Merge pull request #1070 from docker/dependabot/npm_and_yarn/docker/actions-toolkit-0.18.0

chore(deps): Bump @docker/actions-toolkit from 0.14.0 to 0.18.0
chore: update generated content
2024-03-07 18:43:19 +00:00 · 2024-03-06 14:43:50 +01:00 · 2024-03-06 14:40:26 +01:00 · 2024-03-01 11:36:46 +00:00 · 2024-02-29 13:00:40 +01:00 · 2024-02-28 15:47:13 +01:00
79 changed files with 5557 additions and 4134 deletions
--- a/.eslintignore
+++ b/.eslintignore
@ -0,0 +1,3 @@
 /dist/**
 /coverage/**
 /node_modules/**
--- a/.eslintrc.json
+++ b/.eslintrc.json
@ -1,11 +1,12 @@
 {
  "env": {
    "node": true,
-    "es2021": true,
+    "es6": true,
-    "jest/globals": true
+    "jest": true
  },
  "extends": [
    "eslint:recommended",
    "plugin:@typescript-eslint/eslint-recommended",
    "plugin:@typescript-eslint/recommended",
    "plugin:jest/recommended",
    "plugin:prettier/recommended"
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@ -1 +0,0 @@
 *	@crazy-max
--- a/.github/CODE_OF_CONDUCT.md
+++ b/.github/CODE_OF_CONDUCT.md
@ -0,0 +1,3 @@
 # Code of conduct
 - [Moby community guidelines](https://github.com/moby/moby/blob/master/CONTRIBUTING.md#moby-community-guidelines)
--- a/.github/ISSUE_TEMPLATE/bug.yml
+++ b/.github/ISSUE_TEMPLATE/bug.yml
@ -0,0 +1,101 @@
 # https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/syntax-for-githubs-form-schema
 name: Bug Report
 description: Report a bug
 labels:
  - status/triage
 body:
  - type: markdown
    attributes:
      value: |
        Thank you for taking the time to report a bug!
        If this is a security issue please report it to the [Docker Security team](mailto:security@docker.com).
        Before submitting a bug report, check out the [Troubleshooting doc](https://github.com/docker/build-push-action/blob/master/TROUBLESHOOTING.md).
  - type: checkboxes
    attributes:
      label: Contributing guidelines
      description: >
        Make sure you've read the contributing guidelines before proceeding.
      options:
        - label: I've read the [contributing guidelines](https://github.com/docker/build-push-action/blob/master/.github/CONTRIBUTING.md) and wholeheartedly agree
          required: true
  - type: checkboxes
    attributes:
      label: "I've found a bug, and:"
      description: |
        Make sure that your request fulfills all of the following requirements.
        If one requirement cannot be satisfied, explain in detail why.
      options:
        - label: The documentation does not mention anything about my problem
        - label: There are no open or closed issues that are related to my problem
  - type: textarea
    attributes:
      label: Description
      description: >
        Provide a brief description of the bug in 1-2 sentences.
    validations:
      required: true
  - type: textarea
    attributes:
      label: Expected behaviour
      description: >
        Describe precisely what you'd expect to happen.
    validations:
      required: true
  - type: textarea
    attributes:
      label: Actual behaviour
      description: >
        Describe precisely what is actually happening.
    validations:
      required: true
  - type: input
    attributes:
      label: Repository URL
      description: >
        Enter the URL of the repository where you are experiencing the
        issue. If your repository is private, provide a link to a minimal
        repository that reproduces the issue.
  - type: input
    attributes:
      label: Workflow run URL
      description: >
        Enter the URL of the GitHub Action workflow run, if public.
  - type: textarea
    attributes:
      label: YAML workflow
      description: |
        Provide the YAML of the workflow that's causing the issue.
        Make sure to remove any sensitive information.
      render: yaml
    validations:
      required: true
  - type: textarea
    attributes:
      label: Workflow logs
      description: >
        [Attach](https://docs.github.com/en/get-started/writing-on-github/working-with-advanced-formatting/attaching-files)
        the [log file of your workflow run](https://docs.github.com/en/actions/managing-workflow-runs/using-workflow-run-logs#downloading-logs)
        and make sure to remove any sensitive information.
  - type: textarea
    attributes:
      label: BuildKit logs
      description: >
        If applicable, provide the [BuildKit container logs](https://docs.docker.com/build/ci/github-actions/configure-builder/#buildkit-container-logs)
      render: text
  - type: textarea
    attributes:
      label: Additional info
      description: |
        Provide any additional information that could be useful.
--- a/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@ -1,37 +0,0 @@
 ---
 name: Bug report
 about: Create a report to help us improve
 ---
 ### Troubleshooting
 Before submitting a bug report please read the [Troubleshooting doc](https://github.com/docker/build-push-action/blob/master/TROUBLESHOOTING.md).
 ### Behaviour
 #### Steps to reproduce this issue
 1.
 2.
 3.
 #### Expected behaviour
 > Tell us what should happen
 #### Actual behaviour
 > Tell us what happens instead
 ### Configuration
 * Repository URL (if public): 
 * Build URL (if public): 
 ```yml
 # paste your YAML workflow file here and remove sensitive data
 ```
 ### Logs
 > Download the [log file of your build](https://docs.github.com/en/actions/managing-workflow-runs/using-workflow-run-logs#downloading-logs) and [attach it](https://docs.github.com/en/github/managing-your-work-on-github/file-attachments-on-issues-and-pull-requests) to this issue.
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@ -0,0 +1,9 @@
 # https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/configuring-issue-templates-for-your-repository#configuring-the-template-chooser
 blank_issues_enabled: true
 contact_links:
  - name: Questions and Discussions
    url: https://github.com/docker/build-push-action/discussions/new
    about: Use Github Discussions to ask questions and/or open discussion topics.
  - name: Documentation
    url: https://docs.docker.com/build/ci/github-actions/
    about: Read the documentation.
--- a/.github/ISSUE_TEMPLATE/feature.yml
+++ b/.github/ISSUE_TEMPLATE/feature.yml
@ -0,0 +1,15 @@
 # https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/syntax-for-githubs-form-schema
 name: Feature request
 description: Missing functionality? Come tell us about it!
 labels:
  - kind/enhancement
  - status/triage
 body:
  - type: textarea
    id: description
    attributes:
      label: Description
      description: What is the feature you want to see?
    validations:
      required: true
--- a/.github/SECURITY.md
+++ b/.github/SECURITY.md
@ -0,0 +1,12 @@
 # Reporting security issues
 The project maintainers take security seriously. If you discover a security
 issue, please bring it to their attention right away!
 **Please _DO NOT_ file a public issue**, instead send your report privately to
 [security@docker.com](mailto:security@docker.com).
 Security reports are greatly appreciated, and we will publicly thank you for it.
 We also like to send gifts&mdash;if you'd like Docker swag, make sure to let
 us know. We currently do not offer a paid security bounty program, but are not
 ruling it out in the future.
--- a/.github/SUPPORT.md
+++ b/.github/SUPPORT.md
@ -1,31 +0,0 @@
 # Support [![](https://isitmaintained.com/badge/resolution/docker/build-push-action.svg)](https://isitmaintained.com/project/docker/build-push-action)
 First, [be a good guy](https://github.com/kossnocorp/etiquette/blob/master/README.md).
 ## Reporting an issue
 Please do a search in [open issues](https://github.com/docker/build-push-action/issues?utf8=%E2%9C%93&q=) to see if the issue or feature request has already been filed.
 If you find your issue already exists, make relevant comments and add your [reaction](https://github.com/blog/2119-add-reactions-to-pull-requests-issues-and-comments). Use a reaction in place of a "+1" comment.
 :+1: - upvote
 :-1: - downvote
 If you cannot find an existing issue that describes your bug or feature, submit an issue using the guidelines below.
 ## Writing good bug reports and feature requests
 File a single issue per problem and feature request.
 * Do not enumerate multiple bugs or feature requests in the same issue.
 * Do not add your issue as a comment to an existing issue unless it's for the identical input. Many issues look similar, but have different causes.
 The more information you can provide, the more likely someone will be successful reproducing the issue and finding a fix.
 You are now ready to [create a new issue](https://github.com/docker/build-push-action/issues/new/choose)!
 ## Closure policy
 * Issues that don't have the information requested above (when applicable) will be closed immediately and the poster directed to the support guidelines.
 * Issues that go a week without a response from original poster are subject to closure at our discretion.
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -11,6 +11,7 @@ updates:
    directory: "/"
    schedule:
      interval: "daily"
    versioning-strategy: "increase"
    allow:
      - dependency-type: "production"
    labels:
--- a/.github/e2e/distribution/env
+++ b/.github/e2e/distribution/env
@ -0,0 +1,5 @@
 REGISTRY_FQDN=localhost:8080
 REGISTRY_SLUG=localhost:8080/test-docker-action
 DISTRIBUTION_HOST=localhost
 DISTRIBUTION_PORT=8080
--- a/.github/e2e/distribution/install.sh
+++ b/.github/e2e/distribution/install.sh
@ -0,0 +1,13 @@
 #!/usr/bin/env bash
 set -eu
 : "${DISTRIBUTION_VERSION:=2}"
 : "${DISTRIBUTION_HOST:=localhost}"
 : "${DISTRIBUTION_PORT:=8080}"
 echo "::group::Starting registry:${DISTRIBUTION_VERSION}"
 (
  set -x
  docker run -d --name registry -p "${DISTRIBUTION_PORT}:5000" "registry:${DISTRIBUTION_VERSION}"
 )
 echo "::endgroup::"
--- a/.github/e2e/harbor/env
+++ b/.github/e2e/harbor/env
@ -0,0 +1,8 @@
 REGISTRY_FQDN=localhost:8081
 REGISTRY_USER=admin
 REGISTRY_PASSWORD=Harbor12345
 REGISTRY_SLUG=localhost:8081/test-docker-action/test-docker-action
 HARBOR_HOST=localhost
 HARBOR_PORT=8081
 HARBOR_PROJECT=test-docker-action
--- a/.github/e2e/harbor/install.sh
+++ b/.github/e2e/harbor/install.sh
@ -0,0 +1,79 @@
 #!/usr/bin/env bash
 set -eu
 : "${HARBOR_VERSION:=v2.7.0}"
 : "${HARBOR_HOST:=localhost}"
 : "${HARBOR_PORT:=49154}"
 : "${REGISTRY_USER:=admin}"
 : "${REGISTRY_PASSWORD:=Harbor12345}"
 : "${HARBOR_PROJECT:=test-docker-action}"
 project_post_data() {
  cat <<EOF
 {
  "project_name": "$HARBOR_PROJECT",
  "public": true
 }
 EOF
 }
 export TERM=xterm
 # download
 echo "::group::Downloading Harbor $HARBOR_VERSION"
 (
  cd /tmp
  set -x
  wget -q "https://github.com/goharbor/harbor/releases/download/${HARBOR_VERSION}/harbor-offline-installer-${HARBOR_VERSION}.tgz" -O harbor-online-installer.tgz
  tar xvf harbor-online-installer.tgz
 )
 echo "::endgroup::"
 # config
 echo "::group::Configuring Harbor"
 (
  cd /tmp/harbor
  set -x
  cp harbor.yml.tmpl harbor.yml
  harborConfig="$(harborHost="$HARBOR_HOST" harborPort="$HARBOR_PORT" harborPwd="$REGISTRY_PASSWORD" yq --no-colors '.hostname = env(harborHost) | .http.port = env(harborPort) | .harbor_admin_password = env(harborPwd) | del(.https)' harbor.yml)"
  tee harbor.yml <<<"$harborConfig" >/dev/null
  yq --no-colors harbor.yml
 )
 echo "::endgroup::"
 # install and start
 echo "::group::Installing Harbor"
 (
  cd /tmp/harbor
  set -x
  ./install.sh
  sleep 10
  netstat -aptn
 )
 echo "::endgroup::"
 # compose config
 echo "::group::Compose config"
 (
  cd /tmp/harbor
  set -x
  docker compose config
 )
 echo "::endgroup::"
 # create project
 echo "::group::Creating project"
 (
  set -x
  curl --fail -v -k --max-time 10 -u "$REGISTRY_USER:$REGISTRY_PASSWORD" -X POST -H "Content-Type: application/json" -d "$(project_post_data)" "http://$HARBOR_HOST:$HARBOR_PORT/api/v2.0/projects"
 )
 echo "::endgroup::"
 # list projects
 echo "::group::List projects"
 (
  set -x
  curl --fail -s -k --max-time 10 -u "$REGISTRY_USER:$REGISTRY_PASSWORD" -H "Content-Type: application/json" "http://$HARBOR_HOST:$HARBOR_PORT/api/v2.0/projects" | jq
 )
 echo "::endgroup::"
--- a/.github/e2e/nexus/docker-compose.yml
+++ b/.github/e2e/nexus/docker-compose.yml
@ -0,0 +1,8 @@
 services:
  nexus:
    image: sonatype/nexus3:${NEXUS_VERSION:-latest}
    volumes:
      - "./data:/nexus-data"
    ports:
      - "8081:8081"
      - "8082:8082"
--- a/.github/e2e/nexus/env
+++ b/.github/e2e/nexus/env
@ -0,0 +1,9 @@
 REGISTRY_FQDN=localhost:8082
 REGISTRY_USER=admin
 REGISTRY_PASSWORD=Nexus12345
 REGISTRY_SLUG=localhost:8082/test-docker-action
 NEXUS_HOST=localhost
 NEXUS_PORT=8081
 NEXUS_REGISTRY_PORT=8082
 NEXUS_REPO=test-docker-action
--- a/.github/e2e/nexus/install.sh
+++ b/.github/e2e/nexus/install.sh
@ -0,0 +1,93 @@
 #!/usr/bin/env bash
 set -eu
 SCRIPT_DIR=$(cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd)
 : "${NEXUS_VERSION:=3.47.1}"
 : "${NEXUS_HOST:=localhost}"
 : "${NEXUS_PORT:=8081}"
 : "${NEXUS_REGISTRY_PORT:=8082}"
 : "${REGISTRY_USER:=admin}"
 : "${REGISTRY_PASSWORD:=Nexus12345}"
 : "${NEXUS_REPO:=test-docker-action}"
 createrepo_post_data() {
  cat <<EOF
 {
  "name": "${NEXUS_REPO}",
  "online": true,
  "storage": {
    "blobStoreName": "default",
    "strictContentTypeValidation": true,
    "writePolicy": "ALLOW"
  },
  "docker": {
    "v1Enabled": false,
    "forceBasicAuth": true,
    "httpPort": ${NEXUS_REGISTRY_PORT},
    "httpsPort": null,
    "subdomain": null
  }
 }
 EOF
 }
 export NEXUS_VERSION
 mkdir -p /tmp/nexus/data
 chown 200:200 /tmp/nexus/data
 cp "${SCRIPT_DIR}/docker-compose.yml" /tmp/nexus/docker-compose.yml
 echo "::group::Pulling Nexus $NEXUS_VERSION"
 (
  cd /tmp/nexus
  set -x
  docker compose pull
 )
 echo "::endgroup::"
 echo "::group::Compose config"
 (
  cd /tmp/nexus
  set -x
  docker compose config
 )
 echo "::endgroup::"
 echo "::group::Running Nexus"
 (
  cd /tmp/nexus
  set -x
  docker compose up -d
 )
 echo "::endgroup::"
 echo "::group::Running Nexus"
 (
  cd /tmp/nexus
  set -x
  docker compose up -d
 )
 echo "::endgroup::"
 echo "::group::Waiting for Nexus to be ready"
 until $(curl --output /dev/null --silent --head --fail "http://$NEXUS_HOST:$NEXUS_PORT"); do
  printf '.'
