publicWagsHome
/
buildx
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
v0.11
v0.10
v0.9
v0.8
v0.7
v0.6
v0.10.0
v0.10.0-rc1
v0.10.0-rc2
v0.10.0-rc3
v0.10.1
v0.10.2
v0.10.3
v0.10.4
v0.10.5
v0.11.0
v0.11.0-rc1
v0.11.0-rc2
v0.11.1
v0.11.2
v0.2.0
v0.2.1
v0.2.2
v0.3.0
v0.3.1
v0.4.0
v0.4.1
v0.4.2
v0.5.0
v0.5.0-rc1
v0.5.1
v0.6.0
v0.6.0-rc1
v0.6.1
v0.6.2
v0.6.3
v0.7.0
v0.7.0-rc1
v0.7.1
v0.8.0
v0.8.0-rc1
v0.8.1
v0.8.2
v0.9.0
v0.9.0-rc1
v0.9.0-rc2
v0.9.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '04b56c7331'
${ noResults }
buildx/docs/guides/cache/index.md

3.7 KiB
Raw Blame History

Cache storage backends

To ensure that builds run as quickly as possible, BuildKit automatically caches the build result in its own internal cache. However, in addition to this simple cache, BuildKit also supports exporting cache for a specific build to an external location to easily import into future builds.

This external cache becomes almost essential in CI/CD environments, where there may be little-to-no persistence between runs, but it's still important to keep the runtime of image builds as low as possible.

Warning

If you use secrets or credentials inside your build process, then ensure you manipulate them using the dedicated --secret functionality instead of using manually COPYd files or build ARGs. Using manually managed secrets like this with exported cache could lead to an information leak.

Currently, Buildx supports the following cache storage backends:

  • inline image cache, that embeds the build cache into the image, and is pushed to the same location as the main output result - note that this only works for the image exporter.

    (guide)

  • registry image cache, that embeds the build cache into a separate image, and pushes to a dedicated location separate from the main output.

    (guide)

  • local directory cache, that writes the build cache to a local directory on the filesystem.

    (guide)

  • gha GitHub Actions cache, that uploads the build cache to GitHub (experimental).

    (guide)

  • s3 AWS cache, that uploads the build cache to an AWS S3 bucket (unreleased).

    (guide)

  • azblob Azure cache, that uploads the build cache to Azure Blob Storage (unreleased).

    (guide)

To use any of the above backends, you first need to specify it on build with the --cache-to option to export the cache to your storage backend of choice, then use the --cache-from option to import the cache from the storage backend into the current build. Unlike the local BuildKit cache (which is always enabled), all of the cache storage backends have to be explicitly exported to and then explicitly imported from. Note that all cache exporters except for the inline cache, require selecting an alternative Buildx driver.

For example, to perform a cache import and export using the registry cache:

$ docker buildx build --push -t <user>/<image> \
  --cache-to type=registry,ref=<user>/<cache-image> \
  --cache-from type=registry,ref=<user>/<cache-image> .

Warning

As a general rule, each cache writes to some location - no location can be written to twice, without overwriting the previously cached data. If you want to maintain multiple separately scoped caches (e.g. a cache per git branch), then ensure that you specify different locations in your cache exporters.

While currently only a single cache exporter is supported, you can import from as many remote caches as you like. For example, a common pattern is to use the cache of both the current branch as well as the main branch (again using the registry cache):

$ docker buildx build --push -t <user>/<image> \
  --cache-to type=registry,ref=<user>/<cache-image>:<branch> \
  --cache-from type=registry,ref=<user>/<cache-image>:<branch> \
  --cache-from type=registry,ref=<user>/<cache-image>:master .