From 54144f42e14ef053b4c43b7233050452da47e650 Mon Sep 17 00:00:00 2001 From: CrazyMax <1951866+crazy-max@users.noreply.github.com> Date: Thu, 20 Feb 2025 13:39:58 +0100 Subject: [PATCH 1/4] Merge pull request #22063 from crazy-max/buildx-0.21.0 build: buildx 0.21.0 release notes --- content/manuals/build/cache/backends/gha.md | 11 ++++---- content/manuals/build/release-notes.md | 28 +++++++++++++++++++++ 2 files changed, 34 insertions(+), 5 deletions(-) diff --git a/content/manuals/build/cache/backends/gha.md b/content/manuals/build/cache/backends/gha.md index e5de3accdae5..9b3f5c1040d0 100644 --- a/content/manuals/build/cache/backends/gha.md +++ b/content/manuals/build/cache/backends/gha.md @@ -31,8 +31,9 @@ The following table describes the available CSV parameters that you can pass to `--cache-to` and `--cache-from`. | Name | Option | Type | Default | Description | -| -------------- | ----------------------- | ----------- | ------------------------ | -------------------------------------------------------------------- | +|----------------|-------------------------|-------------|--------------------------|----------------------------------------------------------------------| | `url` | `cache-to`,`cache-from` | String | `$ACTIONS_CACHE_URL` | Cache server URL, see [authentication][1]. | +| `url_v2` | `cache-to`,`cache-from` | String | `$ACTIONS_CACHE_URL` | Cache v2 server URL, see [authentication][1]. | | `token` | `cache-to`,`cache-from` | String | `$ACTIONS_RUNTIME_TOKEN` | Access token, see [authentication][1]. | | `scope` | `cache-to`,`cache-from` | String | `buildkit` | Which scope cache object belongs to, see [scope][2] | | `mode` | `cache-to` | `min`,`max` | `min` | Cache layers to export, see [cache mode][3]. | @@ -47,10 +48,10 @@ The following table describes the available CSV parameters that you can pass to ## Authentication -If the `url` or `token` parameters are left unspecified, the `gha` cache backend -will fall back to using environment variables. If you invoke the `docker buildx` -command manually from an inline step, then the variables must be manually -exposed. Consider using the +If the `url`, `url_v2` or `token` parameters are left unspecified, the `gha` +cache backend will fall back to using environment variables. If you invoke the +`docker buildx` command manually from an inline step, then the variables must +be manually exposed. Consider using the [`crazy-max/ghaction-github-runtime`](https://github.com/crazy-max/ghaction-github-runtime), GitHub Action as a helper for exposing the variables. diff --git a/content/manuals/build/release-notes.md b/content/manuals/build/release-notes.md index a086215565f7..978cf201ca49 100644 --- a/content/manuals/build/release-notes.md +++ b/content/manuals/build/release-notes.md @@ -10,6 +10,34 @@ toc_max: 2 This page contains information about the new features, improvements, and bug fixes in [Docker Buildx](https://github.com/docker/buildx). +## 0.21.0 + +{{< release-date date="2025-02-19" >}} + +The full release note for this release is available +[on GitHub](https://github.com/docker/buildx/releases/tag/v0.21.0). + +### New + +- New command `buildx history trace` lets you inspect traces of a build in a Jaeger UI-based viewer and compare one trace with another. [docker/buildx#2904](https://github.com/docker/buildx/pull/2904) + +### Enhancements + +- The history inspection command `buildx history inspect` now supports custom formatting with `--format` flag and JSON formatting for machine-readable output. [docker/buildx#2964](https://github.com/docker/buildx/pull/2964) +- Support for CDI device entitlement in build and bake. [docker/buildx#2994](https://github.com/docker/buildx/pull/2994) +- Supported CDI devices are now shown in the builder inspection. [docker/buildx#2983](https://github.com/docker/buildx/pull/2983) +- When using [GitHub Cache backend `type=gha`](cache/backends/gha.md), the URL for the Version 2 or API is now read from the environment and sent to BuildKit. Version 2 backend requires BuildKit v0.20.0 or