--- properties: - name: add_host description: | Additional `host:ip` mapping. type: list required: false - name: auto_tag description: | Generate tag names automatically based on git branch and git tag. When this feature is enabled and the event type is `tag`, the plugin will automatically tag the image using the standard semVer convention. For example: - `1.0.0` produces docker tags `1`, `1.0`, `1.0.0` - `1.0.0-rc.1` produces docker tags `1.0.0-rc.1` When the event type is `push` and the target branch is your default branch, the plugin will automatically tag the image as `latest`. All other event types and branches are ignored. type: bool defaultValue: false required: false - name: auto_tag_suffix description: | Generate tag names with the given suffix. type: string required: false - name: bip description: | Allow the docker daemon to bride IP address. type: string required: false - name: build_args description: | Custom build arguments for the build. Example: ```yaml steps: - name: Build image: quay.io/thegeeklab/wp-docker-buildx settings: repo: example/repo build_args: FOO: bar API_KEY: from_secret: API_KEY ``` type: map required: false - name: build_args_from_env description: | Forward environment variables to the build as build arguments. If the same key already exists in `build_args`, it will not be overwritten. Example: ```yaml steps: - name: Build image: quay.io/thegeeklab/wp-docker-buildx settings: repo: example/repo build_args_from_env: - CI_COMMIT_SHA ``` type: list required: false - name: buildkit_config description: | Content of the docker buildkit toml [config](https://github.com/moby/buildkit/blob/master/docs/buildkitd.toml.md). Example: ```yaml steps: - name: Build image: quay.io/thegeeklab/wp-docker-buildx settings: repo: example/repo buildkit_config: | [registry."registry.local:30081"] http = true insecure = true ``` type: string required: false - name: cache_from description: | Images to consider as [cache sources](https://docs.docker.com/engine/reference/commandline/buildx_build/#cache-from). To properly work, commas used in the cache source entries need to be escaped: ```yaml steps: - name: Build image: quay.io/thegeeklab/wp-docker-buildx settings: repo: example/repo cache_from: # while using quotes, double-escaping is required - "type=registry\\\\,ref=example" - 'type=foo\\,ref=bar' ``` type: list required: false - name: cache_to description: | [Cache destination](https://docs.docker.com/engine/reference/commandline/buildx_build/#cache-to) for the build cache. type: string required: false - name: compress description: | Enable compression of the build context using gzip. type: bool defaultValue: false required: false - name: registry_config description: | Content of the registry credentials store file. type: string defaultValue: $DOCKER_REGISTRY_CONFIG required: false - name: containerfile description: | Containerfile to use for the image build. type: string defaultValue: "Containerfile" required: false - name: context description: | Path of the build context. type: string defaultValue: "." required: false - name: custom_dns description: | Custom docker daemon dns server. type: list required: false - name: custom_dns_search description: | Custom docker daemon dns search domain. type: list required: false - name: daemon_off description: | Disable the startup of the docker daemon. type: bool defaultValue: false required: false - name: debug description: | Enable verbose debug mode for the docker daemon. type: bool defaultValue: false required: false - name: dry_run description: | Disable docker push. type: bool defaultValue: false required: false - name: email description: | Email address for registry authentication. type: string defaultValue: $DOCKER_EMAIL required: false - name: experimental description: | Enable docker daemon experimental mode. type: bool defaultValue: false required: false - name: extra_tags description: | Additional tags to use for the image including registry. Additional tags can also be loaded from an `.extratags` file. This function can be used to push images to multiple registries at once. Therefore, it is necessary to use the `config` flag to provide a configuration file that contains the authentication information for all used registries. type: list required: false - name: insecure description: | Allow the docker daemon to use insecure registries. type: bool defaultValue: false required: false - name: insecure_skip_verify description: | Skip SSL verification. type: bool defaultValue: false required: false - name: ipv6 description: | Enable docker daemon IPv6 support. type: bool defaultValue: false required: false - name: labels description: | Labels to add to image. type: list required: false - name: log_level description: | Plugin log level. type: string defaultValue: "info" required: false - name: max_concurrent_uploads description: | Max concurrent uploads for each push. By default the Docker daemon will push five layers of an image at a time. If you are on a low bandwidth connection this may cause timeout issues and you may want to lower with this option. type: string required: false - name: mirror description: | Registry mirror to pull images. type: string defaultValue: $DOCKER_PLUGIN_MIRROR required: false - name: mtu description: | Docker daemon custom MTU setting. type: string required: false - name: named_context description: | Additional named [build contexts](https://docs.docker.com/engine/reference/commandline/buildx_build/#build-context) (format: `name=path`). type: list required: false - name: no_cache description: | Disable the usage of cached intermediate containers. type: bool defaultValue: false required: false - name: output description: | [Export action](https://docs.docker.com/engine/reference/commandline/buildx_build/#output) for the build result (format: `path` or `type=TYPE[,KEY=VALUE]`). type: string required: false - name: password description: | Password for registry authentication. type: string defaultValue: $DOCKER_PASSWORD required: false - name: platforms description: | Target platform for build. type: list required: false - name: provenance description: | Generate [provenance](https://docs.docker.com/build/attestations/slsa-provenance/) attestation for the build (shorthand for `--attest=type=provenance`). type: string required: false - name: pull_image description: | Enforce to pull base image at build time. type: bool defaultValue: true required: false - name: quiet description: | Enable suppression of the build output. type: bool defaultValue: false required: false - name: registry description: | Docker registry to authenticate with. type: string defaultValue: "https://index.docker.io/v1/" required: false - name: repo description: | Repository name for the image. If the image is to be pushed to registries other than the default DockerHub, it is necessary to set `repo` as fully-qualified name. type: string required: false - name: sbom description: | Generate [SBOM](https://docs.docker.com/build/attestations/sbom/) attestation for the build (shorthand for `--attest type=sbom`). type: string required: false - name: secrets description: | Exposes [secrets](https://docs.docker.com/engine/reference/commandline/buildx_build/#secret) to the build. The secrets can be used by the build using `RUN --mount=type=secret` mount. ```yaml steps: - name: Build image: quay.io/thegeeklab/wp-docker-buildx privileged: true environment: SECURE_TOKEN: from_secret: secure_token settings: secrets: # while using quotes, double-escaping is required - "id=raw_file_secret\\\\,src=file.txt" - 'id=other_raw_file_secret\\,src=other_file.txt' - "id=SECRET_TOKEN" ``` To use secrets from files a [host volume](https://woodpecker-ci.org/docs/usage/volumes) is required. This should be used with caution and avoided whenever possible. type: list required: false - name: storage_driver description: | Docker daemon storage driver. type: string required: false - name: storage_path description: | Docker daemon storage path. type: string defaultValue: "/var/lib/docker" required: false - name: tags description: | Repository tags to use for the image. Tags can also be loaded from a `.tags` file. type: list required: false - name: target description: | Build target to use. type: string required: false - name: username description: | Username for registry authentication. type: string defaultValue: $DOCKER_USERNAME required: false