From e609124feddd7341cfaf4249d5c5bc8b99d0a0d9 Mon Sep 17 00:00:00 2001 From: CrazyMax Date: Thu, 24 Aug 2023 12:22:40 +0200 Subject: [PATCH] build: remote bake definition to create BuildKit certs Signed-off-by: CrazyMax --- content/build/drivers/remote.md | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/content/build/drivers/remote.md b/content/build/drivers/remote.md index da5e84892c..9ac0183c19 100644 --- a/content/build/drivers/remote.md +++ b/content/build/drivers/remote.md @@ -97,10 +97,16 @@ but this is for illustration purposes.) 1. Generate certificates for BuildKit. - You can use the [create-certs.sh](https://github.com/moby/buildkit/blob/master/examples/kubernetes/create-certs.sh) - script as a starting point. Note that while it's possible to expose BuildKit - over TCP without using TLS, it's not recommended. Doing so allows arbitrary - access to BuildKit without credentials. + You can use this [bake definition](https://github.com/moby/buildkit/blob/master/examples/create-certs) + as a starting point: + + ```console + SAN="localhost 127.0.0.1" docker buildx bake "https://github.com/moby/buildkit.git#master:examples/create-certs" + ``` + + Note that while it's possible to expose BuildKit over TCP without using + TLS, it's not recommended. Doing so allows arbitrary access to BuildKit + without credentials. 2. With certificates generated in `.certs/`, startup the container: