From a63b18dea2fb0d45fdafd0d8e0606491e2bd8756 Mon Sep 17 00:00:00 2001
From: CrazyMax <crazy-max@users.noreply.github.com>
Date: Wed, 17 Feb 2021 18:53:15 +0100
Subject: [PATCH] Enhance documentation

Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
---
 README.md                              | 551 +++----------------------
 TROUBLESHOOTING.md                     |   3 +-
 UPGRADE.md                             |   6 +-
 docs/advanced/cache.md                 | 107 +++++
 docs/advanced/dockerhub-desc.md        |  48 +++
 docs/advanced/export-docker.md         |  35 ++
 docs/advanced/isolated-builders.md     |  44 ++
 docs/advanced/local-registry.md        |  44 ++
 docs/advanced/multi-platform.md        |  44 ++
 docs/advanced/push-multi-registries.md |  57 +++
 docs/advanced/secrets.md               |  84 ++++
 docs/advanced/tags-labels.md           |  70 ++++
 12 files changed, 594 insertions(+), 499 deletions(-)
 create mode 100644 docs/advanced/cache.md
 create mode 100644 docs/advanced/dockerhub-desc.md
 create mode 100644 docs/advanced/export-docker.md
 create mode 100644 docs/advanced/isolated-builders.md
 create mode 100644 docs/advanced/local-registry.md
 create mode 100644 docs/advanced/multi-platform.md
 create mode 100644 docs/advanced/push-multi-registries.md
 create mode 100644 docs/advanced/secrets.md
 create mode 100644 docs/advanced/tags-labels.md

diff --git a/README.md b/README.md
index 1d32e94..ee64717 100644
--- a/README.md
+++ b/README.md
@@ -6,18 +6,18 @@
 
 ## Upgrade from v1
 
-`v2` of this action includes significant updates and now uses Docker [Buildx](https://github.com/docker/buildx). It
-works with 3 new actions ([login](https://github.com/docker/login-action), [setup-buildx](https://github.com/docker/setup-buildx-action)
-and [setup-qemu](https://github.com/docker/setup-qemu-action)) that we have created. It's also rewritten as a
-[typescript-action](https://github.com/actions/typescript-action/) to be as close as possible of the
-[GitHub Runner](https://github.com/actions/virtual-environments) during its execution.
+`v2` of this action includes significant updates and now uses Docker [Buildx](https://github.com/docker/buildx). It's
+also rewritten as a [typescript-action](https://github.com/actions/typescript-action/) to be as close as possible
+of the [GitHub Runner](https://github.com/actions/virtual-environments) during its execution.
 
-[Upgrade notes](UPGRADE.md) and many [usage examples](#usage) have been added to handle most use cases but `v1` is
-still available through [`releases/v1` branch](https://github.com/docker/build-push-action/tree/releases/v1).
+[Upgrade notes](UPGRADE.md) with many [usage examples](#advanced-usage) have been added to handle most use cases but
+`v1` is still available through [`releases/v1` branch](https://github.com/docker/build-push-action/tree/releases/v1).
 
 ## About
 
-GitHub Action to build and push Docker images with [Buildx](https://github.com/docker/buildx).
+GitHub Action to build and push Docker images with [Buildx](https://github.com/docker/buildx) with full support of the
+features provided by [Moby BuildKit](https://github.com/moby/buildkit) builder toolkit. This includes multi-platform
+build, secrets, remote cache, etc. and different builder deployment/namespacing options.
 
 > :bulb: See also:
 > * [login](https://github.com/docker/login-action) action
@@ -31,46 +31,58 @@ ___
 * [Usage](#usage)
   * [Git context](#git-context)
   * [Path context](#path-context)
-  * [Isolated builders](#isolated-builders)
-  * [Multi-platform image](#multi-platform-image)
 * [Advanced usage](#advanced-usage)
-  * [Push to multi-registries](#push-to-multi-registries)
-  * [Cache to registry](#cache-to-registry)
-  * [Local registry](#local-registry)
-  * [Export image to Docker](#export-image-to-docker)
-  * [Leverage GitHub cache](#leverage-github-cache)
-  * [Handle tags and labels](#handle-tags-and-labels)
-  * [Update DockerHub repo description](#update-dockerhub-repo-description)
+  * [Multi-platform image](docs/advanced/multi-platform.md)
+  * [Secrets](docs/advanced/secrets.md)
+  * [Isolated builders](docs/advanced/isolated-builders.md)
+  * [Push to multi-registries](docs/advanced/push-multi-registries.md)
+  * [Cache](docs/advanced/cache.md)
+    * [Registry cache](docs/advanced/cache.md#registry-cache)
+    * [GitHub cache](docs/advanced/cache.md#github-cache)
+  * [Local registry](docs/advanced/local-registry.md)
+  * [Export image to Docker](docs/advanced/export-docker.md)
+  * [Handle tags and labels](docs/advanced/tags-labels.md)
+  * [Update DockerHub repo description](docs/advanced/dockerhub-desc.md)
 * [Customizing](#customizing)
   * [inputs](#inputs)
   * [outputs](#outputs)
-* [Notes](#notes)
-  * [Multi-line secret value](#multi-line-secret-value)
 * [Troubleshooting](#troubleshooting)
 * [Keep up-to-date with GitHub Dependabot](#keep-up-to-date-with-github-dependabot)
 * [Limitation](#limitation)
 