  sleep 5
 done
 echo "::endgroup::"
 echo "::group::Change user's password"
 (
  set -x
  curl --fail -v -k --max-time 10 -u "$REGISTRY_USER:$(cat /tmp/nexus/data/admin.password)" -X PUT -H 'Content-Type: text/plain' -d "$REGISTRY_PASSWORD" "http://$NEXUS_HOST:$NEXUS_PORT/service/rest/v1/security/users/$REGISTRY_USER/change-password"
 )
 echo "::endgroup::"
 echo "::group::Create Docker repository"
 (
  set -x
  curl --fail -v -k --max-time 10 -u "$REGISTRY_USER:$REGISTRY_PASSWORD" -X POST -H 'Content-Type: application/json' -d "$(createrepo_post_data)" "http://$NEXUS_HOST:$NEXUS_PORT/service/rest/v1/repositories/docker/hosted"
 )
 echo "::endgroup::"
--- a/.github/workflows/.e2e-run.yml
+++ b/.github/workflows/.e2e-run.yml
@ -0,0 +1,130 @@
 # reusable workflow
 name: .e2e-run
 on:
  workflow_call:
    inputs:
      id:
        required: false
        type: string
      type:
        required: true
        type: string
      name:
        required: true
        type: string
      registry:
        required: false
        type: string
      slug:
        required: false
        type: string
      username_secret:
        required: false
        type: string
      password_secret:
        required: false
        type: string
 env:
  HARBOR_VERSION: v2.7.0
  NEXUS_VERSION: 3.47.1
  DISTRIBUTION_VERSION: 2.8.1
 jobs:
  run:
    runs-on: ubuntu-latest
    strategy:
      fail-fast: false
      matrix:
        include:
          -
            buildx_version: latest
            buildkit_image: moby/buildkit:buildx-stable-1
          -
            buildx_version: https://github.com/docker/buildx.git#master
            buildkit_image: moby/buildkit:master
    steps:
      -
        name: Checkout
        uses: actions/checkout@v4
      -
        name: Set up env
        if: inputs.type == 'local'
        run: |
          cat ./.github/e2e/${{ inputs.id }}/env >> $GITHUB_ENV
      -
        name: Set up BuildKit config
        run: |
          touch /tmp/buildkitd.toml
          if [ "${{ inputs.type }}" = "local" ]; then
            echo -e "[registry.\"${{ env.REGISTRY_FQDN }}\"]\nhttp = true\ninsecure = true" > /tmp/buildkitd.toml
          fi
      -
        name: Set up Docker daemon
        if: inputs.type == 'local'
        run: |
          if [ ! -e /etc/docker/daemon.json ]; then
            echo '{}' | tee /etc/docker/daemon.json >/dev/null
          fi
          DOCKERD_CONFIG=$(jq '.+{"insecure-registries":["http://${{ env.REGISTRY_FQDN }}"]}' /etc/docker/daemon.json)
          sudo tee /etc/docker/daemon.json <<<"$DOCKERD_CONFIG" >/dev/null
          sudo service docker restart
      -
        name: Install ${{ inputs.name }}
        if: inputs.type == 'local'
        run: |
          sudo -E bash ./.github/e2e/${{ inputs.id }}/install.sh
          sudo chown $(id -u):$(id -g) -R ~/.docker
      -
        name: Docker meta
        id: meta
        uses: docker/metadata-action@v5
        with:
          images: ${{ env.REGISTRY_SLUG || inputs.slug }}
          tags: |
            type=ref,event=branch,enable=${{ matrix.buildx_version == 'latest' && matrix.buildkit_image == 'moby/buildkit:buildx-stable-1' }}
            type=ref,event=tag,enable=${{ matrix.buildx_version == 'latest' && matrix.buildkit_image == 'moby/buildkit:buildx-stable-1' }}
            type=raw,gh-runid-${{ github.run_id }}
      -
        name: Set up QEMU
        uses: docker/setup-qemu-action@v3
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
        with:
          version: ${{ matrix.buildx_version }}
          config: /tmp/buildkitd.toml
          buildkitd-flags: --debug --allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host
          driver-opts: |
            image=${{ matrix.buildkit_image }}
            network=host
      -
        name: Login to Registry
        if: github.event_name != 'pull_request' && (env.REGISTRY_USER || inputs.username_secret) != ''
        uses: docker/login-action@v3
        with:
          registry: ${{ env.REGISTRY_FQDN || inputs.registry }}
          username: ${{ env.REGISTRY_USER || secrets[inputs.username_secret] }}
          password: ${{ env.REGISTRY_PASSWORD || secrets[inputs.password_secret] }}
      -
        name: Build and push
        uses: ./
        with:
          context: ./test
          file: ./test/multi.Dockerfile
          platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/ppc64le,linux/s390x
          push: ${{ github.event_name != 'pull_request' }}
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
          cache-from: type=registry,ref=${{ env.REGISTRY_SLUG || inputs.slug }}:master
          cache-to: type=inline
      -
        name: Inspect image
        run: |
          docker pull ${{ env.REGISTRY_SLUG || inputs.slug }}:${{ steps.meta.outputs.version }}
          docker image inspect ${{ env.REGISTRY_SLUG || inputs.slug }}:${{ steps.meta.outputs.version }}
      -
        name: Check manifest
        run: |
          docker buildx imagetools inspect ${{ env.REGISTRY_SLUG || inputs.slug }}:${{ steps.meta.outputs.version }} --format '{{json .}}'
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
--- a/.github/workflows/e2e.yml
+++ b/.github/workflows/e2e.yml
@ -1,5 +1,9 @@
 name: e2e
 concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true
 on:
  workflow_dispatch:
  schedule:
@ -8,103 +12,103 @@ on:
    branches:
      - 'master'
    tags:
-      - v*
+      - 'v*'
 jobs:
-  docker:
+  build:
-    runs-on: ubuntu-latest
+    uses: ./.github/workflows/.e2e-run.yml
    strategy:
      fail-fast: false
      matrix:
        include:
          -
            name: Distribution
            id: distribution
            type: local
          -
            name: Docker Hub
            registry: ''
            slug: ghactionstest/ghactionstest
            username_secret: DOCKERHUB_USERNAME
            password_secret: DOCKERHUB_TOKEN
            type: remote
          -
            name: GitHub
            registry: ghcr.io
            slug: ghcr.io/docker-ghactiontest/test
            username_secret: GHCR_USERNAME
            password_secret: GHCR_PAT
            type: remote
          -
            name: GitLab
            registry: registry.gitlab.com
            slug: registry.gitlab.com/test1716/test
            username_secret: GITLAB_USERNAME
            password_secret: GITLAB_TOKEN
            type: remote
          -
            name: AWS ECR
            registry: 175142243308.dkr.ecr.us-east-2.amazonaws.com
            slug: 175142243308.dkr.ecr.us-east-2.amazonaws.com/sandbox/test-docker-action
            username_secret: AWS_ACCESS_KEY_ID
            password_secret: AWS_SECRET_ACCESS_KEY
            type: remote
          -
            name: AWS ECR Public
            registry: public.ecr.aws
            slug: public.ecr.aws/q3b5f1u4/test-docker-action
            username_secret: AWS_ACCESS_KEY_ID
            password_secret: AWS_SECRET_ACCESS_KEY
            type: remote
          -
            name: Google Artifact Registry
            registry: us-east4-docker.pkg.dev
            slug: us-east4-docker.pkg.dev/sandbox-298914/docker-official-github-actions/test-docker-action
            username_secret: GAR_USERNAME
            password_secret: GAR_JSON_KEY
            type: remote
          -
            name: Google Container Registry
            registry: gcr.io
            slug: gcr.io/sandbox-298914/test-docker-action
            username_secret: GCR_USERNAME
            password_secret: GCR_JSON_KEY
            type: remote
          -
            name: Azure Container Registry
            registry: officialgithubactions.azurecr.io
            slug: officialgithubactions.azurecr.io/test-docker-action
            username_secret: AZURE_CLIENT_ID
            password_secret: AZURE_CLIENT_SECRET
-    steps:
+            type: remote
-      -
+          -
-        name: Checkout
+            name: Quay
-        uses: actions/checkout@v3
+            registry: quay.io
-      -
+            slug: quay.io/docker_build_team/ghactiontest
-        name: Docker meta
+            username_secret: QUAY_USERNAME
-        id: meta
+            password_secret: QUAY_TOKEN
-        uses: docker/metadata-action@v4
+            type: remote
-        with:
+#          -
-          images: ${{ matrix.slug }}
+#            name: Artifactory
-      -
+#            registry: sforzando-build-team-local.jfrog.io
-        name: Set up QEMU
+#            slug: sforzando-build-team-local.jfrog.io/build-push-action-e2e
-        uses: docker/setup-qemu-action@v1
+#            username_secret: ARTIFACTORY_USERNAME
-      -
+#            password_secret: ARTIFACTORY_TOKEN
-        name: Set up Docker Buildx
+#            type: remote
-        uses: docker/setup-buildx-action@v1
+          -
-      -
+            name: Harbor
-        name: Login to Registry
+            id: harbor
-        if: github.event_name != 'pull_request'
+            type: local
-        uses: docker/login-action@v1
+          -
-        with:
+            name: Nexus
-          registry: ${{ matrix.registry }}
+            id: nexus
-          username: ${{ secrets[matrix.username_secret] }}
+            type: local
-          password: ${{ secrets[matrix.password_secret] }}
+    with:
-      -
+      id: ${{ matrix.id }}
-        name: Build and push
+      type: ${{ matrix.type }}
-        uses: ./
+      name: ${{ matrix.name }}
-        with:
+      registry: ${{ matrix.registry }}
-          context: ./test
+      slug: ${{ matrix.slug }}
-          file: ./test/multi.Dockerfile
+      username_secret: ${{ matrix.username_secret }}
-          platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/ppc64le,linux/s390x
+      password_secret: ${{ matrix.password_secret }}
-          push: ${{ github.event_name != 'pull_request' }}
+    secrets: inherit
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
          cache-from: type=registry,ref=${{ matrix.slug }}:master
          cache-to: type=inline
      -
        name: Inspect image
        if: github.event_name != 'pull_request'
        run: |
          docker pull ${{ matrix.slug }}:${{ steps.meta.outputs.version }}
          docker image inspect ${{ matrix.slug }}:${{ steps.meta.outputs.version }}
      -
        name: Check manifest
        if: github.event_name != 'pull_request'
        run: |
          docker buildx imagetools inspect ${{ matrix.slug }}:${{ steps.meta.outputs.version }}
      -
        name: Dump context
        if: always()
        uses: crazy-max/ghaction-dump-context@v1
--- a/.github/workflows/example.yml
+++ b/.github/workflows/example.yml
@ -1,78 +0,0 @@
 # This workflow is provided just as an example and not for repo testing/verification
 name: example
 on:
  schedule:
    - cron: '0 10 * * 0'
  push:
    branches:
      - '**'
    tags:
      - 'v*.*.*'
  pull_request:
 env:
  DOCKER_IMAGE: localhost:5000/name/app
 jobs:
  docker:
    runs-on: ubuntu-latest
    services:
      registry:
        image: registry:2
        ports:
          - 5000:5000
    steps:
      -
        name: Checkout
        uses: actions/checkout@v3
      -
        name: Docker meta
        id: meta
        uses: docker/metadata-action@v4
        with:
          images: ${{ env.DOCKER_IMAGE }}
          tags: |
            type=schedule
            type=ref,event=branch
            type=ref,event=pr
            type=semver,pattern={{version}}
            type=semver,pattern={{major}}.{{minor}}
            type=semver,pattern={{major}}
            type=sha
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v1
        with:
          driver-opts: network=host
      -
        name: Build and export to Docker client
        uses: ./
        with:
          context: ./test
          file: ./test/Dockerfile
          load: true
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
      -
        name: Build and push to local registry
        uses: ./
        with:
          context: ./test
          file: ./test/Dockerfile
          push: ${{ github.event_name != 'pull_request' }}
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
      -
        name: Inspect image
        run: |
          docker image inspect ${{ env.DOCKER_IMAGE }}:${{ steps.meta.outputs.version }}
      -
        name: Check manifest
        if: github.event_name != 'pull_request'
        run: |
          docker buildx imagetools inspect ${{ env.DOCKER_IMAGE }}:${{ steps.meta.outputs.version }}
      -
        name: Dump context
        if: always()
        uses: crazy-max/ghaction-dump-context@v1
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@ -1,12 +1,15 @@
 name: test
 concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true
 on:
  push:
    branches:
      - 'master'
      - 'releases/v*'
  pull_request:
    branches:
      - 'master'
 jobs:
  test:
@ -14,19 +17,15 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
      -
        name: Validate
        uses: docker/bake-action@v1
        with:
          targets: validate
      -
        name: Test
-        uses: docker/bake-action@v1
+        uses: docker/bake-action@v4
        with:
          targets: test
      -
        name: Upload coverage
-        uses: codecov/codecov-action@v3
+        uses: codecov/codecov-action@v4
        with:
          file: ./coverage/clover.xml
          token: ${{ secrets.CODECOV_TOKEN }}
--- a/.github/workflows/validate.yml
+++ b/.github/workflows/validate.yml
@ -0,0 +1,45 @@
 name: validate
 concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true
 on:
  push:
    branches:
      - 'master'
      - 'releases/v*'
  pull_request:
 jobs:
  prepare:
    runs-on: ubuntu-latest
    outputs:
      targets: ${{ steps.targets.outputs.matrix }}
    steps:
      -
        name: Checkout
        uses: actions/checkout@v4
      -
        name: Targets matrix
        id: targets
        run: |
          echo "matrix=$(docker buildx bake validate --print | jq -cr '.group.validate.targets')" >> $GITHUB_OUTPUT
  validate:
    runs-on: ubuntu-latest
    needs:
      - prepare
    strategy:
      fail-fast: false
      matrix:
        target: ${{ fromJson(needs.prepare.outputs.targets) }}
    steps:
      -
        name: Checkout
        uses: actions/checkout@v4
      -
        name: Validate
        uses: docker/bake-action@v4
        with:
          targets: ${{ matrix.target }}
--- a/.github/workflows/virtual-env.yml
+++ b/.github/workflows/virtual-env.yml
@ -1,61 +0,0 @@
 name: virtual-env
 on:
  workflow_dispatch:
  schedule:
    - cron: '0 10 * * *'
 jobs:
  os:
    runs-on: ${{ matrix.os }}
    strategy:
      fail-fast: false
      matrix:
        os:
          - ubuntu-latest
          - ubuntu-20.04
          - ubuntu-18.04
    steps:
      -
        name: File system
        run: df -ah
      -
        name: Mounts
        run: mount
      -
        name: Node info
        run: node -p process
      -
        name: NPM version
        run: npm version
      -
        name: List install packages
        run: apt list --installed
      -
        name: Docker daemon conf
        run: |
          cat /etc/docker/daemon.json
      -
        name: Docker info
        run: docker info
      -
        name: Docker version
        run: docker version
      -
        name: Cgroups
        run: |
          sudo apt-get install -y cgroup-tools
          lscgroup
      -
        name: buildx version
        run: docker buildx version
      -
        name: containerd version
        run: containerd --version
      -
        name: Docker images
        run: docker image ls
      -
        name: Dump context
        if: always()
        uses: crazy-max/ghaction-dump-context@v1
--- a/.gitignore
+++ b/.gitignore
@ -1,10 +1,6 @@
 node_modules
 lib
 # Jetbrains
 /.idea
 /*.iml
 # Rest of the file pulled from https://github.com/github/gitignore/blob/master/Node.gitignore
 # Logs
 logs
--- a/README.md
+++ b/README.md
@ -1,14 +1,15 @@
 [![GitHub release](https://img.shields.io/github/release/docker/build-push-action.svg?style=flat-square)](https://github.com/docker/build-push-action/releases/latest)
 [![GitHub marketplace](https://img.shields.io/badge/marketplace-build--and--push--docker--images-blue?logo=github&style=flat-square)](https://github.com/marketplace/actions/build-and-push-docker-images)
-[![CI workflow](https://img.shields.io/github/workflow/status/docker/build-push-action/ci?label=ci&logo=github&style=flat-square)](https://github.com/docker/build-push-action/actions?workflow=ci)
+[![CI workflow](https://img.shields.io/github/actions/workflow/status/docker/build-push-action/ci.yml?branch=master&label=ci&logo=github&style=flat-square)](https://github.com/docker/build-push-action/actions?workflow=ci)
-[![Test workflow](https://img.shields.io/github/workflow/status/docker/build-push-action/test?label=test&logo=github&style=flat-square)](https://github.com/docker/build-push-action/actions?workflow=test)
+[![Test workflow](https://img.shields.io/github/actions/workflow/status/docker/build-push-action/test.yml?branch=master&label=test&logo=github&style=flat-square)](https://github.com/docker/build-push-action/actions?workflow=test)
 [![Codecov](https://img.shields.io/codecov/c/github/docker/build-push-action?logo=codecov&style=flat-square)](https://codecov.io/gh/docker/build-push-action)
 ## About
-GitHub Action to build and push Docker images with [Buildx](https://github.com/docker/buildx) with full support of the
+GitHub Action to build and push Docker images with [Buildx](https://github.com/docker/buildx)
-features provided by [Moby BuildKit](https://github.com/moby/buildkit) builder toolkit. This includes multi-platform
+with full support of the features provided by [Moby BuildKit](https://github.com/moby/buildkit)
-build, secrets, remote cache, etc. and different builder deployment/namespacing options.
