From b1b6504d0e9656c868ef231a5ebc5a6e66e822f7 Mon Sep 17 00:00:00 2001 From: crazy-max <1951866+crazy-max@users.noreply.github.com> Date: Tue, 15 Apr 2025 17:00:07 +0000 Subject: [PATCH 1/6] vendor: github.com/docker/buildx v0.23.0 Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- _vendor/modules.txt | 4 +- data/buildx/docker_buildx_build.yaml | 2 +- data/buildx/docker_buildx_history.yaml | 2 + data/buildx/docker_buildx_history_export.yaml | 55 +++++++++++++++++++ data/buildx/docker_buildx_history_ls.yaml | 20 +++++++ go.mod | 6 +- go.sum | 2 + 7 files changed, 85 insertions(+), 6 deletions(-) create mode 100644 data/buildx/docker_buildx_history_export.yaml diff --git a/_vendor/modules.txt b/_vendor/modules.txt index add37c275805..a945859abb37 100644 --- a/_vendor/modules.txt +++ b/_vendor/modules.txt @@ -1,6 +1,6 @@ # github.com/moby/moby v28.0.2+incompatible -# github.com/moby/buildkit v0.20.1 -# github.com/docker/buildx v0.22.0 +# github.com/moby/buildkit v0.21.0 +# github.com/docker/buildx v0.23.0 # github.com/docker/cli v28.0.4+incompatible # github.com/docker/compose/v2 v2.35.0 # github.com/docker/scout-cli v1.15.0 diff --git a/data/buildx/docker_buildx_build.yaml b/data/buildx/docker_buildx_build.yaml index d92407407222..57a0d8cbfeac 100644 --- a/data/buildx/docker_buildx_build.yaml +++ b/data/buildx/docker_buildx_build.yaml @@ -1433,7 +1433,7 @@ examples: |- ###### `type=file` usage In the following example, `type=file` is automatically detected because no - environment variable mathing `aws` (the ID) is set. + environment variable matching `aws` (the ID) is set. ```console $ docker buildx build --secret id=aws,src=$HOME/.aws/credentials . diff --git a/data/buildx/docker_buildx_history.yaml b/data/buildx/docker_buildx_history.yaml index e563d56c7bea..cc77851b07e4 100644 --- a/data/buildx/docker_buildx_history.yaml +++ b/data/buildx/docker_buildx_history.yaml @@ -5,6 +5,7 @@ usage: docker buildx history pname: docker buildx plink: docker_buildx.yaml cname: + - docker buildx history export - docker buildx history import - docker buildx history inspect - docker buildx history logs @@ -13,6 +14,7 @@ cname: - docker buildx history rm - docker buildx history trace clink: + - docker_buildx_history_export.yaml - docker_buildx_history_import.yaml - docker_buildx_history_inspect.yaml - docker_buildx_history_logs.yaml diff --git a/data/buildx/docker_buildx_history_export.yaml b/data/buildx/docker_buildx_history_export.yaml new file mode 100644 index 000000000000..e70b8f8fba95 --- /dev/null +++ b/data/buildx/docker_buildx_history_export.yaml @@ -0,0 +1,55 @@ +command: docker buildx history export +short: Export a build into Docker Desktop bundle +long: Export a build into Docker Desktop bundle +usage: docker buildx history export [OPTIONS] [REF] +pname: docker buildx history +plink: docker_buildx_history.yaml +options: + - option: all + value_type: bool + default_value: "false" + description: Export all records for the builder + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: output + shorthand: o + value_type: string + description: Output file path + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false +inherited_options: + - option: builder + value_type: string + description: Override the configured builder instance + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: debug + shorthand: D + value_type: bool + default_value: "false" + description: Enable debug logging + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false +deprecated: false +hidden: false +experimental: false +experimentalcli: false +kubernetes: false +swarm: false + diff --git a/data/buildx/docker_buildx_history_ls.yaml b/data/buildx/docker_buildx_history_ls.yaml index a1bdf1833ee1..ab7a3abbb3b1 100644 --- a/data/buildx/docker_buildx_history_ls.yaml +++ b/data/buildx/docker_buildx_history_ls.yaml @@ -5,6 +5,16 @@ usage: docker buildx history ls pname: docker buildx history plink: docker_buildx_history.yaml options: + - option: filter + value_type: stringArray + default_value: '[]' + description: Provide filter values (e.g., `status=error`) + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false - option: format value_type: string default_value: table @@ -15,6 +25,16 @@ options: experimentalcli: false kubernetes: false swarm: false + - option: local + value_type: bool + default_value: "false" + description: List records for current repository only + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false - option: no-trunc value_type: bool default_value: "false" diff --git a/go.mod b/go.mod index 7bb751dbd1d1..b19b80e56f8d 100644 --- a/go.mod +++ b/go.mod @@ -5,16 +5,16 @@ go 1.23.8 toolchain go1.24.1 require ( - github.com/docker/buildx v0.22.0 // indirect + github.com/docker/buildx v0.23.0 // indirect github.com/docker/cli v28.0.4+incompatible // indirect github.com/docker/compose/v2 v2.35.0 // indirect github.com/docker/scout-cli v1.15.0 // indirect - github.com/moby/buildkit v0.20.1 // indirect + github.com/moby/buildkit v0.21.0 // indirect github.com/moby/moby v28.0.2+incompatible // indirect ) replace ( - github.com/docker/buildx => github.com/docker/buildx v0.22.0 + github.com/docker/buildx => github.com/docker/buildx v0.23.0 github.com/docker/cli => github.com/docker/cli v28.0.2+incompatible github.com/docker/compose/v2 => github.com/docker/compose/v2 v2.35.0 github.com/docker/scout-cli => github.com/docker/scout-cli v1.15.0 diff --git a/go.sum b/go.sum index a5d17463c694..4c52ab50f7f1 100644 --- a/go.sum +++ b/go.sum @@ -102,6 +102,8 @@ github.com/docker/buildx v0.21.3 h1:LEmhk3D9WOboMeC+hlfOUnB1jylXcDfGHjqAL7Tvwks= github.com/docker/buildx v0.21.3/go.mod h1:8V4UMnlKsaGYwz83BygmIbJIFEAYGHT6KAv8akDZmqo= github.com/docker/buildx v0.22.0 h1:pGTcGZa+kxpYUlM/6ACsp1hXhkEDulz++RNXPdE8Afk= github.com/docker/buildx v0.22.0/go.mod h1:ThbnUe4kNiStlq6cLXruElyEdSTdPL3k/QerNUmPvHE= +github.com/docker/buildx v0.23.0 h1:qoYhuWyZ6PVCrWbkxClLzBWDBCUkyFK6Chjzg6nU+V8= +github.com/docker/buildx v0.23.0/go.mod h1:y/6Zf/y3Bf0zTWqgg8PuNFATcqnuhFmQuNf4VyrnPtg= github.com/docker/cli v24.0.2+incompatible h1:QdqR7znue1mtkXIJ+ruQMGQhpw2JzMJLRXp6zpzF6tM= github.com/docker/cli v24.0.2+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/cli v24.0.4+incompatible h1:Y3bYF9ekNTm2VFz5U/0BlMdJy73D+Y1iAAZ8l63Ydzw= From ced10b917e8e1fdea5f3f42f120bb528668b5e0a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Gronowski?= Date: Wed, 16 Apr 2025 11:49:43 +0000 Subject: [PATCH 2/6] Merge pull request #22437 from vvoland/fix-make-vendor Fix `make vendor` --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index cfe29a65fbf6..c7e22db80cc7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,7 +2,7 @@ # check=skip=InvalidBaseImagePlatform ARG ALPINE_VERSION=3.21 -ARG GO_VERSION=1.23 +ARG GO_VERSION=1.23.8 ARG HTMLTEST_VERSION=0.17.0 ARG HUGO_VERSION=0.141.0 ARG NODE_VERSION=22 From 3da3b16a61aef1c77fa0e0037e2d30a3e452e67b Mon Sep 17 00:00:00 2001 From: Cesar Talledo Date: Wed, 16 Apr 2025 06:13:36 -0700 Subject: [PATCH 3/6] admin-settings: add note regarding KinD + ECI config. (#22435) ## Description In the admin-settings docs, in the section that describes settings for Docker Desktop Kubernetes, add a note indicating that if a custom repository is used for Kubernetes node images, and if Enhanced Container Isolation (ECI) is enabled, the custom repository images must also be added to the ECI Docker Socket image list setting. ## Related issues or tickets https://docker.atlassian.net/browse/POS-2924 https://docker.atlassian.net/browse/SEG-1102 ## Reviews - [ ] Technical review - [X] Editorial review - [ ] Product review --------- Signed-off-by: Cesar Talledo Co-authored-by: Sarah Sanders --- .../configure-json-file.md | 21 +++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/content/manuals/security/for-admins/hardened-desktop/settings-management/configure-json-file.md