diff --git a/.github/workflows/.build.yml b/.github/workflows/.build.yml index 09bb494f..6f356809 100644 --- a/.github/workflows/.build.yml +++ b/.github/workflows/.build.yml @@ -17,7 +17,7 @@ env: jobs: prepare: - runs-on: ubuntu-20.04 + runs-on: ubuntu-24.04 outputs: pkgs: ${{ steps.set.outputs.pkgs }} fail-fast: ${{ steps.set.outputs.fail-fast }} @@ -48,7 +48,7 @@ jobs: echo fail-fast=${{ steps.set.outputs.fail-fast }} build: - runs-on: ubuntu-20.04 + runs-on: ubuntu-24.04 needs: - prepare strategy: @@ -116,7 +116,7 @@ jobs: retention-days: 1 dummy-release: - runs-on: ubuntu-20.04 + runs-on: ubuntu-24.04 needs: - build steps: @@ -175,9 +175,10 @@ jobs: EOF - name: Release - uses: docker/bake-action@v4 + uses: docker/bake-action@v6 with: workdir: ./pkg/${{ inputs.name }} + source: . targets: release provenance: false set: | diff --git a/.github/workflows/.release.yml b/.github/workflows/.release.yml index 03cd33a2..c70b3cfc 100644 --- a/.github/workflows/.release.yml +++ b/.github/workflows/.release.yml @@ -20,7 +20,7 @@ env: jobs: prepare: - runs-on: ubuntu-20.04 + runs-on: ubuntu-24.04 outputs: pkgs: ${{ steps.set.outputs.pkgs }} steps: @@ -39,7 +39,7 @@ jobs: echo pkgs=${{ steps.set.outputs.pkgs }} build: - runs-on: ubuntu-20.04 + runs-on: ubuntu-24.04 needs: - prepare strategy: @@ -109,7 +109,7 @@ jobs: retention-days: 1 release: - runs-on: ubuntu-20.04 + runs-on: ubuntu-24.04 needs: - build steps: @@ -177,9 +177,10 @@ jobs: - name: Build image id: build - uses: docker/bake-action@v4 + uses: docker/bake-action@v6 with: workdir: ./pkg/${{ inputs.name }} + source: . files: | ./docker-bake.hcl ${{ steps.meta.outputs.bake-file }} diff --git a/.github/workflows/manual-build.yml b/.github/workflows/manual-build.yml index e42ae166..44ae5fe8 100644 --- a/.github/workflows/manual-build.yml +++ b/.github/workflows/manual-build.yml @@ -24,7 +24,7 @@ on: jobs: prepare: - runs-on: ubuntu-20.04 + runs-on: ubuntu-24.04 outputs: matrix: ${{ steps.projects.outputs.matrix }} steps: diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 2fb4b023..a4c605c0 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -17,7 +17,7 @@ env: jobs: prepare: - runs-on: ubuntu-20.04 + runs-on: ubuntu-24.04 outputs: matrix: ${{ steps.projects.outputs.matrix }} steps: diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index c962e503..247162d0 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -8,13 +8,14 @@ on: jobs: validate: - runs-on: ubuntu-20.04 + runs-on: ubuntu-24.04 steps: - name: Checkout uses: actions/checkout@v4 - name: Run - uses: docker/bake-action@v4 + uses: docker/bake-action@v6 with: + source: . targets: validate diff --git a/README.md b/README.md index e170652b..9d6b96c0 100644 --- a/README.md +++ b/README.md @@ -300,7 +300,7 @@ $ BUILDX_REF=v0.9.1 make # build and push image to dockereng/packaging:buildx-v0.9.1 using bake. # "release" target will use the "bin" folder as named context to create the # image with artifacts previously built with make. -$ docker buildx bake --push --set *.tags=dockereng/packaging:buildx-v0.9.1 release +$ docker buildx bake --allow=fs=* --push --set *.tags=dockereng/packaging:buildx-v0.9.1 release ``` ## Contributing diff --git a/common/build.mk b/common/build.mk index f9d07bbf..a2d5bf00 100644 --- a/common/build.mk +++ b/common/build.mk @@ -14,8 +14,8 @@ define bake $(eval $@_TMP_OUT = $(shell mktemp -d -t docker-packaging.XXXXXXXXXX)) - @PKG_RELEASE=$(1) PKG_TYPE=$(PKG_TYPE) DESTDIR=$(2) docker buildx bake $(foreach platform,$(5),--set "*.platform=$(platform)") $(3) $(4) --print - PKG_RELEASE=$(1) PKG_TYPE=$(PKG_TYPE) DESTDIR=$($@_TMP_OUT) docker buildx bake $(foreach platform,$(5),--set "*.platform=$(platform)") $(3) $(4) + @PKG_RELEASE=$(1) PKG_TYPE=$(PKG_TYPE) DESTDIR=$(2) docker