Drone CI Plugins
Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage
  1. Documentation
  2. /
  3. Plugins
  4. /
  5. drone-docker-buildx

drone-docker-buildx

Build Status Docker Hub Quay.io GitHub contributors Source: GitHub License: MIT

Drone plugin to build and publish multiarch Docker images with buildx.

Versioning

The tags follow the major version of Docker, e.g. 20, and the minor and patch parts reflect the version of the plugin. A full example would be 20.12.5. Minor versions can introduce breaking changes, while patch versions can be considered non-breaking.

Usage

Be aware that the this plugin requires privileged capabilities, otherwise the integrated Docker daemon is not able to start.
kind: pipeline
name: default

steps:
  - name: docker
    image: thegeeklab/drone-docker-buildx:23
    privileged: true
    settings:
      username: octocat
      password: secure
      repo: octocat/example
      tags: latest

Parameters

add_host optional list
Additional host:ip mapping.
Default: none
auto_tag optional bool

Generate tag names automatically based on git branch and git tag. When this feature is enabled and the event type is tag, the plugin will automatically tag the image using the standard semVer convention. For example:

  • 1.0.0 produces docker tags 1, 1.0, 1.0.0
  • 1.0.0-rc.1 produces docker tags 1.0.0-rc.1 When the event type is push and the target branch is your default branch, the plugin will automatically tag the image as latest. All other event types and branches are ignored.
Default: false
auto_tag_suffix optional string
Generate tag names with the given suffix.
Default: none
bip optional string
Allows the docker daemon to bride IP address.
Default: none
build_args optional list
Ccustom build arguments to pass to the build.
Default: none
build_args_from_env optional list
Forward environment variables as custom arguments to the build.
Default: none
buildkit_config optional string

Content of the docker buildkit toml config. Example:

- name: Build
  image: thegeeklab/drone-docker-buildx:23
  settings:
    repo: example/repo
    buildkit_config: |
    [registry."registry.local:30081"]
      http = true
      insecure = true
Default: false
cache_from optional list

Images to consider as cache sources. To properly work, commas used in the cache source entries need to be escaped:

- name: Build
  image: thegeeklab/drone-docker-buildx:23
  settings:
    repo: example/repo
    cache_from:
      # using quotes double-escaping is required
      - "type=registry\\\\,ref=example"
      - 'type=foo\\,ref=bar'
Default: none
cache_to optional string
Cache destination for the build cache.
Default: none
compress optional bool
Enable compression of the build context using gzip.
Default: false
config optional string
Content of the docker daemon json config.
Default: none
context optional string
Set the path of the build context to use.
Default: .
custom_dns optional list
Custom docker daemon DNS server.
Default: none
custom_dns_search optional list
Custom docker daemon DNS search domain.
Default: none
daemon_off optional string
Disable the startup of the docker daemon.
Default: false
debug optional string
Enable verbose debug mode for the docker daemon.
Default: false
dockerfile optional string
Set dockerfile to use for the image build.
Default: Dockerfile
dry_run optional bool
Disable docker push.
Default: none
email optional string
E-Mail address for authentication with the registry.
Default: none
experimental optional bool
Enable docker daemon experimental mode.
Default: false
extra_tags optional list
Set additional tags to be used for the image. Additional tags can also be loaded from an .extratags file. This function can be used to push images to multiple registries at once. Therefore, it is necessary to use the config flag to provide a configuration file that contains the authentication information for all used registries.
Default: none
insecure optional bool
Enable the usage of insecure registries.
Default: false
ipv6 optional bool
Enable docker daemon IPv6 support.
Default: false
labels optional list
Labels to add to the image.
Default: none
mirror optional string
Use a registry mirror to pull images.
Default: none
mtu optional string
A docker daemon custom MTU.
Default: none
named_context optional list
Set additional named build contexts (e.g., name=path).
Default: none
no_cache optional string
Disable the usage of cached intermediate containers.
Default: false
output optional bool
Export action for the build result (format: path or type=TYPE[,KEY=VALUE]).
Default: false
password optional string
Password for authentication with the registry.
Default: none
platforms optional list
Target platforms for build.
Default: none
provenance optional string
Generate provenance attestation for the build (shorthand for --attest=type=provenance).
Default: none
pull_image optional bool
Enforce to pull the base image at build time.
Default: true
quiet optional bool
Enable suppression of the build output.
Default: false
registry optional string
Docker registry to upload images.
Default: https://index.docker.io/v1/
repo optional string
Repository name for the image. If the image is to be pushed to registries other than the default DockerHub, it is necessary to set repo as fully-qualified name.
Default: none
sbom optional string
Generate sbom attestation for the build (shorthand for --attest type=sbom).
Default: none
storage_driver optional string
The docker daemon storage driver.
Default: none
storage_path optional string
The docker daemon storage path.
Default: /var/lib/docker
tags optional list
Set repository tags to use for the image. Tags can also be loaded from a .tags file.
Default: latest
target optional string
The docker build target.
Default: none
username optional string
Username for authentication with the registry.
Default: none

Examples

Push to other registries than DockerHub

If the created image is to be pushed to registries other than the default DockerHub, it is necessary to set registry and repo as fully-qualified name.

GHCR:

kind: pipeline
name: default

steps:
  - name: docker
    image: thegeeklab/drone-docker-buildx:23
    privileged: true
    settings:
      registry: ghcr.io
      username: octocat
      password: secret-access-token
      repo: ghcr.io/octocat/example
      tags: latest

AWS ECR:

kind: pipeline
name: default

steps:
  - name: docker
    image: thegeeklab/drone-docker-buildx:23
    privileged: true
    environment:
      AWS_ACCESS_KEY_ID:
        from_secret: aws_access_key_id
      AWS_SECRET_ACCESS_KEY:
        from_secret: aws_secret_access_key
    settings:
      registry: <account_id>.dkr.ecr.<region>.amazonaws.com
      repo: <account_id>.dkr.ecr.<region>.amazonaws.com/octocat/example
      tags: latest

Build

Build the binary with the following command:

export GOOS=linux
export GOARCH=amd64
export CGO_ENABLED=0
export GO111MODULE=on

make build

Build the Docker image with the following command:

docker build --file docker/Dockerfile.amd64 --tag thegeeklab/drone-docker-buildx .

Test 

docker run --rm \
  -e PLUGIN_TAG=latest \
  -e PLUGIN_REPO=octocat/hello-world \
  -e DRONE_COMMIT_SHA=00000000 \
  -v $(pwd):$(pwd) \
  -w $(pwd) \
  --privileged \
  thegeeklab/drone-docker-buildx --dry-run