 ## Usage
 
-This action uses our [setup-buildx](https://github.com/docker/setup-buildx-action) action that extends the
-`docker build` command named [buildx](https://github.com/docker/buildx) with the full support of the features
-provided by [Moby BuildKit](https://github.com/moby/buildkit) builder toolkit. This includes multi-arch build,
-build-secrets, remote cache, etc. and different builder deployment/namespacing options.
+By default, this action uses the [Git context](#git-context) so you don't need to use the
+[`actions/checkout`](https://github.com/actions/checkout/) action to checkout the repository because this will be
+done directly by buildkit. The git reference will be based on the [event that triggered your workflow](https://docs.github.com/en/actions/reference/events-that-trigger-workflows)
+and will result in the following context: `https://github.com/<owner>/<repo>.git#<ref>`.
+
+Be careful because **any file mutation in the steps that precede the build step will be ignored** since
+the context is based on the git reference. However, you can use the [Path context](#path-context) using the
+[`context` input](#inputs) alongside the [`actions/checkout`](https://github.com/actions/checkout/) action to remove
+this restriction.
+
+In the examples below we are using 3 other actions:
+
+* [`setup-buildx`](https://github.com/docker/setup-buildx-action) action will create and boot a builder using by 
+default the `docker-container` [builder driver](https://github.com/docker/buildx#--driver-driver). This is
+**not required but recommended** using it to be able to build multi-platform images, export cache, etc.
+* [`setup-qemu`](https://github.com/docker/setup-qemu-action) action can be useful if you want
+to add emulation support with QEMU to be able to build against more platforms. 
+* [`login`](https://github.com/docker/setup-qemu-action) action will take care to log in against a Docker registry.
 
 ### Git context
 
-The default behavior of this action is to use the Git context invoked by your workflow.
-(eg. `https://github.com/<owner>/<repo>.git#<ref>`)
-
 ```yaml
 name: ci
 
 on:
   push:
-    branches: master
+    branches:
+      - 'master'
 
 jobs:
-  main:
+  docker:
     runs-on: ubuntu-latest
     steps:
       -
@@ -92,17 +104,14 @@ jobs:
         with:
           push: true
           tags: user/app:latest
-          build-args: |
-            arg1=value1
-            arg2=value2
       -
         name: Image digest
         run: echo ${{ steps.docker_build.outputs.digest }}
 ```
 
-Building from current repository automatically uses the [GitHub Token](https://help.github.com/en/actions/configuring-and-managing-workflows/authenticating-with-the-github_token)
-as provided by `secrets` so it does not need to be passed. But if you want to authenticate against another private
-repository, you have to use a secret named `GIT_AUTH_TOKEN` to be able to authenticate against it with buildx:
+Building from the current repository automatically uses the [GitHub Token](https://help.github.com/en/actions/configuring-and-managing-workflows/authenticating-with-the-github_token)
+so it does not need to be passed. If you want to authenticate against another private repository, you have to use
+a [secret](docs/advanced/secrets.md) named `GIT_AUTH_TOKEN` to be able to authenticate against it with buildx:
 
 ```yaml
       -
@@ -117,23 +126,20 @@ repository, you have to use a secret named `GIT_AUTH_TOKEN` to be able to authen
 ```
 
 > :warning: Subdir for Git context is not yet supported ([moby/buildkit#1684](https://github.com/moby/buildkit/issues/1684))
-> but you can use the [path context](#path-context) in the meantime.
-
-> More info: https://docs.docker.com/engine/reference/commandline/build/#git-repositories
+> but you can use the [path context](#path-context) in the meantime. More info on [Docker docs website](https://docs.docker.com/engine/reference/commandline/build/#git-repositories).
 
