Skip to content

Releases: moby/buildkit

v0.6.0

31 Jul 19:36
f2d98ca
Compare
Choose a tag to compare

Images

https://hub.docker.com/r/moby/buildkit/tags/

  • docker.io/moby/buildkit:v0.6.0
    sha256:f1a5fc2c244c2b3b3dda344f6a0c64796b31aa96aa2ab88c951aeeeb66e23318

  • docker.io/moby/buildkit:v0.6.0-rootless
    sha256:d70dd5f1fbaa1e729e380b3a31c394a5f79ec0c19c55e6636cf63e97c390a9f0

Notable Changes

  • Custom DNS configuration and use systemd resolver if enabled #1033 #1040

  • Optional CNI networking support #1073

  • Automatic platform runtime support detection for RISC-V, ppc64le and s390x #1038 #1103

  • Clear previous cache mounts on no-cache builds #1092

  • Fix contention bugs between GC releases and cache import #1007 #1013 #1044

  • Updates on how cgroupfs/sysfs are mounted in privileged security mode #1085

  • Validate LLB not generated by golang package #1049

  • Handle canceled local upload state #1023

  • Provide a workaround for invalid registry responses from gcr.io #1024

Contributors

  • Tõnis Tiigi
  • Tibor Vass
  • Akihiro Suda
  • Andrey Smirnov
  • Stepan Blyshchak
  • Dave Chen
  • Stefan Schoof
  • Christian Höltje
  • Colin Chartier
  • Nathan Sullivan
  • Sebastiaan van Stijn
  • Tomohiro Kusumoto
  • Lajos Papp
  • Mark Gordon

https://travis-ci.org/moby/buildkit/builds/566124940

dockerfile/1.1.2-experimental

31 Jul 21:05
f2d98ca
Compare
Choose a tag to compare

This release is currently in staging: docker/dockerfile-upstream:1.1.2-experimental

sha256:702620cd58aea03f8c6c9b65c4eb45899677b9eec97042298a46537da20e145a

  • Allow setting security mode for a process with RUN --security=sandbox|insecure #1081

  • Allow setting uid/gid for cache mounts #1017

  • Avoid requesting internally linked paths to be pulled to build context #1075

  • Ensure missing cache IDs default to target paths #1093

  • Allow setting namespace for cache mounts with BUILDKIT_CACHE_MOUNT_NS build arg #1094

dockerfile/1.1.2

31 Jul 21:04
f2d98ca
Compare
Choose a tag to compare

This release is currently in staging: docker/dockerfile-upstream:1.1.2

sha256:a2c4cc8f44b989b8cf71215cc1ccfcbcc0662edb138ddfd3b3943dc820ee3654

  • Fix workdir creation with correct user and don't reset custom ownership #1002 #1095

  • Fix handling empty build args also used as ENV #1087

  • Detect circular dependencies #999

v0.5.1

09 May 08:11
646fc0a
Compare
Choose a tag to compare

Images

https://hub.docker.com/r/moby/buildkit/tags/

  • docker.io/moby/buildkit:v0.5.1
    sha256:d45d15f3b22fcfc1b112ffafc40fd2f2d530245e63cfe346a65bd75acdc4d346

  • docker.io/moby/buildkit:v0.5.1-rootless
    sha256:5a826464a96e11d1c1ee97f35460f8421c6bdafd1d8f20bc11b9d698a179ab0b

Notable Changes

Small bug fixes

Contributors

  • Tõnis Tiigi
  • Akihiro Suda
  • Tibor Vass

https://travis-ci.org/moby/buildkit/builds/530161430

v0.5.0

27 Apr 00:43
8c0fa8f
Compare
Choose a tag to compare

Images

https://hub.docker.com/r/moby/buildkit/tags/

  • docker.io/moby/buildkit:v0.5.0
    sha256:ead5be62f4675b37f307e3000e5031644801219585020a6362aa71e02cb61027

  • docker.io/moby/buildkit:v0.5.0-rootless
    sha256:5fcb511bf1067a5635b45b8269c05319a8a686460d704e554306f34d098cd440

Notable Changes

FileOp

LLB supports new operation FileOp allowing built-in file operations during build like copying files, creating new files or directories and removing files. Previously ADD/COPY commands used a helper image that ran a custom binary inside a container, now these commands use FileOp directly. This allows better performance and use of these commands in air-gapped environments without preloading the helper image, as well as fixing issues reported with the helper image implementation.

