Update docker/build-push-action action to v7

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
docker/build-push-action	action	major	v2 → v7

---

Release Notes

docker/build-push-action (docker/build-push-action)

v7.1.0

Compare Source

• Git context query format support by @​crazy-max in #​1505
• Bump @​docker/actions-toolkit from 0.79.0 to 0.87.0 by @​crazy-max in #​1505
• Bump brace-expansion from 1.1.12 to 1.1.13 in #​1500
• Bump fast-xml-parser from 5.4.2 to 5.5.7 in #​1489
• Bump flatted from 3.3.3 to 3.4.2 in #​1491
• Bump glob from 10.3.12 to 10.5.0 in #​1490
• Bump handlebars from 4.7.8 to 4.7.9 in #​1497
• Bump lodash from 4.17.23 to 4.18.1 in #​1510
• Bump picomatch from 4.0.3 to 4.0.4 in #​1496
• Bump undici from 6.23.0 to 6.24.1 in #​1486
• Bump vite from 7.3.1 to 7.3.2 in #​1509

Full Changelog: docker/build-push-action@v7.0.0...v7.1.0

v7.0.0

Compare Source

• Node 24 as default runtime (requires Actions Runner v2.327.1 or later) by @​crazy-max in #​1470
• Remove deprecated DOCKER_BUILD_NO_SUMMARY and DOCKER_BUILD_EXPORT_RETENTION_DAYS envs by @​crazy-max in #​1473
• Remove legacy export-build tool support for build summary by @​crazy-max in #​1474
• Switch to ESM and update config/test wiring by @​crazy-max in #​1466
• Bump @​actions/core from 1.11.1 to 3.0.0 in #​1454
• Bump @​docker/actions-toolkit from 0.62.1 to 0.79.0 in #​1453 #​1472 #​1479
• Bump minimatch from 3.1.2 to 3.1.5 in #​1463

Full Changelog: docker/build-push-action@v6.19.2...v7.0.0

v7

Compare Source

v6.19.2

Compare Source

• Preserve port in GIT_AUTH_TOKEN host by @​crazy-max in #​1458

Full Changelog: docker/build-push-action@v6.19.1...v6.19.2

v6.19.1

Compare Source

• Derive GIT_AUTH_TOKEN host from GitHub server URL by @​crazy-max in #​1456

Full Changelog: docker/build-push-action@v6.19.0...v6.19.1

v6.19.0

Compare Source

• Scope default git auth token to github.com by @​crazy-max in #​1451
• Bump brace-expansion from 1.1.11 to 1.1.12 in #​1396
• Bump form-data from 2.5.1 to 2.5.5 in #​1391
• Bump js-yaml from 3.14.1 to 3.14.2 in #​1429
• Bump lodash from 4.17.21 to 4.17.23 in #​1446
• Bump tmp from 0.2.3 to 0.2.4 in #​1398
• Bump undici from 5.28.4 to 5.29.0 in #​1397

Full Changelog: docker/build-push-action@v6.18.0...v6.19.0

v6.18.0

Compare Source

• Bump @​docker/actions-toolkit from 0.61.0 to 0.62.1 in #​1381

[!NOTE]
Build summary is now supported with Docker Build Cloud.

Full Changelog: docker/build-push-action@v6.17.0...v6.18.0

v6.17.0

Compare Source

• Bump @​docker/actions-toolkit from 0.59.0 to 0.61.0 by @​crazy-max in #​1364

[!NOTE]
Build record is now exported using the buildx history export command instead of the legacy export-build tool.

Full Changelog: docker/build-push-action@v6.16.0...v6.17.0

v6.16.0

Compare Source

• Handle no default attestations env var by @​crazy-max in #​1343
• Only print secret keys in build summary output by @​crazy-max in #​1353
• Bump @​docker/actions-toolkit from 0.56.0 to 0.59.0 in #​1352

Full Changelog: docker/build-push-action@v6.15.0...v6.16.0

v6.15.0

Compare Source

• Bump @​docker/actions-toolkit from 0.55.0 to 0.56.0 in #​1330

Full Changelog: docker/build-push-action@v6.14.0...v6.15.0

v6.14.0

Compare Source

• Bump @​docker/actions-toolkit from 0.53.0 to 0.55.0 in #​1324

Full Changelog: docker/build-push-action@v6.13.0...v6.14.0

v6.13.0

Compare Source

• Bump @​docker/actions-toolkit from 0.51.0 to 0.53.0 in #​1308

Full Changelog: docker/build-push-action@v6.12.0...v6.13.0

v6.12.0

Compare Source

• Bump @​docker/actions-toolkit from 0.49.0 to 0.51.0 in #​1300

Full Changelog: docker/build-push-action@v6.11.0...v6.12.0

v6.11.0

Compare Source

• Handlebar defaultContext support for build-contexts input by @​crazy-max in #​1283
• Bump @​docker/actions-toolkit from 0.46.0 to 0.49.0 in #​1281

Full Changelog: docker/build-push-action@v6.10.0...v6.11.0

v6.10.0

Compare Source

• Add call input to set method for evaluating build by @​crazy-max in #​1265
• Bump @​actions/core from 1.10.1 to 1.11.1 in #​1238
• Bump @​docker/actions-toolkit from 0.39.0 to 0.46.0 in #​1268
• Bump cross-spawn from 7.0.3 to 7.0.6 in #​1261

Full Changelog: docker/build-push-action@v6.9.0...v6.10.0

v6.9.0

Compare Source

• Bump @​docker/actions-toolkit from 0.38.0 to 0.39.0 in #​1234
• Bump path-to-regexp from 6.2.2 to 6.3.0 in #​1232

Full Changelog: docker/build-push-action@v6.8.0...v6.9.0

v6.8.0

Compare Source

• Bump @​docker/actions-toolkit from 0.37.1 to 0.38.0 in #​1230

Full Changelog: docker/build-push-action@v6.7.0...v6.8.0

v6.7.0

Compare Source

• Print info message for build summary support checks by @​crazy-max in #​1211

Full Changelog: docker/build-push-action@v6.6.1...v6.7.0

v6.6.1

Compare Source

• Bump @​docker/actions-toolkit from 0.37.0 to 0.37.1 in #​1205

Full Changelog: docker/build-push-action@v6.6.0...v6.6.1

v6.6.0

Compare Source

• Generate GitHub annotations for build checks by @​crazy-max in #​1197
• Bump @​docker/actions-toolkit from 0.35.0 to 0.37.0 in #​1196 #​1198

Full Changelog: docker/build-push-action@v6.5.0...v6.6.0

v6.5.0

Compare Source

• Bump @​docker/actions-toolkit from 0.33.0 to 0.35.0 in #​1186 #​1191

Full Changelog: docker/build-push-action@v6.4.1...v6.5.0

v6.4.1

Compare Source

• revert "Set repository and ghtoken attributes for GitHub Actions cache backend" by @​crazy-max in #​1183

Full Changelog: docker/build-push-action@v6.4.0...v6.4.1

v6.4.0

Compare Source

• Set repository and ghtoken attributes for GitHub Actions cache backend by @​crazy-max in #​1133
• Bump @​docker/actions-toolkit from 0.31.0 to 0.33.0 in #​1179

Full Changelog: docker/build-push-action@v6.3.0...v6.4.0

v6.3.0

Compare Source

• DOCKER_BUILD_RECORD_UPLOAD environment variable to enable/disable build record upload by @​crazy-max in #​1172
• DOCKER_BUILD_NO_SUMMARY has been deprecated. Set DOCKER_BUILD_SUMMARY to false instead by @​crazy-max in #​1170 #​1173
• Bump @​docker/actions-toolkit from 0.28.0 to 0.31.0 in #​1171 #​1159 #​1169

Full Changelog: docker/build-push-action@v6.2.0...v6.3.0

v6.2.0

Compare Source

• Use default retention days for build export artifact by @​crazy-max in #​1153
• Bump @​docker/actions-toolkit from 0.27.0 to 0.28.0 in #​1158