b/content/manuals/security/for-admins/hardened-desktop/settings-management/configure-json-file.md index 3fdcf7b0054d..9b61004cf50f 100644 --- a/content/manuals/security/for-admins/hardened-desktop/settings-management/configure-json-file.md +++ b/content/manuals/security/for-admins/hardened-desktop/settings-management/configure-json-file.md @@ -182,7 +182,7 @@ The following `admin-settings.json` code and table provides an example of the re } ``` -### General +### General |Parameter|OS|Description|Version| |:-------------------------------|---|:-------------------------------|---| @@ -195,7 +195,7 @@ The following `admin-settings.json` code and table provides an example of the re | `desktopTerminalEnabled` | | If `value` is set to `false`, developers cannot use the Docker terminal to interact with the host machine and execute commands directly from Docker Desktop. | | |`exposeDockerAPIOnTCP2375`| Windows only| Exposes the Docker API on a specified port. If `value` is set to true, the Docker API is exposed on port 2375. Note: This is unauthenticated and should only be enabled if protected by suitable firewall rules.| | -### File sharing and emulation +### File sharing and emulation |Parameter|OS|Description|Version| |:-------------------------------|---|:-------------------------------|---| @@ -241,7 +241,7 @@ The following `admin-settings.json` code and table provides an example of the re |        `dockerDaemonOptions` | | Overrides the options in the Linux daemon config file. See the [Docker Engine reference](/reference/cli/dockerd/#daemon-configuration-file).| | > [!NOTE] -> +> > This setting is not available to configure via the Docker Admin Console. ### Kubernetes @@ -250,7 +250,16 @@ The following `admin-settings.json` code and table provides an example of the re |:-------------------------------|---|:-------------------------------|---| |`kubernetes`| | If `enabled` is set to true, a Kubernetes single-node cluster is started when Docker Desktop starts. If `showSystemContainers` is set to true, Kubernetes containers are displayed in the Docker Desktop Dashboard and when you run `docker ps`. `imagesRepository` lets you specify which repository Docker Desktop pulls the Kubernetes images from. For example, `"imagesRepository": "registry-1.docker.io/docker"`. | | -### Features in development +> [!NOTE] +> +> When using the `imagesRepository` setting and Enhanced Container Isolation (ECI), add the following images to the [ECI Docker socket mount image list](#enhanced-container-isolation): +> +> `/desktop-cloud-provider-kind:*` +> `/desktop-containerd-registry-mirror:*` +> +> These containers mount the Docker socket, so you must add the images to the ECI images list. If not, ECI will block the mount and Kubernetes won't start. + +### Features in development |Parameter|OS|Description|Version| |:-------------------------------|---|:-------------------------------|---| @@ -258,7 +267,7 @@ The following `admin-settings.json` code and table provides an example of the re | `allowBetaFeatures`| | If `value` is set to `false`, beta features are disabled.| | | `enableDockerAI` | | If `value` is set to `false`, Docker AI (Ask Gordon) features are disabled. | | -### Enhanced Container Isolation +### Enhanced Container Isolation |Parameter|OS|Description|Version| |:-------------------------------|---|:-------------------------------|---| @@ -282,4 +291,4 @@ For settings to take effect: So as not to disrupt your developers' workflow, Docker doesn't automatically mandate that developers re-launch and re-authenticate once a change has been made. -In Docker Desktop, developers see the relevant settings grayed out. \ No newline at end of file +In Docker Desktop, developers see the relevant settings grayed out. From 5226053fe9532565e8bfac0fa250d4a4e5b60192 Mon Sep 17 00:00:00 2001 From: CrazyMax <1951866+crazy-max@users.noreply.github.com> Date: Wed, 16 Apr 2025 15:17:35 +0200 Subject: [PATCH 4/6] buildx: buildx history export stub Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com> --- .../cli/docker/buildx/history/export.