docker buildx bake
| Description | Build from a file |
|---|---|
| Usage | docker buildx bake [OPTIONS] [TARGET...] |
| Aliases | docker buildx f |
Description
Bake is a high-level build command. Each specified target runs in parallel as part of the build.
Read High-level build options with Bake guide for introduction to writing bake files.
Note
buildx bakecommand may receive backwards incompatible features in the future if needed. We are looking for feedback on improving the command and extending the functionality further.
Options
| Option | Default | Description |
|---|---|---|
-f, --file | Build definition file | |
--load | Shorthand for --set=*.output=type=docker | |
--metadata-file | Write build result metadata to a file | |
--no-cache | Do not use cache when building the image | |
--print | Print the options without building | |
--progress | auto | Set type of progress output (auto, plain, tty). Use plain to show container output |
--provenance | Shorthand for --set=*.attest=type=provenance | |
--pull | Always attempt to pull all referenced images | |
--push | Shorthand for --set=*.output=type=registry | |
--sbom | Shorthand for --set=*.attest=type=sbom | |
--set | Override target value (e.g., targetpattern.key=value) |
Examples
Override the configured builder instance (--builder)
Same as
buildx --builder.
Specify a build definition file (-f, --file)
Use the -f / --file option to specify the build definition file to use.
The file can be an HCL, JSON or Compose file. If multiple files are specified,
all are read and the build configurations are combined.
You can pass the names of the targets to build, to build only specific target(s).
The following example builds the db and webapp-release targets that are
defined in the docker-bake.dev.hcl file:
# docker-bake.dev.hcl
group "default" {
targets = ["db", "webapp-dev"]
}
target "webapp-dev" {
dockerfile = "Dockerfile.webapp"
tags = ["docker.io/username/webapp"]
}
target "webapp-release" {
inherits = ["webapp-dev"]
platforms = ["linux/amd64", "linux/arm64"]
}
target "db" {
dockerfile = "Dockerfile.db"
tags = ["docker.io/username/db"]
}$ docker buildx bake -f docker-bake.dev.hcl db webapp-release
See the Bake file reference for more details.
Write build results metadata to a file (--metadata-file)
Similar to
buildx build --metadata-file but
writes a map of results for each target such as:
# docker-bake.hcl
group "default" {
targets = ["db", "webapp-dev"]
}
target "db" {
dockerfile = "Dockerfile.db"
tags = ["docker.io/username/db"]
}
target "webapp-dev" {
dockerfile = "Dockerfile.webapp"
tags = ["docker.io/username/webapp"]
}$ docker buildx bake --load --metadata-file metadata.json .
$ cat metadata.json
{
"db": {
"buildx.build.provenance": {},
"buildx.build.ref": "mybuilder/mybuilder0/0fjb6ubs52xx3vygf6fgdl611",
"containerimage.config.digest": "sha256:2937f66a9722f7f4a2df583de2f8cb97fc9196059a410e7f00072fc918930e66",
"containerimage.descriptor": {
"annotations": {
"config.digest": "sha256:2937f66a9722f7f4a2df583de2f8cb97fc9196059a410e7f00072fc918930e66",
"org.opencontainers.image.created": "2022-02-08T21:28:03Z"
},
"digest": "sha256:19ffeab6f8bc9293ac2c3fdf94ebe28396254c993aea0b5a542cfb02e0883fa3",
"mediaType": "application/vnd.oci.image.manifest.v1+json",
"size": 506
},
"containerimage.digest": "sha256:19ffeab6f8bc9293ac2c3fdf94ebe28396254c993aea0b5a542cfb02e0883fa3"
},
"webapp-dev": {
"buildx.build.provenance": {},
"buildx.build.ref": "mybuilder/mybuilder0/kamngmcgyzebqxwu98b4lfv3n",
"containerimage.config.digest": "sha256:9651cc2b3c508f697c9c43b67b64c8359c2865c019e680aac1c11f4b875b67e0",
"containerimage.descriptor": {
"annotations": {
"config.digest": "sha256:9651cc2b3c508f697c9c43b67b64c8359c2865c019e680aac1c11f4b875b67e0",
"org.opencontainers.image.created": "2022-02-08T21:28:15Z"
},
"digest": "sha256:6d9ac9237a84afe1516540f40a0fafdc86859b2141954b4d643af7066d598b74",
"mediaType": "application/vnd.oci.image.manifest.v1+json",
"size": 506
},
"containerimage.digest": "sha256:6d9ac9237a84afe1516540f40a0fafdc86859b2141954b4d643af7066d598b74"
}
}Note
Build record provenance (
buildx.build.provenance) includes minimal provenance by default. Set theBUILDX_METADATA_PROVENANCEenvironment variable to customize this behavior:
minsets minimal provenance (default).maxsets full provenance.disabled,falseor0does not set any provenance.
Don't use cache when building the image (--no-cache)
Same as build --no-cache. Don't use cache when building the image.
Print the options without building (--print)
Prints the resulting options of the targets desired to be built, in a JSON format, without starting a build.
$ docker buildx bake -f docker-bake.hcl --print db
{
"group": {
"default": {
"targets": [
"db"
]
}
},
"target": {
"db": {
"context": "./",
"dockerfile": "Dockerfile",
"tags": [
"docker.io/tiborvass/db"
]
}
}
}
Set type of progress output (--progress)
Same as
build --progress.
Create provenance attestations (--provenance)
Same as
build --provenance.
Always attempt to pull a newer version of the image (--pull)
Same as build --pull.
Create SBOM attestations (--sbom)
Same as
build --sbom.
Override target configurations from command line (--set)
--set targetpattern.key[.subkey]=valueOverride target configurations from command line. The pattern matching syntax is defined in https://golang.org/pkg/path/#Match.
$ docker buildx bake --set target.args.mybuildarg=value
$ docker buildx bake --set target.platform=linux/arm64
$ docker buildx bake --set foo*.args.mybuildarg=value # overrides build arg for all targets starting with 'foo'
$ docker buildx bake --set *.platform=linux/arm64 # overrides platform for all targets
$ docker buildx bake --set foo*.no-cache # bypass caching only for targets starting with 'foo'
You can override the following fields:
argscache-fromcache-tocontextdockerfilelabelsloadno-cacheno-cache-filteroutputplatformpullpushsecretssshtagstarget