later. [docker/buildx#2983](https://github.com/docker/buildx/pull/2983), [docker/buildx#3001](https://github.com/docker/buildx/pull/3001) + +### Bug fixes + +- Avoid unnecessary warnings and prompts when using `--progress=rawjson`. [docker/buildx#2957](https://github.com/docker/buildx/pull/2957) +- Fix regression with debug shell sometimes not working correctly on `--on=error`. [docker/buildx#2958](https://github.com/docker/buildx/pull/2958) +- Fix possible panic errors when using an unknown variable in the Bake definition. [docker/buildx#2960](https://github.com/docker/buildx/pull/2960) +- Fix invalid duplicate output on JSON format formatting of `buildx ls` command. [docker/buildx#2970](https://github.com/docker/buildx/pull/2970) +- Fix bake handling cache imports with CSV string containing multiple registry references. [docker/buildx#2944](https://github.com/docker/buildx/pull/2944) +- Fix issue where error from pulling BuildKit image could be ignored. [docker/buildx#2988](https://github.com/docker/buildx/pull/2988) +- Fix race on pausing progress on debug shell. [docker/buildx#3003](https://github.com/docker/buildx/pull/3003) + ## 0.20.1 {{< release-date date="2025-01-23" >}} From 0ccbeadf491f3589df9bf7fe30a393bee28708d2 Mon Sep 17 00:00:00 2001 From: CrazyMax <1951866+crazy-max@users.noreply.github.com> Date: Thu, 20 Feb 2025 13:40:33 +0100 Subject: [PATCH 2/4] build: dockerfile frontend 1.14.0 release notes (#22064) ## Description * https://github.com/moby/buildkit/releases/tag/dockerfile%2F1.14.0 * https://github.com/moby/buildkit/releases/tag/dockerfile%2F1.14.0-labs ## Reviews - [ ] Technical review - [ ] Editorial review - [ ] Product review --------- Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com> Co-authored-by: Allie Sadler <102604716+aevesdocker@users.noreply.github.com> --- .../buildkit/dockerfile-release-notes.md | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/content/manuals/build/buildkit/dockerfile-release-notes.md b/content/manuals/build/buildkit/dockerfile-release-notes.md index e8b9f3ba0898..57f74385c951 100644 --- a/content/manuals/build/buildkit/dockerfile-release-notes.md +++ b/content/manuals/build/buildkit/dockerfile-release-notes.md @@ -13,6 +13,34 @@ issues, and bug fixes in [Dockerfile reference](/reference/dockerfile.md). For usage, see the [Dockerfile frontend syntax](frontend.md) page. +## 1.14.0 + +{{< release-date date="2025-02-19" >}} + +The full release note for this release is available +[on GitHub](https://github.com/moby/buildkit/releases/tag/dockerfile%2F1.14.0). + +```dockerfile +# syntax=docker/dockerfile:1.14.0 +``` + +- `COPY --chmod` now allows non-octal values. This feature was previously in the labs channel and is now available in the main release. [moby/buildkit#5734](https://github.com/moby/buildkit/pull/5734) +- Fix handling of OSVersion platform property if one is set by the base image [moby/buildkit#5714](https://github.com/moby/buildkit/pull/5714) +- Fix errors where a named context metadata could be resolved even if it was not reachable by the current build configuration, leading to build errors [moby/buildkit#5688](https://github.com/moby/buildkit/pull/5688) + +## 1.14.0-labs + +{{< release-date date="2025-02-19" >}} + +The full release note for this release is available +[on GitHub](https://github.com/moby/buildkit/releases/tag/dockerfile%2F1.14.0-labs). + +```dockerfile +# syntax=docker.io/docker/dockerfile-upstream:1.14.0-labs +``` + +- New `RUN --device=name,[required]` flag lets builds request CDI devices are available to the build step. Requires BuildKit v0.20.0+ [moby/buildkit#4056](https://github.com/moby/buildkit/pull/4056), [moby/buildkit#5738](https://github.com/moby/buildkit/pull/5738) + ## 1.13.0 {{< release-date date="2025-01-20" >}} From aa7c3e19eb1cc0d42385af4337049198f4a280e0 Mon Sep 17 00:00:00 2001 From: Cesar Talledo Date: Thu, 20 Feb 2025 04:42:47 -0800 Subject: [PATCH 3/4] Update important note in ECI doc per latest developments. (#22020) ## Description Updated a note in the ECI docs, per latest feature developments. ## Reviews - [ ] Technical review - [X] Editorial review - [ ] Product review --------- Signed-off-by: Cesar Talledo Co-authored-by: Allie Sadler <102604716+aevesdocker@users.noreply.github.com> --- .../hardened-desktop/enhanced-container-isolation/_index.