bake-action/README.md

[![GitHub release](https://img.shields.io/github/release/docker/bake-action.svg?style=flat-square)](https://github.com/docker/bake-action/releases/latest)
[![GitHub marketplace](https://img.shields.io/badge/marketplace-docker--buildx--bake-blue?logo=github&style=flat-square)](https://github.com/marketplace/actions/docker-buildx-bake)
[![CI workflow](https://img.shields.io/github/actions/workflow/status/docker/bake-action/ci.yml?branch=master&label=ci&logo=github&style=flat-square)](https://github.com/docker/bake-action/actions?workflow=ci)
[![Test workflow](https://img.shields.io/github/actions/workflow/status/docker/bake-action/test.yml?branch=master&label=test&logo=github&style=flat-square)](https://github.com/docker/bake-action/actions?workflow=test)
[![Codecov](https://img.shields.io/codecov/c/github/docker/bake-action?logo=codecov&style=flat-square)](https://codecov.io/gh/docker/bake-action)

## About

GitHub Action to use Docker [Buildx Bake](https://docs.docker.com/build/customize/bake/)
as a high-level build command.

![Screenshot](.github/bake-action.png)

___

* [Usage](#usage)
  * [Path context](#path-context)
  * [Git context](#git-context)
* [Customizing](#customizing)
  * [inputs](#inputs)
  * [outputs](#outputs)
* [Subactions](#subactions)
  * [`list-targets`](#list-targets)
* [Contributing](#contributing)

## Usage

### Path context

By default, this action will use the local bake definition (`source: .`), so
you need to use the [`actions/checkout`](https://github.com/actions/checkout/)
action to check out the repository.

```yaml
name: ci

on:
  push:
    branches:
      - 'master'

jobs:
  bake:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
      -
        name: Login to DockerHub
        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        name: Build and push
        uses: docker/bake-action@v4
        with:
          push: true
```

### Git context

Git context can be provided using the [`source` input](#inputs). This means
that you don't need to use the [`actions/checkout`](https://github.com/actions/checkout/)
action to check out the repository as [BuildKit](https://docs.docker.com/build/buildkit/)
will do this directly.

```yaml
name: ci

on:
  push:
    branches:
      - 'master'

jobs:
  bake:
    runs-on: ubuntu-latest
    steps:
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
      -
        name: Login to DockerHub
        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        name: Build and push
        uses: docker/bake-action@v4
        with:
          source: "${{ github.server_url }}/${{ github.repository }}.git#${{ github.ref }}"
          push: true
```

Be careful because **any file mutation in the steps that precede the build step
will be ignored, including processing of the `.dockerignore` file** since
the context is based on the Git reference. However, you can use the
[Path context](#path-context) alongside the [`actions/checkout`](https://github.com/actions/checkout/)
action to remove this restriction.

Default Git context can also be provided using the [Handlebars template](https://handlebarsjs.com/guide/)
expression `{{defaultContext}}`. Here we can use it to provide a subdirectory
to the default Git context:

```yaml
      -
        name: Build and push
        uses: docker/bake-action@v4
        with:
          source: "{{defaultContext}}:mysubdir"
          push: true
```

Building from the current repository automatically uses the `GITHUB_TOKEN`
secret that GitHub [automatically creates for workflows](https://docs.github.com/en/actions/security-guides/automatic-token-authentication),
so you don't need to pass that manually. If you want to authenticate against
another private repository for remote definitions, you can set the
[`BUILDX_BAKE_GIT_AUTH_TOKEN` environment variable](https://docs.docker.com/build/building/variables/#buildx_bake_git_auth_token).

> [!NOTE]
> Supported since Buildx 0.14.0

```yaml
      -
        name: Build and push
        uses: docker/bake-action@v4
        with:
          source: "${{ github.server_url }}/${{ github.repository }}.git#${{ github.ref }}"
          push: true
        env:
          BUILDX_BAKE_GIT_AUTH_TOKEN: ${{ secrets.MYTOKEN }}
```

## Customizing

### inputs

The following inputs can be used as `step.with` keys

> `List` type is a newline-delimited string
> ```yaml
> set: target.args.mybuildarg=value
> ```
> ```yaml
> set: |
>   target.args.mybuildarg=value
>   foo*.args.mybuildarg=value
> ```

