Build Push action v2

[crazy-max]

Ref. #71

v2 of Build Push action allows to use Docker Buildx. It's also rewritten as a typescript-action to be as closed as possible of the GitHub Runner during its execution.

• Rename path input to context
• Rename dockerfile input to file
• Rename always_pull input to pull
• Add builder input to be able to choose a builder instance through setup-buildx action
• Add platforms input
• Add allow input
• Add load input
• Add outputs input
• Add cache-from input
• Add cache-to input
• Add secrets input
• Review tags input
• Remove cache_froms input
• Handle Git context
• Add digest output
• Move login support in a dedicated action (see below)
• Documentation with examples
• Fix push on local registry on CI workflow (needs Fix and cleanup of v2 setup actions #93 to be merged)
• Tests and/or CI workflows

Other features (maybe future?)

• Review tag_with_sha, tag_with_ref, add_git_labels inputs
• Handle OCI Image Format Specification
• Done ; see 44d05b9 ; Leverage GitHub cache across jobs for buildx through the @actions/cache package
• Done ; see 2962fe9 ; Handle bake

Docker login

As stipulated during our Zoom session, the authentication part has been removed and will be handled by a dedicated action. This will allow actions such as Azure Container Registry Login or Amazon ECR "Login" to work efficiently with it. I have also created an action allowing authentication with several examples to authenticate against registries. We will be able to move the repository within the organization if it suits you (repo will be named docker/login-action for example):

• https://github.com/marketplace/actions/docker-login
• https://github.com/crazy-max/ghaction-docker-login

Deprecation notice

It would be advisable to set up a deprecation notice on the action currently in place in order to inform users of a new major version. This can be done directly in the action.yml file like this.

[crazy-max]

@tonistiigi I've done some tests for using git via buildkit and it turns out that implementing it in our action would add a layer of complexity that I think should be delegated to actions/checkout. As you can see in their Usage section, they already managed rough cases like credentials persistance, submodules, token, ssh key. Their code base is also quite huge to handle all the special cases so I wonder if we should really implement and maintain this layer in our action.

[tonistiigi]

@crazy-max We shouldn't do any of these complicated cases in our action code. But buildkit does have first-class support for building from git (as did old docker build) and we should just reuse it. There is no need to have any kind of compatibility with all the actions/checkout options. People can still use actions/checkout and set the context path to .. From everything you listed ssh-key is not currently supported but will probably be in the future moby/buildkit#1564 . The main issue was with the host key validation, probably the same kind of extra fields would be needed that actions/checkout has added.

There are many benefits for building from git. Eg. even in current BuildKit CI that still uses travis, even though travis automatically does a checkout, we ignore it and just pass the git ref from ENV directly to buildkit instead.

[crazy-max]

@tonistiigi

People can still use actions/checkout and set the context path to .

Ok LGTM. I will add an example and tests using git and the github token with the current implementation.

[tonistiigi]

@crazy-max So context path can be set to local path, git path or HTTP(s) path. If git path is set, expose token as well. If no value is set then it defaults to the git path that is determined from the environment variables.

[sualeh]

@crazy-max - thanks for making the changes. The way I read this, you have a separate buildx action, and then reference it in the build-push action. What if I don't use buildx, and build using some other means - how can I say that the build is done locally, just push it?

[crazy-max]

Mutable tag created: https://github.com/docker/build-push-action/tree/v2
Please use docker/build-push-action@v2 for those who try the new action. v2-build-push branch will be deleted as the PR has been merged.