Skip to content

Releases: moby/buildkit

dockerfile/1.2.1

12 Dec 01:01
@tonistiigi tonistiigi
dockerfile/1.2.1
bf5e780
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
dockerfile/1.2.1

https://hub.docker.com/r/docker/dockerfile

Notable changes

  • Revert "Ensure ENTRYPOINT command has at least one argument" #1874

  • Optimize processing COPY calls on multi-platform cross-compilation builds #1889

Assets 2
Loading

v0.8.0

03 Dec 03:55
@github-actions github-actions
v0.8.0
73fe473
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.8.0

Welcome to the 0.8.0 release of buildkit!

Important

  • This release changes images pull mode in a way that image layers are only pulled from a registry when their contents is needed locally. If your build does not export the build result or does not need to run new containers on top of the image, the build will succeed without pulling the image. This allows you to make metadata modifications to remote images without pulling them or check that the remote cache is still valid for your build without actually pulling the cache layers.

Notable Changes

  • Builtin Dockerfile frontend defaults to v1.2.0 including support for RUN --mount among other features. Dockerfile changelog

  • Gateway API now allows running interactive container processes that can mount previous build results #1627 #1731

  • API: Build errors now contain state for debugging the failure location including the snapshots' data when the error happened #1732

  • Image layers used by the build are now only pulled when their content is being used by subsequent build steps or exporter. BuildKit can now make cache decisions about the data while it remains in the remote registry. #1475

  • Fetching authorization tokens has been moved to client-side (if the client supports it). Passwords do not leak into the build daemon anymore and users can see from build output when credentials or tokens are accessed. #1660

  • Support stargz/eStargz for pulling image layers incrementally based on what files are accessed https://github.com/moby/buildkit/blob/master/docs/stargz-estargz.md #1402

  • Buildkit can now build for multiple architectures with QEMU without binfmt_misc handlers loaded to the kernel. moby/buildkit image comes with the emulator images. #1516

  • Build errors now track the error location in the original source files #1494

  • Frontend API now supports subrequests for implementing supplementary tasks like describing build stages or arguments. #1724

  • Connection errors while communicating with the registry for push and pull now trigger a retry #1791

  • Git source now supports token authentication via build secrets #1533

  • Building from git source now supports forwarding SSH socket for authentication #1782

  • Allow passing secrets to the build with environment variables #1534

  • Increase registry communication performance and stability with custom connection pool and authenticator #1636

  • Running commands do not leak empty stub files to image layers anymore (for example for mounted secrets) #1739

  • Allow better handling client sessions dropping while it is being shared by multiple builds #1551

  • Allow (and default to) using OCI mediatypes on exporting manifests for remote cache #1746

  • Only add manifest descriptor annotations to OCI type manifests and not Docker manifests. This fixes an issue with GCR validation. #1730

  • Avoid builds that generate excessive logs to cause a crash or slow down the build. Clipping is performed if needed. #1754

  • Fix race on creating CNI sandboxes for containers #1775

  • Execution steps now allow overriding the hostname for the build container #1339

  • Always use correct mediatypes on exporting objects, not considering the object's original mediatype #1541

  • Content-based checksums are now calculated in parallel for the build step with multiple mounts #1744

  • Reenable setting insecure-registry config while exporting to a registry #1601

  • Fix synchronization issues on pushing multi-platform images that share layers #1548

  • Cache load errors are now handled gracefully #1498

  • Disable truncating by default when using --progress=plain #1435

  • Official image moby/buildkit now contains pigz for better extraction performance #1799

  • Support for exposing SSH agent socket on Windows has been improved #1695

  • LLB client library now supports using asynchronous callbacks when building the LLB graph #1426

  • Change default Seccomp profile to the one provided by Docker #1807

Please try out the release binaries and report any issues at
https://github.com/moby/buildkit/issues.