> `CSV` type is a comma-delimited string
> ```yaml
> targets: default,release
> ```

| Name           | Type        | Description                                                                                                                                                        |
|----------------|-------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `builder`      | String      | Builder instance (see [setup-buildx](https://github.com/docker/setup-buildx-action) action)                                                                        |
| `source`       | String      | Context to build from. Can be either local (`.`) or a [remote bake definition](https://docs.docker.com/build/customize/bake/file-definition/#remote-definition)    |
| `files`        | List/CSV    | List of [bake definition files](https://docs.docker.com/build/customize/bake/file-definition/)                                                                     |
| `workdir`      | String      | Working directory of execution                                                                                                                                     |
| `targets`      | List/CSV    | List of bake targets (`default` target used if empty)                                                                                                              |
| `no-cache`     | Bool        | Do not use cache when building the image (default `false`)                                                                                                         |
| `pull`         | Bool        | Always attempt to pull a newer version of the image (default `false`)                                                                                              |
| `load`         | Bool        | Load is a shorthand for `--set=*.output=type=docker` (default `false`)                                                                                             |
| `provenance`   | Bool/String | [Provenance](https://docs.docker.com/build/attestations/slsa-provenance/) is a shorthand for `--set=*.attest=type=provenance`                                      |
| `push`         | Bool        | Push is a shorthand for `--set=*.output=type=registry` (default `false`)                                                                                           |
| `sbom`         | Bool/String | [SBOM](https://docs.docker.com/build/attestations/sbom/) is a shorthand for `--set=*.attest=type=sbom`                                                             |
| `set`          | List        | List of [targets values to override](https://docs.docker.com/engine/reference/commandline/buildx_bake/#set) (eg: `targetpattern.key=value`)                        |
| `github-token` | String      | API token used to authenticate to a Git repository for [remote definitions](https://docs.docker.com/build/bake/remote-definition/) (default `${{ github.token }}`) |

### outputs

The following outputs are available

| Name       | Type | Description           |
|------------|------|-----------------------|
| `metadata` | JSON | Build result metadata |

## Subactions

### `list-targets`

This subaction generates a list of Bake targets that can be used in a [GitHub matrix](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstrategymatrix),
so you can distribute your builds across multiple runners.

```hcl
# docker-bake.hcl
group "validate" {
  targets = ["lint", "doctoc"]
}

target "lint" {
  target = "lint"
}

target "doctoc" {
  target = "doctoc"
}
```

```yaml
jobs:
  prepare:
    runs-on: ubuntu-latest
    outputs:
      targets: ${{ steps.generate.outputs.targets }}
    steps:
      -
        name: Checkout
        uses: actions/checkout@v4
      -
        name: List targets
        id: generate
        uses: docker/bake-action/subaction/list-targets@v4
        with:
          target: validate

  validate:
    runs-on: ubuntu-latest
    needs:
      - prepare
    strategy:
      fail-fast: false
      matrix:
        target: ${{ fromJson(needs.prepare.outputs.targets) }}
    steps:
      -
        name: Checkout
        uses: actions/checkout@v4
      -
        name: Validate
        uses: docker/bake-action@v4
        with:
          targets: ${{ matrix.target }}
```
#### inputs

| Name         | Type        | Description                                                                                                                                 |
|--------------|-------------|---------------------------------------------------------------------------------------------------------------------------------------------|
| `workdir`    | String      | Working directory to use (defaults to `.`)                                                                                                  |
| `files`      | List/CSV    | List of [bake definition files](https://docs.docker.com/build/customize/bake/file-definition/)                                              |
| `target`     | String      | The target to use within the bake file                                                                                                      |

#### outputs

The following outputs are available

| Name       | Type     | Description                |
|------------|----------|----------------------------|
| `targets`  | List/CSV | List of extracted targest  |