+builder toolkit. This includes multi-platform build, secrets, remote cache, etc.
 and different builder deployment/namespacing options.
 ![Screenshot](.github/build-push-action.png)
@ -17,43 +18,46 @@ ___
 * [Usage](#usage)
  * [Git context](#git-context)
  * [Path context](#path-context)
-* [Advanced usage](#advanced-usage)
+* [Examples](#examples)
-  * [Multi-platform image](docs/advanced/multi-platform.md)
+  * [Multi-platform image](https://docs.docker.com/build/ci/github-actions/multi-platform/)
-  * [Secrets](docs/advanced/secrets.md)
+  * [Secrets](https://docs.docker.com/build/ci/github-actions/secrets/)
-  * [Isolated builders](docs/advanced/isolated-builders.md)
+  * [Push to multi-registries](https://docs.docker.com/build/ci/github-actions/push-multi-registries/)
-  * [Push to multi-registries](docs/advanced/push-multi-registries.md)
+  * [Manage tags and labels](https://docs.docker.com/build/ci/github-actions/manage-tags-labels/)
-  * [Copy between registries](docs/advanced/copy-between-registries.md)  
+  * [Cache management](https://docs.docker.com/build/ci/github-actions/cache/)
-  * [Cache](docs/advanced/cache.md)
+  * [Export to Docker](https://docs.docker.com/build/ci/github-actions/export-docker/)
-  * [Local registry](docs/advanced/local-registry.md)
+  * [Test before push](https://docs.docker.com/build/ci/github-actions/test-before-push/)
-  * [Export image to Docker](docs/advanced/export-docker.md)
+  * [Local registry](https://docs.docker.com/build/ci/github-actions/local-registry/)
-  * [Share built image between jobs](docs/advanced/share-image-jobs.md)
+  * [Share built image between jobs](https://docs.docker.com/build/ci/github-actions/share-image-jobs/)
-  * [Test your image before pushing it](docs/advanced/test-before-push.md)
+  * [Named contexts](https://docs.docker.com/build/ci/github-actions/named-contexts/)
-  * [Handle tags and labels](docs/advanced/tags-labels.md)
+  * [Copy image between registries](https://docs.docker.com/build/ci/github-actions/copy-image-registries/)
-  * [Update DockerHub repo description](docs/advanced/dockerhub-desc.md)
+  * [Update Docker Hub repo description](https://docs.docker.com/build/ci/github-actions/update-dockerhub-desc/)
 * [Customizing](#customizing)
  * [inputs](#inputs)
  * [outputs](#outputs)
 * [Troubleshooting](#troubleshooting)
-* [Keep up-to-date with GitHub Dependabot](#keep-up-to-date-with-github-dependabot)
+* [Contributing](#contributing)
 ## Usage
 In the examples below we are also using 3 other actions:
-* [`setup-buildx`](https://github.com/docker/setup-buildx-action) action will create and boot a builder using by 
+* [`setup-buildx`](https://github.com/docker/setup-buildx-action) action will
-default the `docker-container` [builder driver](https://github.com/docker/buildx/blob/master/docs/reference/buildx_create.md#driver).
+  create and boot a builder using by default the [`docker-container` driver](https://docs.docker.com/build/building/drivers/docker-container/).
-This is **not required but recommended** using it to be able to build multi-platform images, export cache, etc.
+  This is **not required but recommended** using it to be able to build
-* [`setup-qemu`](https://github.com/docker/setup-qemu-action) action can be useful if you want
+  multi-platform images, export cache, etc.
-to add emulation support with QEMU to be able to build against more platforms. 
+* [`setup-qemu`](https://github.com/docker/setup-qemu-action) action can be
-* [`login`](https://github.com/docker/login-action) action will take care to log in against a Docker registry.
+  useful if you want to add emulation support with QEMU to be able to build
  against more platforms. 
 * [`login`](https://github.com/docker/login-action) action will take care to
  log in against a Docker registry.
 ### Git context
-By default, this action uses the [Git context](#git-context) so you don't need
+By default, this action uses the [Git context](https://docs.docker.com/engine/reference/commandline/build/#git-repositories),
-to use the [`actions/checkout`](https://github.com/actions/checkout/) action to
+so you don't need to use the [`actions/checkout`](https://github.com/actions/checkout/)
-check out the repository because this will be done directly by [BuildKit](https://github.com/moby/buildkit).
+action to check out the repository as this will be done directly by [BuildKit](https://github.com/moby/buildkit).
-The git reference will be based on the [event that triggered your workflow](https://docs.github.com/en/actions/reference/events-that-trigger-workflows)
+The git reference will be based on the [event that triggered your workflow](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows)
 and will result in the following context: `https://github.com/<owner>/<repo>.git#<ref>`.
 ```yaml
@ -70,19 +74,19 @@ jobs:
    steps:
      -
        name: Set up QEMU
-        uses: docker/setup-qemu-action@v1
+        uses: docker/setup-qemu-action@v3
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
+        uses: docker/setup-buildx-action@v3
      -
-        name: Login to DockerHub
+        name: Login to Docker Hub
-        uses: docker/login-action@v1 
+        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        name: Build and push
-        uses: docker/build-push-action@v2
+        uses: docker/build-push-action@v5
        with:
          push: true
          tags: user/app:latest
@ -100,25 +104,37 @@ expression `{{defaultContext}}`. Here we can use it to provide a subdirectory
 to the default Git context:
 ```yaml
      -
        # Setting up Docker Buildx with docker-container driver is required
        # at the moment to be able to use a subdirectory with Git context
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
      -
        name: Build and push
-        uses: docker/build-push-action@v2
+        uses: docker/build-push-action@v5
        with:
          context: "{{defaultContext}}:mysubdir"
          push: true
          tags: user/app:latest
 ```
 > :warning: Subdirectory for Git context is not yet available for the buildx [`docker` driver](https://github.com/docker/buildx/blob/master/docs/reference/buildx_create.md#driver).
-Building from the current repository automatically uses the [GitHub Token](https://help.github.com/en/actions/configuring-and-managing-workflows/authenticating-with-the-github_token)
+> **Warning**
 >
 > Subdirectory for Git context is available from [BuildKit v0.9.0](https://github.com/moby/buildkit/releases/tag/v0.9.0).
 > If you're using the `docker` builder (default if `setup-buildx-action` not used),
 > then BuildKit in Docker Engine will be used. As Docker Engine < v22.x.x embeds
 > Buildkit 0.8.2 at the moment, it does not support this feature. It's therefore
 > required to use the `setup-buildx-action` at the moment.
 Building from the current repository automatically uses the [GitHub Token](https://docs.github.com/en/actions/security-guides/automatic-token-authentication),
 so it does not need to be passed. If you want to authenticate against another
-private repository, you have to use a [secret](docs/advanced/secrets.md) named
+private repository, you have to use a [secret](https://docs.docker.com/build/ci/github-actions/secrets)
-`GIT_AUTH_TOKEN` to be able to authenticate against it with buildx:
+named `GIT_AUTH_TOKEN` to be able to authenticate against it with Buildx:
 ```yaml
      -
        name: Build and push
-        uses: docker/build-push-action@v2
+        uses: docker/build-push-action@v5
        with:
          push: true
          tags: user/app:latest
@ -142,42 +158,42 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
      -
        name: Set up QEMU
-        uses: docker/setup-qemu-action@v1
+        uses: docker/setup-qemu-action@v3
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
+        uses: docker/setup-buildx-action@v3
      -
-        name: Login to DockerHub
+        name: Login to Docker Hub
-        uses: docker/login-action@v1
+        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        name: Build and push
-        uses: docker/build-push-action@v2
+        uses: docker/build-push-action@v5
        with:
          context: .
          push: true
          tags: user/app:latest
 ```
-## Advanced usage
+## Examples
-* [Multi-platform image](docs/advanced/multi-platform.md)
+* [Multi-platform image](https://docs.docker.com/build/ci/github-actions/multi-platform/)
-* [Secrets](docs/advanced/secrets.md)
+* [Secrets](https://docs.docker.com/build/ci/github-actions/secrets/)
-* [Isolated builders](docs/advanced/isolated-builders.md)
+* [Push to multi-registries](https://docs.docker.com/build/ci/github-actions/push-multi-registries/)
-* [Push to multi-registries](docs/advanced/push-multi-registries.md)
+* [Manage tags and labels](https://docs.docker.com/build/ci/github-actions/manage-tags-labels/)
-* [Copy between registries](docs/advanced/copy-between-registries.md)
+* [Cache management](https://docs.docker.com/build/ci/github-actions/cache/)
-* [Cache](docs/advanced/cache.md)
+* [Export to Docker](https://docs.docker.com/build/ci/github-actions/export-docker/)
-* [Local registry](docs/advanced/local-registry.md)
+* [Test before push](https://docs.docker.com/build/ci/github-actions/test-before-push/)
-* [Export image to Docker](docs/advanced/export-docker.md)
+* [Local registry](https://docs.docker.com/build/ci/github-actions/local-registry/)
-* [Share built image between jobs](docs/advanced/share-image-jobs.md)
+* [Share built image between jobs](https://docs.docker.com/build/ci/github-actions/share-image-jobs/)
-* [Test your image before pushing it](docs/advanced/test-before-push.md)
+* [Named contexts](https://docs.docker.com/build/ci/github-actions/named-contexts/)
-* [Handle tags and labels](docs/advanced/tags-labels.md)
+* [Copy image between registries](https://docs.docker.com/build/ci/github-actions/copy-image-registries/)
-* [Update DockerHub repo description](docs/advanced/dockerhub-desc.md)
+* [Update Docker Hub repo description](https://docs.docker.com/build/ci/github-actions/update-dockerhub-desc/)
 ## Customizing
@ -197,61 +213,60 @@ Following inputs can be used as `step.with` keys
 > tags: name/app:latest,name/app:1.0.0
 > ```
-| Name                | Type     | Description                        |
+| Name               | Type        | Description                                                                                                                                                                       |
-|---------------------|----------|------------------------------------|
+|--------------------|-------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| `add-hosts`         | List/CSV | List of [customs host-to-IP mapping](https://docs.docker.com/engine/reference/commandline/build/#add-entries-to-container-hosts-file---add-host) (e.g., `docker:10.180.0.1`) |
+| `add-hosts`        | List/CSV    | List of [customs host-to-IP mapping](https://docs.docker.com/engine/reference/commandline/build/#add-entries-to-container-hosts-file---add-host) (e.g., `docker:10.180.0.1`)      |
-| `allow`             | List/CSV | List of [extra privileged entitlement](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#allow) (e.g., `network.host,security.insecure`) |
+| `allow`            | List/CSV    | List of [extra privileged entitlement](https://docs.docker.com/engine/reference/commandline/buildx_build/#allow) (e.g., `network.host,security.insecure`)                         |
-| `builder`           | String   | Builder instance (see [setup-buildx](https://github.com/docker/setup-buildx-action) action) |
+| `annotations`      | List        | List of annotation to set to the image                                                                                                                                            |
-| `build-args`        | List     | List of [build-time variables](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#build-arg) |
+| `attests`          | List        | List of [attestation](https://docs.docker.com/build/attestations/) parameters (e.g., `type=sbom,generator=image`)                                                                 | 
-| `build-contexts`    | List     | List of additional [build contexts](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#build-context) (e.g., `name=path`) |
+| `builder`          | String      | Builder instance (see [setup-buildx](https://github.com/docker/setup-buildx-action) action)                                                                                       |
-| `cache-from`        | List     | List of [external cache sources](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#cache-from) (e.g., `type=local,src=path/to/dir`) |
+| `build-args`       | List        | List of [build-time variables](https://docs.docker.com/engine/reference/commandline/buildx_build/#build-arg)                                                                      |
-| `cache-to`          | List     | List of [cache export destinations](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#cache-to) (e.g., `type=local,dest=path/to/dir`) |
+| `build-contexts`   | List        | List of additional [build contexts](https://docs.docker.com/engine/reference/commandline/buildx_build/#build-context) (e.g., `name=path`)                                         |
-| `cgroup-parent`     | String   | Optional [parent cgroup](https://docs.docker.com/engine/reference/commandline/build/#use-a-custom-parent-cgroup---cgroup-parent) for the container used in the build |
+| `cache-from`       | List        | List of [external cache sources](https://docs.docker.com/engine/reference/commandline/buildx_build/#cache-from) (e.g., `type=local,src=path/to/dir`)                              |
-| `context`           | String   | Build's context is the set of files located in the specified [`PATH` or `URL`](https://docs.docker.com/engine/reference/commandline/build/) (default [Git context](#git-context)) |
+| `cache-to`         | List        | List of [cache export destinations](https://docs.docker.com/engine/reference/commandline/buildx_build/#cache-to) (e.g., `type=local,dest=path/to/dir`)                            |
-| `file`              | String   | Path to the Dockerfile. (default `{context}/Dockerfile`) |
+| `cgroup-parent`    | String      | Optional [parent cgroup](https://docs.docker.com/engine/reference/commandline/build/#use-a-custom-parent-cgroup---cgroup-parent) for the container used in the build              |
-| `labels`            | List     | List of metadata for an image |
+| `context`          | String      | Build's context is the set of files located in the specified [`PATH` or `URL`](https://docs.docker.com/engine/reference/commandline/build/) (default [Git context](#git-context)) |
-| `load`              | Bool     | [Load](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#load) is a shorthand for `--output=type=docker` (default `false`) |
+| `file`             | String      | Path to the Dockerfile. (default `{context}/Dockerfile`)                                                                                                                          |
-| `network`           | String   | Set the networking mode for the `RUN` instructions during build |
+| `labels`           | List        | List of metadata for an image                                                                                                                                                     |
-| `no-cache`          | Bool     | Do not use cache when building the image (default `false`) |
+| `load`             | Bool        | [Load](https://docs.docker.com/engine/reference/commandline/buildx_build/#load) is a shorthand for `--output=type=docker` (default `false`)                                       |
-| `outputs`           | List     | List of [output destinations](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#output) (format: `type=local,dest=path`) |
+| `network`          | String      | Set the networking mode for the `RUN` instructions during build                                                                                                                   |
-| `platforms`         | List/CSV | List of [target platforms](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#platform) for build |
+| `no-cache`         | Bool        | Do not use cache when building the image (default `false`)                                                                                                                        |
-| `pull`              | Bool     | Always attempt to pull all referenced images (default `false`) |
+| `no-cache-filters` | List/CSV    | Do not cache specified stages                                                                                                                                                     |
-| `push`              | Bool     | [Push](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#push) is a shorthand for `--output=type=registry` (default `false`) |
+| `outputs`¹         | List        | List of [output destinations](https://docs.docker.com/engine/reference/commandline/buildx_build/#output) (format: `type=local,dest=path`)                                         |
-| `secrets`           | List     | List of [secrets](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#secret) to expose to the build (e.g., `key=string`, `GIT_AUTH_TOKEN=mytoken`) |
+| `platforms`        | List/CSV    | List of [target platforms](https://docs.docker.com/engine/reference/commandline/buildx_build/#platform) for build                                                                 |
-| `secret-files`      | List     | List of [secret files](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#secret) to expose to the build (e.g., `key=filename`, `MY_SECRET=./secret.txt`) |
+| `provenance`       | Bool/String | Generate [provenance](https://docs.docker.com/build/attestations/slsa-provenance/) attestation for the build (shorthand for `--attest=type=provenance`)                           |
-| `shm-size`          | String   | Size of [`/dev/shm`](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#-size-of-devshm---shm-size) (e.g., `2g`) |
+| `pull`             | Bool        | Always attempt to pull all referenced images (default `false`)                                                                                                                    |
-| `ssh`               | List     | List of [SSH agent socket or keys](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#ssh) to expose to the build |
+| `push`             | Bool        | [Push](https://docs.docker.com/engine/reference/commandline/buildx_build/#push) is a shorthand for `--output=type=registry` (default `false`)                                     |
-| `tags`              | List/CSV | List of tags |
+| `sbom`             | Bool/String | Generate [SBOM](https://docs.docker.com/build/attestations/sbom/) attestation for the build (shorthand for `--attest=type=sbom`)                                                  |
-| `target`            | String   | Sets the target stage to build |
+| `secrets`          | List        | List of [secrets](https://docs.docker.com/engine/reference/commandline/buildx_build/#secret) to expose to the build (e.g., `key=string`, `GIT_AUTH_TOKEN=mytoken`)                |
-| `ulimit`            | List     | [Ulimit](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#-set-ulimits---ulimit) options (e.g., `nofile=1024:1024`) |
+| `secret-envs`      | List/CSV    | List of [secret env vars](https://docs.docker.com/engine/reference/commandline/buildx_build/#secret) to expose to the build (e.g., `key=envname`, `MY_SECRET=MY_ENV_VAR`)         |
-| `github-token`      | String   | GitHub Token used to authenticate against a repository for [Git context](#git-context) (default `${{ github.token }}`) |
+| `secret-files`     | List        | List of [secret files](https://docs.docker.com/engine/reference/commandline/buildx_build/#secret) to expose to the build (e.g., `key=filename`, `MY_SECRET=./secret.txt`)         |
 | `shm-size`         | String      | Size of [`/dev/shm`](https://docs.docker.com/engine/reference/commandline/buildx_build/#shm-size) (e.g., `2g`)                                                                    |
 | `ssh`              | List        | List of [SSH agent socket or keys](https://docs.docker.com/engine/reference/commandline/buildx_build/#ssh) to expose to the build                                                 |
 | `tags`             | List/CSV    | List of tags                                                                                                                                                                      |
 | `target`           | String      | Sets the target stage to build                                                                                                                                                    |
 | `ulimit`           | List        | [Ulimit](https://docs.docker.com/engine/reference/commandline/buildx_build/#ulimit) options (e.g., `nofile=1024:1024`)                                                            |
 | `github-token`     | String      | GitHub Token used to authenticate against a repository for [Git context](#git-context) (default `${{ github.token }}`)                                                            |
 > **Note**
 >
 > * ¹ multiple `outputs` are [not yet supported](https://github.com/moby/buildkit/issues/1555)
 ### outputs
-Following outputs are available
+The following outputs are available:
-| Name              | Type    | Description                           |
+| Name       | Type    | Description           |
-|-------------------|---------|---------------------------------------|
+|------------|---------|-----------------------|
-| `imageid`         | String  | Image ID |
+| `imageid`  | String  | Image ID              |
-| `digest`          | String  | Image digest |
+| `digest`   | String  | Image digest          |
-| `metadata`        | JSON    | Build result metadata |
+| `metadata` | JSON    | Build result metadata |
 ## Troubleshooting
 See [TROUBLESHOOTING.md](TROUBLESHOOTING.md)
-## Keep up-to-date with GitHub Dependabot
+## Contributing
-Since [Dependabot](https://docs.github.com/en/github/administering-a-repository/keeping-your-actions-up-to-date-with-github-dependabot)
+Want to contribute? Awesome! You can find information about contributing to
-has [native GitHub Actions support](https://docs.github.com/en/github/administering-a-repository/configuration-options-for-dependency-updates#package-ecosystem),
+this project in the [CONTRIBUTING.md](/.github/CONTRIBUTING.md)
 to enable it on your GitHub repo all you need to do is add the `.github/dependabot.yml` file:
 ```yaml
 version: 2
 updates:
  # Maintain dependencies for GitHub Actions
  - package-ecosystem: "github-actions"
    directory: "/"
    schedule:
      interval: "daily"
 ```
--- a/TROUBLESHOOTING.md
+++ b/TROUBLESHOOTING.md
@ -4,6 +4,7 @@
  * [BuildKit container logs](#buildkit-container-logs)
  * [With containerd](#with-containerd)
 * [`repository name must be lowercase`](#repository-name-must-be-lowercase)
 * [Image not loaded](#image-not-loaded)
 ## Cannot push to a registry
@ -16,7 +17,7 @@ While pushing to a registry, you may encounter these kinds of issues:
 * `unexpected response: 401 Unauthorized`
 These issues are not directly related to this action but are rather linked to
-[buildx](https://github.com/docker/buildx), [buildkit](https://github.com/moby/buildkit),
+[Buildx](https://github.com/docker/buildx), [BuildKit](https://github.com/moby/buildkit),
 [containerd](https://github.com/containerd/containerd) or the registry on which
 you're pushing your image. The quality of error message depends on the registry
 and are usually not very informative.
