name: Build Docker images with Depot description: Build and push Docker images with Depot author: Depot branding: icon: package color: gray-dark runs: using: node20 main: dist/index.js post: dist/index.js inputs: add-hosts: description: 'List of a customs host-to-IP mapping (e.g., docker:10.180.0.1)' required: false allow: description: 'List of extra privileged entitlement (e.g., network.host,security.insecure)' required: false attests: description: 'List of attestation parameters (e.g., type=sbom,generator=image)' required: false build-args: description: 'List of build-time variables' required: false build-contexts: description: 'List of additional build contexts (e.g., name=path)' required: false build-platform: description: 'Override the build execution platform (e.g., linux/amd64 or linux/arm64)' required: false buildx-fallback: description: 'Fallback to `docker buildx build` if `depot build` fails' required: false default: 'false' cache-from: description: 'List of external cache sources for buildx (e.g., user/app:cache, type=local,src=path/to/dir)' required: false cache-to: description: 'List of cache export destinations for buildx (e.g., user/app:cache, type=local,dest=path/to/dir)' required: false cgroup-parent: description: 'Optional parent cgroup for the container used in the build' required: false context: description: "Build's context is the set of files located in the specified PATH or URL" required: false file: description: 'Path to the Dockerfile' required: false github-token: description: 'GitHub Token used to authenticate against a repository for Git context' default: ${{ github.token }} required: false labels: description: 'List of metadata for an image' required: false lint: description: 'Lint dockerfiles and fail build if any issues are at least the lint-fail-on severity' required: false default: 'false' lint-fail-on: description: 'Severity of linter issue to cause the build to fail. (e.g., error, warn, info, none)' required: false load: description: 'Load is a shorthand for --output=type=docker' required: false default: 'false' network: description: 'Set the networking mode for the RUN instructions during build' required: false no-cache: description: 'Do not use cache when building the image' required: false default: 'false' no-cache-filters: description: 'Do not cache specified stages' required: false outputs: description: 'List of output destinations (format: type=local,dest=path)' required: false platforms: description: 'List of target platforms for build' required: false provenance: description: 'Generate provenance attestation for the build (shorthand for --attest=type=provenance)' required: false project: description: 'Depot project ID' required: false pull: description: 'Always attempt to pull all referenced images' required: false default: 'false' push: description: 'Push is a shorthand for --output=type=registry' required: false default: 'false' save: description: 'Save the image to the Depot ephemeral registry' required: false default: 'false' sbom: description: 'Generate SBOM attestation for the build (shorthand for --attest=type=sbom)' required: false sbom-dir: description: 'Directory to output SBOMs for each built image' required: false secrets: description: 'List of secrets to expose to the build (e.g., key=string, GIT_AUTH_TOKEN=mytoken)' required: false secret-files: description: 'List of secret files to expose to the build (e.g., key=filename, MY_SECRET=./secret.txt)' required: false shm-size: description: 'Size of /dev/shm (e.g., 2g)' required: false ssh: description: 'List of SSH agent socket or keys to expose to the build' required: false tags: description: 'List of tags' required: false target: description: 'Sets the target stage to build' required: false token: description: 'Depot Token used to authenticate with the remote builder instance' required: false ulimit: description: 'Ulimit options (e.g., nofile=1024:1024)' required: false outputs: imageid: description: 'Image ID' digest: description: 'Image digest' metadata: description: 'Build result metadata' build-id: description: 'Build ID' project-id: description: 'Project ID'