#809

Security entitlements

BuildKit now supports modes for granting builds permissions to execute processes with privileged capabilities. Certain options for running processes with LLB will require users to grant a capability before their build can run.

This enables specific builds to run processes that require system capabilities without compromising on the security of the default builds.

Currently two entitlements are supported:

network.host - Runs a specific process in the host network namespace.
security.insecure - Runs a process with all system capabilities enabled and security modules (eg. seccomp) disabled. Similar to docker run --privileged.

The entitlements need to be enabled both in the daemon configuration file and passed with a build request using --allow to take effect.

#570

New connection helpers for buildctl

Buildctl now has support for connecting to BuildKit daemon running in a Docker container or Kubernetes pod by using docker-container://<name> or kube-pod://<name> as BUILDKIT_HOST value.

#904
#951

Tar exporter

Build output can now be exported to the client as a tarball. Similar to the local exporter but allows preserving the file owner values.

buildctl build -o type=tar,dest=foo.tar ...
buildctl build -o type=tar ... > foo.tar

#907

New progress output formatting

Progress output has been improved. The TTY output now shows the last logs for currently running processes directly in the interactive output. Plain progress has been also updated for better readability.

#916
#919

Contributors

  • Tõnis Tiigi
  • Akihiro Suda
  • Tibor Vass
  • Kunal Kushwaha
  • Dave Chen
  • Sebastiaan van Stijn
  • Hao Hu
  • Himanshu Pandey
  • Hiromu Nakamura
  • Michael Crosby
  • Tomohiro Kusumoto
  • Wei Fu
  • Ziv Tsarfati

https://travis-ci.org/moby/buildkit/builds/525193182

dockerfile/1.1.0

27 Apr 01:49
8c0fa8f
Compare
Choose a tag to compare

ADD/COPY commands now support implementation based on llb.FileOp and do not require helper image if builtin file operations support is available. #809

To find the files ignored from the build context Dockerfile frontend will first look for a file <path/to/Dockerfile>.dockerignore and if it is not found .dockerignore file will be looked up from the root of the build context. This allows projects with multiple Dockerfiles to use different .dockerignore definitions. #901

--chown flag for COPY command now supports variable expansion. #926

v0.4.0

14 Mar 12:16
c354108
Compare
Choose a tag to compare

Images

https://hub.docker.com/r/moby/buildkit/tags/

  • docker.io/moby/buildkit:v0.4.0
    sha256:b9e69cb63202e682d6338c579e63273c6263ab54a9091e54f98ce279e0a4e922

  • docker.io/moby/buildkit:v0.4.0-rootless
    sha256:3877d091e65429f59919ed5591aaeb863b1889a5314bdfdba5ff9c0dfb2f3ed0

Notable Changes

securityContext is no longer needed for running BuildKit on Kubernetes (#768)

moby/buildkit:v0.4.0-rootless does not require securityContext.procMount (or securityContext.privileged) to be configured when launched with --oci-worker-no-process-sandbox, which disables isolating PID namespaces across buildkitd and build containers.

To run moby/buildkit:v0.4.0-rootless using docker run, you still need to specify --security-opt seccomp=unconfined --security-opt apparmor=unconfined but you no longer need to specify --privileged.

See also https://github.com/moby/buildkit/blob/v0.4.0/docs/rootless.md

Cache can be now embedded into an image and can be pushed together (#777)

Prior to v0.4.0, cache and image needed to be pushed separately: buildctl build --output type=image,name=example.com/foo/bar,push=true --export-cache type=registry,ref=example.com/foo/bar:cache --import-cache type=registry,ref=example.com/foo/bar:cache

Now cache be embedded into an image by specifying --export-cache type=inline and on importing you can just point the --import-cache type=registry,ref=example.com/foo/bar directly to your end image.