@ -29,7 +30,7 @@ action step and attach BuildKit container logs to your issue.
 ### With containerd
 Next you can test pushing with [containerd action](https://github.com/crazy-max/ghaction-setup-containerd)
-using the following workflow. If it works then open an issue on [buildkit](https://github.com/moby/buildkit)
+using the following workflow. If it works then open an issue on [BuildKit](https://github.com/moby/buildkit)
 repository.
 ```yaml
@ -44,21 +45,21 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
      -
        name: Set up QEMU
-        uses: docker/setup-qemu-action@v1
+        uses: docker/setup-qemu-action@v3
      -
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
+        uses: docker/setup-buildx-action@v3
        with:
          buildkitd-flags: --debug
      -
        name: Set up containerd
-        uses: crazy-max/ghaction-setup-containerd@v1
+        uses: crazy-max/ghaction-setup-containerd@v2
      -
        name: Build Docker image
-        uses: docker/build-push-action@v2
+        uses: docker/build-push-action@v5
        with:
          context: .
          platforms: linux/amd64,linux/arm64
@ -105,13 +106,13 @@ to generate sanitized tags:
 ```yaml
 - name: Docker meta
  id: meta
-  uses: docker/metadata-action@v3
+  uses: docker/metadata-action@v4
  with:
    images: ghcr.io/${{ github.repository }}
    tags: latest
 - name: Build and push
-  uses: docker/build-push-action@v2
+  uses: docker/build-push-action@v5
  with:
    context: .
    push: true
@ -122,16 +123,42 @@ Or a dedicated step to sanitize the slug:
 ```yaml
 - name: Sanitize repo slug
-  uses: actions/github-script@v4
+  uses: actions/github-script@v6
  id: repo_slug
  with:
    result-encoding: string
    script: return 'ghcr.io/${{ github.repository }}'.toLowerCase()
 - name: Build and push
-  uses: docker/build-push-action@v2
+  uses: docker/build-push-action@v5
  with:
    context: .
    push: true
    tags: ${{ steps.repo_slug.outputs.result }}:latest
 ```
 ## Image not loaded
 Sometimes when your workflows are heavy consumers of disk storage, it can happen that build-push-action declares that the built image is loaded, but then not found in the following workflow steps.
 - You can use the following solution as workaround, to free space on disk before building docker image using the following workflow step
 ```yaml
      # Free disk space
      - name: Free Disk space
        shell: bash
        run: |
          sudo rm -rf /usr/local/lib/android  # will release about 10 GB if you don't need Android
          sudo rm -rf /usr/share/dotnet # will release about 20GB if you don't need .NET
 ```
 - Another workaround can be to call `docker/setup-buildx-action` with docker driver
 ```yaml
 name: Set up Docker Buildx
 uses: docker/setup-buildx-action@v3
 with:
  driver: docker
 ```
 More details in the [related issue](https://github.com/docker/build-push-action/issues/321)
--- a/UPGRADE.md
+++ b/UPGRADE.md
@ -1,133 +0,0 @@
 # Upgrade notes
 ## v1 to v2
 * Input `path` is now called `context` for consistency with other Docker build tools
 * `path` defaults to current git repository so checkout action is not required in a workflow
 * Rename `dockerfile` input to `file` for consistency with other Docker build tools
 * Rename `always_pull` input to `pull` for consistency with other Docker build tools
 * Add `builder` input to be able to choose a builder instance through our [setup-buildx action](https://github.com/docker/setup-buildx-action)
 * Add `platforms` input to support multi-platform builds
 * Add `allow` input
 * Add `load` input
 * Add `outputs` input
 * Add `cache-from` input (`cache_froms` removed)
 * Add `cache-to` input
 * Rename `build_args` input to `build-args` for consistency with other Docker build tools
 * Add `secrets` input
 * Review `tags` input
 * Remove `repository` input. See [Simple workflow](#simple-workflow) for migration
 * Remove `username`, `password` and `registry` inputs. Login support moved to [docker/login-action](https://github.com/docker/login-action) repo
 * Remove `tag_with_sha`, `tag_with_ref`, `add_git_labels` inputs. See [Tags with ref and Git labels](#tags-with-ref-and-git-labels) for migration
 * Handle Git context
 * Add `digest` output
 ### Simple workflow
 ```yaml
 # v1
 steps:
  -
    name: Checkout
    uses: actions/checkout@v2
  -
    name: Build and push Docker images
    uses: docker/build-push-action@v1
    with:
      username: ${{ secrets.DOCKER_USERNAME }}
      password: ${{ secrets.DOCKER_PASSWORD }}
      repository: myorg/myrepository
      always_pull: true
      build_args: arg1=value1,arg2=value2
      cache_froms: myorg/myrepository:latest
      tags: latest
 ```
 ```yaml
 # v2
 steps:
  -
    name: Checkout
    uses: actions/checkout@v2
  -
    name: Set up Docker Buildx
    uses: docker/setup-buildx-action@v1
  -
    name: Login to DockerHub
    uses: docker/login-action@v1
    with:
      username: ${{ secrets.DOCKER_USERNAME }}
      password: ${{ secrets.DOCKER_PASSWORD }}
  -
    name: Build and push
    uses: docker/build-push-action@v2
    with:
      context: .
      pull: true
      push: true
      build-args: |
        arg1=value1
        arg2=value2
      cache-from: type=registry,ref=myorg/myrepository:latest
      cache-to: type=inline
      tags: myorg/myrepository:latest
 ```
 ### Tags with ref and Git labels
 ```yaml
 # v1
 steps:
  -
    name: Checkout
    uses: actions/checkout@v2
  -
    name: Build and push Docker images
    uses: docker/build-push-action@v1
    with:
      username: ${{ secrets.DOCKER_USERNAME }}
      password: ${{ secrets.DOCKER_PASSWORD }}
      repository: myorg/myrepository
      push: ${{ github.event_name != 'pull_request' }}
      tag_with_ref: true
      tag_with_sha: true
      add_git_labels: true
 ```
 ```yaml
 # v2
 steps:
  -
    name: Checkout
    uses: actions/checkout@v2
  -
    name: Docker meta
    id: meta
    uses: docker/metadata-action@v3
    with:
      images: |
        myorg/myrepository
      tags: |
        type=ref,event=branch
        type=ref,event=pr
        type=semver,pattern={{version}}
        type=sha
  -
    name: Set up Docker Buildx
    uses: docker/setup-buildx-action@v1
  -
    name: Login to DockerHub
    if: github.event_name != 'pull_request'
    uses: docker/login-action@v1 
    with:
      username: ${{ secrets.DOCKER_USERNAME }}
      password: ${{ secrets.DOCKER_PASSWORD }}
  -
    name: Build and push
    uses: docker/build-push-action@v2
    with:
      context: .
      push: ${{ github.event_name != 'pull_request' }}
      tags: ${{ steps.meta.outputs.tags }}
      labels: ${{ steps.meta.outputs.labels }}
 ```
--- a/mocks/@actions/github.ts
+++ b/mocks/@actions/github.ts
@ -0,0 +1,207 @@
 import {jest} from '@jest/globals';
 export const context = {
  repo: {
    owner: 'docker',
    repo: 'build-push-action'
  },
  ref: 'refs/heads/master',
  runId: 123456789,
  payload: {
    after: '860c1904a1ce19322e91ac35af1ab07466440c37',
    base_ref: null,
    before: '5f3331d7f7044c18ca9f12c77d961c4d7cf3276a',
    commits: [
      {
        author: {
          email: 'crazy-max@users.noreply.github.com',
          name: 'CrazyMax',
          username: 'crazy-max'
        },
        committer: {
          email: 'crazy-max@users.noreply.github.com',
          name: 'CrazyMax',
          username: 'crazy-max'
        },
        distinct: true,
        id: '860c1904a1ce19322e91ac35af1ab07466440c37',
        message: 'hello dev',
        timestamp: '2022-04-19T11:27:24+02:00',
        tree_id: 'd2c60af597e863787d2d27f569e30495b0b92820',
        url: 'https://github.com/docker/test-docker-action/commit/860c1904a1ce19322e91ac35af1ab07466440c37'
      }
    ],
    compare: 'https://github.com/docker/test-docker-action/compare/5f3331d7f704...860c1904a1ce',
    created: false,
    deleted: false,
    forced: false,
    head_commit: {
      author: {
        email: 'crazy-max@users.noreply.github.com',
        name: 'CrazyMax',
        username: 'crazy-max'
      },
      committer: {
        email: 'crazy-max@users.noreply.github.com',
        name: 'CrazyMax',
        username: 'crazy-max'
      },
      distinct: true,
      id: '860c1904a1ce19322e91ac35af1ab07466440c37',
      message: 'hello dev',
      timestamp: '2022-04-19T11:27:24+02:00',
      tree_id: 'd2c60af597e863787d2d27f569e30495b0b92820',
      url: 'https://github.com/docker/test-docker-action/commit/860c1904a1ce19322e91ac35af1ab07466440c37'
    },
    organization: {
      avatar_url: 'https://avatars.githubusercontent.com/u/5429470?v=4',
      description: 'Docker helps developers bring their ideas to life by conquering the complexity of app development.',
      events_url: 'https://api.github.com/orgs/docker/events',
      hooks_url: 'https://api.github.com/orgs/docker/hooks',
      id: 5429470,
      issues_url: 'https://api.github.com/orgs/docker/issues',
      login: 'docker',
      members_url: 'https://api.github.com/orgs/docker/members{/member}',
      node_id: 'MDEyOk9yZ2FuaXphdGlvbjU0Mjk0NzA=',
      public_members_url: 'https://api.github.com/orgs/docker/public_members{/member}',
      repos_url: 'https://api.github.com/orgs/docker/repos',
      url: 'https://api.github.com/orgs/docker'
    },
    pusher: {
      email: 'github@crazymax.dev',
      name: 'crazy-max'
    },
    ref: 'refs/heads/dev',
    repository: {
      allow_forking: true,
      archive_url: 'https://api.github.com/repos/docker/test-docker-action/{archive_format}{/ref}',
      archived: false,
      assignees_url: 'https://api.github.com/repos/docker/test-docker-action/assignees{/user}',
      blobs_url: 'https://api.github.com/repos/docker/test-docker-action/git/blobs{/sha}',
      branches_url: 'https://api.github.com/repos/docker/test-docker-action/branches{/branch}',
      clone_url: 'https://github.com/docker/test-docker-action.git',
      collaborators_url: 'https://api.github.com/repos/docker/test-docker-action/collaborators{/collaborator}',
      comments_url: 'https://api.github.com/repos/docker/test-docker-action/comments{/number}',
      commits_url: 'https://api.github.com/repos/docker/test-docker-action/commits{/sha}',
      compare_url: 'https://api.github.com/repos/docker/test-docker-action/compare/{base}...{head}',
      contents_url: 'https://api.github.com/repos/docker/test-docker-action/contents/{+path}',
      contributors_url: 'https://api.github.com/repos/docker/test-docker-action/contributors',
      created_at: 1596792180,
      default_branch: 'master',
      deployments_url: 'https://api.github.com/repos/docker/test-docker-action/deployments',
      description: 'Test "Docker" Actions',
      disabled: false,
      downloads_url: 'https://api.github.com/repos/docker/test-docker-action/downloads',
      events_url: 'https://api.github.com/repos/docker/test-docker-action/events',
      fork: false,
      forks: 1,
      forks_count: 1,
      forks_url: 'https://api.github.com/repos/docker/test-docker-action/forks',
      full_name: 'docker/test-docker-action',
      git_commits_url: 'https://api.github.com/repos/docker/test-docker-action/git/commits{/sha}',