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 content/reference/cli/docker/buildx/history/export.md diff --git a/content/reference/cli/docker/buildx/history/export.md b/content/reference/cli/docker/buildx/history/export.md new file mode 100644 index 000000000000..6f38ca206415 --- /dev/null +++ b/content/reference/cli/docker/buildx/history/export.md @@ -0,0 +1,16 @@ +--- +datafolder: buildx +datafile: docker_buildx_history_export +title: docker buildx history export +layout: cli +aliases: +- /engine/reference/commandline/buildx_history_export/ +--- + + From 98beb3b9cbbb7d52bde5d20ddb33af429be8678d Mon Sep 17 00:00:00 2001 From: CrazyMax <1951866+crazy-max@users.noreply.github.com> Date: Wed, 16 Apr 2025 16:18:19 +0200 Subject: [PATCH 5/6] build: dockerfile 1.14.1 and 1.15.0 release notes (#22443) ## Description * https://github.com/moby/buildkit/releases/tag/dockerfile%2F1.14.1 * https://github.com/moby/buildkit/releases/tag/dockerfile%2F1.15.0 ## Reviews - [ ] Technical review - [ ] Editorial review - [ ] Product review --------- Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com> Co-authored-by: Allie Sadler <102604716+aevesdocker@users.noreply.github.com> --- .../buildkit/dockerfile-release-notes.md | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/content/manuals/build/buildkit/dockerfile-release-notes.md b/content/manuals/build/buildkit/dockerfile-release-notes.md index 6aada35dcd6a..35e5a586b04c 100644 --- a/content/manuals/build/buildkit/dockerfile-release-notes.md +++ b/content/manuals/build/buildkit/dockerfile-release-notes.md @@ -13,6 +13,37 @@ issues, and bug fixes in [Dockerfile reference](/reference/dockerfile.md). For usage, see the [Dockerfile frontend syntax](frontend.md) page. +## 1.15.0 + +{{< release-date date="2025-04-15" >}} + +The full release note for this release is available +[on GitHub](https://github.com/moby/buildkit/releases/tag/dockerfile%2F1.15.0). + +```dockerfile +# syntax=docker/dockerfile:1.15.0 +``` + +- Build error for invalid target now shows suggestions for correct possible names. [moby/buildkit#5851](https://github.com/moby/buildkit/pull/5851) +- Fix SBOM attestation producing error for Windows targets. [moby/buildkit#5837](https://github.com/moby/buildkit/pull/5837) +- Fix recursive `ARG` producing an infinite loop when processing an outline request. [moby/buildkit#5823](https://github.com/moby/buildkit/pull/5823) +- Fix parsing syntax directive from JSON that would fail if the JSON had other datatypes than strings. [moby/buildkit#5815](https://github.com/moby/buildkit/pull/5815) +- Fix platform in image config being in unnormalized form (regression from 1.12). [moby/buildkit#5776](https://github.com/moby/buildkit/pull/5776) +- Fix copying into destination directory when directory is not present with WCOW. [moby/buildkit#5249](https://github.com/moby/buildkit/pull/5249) + +## 1.14.1 + +{{< release-date date="2025-03-05" >}} + +The full release note for this release is available +[on GitHub](https://github.com/moby/buildkit/releases/tag/dockerfile%2F1.14.1). + +```dockerfile +# syntax=docker/dockerfile:1.14.1 +``` + +- Normalize platform in image config. [moby/buildkit#5776](https://github.com/moby/buildkit/pull/5776) + ## 1.14.0 {{< release-date date="2025-02-19" >}} From 6324a8ce55e3cd3afe099795fa00a49aadadf6ff Mon Sep 17 00:00:00 2001 From: CrazyMax <1951866+crazy-max@users.noreply.github.com> Date: Wed, 16 Apr 2025 16:19:52 +0200 Subject: [PATCH 6/6] build: buildx 0.22.0 and 0.23.0 release notes (#22442) ## Description * https://github.com/docker/buildx/releases/tag/v0.22.0 * https://github.com/docker/buildx/releases/tag/v0.23.0 ## Reviews - [ ] Technical review - [ ] Editorial review - [ ] Product review --------- Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com> Co-authored-by: Allie Sadler <102604716+aevesdocker@users.noreply.github.com> --- content/manuals/build/release-notes.md | 48 ++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) diff --git a/content/manuals/build/release-notes.md b/content/manuals/build/release-notes.md index 978cf201ca49..14a60eef2e79 100644 --- a/content/manuals/build/release-notes.md +++ b/content/manuals/build/release-notes.md @@ -10,6 +10,54 @@ toc_max: 2 This page contains information about the new features, improvements, and bug fixes in [Docker Buildx](https://github.com/docker/buildx). +## 0.23.0 + +{{< release-date date="2025-04-15" >}} + +The full release note for this release is available +[on GitHub](https://github.com/docker/buildx/releases/tag/v0.23.0). + +### New + +- New `buildx history export` command allows exporting the build record into a bundle that can be imported to [Docker Desktop](/desktop/). [docker/buildx#3073](https://github.com/docker/buildx/pull/3073) + +### Enhancements + +- New `--local` and `--filter` flags allow filtering history records in `buildx history ls`. [docker/buildx#3091](https://github.com/docker/buildx/pull/3091) +- Compose compatibility has been updated to v2.6.0. [docker/buildx#3080](https://github.com/docker/buildx/pull/3080), [docker/buildx#3105](https://github.com/docker/buildx/pull/3105) +- Support CLI environment variables in standalone mode. [docker/buildx#3087](https://github.com/docker/buildx/pull/3087) + +### Bug fixes + +- Fix `--print` output for Bake producing output with unescaped variables that could cause build errors later. [docker/buildx#3097](https://github.com/docker/buildx/pull/3097) +- Fix `additional_contexts` field not working correctly when pointing to another service. [docker/buildx#3090](https://github.com/docker/buildx/pull/3090) +- Fix empty validation block crashing the Bake HCL parser. [docker/buildx#3101](https://github.com/docker/buildx/pull/3101) + +## 0.22.0 + +{{< release-date date="2025-03-18" >}} + +The full release note for this release is available +[on GitHub](https://github.com/docker/buildx/releases/tag/v0.22.0). + +### New + +- New command `buildx history import` lets you import build records into Docker Desktop for further debugging in the [Build UI](/desktop/use-desktop/builds/). This command requires [Docker Desktop](/desktop/) to be installed. [docker/buildx#3039](https://github.com/docker/buildx/pull/3039) + +### Enhancements + +- History records can now be opened by offset from the latest in `history inspect`, `history logs` and `history open` commands (e.g. `^1`). [docker/buildx#3049](https://github.com/docker/buildx/pull/3049), [docker/buildx#3055](https://github.com/docker/buildx/pull/3055) +- Bake now supports the `+=` operator to append when using `--set` for overrides. [docker/buildx#3031](https://github.com/docker/buildx/pull/3031) +- Docker container driver adds GPU devices to the container if available. [docker/buildx#3063](https://github.com/docker/buildx/pull/3063) +- Annotations can now be set when using overrides with Bake. [docker/buildx#2997](https://github.com/docker/buildx/pull/2997) +- NetBSD binaries are now included in the release. [docker/buildx#2901](https://github.com/docker/buildx/pull/2901) +- The `inspect` and `create` commands now return an error if a node fails to boot. [docker/buildx#3062](https://github.com/docker/buildx/pull/3062) + +### Bug fixes + +- Fix double pushing with Docker driver when the containerd image store is enabled. [docker/buildx#3023](https://github.com/docker/buildx/pull/3023) +- Fix multiple tags being pushed for `imagetools create` command. Now only the final manifest pushes by tag. [docker/buildx#3024](https://github.com/docker/buildx/pull/3024) + ## 0.21.0 {{< release-date date="2025-02-19" >}}