Merge pull request #1080 from docker/dependabot/npm_and_yarn/docker/actions-toolkit-0.19.0

chore(deps): Bump @docker/actions-toolkit from 0.18.0 to 0.19.0
chore: update generated content
2025-06-13 14:47:13 +02:00 · 2024-03-13 19:21:45 +01:00 · 2024-03-13 19:19:46 +01:00 · 2024-03-13 18:18:15 +00:00 · 2024-03-11 16:57:53 -07:00 · 2024-03-08 14:07:12 +01:00
19 changed files with 1594 additions and 1099 deletions
--- a/.eslintignore
+++ b/.eslintignore
@ -0,0 +1,3 @@
+/dist/**
+/coverage/**
+/node_modules/**
--- a/.eslintrc.json
+++ b/.eslintrc.json
@ -1,11 +1,12 @@
 {
  "env": {
    "node": true,
-    "es2021": true,
+    "es6": true,
    "jest": true
  },
  "extends": [
    "eslint:recommended",
+    "plugin:@typescript-eslint/eslint-recommended",
    "plugin:@typescript-eslint/recommended",
    "plugin:jest/recommended",
    "plugin:prettier/recommended"
--- a/.github/workflows/.e2e-run.yml
+++ b/.github/workflows/.e2e-run.yml
@ -75,10 +75,11 @@ jobs:
        if: inputs.type == 'local'
        run: |
          sudo -E bash ./.github/e2e/${{ inputs.id }}/install.sh
+          sudo chown $(id -u):$(id -g) -R ~/.docker
      -
        name: Docker meta
        id: meta
-        uses: docker/metadata-action@v4
+        uses: docker/metadata-action@v5
        with:
          images: ${{ env.REGISTRY_SLUG || inputs.slug }}
          tags: |
@ -87,10 +88,10 @@ jobs:
            type=raw,gh-runid-${{ github.run_id }}
      -
        name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
+        uses: docker/setup-qemu-action@v3
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ matrix.buildx_version }}
          config: /tmp/buildkitd.toml
@ -101,7 +102,7 @@ jobs:
      -
        name: Login to Registry
        if: github.event_name != 'pull_request' && (env.REGISTRY_USER || inputs.username_secret) != ''
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
        with:
          registry: ${{ env.REGISTRY_FQDN || inputs.registry }}
          username: ${{ env.REGISTRY_USER || secrets[inputs.username_secret] }}
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -38,7 +38,7 @@ jobs:
          path: action
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
          driver-opts: |
@ -64,11 +64,11 @@ jobs:
          path: action
      -
        name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
+        uses: docker/setup-qemu-action@v3
      -
        name: Set up Docker Buildx
        id: buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
          driver-opts: |
@ -113,11 +113,11 @@ jobs:
          path: action
      -
        name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
+        uses: docker/setup-qemu-action@v3
      -
        name: Set up Docker Buildx
        id: buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
          driver-opts: |
@ -170,11 +170,11 @@ jobs:
        uses: actions/checkout@v4
      -
        name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
+        uses: docker/setup-qemu-action@v3
      -
        name: Set up Docker Buildx
        id: buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
          driver-opts: |
@ -220,7 +220,7 @@ jobs:
      -
        name: Docker meta
        id: meta
-        uses: docker/metadata-action@v4
+        uses: docker/metadata-action@v5
        with:
          images: ${{ env.DOCKER_IMAGE }}
          tags: |
@ -233,7 +233,7 @@ jobs:
            type=sha
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
          driver-opts: |
@ -302,10 +302,10 @@ jobs:
        uses: actions/checkout@v4
      -
        name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
+        uses: docker/setup-qemu-action@v3
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
          driver-opts: |
@ -378,7 +378,7 @@ jobs:
        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
          driver-opts: |
@ -393,6 +393,31 @@ jobs:
            MYSECRET=foo
            INVALID_SECRET=

+  secret-envs:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v4
+      -
+        name: Set up Docker buildx
+        uses: docker/setup-buildx-action@v3
+        with:
+          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
+          driver-opts: |
+            image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
+      -
+        name: Build
+        uses: ./
+        env:
+          ENV_SECRET: foo
+        with:
+          context: .
+          file: ./test/secret.Dockerfile
+          secret-envs: |
+            MYSECRET=ENV_SECRET
+            INVALID_SECRET=
+
  network:
    runs-on: ubuntu-latest
    steps:
@ -401,7 +426,7 @@ jobs:
        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
          driver-opts: |
@ -425,7 +450,7 @@ jobs:
        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
          driver-opts: |
@ -447,7 +472,7 @@ jobs:
        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
          driver-opts: |
@ -472,7 +497,7 @@ jobs:
        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
          driver-opts: |
@ -495,7 +520,7 @@ jobs:
        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
          driver-opts: |
@ -520,7 +545,7 @@ jobs:
        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
          driver-opts: |
@ -554,7 +579,7 @@ jobs:
        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ matrix.buildx }}
          driver-opts: |
@ -573,19 +598,31 @@ jobs:
    strategy:
      fail-fast: false
      matrix:
-        attrs:
-          - ''
-          - mode=max
-          - builder-id=foo
-          - false
-          - true
+        include:
+          - target: image
+            output: type=image,name=localhost:5000/name/app:latest,push=true
+            attr: mode=max
+          - target: image
+            output: type=image,name=localhost:5000/name/app:latest,push=true
+            attr: ''
+          - target: binary
+            output: /tmp/buildx-build
+            attr: mode=max
+          - target: binary
+            output: /tmp/buildx-build
+            attr: ''
+    services:
+      registry:
+        image: registry:2
+        ports:
+          - 5000:5000
    steps:
      -
        name: Checkout
        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
          driver-opts: |
@ -597,11 +634,24 @@ jobs:
        with:
          context: ./test/go
          file: ./test/go/Dockerfile
-          target: binary
-          outputs: type=oci,dest=/tmp/build.tar
-          provenance: ${{ matrix.attrs }}
-          cache-from: type=gha,scope=provenance
-          cache-to: type=gha,scope=provenance,mode=max
+          target: ${{ matrix.target }}
+          outputs: ${{ matrix.output }}
+          provenance: ${{ matrix.attr }}
+      -
+        name: Inspect Provenance
+        if: matrix.target == 'image'
+        run: |
+          docker buildx imagetools inspect localhost:5000/name/app:latest --format '{{json .Provenance}}'
+      -
+        name: Check output folder
+        if: matrix.target == 'binary'
+        run: |
+          tree /tmp/buildx-build
+      -
+        name: Print local Provenance
+        if: matrix.target == 'binary'
+        run: |
+          cat /tmp/buildx-build/provenance.json | jq

  sbom:
    runs-on: ubuntu-latest
@ -624,7 +674,7 @@ jobs:
        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
          driver-opts: |
@ -642,22 +692,17 @@ jobs:
          cache-from: type=gha,scope=attests-${{ matrix.target }}
          cache-to: type=gha,scope=attests-${{ matrix.target }},mode=max
      -
-        name: Inspect image
+        name: Inspect SBOM
        if: matrix.target == 'image'
        run: |
-          docker buildx imagetools inspect localhost:5000/name/app:latest --format '{{json .}}'
+          docker buildx imagetools inspect localhost:5000/name/app:latest --format '{{json .SBOM}}'
      -
        name: Check output folder