      git_refs_url: 'https://api.github.com/repos/docker/test-docker-action/git/refs{/sha}',
      git_tags_url: 'https://api.github.com/repos/docker/test-docker-action/git/tags{/sha}',
      git_url: 'git://github.com/docker/test-docker-action.git',
      has_downloads: true,
      has_issues: true,
      has_pages: false,
      has_projects: true,
      has_wiki: true,
      homepage: '',
      hooks_url: 'https://api.github.com/repos/docker/test-docker-action/hooks',
      html_url: 'https://github.com/docker/test-docker-action',
      id: 285789493,
      is_template: false,
      issue_comment_url: 'https://api.github.com/repos/docker/test-docker-action/issues/comments{/number}',
      issue_events_url: 'https://api.github.com/repos/docker/test-docker-action/issues/events{/number}',
      issues_url: 'https://api.github.com/repos/docker/test-docker-action/issues{/number}',
      keys_url: 'https://api.github.com/repos/docker/test-docker-action/keys{/key_id}',
      labels_url: 'https://api.github.com/repos/docker/test-docker-action/labels{/name}',
      language: 'JavaScript',
      languages_url: 'https://api.github.com/repos/docker/test-docker-action/languages',
      license: {
        key: 'mit',
        name: 'MIT License',
        node_id: 'MDc6TGljZW5zZTEz',
        spdx_id: 'MIT',
        url: 'https://api.github.com/licenses/mit'
      },
      master_branch: 'master',
      merges_url: 'https://api.github.com/repos/docker/test-docker-action/merges',
      milestones_url: 'https://api.github.com/repos/docker/test-docker-action/milestones{/number}',
      mirror_url: null,
      name: 'test-docker-action',
      node_id: 'MDEwOlJlcG9zaXRvcnkyODU3ODk0OTM=',
      notifications_url: 'https://api.github.com/repos/docker/test-docker-action/notifications{?since,all,participating}',
      open_issues: 6,
      open_issues_count: 6,
      organization: 'docker',
      owner: {
        avatar_url: 'https://avatars.githubusercontent.com/u/5429470?v=4',
        email: 'info@docker.com',
        events_url: 'https://api.github.com/users/docker/events{/privacy}',
        followers_url: 'https://api.github.com/users/docker/followers',
        following_url: 'https://api.github.com/users/docker/following{/other_user}',
        gists_url: 'https://api.github.com/users/docker/gists{/gist_id}',
        gravatar_id: '',
        html_url: 'https://github.com/docker',
        id: 5429470,
        login: 'docker',
        name: 'docker',
        node_id: 'MDEyOk9yZ2FuaXphdGlvbjU0Mjk0NzA=',
        organizations_url: 'https://api.github.com/users/docker/orgs',
        received_events_url: 'https://api.github.com/users/docker/received_events',
        repos_url: 'https://api.github.com/users/docker/repos',
        site_admin: false,
        starred_url: 'https://api.github.com/users/docker/starred{/owner}{/repo}',
        subscriptions_url: 'https://api.github.com/users/docker/subscriptions',
        type: 'Organization',
        url: 'https://api.github.com/users/docker'
      },
      private: true,
      pulls_url: 'https://api.github.com/repos/docker/test-docker-action/pulls{/number}',
      pushed_at: 1650360446,
      releases_url: 'https://api.github.com/repos/docker/test-docker-action/releases{/id}',
      size: 796,
      ssh_url: 'git@github.com:docker/test-docker-action.git',
      stargazers: 0,
      stargazers_count: 0,
      stargazers_url: 'https://api.github.com/repos/docker/test-docker-action/stargazers',
      statuses_url: 'https://api.github.com/repos/docker/test-docker-action/statuses/{sha}',
      subscribers_url: 'https://api.github.com/repos/docker/test-docker-action/subscribers',
      subscription_url: 'https://api.github.com/repos/docker/test-docker-action/subscription',
      svn_url: 'https://github.com/docker/test-docker-action',
      tags_url: 'https://api.github.com/repos/docker/test-docker-action/tags',
      teams_url: 'https://api.github.com/repos/docker/test-docker-action/teams',
      topics: [],
      trees_url: 'https://api.github.com/repos/docker/test-docker-action/git/trees{/sha}',
      updated_at: '2022-04-19T09:05:09Z',
      url: 'https://github.com/docker/test-docker-action',
      visibility: 'private',
      watchers: 0,
      watchers_count: 0
    },
    sender: {
      avatar_url: 'https://avatars.githubusercontent.com/u/1951866?v=4',
      events_url: 'https://api.github.com/users/crazy-max/events{/privacy}',
      followers_url: 'https://api.github.com/users/crazy-max/followers',
      following_url: 'https://api.github.com/users/crazy-max/following{/other_user}',
      gists_url: 'https://api.github.com/users/crazy-max/gists{/gist_id}',
      gravatar_id: '',
      html_url: 'https://github.com/crazy-max',
      id: 1951866,
      login: 'crazy-max',
      node_id: 'MDQ6VXNlcjE5NTE4NjY=',
      organizations_url: 'https://api.github.com/users/crazy-max/orgs',
      received_events_url: 'https://api.github.com/users/crazy-max/received_events',
      repos_url: 'https://api.github.com/users/crazy-max/repos',
      site_admin: false,
      starred_url: 'https://api.github.com/users/crazy-max/starred{/owner}{/repo}',
      subscriptions_url: 'https://api.github.com/users/crazy-max/subscriptions',
      type: 'User',
      url: 'https://api.github.com/users/crazy-max'
    }
  }
 };
 export const getOctokit = jest.fn();
--- a/tests/buildx.test.ts
+++ b/tests/buildx.test.ts
@ -1,147 +0,0 @@
 import {describe, expect, it, jest, test} from '@jest/globals';
 import * as fs from 'fs';
 import * as path from 'path';
 import * as semver from 'semver';
 import * as exec from '@actions/exec';
 import * as buildx from '../src/buildx';
 import * as context from '../src/context';
 const tmpNameSync = path.join('/tmp/.docker-build-push-jest', '.tmpname-jest').split(path.sep).join(path.posix.sep);
 const imageID = 'sha256:bfb45ab72e46908183546477a08f8867fc40cebadd00af54b071b097aed127a9';
 const metadata = `{
  "containerimage.config.digest": "sha256:059b68a595b22564a1cbc167af369349fdc2ecc1f7bc092c2235cbf601a795fd",
  "containerimage.digest": "sha256:b09b9482c72371486bb2c1d2c2a2633ed1d0b8389e12c8d52b9e052725c0c83c"
 }`;
 jest.spyOn(context, 'tmpDir').mockImplementation((): string => {
  const tmpDir = path.join('/tmp/.docker-build-push-jest').split(path.sep).join(path.posix.sep);
  if (!fs.existsSync(tmpDir)) {
    fs.mkdirSync(tmpDir, {recursive: true});
  }
  return tmpDir;
 });
 jest.spyOn(context, 'tmpNameSync').mockImplementation((): string => {
  return tmpNameSync;
 });
 describe('getImageID', () => {
  it('matches', async () => {
    const imageIDFile = await buildx.getImageIDFile();
    await fs.writeFileSync(imageIDFile, imageID);
    const expected = await buildx.getImageID();
    expect(expected).toEqual(imageID);
  });
 });
 describe('getMetadata', () => {
  it('matches', async () => {
    const metadataFile = await buildx.getMetadataFile();
    await fs.writeFileSync(metadataFile, metadata);
    const expected = await buildx.getMetadata();
    expect(expected).toEqual(metadata);
  });
 });
 describe('getDigest', () => {
  it('matches', async () => {
    const metadataFile = await buildx.getMetadataFile();
    await fs.writeFileSync(metadataFile, metadata);
    const expected = await buildx.getDigest(metadata);
    expect(expected).toEqual('sha256:b09b9482c72371486bb2c1d2c2a2633ed1d0b8389e12c8d52b9e052725c0c83c');
  });
 });
 describe('isLocalOrTarExporter', () => {
  test.each([
    [['type=registry,ref=user/app'], false],
    [['type=docker'], false],
    [['type=local,dest=./release-out'], true],
    [['type=tar,dest=/tmp/image.tar'], true],
    [['type=docker', 'type=tar,dest=/tmp/image.tar'], true],
    [['"type=tar","dest=/tmp/image.tar"'], true],
    [['" type= local" , dest=./release-out'], true],
    [['.'], true]
  ])('given %p returns %p', async (outputs: Array<string>, expected: boolean) => {
    expect(buildx.isLocalOrTarExporter(outputs)).toEqual(expected);
  });
 });
 describe('isAvailable', () => {
  const execSpy = jest.spyOn(exec, 'getExecOutput');
  buildx.isAvailable();
  // eslint-disable-next-line jest/no-standalone-expect
  expect(execSpy).toHaveBeenCalledWith(`docker`, ['buildx'], {
    silent: true,
    ignoreReturnCode: true
  });
 });
 describe('isAvailable standalone', () => {
  const execSpy = jest.spyOn(exec, 'getExecOutput');
  buildx.isAvailable(true);
  // eslint-disable-next-line jest/no-standalone-expect
  expect(execSpy).toHaveBeenCalledWith(`buildx`, [], {
    silent: true,
    ignoreReturnCode: true
  });
 });
 describe('getVersion', () => {
  it('valid', async () => {
    const version = await buildx.getVersion();
    expect(semver.valid(version)).not.toBeNull();
  });
 });
 describe('parseVersion', () => {
  test.each([
    ['github.com/docker/buildx 0.4.1+azure bda4882a65349ca359216b135896bddc1d92461c', '0.4.1'],
    ['github.com/docker/buildx v0.4.1 bda4882a65349ca359216b135896bddc1d92461c', '0.4.1'],
    ['github.com/docker/buildx v0.4.2 fb7b670b764764dc4716df3eba07ffdae4cc47b2', '0.4.2'],
    ['github.com/docker/buildx f117971 f11797113e5a9b86bd976329c5dbb8a8bfdfadfa', 'f117971']
  ])('given %p', async (stdout, expected) => {
    expect(buildx.parseVersion(stdout)).toEqual(expected);
  });
 });
 describe('satisfies', () => {
  test.each([
    ['0.4.1', '>=0.3.2', true],
    ['bda4882a65349ca359216b135896bddc1d92461c', '>0.1.0', false],
    ['f117971', '>0.6.0', true]
  ])('given %p', async (version, range, expected) => {
    expect(buildx.satisfies(version, range)).toBe(expected);
  });
 });
 describe('getSecret', () => {
  test.each([
    ['A_SECRET=abcdef0123456789', false, 'A_SECRET', 'abcdef0123456789', false],
    ['GIT_AUTH_TOKEN=abcdefghijklmno=0123456789', false, 'GIT_AUTH_TOKEN', 'abcdefghijklmno=0123456789', false],
    ['MY_KEY=c3RyaW5nLXdpdGgtZXF1YWxzCg==', false, 'MY_KEY', 'c3RyaW5nLXdpdGgtZXF1YWxzCg==', false],
    ['aaaaaaaa', false, '', '', true],
    ['aaaaaaaa=', false, '', '', true],
    ['=bbbbbbb', false, '', '', true],
    [`foo=${path.join(__dirname, 'fixtures', 'secret.txt').split(path.sep).join(path.posix.sep)}`, true, 'foo', 'bar', false],
    [`notfound=secret`, true, '', '', true]
  ])('given %p key and %p secret', async (kvp, file, exKey, exValue, invalid) => {
    try {
      let secret: string;
      if (file) {
        secret = await buildx.getSecretFile(kvp);
      } else {
        secret = await buildx.getSecretString(kvp);
      }
      expect(true).toBe(!invalid);
      expect(secret).toEqual(`id=${exKey},src=${tmpNameSync}`);
      const secretValue = await fs.readFileSync(tmpNameSync, 'utf-8');
      expect(secretValue).toEqual(exValue);
    } catch (err) {
      // eslint-disable-next-line jest/no-conditional-expect
      expect(true).toBe(invalid);
    }
  });
 });
--- a/tests/context.test.ts
+++ b/tests/context.test.ts
@ -1,131 +1,57 @@
-import {beforeEach, describe, expect, it, jest, test} from '@jest/globals';
+import {beforeEach, describe, expect, jest, test} from '@jest/globals';
 import * as fs from 'fs';
 import * as os from 'os';
 import * as path from 'path';