 ### Path context
 
-You can also use the `PATH` context alongside the [`actions/checkout`](https://github.com/actions/checkout/) action.
-
 ```yaml
 name: ci
 
 on:
   push:
-    branches: master
+    branches:
+      - 'master'
 
 jobs:
-  path-context:
+  docker:
     runs-on: ubuntu-latest
     steps:
       -
@@ -156,432 +162,23 @@ jobs:
         uses: docker/build-push-action@v2
         with:
           context: .
-          file: ./Dockerfile
-          platforms: linux/amd64,linux/arm64,linux/386
           push: true
           tags: user/app:latest
 ```
 
-### Isolated builders
-
-```yaml
-name: ci
-
-on:
-  push:
-    branches: master
-
-jobs:
-  multi-builders:
-    runs-on: ubuntu-latest
-    steps:
-      -
-        uses: docker/setup-buildx-action@v1
-        id: builder1
-      -
-        uses: docker/setup-buildx-action@v1
-        id: builder2
-      -
-        name: Builder 1 name
-        run: echo ${{ steps.builder1.outputs.name }}
-      -
-        name: Builder 2 name
-        run: echo ${{ steps.builder2.outputs.name }}
-      -
-        name: Build against builder1
-        uses: docker/build-push-action@v2
-        with:
-          builder: ${{ steps.builder1.outputs.name }}
-          target: mytarget1
-      -
-        name: Build against builder2
-        uses: docker/build-push-action@v2
-        with:
-          builder: ${{ steps.builder2.outputs.name }}
-          target: mytarget2
-```
-
-### Multi-platform image
-
-```yaml
-name: ci
-
-on:
-  push:
-    branches: master
-
-jobs:
-  multi:
-    runs-on: ubuntu-latest
-    steps:
-      -
-        name: Checkout
-        uses: actions/checkout@v2
-      -
-        name: Set up QEMU
-        uses: docker/setup-qemu-action@v1
-      -
-        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
-      -
-        name: Login to DockerHub
-        uses: docker/login-action@v1 
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-      -
-        name: Build and push
-        uses: docker/build-push-action@v2
-        with:
-          context: .
-          file: ./Dockerfile
-          platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/ppc64le,linux/s390x
-          push: true
-          tags: |
-            user/app:latest
-            user/app:1.0.0
-```
-
 ## Advanced usage
 