        if: matrix.target == 'binary'
        run: |
          tree /tmp/buildx-build
      -
-        name: Print provenance
-        if: matrix.target == 'binary'
-        run: |
-          cat /tmp/buildx-build/provenance.json | jq
-      -
-        name: Print SBOM
+        name: Print local SBOM
        if: matrix.target == 'binary'
        run: |
          cat /tmp/buildx-build/sbom.spdx.json | jq
@ -681,11 +726,11 @@ jobs:
        uses: actions/checkout@v4
      -
        name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
+        uses: docker/setup-qemu-action@v3
      -
        name: Set up Docker Buildx
        id: buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
          driver-opts: |
@ -750,7 +795,7 @@ jobs:
        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
          driver: ${{ matrix.driver }}
@ -820,10 +865,10 @@ jobs:
        uses: actions/checkout@v4
      -
        name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
+        uses: docker/setup-qemu-action@v3
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
          driver-opts: |
@ -869,10 +914,10 @@ jobs:
        uses: actions/checkout@v4
      -
        name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
+        uses: docker/setup-qemu-action@v3
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
          driver-opts: |
@ -897,6 +942,63 @@ jobs:
        run: |
          docker buildx imagetools inspect localhost:5000/name/app:1.0.0 --format '{{json .}}'

+  local-cache:
+    runs-on: ubuntu-latest
+    services:
+      registry:
+        image: registry:2
+        ports:
+          - 5000:5000
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v4
+      -
+        name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+        with:
+          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
+          driver-opts: |
+            network=host
+            image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
+          buildkitd-flags: --debug
+      -
+        name: Cache Build
+        uses: actions/cache@v4
+        with:
+          path: /tmp/.buildx-cache
+          key: ${{ runner.os }}-local-test-${{ github.sha }}
+          restore-keys: |
+            ${{ runner.os }}-local-test-
+      -
+        name: Build and push
+        uses: ./
+        with:
+          context: ./test
+          file: ./test/multi.Dockerfile
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: |
+            localhost:5000/name/app:latest
+            localhost:5000/name/app:1.0.0
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache-new
+      -
+        name: Inspect
+        run: |
+          docker buildx imagetools inspect localhost:5000/name/app:1.0.0 --format '{{json .}}'
+      -
+        # Temp fix
+        # https://github.com/docker/build-push-action/issues/252
+        # https://github.com/moby/buildkit/issues/1896
+        name: Move cache
+        run: |
+          rm -rf /tmp/.buildx-cache
+          mv /tmp/.buildx-cache-new /tmp/.buildx-cache
+
  standalone:
    runs-on: ubuntu-latest
    steps:
@ -913,7 +1015,7 @@ jobs:
          fi
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
          driver-opts: |
@ -934,7 +1036,7 @@ jobs:
        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
          driver-opts: |
@ -956,7 +1058,7 @@ jobs:
        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
          driver: docker
@ -990,7 +1092,7 @@ jobs:
        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
          driver-opts: |
@ -1053,7 +1155,7 @@ jobs:
          echo '{"proxies":{"default":{"httpProxy":"http://127.0.0.1:3128","httpsProxy":"http://127.0.0.1:3128"}}}' > ~/.docker/config.json
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
          driver-opts: |
@ -1085,7 +1187,7 @@ jobs:
        uses: actions/checkout@v4
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
          driver-opts: |
@ -1100,3 +1202,147 @@ jobs:
        with:
          context: ./test
          file: ./test/Dockerfile
+
+  annotations:
+    runs-on: ubuntu-latest
+    env:
+      DOCKER_IMAGE: localhost:5000/name/app
+    services:
+      registry:
+        image: registry:2
+        ports:
+          - 5000:5000
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v4
+      -
+        name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.DOCKER_IMAGE }}
+          tags: |
+            type=schedule
+            type=ref,event=branch
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}}
+            type=sha
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+        with:
+          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
+          driver-opts: |
+            network=host
+            image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
+      -
+        name: Build and push to local registry
+        uses: ./
+        with:
+          context: ./test
+          file: ./test/Dockerfile
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          annotations: |
+            index:com.example.key=value
+            index:com.example.key2=value2
+            manifest:com.example.key3=value3
+      -
+        name: Check manifest
+        run: |
+          docker buildx imagetools inspect ${{ env.DOCKER_IMAGE }}:${{ steps.meta.outputs.version }} --format '{{json .}}'
+
+  multi-output:
+    runs-on: ubuntu-latest
+    services:
+      registry:
+        image: registry:2
+        ports:
+          - 5000:5000
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v4
+      -
+        name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+        with:
+          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
+          # TODO: use buildx-stable-1 image when v0.13 promoted
+          driver-opts: |
+            network=host
+            image=moby/buildkit:v0.13.0
+          buildkitd-flags: --debug
+      -
+        name: Build
+        uses: ./
+        with:
+          context: ./test
+          file: ./test/Dockerfile
+          outputs: |
+            type=image,name=localhost:5000/name/app:latest,push=true
+            type=docker,name=app:local
+            type=oci,dest=/tmp/oci.tar
+      -
+        name: Check registry
+        run: |
+          docker buildx imagetools inspect localhost:5000/name/app:latest --format '{{json .}}'
+      -
+        name: Check docker
+        run: |
+          docker image inspect app:local
+      -
+        name: Check oci
+        run: |
+          set -ex
+          mkdir -p /tmp/oci-out
+          tar xf /tmp/oci.tar -C /tmp/oci-out
+          tree -nh /tmp/oci-out
+
+  load-and-push:
+    runs-on: ubuntu-latest
+    services:
+      registry:
+        image: registry:2
+        ports:
+          - 5000:5000
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v4
+      -
+        name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+        with:
+          version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
+          # TODO: use buildx-stable-1 image when v0.13 promoted
+          driver-opts: |
+            network=host
+            image=moby/buildkit:v0.13.0
+          buildkitd-flags: --debug
+      -
+        name: Build
+        uses: ./
+        with:
+          context: ./test
+          file: ./test/Dockerfile
+          load: true
+          push: true
+          tags: localhost:5000/name/app:latest
+      -
+        name: Check registry
+        run: |
+          docker buildx imagetools inspect localhost:5000/name/app:latest --format '{{json .}}'
+      -
+        name: Check docker
+        run: |
+          docker image inspect localhost:5000/name/app:latest
--- a/.github/workflows/e2e.yml
+++ b/.github/workflows/e2e.yml
@ -88,13 +88,13 @@ jobs:
            username_secret: QUAY_USERNAME
            password_secret: QUAY_TOKEN
            type: remote
-          -
-            name: Artifactory
-            registry: sforzando-build-team-local.jfrog.io
-            slug: sforzando-build-team-local.jfrog.io/build-push-action-e2e
-            username_secret: ARTIFACTORY_USERNAME
-            password_secret: ARTIFACTORY_TOKEN
-            type: remote
+#          -
+#            name: Artifactory
+#            registry: sforzando-build-team-local.jfrog.io
+#            slug: sforzando-build-team-local.jfrog.io/build-push-action-e2e
+#            username_secret: ARTIFACTORY_USERNAME
+#            password_secret: ARTIFACTORY_TOKEN
+#            type: remote
          -
            name: Harbor
            id: harbor
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@ -20,11 +20,12 @@ jobs:
        uses: actions/checkout@v4
      -
        name: Test
-        uses: docker/bake-action@v3
+        uses: docker/bake-action@v4
        with:
          targets: test
      -
        name: Upload coverage
-        uses: codecov/codecov-action@v3
+        uses: codecov/codecov-action@v4
        with:
          file: ./coverage/clover.xml
+          token: ${{ secrets.CODECOV_TOKEN }}
--- a/.github/workflows/validate.yml
+++ b/.github/workflows/validate.yml
@ -40,6 +40,6 @@ jobs:
        uses: actions/checkout@v4
      -
        name: Validate
-        uses: docker/bake-action@v3
+        uses: docker/bake-action@v4
        with:
          targets: ${{ matrix.target }}
--- a/README.md
+++ b/README.md
@ -74,19 +74,19 @@ jobs:
    steps:
      -
        name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
+        uses: docker/setup-qemu-action@v3
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
      -
        name: Login to Docker Hub
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        name: Build and push
-        uses: docker/build-push-action@v4
+        uses: docker/build-push-action@v5
        with:
          push: true
          tags: user/app:latest
@ -108,10 +108,10 @@ to the default Git context:
        # Setting up Docker Buildx with docker-container driver is required
        # at the moment to be able to use a subdirectory with Git context
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
      -
        name: Build and push
-        uses: docker/build-push-action@v4
+        uses: docker/build-push-action@v5
        with:
          context: "{{defaultContext}}:mysubdir"
          push: true
@ -134,7 +134,7 @@ named `GIT_AUTH_TOKEN` to be able to authenticate against it with Buildx:
 ```yaml
      -
        name: Build and push
-        uses: docker/build-push-action@v4
+        uses: docker/build-push-action@v5
        with:
          push: true
          tags: user/app:latest
@ -158,22 +158,22 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
      -
        name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
+        uses: docker/setup-qemu-action@v3
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
      -
        name: Login to Docker Hub
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        name: Build and push
-        uses: docker/build-push-action@v4
+        uses: docker/build-push-action@v5
        with:
          context: .
          push: true
@ -217,6 +217,7 @@ Following inputs can be used as `step.with` keys
 |--------------------|-------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
 | `add-hosts`        | List/CSV    | List of [customs host-to-IP mapping](https://docs.docker.com/engine/reference/commandline/build/#add-entries-to-container-hosts-file---add-host) (e.g., `docker:10.180.0.1`)      |
 | `allow`            | List/CSV    | List of [extra privileged entitlement](https://docs.docker.com/engine/reference/commandline/buildx_build/#allow) (e.g., `network.host,security.insecure`)                         |
+| `annotations`      | List        | List of annotation to set to the image                                                                                                                                            |
 | `attests`          | List        | List of [attestation](https://docs.docker.com/build/attestations/) parameters (e.g., `type=sbom,generator=image`)                                                                 | 
 | `builder`          | String      | Builder instance (see [setup-buildx](https://github.com/docker/setup-buildx-action) action)                                                                                       |
 | `build-args`       | List        | List of [build-time variables](https://docs.docker.com/engine/reference/commandline/buildx_build/#build-arg)                                                                      |
@ -238,6 +239,7 @@ Following inputs can be used as `step.with` keys
 | `push`             | Bool        | [Push](https://docs.docker.com/engine/reference/commandline/buildx_build/#push) is a shorthand for `--output=type=registry` (default `false`)                                     |
 | `sbom`             | Bool/String | Generate [SBOM](https://docs.docker.com/build/attestations/sbom/) attestation for the build (shorthand for `--attest=type=sbom`)                                                  |
 | `secrets`          | List        | List of [secrets](https://docs.docker.com/engine/reference/commandline/buildx_build/#secret) to expose to the build (e.g., `key=string`, `GIT_AUTH_TOKEN=mytoken`)                |
+| `secret-envs`      | List/CSV    | List of [secret env vars](https://docs.docker.com/engine/reference/commandline/buildx_build/#secret) to expose to the build (e.g., `key=envname`, `MY_SECRET=MY_ENV_VAR`)         |
 | `secret-files`     | List        | List of [secret files](https://docs.docker.com/engine/reference/commandline/buildx_build/#secret) to expose to the build (e.g., `key=filename`, `MY_SECRET=./secret.txt`)         |
 | `shm-size`         | String      | Size of [`/dev/shm`](https://docs.docker.com/engine/reference/commandline/buildx_build/#shm-size) (e.g., `2g`)                                                                    |
 | `ssh`              | List        | List of [SSH agent socket or keys](https://docs.docker.com/engine/reference/commandline/buildx_build/#ssh) to expose to the build                                                 |
@ -252,7 +254,7 @@ Following inputs can be used as `step.with` keys

 ### outputs

-Following outputs are available
+The following outputs are available:

 | Name       | Type    | Description           |
 |------------|---------|-----------------------|
--- a/TROUBLESHOOTING.md
+++ b/TROUBLESHOOTING.md
@ -45,13 +45,13 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
      -
        name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
+        uses: docker/setup-qemu-action@v3
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
        with:
          buildkitd-flags: --debug
      -
@ -59,7 +59,7 @@ jobs:
        uses: crazy-max/ghaction-setup-containerd@v2
      -
        name: Build Docker image
-        uses: docker/build-push-action@v4
+        uses: docker/build-push-action@v5
        with:
          context: .
          platforms: linux/amd64,linux/arm64
@ -112,7 +112,7 @@ to generate sanitized tags:
    tags: latest

 - name: Build and push
-  uses: docker/build-push-action@v4
+  uses: docker/build-push-action@v5
  with:
    context: .
    push: true
@ -130,7 +130,7 @@ Or a dedicated step to sanitize the slug:
    script: return 'ghcr.io/${{ github.repository }}'.toLowerCase()

 - name: Build and push
-  uses: docker/build-push-action@v4
+  uses: docker/build-push-action@v5
  with:
    context: .
    push: true
@ -156,7 +156,7 @@ Sometimes when your workflows are heavy consumers of disk storage, it can happen

 ```yaml
 name: Set up Docker Buildx
-uses: docker/setup-buildx-action@v2
+uses: docker/setup-buildx-action@v3
 with:
  driver: docker
 ```
--- a/tests/context.test.ts
+++ b/tests/context.test.ts
@ -619,6 +619,113 @@ nproc=3`],
        '.'
      ]
    ],
+    [
+      25,
+      '0.10.0',
+      new Map<string, string>([
+        ['context', '.'],
+        ['no-cache', 'false'],
+        ['load', 'true'],
+        ['push', 'false'],
+        ['pull', 'false'],
+        ['secret-envs', `MY_SECRET=MY_SECRET_ENV
+ANOTHER_SECRET=ANOTHER_SECRET_ENV`]
+      ]),
+      [
+        'build',
+        '--secret', 'id=MY_SECRET,env=MY_SECRET_ENV',
+        '--secret', 'id=ANOTHER_SECRET,env=ANOTHER_SECRET_ENV',
+        '--iidfile', path.join(tmpDir, 'iidfile'),
+        '--load',
+        '--metadata-file', path.join(tmpDir, 'metadata-file'),
+        '.'
+      ]
+    ],
+    [
+      26,
+      '0.10.0',
+      new Map<string, string>([
+        ['context', '.'],
+        ['no-cache', 'false'],
+        ['load', 'true'],
+        ['push', 'false'],
+        ['pull', 'false'],
+        ['secret-envs', 'MY_SECRET=MY_SECRET_ENV,ANOTHER_SECRET=ANOTHER_SECRET_ENV']
+      ]),
+      [
+        'build',
+        '--secret', 'id=MY_SECRET,env=MY_SECRET_ENV',
+        '--secret', 'id=ANOTHER_SECRET,env=ANOTHER_SECRET_ENV',
+        '--iidfile', path.join(tmpDir, 'iidfile'),
+        '--load',
+        '--metadata-file', path.join(tmpDir, 'metadata-file'),
+        '.'
+      ]
+    ],
+    [
+      27,
+      '0.11.0',
+      new Map<string, string>([
+        ['context', '.'],
+        ['annotations', 'example1=www\nindex:example2=xxx\nmanifest:example3=yyy\nmanifest-descriptor[linux/amd64]:example4=zzz'],
+        ['outputs', 'type=local,dest=./release-out'],
+        ['load', 'false'],
+        ['no-cache', 'false'],
+        ['push', 'false'],
+        ['pull', 'false'],
+      ]),
+      [
+        'build',
+        '--output', 'type=local,dest=./release-out',
+        "--provenance", `mode=min,inline-only=true,builder-id=https://github.com/docker/build-push-action/actions/runs/123456789`,
+        '--metadata-file', path.join(tmpDir, 'metadata-file'),
+        '.'
+      ]
+    ],
+    [
+      28,
+      '0.12.0',
+      new Map<string, string>([
+        ['context', '.'],
+        ['annotations', 'example1=www\nindex:example2=xxx\nmanifest:example3=yyy\nmanifest-descriptor[linux/amd64]:example4=zzz'],
+        ['outputs', 'type=local,dest=./release-out'],
+        ['load', 'false'],
+        ['no-cache', 'false'],
+        ['push', 'false'],
+        ['pull', 'false'],
+      ]),
+      [
+        'build',
+        '--annotation', 'example1=www',
+        '--annotation', 'index:example2=xxx',
+        '--annotation', 'manifest:example3=yyy',
+        '--annotation', 'manifest-descriptor[linux/amd64]:example4=zzz',
+        '--output', 'type=local,dest=./release-out',
+        "--provenance", `mode=min,inline-only=true,builder-id=https://github.com/docker/build-push-action/actions/runs/123456789`,
+        '--metadata-file', path.join(tmpDir, 'metadata-file'),
+        '.'
+      ]
+    ],
+    [
+      29,
+      '0.12.0',
+      new Map<string, string>([
+        ['context', '.'],
+        ['outputs', `type=image,"name=localhost:5000/name/app:latest,localhost:5000/name/app:foo",push-by-digest=true,name-canonical=true,push=true`],
+        ['load', 'false'],
+        ['no-cache', 'false'],
+        ['push', 'false'],
+        ['pull', 'false'],
+      ]),
+      [
+        'build',
+        '--iidfile', path.join(tmpDir, 'iidfile'),
+        "--output", `type=image,"name=localhost:5000/name/app:latest,localhost:5000/name/app:foo",push-by-digest=true,name-canonical=true,push=true`,
+        "--provenance", `mode=min,inline-only=true,builder-id=https://github.com/docker/build-push-action/actions/runs/123456789`,
+        '--metadata-file', path.join(tmpDir, 'metadata-file'),
+        '.'
+      ]
+    ]
  ])(
    '[%d] given %p with %p as inputs, returns %p',
    async (num: number, buildxVersion: string, inputs: Map<string, string>, expected: Array<string>) => {
--- a/action.yml
+++ b/action.yml
@ -13,6 +13,9 @@ inputs:
  allow:
    description: "List of extra privileged entitlement (e.g., network.host,security.insecure)"
    required: false
+  annotations:
+    description: "List of annotation to set to the image"
+    required: false
  attests:
    description: "List of attestation parameters (e.g., type=sbom,generator=image)"
    required: false
@ -80,6 +83,9 @@ inputs:
  secrets:
    description: "List of secrets to expose to the build (e.g., key=string, GIT_AUTH_TOKEN=mytoken)"
    required: false
+  secret-envs:
+    description: "List of secret env vars to expose to the build (e.g., key=envname, MY_SECRET=MY_ENV_VAR)"
+    required: false
  secret-files:
    description: "List of secret files to expose to the build (e.g., key=filename, MY_SECRET=./secret.txt)"
    required: false
@ -112,6 +118,6 @@ outputs:
    description: 'Build result metadata'

 runs:
-  using: 'node16'
+  using: 'node20'
  main: 'dist/index.js'
  post: 'dist/index.js'
--- a/dev.Dockerfile
+++ b/dev.Dockerfile
@ -1,8 +1,6 @@
 # syntax=docker/dockerfile:1

-ARG NODE_VERSION=16
-ARG DOCKER_VERSION=20.10.13
-ARG BUILDX_VERSION=0.8.0
+ARG NODE_VERSION=20

 FROM node:${NODE_VERSION}-alpine AS base
 RUN apk add --no-cache cpio findutils git
@ -62,15 +60,10 @@ RUN --mount=type=bind,target=.,rw \
  --mount=type=cache,target=/src/node_modules \
  yarn run lint

-FROM docker:${DOCKER_VERSION} as docker
-FROM docker/buildx-bin:${BUILDX_VERSION} as buildx
-
 FROM deps AS test
 RUN --mount=type=bind,target=.,rw \
  --mount=type=cache,target=/src/node_modules \
-  --mount=type=bind,from=docker,source=/usr/local/bin/docker,target=/usr/bin/docker \
-  --mount=type=bind,from=buildx,source=/buildx,target=/usr/libexec/docker/cli-plugins/docker-buildx \
-  yarn run test --coverageDirectory=/tmp/coverage
+  yarn run test --coverage --coverageDirectory=/tmp/coverage

 FROM scratch AS test-coverage
 COPY --from=test /tmp/coverage /
--- a/dist/index.js
+++ b/dist/index.js
--- a/dist/index.js.map
+++ b/dist/index.js.map
--- a/dist/licenses.txt
+++ b/dist/licenses.txt
@ -527,6 +527,28 @@ Apache-2.0
   limitations under the License.


+@fastify/busboy
+MIT
+Copyright Brian White. All rights reserved.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to
+deal in the Software without restriction, including without limitation the
+rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+sell copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+IN THE SOFTWARE.
+
@octokit/auth-token
 MIT
 The MIT License
@ -1329,78 +1351,6 @@ Copyright (c) 2012 Felix Geisendörfer (felix@debuggable.com) and contributors
 THE SOFTWARE.


-fs.realpath
-ISC
-The ISC License
-
-Copyright (c) Isaac Z. Schlueter and Contributors
-
-Permission to use, copy, modify, and/or distribute this software for any
-purpose with or without fee is hereby granted, provided that the above
-copyright notice and this permission notice appear in all copies.
-
-THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
-IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-
----
-
-This library bundles a version of the `fs.realpath` and `fs.realpathSync`
-methods from Node.js v0.10 under the terms of the Node.js MIT license.
-
-Node's license follows, also included at the header of `old.js` which contains
-the licensed code:
-
-  Copyright Joyent, Inc. and other Node contributors.
-
-  Permission is hereby granted, free of charge, to any person obtaining a
-  copy of this software and associated documentation files (the "Software"),
-  to deal in the Software without restriction, including without limitation
-  the rights to use, copy, modify, merge, publish, distribute, sublicense,
-  and/or sell copies of the Software, and to permit persons to whom the
-  Software is furnished to do so, subject to the following conditions:
-
-  The above copyright notice and this permission notice shall be included in
-  all copies or substantial portions of the Software.
-
-  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-  IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-  FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-  AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
-  FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
-  DEALINGS IN THE SOFTWARE.
-
-
-glob
-ISC
-The ISC License
-
-Copyright (c) Isaac Z. Schlueter and Contributors
-
-Permission to use, copy, modify, and/or distribute this software for any
-purpose with or without fee is hereby granted, provided that the above
-copyright notice and this permission notice appear in all copies.
-
-THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
-IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-
-## Glob Logo
-
-Glob's logo created by Tanya Brassie <http://tanyabrassie.com/>, licensed
-under a Creative Commons Attribution-ShareAlike 4.0 International License
-https://creativecommons.org/licenses/by-sa/4.0/
-
-
 handlebars
 MIT
 Copyright (C) 2011-2019 by Yehuda Katz
@ -1424,45 +1374,6 @@ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 THE SOFTWARE.


-inflight
-ISC
-The ISC License
-
-Copyright (c) Isaac Z. Schlueter
-
-Permission to use, copy, modify, and/or distribute this software for any
-purpose with or without fee is hereby granted, provided that the above
-copyright notice and this permission notice appear in all copies.
-
-THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
-IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-
-
-inherits
-ISC
-The ISC License
-
-Copyright (c) Isaac Z. Schlueter
-
-Permission to use, copy, modify, and/or distribute this software for any
-purpose with or without fee is hereby granted, provided that the above
-copyright notice and this permission notice appear in all copies.
-
-THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
-REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND
-FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
-INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
-OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-PERFORMANCE OF THIS SOFTWARE.
-
-
-
 is-plain-object
 MIT
 The MIT License (MIT)
@ -1650,50 +1561,6 @@ ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
 IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.


-path-is-absolute
-MIT
-The MIT License (MIT)
-
-Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (sindresorhus.com)
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-THE SOFTWARE.
-
-
-rimraf
-ISC
-The ISC License
-
-Copyright (c) Isaac Z. Schlueter and Contributors
-
-Permission to use, copy, modify, and/or distribute this software for any
-purpose with or without fee is hereby granted, provided that the above
-copyright notice and this permission notice appear in all copies.
-
-THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
-IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-
-
 sax
 ISC
 The ISC License
@ -1858,6 +1725,31 @@ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 THE SOFTWARE.


+undici
+MIT
+MIT License
+
+Copyright (c) Matteo Collina and Undici contributors
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+
+
 universal-user-agent
 ISC
 # [ISC License](https://spdx.org/licenses/ISC)
--- a/package.json
+++ b/package.json
@ -4,9 +4,13 @@
  "main": "lib/main.js",
  "scripts": {
    "build": "ncc build src/main.ts --source-map --minify --license licenses.txt",
-    "lint": "eslint src/**/*.ts __tests__/**/*.ts",
-    "format": "eslint --fix src/**/*.ts __tests__/**/*.ts",
-    "test": "jest --coverage",
+    "lint": "yarn run prettier && yarn run eslint",
+    "format": "yarn run prettier:fix && yarn run eslint:fix",
+    "eslint": "eslint --max-warnings=0 .",
+    "eslint:fix": "eslint --fix .",
+    "prettier": "prettier --check \"./**/*.ts\"",
+    "prettier:fix": "prettier --write \"./**/*.ts\"",
+    "test": "jest",
    "all": "yarn run build && yarn run format && yarn test"
  },
  "repository": {
@ -19,33 +23,27 @@
    "build",
    "push"
  ],
-  "author": "Docker",
-  "contributors": [
-    {
-      "name": "CrazyMax",
-      "url": "https://crazymax.dev"
-    }
-  ],
+  "author": "Docker Inc.",
  "license": "Apache-2.0",
  "dependencies": {
-    "@actions/core": "^1.10.0",
-    "@docker/actions-toolkit": "^0.8.0",
+    "@actions/core": "^1.10.1",
+    "@docker/actions-toolkit": "0.19.0",
    "handlebars": "^4.7.7"
  },
  "devDependencies": {
    "@types/csv-parse": "^1.2.2",
-    "@types/node": "^16.18.21",
-    "@typescript-eslint/eslint-plugin": "^5.56.0",
-    "@typescript-eslint/parser": "^5.56.0",
-    "@vercel/ncc": "^0.36.1",
-    "eslint": "^8.36.0",
-    "eslint-config-prettier": "^8.8.0",
-    "eslint-plugin-jest": "^27.2.1",
-    "eslint-plugin-prettier": "^4.2.1",
-    "jest": "^29.5.0",
-    "prettier": "^2.8.7",
-    "ts-jest": "^29.0.5",
+    "@types/node": "^20.5.9",
+    "@typescript-eslint/eslint-plugin": "^6.6.0",
+    "@typescript-eslint/parser": "^6.6.0",
+    "@vercel/ncc": "^0.38.0",
+    "eslint": "^8.48.0",
+    "eslint-config-prettier": "^9.0.0",
+    "eslint-plugin-jest": "^27.2.3",
+    "eslint-plugin-prettier": "^5.0.0",
+    "jest": "^29.6.4",
+    "prettier": "^3.0.3",
+    "ts-jest": "^29.1.1",
    "ts-node": "^10.9.1",
-    "typescript": "^4.9.5"
+    "typescript": "^5.2.2"
  }
 }
--- a/src/context.ts
+++ b/src/context.ts
@ -9,6 +9,7 @@ import {Util} from '@docker/actions-toolkit/lib/util';
 export interface Inputs {
  addHosts: string[];
  allow: string[];
+  annotations: string[];
  attests: string[];
  buildArgs: string[];
  buildContexts: string[];
@ -30,6 +31,7 @@ export interface Inputs {
  push: boolean;
  sbom: string;
  secrets: string[];
+  secretEnvs: string[];
  secretFiles: string[];
  shmSize: string;
  ssh: string[];
@ -43,6 +45,7 @@ export async function getInputs(): Promise<Inputs> {
  return {
    addHosts: Util.getInputList('add-hosts'),
    allow: Util.getInputList('allow'),
+    annotations: Util.getInputList('annotations', {ignoreComma: true}),
    attests: Util.getInputList('attests', {ignoreComma: true}),
    buildArgs: Util.getInputList('build-args', {ignoreComma: true}),
    buildContexts: Util.getInputList('build-contexts', {ignoreComma: true}),
@ -57,13 +60,14 @@ export async function getInputs(): Promise<Inputs> {
    network: core.getInput('network'),
    noCache: core.getBooleanInput('no-cache'),
    noCacheFilters: Util.getInputList('no-cache-filters'),
-    outputs: Util.getInputList('outputs', {ignoreComma: true}),
+    outputs: Util.getInputList('outputs', {ignoreComma: true, quote: false}),
    platforms: Util.getInputList('platforms'),
    provenance: BuildxInputs.getProvenanceInput('provenance'),
    pull: core.getBooleanInput('pull'),
    push: core.getBooleanInput('push'),
    sbom: core.getInput('sbom'),
    secrets: Util.getInputList('secrets', {ignoreComma: true}),
+    secretEnvs: Util.getInputList('secret-envs'),
    secretFiles: Util.getInputList('secret-files', {ignoreComma: true}),
    shmSize: core.getInput('shm-size'),
    ssh: Util.getInputList('ssh'),
@ -98,6 +102,15 @@ async function getBuildArgs(inputs: Inputs, context: string, toolkit: Toolkit):
    await Util.asyncForEach(inputs.attests, async attest => {
      args.push('--attest', attest);
    });
+  } else if (inputs.attests.length > 0) {
+    core.warning("Attestations are only supported by buildx >= 0.10.0; the input 'attests' is ignored.");
+  }
+  if (await toolkit.buildx.versionSatisfies('>=0.12.0')) {
+    await Util.asyncForEach(inputs.annotations, async annotation => {
+      args.push('--annotation', annotation);
+    });
+  } else if (inputs.annotations.length > 0) {
+    core.warning("Annotations are only supported by buildx >= 0.12.0; the input 'annotations' is ignored.");
  }
  await Util.asyncForEach(inputs.buildArgs, async buildArg => {
    args.push('--build-arg', buildArg);
@ -106,6 +119,8 @@ async function getBuildArgs(inputs: Inputs, context: string, toolkit: Toolkit):
    await Util.asyncForEach(inputs.buildContexts, async buildContext => {
      args.push('--build-context', buildContext);
    });
+  } else if (inputs.buildContexts.length > 0) {
+    core.warning("Build contexts are only supported by buildx >= 0.8.0; the input 'build-contexts' is ignored.");
  }
  await Util.asyncForEach(inputs.cacheFrom, async cacheFrom => {
    args.push('--cache-from', cacheFrom);
@ -116,6 +131,13 @@ async function getBuildArgs(inputs: Inputs, context: string, toolkit: Toolkit):
  if (inputs.cgroupParent) {
    args.push('--cgroup-parent', inputs.cgroupParent);
  }
+  await Util.asyncForEach(inputs.secretEnvs, async secretEnv => {
+    try {
+      args.push('--secret', BuildxInputs.resolveBuildSecretEnv(secretEnv));
+    } catch (err) {
+      core.warning(err.message);
+    }
+  });
  if (inputs.file) {
    args.push('--file', inputs.file);
  }
@ -153,6 +175,8 @@ async function getBuildArgs(inputs: Inputs, context: string, toolkit: Toolkit):
    if (inputs.sbom) {
      args.push('--sbom', inputs.sbom);
    }
+  } else if (inputs.provenance || inputs.sbom) {
+    core.warning("Attestations are only supported by buildx >= 0.10.0; the inputs 'provenance' and 'sbom' are ignored.");
  }
  await Util.asyncForEach(inputs.secrets, async secret => {
    try {
--- a/src/main.ts
+++ b/src/main.ts
@ -17,6 +17,8 @@ actionsToolkit.run(
  // main
  async () => {
    const inputs: context.Inputs = await context.getInputs();
+    core.debug(`inputs: ${JSON.stringify(inputs)}`);
+
    const toolkit = new Toolkit();

    await core.group(`GitHub Actions runtime token ACs`, async () => {
@ -48,7 +50,7 @@ actionsToolkit.run(
      if (dockerConfig && dockerConfig.proxies) {
        for (const host in dockerConfig.proxies) {
          let prefix = '';
-          if (dockerConfig.proxies.length > 1) {
+          if (Object.keys(dockerConfig.proxies).length > 1) {
            prefix = '  ';
            core.info(host);
          }
@ -73,7 +75,12 @@ actionsToolkit.run(
    });

    const args: string[] = await context.getArgs(inputs, toolkit);
+    core.debug(`context.getArgs: ${JSON.stringify(args)}`);
+
    const buildCmd = await toolkit.buildx.getCommand(args);
+    core.debug(`buildCmd.command: ${buildCmd.command}`);
+    core.debug(`buildCmd.args: ${JSON.stringify(buildCmd.args)}`);
+
    await Exec.getExecOutput(buildCmd.command, buildCmd.args, {
      ignoreReturnCode: true
    }).then(res => {
--- a/yarn.lock
+++ b/yarn.lock
Author	SHA1	Message	Date
CrazyMax	2cdde995de	Merge pull request #1080 from docker/dependabot/npm_and_yarn/docker/actions-toolkit-0.19.0 chore(deps): Bump @docker/actions-toolkit from 0.18.0 to 0.19.0	2024-03-13 19:21:45 +01:00
CrazyMax	008747aa03	chore: update generated content Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2024-03-13 19:19:46 +01:00
dependabot[bot]	1580753126	chore(deps): Bump @docker/actions-toolkit from 0.18.0 to 0.19.0 Bumps [@docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.18.0 to 0.19.0. - [Release notes](https://github.com/docker/actions-toolkit/releases) - [Commits](https://github.com/docker/actions-toolkit/compare/v0.18.0...v0.19.0) --- updated-dependencies: - dependency-name: "@docker/actions-toolkit" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2024-03-13 18:18:15 +00:00
Tõnis Tiigi	2a7db1d68a	Merge pull request #1075 from crazy-max/ci-multi-output ci: test multi output	2024-03-11 16:57:53 -07:00
CrazyMax	35e7dd5921	ci: test multi output Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2024-03-08 14:07:12 +01:00
CrazyMax	af5a7ed5ba	Merge pull request #1074 from crazy-max/build-cmd-debug disable quotes detection for "outputs" input	2024-03-07 19:54:57 +01:00
CrazyMax	2a85189a6c	chore: update generated content Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2024-03-06 15:26:36 +01:00
CrazyMax	6c2079483e	disable quotes detection for "outputs" input Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2024-03-06 15:25:57 +01:00
CrazyMax	afdf0c0a67	chore: debug build cmd and args Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2024-03-06 15:20:53 +01:00
CrazyMax	00ae31ab6e	Merge pull request #1070 from docker/dependabot/npm_and_yarn/docker/actions-toolkit-0.18.0 chore(deps): Bump @docker/actions-toolkit from 0.14.0 to 0.18.0	2024-03-06 14:43:50 +01:00
CrazyMax	701942b6e5	chore: update generated content Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2024-03-06 14:40:26 +01:00
dependabot[bot]	90e54d0b1d	chore(deps): Bump @docker/actions-toolkit from 0.14.0 to 0.18.0 Bumps [@docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.14.0 to 0.18.0. - [Release notes](https://github.com/docker/actions-toolkit/releases) - [Commits](https://github.com/docker/actions-toolkit/compare/v0.14.0...v0.18.0) --- updated-dependencies: - dependency-name: "@docker/actions-toolkit" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2024-03-01 11:36:46 +00:00
CrazyMax	831ca179d3	Merge pull request #1066 from crazy-max/ci-local-cache ci: local-cache job to test local cache feature	2024-02-29 13:00:40 +01:00
CrazyMax	6bd0e5492f	ci: local-cache job to test local cache feature Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2024-02-28 15:47:13 +01:00
CrazyMax	b3eddbb94c	Merge pull request #1057 from docker/dependabot/npm_and_yarn/undici-5.28.3 chore(deps): Bump undici from 5.26.3 to 5.28.3	2024-02-23 09:32:22 +01:00
CrazyMax	ffd798c1f1	chore: update generated content Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2024-02-23 09:30:57 +01:00
CrazyMax	62d8db0960	Merge pull request #1059 from crazy-max/codecov-token ci: set codecov token	2024-02-22 23:31:08 +01:00
CrazyMax	8ab81cb898	ci: set codecov token Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2024-02-22 23:27:38 +01:00
dependabot[bot]	d47e7c357d	chore(deps): Bump undici from 5.26.3 to 5.28.3 Bumps [undici](https://github.com/nodejs/undici) from 5.26.3 to 5.28.3. - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](https://github.com/nodejs/undici/compare/v5.26.3...v5.28.3) --- updated-dependencies: - dependency-name: undici dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2024-02-16 17:55:24 +00:00
CrazyMax	4976231911	Merge pull request #1046 from docker/dependabot/github_actions/codecov/codecov-action-4 chore(deps): Bump codecov/codecov-action from 3 to 4	2024-02-03 15:27:24 +01:00
dependabot[bot]	d236adc992	chore(deps): Bump codecov/codecov-action from 3 to 4 Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3 to 4. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/v3...v4) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2024-02-01 11:49:00 +00:00
CrazyMax	94d76d3bc1	Merge pull request #1041 from k-yamasaki-zakisan/feature/upgrate-readme-to-actions/checkout@v4 upgrade actions/checkout to v4	2024-01-26 10:41:26 +01:00
k-yamasaki-zakisan	2b28f2a854	upgrade actions/checkout to v4 Signed-off-by: Kazuyoshi Yamasaki <kazuyoshi.kyushu@gmail.com>	2024-01-26 17:18:20 +09:00
CrazyMax	9f6f8c940b	Merge pull request #1019 from favonia/warn-about-ignored-inputs feat: warn about ignored inputs	2023-12-01 09:31:23 -08:00
favonia	8411d080ee	feat: warn about ignored inputs Currently, several inputs can be silently ignored without any warnings. This change will issue a warning for each ignored input with a short explanation. Signed-off-by: favonia <favonia@gmail.com>	2023-12-01 07:50:51 -06:00
CrazyMax	4a13e500e5	Merge pull request #1006 from docker/dependabot/npm_and_yarn/docker/actions-toolkit-0.14.0 chore(deps): Bump @docker/actions-toolkit from 0.13.0 to 0.14.0	2023-11-17 03:34:00 -08:00
CrazyMax	7416668686	chore: update generated content Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2023-11-17 12:22:57 +01:00
dependabot[bot]	b4f76a5dc6	chore(deps): Bump @docker/actions-toolkit from 0.13.0 to 0.14.0 Bumps [@docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.13.0 to 0.14.0. - [Release notes](https://github.com/docker/actions-toolkit/releases) - [Commits](https://github.com/docker/actions-toolkit/compare/v0.13.0...v0.14.0) --- updated-dependencies: - dependency-name: "@docker/actions-toolkit" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-11-17 10:59:04 +00:00
CrazyMax	b7feb766fa	Merge pull request #1005 from crazy-max/ci-inspect ci: inspect sbom and provenance	2023-11-17 02:46:05 -08:00
CrazyMax	fae8018297	ci: inspect sbom and provenance Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2023-11-17 11:44:11 +01:00
CrazyMax	b625868b13	Merge pull request #1004 from crazy-max/ci-update-buildx ci: update buildx to latest	2023-11-17 02:21:23 -08:00
CrazyMax	5193ef1da6	ci: update buildx to latest Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>	2023-11-17 11:06:32 +01:00
CrazyMax	d3afd779e4	Merge pull request #991 from docker/dependabot/npm_and_yarn/babel/traverse-7.23.2 chore(deps): Bump @babel/traverse from 7.17.3 to 7.23.2	2023-11-16 01:53:02 -08:00
Tõnis Tiigi	7a786bb2b9	Merge pull request #992 from crazy-max/annotations add annotations input	2023-11-15 13:19:25 -08:00
CrazyMax	c66ae3adcf	chore: update generated content Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>	2023-10-27 06:43:13 +02:00
CrazyMax	248131c7bf	add `annotations` input Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>	2023-10-27 06:43:13 +02:00
CrazyMax	b425c4cd5a	ci: bump buildx to v0.12.0-rc1 Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>	2023-10-27 06:42:50 +02:00
dependabot[bot]	9834ce5b4d	chore(deps): Bump @babel/traverse from 7.17.3 to 7.23.2 Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.17.3 to 7.23.2. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.23.2/packages/babel-traverse) --- updated-dependencies: - dependency-name: "@babel/traverse" dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2023-10-17 20:37:00 +00:00
CrazyMax	fdf7f43ecf	Merge pull request #990 from docker/dependabot/npm_and_yarn/docker/actions-toolkit-0.13.0 chore(deps): Bump @docker/actions-toolkit from 0.13.0-rc.1 to 0.13.0	2023-10-13 05:17:16 -07:00
CrazyMax	e3a4c332fb	chore: update generated content Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>	2023-10-13 14:15:17 +02:00
dependabot[bot]	c48d200483	chore(deps): Bump @docker/actions-toolkit from 0.13.0-rc.1 to 0.13.0 Bumps [@docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.13.0-rc.1 to 0.13.0. - [Release notes](https://github.com/docker/actions-toolkit/releases) - [Commits](https://github.com/docker/actions-toolkit/compare/v0.13.0-rc.1...v0.13.0) --- updated-dependencies: - dependency-name: "@docker/actions-toolkit" dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-10-13 12:11:38 +00:00
CrazyMax	8d2cf95286	Merge pull request #988 from crazy-max/e2e-disable-artifactory e2e: disable artifactory	2023-10-12 05:37:42 -07:00
CrazyMax	3c7915695f	chore: update secret-envs description Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>	2023-10-12 14:32:49 +02:00
CrazyMax	0a283b683f	e2e: disable artifactory Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>	2023-10-12 14:26:08 +02:00
CrazyMax	c544b50d70	Merge pull request #980 from elias-lundgren/env-secrets-input feat: add secret-envs input	2023-10-12 05:24:34 -07:00
Elias Lundgren	dd31262fa7	chore: update generated content Signed-off-by: Elias Lundgren <145569914+elias-lundgren@users.noreply.github.com>	2023-10-11 15:44:41 +02:00
Elias Lundgren	5f01267817	feat: add secret-envs input Signed-off-by: Elias Lundgren <145569914+elias-lundgren@users.noreply.github.com>	2023-10-11 15:43:05 +02:00
CrazyMax	0f847266c3	Merge pull request #985 from crazy-max/fix-e2e e2e: fix .docker folder perms	2023-10-09 01:09:50 -07:00
CrazyMax	ea8499618b	e2e: fix .docker folder perms Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>	2023-10-08 19:01:40 +02:00
CrazyMax	4c1b68d83a	Merge pull request #960 from crazy-max/bump-major docs: bump actions to latest major	2023-09-12 15:15:43 +02:00
CrazyMax	5909c5bffe	Merge pull request #965 from docker/dependabot/github_actions/docker/bake-action-4 chore(deps): Bump docker/bake-action from 3 to 4	2023-09-12 14:28:09 +02:00
CrazyMax	285730d174	Merge pull request #964 from docker/dependabot/github_actions/docker/login-action-3 chore(deps): Bump docker/login-action from 2 to 3	2023-09-12 14:27:54 +02:00
CrazyMax	4bbe0177ef	Merge pull request #963 from docker/dependabot/github_actions/docker/metadata-action-5 chore(deps): Bump docker/metadata-action from 4 to 5	2023-09-12 14:27:41 +02:00
CrazyMax	cc4d1d4d5f	Merge pull request #962 from docker/dependabot/github_actions/docker/setup-buildx-action-3 chore(deps): Bump docker/setup-buildx-action from 2 to 3	2023-09-12 14:27:28 +02:00
CrazyMax	e7d3750abc	Merge pull request #961 from docker/dependabot/github_actions/docker/setup-qemu-action-3 chore(deps): Bump docker/setup-qemu-action from 2 to 3	2023-09-12 14:27:11 +02:00
CrazyMax	4556201a14	docs: bump actions to latest major Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>	2023-09-12 14:19:32 +02:00
dependabot[bot]	9fa62cfa91	chore(deps): Bump docker/bake-action from 3 to 4 Bumps [docker/bake-action](https://github.com/docker/bake-action) from 3 to 4. - [Release notes](https://github.com/docker/bake-action/releases) - [Commits](https://github.com/docker/bake-action/compare/v3...v4) --- updated-dependencies: - dependency-name: docker/bake-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2023-09-12 11:17:20 +00:00
dependabot[bot]	8026f009fc	chore(deps): Bump docker/login-action from 2 to 3 Bumps [docker/login-action](https://github.com/docker/login-action) from 2 to 3. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/v2...v3) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2023-09-12 11:17:17 +00:00
dependabot[bot]	6b35a7a7f1	chore(deps): Bump docker/metadata-action from 4 to 5 Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 4 to 5. - [Release notes](https://github.com/docker/metadata-action/releases) - [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md) - [Commits](https://github.com/docker/metadata-action/compare/v4...v5) --- updated-dependencies: - dependency-name: docker/metadata-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2023-09-12 11:17:15 +00:00
dependabot[bot]	c6e64b478a	chore(deps): Bump docker/setup-buildx-action from 2 to 3 Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2 to 3. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/v2...v3) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2023-09-12 11:17:11 +00:00
dependabot[bot]	e2505c6383	chore(deps): Bump docker/setup-qemu-action from 2 to 3 Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 2 to 3. - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](https://github.com/docker/setup-qemu-action/compare/v2...v3) --- updated-dependencies: - dependency-name: docker/setup-qemu-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2023-09-12 11:17:07 +00:00
CrazyMax	0565240e2d	Merge pull request #959 from docker/dependabot/npm_and_yarn/actions/core-1.10.1 chore(deps): Bump @actions/core from 1.10.0 to 1.10.1	2023-09-12 08:59:19 +02:00
CrazyMax	3ab07f8801	chore: update generated content Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>	2023-09-12 08:53:09 +02:00
dependabot[bot]	b9e7e4daec	chore(deps): Bump @actions/core from 1.10.0 to 1.10.1 Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.10.0 to 1.10.1. - [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md) - [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core) --- updated-dependencies: - dependency-name: "@actions/core" dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-09-12 06:30:14 +00:00
CrazyMax	04d1a3b049	Merge pull request #954 from crazy-max/update-node20 chore: node 20 as default runtime	2023-09-12 08:22:50 +02:00
CrazyMax	1a4d1a13fb	chore: node 20 as default runtime Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>	2023-09-09 18:09:30 +02:00
CrazyMax	675965c0e1	chore: update generated content Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>	2023-09-09 18:09:30 +02:00
CrazyMax	58ee34cb6b	chore: fix author in package.json Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>	2023-09-09 18:08:44 +02:00
CrazyMax	c97c4060bd	fix ProxyConfig type when checking length Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>	2023-09-09 18:08:43 +02:00
CrazyMax	47d5369e0b	vendor: bump @docker/actions-toolkit from 0.8.0 to 0.12.0 Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>	2023-09-09 18:08:43 +02:00
CrazyMax	8895c7468f	chore: update dev dependencies Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>	2023-09-09 18:08:43 +02:00
CrazyMax	59ba712c53	dev: remove unneeded binaries Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>	2023-09-09 18:08:43 +02:00
CrazyMax	0c20fff10d	chore: update to node 20 Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>	2023-09-09 18:08:43 +02:00