 import {Builder} from '@docker/actions-toolkit/lib/buildx/builder';
 import {Buildx} from '@docker/actions-toolkit/lib/buildx/buildx';
 import {Context} from '@docker/actions-toolkit/lib/context';
 import {Docker} from '@docker/actions-toolkit/lib/docker/docker';
 import {GitHub} from '@docker/actions-toolkit/lib/github';
 import {Toolkit} from '@docker/actions-toolkit/lib/toolkit';
 import {BuilderInfo} from '@docker/actions-toolkit/lib/types/builder';
 import {GitHubRepo} from '@docker/actions-toolkit/lib/types/github';
 import * as context from '../src/context';
-const pgp = `-----BEGIN PGP PRIVATE KEY BLOCK-----
+const tmpDir = path.join('/tmp', '.docker-build-push-jest');
 const tmpName = path.join(tmpDir, '.tmpname-jest');
-lQdGBF6tzaABEACjFbX7PFEG6vDPN2MPyxYW7/3o/sonORj4HXUFjFxxJxktJ3x3
+import repoFixture from './fixtures/github-repo.json';
-N1ayHPJ1lqIeoiY7jVbq0ZdEVGkd3YsKG9ZMdZkzGzY6PQPC/+M8OnzOiOPwUdWc
+jest.spyOn(GitHub.prototype, 'repoData').mockImplementation((): Promise<GitHubRepo> => {
-+Tdhh115LvVz0MMKYiab6Sn9cgxj9On3LCQKpjvMDpPo9Ttf6v2GQIw8h2ACvdzQ
+  return <Promise<GitHubRepo>>(repoFixture as unknown);
 71LtIELS/I+dLbfZiwpUu2fhQT13EJkEnYMOYwM5jNUd66P9itUc7MrOWjkicrKP
 oF1dQaCM+tuKuxvD8WLdiwU5x60NoGkJHHUehKQXl2dVzjpqEqHKEBJt9tfJ9lpE
 YIisgwB8o3pes0fgCehjW2zI95/o9+ayJ6nl4g5+mSvWRXEu66h71nwM0Yuvquk8
 3me7qhYfDrDdCwcxS5BS1hwakTgUQLD99FZjbx1j8sq96I65O0GRdyU2PR8KIjwu
 JrkTH4ZlKxK3FQghUhFoA5GkiDb+eClmRMSni5qg+81T4XChmUkEprA3eWCHL+Ma
 xRNNxLS+r6hH9HG5JBxpV3iaTI9HHpnQKhEeaLXqsUTDZliN9hP7Ywo8bpUB8j2d
 oWYwDV4dPyMKr6Fb8RDCh2q5gJGbVp8w/NmmBTeL+IP2fFggJkRfyumv3Ul7x66L
 tBFQ4rYo4JUUrGweSTneG6REIgxH66hIrNl6Vo/D1ZyknTe1dMOu/BTkkQARAQAB
 /gcDAqra8KO+h3bfyu90vxTL1ro4x/x9il7VBcWlIR4cBP7Imgxv+T4hwPIu8P1x
 lOlxLNWegFOV0idoTy1o3VLLBev/F+IlspX4A+2XEIddR6nZnKFi0Lv2L4TKgE9E
 VJJTszmviDIRLMLN9dWzDfA8hj5tR5Inot92CHRF414AS22JHvlhbFSLQnjqsN+C
 n1cQpNOJhkxsSfZsxjnFa/70y/u8v0o8mzyLZmk9HpzRHGzoz8IfpLp8OTqBR9u6
 zzoKLy16zZO55OKbj7h8uVZvDUq9l8iDICpqWMdZqBJIl56MBexYKgYxh3YO/8v2
 oXli+8Xuaq5QLiCN3yT7IbKoYzplnFfaJwFiMh7R1iPLXaYAZ0qdRijlbtseTK1m
 oHNkwUbxVzjkh4LfE8UpmMwZn5ZjWni3230SoiXuKy0OHkGvwGvWWAL1mEuoYuUI
 mFMcH5MnixP8oQYZKDj2IR/yEeOpdU6B/tr3Tk1NidLf7pUMqG7Ff1NU6dAUeBpa
 9xahITMjHvrhgMISY4IYZep5cEnVw8lQTpUJtW/ePMzrFhu3sA7oNdj9joW/VMfz
 H7MHwwavtICsYqoqV3lnjX4EC9dW6o8PTUg2u956dmtK7KAyUK/+w2aLNGT28ChN
 jhRYHvHzB9Kw5asqI/lTM49eqslBqYQMTTjdBphkYuSZQzNMf291j/ZmoLhD1A1a
 S8tUnNygKV4D1cJYgSXfzhFoU8ib/0SPo+KqQ+CzGS+wxXg6WNBA6wepTjpnVVx3
 4JADP8IJcDC3P0iwAreWjSy15F1cvemFFB0SLNUkyZGzsxtKzbM1+8khl68+eazC
 LzRj0rxfIF5znWjX1QFhKxCk6eF0IWDY0+b3DBkmChME9YDXJ3TthcqA7JgcX4JI
 M4/wdqhgerJYOmj+i2Q0M+Bu02icOJYMwTMMsDVl7XGHkaCuRgZ54eZAUH7JFwUm
 1Ct3tcaqiTMmz0ngHVqBTauzgqKDvzwdVqdfg05H364nJMay/3omR6GayIb5CwSo
 xdNVwG3myPPradT9MP09mDr4ys2zcnQmCkvTVBF6cMZ1Eh6PQQ8CyQWv0zkaBnqj
 JrM1hRpgW4ZlRosSIjCaaJjolN5QDcXBM9TbW9ww+ZYstazN2bV1ZQ7BEjlHQPa1
 BhzMsvqkbETHsIpDNF52gZKn3Q9eIX05BeadzpHUb5/XOheIHVIdhSaTlgl/qQW5
 hQgPGSzSV6KhXEY7aevTdvOgq++WiELkjfz2f2lQFesTjFoQWEvxVDUmLxHtEhaN
 DOuh4H3mX5Opn3pLQmqWVhJTbFdx+g5qQd0NCW4mDaTFWTRLFLZQsSJxDSeg9xrY
 gmaii8NhMZRwquADW+6iU6KfraBhngi7HRz4TfqPr9ma/KUY464cqim1fnwXejyx
 jsb5YHR9R66i+F6P/ysF5w+QuVdDt1fnf9GLay0r6qxpA8ft2vGPcDs4806Huj+7
 Aq5VeJaNkCuh3GR3xVnCFAz/7AtkO6xKuZm8B3q904UuMdSmkhWbaobIuF/B2B6S
 eawIXQHEOplK3ic26d8Ckf4gbjeORfELcMAEi5nGXpTThCdmxQApCLxAYYnTfQT1
 xhlDwT9xPEabo98mIwJJsAU5VsTDYW+qfo4qIx8gYoSKc9Xu3yVh3n+9k43Gcm5V
 9lvK1slijf+TzODZt/jsmkF8mPjXyP5KOI+xQp/m4PxW3pp57YrYj/Rnwga+8DKX
 jMsW7mLAAZ/e+PY6z/s3x1Krfk+Bb5Ph4mI0zjw5weQdtyEToRgveda0GEpvZSBU
 ZXN0ZXIgPGpvZUBmb28uYmFyPokCNgQQAQgAIAUCXq3NoAYLCQcIAwIEFQgKAgQW
 AgEAAhkBAhsDAh4BAAoJEH2FHrctc72gxtQP/AulaClIcn/kDt43mhYnyLglPfbo
 AqPlU26chXolBg0Wo0frFY3aIs5SrcWEf8aR4XLwCFGyi3vya0CUxjghN5tZBYqo
 vswbT00zP3ohxxlJFCRRR9bc7OZXCgTddtfVf6EKrUAzIkbWyAhaJnwJy/1UGpSw
 SEO/KpastrVKf3sv1wqOeFQ4DFyjaNda+xv3dVWS8db7KogqJiPFZXrQK3FKVIxS
 fxRSmKaYN7//d+xwVAEY++RrnL/o8B2kV6N68cCpQWJELyYnJzis9LBcWd/3wiYh
 efTyY+ePKUjcB+kEZnyJfLc7C2hll2e7UJ0fxv+k8vHReRhrNWmGRXsjNRxiw3U0
 hfvxD/C8nyqAbeTHp4XDX78Tc3XCysAqIYboIL+RyewDMjjLj5vzUYAdUdtyNaD7
 C6M2R6pN1GAt52CJmC/Z6F7W7GFGoYOdEkVdMQDsjCwScyEUNlGj9Zagw5M2EgSe
 6gaHgMgTzsMzCc4W6WV5RcS55cfDNOXtxPsMJTt4FmXrjl11prBzpMfpU5a9zxDZ
 oi54ZZ8VPE6jsT4Lzw3sni3c83wm28ArM20AzZ1vh7fk3Sfd0u4Yaz7s9JlEm5+D
 34tEyli28+QjCQc18EfQUiJqiYEJRxJXJ3esvMHfYi45pV/Eh5DgRW1305fUJV/6
 +rGpg0NejsHoZdZPnQdGBF6tzaABEAC4mVXTkVk6Kdfa4r5zlzsoIrR27laUlMkb
 OBMt+aokqS+BEbmTnMg6xIAmcUT5uvGAc8S/WhrPoYfc15fTUyHIz8ZbDoAg0LO6
 0Io4VkAvNJNEnsSV9VdLBh/XYlc4K49JqKyWTL4/FJFAGbsmHY3b+QU90AS6FYRv
 KeBAoiyebrjx0vmzb8E8h3xthVLN+AfMlR1ickY62zvnpkbncSMY/skur1D2KfbF
 3sFprty2pEtjFcyB5+18l2IyyHGOlEUw1PZdOAV4/Myh1EZRgYBPs80lYTJALCVF
 IdOakH33WJCImtNZB0AbDTABG+JtMjQGscOa0qzf1Y/7tlhgCrynBBdaIJTx95TD
 21BUHcHOu5yTIS6Ulysxfkv611+BiOKHgdq7DVGP78VuzA7bCjlP1+vHqIt3cnIa
 t2tEyuZ/XF4uc3/i4g0uP9r7AmtET7Z6SKECWjpVv+UEgLx5Cv+ql+LSKYQMvU9a
 i3B1F9fatn3FSLVYrL4aRxu4TSw9POb0/lgDNmN3lGQOsjGCZPibkHjgPEVxKuiq
 9Oi38/VTQ0ZKAmHwBTq1WTZIrPrCW0/YMQ6yIJZulwQ9Yx1cgzYzEfg04fPXlXMi
 vkvNpKbYIICzqj0/DVztz9wgpW6mnd0A2VX2dqbMM0fJUCHA6pj8AvXY4R+9Q4rj
 eWRK9ycInQARAQAB/gcDApjt7biRO0PEyrrAiUwDMsJL4/CVMu11qUWEPjKe2Grh
 ZTW3N+m3neKPRULu+LUtndUcEdVWUCoDzAJ7MwihZtV5vKST/5Scd2inonOaJqoA
 nS3wnEMN/Sc93HAZiZnFx3NKjQVNCwbuEs45mXkkcjLm2iadrTL8fL4acsu5IsvD
 LbDwVOPeNnHKl6Hr20e39fK0FuJEyH49JM6U3B1/8385sJB8+E24+hvSF81aMddh
 Ne4Bc3ZYiYaKxe1quPNKC0CQhAZiT7LsMfkInXr0hY1I+kISNXEJ1dPYOEWiv0Ze
 jD5Pupn34okKNEeBCx+dK8BmUCi6Jgs7McUA7hN0D/YUS++5fuR55UQq2j8Ui0tS
 P8GDr86upH3PgEL0STh9fYfJ7TesxurwonWjlmmT62Myl4Pr+RmpS6PXOnhtcADm
 eGLpzhTveFj4JBLMpyYHgBTqcs12zfprATOpsI/89kmQoGCZpG6+AbfSHqNNPdy2
 eqUCBhOZlIIda1z/cexmU3f/gBqyflFf8fkvmlO4AvI8aMH3OpgHdWnzh+AB51xj
 kmdD/oWel9v7Dz4HoZUfwFaLZ0fE3P9voD8e+sCwqQwVqRY4L/BOYPD5noVOKgOj
 ABNKu5uKrobj6rFUi6DTUCjFGcmoF1Sc06xFNaagUNggRbmlC/dz22RWdDUYv5ra
 N6TxIDkGC0cK6ujyK0nes3DN0aHjgwWuMXDYkN3UckiebI4Cv/eF9jvUKOSiIcy1
 RtxdazZS4dYg2LBMeJKVkPi5elsNyw2812nEY3du/nEkQYXfYgWOF27OR+g4Y9Yw
 1BiqJ1TTjbQnd/khOCrrbzDH1mw00+1XVsT6wjObuYqqxPPS87UrqmMf6OdoYfPm
 zEOnNLBnsJ5VQM3A3pcT40RfdBrZRO8LjGhzKTreyq3C+jz0RLa5HNE8GgOhGyck
 ME4h+RhXlE8KGM+tTo6PA1NJSrEt+8kZzxjP4rIEn0aVthCkNXK12inuXtnHm0ao
 iLUlQOsfPFEnzl0TUPd7+z7j/wB+XiKU/AyEUuB0mvdxdKtqXvajahOyhLjzHQhz
 ZnNlgANGtiqcSoJmkJ8yAvhrtQX51fQLftxbArRW1RYk/5l+Gy3azR+gUC17M6JN
 jrUYxn0zlAxDGFH7gACHUONwVekcuEffHzgu2lk7MyO1Y+lPnwabqjG0eWWHuU00
 hskJlXyhj7DeR12bwjYkyyjG62GvOH02g3OMvUgNGH+K321Dz539csCh/xwtg7Wt
 U3YAphU7htQ1dPDfk1IRs7DQo2L+ZTE57vmL5m0l6fTataEWBPUXkygfQFUJOM6Q
 yY76UEZww1OSDujNeY171NSTzXCVkUeAdAMXgjaHXWLK2QUQUoXbYX/Kr7Vvt9Fu
 Jh6eGjjp7dSjQ9+DW8CAB8vxd93gsQQGWYjmGu8khkEmx6OdZhmSbDbe915LQTb9
 sPhk2s5/Szsvr5W2JJ2321JI6KXBJMZvPC5jEBWmRzOYkRd2vloft+CSMfXF+Zfd
 nYtc6R3dvb9vcjo+a9wFtfcoDsO0MaPSM+9GB25MamdatmGX6iLOy9Re1UABwUi/
 VhTWNkP5uzqx0sDwHEIa2rYOwxpIZDwwjM3oOASCW1DDBQ0BI9KNjfIeL3ubx2mS
 2x8hFU9qSK4umoDNbzOqGPSlkdbiPcNjF2ZcSN1qQZiYdwLL5dw6APNyBVjxTN1J
 gkCdJ/HwAY+r93Lbl5g8gz8d0vJEyfn//34sn9u+toSTw55GcG9Ks1kSKIeDNh0h
 MiPm3HmJAh8EGAEIAAkFAl6tzaACGwwACgkQfYUety1zvaBV9hAAgliX36pXJ59g
 3I9/4R68e/fGg0FMM6D+01yCeiKApOYRrJ0cYKn7ITDYmHhlGGpBAie90UsqX12h
 hdLP7LoQx7sjTyzQt6JmpA8krIwi2ON7FKBkdYb8IYx4mE/5vKnYT4/SFnwTmnZY
 +m+NzK2U/qmhq8JyO8gozdAKJUcgz49IVv2Ij0tQ4qaPbyPwQxIDyKnT758nJhB1
 jTqo+oWtER8q3okzIlqcArqn5rDaNJx+DRYL4E/IddyHQAiUWUka8usIUqeW5reu
 zoPUE2CCfOJSGArkqHQQqMx0WEzjQTwAPaHrQbera4SbiV/o4CLCV/u5p1Qnig+Q
 iUsakmlD299t//125LIQEa5qzd9hRC7u1uJS7VdW8eGIEcZ0/XT/sr+z23z0kpZH
 D3dXPX0BwM4IP9xu31CNg10x0rKwjbxy8VaskFEelpqpu+gpAnxqMd1evpeUHcOd
 r5RgPgkNFfba9Nbxf7uEX+HOmsOM+kdtSmdGIvsBZjVnW31nnoDMp49jG4OynjrH
 cRuoM9sxdr6UDqb22CZ3/e0YN4UaZM3YDWMVaP/QBVgvIFcdByqNWezpd9T4ZUII
 MZlaV1uRnHg6B/zTzhIdMM80AXz6Uv6kw4S+Lt7HlbrnMT7uKLuvzH7cle0hcIUa
 PejgXO0uIRolYQ3sz2tMGhx1MfBqH64=
 =WbwB
 -----END PGP PRIVATE KEY BLOCK-----`;
 jest.spyOn(context, 'defaultContext').mockImplementation((): string => {
  return 'https://github.com/docker/build-push-action.git#refs/heads/test-jest';
 });
-jest.spyOn(context, 'tmpDir').mockImplementation((): string => {
+jest.spyOn(Context, 'tmpDir').mockImplementation((): string => {
  const tmpDir = path.join('/tmp/.docker-build-push-jest').split(path.sep).join(path.posix.sep);
  if (!fs.existsSync(tmpDir)) {
    fs.mkdirSync(tmpDir, {recursive: true});
  }
  return tmpDir;
 });
-jest.spyOn(context, 'tmpNameSync').mockImplementation((): string => {
+jest.spyOn(Context, 'tmpName').mockImplementation((): string => {
-  return path.join('/tmp/.docker-build-push-jest', '.tmpname-jest').split(path.sep).join(path.posix.sep);
+  return tmpName;
 });
 jest.spyOn(Docker, 'isAvailable').mockImplementation(async (): Promise<boolean> => {
  return true;
 });
 jest.spyOn(Builder.prototype, 'inspect').mockImplementation(async (): Promise<BuilderInfo> => {
  return {
    name: 'builder2',
    driver: 'docker-container',
    lastActivity: new Date('2023-01-16 09:45:23 +0000 UTC'),
    nodes: [
      {
        buildkit: 'v0.11.0',
        'buildkitd-flags': '--debug --allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host',
        'driver-opts': ['BUILDKIT_STEP_LOG_MAX_SIZE=10485760', 'BUILDKIT_STEP_LOG_MAX_SPEED=10485760', 'JAEGER_TRACE=localhost:6831', 'image=moby/buildkit:latest', 'network=host'],
        endpoint: 'unix:///var/run/docker.sock',
        name: 'builder20',
        platforms: 'linux/amd64,linux/amd64/v2,linux/amd64/v3,linux/arm64,linux/riscv64,linux/ppc64le,linux/s390x,linux/386,linux/mips64le,linux/mips64,linux/arm/v7,linux/arm/v6',
        status: 'running'
      }
    ]
  };
 });
 describe('getArgs', () => {
@ -152,7 +78,7 @@ describe('getArgs', () => {
      ]),
      [
        'build',
-        '--iidfile', '/tmp/.docker-build-push-jest/iidfile',
+        '--iidfile', path.join(tmpDir, 'iidfile'),
        '.'
      ]
    ],
@ -160,7 +86,11 @@ describe('getArgs', () => {
      1,
      '0.4.2',
      new Map<string, string>([
-        ['build-args', 'MY_ARG=val1,val2,val3\nARG=val'],
+        ['build-args', `MY_ARG=val1,val2,val3
 ARG=val
 "MULTILINE=aaaa
 bbbb
 ccc"`],
        ['load', 'false'],
        ['no-cache', 'false'],
        ['push', 'false'],
@ -170,8 +100,9 @@ describe('getArgs', () => {
        'build',
        '--build-arg', 'MY_ARG=val1,val2,val3',
        '--build-arg', 'ARG=val',
-        '--iidfile', '/tmp/.docker-build-push-jest/iidfile',
+        '--build-arg', `MULTILINE=aaaa\nbbbb\nccc`,
-        'https://github.com/docker/build-push-action.git#refs/heads/test-jest'
+        '--iidfile', path.join(tmpDir, 'iidfile'),
        'https://github.com/docker/build-push-action.git#refs/heads/master'
      ]
    ],
    [
@ -186,10 +117,10 @@ describe('getArgs', () => {
      ]),
      [
        'build',
-        '--iidfile', '/tmp/.docker-build-push-jest/iidfile',
+        '--iidfile', path.join(tmpDir, 'iidfile'),
        '--tag', 'name/app:7.4',
        '--tag', 'name/app:latest',
-        'https://github.com/docker/build-push-action.git#refs/heads/test-jest'
+        'https://github.com/docker/build-push-action.git#refs/heads/master'
      ]
    ],
    [
@ -241,7 +172,7 @@ describe('getArgs', () => {
      ]),
      [
        'build',
-        '--iidfile', '/tmp/.docker-build-push-jest/iidfile',
+        '--iidfile', path.join(tmpDir, 'iidfile'),
        '.'