Full Changelog: docker/build-push-action@v6.1.0...v6.2.0

v6.1.0

Compare Source

• Bump @​docker/actions-toolkit from 0.26.2 to 0.27.0 in #​1149

Full Changelog: docker/build-push-action@v6.0.2...v6.1.0

v6.0.2

Compare Source

• Bump @​docker/actions-toolkit from 0.26.1 to 0.26.2 in #​1147

Full Changelog: docker/build-push-action@v6.0.1...v6.0.2

v6.0.1

Compare Source

• Bump @​docker/actions-toolkit from 0.26.0 to 0.26.1 in #​1142

Full Changelog: docker/build-push-action@v6.0.0...v6.0.1

v6.0.0

Compare Source

• Export build record and generate build summary by @​crazy-max in #​1120
• Bump @​docker/actions-toolkit from 0.24.0 to 0.26.0 in #​1132 #​1136 #​1138
• Bump braces from 3.0.2 to 3.0.3 in #​1137

[!NOTE]
This major release adds support for generating Build summary and exporting build record for your build. You can disable this feature by setting DOCKER_BUILD_SUMMARY: false environment variable in your workflow.

Full Changelog: docker/build-push-action@v5.4.0...v6.0.0

v6

Compare Source

v5.4.0

Compare Source

• Show builder information before building by @​crazy-max in #​1128
• Handle attestations correctly with provenance and sbom inputs by @​crazy-max in #​1086
• Bump @​docker/actions-toolkit from 0.19.0 to 0.24.0 in #​1088 #​1105 #​1121 #​1127
• Bump undici from 5.28.3 to 5.28.4 in #​1090

Full Changelog: docker/build-push-action@v5.3.0...v5.4.0

v5.3.0

Compare Source

• Bump @​docker/actions-toolkit from 0.18.0 to 0.19.0 in #​1080

Full Changelog: docker/build-push-action@v5.2.0...v5.3.0

v5.2.0

Compare Source

• Disable quotes detection for outputs input by @​crazy-max in #​1074
• Warn about ignored inputs by @​favonia in #​1019
• Bump @​docker/actions-toolkit from 0.14.0 to 0.18.0 in #​1070
• Bump undici from 5.26.3 to 5.28.3 in #​1057

Full Changelog: docker/build-push-action@v5.1.0...v5.2.0

v5.1.0

Compare Source

• Add annotations input by @​crazy-max in #​992
• Add secret-envs input by @​elias-lundgren in #​980
• Bump @​babel/traverse from 7.17.3 to 7.23.2 in #​991
• Bump @​docker/actions-toolkit from 0.13.0-rc.1 to 0.14.0 in #​990 #​1006

Full Changelog: docker/build-push-action@v5.0.0...v5.1.0

v5.0.0

Compare Source

• Node 20 as default runtime (requires Actions Runner v2.308.0 or later) by @​crazy-max in #​954
• Bump @​actions/core from 1.10.0 to 1.10.1 in #​959

Full Changelog: docker/build-push-action@v4.2.1...v5.0.0

v5

Compare Source

v4.2.1

Compare Source

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and AWS Lambda). You can optionally disable the default provenance attestation functionality using provenance: false.

• warn if docker config can't be parsed by @​crazy-max in #​957

Full Changelog: docker/build-push-action@v4.2.0...v4.2.1

v4.2.0

Compare Source

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and AWS Lambda). You can optionally disable the default provenance attestation functionality using provenance: false.

• display proxy configuration by @​crazy-max in #​872
• chore(deps): Bump @​docker/actions-toolkit from 0.6.0 to 0.8.0 in #​930
• chore(deps): Bump word-wrap from 1.2.3 to 1.2.5 in #​925
• chore(deps): Bump semver from 6.3.0 to 6.3.1 in #​902

Full Changelog: docker/build-push-action@v4.1.1...v4.2.0

v4.1.1

Compare Source

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and AWS Lambda). You can optionally disable the default provenance attestation functionality using provenance: false.

• Bump @​docker/actions-toolkit from 0.3.0 to 0.5.0 by @​crazy-max in #​880

Full Changelog: docker/build-push-action@v4.1.0...v4.1.1

v4.1.0

Compare Source

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and AWS Lambda). You can optionally disable the default provenance attestation functionality using provenance: false.