buildx bake --allow=fs=* $(foreach platform,$(5),--set "*.platform=$(platform)") $(3) $(4) --print + PKG_RELEASE=$(1) PKG_TYPE=$(PKG_TYPE) DESTDIR=$($@_TMP_OUT) docker buildx bake --allow=fs=* $(foreach platform,$(5),--set "*.platform=$(platform)") $(3) $(4) mkdir -p $(2) set -e; \ if [ "$(4)" = "pkg" ]; then \ diff --git a/pkg/buildx/Makefile b/pkg/buildx/Makefile index f6e3ae6f..fd747183 100644 --- a/pkg/buildx/Makefile +++ b/pkg/buildx/Makefile @@ -34,7 +34,7 @@ default: pkg ; .PHONY: metadata metadata: - docker buildx bake metadata + docker buildx bake --allow=fs=* metadata include ../../common/packages.mk include ../../common/build.mk diff --git a/pkg/buildx/docker-bake.hcl b/pkg/buildx/docker-bake.hcl index d4052e89..4f15baa7 100644 --- a/pkg/buildx/docker-bake.hcl +++ b/pkg/buildx/docker-bake.hcl @@ -148,8 +148,8 @@ target "_common" { ] } -# $ PKG_RELEASE=debian11 docker buildx bake pkg -# $ docker buildx bake --set *.platform=linux/amd64 --set *.output=./bin pkg +# $ PKG_RELEASE=debian11 docker buildx bake --allow=fs=* pkg +# $ docker buildx bake --allow=fs=* --set *.platform=linux/amd64 --set *.output=./bin pkg target "pkg" { inherits = ["_common"] target = "pkg" diff --git a/pkg/compose/Makefile b/pkg/compose/Makefile index 37c549a4..2105c438 100644 --- a/pkg/compose/Makefile +++ b/pkg/compose/Makefile @@ -34,7 +34,7 @@ default: pkg ; .PHONY: metadata metadata: - docker buildx bake metadata + docker buildx bake --allow=fs=* metadata include ../../common/packages.mk include ../../common/build.mk diff --git a/pkg/compose/docker-bake.hcl b/pkg/compose/docker-bake.hcl index 05cddcef..f20fb6a0 100644 --- a/pkg/compose/docker-bake.hcl +++ b/pkg/compose/docker-bake.hcl @@ -148,8 +148,8 @@ target "_common" { ] } -# $ PKG_RELEASE=debian11 docker buildx bake pkg -# $ docker buildx bake --set *.platform=linux/amd64 --set *.output=./bin pkg +# $ PKG_RELEASE=debian11 docker buildx bake --allow=fs=* pkg +# $ docker buildx bake --allow=fs=* --set *.platform=linux/amd64 --set *.output=./bin pkg target "pkg" { inherits = ["_common"] target = "pkg" diff --git a/pkg/containerd/Makefile b/pkg/containerd/Makefile index 7b309fb1..02948443 100644 --- a/pkg/containerd/Makefile +++ b/pkg/containerd/Makefile @@ -40,7 +40,7 @@ default: pkg ; .PHONY: metadata metadata: - docker buildx bake metadata + docker buildx bake --allow=fs=* metadata include ../../common/packages.mk include ../../common/build.mk diff --git a/pkg/containerd/docker-bake.hcl b/pkg/containerd/docker-bake.hcl index 9402cdca..e78fbae1 100644 --- a/pkg/containerd/docker-bake.hcl +++ b/pkg/containerd/docker-bake.hcl @@ -162,8 +162,8 @@ target "_common" { ] } -# $ PKG_RELEASE=debian11 docker buildx bake pkg -# $ docker buildx bake --set *.platform=linux/amd64 --set *.output=./bin pkg +# $ PKG_RELEASE=debian11 docker buildx bake --allow=fs=* pkg +# $ docker buildx bake --allow=fs=* --set *.platform=linux/amd64 --set *.output=./bin pkg target "pkg" { inherits = ["_common"] target = "pkg" diff --git a/pkg/credential-helpers/Makefile b/pkg/credential-helpers/Makefile index dc65dd60..88cb2005 100644 --- a/pkg/credential-helpers/Makefile +++ b/pkg/credential-helpers/Makefile @@ -34,7 +34,7 @@ default: pkg ; .PHONY: metadata metadata: - docker buildx bake metadata + docker buildx bake --allow=fs=* metadata include ../../common/packages.mk include ../../common/build.mk diff --git a/pkg/credential-helpers/docker-bake.hcl b/pkg/credential-helpers/docker-bake.hcl index 9264f06e..b018afb0 100644 --- a/pkg/credential-helpers/docker-bake.hcl +++ b/pkg/credential-helpers/docker-bake.hcl @@ -148,8 +148,8 @@ target "_common" { ] } -# $ PKG_RELEASE=debian11 docker buildx bake pkg -# $ docker buildx bake --set *.platform=linux/amd64 --set *.output=./bin pkg +# $ PKG_RELEASE=debian11 docker buildx bake --allow=fs=* pkg +# $ docker buildx bake --allow=fs=* --set *.platform=linux/amd64 --set *.output=./bin pkg target "pkg" { inherits = ["_common"] target = "pkg" diff --git a/pkg/docker-cli/Makefile b/pkg/docker-cli/Makefile index c665dcc8..0fad2b2e 100644 --- a/pkg/docker-cli/Makefile +++ b/pkg/docker-cli/Makefile @@ -37,7 +37,7 @@ default: pkg ; .PHONY: metadata metadata: - docker buildx bake metadata + docker buildx bake --allow=fs=* metadata include ../../common/packages.mk include ../../common/build.mk diff --git a/pkg/docker-cli/docker-bake.hcl b/pkg/docker-cli/docker-bake.hcl index 325a0ee1..36c452e6 100644 --- a/pkg/docker-cli/docker-bake.hcl +++ b/pkg/docker-cli/docker-bake.hcl @@ -148,8 +148,8 @@ target "_common" { ] } -# $ PKG_RELEASE=debian11 docker buildx bake pkg -# $ docker buildx bake --set *.platform=linux/amd64 --set *.output=./bin pkg +# $ PKG_RELEASE=debian11 docker buildx bake --allow=fs=* pkg +# $ docker buildx bake --allow=fs=* --set *.platform=linux/amd64 --set *.output=./bin pkg target "pkg" { inherits = ["_common"] target = "pkg" diff --git a/pkg/docker-engine/Makefile b/pkg/docker-engine/Makefile index 9fa8f61b..f18f7d0e 100644 --- a/pkg/docker-engine/Makefile +++ b/pkg/docker-engine/Makefile @@ -37,7 +37,7 @@ default: pkg ; .PHONY: metadata metadata: - docker buildx bake metadata + docker buildx bake --allow=fs=* metadata include ../../common/packages.mk include ../../common/build.mk diff --git a/pkg/docker-engine/docker-bake.hcl b/pkg/docker-engine/docker-bake.hcl index 113cf19f..ba2565d6 100644 --- a/pkg/docker-engine/docker-bake.hcl +++ b/pkg/docker-engine/docker-bake.hcl @@ -148,8 +148,8 @@ target "_common" { ] } -# $ PKG_RELEASE=debian11 docker buildx bake pkg -# $ docker buildx bake --set *.platform=linux/amd64 --set *.output=./bin pkg +# $ PKG_RELEASE=debian11 docker buildx bake --allow=fs=* pkg +# $ docker buildx bake --allow=fs=* --set *.platform=linux/amd64 --set *.output=./bin pkg target "pkg" { inherits = ["_common"] target = "pkg" diff --git a/pkg/sbom/Makefile b/pkg/sbom/Makefile index 5fa5dae5..fad219a8 100644 --- a/pkg/sbom/Makefile +++ b/pkg/sbom/Makefile @@ -32,7 +32,7 @@ default: pkg ; .PHONY: metadata metadata: - docker buildx bake metadata + docker buildx bake --allow=fs=* metadata include ../../common/packages.mk include ../../common/build.mk diff --git a/pkg/sbom/docker-bake.hcl b/pkg/sbom/docker-bake.hcl index cb6b6977..5cfbe06b 100644 --- a/pkg/sbom/docker-bake.hcl +++ b/pkg/sbom/docker-bake.hcl @@ -148,8 +148,8 @@ target "_common" { ] } -# $ PKG_RELEASE=debian11 docker buildx bake pkg -# $ docker buildx bake --set *.platform=linux/amd64 --set *.output=./bin pkg +# $ PKG_RELEASE=debian11 docker buildx bake --allow=fs=* pkg +# $ docker buildx bake --allow=fs=* --set *.platform=linux/amd64 --set *.output=./bin pkg target "pkg" { inherits = ["_common"] target = "pkg" diff --git a/pkg/scan/Makefile b/pkg/scan/Makefile index eb20d1db..3c3d4d15 100644 --- a/pkg/scan/Makefile +++ b/pkg/scan/Makefile @@ -32,7 +32,7 @@ default: pkg ; .PHONY: metadata metadata: - docker buildx bake metadata + docker buildx bake --allow=fs=* metadata include ../../common/packages.mk include ../../common/build.mk diff --git a/pkg/scan/docker-bake.hcl b/pkg/scan/docker-bake.hcl index d1aa7438..22fe534e 100644 --- a/pkg/scan/docker-bake.hcl +++ b/pkg/scan/docker-bake.hcl @@ -148,8 +148,8 @@ target "_common" { ] } -# $ PKG_RELEASE=debian11 docker buildx bake pkg -# $ docker buildx bake --set *.platform=linux/amd64 --set *.output=./bin pkg +# $ PKG_RELEASE=debian11 docker buildx bake --allow=fs=* pkg +# $ docker buildx bake --allow=fs=* --set *.platform=linux/amd64 --set *.output=./bin pkg target "pkg" { inherits = ["_common"] target = "pkg"