      ]
    ],
@ -258,8 +189,8 @@ describe('getArgs', () => {
      ]),
      [
        'build',
-        '--iidfile', '/tmp/.docker-build-push-jest/iidfile',
+        '--iidfile', path.join(tmpDir, 'iidfile'),
-        '--secret', 'id=GIT_AUTH_TOKEN,src=/tmp/.docker-build-push-jest/.tmpname-jest',
+        '--secret', `id=GIT_AUTH_TOKEN,src=${tmpName}`,
        '.'
      ]
    ],
@ -277,8 +208,8 @@ describe('getArgs', () => {
      [
        'build',
        '--output', '.',
-        '--secret', 'id=GIT_AUTH_TOKEN,src=/tmp/.docker-build-push-jest/.tmpname-jest',
+        '--secret', `id=GIT_AUTH_TOKEN,src=${tmpName}`,
-        'https://github.com/docker/build-push-action.git#refs/heads/test-jest'
+        'https://github.com/docker/build-push-action.git#refs/heads/master'
      ]
    ],
    [
@ -299,9 +230,9 @@ describe('getArgs', () => {
      [
        'build',
        '--file', './test/Dockerfile',
-        '--iidfile', '/tmp/.docker-build-push-jest/iidfile',
+        '--iidfile', path.join(tmpDir, 'iidfile'),
        '--platform', 'linux/amd64,linux/arm64',
-        '--secret', 'id=GIT_AUTH_TOKEN,src=/tmp/.docker-build-push-jest/.tmpname-jest',
+        '--secret', `id=GIT_AUTH_TOKEN,src=${tmpName}`,
        '--builder', 'builder-git-context-2',
        '--push',
        'https://github.com/docker/build-push-action.git#refs/heads/master'
@ -333,12 +264,12 @@ ccc"`],
      [
        'build',
        '--file', './test/Dockerfile',
-        '--iidfile', '/tmp/.docker-build-push-jest/iidfile',
+        '--iidfile', path.join(tmpDir, 'iidfile'),
        '--platform', 'linux/amd64,linux/arm64',
-        '--secret', 'id=GIT_AUTH_TOKEN,src=/tmp/.docker-build-push-jest/.tmpname-jest',
+        '--secret', `id=GIT_AUTH_TOKEN,src=${tmpName}`,
-        '--secret', 'id=MYSECRET,src=/tmp/.docker-build-push-jest/.tmpname-jest',
+        '--secret', `id=MYSECRET,src=${tmpName}`,
-        '--secret', 'id=FOO,src=/tmp/.docker-build-push-jest/.tmpname-jest',
+        '--secret', `id=FOO,src=${tmpName}`,
-        '--secret', 'id=EMPTYLINE,src=/tmp/.docker-build-push-jest/.tmpname-jest',
+        '--secret', `id=EMPTYLINE,src=${tmpName}`,
        '--builder', 'builder-git-context-2',
        '--push',
        'https://github.com/docker/build-push-action.git#refs/heads/master'
@ -370,12 +301,12 @@ ccc`],
      [
        'build',
        '--file', './test/Dockerfile',
-        '--iidfile', '/tmp/.docker-build-push-jest/iidfile',
+        '--iidfile', path.join(tmpDir, 'iidfile'),
        '--platform', 'linux/amd64,linux/arm64',
-        '--secret', 'id=GIT_AUTH_TOKEN,src=/tmp/.docker-build-push-jest/.tmpname-jest',
+        '--secret', `id=GIT_AUTH_TOKEN,src=${tmpName}`,
-        '--secret', 'id=MYSECRET,src=/tmp/.docker-build-push-jest/.tmpname-jest',
+        '--secret', `id=MYSECRET,src=${tmpName}`,
-        '--secret', 'id=FOO,src=/tmp/.docker-build-push-jest/.tmpname-jest',
+        '--secret', `id=FOO,src=${tmpName}`,
-        '--secret', 'id=EMPTYLINE,src=/tmp/.docker-build-push-jest/.tmpname-jest',
+        '--secret', `id=EMPTYLINE,src=${tmpName}`,
        '--builder', 'builder-git-context-2',
        '--push',
        'https://github.com/docker/build-push-action.git#refs/heads/master'
@ -387,7 +318,7 @@ ccc`],
      new Map<string, string>([
        ['context', 'https://github.com/docker/build-push-action.git#refs/heads/master'],
        ['tag', 'localhost:5000/name/app:latest'],
-        ['secret-files', `MY_SECRET=${path.join(__dirname, 'fixtures', 'secret.txt').split(path.sep).join(path.posix.sep)}`],
+        ['secret-files', `MY_SECRET=${path.join(__dirname, 'fixtures', 'secret.txt')}`],
        ['file', './test/Dockerfile'],
        ['builder', 'builder-git-context-2'],
        ['network', 'host'],
@ -399,8 +330,8 @@ ccc`],
      [
        'build',
        '--file', './test/Dockerfile',
-        '--iidfile', '/tmp/.docker-build-push-jest/iidfile',
+        '--iidfile', path.join(tmpDir, 'iidfile'),
-        '--secret', 'id=MY_SECRET,src=/tmp/.docker-build-push-jest/.tmpname-jest',
+        '--secret', `id=MY_SECRET,src=${tmpName}`,
        '--builder', 'builder-git-context-2',
        '--network', 'host',
        '--push',
@ -446,8 +377,8 @@ ccc`],
        '--add-host', 'docker:10.180.0.1',
        '--add-host', 'foo:10.0.0.1',
        '--file', './test/Dockerfile',
-        '--iidfile', '/tmp/.docker-build-push-jest/iidfile',
+        '--iidfile', path.join(tmpDir, 'iidfile'),
-        '--metadata-file', '/tmp/.docker-build-push-jest/metadata-file',
+        '--metadata-file', path.join(tmpDir, 'metadata-file'),
        '--network', 'host',
        '--push',
        '.'
@ -475,11 +406,11 @@ nproc=3`],
        '--add-host', 'foo:10.0.0.1',
        '--cgroup-parent', 'foo',
        '--file', './test/Dockerfile',
-        '--iidfile', '/tmp/.docker-build-push-jest/iidfile',
+        '--iidfile', path.join(tmpDir, 'iidfile'),
        '--shm-size', '2g',
        '--ulimit', 'nofile=1024:1024',
        '--ulimit', 'nproc=3',
-        '--metadata-file', '/tmp/.docker-build-push-jest/metadata-file',
+        '--metadata-file', path.join(tmpDir, 'metadata-file'),
        '.'
      ]
    ],
@ -495,206 +426,303 @@ nproc=3`],
      ]),
      [
        'build',
-        '--iidfile', '/tmp/.docker-build-push-jest/iidfile',
+        '--iidfile', path.join(tmpDir, 'iidfile'),
-        '--metadata-file', '/tmp/.docker-build-push-jest/metadata-file',
+        '--metadata-file', path.join(tmpDir, 'metadata-file'),
-        'https://github.com/docker/build-push-action.git#refs/heads/test-jest:docker'
+        'https://github.com/docker/build-push-action.git#refs/heads/master:docker'
      ]
    ],
    [
      16,
      '0.8.2',
      new Map<string, string>([
        ['github-token', 'abcdefghijklmno0123456789'],
        ['context', '{{defaultContext}}:subdir'],
        ['load', 'false'],
        ['no-cache', 'false'],
        ['push', 'false'],
        ['pull', 'false'],
      ]),
      [
        'build',
        '--iidfile', path.join(tmpDir, 'iidfile'),
        '--secret', `id=GIT_AUTH_TOKEN,src=${tmpName}`,
        '--metadata-file', path.join(tmpDir, 'metadata-file'),
        'https://github.com/docker/build-push-action.git#refs/heads/master:subdir'
      ]
    ],
    [
      17,
      '0.8.2',
      new Map<string, string>([
        ['context', '.'],
        ['load', 'false'],
        ['no-cache', 'false'],
        ['push', 'false'],
        ['pull', 'false'],
        ['provenance', 'true'],
      ]),
      [
        'build',
        '--iidfile', path.join(tmpDir, 'iidfile'),
        '--metadata-file', path.join(tmpDir, 'metadata-file'),
        '.'
      ]
    ],
    [
      18,
      '0.10.0',
      new Map<string, string>([
        ['context', '.'],
        ['load', 'false'],
        ['no-cache', 'false'],
        ['push', 'false'],
        ['pull', 'false'],
      ]),
      [
        'build',
        '--iidfile', path.join(tmpDir, 'iidfile'),
        "--provenance", `mode=min,inline-only=true,builder-id=https://github.com/docker/build-push-action/actions/runs/123456789`,
        '--metadata-file', path.join(tmpDir, 'metadata-file'),
        '.'
      ]
    ],
    [
      19,
      '0.10.0',
      new Map<string, string>([
        ['context', '.'],
        ['load', 'false'],
        ['no-cache', 'false'],
        ['push', 'false'],
        ['pull', 'false'],
        ['provenance', 'true'],
      ]),
      [
        'build',
        '--iidfile', path.join(tmpDir, 'iidfile'),
        "--provenance", `builder-id=https://github.com/docker/build-push-action/actions/runs/123456789`,
        '--metadata-file', path.join(tmpDir, 'metadata-file'),
        '.'
      ]
    ],
    [
      20,
      '0.10.0',
      new Map<string, string>([
        ['context', '.'],
        ['load', 'false'],
        ['no-cache', 'false'],
        ['push', 'false'],
        ['pull', 'false'],
        ['provenance', 'mode=max'],
      ]),
      [
        'build',
        '--iidfile', path.join(tmpDir, 'iidfile'),
        "--provenance", `mode=max,builder-id=https://github.com/docker/build-push-action/actions/runs/123456789`,
        '--metadata-file', path.join(tmpDir, 'metadata-file'),
        '.'
      ]
    ],
    [
      21,
      '0.10.0',
      new Map<string, string>([
        ['context', '.'],
        ['load', 'false'],
        ['no-cache', 'false'],
        ['push', 'false'],
        ['pull', 'false'],
        ['provenance', 'false'],
      ]),
      [
        'build',
        '--iidfile', path.join(tmpDir, 'iidfile'),
        "--provenance", 'false',
        '--metadata-file', path.join(tmpDir, 'metadata-file'),
        '.'
      ]
    ],
    [
      22,
      '0.10.0',
      new Map<string, string>([
        ['context', '.'],
        ['load', 'false'],
        ['no-cache', 'false'],
        ['push', 'false'],
        ['pull', 'false'],
        ['provenance', 'builder-id=foo'],
      ]),
      [
        'build',
        '--iidfile', path.join(tmpDir, 'iidfile'),
        "--provenance", 'builder-id=foo',
        '--metadata-file', path.join(tmpDir, 'metadata-file'),
        '.'
      ]
    ],
    [
      23,
      '0.10.0',
      new Map<string, string>([
        ['context', '.'],
        ['load', 'false'],
        ['no-cache', 'false'],
        ['push', 'false'],
        ['pull', 'false'],
        ['outputs', 'type=docker'],
      ]),
      [
        'build',
        '--iidfile', path.join(tmpDir, 'iidfile'),
        "--output", 'type=docker',
        '--metadata-file', path.join(tmpDir, 'metadata-file'),
        '.'
      ]
    ],
    [
      24,
      '0.10.0',
      new Map<string, string>([
        ['context', '.'],
        ['load', 'true'],
        ['no-cache', 'false'],
        ['push', 'false'],
        ['pull', 'false'],
      ]),
      [
        'build',
        '--iidfile', path.join(tmpDir, 'iidfile'),
        '--load',
        '--metadata-file', path.join(tmpDir, 'metadata-file'),
        '.'
      ]
    ],
    [
      25,
      '0.10.0',
      new Map<string, string>([
        ['context', '.'],
        ['build-args', `FOO=bar#baz`],
        ['load', 'true'],
        ['no-cache', 'false'],
        ['push', 'false'],
        ['pull', 'false'],
      ]),
      [
        'build',
        '--build-arg', 'FOO=bar#baz',
        '--iidfile', path.join(tmpDir, 'iidfile'),
        '--load',
        '--metadata-file', path.join(tmpDir, 'metadata-file'),
        '.'
      ]
    ],
    [
      25,
      '0.10.0',
      new Map<string, string>([
        ['context', '.'],
        ['no-cache', 'false'],
        ['load', 'true'],
        ['push', 'false'],
        ['pull', 'false'],
        ['secret-envs', `MY_SECRET=MY_SECRET_ENV
 ANOTHER_SECRET=ANOTHER_SECRET_ENV`]
      ]),
      [
        'build',
        '--secret', 'id=MY_SECRET,env=MY_SECRET_ENV',
        '--secret', 'id=ANOTHER_SECRET,env=ANOTHER_SECRET_ENV',
        '--iidfile', path.join(tmpDir, 'iidfile'),
        '--load',
        '--metadata-file', path.join(tmpDir, 'metadata-file'),
        '.'
      ]
    ],
    [
      26,
      '0.10.0',
      new Map<string, string>([
        ['context', '.'],
        ['no-cache', 'false'],
        ['load', 'true'],
        ['push', 'false'],
        ['pull', 'false'],
        ['secret-envs', 'MY_SECRET=MY_SECRET_ENV,ANOTHER_SECRET=ANOTHER_SECRET_ENV']
      ]),
      [
        'build',
        '--secret', 'id=MY_SECRET,env=MY_SECRET_ENV',
        '--secret', 'id=ANOTHER_SECRET,env=ANOTHER_SECRET_ENV',
        '--iidfile', path.join(tmpDir, 'iidfile'),
        '--load',
        '--metadata-file', path.join(tmpDir, 'metadata-file'),
        '.'
      ]
    ],
    [
      27,
      '0.11.0',
      new Map<string, string>([
        ['context', '.'],
        ['annotations', 'example1=www\nindex:example2=xxx\nmanifest:example3=yyy\nmanifest-descriptor[linux/amd64]:example4=zzz'],
        ['outputs', 'type=local,dest=./release-out'],
        ['load', 'false'],
        ['no-cache', 'false'],
        ['push', 'false'],
        ['pull', 'false'],
      ]),
      [
        'build',
        '--output', 'type=local,dest=./release-out',
        "--provenance", `mode=min,inline-only=true,builder-id=https://github.com/docker/build-push-action/actions/runs/123456789`,
        '--metadata-file', path.join(tmpDir, 'metadata-file'),
        '.'
      ]
    ],
    [
      28,
      '0.12.0',
      new Map<string, string>([
        ['context', '.'],
        ['annotations', 'example1=www\nindex:example2=xxx\nmanifest:example3=yyy\nmanifest-descriptor[linux/amd64]:example4=zzz'],
        ['outputs', 'type=local,dest=./release-out'],
        ['load', 'false'],
        ['no-cache', 'false'],
        ['push', 'false'],
        ['pull', 'false'],
      ]),
      [
        'build',
        '--annotation', 'example1=www',
        '--annotation', 'index:example2=xxx',
        '--annotation', 'manifest:example3=yyy',
        '--annotation', 'manifest-descriptor[linux/amd64]:example4=zzz',
        '--output', 'type=local,dest=./release-out',
        "--provenance", `mode=min,inline-only=true,builder-id=https://github.com/docker/build-push-action/actions/runs/123456789`,
        '--metadata-file', path.join(tmpDir, 'metadata-file'),
        '.'