Contributors

  • Tõnis Tiigi
  • Akihiro Suda
  • Cory Bennett
  • Paul "TBBle" Hampson
  • Sebastiaan van Stijn
  • Edgar Lee
  • Tibor Vass
  • Erik Sipsma
  • Kohei Tokunaga
  • Alex Couture-Beil
  • Vlad A. Ionescu
  • Lu Jingxiao
  • Simon Ferquel
  • CrazyMax
  • Anders F Björklund
  • Andrea Bolognani
  • Andrea Luzzardi
  • Andrew Chang
  • Andrey Smirnov
  • Anurag Goel
  • Chanhun Jeong
  • Chen Bin
  • Ilya Dmitrichenko
  • Jon Zeolla
  • Jonathan Azoff
  • Jörg Franke
  • Kees Cook
  • Miguel Ángel Jimeno
  • Nick Santos
  • Sam Whited
  • Shingo Omura
  • Wang Yumu
  • Wei Fu
  • Xiaofan Zhang
  • Ximo Guanter
  • 岁丰
Assets 9
Loading

dockerfile/1.2.0-labs

03 Dec 03:57
@tonistiigi tonistiigi
dockerfile/1.2.0-labs
15b978c
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
dockerfile/1.2.0-labs

Usage

# syntax=docker/dockerfile-upstream:1.2.0-labs

Notable changes

  • Experimental channel has been renamed to labs #1805
Assets 2
Loading

dockerfile/1.2.0

03 Dec 03:56
@tonistiigi tonistiigi
dockerfile/1.2.0
15b978c
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
dockerfile/1.2.0

Usage

# syntax=docker.io/docker/dockerfile-upstream:1.2.0

Notable changes

  • RUN --mount syntax for creating secret, ssh, bind, and cache mounts have been moved to mainline channel #1717

  • Metadata load errors are now handled as fatal to avoid incorrect build results #1395

  • ARG command now supports defining multiple build args on the same line similarly to ENV #1692

  • --chown flag in ADD now allows parameter expansion #1473

  • Allow lowercase Dockerfile name #1816

  • ENTRYPOINT requires at least one argument to avoid creating broken images #1862

Assets 2
Loading

v0.8.0-rc3

26 Nov 08:36
@github-actions github-actions
v0.8.0-rc3
600e2db
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.8.0-rc3 Pre-release
Pre-release

Notable changes

  • Fix possible panic in the previous RC builds #1825
  • Fix storage leak regression on cancellation that could lead to certain cache mount locking up the builder #1838
  • Dockerfile: Allow lowercase Dockerfile name for compatibility #1816
Assets 9
Loading

v0.8.0-rc2

19 Nov 07:30
@GordonTheTurtle GordonTheTurtle
v0.8.0-rc2
fcb87e6
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.8.0-rc2 Pre-release
Pre-release

Notable changes

  • Fix corrupt helper binaries in non-x86s release images for rc1 #1810

  • Change default Seccomp profile to the one provided by Docker #1807

Assets 9
Loading

v0.8.0-rc1

18 Nov 04:18
@GordonTheTurtle GordonTheTurtle
v0.8.0-rc1
6b95130
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.8.0-rc1 Pre-release
Pre-release

Welcome to the 0.8.0-rc1 release of buildkit!
This is a pre-release of buildkit

Notable Changes

  • Builtin Dockerfile frontend defaults to v1.2.0 including support for RUN --mount among other features. Dockerfile changelog

  • Gateway API now allows running interactive container processes that can mount previous build results #1627 #1731

  • API: Build errors now contain state for debugging the failure location including the snapshots' data when the error happened #1732

  • Image layers used by the build are now only pulled when their content is being used by subsequent build steps or exporter. BuildKit can now make cache decisions about the data while it remains in the remote registry. #1475

  • Fetching authorization tokens has been moved to client-side (if the client supports it). Passwords do not leak into the build daemon anymore and users can see from build output when credentials or tokens are accessed. #1660

  • Support stargz/eStargz for pulling image layers incrementally based on what files are accessed https://github.com/moby/buildkit/blob/master/docs/stargz-estargz.md #1402

  • Buildkit can now build for multiple architectures with QEMU without binfmt_misc handlers loaded to the kernel. moby/buildkit image comes with the emulator images. #1516

  • Build errors now track the error location in the original source files #1494

  • Frontend API now supports subrequests for implementing supplementary tasks like describing build stages or arguments. #1724

  • Connection errors while communicating with the registry for push and pull now trigger a retry #1791

  • Git source now supports token authentication via build secrets #1533

  • Building from git source now supports forwarding SSH socket for authentication #1782

  • Allow passing secrets to the build with environmental variables #1534

  • Increase registry communication performance and stability with custom connection pool and authenticator #1636

  • Running commands do not leak empty stub files to image layers anymore (for example for mounted secrets) #1739