-### Push to multi-registries
-
-The following workflow will connect you to [DockerHub](https://github.com/docker/login-action#dockerhub)
-and [GitHub Container Registry](https://github.com/docker/login-action#github-container-registry) and push the
-image to these registries.
-
-<details>
-  <summary><b>Show workflow</b></summary>
-  
-  ```yaml
-  name: ci
-  
-  on:
-    push:
-      branches: master
-  
-  jobs:
-    multi-registries:
-      runs-on: ubuntu-latest
-      steps:
-        -
-          name: Checkout
-          uses: actions/checkout@v2
-        -
-          name: Set up QEMU
-          uses: docker/setup-qemu-action@v1
-        -
-          name: Set up Docker Buildx
-          uses: docker/setup-buildx-action@v1
-        -
-          name: Login to DockerHub
-          uses: docker/login-action@v1 
-          with:
-            username: ${{ secrets.DOCKERHUB_USERNAME }}
-            password: ${{ secrets.DOCKERHUB_TOKEN }}
-        -
-          name: Login to GitHub Container Registry
-          uses: docker/login-action@v1 
-          with:
-            registry: ghcr.io
-            username: ${{ github.repository_owner }}
-            password: ${{ secrets.CR_PAT }}
-        -
-          name: Build and push
-          uses: docker/build-push-action@v2
-          with:
-            context: .
-            file: ./Dockerfile
-            platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/ppc64le,linux/s390x
-            push: true
-            tags: |
-              user/app:latest
-              user/app:1.0.0
-              ghcr.io/user/app:latest
-              ghcr.io/user/app:1.0.0
-  ```
-</details>
-
-### Cache to registry
-
-You can import/export cache from a cache manifest or (special) image configuration on the registry.
-
-<details>
-  <summary><b>Show workflow</b></summary>
-  
-  ```yaml
-  name: ci
-
-  on:
-    push:
-      branches: master
-
-  jobs:
-    registry-cache:
-      runs-on: ubuntu-latest
-      steps:
-        -
-          name: Set up Docker Buildx
-          uses: docker/setup-buildx-action@v1
-        -
-          name: Login to DockerHub
-          uses: docker/login-action@v1 
-          with:
-            username: ${{ secrets.DOCKERHUB_USERNAME }}
-            password: ${{ secrets.DOCKERHUB_TOKEN }}
-        -
-          name: Build and push
-          uses: docker/build-push-action@v2
-          with:
-            push: true
-            tags: user/app:latest
-            cache-from: type=registry,ref=user/app:latest
-            cache-to: type=inline
-  ```
-</details>
-
-### Local registry
-
-For testing purposes you may need to create a [local registry](https://hub.docker.com/_/registry) to push images into:
-
-<details>
-  <summary><b>Show workflow</b></summary>
-  
-  ```yaml
-  name: ci
-
-  on:
-    push:
-      branches: master
-
-  jobs:
-    local-registry:
-      runs-on: ubuntu-latest
-      services:
-        registry:
-          image: registry:2
-          ports:
-            - 5000:5000
-      steps:
-        -
-          name: Set up QEMU
-          uses: docker/setup-qemu-action@v1
-        -
-          name: Set up Docker Buildx
-          uses: docker/setup-buildx-action@v1
-          with:
-            driver-opts: network=host
-        -
-          name: Build and push to local registry
-          uses: docker/build-push-action@v2
-          with:
-            push: true
-            tags: localhost:5000/name/app:latest
-        -
-          name: Inspect
-          run: |
-            docker buildx imagetools inspect localhost:5000/name/app:latest
-  ```
-</details>
-
-### Export image to Docker
-
-You may want your build result to be available in the Docker client through `docker images` to be able to use it
-in another step of your workflow:
-
-<details>
-  <summary><b>Show workflow</b></summary>
-  
-  ```yaml
-  name: ci
-
-  on:
-    push:
-      branches: master
-
-  jobs:
-    export-docker:
-      runs-on: ubuntu-latest
-      steps:
-        -
-          name: Checkout
-          uses: actions/checkout@v2
-        -
-          name: Set up Docker Buildx
-          uses: docker/setup-buildx-action@v1
-        -
-          name: Build
-          uses: docker/build-push-action@v2
-          with:
-            context: .
-            file: ./Dockerfile
-            load: true
-            tags: myimage:latest
-        -
-          name: Inspect
-          run: |
-            docker image inspect myimage:latest
-  ```
-</details>
-
-### Leverage GitHub cache
-
-You can leverage [GitHub cache](https://docs.github.com/en/actions/configuring-and-managing-workflows/caching-dependencies-to-speed-up-workflows)
-using [actions/cache](https://github.com/actions/cache) with this action:
-
-<details>
-  <summary><b>Show workflow</b></summary>
-  
-  ```yaml
-  name: ci
-
-  on:
-    push:
-      branches: master
-
-  jobs:
-    github-cache:
-      runs-on: ubuntu-latest
-      steps:
-        -
-          name: Set up Docker Buildx
-          uses: docker/setup-buildx-action@v1
-        -
-          name: Cache Docker layers
-          uses: actions/cache@v2
-          with:
-            path: /tmp/.buildx-cache
-            key: ${{ runner.os }}-buildx-${{ github.sha }}
-            restore-keys: |
-              ${{ runner.os }}-buildx-
-        -
-          name: Login to DockerHub
-          uses: docker/login-action@v1 
-          with:
-            username: ${{ secrets.DOCKERHUB_USERNAME }}
-            password: ${{ secrets.DOCKERHUB_TOKEN }}
-        -
-          name: Build and push
-          uses: docker/build-push-action@v2
-          with:
-            push: true
-            tags: user/app:latest
-            cache-from: type=local,src=/tmp/.buildx-cache
-            cache-to: type=local,dest=/tmp/.buildx-cache
-  ```
-</details>
-
-### Handle tags and labels
-
-If you come from [`v1`](https://github.com/docker/build-push-action/tree/releases/v1#readme) and want an
-"automatic" tag management and [OCI Image Format Specification](https://github.com/opencontainers/image-spec/blob/master/annotations.md)
-for labels, you can do it in a dedicated step. The following workflow will use the [Docker meta action](https://github.com/crazy-max/ghaction-docker-meta)
-to handle tags and labels based on GitHub actions events and Git metadata.
-
-<details>
-  <summary><b>Show workflow</b></summary>
-  
-  ```yaml
-  name: ci
-
-  on:
-    schedule:
-      - cron: '0 10 * * *' # everyday at 10am
-    push:
-      branches:
-        - '**'
-      tags:
-        - 'v*.*.*'
-    pull_request:
-
-  jobs:
-    docker:
-      runs-on: ubuntu-latest
-      steps:
-        -
-          name: Checkout
-          uses: actions/checkout@v2
-        -
-          name: Docker meta
-          id: docker_meta
-          uses: crazy-max/ghaction-docker-meta@v1
-          with:
-            images: name/app # list of Docker images to use as base name for tags
-            tag-sha: true # add git short SHA as Docker tag
-        -
-          name: Set up QEMU
-          uses: docker/setup-qemu-action@v1
-        -
-          name: Set up Docker Buildx
-          uses: docker/setup-buildx-action@v1
-        -
-          name: Login to DockerHub
-          if: github.event_name != 'pull_request'
-          uses: docker/login-action@v1 
-          with:
-            username: ${{ secrets.DOCKERHUB_USERNAME }}
-            password: ${{ secrets.DOCKERHUB_TOKEN }}
-        -
-          name: Build and push
-          id: docker_build
-          uses: docker/build-push-action@v2
-          with:
-            context: .
-            file: ./Dockerfile
-            platforms: linux/amd64,linux/arm64,linux/386
-            push: ${{ github.event_name != 'pull_request' }}
-            tags: ${{ steps.docker_meta.outputs.tags }}
-            labels: ${{ steps.docker_meta.outputs.labels }}
-  ```
-</details>
-
-### Update DockerHub repo description
-
-You can update the [DockerHub repository description](https://docs.docker.com/docker-hub/repos/) using
-a third-party action called [DockerHub Description](https://github.com/peter-evans/dockerhub-description)
-with this action:
-
-<details>
-  <summary><b>Show workflow</b></summary>
-  
-  ```yaml
-  name: ci
-
-  on:
-    push:
-      branches: master
-
-  jobs:
-    main:
-      runs-on: ubuntu-latest
-      steps:
-        -
-          name: Set up QEMU
-          uses: docker/setup-qemu-action@v1
-        -
-          name: Set up Docker Buildx
-          uses: docker/setup-buildx-action@v1
-        -
-          name: Login to DockerHub
-          uses: docker/login-action@v1 
-          with:
-            username: ${{ secrets.DOCKERHUB_USERNAME }}
-            password: ${{ secrets.DOCKERHUB_TOKEN }}
-        -
-          name: Build and push
-          uses: docker/build-push-action@v2
-          with:
-            push: true
-            tags: user/app:latest
-        -
-          name: Update repo description
-          uses: peter-evans/dockerhub-description@v2
-          with:
-            username: ${{ secrets.DOCKERHUB_USERNAME }}
-            password: ${{ secrets.DOCKERHUB_PASSWORD }}
-            repository: user/app
-  ```
-</details>
+* [Multi-platform image](docs/advanced/multi-platform.md)
+* [Secrets](docs/advanced/secrets.md)
+* [Isolated builders](docs/advanced/isolated-builders.md)
+* [Push to multi-registries](docs/advanced/push-multi-registries.md)
+* [Cache](docs/advanced/cache.md)
+  * [Registry cache](docs/advanced/cache.md#registry-cache)
+  * [GitHub cache](docs/advanced/cache.md#github-cache)
+* [Local registry](docs/advanced/local-registry.md)
+* [Export image to Docker](docs/advanced/export-docker.md)
+* [Handle tags and labels](docs/advanced/tags-labels.md)
+* [Update DockerHub repo description](docs/advanced/dockerhub-desc.md)
 
 ## Customizing
 
@@ -631,38 +228,6 @@ Following outputs are available
 |---------------|---------|---------------------------------------|
 | `digest`      | String  | Image content-addressable identifier also called a digest |
 
-## Notes
-
-### Multi-line secret value
-
-To handle multi-line value for a secret, you will need to place the key-value pair between quotes:
-
-```yaml
-secrets: |
-  "MYSECRET=${{ secrets.GPG_KEY }}"
-  GIT_AUTH_TOKEN=abcdefghi,jklmno=0123456789
-  "MYSECRET=aaaaaaaa
-  bbbbbbb
-  ccccccccc"
-  FOO=bar
-  "EMPTYLINE=aaaa
-  
-  bbbb
-  ccc"
-  "JSON_SECRET={""key1"":""value1"",""key2"":""value2""}"
-```
-
-| Key                | Value                                            |
-|--------------------|--------------------------------------------------|
-| `MYSECRET`         | `***********************` |
-| `GIT_AUTH_TOKEN`   | `abcdefghi,jklmno=0123456789` |
-| `MYSECRET`         | `aaaaaaaa\nbbbbbbb\nccccccccc` |
-| `FOO`              | `bar` |
-| `EMPTYLINE`        | `aaaa\n\nbbbb\nccc` |
-| `JSON_SECRET`      | `{"key1":"value1","key2":"value2"}` |
-
-> Note: all quote signs need to be doubled for escaping.
-
 ## Troubleshooting
 
