diff --git a/pkg/compose/build_bake.go b/pkg/compose/build_bake.go
index 2ff8c6b29cb..a1260f52318 100644
--- a/pkg/compose/build_bake.go
+++ b/pkg/compose/build_bake.go
@@ -93,19 +93,23 @@ type bakeGroup struct {
 }
 
 type bakeTarget struct {
-	Context    string            `json:"context,omitempty"`
-	Dockerfile string            `json:"dockerfile,omitempty"`
-	Args       map[string]string `json:"args,omitempty"`
-	Labels     map[string]string `json:"labels,omitempty"`
-	Tags       []string          `json:"tags,omitempty"`
-	CacheFrom  []string          `json:"cache-from,omitempty"`
-	CacheTo    []string          `json:"cache-to,omitempty"`
-	Secrets    []string          `json:"secret,omitempty"`
-	SSH        []string          `json:"ssh,omitempty"`
-	Platforms  []string          `json:"platforms,omitempty"`
-	Target     string            `json:"target,omitempty"`
-	Pull       bool              `json:"pull,omitempty"`
-	NoCache    bool              `json:"no-cache,omitempty"`
+	Context      string            `json:"context,omitempty"`
+	Dockerfile   string            `json:"dockerfile,omitempty"`
+	Args         map[string]string `json:"args,omitempty"`
+	Labels       map[string]string `json:"labels,omitempty"`
+	Tags         []string          `json:"tags,omitempty"`
+	CacheFrom    []string          `json:"cache-from,omitempty"`
+	CacheTo      []string          `json:"cache-to,omitempty"`
+	Secrets      []string          `json:"secret,omitempty"`
+	SSH          []string          `json:"ssh,omitempty"`
+	Platforms    []string          `json:"platforms,omitempty"`
+	Target       string            `json:"target,omitempty"`
+	Pull         bool              `json:"pull,omitempty"`
+	NoCache      bool              `json:"no-cache,omitempty"`
+	ShmSize      string            `json:"shm-size,omitempty"`
+	Ulimits      []string          `json:"ulimits,omitempty"`
+	Entitlements []string          `json:"entitlements,omitempty"`
+	Outputs      []string          `json:"output,omitempty"`
 }
 
 type bakeMetadata map[string]buildStatus
@@ -137,7 +141,7 @@ func (s *composeService) doBuildBake(ctx context.Context, project *types.Project
 	}
 	var group bakeGroup
 
-	for _, service := range serviceToBeBuild {
+	for serviceName, service := range serviceToBeBuild {
 		if service.Build == nil {
 			continue
 		}
@@ -153,7 +157,17 @@ func (s *composeService) doBuildBake(ctx context.Context, project *types.Project
 
 		image := api.GetImageNameOrDefault(service, project.Name)
 
-		cfg.Targets[image] = bakeTarget{
+		entitlements := build.Entitlements
+		if build.Privileged {
+			entitlements = append(entitlements, "security.insecure")
+		}
+
+		outputs := []string{"type=docker"}
+		if options.Push {
+			outputs = append(outputs, "type=image,push=true")
+		}
+
+		cfg.Targets[serviceName] = bakeTarget{
 			Context:    build.Context,
 			Dockerfile: dockerFilePath(build.Context, build.Dockerfile),
 			Args:       args,
@@ -162,14 +176,18 @@ func (s *composeService) doBuildBake(ctx context.Context, project *types.Project
 
 			CacheFrom: build.CacheFrom,
 			// CacheTo:    TODO
-			Platforms: build.Platforms,
-			Target:    build.Target,
-			Secrets:   toBakeSecrets(project, build.Secrets),
-			SSH:       toBakeSSH(build.SSH),
-			Pull:      options.Pull,
-			NoCache:   options.NoCache,
+			Platforms:    build.Platforms,
+			Target:       build.Target,
+			Secrets:      toBakeSecrets(project, build.Secrets),
+			SSH:          toBakeSSH(append(build.SSH, options.SSHs...)),
+			Pull:         options.Pull,
+			NoCache:      options.NoCache,
+			ShmSize:      fmt.Sprint(build.ShmSize),
+			Ulimits:      toBakeUlimits(build.Ulimits),
+			Entitlements: entitlements,
+			Outputs:      outputs,
 		}
-		group.Targets = append(group.Targets, image)
+		group.Targets = append(group.Targets, serviceName)
 	}
 
 	cfg.Groups["default"] = group
@@ -236,7 +254,7 @@ func (s *composeService) doBuildBake(ctx context.Context, project *types.Project
 
 	err = eg.Wait()
 	if err != nil {
-		return nil, err
+		return nil, WrapCategorisedComposeError(err, BuildFailure)
 	}
 
 	b, err = os.ReadFile(metadata.Name())
@@ -258,6 +276,18 @@ func (s *composeService) doBuildBake(ctx context.Context, project *types.Project
 	return results, nil
 }
 
+func toBakeUlimits(ulimits map[string]*types.UlimitsConfig) []string {
+	s := []string{}
+	for u, l := range ulimits {
+		if l.Single > 0 {
+			s = append(s, fmt.Sprintf("%s=%d", u, l.Single))
+		} else {
+			s = append(s, fmt.Sprintf("%s=%d:%d", u, l.Soft, l.Hard))
+		}
+	}
+	return s
+}
+
 func toBakeSSH(ssh types.SSHConfig) []string {
 	var s []string
 	for _, key := range ssh {
@@ -270,11 +300,15 @@ func toBakeSecrets(project *types.Project, secrets []types.ServiceSecretConfig)
 	var s []string
 	for _, ref := range secrets {
 		def := project.Secrets[ref.Source]
+		target := ref.Target
+		if target == "" {
+			target = ref.Source
+		}
 		switch {
 		case def.Environment != "":
-			s = append(s, fmt.Sprintf("id=%s,type=env,env=%s", ref.Source, def.Environment))
+			s = append(s, fmt.Sprintf("id=%s,type=env,env=%s", target, def.Environment))
 		case def.File != "":
-			s = append(s, fmt.Sprintf("id=%s,type=file,src=%s", ref.Source, def.File))
+			s = append(s, fmt.Sprintf("id=%s,type=file,src=%s", target, def.File))
 		}
 	}
 	return s