• Switch to actions-toolkit implementation by @​crazy-max in #​811 #​838 #​855 #​860 #​875
• e2e: quay.io by @​crazy-max in #​799 #​805
• e2e: local harbor and nexus by @​crazy-max in #​800
• e2e: add artifactory container registry to test against by @​jedevc in #​804
• e2e: add distribution tests by @​jedevc in #​814 #​815

Full Changelog: docker/build-push-action@v4.0.0...v4.1.0

v4.0.0

Compare Source

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and AWS Lambda). You can optionally disable the default provenance attestation functionality using provenance: false.

• Enable provenance by default if not set by @​crazy-max in #​784

Full Changelog: docker/build-push-action@v3.3.1...v4.0.0

v4

Compare Source

v3.3.1

Compare Source

• Disable provenance by default if not set by @​crazy-max (#​781)

Full Changelog: docker/build-push-action@v3.3.0...v3.3.1

v3.3.0

Compare Source

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and AWS Lambda). You can optionally disable the default provenance attestation functionality using provenance: false.

• Add attests, provenance and sbom inputs by @​crazy-max (#​746 #​759)
• Log GitHub Actions runtime token access controls by @​crazy-max (#​707)
• Examples moved to docs website by @​crazy-max (#​718)
• Bump minimatch from 3.0.4 to 3.1.2 (#​732)
• Bump csv-parse from 5.3.0 to 5.3.3 (#​729)
• Bump json5 from 2.2.0 to 2.2.3 (#​749)

Full Changelog: docker/build-push-action@v3.2.0...v3.3.0

v3.2.0

Compare Source

• Remove workaround for setOutput by @​crazy-max (#​704)
• Docs: fix Git context link and add more details about subdir support by @​crazy-max (#​685)
• Docs: named context by @​baibaratsky and @​crazy-max (#​665)
• Bump @​actions/core from 1.9.0 to 1.10.0 (#​667 #​695)
• Bump @​actions/github from 5.0.3 to 5.1.1 (#​696)

Full Changelog: docker/build-push-action@v3.1.1...v3.2.0

v3.1.1

Compare Source

• Fix GitHub token not passed with Git context if subdir defined by @​crazy-max (#​663)
• Replace deprecated fs.rmdir with fs.rm by @​bendrucker (#​657)

Full Changelog: docker/build-push-action@v3.1.0...v3.1.1

v3.1.0

Compare Source

• no-cache-filters input by @​crazy-max (#​653)
• Bump @​actions/github from 5.0.1 to 5.0.3 (#​619)
• Bump @​actions/core from 1.6.0 to 1.9.0 (#​620 #​637)
• Bump csv-parse from 5.0.4 to 5.3.0 (#​623 #​650)

Full Changelog: docker/build-push-action@v3.0.0...v3.1.0

v3.0.0

Compare Source

• Node 16 as default runtime by @​crazy-max (#​564)
  • This requires a minimum Actions Runner version of v2.285.0, which is by default available in GHES 3.4 or later.
• Standalone mode support by @​crazy-max (#​601 #​609)
• chore: update dev dependencies and workflow by @​crazy-max (#​571)
• Bump @​actions/exec from 1.1.0 to 1.1.1 (#​573)
• Bump @​actions/github from 5.0.0 to 5.0.1 (#​582)
• Bump minimist from 1.2.5 to 1.2.6 (#​584)
• Bump semver from 7.3.5 to 7.3.7 (#​595)
• Bump csv-parse from 4.16.3 to 5.0.4 (#​533)