 See [TROUBLESHOOTING.md](TROUBLESHOOTING.md)
diff --git a/TROUBLESHOOTING.md b/TROUBLESHOOTING.md
index dd7cf6d..6d22cf2 100644
--- a/TROUBLESHOOTING.md
+++ b/TROUBLESHOOTING.md
@@ -59,8 +59,7 @@ jobs:
         uses: docker/build-push-action@v2
         with:
           context: .
-          file: ./Dockerfile
-          platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/ppc64le,linux/s390x
+          platforms: linux/amd64,linux/arm64
           tags: docker.io/user/app:latest
           outputs: type=oci,dest=/tmp/image.tar
       -
diff --git a/UPGRADE.md b/UPGRADE.md
index 759c622..82c2f25 100644
--- a/UPGRADE.md
+++ b/UPGRADE.md
@@ -63,7 +63,6 @@ steps:
     uses: docker/build-push-action@v2
     with:
       context: .
-      file: ./Dockerfile
       pull: true
       push: true
       build-args: |
@@ -136,7 +135,6 @@ steps:
     uses: docker/build-push-action@v2
     with:
       context: .
-      file: ./Dockerfile
       push: ${{ github.event_name != 'pull_request' }}
       tags: ${{ steps.prep.outputs.tags }}
       labels: |
@@ -145,5 +143,5 @@ steps:
         org.opencontainers.image.revision=${{ github.sha }}
 ```
 
-> You can also use the [Docker meta action](https://github.com/crazy-max/ghaction-docker-meta) to handle tags and
-> labels based on GitHub actions events and Git metadata. A workflow example is available in the [README](README.md#handle-tags-and-labels).
+> You can also use the [Docker meta action to handle tags and labels](docs/advanced/tags-labels.md) based on GitHub
+> actions events and Git metadata.
diff --git a/docs/advanced/cache.md b/docs/advanced/cache.md
new file mode 100644
index 0000000..402831e
--- /dev/null
+++ b/docs/advanced/cache.md
@@ -0,0 +1,107 @@
+# Cache
+
+* [Registry cache](#registry-cache)
+* [GitHub cache](#github-cache)
+
+> More info about buildx cache: https://github.com/docker/buildx#--cache-fromnametypetypekeyvalue
+
+## Registry cache
+
+You can import/export cache from a cache manifest or (special) image configuration on the registry.
+
+```yaml
+name: ci
+
+on:
+  push:
+    branches:
+      - 'master'
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v2
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+      -
+        name: Login to DockerHub
+        uses: docker/login-action@v1 
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      -
+        name: Build and push
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          push: true
+          tags: user/app:latest
+          cache-from: type=registry,ref=user/app:latest
+          cache-to: type=inline
+```
+
+## GitHub cache
+
+> :warning: At the moment caches are copied over the existing cache so it [keeps growing](https://github.com/docker/build-push-action/issues/252).
+> The `Move cache` step is used as a temporary fix (see https://github.com/moby/buildkit/issues/1896).
+
+> :rocket: There is a new cache backend using GitHub cache being developed that will lighten your workflow.
+> More info: https://github.com/docker/buildx/pull/535
+
+You can leverage [GitHub cache](https://docs.github.com/en/actions/configuring-and-managing-workflows/caching-dependencies-to-speed-up-workflows)
+using [actions/cache](https://github.com/actions/cache) with this action:
+
+```yaml
+name: ci
+
+on:
+  push:
+    branches:
+      - 'master'
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v2
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+      -
+        name: Cache Docker layers
+        uses: actions/cache@v2
+        with:
+          path: /tmp/.buildx-cache
+          key: ${{ runner.os }}-buildx-${{ github.sha }}
+          restore-keys: |
+            ${{ runner.os }}-buildx-
+      -
+        name: Login to DockerHub
+        uses: docker/login-action@v1 
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      -
+        name: Build and push
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          push: true
+          tags: user/app:latest
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache-new
+      -
+        # Temp fix
+        # https://github.com/docker/build-push-action/issues/252
+        # https://github.com/moby/buildkit/issues/1896
+        name: Move cache
+        run: |
+          rm -rf /tmp/.buildx-cache
+          mv /tmp/.buildx-cache-new /tmp/.buildx-cache
+```
diff --git a/docs/advanced/dockerhub-desc.md b/docs/advanced/dockerhub-desc.md
new file mode 100644
index 0000000..96fc623
--- /dev/null
+++ b/docs/advanced/dockerhub-desc.md
@@ -0,0 +1,48 @@
+# Update DockerHub repo description
+
+You can update the [DockerHub repository description](https://docs.docker.com/docker-hub/repos/) using
+a third party action called [DockerHub Description](https://github.com/peter-evans/dockerhub-description)
+with this action:
+
+```yaml
+name: ci
+
+on:
+  push:
+    branches:
+      - 'master'
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v2
+      -
+        name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+      -
+        name: Login to DockerHub
+        uses: docker/login-action@v1 
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      -
+        name: Build and push
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          push: true
+          tags: user/app:latest
+      -
+        name: Update repo description
+        uses: peter-evans/dockerhub-description@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_PASSWORD }}
+          repository: user/app
+```
diff --git a/docs/advanced/export-docker.md b/docs/advanced/export-docker.md
new file mode 100644
index 0000000..db941fe
--- /dev/null
+++ b/docs/advanced/export-docker.md
@@ -0,0 +1,35 @@
+# Export image to Docker
+
+You may want your build result to be available in the Docker client through `docker images` to be able to use it
+in another step of your workflow:
+
+```yaml
+name: ci
+
+on:
+  push:
+    branches:
+      - 'master'
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v2
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+      -
+        name: Build
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          load: true
+          tags: myimage:latest
+      -
+        name: Inspect
+        run: |
+          docker image inspect myimage:latest
+```
diff --git a/docs/advanced/isolated-builders.md b/docs/advanced/isolated-builders.md
new file mode 100644
index 0000000..82bed1e
--- /dev/null
+++ b/docs/advanced/isolated-builders.md
@@ -0,0 +1,44 @@
+# Isolated builders
+
+```yaml
+name: ci
+
+on:
+  push:
+    branches:
+      - 'master'
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v2
+      -
+        uses: docker/setup-buildx-action@v1
+        id: builder1
+      -
+        uses: docker/setup-buildx-action@v1
+        id: builder2
+      -
+        name: Builder 1 name
+        run: echo ${{ steps.builder1.outputs.name }}
+      -
+        name: Builder 2 name
+        run: echo ${{ steps.builder2.outputs.name }}
+      -
+        name: Build against builder1
+        uses: docker/build-push-action@v2
+        with:
+          builder: ${{ steps.builder1.outputs.name }}
+          context: .
+          target: mytarget1
+      -
+        name: Build against builder2
+        uses: docker/build-push-action@v2
+        with:
+          builder: ${{ steps.builder2.outputs.name }}
+          context: .
+          target: mytarget2
+```
diff --git a/docs/advanced/local-registry.md b/docs/advanced/local-registry.md
new file mode 100644
index 0000000..7f341a2
--- /dev/null
+++ b/docs/advanced/local-registry.md
