mirror of
https://github.com/docker/cli.git
synced 2025-11-25 18:03:19 +03:00
7609dde8d0
Docker Content Trust is currently only implemented for the classic
builder, but is known to not work with multi-stage builds, and
requires rewriting the Dockerfile, which is brittle because the
Dockerfile syntax evolved with the introduction of BuildKit as
default builder.
Given that the classic builder is deprecated, and only used for
Windows images, which are not verified by content trust;
# docker pull --disable-content-trust=false mcr.microsoft.com/windows/servercore:ltsc2025
Error: remote trust data does not exist for mcr.microsoft.com/windows/servercore: mcr.microsoft.com does not have trust data for mcr.microsoft.com/windows/servercore
With content trust not implemented in BuildKit, and not implemented
in docker compose, this resulted in an inconsistent behavior.
This patch removes content-trust support for "docker build". As this
is a client-side feature, users who require this feature can still
use an older CLI to to start the build.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
7.7 KiB
7.7 KiB
docker build
Build an image from a Dockerfile
Aliases
docker image build, docker build, docker builder build
Options
| Name | Type | Default | Description |
|---|---|---|---|
--add-host |
list |
Add a custom host-to-IP mapping (host:ip) |
|
--build-arg |
list |
Set build-time variables | |
--cache-from |
stringSlice |
Images to consider as cache sources | |
--cgroup-parent |
string |
Set the parent cgroup for the RUN instructions during build |
|
--compress |
bool |
Compress the build context using gzip | |
--cpu-period |
int64 |
0 |
Limit the CPU CFS (Completely Fair Scheduler) period |
--cpu-quota |
int64 |
0 |
Limit the CPU CFS (Completely Fair Scheduler) quota |
-c, --cpu-shares |
int64 |
0 |
CPU shares (relative weight) |
--cpuset-cpus |
string |
CPUs in which to allow execution (0-3, 0,1) | |
--cpuset-mems |
string |
MEMs in which to allow execution (0-3, 0,1) | |
-f, --file |
string |
Name of the Dockerfile (Default is PATH/Dockerfile) |
|
--force-rm |
bool |
Always remove intermediate containers | |
--iidfile |
string |
Write the image ID to the file | |
--isolation |
string |
Container isolation technology | |
--label |
list |
Set metadata for an image | |
-m, --memory |
bytes |
0 |
Memory limit |
--memory-swap |
bytes |
0 |
Swap limit equal to memory plus swap: -1 to enable unlimited swap |
--network |
string |
default |
Set the networking mode for the RUN instructions during build |
--no-cache |
bool |
Do not use cache when building the image | |
--platform |
string |
Set platform if server is multi-platform capable | |
--pull |
bool |
Always attempt to pull a newer version of the image | |
-q, --quiet |
bool |
Suppress the build output and print image ID on success | |
--rm |
bool |
true |
Remove intermediate containers after a successful build |
--security-opt |
stringSlice |
Security options | |
--shm-size |
bytes |
0 |
Size of /dev/shm |
--squash |
bool |
Squash newly built layers into a single new layer | |
-t, --tag |
list |
Name and optionally a tag in the name:tag format |
|
--target |
string |
Set the target build stage to build. | |
--ulimit |
ulimit |
Ulimit options |