
"mediaType": "application/vnd.oci.image.manifest.v1+json",
"digest": "sha256:49e40223d6a96ea0667a12737fd3dde004cf217eb48cb28c9191288cd44c6ace",
"size": 839,
"annotations": {
"vnd.docker.reference.digest": "sha256:a194e24f47dc6d0e65992c09577b9bc4e7bd0cd5cc4f81e7738918f868aa397b",
"vnd.docker.reference.type": "attestation-manifest"
},
"platform": {
"architecture": "unknown",
"os": "unknown"
}
}
]
}
```
#### Manifest
```console
$ docker buildx history inspect attachment --type manifest
{
"schemaVersion": 2,
"mediaType": "application/vnd.oci.image.manifest.v1+json",
"config": {
"mediaType": "application/vnd.oci.image.config.v1+json",
"digest": "sha256:814e63f06465bc78123775714e4df1ebdda37e6403e0b4f481df74947c047163",
"size": 600
},
"layers": [
{
"mediaType": "application/vnd.oci.image.layer.v1.tar+gzip",
"digest": "sha256:36537f3920ae948ce3e12b4ae34c21190280e6e7d58eeabde0dff3fdfb43b6b0",
"size": 21664137
}
]
}
```
#### Provenance
```console
$ docker buildx history inspect attachment --type provenance
{
"builder": {
"id": ""
},
"buildType": "https://mobyproject.org/buildkit@v1",
"materials": [
{
"uri": "pkg:docker/docker/dockerfile@1",
"digest": {
"sha256": "9ba7531bd80fb0a858632727cf7a112fbfd19b17e94c4e84ced81e24ef1a0dbc"
}
},
{
"uri": "pkg:docker/golang@1.19.4-alpine?platform=linux%2Farm64",
"digest": {
"sha256": "a9b24b67dc83b3383d22a14941c2b2b2ca6a103d805cac6820fd1355943beaf1"
}
}
],
"invocation": {
"configSource": {
"entryPoint": "Dockerfile"
},
"parameters": {
"frontend": "gateway.v0",
"args": {
"cmdline": "docker/dockerfile:1",
"source": "docker/dockerfile:1",
"target": "binaries"
},
"locals": [
{
"name": "context"
},
{
"name": "dockerfile"
}
]
},
"environment": {
"platform": "linux/arm64"
}
},
"metadata": {
"buildInvocationID": "c4a87v0sxhliuewig10gnsb6v",
"buildStartedOn": "2022-12-16T08:26:28.651359794Z",
"buildFinishedOn": "2022-12-16T08:26:29.625483253Z",
"reproducible": false,
"completeness": {
"parameters": true,
"environment": true,
"materials": false
},
"https://mobyproject.org/buildkit@v1#metadata": {
"vcs": {
"revision": "a9ba846486420e07d30db1107411ac3697ecab68",
"source": "git@github.com:<org>/<repo>.git"
}
}
}
}
```
### Inspect an attachment by digest
You can inspect an attachment directly using its digset, which you can get from

4
go.mod
View File

@@ -3,7 +3,7 @@ module github.com/docker/docs
go 1.24.0
require (
github.com/docker/buildx v0.25.0 // indirect
github.com/docker/buildx v0.26.0 // indirect
github.com/docker/cli v28.3.3-0.20250711132746-c69d8bde4adc+incompatible // indirect
github.com/docker/compose/v2 v2.38.2 // indirect
github.com/docker/model-cli v0.1.33-0.20250703103301-d4e4936a9eb2 // indirect
@@ -13,7 +13,7 @@ require (
)
replace (
github.com/docker/buildx => github.com/docker/buildx v0.25.0
github.com/docker/buildx => github.com/docker/buildx v0.26.0
github.com/docker/cli => github.com/docker/cli v28.3.3-0.20250711132746-c69d8bde4adc+incompatible
github.com/docker/compose/v2 => github.com/docker/compose/v2 v2.38.2
github.com/docker/model-cli => github.com/docker/model-cli v0.1.33-0.20250703103301-d4e4936a9eb2

2
go.sum
View File

@@ -30,6 +30,8 @@ github.com/docker/buildx v0.24.0 h1:qiD+xktY+Fs3R79oz8M+7pbhip78qGLx6LBuVmyb+64=
github.com/docker/buildx v0.24.0/go.mod h1:vYkdBUBjFo/i5vUE0mkajGlk03gE0T/HaGXXhgIxo8E=
github.com/docker/buildx v0.25.0 h1:qs5WxBo0wQKSXcQ+v6UhWaeM2Pu+95ZCymaimRzInaE=
github.com/docker/buildx v0.25.0/go.mod h1:xJcOeBhz49tgqN174MMGuOU4bxNmgfaLnZn7Gm641EE=
github.com/docker/buildx v0.26.0 h1:RiIQZnntdkeLeryOAI0G/WC7mRwcM6CuGD4sZEd1ljQ=
github.com/docker/buildx v0.26.0/go.mod h1:oxMC30cSHPaCCkY2j+EqN7uxFikjSzVC0c44lo9b4Fo=
github.com/docker/cli v28.2.1+incompatible h1:AYyTcuwvhl9dXdyCiXlOGXiIqSNYzTmaDNpxIISPGsM=
github.com/docker/cli v28.2.1+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
github.com/docker/cli v28.3.0+incompatible h1:s+ttruVLhB5ayeuf2BciwDVxYdKi+RoUlxmwNHV3Vfo=