Full Changelog: docker/build-push-action@v2.10.0...v3.0.0

v3

Compare Source

v2.10.0

Compare Source

• Add imageid output and use metadata to set digest output (#​569)
• Add build-contexts input (#​563)
• Enhance outputs display (#​559)

v2.9.0

Compare Source

• add-hosts input (#​553 #​555)
• Fix git context subdir example and improve README (#​552)
• Add e2e tests for ACR (#​548)
• Add description on github-token option to README (#​544)
• Bump node-fetch from 2.6.1 to 2.6.7 (#​549)

v2.8.0

Compare Source

• Allow specifying subdirectory with default git context (#​531)
• Add cgroup-parent, shm-size, ulimit inputs (#​501)
• Don't set outputs if empty or nil (#​470)
• docs: example to sanitize tags with metadata-action (#​476)
• docs: wrong syntax to sanitize repo slug (#​475)
• docs: test before pushing your image (#​455)
• readme: remove v1 section (#​500)
• ci: virtual env file system info (#​510)
• dev: update workflow (#​499)
• Bump @​actions/core from 1.5.0 to 1.6.0 (#​160)
• Bump ansi-regex from 5.0.0 to 5.0.1 (#​469)
• Bump tmpl from 1.0.4 to 1.0.5 (#​465)
• Bump csv-parse from 4.16.0 to 4.16.3 (#​451 #​459)

v2.7.0

Compare Source

• Add metadata output (#​412)
• Bump @​actions/core from 1.4.0 to 1.5.0 (#​439)
• Add note to sanitize tags (#​426)
• Cache backend API docs (#​406)
• Git context now supports subdir (#​407)
• Bump codecov/codecov-action from 1 to 2 (#​415)

v2.6.1

Compare Source

• Small typo and ensure trimmed output (#​400)

v2.6.0

Compare Source

• Handle git sha version of buildx (#​399)
• Update dev deps (#​393)
• Use built-in getExecOutput (#​392)
• Use core.getBooleanInput (#​391)
• Bump csv-parse from 4.15.4 to 4.16.0 (#​385)
• Bump @​actions/exec from 1.0.4 to 1.1.0 (#​382)
• Bump @​actions/core from 1.3.0 to 1.4.0 (#​383)
• Bump ws from 7.3.1 to 7.4.6 (#​375)

v2.5.0

Compare Source

• Fix ref spec for default Git context (#​347)
• Preserve quotes inside unquoted field (#​369)
• Doc: Copy between registries (#​362)
• Doc: Share built image between jobs (#​368)
• Bump @​actions/github from 4.0.0 to 5.0.0 (#​364)
• Bump hosted-git-info from 2.8.8 to 2.8.9 (#​356)
• Bump lodash from 4.17.20 to 4.17.21 (#​355)
• Update examples with docker/metadata-action (#​354)
• Remove os limitation (#​349)
• Fix ref spec for default Git context (#​347)
• Bump csv-parse from 4.15.3 to 4.15.4 (#​345)
• Bump @​actions/core from 1.2.6 to 1.3.0 (#​344 #​370)

v2.4.0

Compare Source

• Add network input for backward compatibility (#​338)
• Fix doc links (#​331)
• Bump y18n from 4.0.0 to 4.0.1 (#​325)
• Handle GitHub server URL for default context (#​328)
• Bump semver from 7.3.4 to 7.3.5 (#​318)
• Bump csv-parse from 4.15.1 to 4.15.3 (#​303)

v2.3.0

Compare Source

• Enhance documentation (#​299)
• Add secret-files input to be able to use secret file mount (#​296)
• Fix workflow for auto-push impl (#​273)
• Bump csv-parse from 4.14.2 to 4.15.1 (#​287)

v2.2.2

Compare Source

• Use default behavior for file flag (#​244)
• Add e2e tests for GAR (#​261)
• Add e2e tests for GCR (#​260)
• Add e2e tests for ECR (#​256)
• Bump csv-parse from 4.14.1 to 4.14.2 (#​255)

v2.2.1

Compare Source

• Trim input list items (#​249)
• Bump semver from 7.3.2 to 7.3.4 (#​243)

v2.2.0

Compare Source

• Handle multi-line secret value (#​233)
• Add e2e tests (#​235)
• Bump csv-parse from 4.12.0 to 4.14.1 (#​218 #​231)

v2.1.0

Compare Source

• Add ssh input (#​123)
• Handle tags and labels example with Docker meta action (#​206)

v2.0.1

Compare Source

• Cache issue is now fixed (#​204)
• Update troubleshooting notes (#​203 #​100)
• Fix parsing of secrets containing '=' character (#​201)
• Container based developer flow (#​202)

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.