## Contributing

Want to contribute? Awesome! You can find information about contributing to
this project in the [CONTRIBUTING.md](/.github/CONTRIBUTING.md)
Move to Docker org 2021-01-28 23:14:03 +01:00			`[![GitHub release](https://img.shields.io/github/release/docker/bake-action.svg?style=flat-square)](https://github.com/docker/bake-action/releases/latest)`
Initial commit 2020-10-08 00:52:52 +02:00			`[![GitHub marketplace](https://img.shields.io/badge/marketplace-docker--buildx--bake-blue?logo=github&style=flat-square)](https://github.com/marketplace/actions/docker-buildx-bake)`
readme: fix badges Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-12-19 20:39:40 +01:00			`[![CI workflow](https://img.shields.io/github/actions/workflow/status/docker/bake-action/ci.yml?branch=master&label=ci&logo=github&style=flat-square)](https://github.com/docker/bake-action/actions?workflow=ci)`
			`[![Test workflow](https://img.shields.io/github/actions/workflow/status/docker/bake-action/test.yml?branch=master&label=test&logo=github&style=flat-square)](https://github.com/docker/bake-action/actions?workflow=test)`
Move to Docker org 2021-01-28 23:14:03 +01:00			`[![Codecov](https://img.shields.io/codecov/c/github/docker/bake-action?logo=codecov&style=flat-square)](https://codecov.io/gh/docker/bake-action)`

Initial commit 2020-10-08 00:52:52 +02:00			`## About`

update links to docs Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-10-07 16:41:51 +02:00			`GitHub Action to use Docker [Buildx Bake](https://docs.docker.com/build/customize/bake/)`
Fix doc links 2021-04-03 20:37:29 +02:00			`as a high-level build command.`
Initial commit 2020-10-08 00:52:52 +02:00
Use `core.getBooleanInput` 2021-05-26 15:22:18 +02:00			`![Screenshot](.github/bake-action.png)`

Initial commit 2020-10-08 00:52:52 +02:00			`___`

			`* [Usage](#usage)`
git context support Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com> 2024-01-12 14:15:02 +01:00			`* [Path context](#path-context)`
			`* [Git context](#git-context)`
Initial commit 2020-10-08 00:52:52 +02:00			`* [Customizing](#customizing)`
			`* [inputs](#inputs)`
Add `metadata` output Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2021-09-01 22:22:37 +02:00			`* [outputs](#outputs)`
readme: move subactions docs Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com> 2023-12-19 13:39:15 +01:00			`* [Subactions](#subactions)`
			* [`list-targets`](#list-targets)
update links to docs Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-10-07 16:41:51 +02:00			`* [Contributing](#contributing)`
Initial commit 2020-10-08 00:52:52 +02:00
			`## Usage`

git context support Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com> 2024-01-12 14:15:02 +01:00			`### Path context`

			By default, this action will use the local bake definition (`source: .`), so
			you need to use the [`actions/checkout`](https://github.com/actions/checkout/)
			`action to check out the repository.`

Initial commit 2020-10-08 00:52:52 +02:00			```yaml
			`name: ci`
Fix doc links 2021-04-03 20:37:29 +02:00
Initial commit 2020-10-08 00:52:52 +02:00			`on:`
			`push:`
Fix doc links 2021-04-03 20:37:29 +02:00			`branches:`
			`- 'master'`
Print bake def (#4) 2020-12-23 20:15:23 +01:00
Initial commit 2020-10-08 00:52:52 +02:00			`jobs:`
			`bake:`
			`runs-on: ubuntu-latest`
			`steps:`
			`-`
			`name: Checkout`
docs: bump actions to latest major Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2023-09-12 10:08:58 +02:00			`uses: actions/checkout@v4`
Initial commit 2020-10-08 00:52:52 +02:00			`-`
			`name: Set up Docker Buildx`
docs: bump actions to latest major Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2023-09-12 10:08:58 +02:00			`uses: docker/setup-buildx-action@v3`
Initial commit 2020-10-08 00:52:52 +02:00			`-`
			`name: Login to DockerHub`
docs: bump actions to latest major Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2023-09-12 10:08:58 +02:00			`uses: docker/login-action@v3`
Initial commit 2020-10-08 00:52:52 +02:00			`with:`
			`username: ${{ secrets.DOCKERHUB_USERNAME }}`
			`password: ${{ secrets.DOCKERHUB_TOKEN }}`
			`-`
			`name: Build and push`
docs: bump actions to latest major Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2023-09-12 10:08:58 +02:00			`uses: docker/bake-action@v4`
Initial commit 2020-10-08 00:52:52 +02:00			`with:`
Print bake def (#4) 2020-12-23 20:15:23 +01:00			`push: true`
Initial commit 2020-10-08 00:52:52 +02:00			```

git context support Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com> 2024-01-12 14:15:02 +01:00			`### Git context`