Cache can be now exported to a local filesystem (#615 , #807)

Cache can be now exported to a local filesystem (e.g. Travis CI cache directories) using --export-cache type=local,dest=/path/to/dir and can be imported using --import-cache type=local,src=/path/to/dir.

New buildctl CLI (#807)

CLI options for frontend options, exporters and cache export and import have been normalized to csv style for less verbosity and (future) support for multiple exporters and cache sources.

Frontend options:

Old:

--frontend-opt foo=bar --frontend-opt bar=baz

New:

--opt foo=bar,bar=baz --opt baz=bay

Exporters:

Old:

--exporter image --exporter-opt name=foo --exporter-opt push=true
--exporter local --exporter-opt output=out

New:

--output type=image,name=foo,push=true
--output type=local,dest=out

Cache:

Old:

--export-cache foo --export-cache-opt mode=max
--import-cache foo

New:

--export-cache type=registry,ref=foo,mode=max
--export-cache type=inline
--export-cache type=local,dest=/path/to/dir
--import-cache type=registry,ref=foo
--import-cache type=local,src=/path/to/dir

Legacy syntax is still supported but has been deprecated.

Contributors

  • Tõnis Tiigi
  • Akihiro Suda
  • Tibor Vass
  • Sebastiaan van Stijn
  • Dave Chen
  • Iskander Sharipov
  • Derek McGowan
  • Fernando Miguel
  • Natasha Jarus
  • Patrick Van Stee
  • Wei Fu

Changes

v0.3.3...v0.4.0

v0.3.3

21 Nov 05:40
8cf9bec
Compare
Choose a tag to compare

Images

https://hub.docker.com/r/moby/buildkit/tags/

  • docker.io/moby/buildkit:v0.3.3
    sha256:7eaccec7a90a43546b0fa870e55c860014fc3bbdd55c3697f59e7c812c246c06
  • docker.io/moby/buildkit:v0.3.3-rootless
    sha256:86d5b8565b37057098f1e7f2f1abd6b5263390ed92cab17d2ef62f3c9eadd704

Notable Changes

  • buildctl: match --no-cache to frontend options
  • buildctl: match --import-cache to frontend options
  • dockerfile: allow symlinked Dockerfile location
  • dockerfile: set copy helper to docker/dockerfile-copy:v0.1.9
  • dockerfile: fix ADD from URLs colliding with COPY on windows
  • docs: documentation for experimental dockerfile features
  • solver: fix authentication on image config resolve through external frontend

Contributors

  • Tõnis Tiigi
  • Akihiro Suda
  • Tibor Vass
  • Alice Frosi
  • Kunal Kushwaha
  • Ondrej Fabry

Changes

  • 2e3058e dockerfile: allow symlinks on reading Dockerfile
  • bf8c057 Merge pull request #727 from tonistiigi/add-fix
  • f2f4b53 Merge pull request #729 from tonistiigi/session-context
  • ef00d30 Merge pull request #728 from tonistiigi/docs-update
  • f6a8961 llbsolver: keep session for context calls
  • b3e4cdf dockerfile: document more mount options
  • c840e79 dockerfile: avoid urls in context filter
  • 594f95b Merge pull request #722 from kunalkushwaha/fix-git-2-http
  • 71da3f8 Merge pull request #725 from ondrej-fabry/patch-1
  • 7218446 Correct trivial typos
  • 373dc26 replace git: with https:
  • 471f506 Merge pull request #718 from tonistiigi/update-dockerfile-ref
  • e00566d Merge pull request #715 from alicefr/other-arch
  • a008ce3 Set GOARCH=amd64 for building stage for darwin/windows
  • 9d3426d dockerfile: update image refs
  • c3a857e Merge pull request #716 from tonistiigi/copy-source
  • ec2ab81 dockerfile: update copy source repo
  • 5aab829 Merge pull request #710 from AkihiroSuda/dfdoc
  • b5003d5 update docs

https://travis-ci.org/moby/buildkit/builds/457793396

v0.3.2

31 Oct 05:50
fba893e
Compare
Choose a tag to compare

Notable changes:

  • Fix an issue on running on CoreOS (#704)

Full changes: v0.3.1...v0.3.2

v0.3.1

17 Oct 04:09
867bcd3
Compare
Choose a tag to compare