@@ -0,0 +1,44 @@
+# Local registry
+
+For testing purposes you may need to create a [local registry](https://hub.docker.com/_/registry) to push images into:
+
+```yaml
+name: ci
+
+on:
+  push:
+    branches:
+      - 'master'
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    services:
+      registry:
+        image: registry:2
+        ports:
+          - 5000:5000
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v2
+      -
+        name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+        with:
+          driver-opts: network=host
+      -
+        name: Build and push to local registry
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          push: true
+          tags: localhost:5000/name/app:latest
+      -
+        name: Inspect
+        run: |
+          docker buildx imagetools inspect localhost:5000/name/app:latest
+```
diff --git a/docs/advanced/multi-platform.md b/docs/advanced/multi-platform.md
new file mode 100644
index 0000000..9e9e329
--- /dev/null
+++ b/docs/advanced/multi-platform.md
@@ -0,0 +1,44 @@
+# Multi-platform image
+
+You can build multi-platform images using the [`platforms` input](../../README.md#inputs) as described below.
+
+> :bulb: List of available platforms will be displayed and available through our [setup-buildx](https://github.com/docker/setup-buildx-action#about) action.
+
+> :bulb: If you want support for more platforms, you can use QEMU with our [setup-qemu](https://github.com/docker/setup-qemu-action) action.
+
+```yaml
+name: ci
+
+on:
+  push:
+    branches:
+      - 'master'
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v2
+      -
+        name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+      -
+        name: Login to DockerHub
+        uses: docker/login-action@v1 
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      -
+        name: Build and push
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: user/app:latest
+```
diff --git a/docs/advanced/push-multi-registries.md b/docs/advanced/push-multi-registries.md
new file mode 100644
index 0000000..f10984d
--- /dev/null
+++ b/docs/advanced/push-multi-registries.md
@@ -0,0 +1,57 @@
+# Push to multi-registries
+
+* [Docker Hub and GHCR](#docker-hub-and-ghcr)
+
+## Docker Hub and GHCR
+
+The following workflow will connect you to [DockerHub](https://github.com/docker/login-action#dockerhub)
+and [GitHub Container Registry](https://github.com/docker/login-action#github-container-registry) and push the
+image to these registries.
+
+```yaml
+name: ci
+
+on:
+  push:
+    branches:
+      - 'master'
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v2
+      -
+        name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+      -
+        name: Login to DockerHub
+        uses: docker/login-action@v1 
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      -
+        name: Login to GitHub Container Registry
+        uses: docker/login-action@v1 
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.CR_PAT }}
+      -
+        name: Build and push
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: |
+            user/app:latest
+            user/app:1.0.0
+            ghcr.io/user/app:latest
+            ghcr.io/user/app:1.0.0
+```
diff --git a/docs/advanced/secrets.md b/docs/advanced/secrets.md
new file mode 100644
index 0000000..0879fdf
--- /dev/null
+++ b/docs/advanced/secrets.md
@@ -0,0 +1,84 @@
+# Secrets
+
+In the following example we will expose and use the [GITHUB_TOKEN secret](https://docs.github.com/en/actions/reference/authentication-in-a-workflow#about-the-github_token-secret)
+as provided by GitHub in your workflow.
+
+First let's create our `Dockerfile` to use our secret:
+
+```Dockerfile
+#syntax=docker/dockerfile:1.2
+
+FROM alpine
+RUN --mount=type=secret,id=github_token \
+  cat /run/secrets/github_token
+```
+
+As you can see we have named our secret `github_token`. Here is the workflow you can use to expose this secret using
+the [`secrets` input](../../README.md#inputs):
+
+```yaml
+name: ci
+
+on:
+  push:
+    branches:
+      - 'master'
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v2
+      -
+        name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+      -
+        name: Build
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64
+          tags: user/app:latest
+          secrets: |
+            "github_token=${{ secrets.GITHUB_TOKEN }}"
+```
+
+> :bulb: You can also expose a secret file to the build with [`secret-files`](../../README.md#inputs) input:
+> ```yaml
+> secret-files: |
+>   "MY_SECRET=./secret.txt"
+> ```
+
+If you're using [GitHub secrets](https://docs.github.com/en/actions/reference/encrypted-secrets) and need to handle
+multi-line value, you will need to place the key-value pair between quotes:
+
+```yaml
+secrets: |
+  "MYSECRET=${{ secrets.GPG_KEY }}"
+  GIT_AUTH_TOKEN=abcdefghi,jklmno=0123456789
+  "MYSECRET=aaaaaaaa
+  bbbbbbb
+  ccccccccc"
+  FOO=bar
+  "EMPTYLINE=aaaa
+  
+  bbbb
+  ccc"
+  "JSON_SECRET={""key1"":""value1"",""key2"":""value2""}"
+```
+
+| Key                | Value                                            |
+|--------------------|--------------------------------------------------|
+| `MYSECRET`         | `***********************` |
+| `GIT_AUTH_TOKEN`   | `abcdefghi,jklmno=0123456789` |
+| `MYSECRET`         | `aaaaaaaa\nbbbbbbb\nccccccccc` |
+| `FOO`              | `bar` |
+| `EMPTYLINE`        | `aaaa\n\nbbbb\nccc` |
+| `JSON_SECRET`      | `{"key1":"value1","key2":"value2"}` |
+
+> :bulb: All quote signs need to be doubled for escaping.
diff --git a/docs/advanced/tags-labels.md b/docs/advanced/tags-labels.md
new file mode 100644
index 0000000..8a9e994
--- /dev/null
+++ b/docs/advanced/tags-labels.md
@@ -0,0 +1,70 @@
+# Handle tags and labels
+
+If you come from [`v1`](https://github.com/docker/build-push-action/tree/releases/v1#readme) and want an
+"automatic" tag management and [OCI Image Format Specification](https://github.com/opencontainers/image-spec/blob/master/annotations.md)
+for labels, you can do it in a dedicated step. The following workflow will use the [Docker meta action](https://github.com/crazy-max/ghaction-docker-meta)
+to handle tags and labels based on GitHub actions events and Git metadata.
+
+```yaml
+name: ci
+
+on:
+  schedule:
+    - cron: '0 10 * * *' # everyday at 10am
+  push:
+    branches:
+      - '**'
+    tags:
+      - 'v*.*.*'
+  pull_request:
+    branches:
+      - 'master'
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v2
+      -
+        name: Docker meta
+        id: docker_meta
+        uses: crazy-max/ghaction-docker-meta@v1
+        with:
+          # list of Docker images to use as base name for tags
+          images: |
+            name/app
+            ghcr.io/username/app
+          # add git short SHA as Docker tag
+          tag-sha: true
+      -
+        name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+      -
+        name: Login to DockerHub
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v1 
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      -
+        name: Login to GHCR
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v1
+        with:
+          registry: ghcr.io
+          username: ${{ secrets.GHCR_USERNAME }}
+          password: ${{ secrets.GHCR_TOKEN }}
+      -
+        name: Build and push
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.docker_meta.outputs.tags }}
+          labels: ${{ steps.docker_meta.outputs.labels }}
+```