			Git context can be provided using the [`source` input](#inputs). This means
			that you don't need to use the [`actions/checkout`](https://github.com/actions/checkout/)
			`action to check out the repository as [BuildKit](https://docs.docker.com/build/buildkit/)`
			`will do this directly.`

			```yaml
			`name: ci`

			`on:`
			`push:`
			`branches:`
			`- 'master'`

			`jobs:`
			`bake:`
			`runs-on: ubuntu-latest`
			`steps:`
			`-`
			`name: Set up Docker Buildx`
			`uses: docker/setup-buildx-action@v3`
			`-`
			`name: Login to DockerHub`
			`uses: docker/login-action@v3`
			`with:`
			`username: ${{ secrets.DOCKERHUB_USERNAME }}`
			`password: ${{ secrets.DOCKERHUB_TOKEN }}`
			`-`
			`name: Build and push`
			`uses: docker/bake-action@v4`
			`with:`
			`source: "${{ github.server_url }}/${{ github.repository }}.git#${{ github.ref }}"`
			`push: true`
			```

			`Be careful because **any file mutation in the steps that precede the build step`
			will be ignored, including processing of the `.dockerignore` file** since
			`the context is based on the Git reference. However, you can use the`
			[Path context](#path-context) alongside the [`actions/checkout`](https://github.com/actions/checkout/)
			`action to remove this restriction.`

			`Default Git context can also be provided using the [Handlebars template](https://handlebarsjs.com/guide/)`
			expression `{{defaultContext}}`. Here we can use it to provide a subdirectory
			`to the default Git context:`

			```yaml
			`-`
			`name: Build and push`
			`uses: docker/bake-action@v4`
			`with:`
			`source: "{{defaultContext}}:mysubdir"`
			`push: true`
			```

git auth token support for private repos Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com> 2024-04-13 15:20:19 +02:00			Building from the current repository automatically uses the `GITHUB_TOKEN`
			`secret that GitHub [automatically creates for workflows](https://docs.github.com/en/actions/security-guides/automatic-token-authentication),`
			`so you don't need to pass that manually. If you want to authenticate against`
			`another private repository for remote definitions, you can set the`
			[`BUILDX_BAKE_GIT_AUTH_TOKEN` environment variable](https://docs.docker.com/build/building/variables/#buildx_bake_git_auth_token).

			`> [!NOTE]`
			`> Supported since Buildx 0.14.0`

			```yaml
			`-`
			`name: Build and push`
			`uses: docker/bake-action@v4`
			`with:`
			`source: "${{ github.server_url }}/${{ github.repository }}.git#${{ github.ref }}"`
			`push: true`
			`env:`
			`BUILDX_BAKE_GIT_AUTH_TOKEN: ${{ secrets.MYTOKEN }}`
			```

readme: move subactions docs Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com> 2023-12-19 13:39:15 +01:00			`## Customizing`

			`### inputs`

git context support Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com> 2024-01-12 14:15:02 +01:00			The following inputs can be used as `step.with` keys
readme: move subactions docs Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com> 2023-12-19 13:39:15 +01:00
			> `List` type is a newline-delimited string
			> ```yaml
			`> set: target.args.mybuildarg=value`
			> ```
			> ```yaml
			`> set: \|`
			`> target.args.mybuildarg=value`
			`> foo*.args.mybuildarg=value`
			> ```

			> `CSV` type is a comma-delimited string
			> ```yaml
			`> targets: default,release`
			> ```