  • Allow better handling client sessions dropping while it is being shared by multiple builds #1551

  • Allow (and default to) using OCI mediatypes on exporting manifests for remote cache #1746

  • Only add manifest descriptor annotations to OCI type manifests and not Docker manifests. This fixes an issue with GCR validation. #1730

  • Avoid builds that generate excessive logs to cause a crash or slow down the build. Clipping is performed if needed. #1754

  • Fix race on creating CNI sandboxes for containers #1775

  • Execution steps now allow overriding the hostname for the build container #1339

  • Always use correct mediatypes on exporting objects, not considering the object's original mediatype #1541

  • Content-based checksums are now calculated in parallel for the build step with multiple mounts #1744

  • Reenable setting insecure-registry config while exporting to a registry #1601

  • Fix synchronization issues on pushing multi-platform images that share layers #1548

  • Cache load errors are now handled gracefully #1498

  • Disable truncating by default when using --progress=plain #1435

  • Official image moby/buildkit now contains pigz for better extraction performance #1799

  • Support for exposing SSH agent socket on Windows has been improved #1695

  • LLB client library now supports using asynchronous callbacks when building the LLB graph #1426

Please try out the release binaries and report any issues at
https://github.com/moby/buildkit/issues.

Contributors

  • Tõnis Tiigi
  • Akihiro Suda
  • Cory Bennett
  • Paul "TBBle" Hampson
  • Sebastiaan van Stijn
  • Edgar Lee
  • Tibor Vass
  • Erik Sipsma
  • Kohei Tokunaga
  • Alex Couture-Beil
  • Vlad A. Ionescu
  • Lu Jingxiao
  • Simon Ferquel
  • Anders F Björklund
  • Andrea Luzzardi
  • Andrey Smirnov
  • Anurag Goel
  • Chanhun Jeong
  • Chen Bin
  • Ilya Dmitrichenko
  • Jon Zeolla
  • Jonathan Azoff
  • Jörg Franke
  • Kees Cook
  • Miguel Ángel Jimeno
  • Nick Santos
  • Sam Whited
  • Shingo Omura
  • Wang Yumu
  • Wei Fu
  • Xiaofan Zhang
  • Ximo Guanter
  • 岁丰
Assets 9
Loading

dockerfile/1.2.0-rc1-labs

18 Nov 05:24
@tonistiigi tonistiigi
dockerfile/1.2.0-rc1-labs
6b95130
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
dockerfile/1.2.0-rc1-labs Pre-release
Pre-release

Usage

# syntax=docker/dockerfile-upstream:1.2.0-rc1-labs

Notable changes

  • Experimental channel has been renamed to labs #1805
Assets 2
Loading

dockerfile/1.2.0-rc1

18 Nov 05:07
@tonistiigi tonistiigi
dockerfile/1.2.0-rc1
6b95130
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
dockerfile/1.2.0-rc1 Pre-release
Pre-release

Usage

# syntax=docker.io/docker/dockerfile-upstream:1.2.0-rc1

Notable changes

  • RUN --mount syntax for creating secret, ssh, bind, and cache mounts have been moved to mainline channel #1717

  • Metadata load errors are now handled as fatal to avoid incorrect build results #1395

  • ARG command now supports defining multiple build args on the same line similarly to ENV #1692

  • --chown flag in ADD now allows parameter expansion #1473

Assets 2
Loading

v0.7.2

28 Jul 01:11
@tonistiigi tonistiigi
v0.7.2
22e2307
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.7.2

Fixes:

  • solver: gracefully handle cache loading errors #1498
  • remotecache: only visit each item once when walking results #1577
  • cache: avoid possible nil dereference on error handling #1511
  • contenthash: allow security.capability in cache checksum #1526
  • contenthash: treat unix sockets as regular files #1581
  • push: fix race condition on pushing the same layers in parallel #1548
  • inline cache: fix handling of duplicate blobs in same image #1568
  • gateway: fix metadata getting lost on subsolve in external frontend #1449
  • filesync: avoid ignoring close error #1478
  • runc: update runc binary to v1.0.0-rc91 #1553
  • buildctl-daemonless: allow max retries on socket connect for buildctl #1493
  • buildctl-daemonless: fix shell args expansion #1504
  • buildctl-daemonless: show log on startup timeout #1565
Assets 9
Loading