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/content/manuals/security/for-admins/hardened-desktop/enhanced-container-isolation/_index.md b/content/manuals/security/for-admins/hardened-desktop/enhanced-container-isolation/_index.md index 3f6453610b83..5b4740019404 100644 --- a/content/manuals/security/for-admins/hardened-desktop/enhanced-container-isolation/_index.md +++ b/content/manuals/security/for-admins/hardened-desktop/enhanced-container-isolation/_index.md @@ -51,9 +51,9 @@ For more information on how Enhanced Container Isolation work, see [How does it > [!IMPORTANT] > -> Enhanced Container Isolation does not yet fully protect Docker builds, -> Kubernetes pods and Extension containers. For more information on known -> limitations and workarounds, see [FAQs](faq.md). +> ECI protection for Docker builds and [Kubernetes in Docker Desktop](/manuals/desktop/features/kubernetes.md) varies according to the +> Docker Desktop version. Later versions include more protection than earlier versions. Also, ECI does not yet +> protect extension containers. For more information on known limitations and workarounds, see [FAQs](faq.md). ## How do I enable Enhanced Container Isolation? From baeb2f85154ca4ab0a64e964a252d7ff973e8590 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 20 Feb 2025 15:22:22 +0100 Subject: [PATCH 4/4] engine: update API versions and example (#22066) ## Description ## Related issues or tickets ## Reviews - [ ] Technical review - [ ] Editorial review - [ ] Product review Signed-off-by: Sebastiaan van Stijn --- content/reference/api/engine/_index.md | 27 +++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/content/reference/api/engine/_index.md b/content/reference/api/engine/_index.md index 2511ce1ba3c3..438e1ea723b0 100644 --- a/content/reference/api/engine/_index.md +++ b/content/reference/api/engine/_index.md @@ -73,23 +73,22 @@ To see the highest version of the API your Docker daemon and client support, use ```console $ docker version Client: Docker Engine - Community - Version: 27.4.0 - API version: 1.47 - Go version: go1.22.10 - Git commit: bde2b89 - Built: Sat Dec 7 10:38:33 2024 + Version: 28.0.0 + API version: 1.48 + Go version: go1.23.6 + Git commit: f9ced58 + Built: Wed Feb 19 22:11:04 2025 OS/Arch: linux/amd64 Context: default Server: Docker Engine - Community Engine: - Version: 27.4.0 - API version: 1.47 (minimum version 1.24) - Go version: go1.22.10 - Git commit: 92a8393 - Built: Sat Dec 7 10:38:33 2024 + Version: 28.0.0 + API version: 1.48 (minimum version 1.24) + Go version: go1.23.6 + Git commit: af898ab + Built: Wed Feb 19 22:11:04 2025 OS/Arch: linux/amd64 - Experimental: false ... ``` @@ -131,8 +130,10 @@ You can specify the API version to use in any of the following ways: ### API version matrix -| Docker version | Maximum API version | Change log | -|:---------------|:---------------------------|:-----------------------------------------------------------------------------| +| Docker version | Maximum API version | Change log | +|:---------------|:---------------------------------------------|:-------------------------------------------------------------------| +| 28.0 | [1.48](/reference/api/engine/version/v1.48/) | [changes](/reference/api/engine/version-history/#v148-api-changes) | +| 27.5 | [1.47](/reference/api/engine/version/v1.47/) | [changes](/reference/api/engine/version-history/#v147-api-changes) | | 27.4 | [1.47](/reference/api/engine/version/v1.47/) | [changes](/reference/api/engine/version-history/#v147-api-changes) | | 27.3 | [1.47](/reference/api/engine/version/v1.47/) | [changes](/reference/api/engine/version-history/#v147-api-changes) | | 27.2 | [1.47](/reference/api/engine/version/v1.47/) | [changes](/reference/api/engine/version-history/#v147-api-changes) |