git auth token support for private repos Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com> 2024-04-13 15:20:19 +02:00			`\| Name \| Type \| Description \|`
			`\|----------------\|-------------\|--------------------------------------------------------------------------------------------------------------------------------------------------------------------\|`
			\| `builder` \| String \| Builder instance (see [setup-buildx](https://github.com/docker/setup-buildx-action) action) \|
			\| `source` \| String \| Context to build from. Can be either local (`.`) or a [remote bake definition](https://docs.docker.com/build/customize/bake/file-definition/#remote-definition) \|
			\| `files` \| List/CSV \| List of [bake definition files](https://docs.docker.com/build/customize/bake/file-definition/) \|
			\| `workdir` \| String \| Working directory of execution \|
			\| `targets` \| List/CSV \| List of bake targets (`default` target used if empty) \|
			\| `no-cache` \| Bool \| Do not use cache when building the image (default `false`) \|
			\| `pull` \| Bool \| Always attempt to pull a newer version of the image (default `false`) \|
			\| `load` \| Bool \| Load is a shorthand for `--set=*.output=type=docker` (default `false`) \|
			\| `provenance` \| Bool/String \| [Provenance](https://docs.docker.com/build/attestations/slsa-provenance/) is a shorthand for `--set=*.attest=type=provenance` \|
			\| `push` \| Bool \| Push is a shorthand for `--set=*.output=type=registry` (default `false`) \|
			\| `sbom` \| Bool/String \| [SBOM](https://docs.docker.com/build/attestations/sbom/) is a shorthand for `--set=*.attest=type=sbom` \|
			\| `set` \| List \| List of [targets values to override](https://docs.docker.com/engine/reference/commandline/buildx_bake/#set) (eg: `targetpattern.key=value`) \|
			\| `github-token` \| String \| API token used to authenticate to a Git repository for [remote definitions](https://docs.docker.com/build/bake/remote-definition/) (default `${{ github.token }}`) \|
readme: move subactions docs Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com> 2023-12-19 13:39:15 +01:00
			`### outputs`

			`The following outputs are available`

			`\| Name \| Type \| Description \|`
			`\|------------\|------\|-----------------------\|`
			\| `metadata` \| JSON \| Build result metadata \|

list-targets subaction Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2023-11-09 11:07:49 +01:00			`## Subactions`

			### `list-targets`

			`This subaction generates a list of Bake targets that can be used in a [GitHub matrix](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstrategymatrix),`
			`so you can distribute your builds across multiple runners.`

			```hcl
			`# docker-bake.hcl`
			`group "validate" {`
			`targets = ["lint", "doctoc"]`
			`}`

			`target "lint" {`
			`target = "lint"`
			`}`

			`target "doctoc" {`
			`target = "doctoc"`
			`}`
			```

			```yaml
			`jobs:`
			`prepare:`
			`runs-on: ubuntu-latest`
			`outputs:`
ci: fix validate workflow Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com> 2023-11-17 10:23:20 +01:00			`targets: ${{ steps.generate.outputs.targets }}`
list-targets subaction Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2023-11-09 11:07:49 +01:00			`steps:`
			`-`
			`name: Checkout`
			`uses: actions/checkout@v4`
			`-`
ci: fix validate workflow Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com> 2023-11-17 10:23:20 +01:00			`name: List targets`
			`id: generate`
list-targets subaction Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2023-11-09 11:07:49 +01:00			`uses: docker/bake-action/subaction/list-targets@v4`
			`with:`
			`target: validate`

			`validate:`
			`runs-on: ubuntu-latest`
			`needs:`
			`- prepare`
			`strategy:`
			`fail-fast: false`
			`matrix:`
			`target: ${{ fromJson(needs.prepare.outputs.targets) }}`
			`steps:`
			`-`
			`name: Checkout`
			`uses: actions/checkout@v4`
			`-`
			`name: Validate`
			`uses: docker/bake-action@v4`
			`with:`
			`targets: ${{ matrix.target }}`
			```
docs: add input/output documentation for the subaction Signed-off-by: Nithos <2914422+Nithos@users.noreply.github.com> 2023-11-17 16:09:56 -05:00			`#### inputs`

			`\| Name \| Type \| Description \|`
			`\|--------------\|-------------\|---------------------------------------------------------------------------------------------------------------------------------------------\|`
			\| `workdir` \| String \| Working directory to use (defaults to `.`) \|
			\| `files` \| List/CSV \| List of [bake definition files](https://docs.docker.com/build/customize/bake/file-definition/) \|
			\| `target` \| String \| The target to use within the bake file \|

			`#### outputs`

			`The following outputs are available`

			`\| Name \| Type \| Description \|`
			`\|------------\|----------\|----------------------------\|`
			\| `targets` \| List/CSV \| List of extracted targest \|
list-targets subaction Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2023-11-09 11:07:49 +01:00
update links to docs Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-10-07 16:41:51 +02:00			`## Contributing`
Initial commit 2020-10-08 00:52:52 +02:00
update links to docs Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-10-07 16:41:51 +02:00			`Want to contribute? Awesome! You can find information about contributing to`
			`this project in the [CONTRIBUTING.md](/.github/CONTRIBUTING.md)`