      ]
    ]
  ])(
    '[%d] given %p with %p as inputs, returns %p',
    async (num: number, buildxVersion: string, inputs: Map<string, string>, expected: Array<string>) => {
      inputs.forEach((value: string, name: string) => {
        setInput(name, value);
      });
-      const defContext = context.defaultContext();
+      const toolkit = new Toolkit();
-      const inp = await context.getInputs(defContext);
+      jest.spyOn(Buildx.prototype, 'version').mockImplementation(async (): Promise<string> => {
-      const res = await context.getArgs(inp, defContext, buildxVersion);
+        return buildxVersion;
      });
      const inp = await context.getInputs();
      const res = await context.getArgs(inp, toolkit);
      expect(res).toEqual(expected);
    }
  );
 });
 describe('getInputList', () => {
  it('single line correctly', async () => {
    await setInput('foo', 'bar');
    const res = await context.getInputList('foo');
    expect(res).toEqual(['bar']);
  });
  it('multiline correctly', async () => {
    setInput('foo', 'bar\nbaz');
    const res = await context.getInputList('foo');
    expect(res).toEqual(['bar', 'baz']);
  });
  it('empty lines correctly', async () => {
    setInput('foo', 'bar\n\nbaz');
    const res = await context.getInputList('foo');
    expect(res).toEqual(['bar', 'baz']);
  });
  it('comma correctly', async () => {
    setInput('foo', 'bar,baz');
    const res = await context.getInputList('foo');
    expect(res).toEqual(['bar', 'baz']);
  });
  it('empty result correctly', async () => {
    setInput('foo', 'bar,baz,');
    const res = await context.getInputList('foo');
    expect(res).toEqual(['bar', 'baz']);
  });
  it('different new lines correctly', async () => {
    setInput('foo', 'bar\r\nbaz');
    const res = await context.getInputList('foo');
    expect(res).toEqual(['bar', 'baz']);
  });
  it('different new lines and comma correctly', async () => {
    setInput('foo', 'bar\r\nbaz,bat');
    const res = await context.getInputList('foo');
    expect(res).toEqual(['bar', 'baz', 'bat']);
  });
  it('multiline and ignoring comma correctly', async () => {
    setInput('cache-from', 'user/app:cache\ntype=local,src=path/to/dir');
    const res = await context.getInputList('cache-from', true);
    expect(res).toEqual(['user/app:cache', 'type=local,src=path/to/dir']);
  });
  it('different new lines and ignoring comma correctly', async () => {
    setInput('cache-from', 'user/app:cache\r\ntype=local,src=path/to/dir');
    const res = await context.getInputList('cache-from', true);
    expect(res).toEqual(['user/app:cache', 'type=local,src=path/to/dir']);
  });
  it('multiline values', async () => {
    setInput(
      'secrets',
      `GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789
 "MYSECRET=aaaaaaaa
 bbbbbbb
 ccccccccc"
 FOO=bar`
    );
    const res = await context.getInputList('secrets', true);
    expect(res).toEqual([
      'GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789',
      `MYSECRET=aaaaaaaa
 bbbbbbb
 ccccccccc`,
      'FOO=bar'
    ]);
  });
  it('multiline values with empty lines', async () => {
    setInput(
      'secrets',
      `GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789
 "MYSECRET=aaaaaaaa
 bbbbbbb
 ccccccccc"
 FOO=bar
 "EMPTYLINE=aaaa
 bbbb
 ccc"`
    );
    const res = await context.getInputList('secrets', true);
    expect(res).toEqual([
      'GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789',
      `MYSECRET=aaaaaaaa
 bbbbbbb
 ccccccccc`,
      'FOO=bar',
      `EMPTYLINE=aaaa
 bbbb
 ccc`
    ]);
  });
  it('multiline values without quotes', async () => {
    setInput(
      'secrets',
      `GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789
 MYSECRET=aaaaaaaa
 bbbbbbb
 ccccccccc
 FOO=bar`
    );
    const res = await context.getInputList('secrets', true);
    expect(res).toEqual(['GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789', 'MYSECRET=aaaaaaaa', 'bbbbbbb', 'ccccccccc', 'FOO=bar']);
  });
  it('large multiline values', async () => {
    setInput(
      'secrets',
      `"GPG_KEY=${pgp}"
 FOO=bar`
    );
    const res = await context.getInputList('secrets', true);
    expect(res).toEqual([`GPG_KEY=${pgp}`, 'FOO=bar']);
  });
  it('multiline values escape quotes', async () => {
    setInput(
      'secrets',
      `GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789
 "MYSECRET=aaaaaaaa
 bbbb""bbb
 ccccccccc"
 FOO=bar`
    );
    const res = await context.getInputList('secrets', true);
    expect(res).toEqual([
      'GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789',
      `MYSECRET=aaaaaaaa
 bbbb"bbb
 ccccccccc`,
      'FOO=bar'
    ]);
  });
 });
 describe('asyncForEach', () => {
  it('executes async tasks sequentially', async () => {
    const testValues = [1, 2, 3, 4, 5];
    const results: number[] = [];
    await context.asyncForEach(testValues, async value => {
      results.push(value);
    });
    expect(results).toEqual(testValues);
  });
 });
 describe('setOutput', () => {
  beforeEach(() => {
    process.stdout.write = jest.fn() as typeof process.stdout.write;
  });
  // eslint-disable-next-line jest/expect-expect
  it('setOutput produces the correct command', () => {
    context.setOutput('some output', 'some value');
    assertWriteCalls([`::set-output name=some output::some value${os.EOL}`]);
  });
  // eslint-disable-next-line jest/expect-expect
  it('setOutput handles bools', () => {
    context.setOutput('some output', false);
    assertWriteCalls([`::set-output name=some output::false${os.EOL}`]);
  });
  // eslint-disable-next-line jest/expect-expect
  it('setOutput handles numbers', () => {
    context.setOutput('some output', 1.01);
    assertWriteCalls([`::set-output name=some output::1.01${os.EOL}`]);
  });
 });
 // See: https://github.com/actions/toolkit/blob/a1b068ec31a042ff1e10a522d8fdf0b8869d53ca/packages/core/src/core.ts#L89
 function getInputName(name: string): string {
  return `INPUT_${name.replace(/ /g, '_').toUpperCase()}`;
@ -703,11 +731,3 @@ function getInputName(name: string): string {
 function setInput(name: string, value: string): void {
  process.env[getInputName(name)] = value;
 }
 // Assert that process.stdout.write calls called only with the given arguments.
 function assertWriteCalls(calls: string[]): void {
  expect(process.stdout.write).toHaveBeenCalledTimes(calls.length);
  for (let i = 0; i < calls.length; i++) {
    expect(process.stdout.write).toHaveBeenNthCalledWith(i + 1, calls[i]);
  }
 }
--- a/tests/docker.test.ts
+++ b/tests/docker.test.ts
@ -1,16 +0,0 @@
 import {describe, expect, it, jest} from '@jest/globals';
 import * as docker from '../src/docker';
 import * as exec from '@actions/exec';
 describe('isAvailable', () => {
  it('cli', () => {
    const execSpy = jest.spyOn(exec, 'getExecOutput');
    docker.isAvailable();
    // eslint-disable-next-line jest/no-standalone-expect
    expect(execSpy).toHaveBeenCalledWith(`docker`, undefined, {
      silent: true,
      ignoreReturnCode: true
    });
  });
 });
--- a/tests/fixtures/github-repo.json
+++ b/tests/fixtures/github-repo.json
@ -0,0 +1,362 @@
 {
  "id": 1296269,
  "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
  "name": "Hello-World",
  "full_name": "octocat/Hello-World",
  "owner": {
    "login": "octocat",
    "id": 1,
    "node_id": "MDQ6VXNlcjE=",
    "avatar_url": "https://github.com/images/error/octocat_happy.gif",
    "gravatar_id": "",
    "url": "https://api.github.com/users/octocat",
    "html_url": "https://github.com/octocat",
    "followers_url": "https://api.github.com/users/octocat/followers",
    "following_url": "https://api.github.com/users/octocat/following{/other_user}",
    "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
    "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
    "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
    "organizations_url": "https://api.github.com/users/octocat/orgs",
    "repos_url": "https://api.github.com/users/octocat/repos",
    "events_url": "https://api.github.com/users/octocat/events{/privacy}",
    "received_events_url": "https://api.github.com/users/octocat/received_events",
    "type": "User",
    "site_admin": false
  },
  "private": false,
  "html_url": "https://github.com/octocat/Hello-World",
  "description": "This your first repo!",
  "fork": false,
  "url": "https://api.github.com/repos/octocat/Hello-World",
  "archive_url": "http://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}",
  "assignees_url": "http://api.github.com/repos/octocat/Hello-World/assignees{/user}",
  "blobs_url": "http://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}",
  "branches_url": "http://api.github.com/repos/octocat/Hello-World/branches{/branch}",
  "collaborators_url": "http://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}",
  "comments_url": "http://api.github.com/repos/octocat/Hello-World/comments{/number}",
  "commits_url": "http://api.github.com/repos/octocat/Hello-World/commits{/sha}",
  "compare_url": "http://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}",
  "contents_url": "http://api.github.com/repos/octocat/Hello-World/contents/{+path}",
  "contributors_url": "http://api.github.com/repos/octocat/Hello-World/contributors",
  "deployments_url": "http://api.github.com/repos/octocat/Hello-World/deployments",
  "downloads_url": "http://api.github.com/repos/octocat/Hello-World/downloads",
  "events_url": "http://api.github.com/repos/octocat/Hello-World/events",
  "forks_url": "http://api.github.com/repos/octocat/Hello-World/forks",
  "git_commits_url": "http://api.github.com/repos/octocat/Hello-World/git/commits{/sha}",
  "git_refs_url": "http://api.github.com/repos/octocat/Hello-World/git/refs{/sha}",
  "git_tags_url": "http://api.github.com/repos/octocat/Hello-World/git/tags{/sha}",
  "git_url": "git:github.com/octocat/Hello-World.git",
  "issue_comment_url": "http://api.github.com/repos/octocat/Hello-World/issues/comments{/number}",
  "issue_events_url": "http://api.github.com/repos/octocat/Hello-World/issues/events{/number}",
  "issues_url": "http://api.github.com/repos/octocat/Hello-World/issues{/number}",
  "keys_url": "http://api.github.com/repos/octocat/Hello-World/keys{/key_id}",
  "labels_url": "http://api.github.com/repos/octocat/Hello-World/labels{/name}",
  "languages_url": "http://api.github.com/repos/octocat/Hello-World/languages",
  "merges_url": "http://api.github.com/repos/octocat/Hello-World/merges",
  "milestones_url": "http://api.github.com/repos/octocat/Hello-World/milestones{/number}",
  "notifications_url": "http://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}",
  "pulls_url": "http://api.github.com/repos/octocat/Hello-World/pulls{/number}",
  "releases_url": "http://api.github.com/repos/octocat/Hello-World/releases{/id}",
  "ssh_url": "git@github.com:octocat/Hello-World.git",
  "stargazers_url": "http://api.github.com/repos/octocat/Hello-World/stargazers",
  "statuses_url": "http://api.github.com/repos/octocat/Hello-World/statuses/{sha}",
  "subscribers_url": "http://api.github.com/repos/octocat/Hello-World/subscribers",
  "subscription_url": "http://api.github.com/repos/octocat/Hello-World/subscription",
  "tags_url": "http://api.github.com/repos/octocat/Hello-World/tags",
  "teams_url": "http://api.github.com/repos/octocat/Hello-World/teams",
  "trees_url": "http://api.github.com/repos/octocat/Hello-World/git/trees{/sha}",
  "clone_url": "https://github.com/octocat/Hello-World.git",
  "mirror_url": "git:git.example.com/octocat/Hello-World",
  "hooks_url": "http://api.github.com/repos/octocat/Hello-World/hooks",
  "svn_url": "https://svn.github.com/octocat/Hello-World",
  "homepage": "https://github.com",
  "language": null,
  "forks_count": 9,
  "stargazers_count": 80,
  "watchers_count": 80,
  "size": 108,
  "default_branch": "master",
  "open_issues_count": 0,
  "is_template": true,
  "topics": [
    "octocat",
    "atom",
    "electron",
    "api"
  ],
  "has_issues": true,
  "has_projects": true,
  "has_wiki": true,
  "has_pages": false,
  "has_downloads": true,
  "archived": false,
  "disabled": false,
  "visibility": "public",
  "pushed_at": "2011-01-26T19:06:43Z",
  "created_at": "2011-01-26T19:01:12Z",
  "updated_at": "2011-01-26T19:14:43Z",
  "permissions": {
    "pull": true,
    "triage": true,
    "push": false,
    "maintain": false,
    "admin": false
  },
  "allow_rebase_merge": true,
  "template_repository": null,
  "temp_clone_token": "ABTLWHOULUVAXGTRYU7OC2876QJ2O",
  "allow_squash_merge": true,
  "delete_branch_on_merge": true,
  "allow_merge_commit": true,
  "subscribers_count": 42,
  "network_count": 0,
  "license": {
    "key": "mit",
    "name": "MIT License",
    "spdx_id": "MIT",
    "url": "https://api.github.com/licenses/mit",
    "node_id": "MDc6TGljZW5zZW1pdA=="
  },
  "organization": {
    "login": "octocat",
    "id": 1,
    "node_id": "MDQ6VXNlcjE=",
    "avatar_url": "https://github.com/images/error/octocat_happy.gif",
    "gravatar_id": "",
    "url": "https://api.github.com/users/octocat",
    "html_url": "https://github.com/octocat",
    "followers_url": "https://api.github.com/users/octocat/followers",
    "following_url": "https://api.github.com/users/octocat/following{/other_user}",
    "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
    "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
    "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
    "organizations_url": "https://api.github.com/users/octocat/orgs",
    "repos_url": "https://api.github.com/users/octocat/repos",
    "events_url": "https://api.github.com/users/octocat/events{/privacy}",
    "received_events_url": "https://api.github.com/users/octocat/received_events",
    "type": "Organization",
    "site_admin": false
  },
  "parent": {
    "id": 1296269,
    "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
    "name": "Hello-World",
    "full_name": "octocat/Hello-World",
    "owner": {
      "login": "octocat",
      "id": 1,
      "node_id": "MDQ6VXNlcjE=",
      "avatar_url": "https://github.com/images/error/octocat_happy.gif",
      "gravatar_id": "",
      "url": "https://api.github.com/users/octocat",
      "html_url": "https://github.com/octocat",
      "followers_url": "https://api.github.com/users/octocat/followers",
      "following_url": "https://api.github.com/users/octocat/following{/other_user}",
      "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
      "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
      "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
      "organizations_url": "https://api.github.com/users/octocat/orgs",
      "repos_url": "https://api.github.com/users/octocat/repos",
      "events_url": "https://api.github.com/users/octocat/events{/privacy}",
      "received_events_url": "https://api.github.com/users/octocat/received_events",
      "type": "User",
      "site_admin": false
    },
    "private": false,
    "html_url": "https://github.com/octocat/Hello-World",
    "description": "This your first repo!",
    "fork": false,
    "url": "https://api.github.com/repos/octocat/Hello-World",
    "archive_url": "http://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}",
    "assignees_url": "http://api.github.com/repos/octocat/Hello-World/assignees{/user}",
    "blobs_url": "http://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}",
    "branches_url": "http://api.github.com/repos/octocat/Hello-World/branches{/branch}",
    "collaborators_url": "http://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}",
    "comments_url": "http://api.github.com/repos/octocat/Hello-World/comments{/number}",
    "commits_url": "http://api.github.com/repos/octocat/Hello-World/commits{/sha}",
    "compare_url": "http://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}",
    "contents_url": "http://api.github.com/repos/octocat/Hello-World/contents/{+path}",
    "contributors_url": "http://api.github.com/repos/octocat/Hello-World/contributors",
    "deployments_url": "http://api.github.com/repos/octocat/Hello-World/deployments",
    "downloads_url": "http://api.github.com/repos/octocat/Hello-World/downloads",
    "events_url": "http://api.github.com/repos/octocat/Hello-World/events",
    "forks_url": "http://api.github.com/repos/octocat/Hello-World/forks",
    "git_commits_url": "http://api.github.com/repos/octocat/Hello-World/git/commits{/sha}",
    "git_refs_url": "http://api.github.com/repos/octocat/Hello-World/git/refs{/sha}",
    "git_tags_url": "http://api.github.com/repos/octocat/Hello-World/git/tags{/sha}",
    "git_url": "git:github.com/octocat/Hello-World.git",
    "issue_comment_url": "http://api.github.com/repos/octocat/Hello-World/issues/comments{/number}",
    "issue_events_url": "http://api.github.com/repos/octocat/Hello-World/issues/events{/number}",
    "issues_url": "http://api.github.com/repos/octocat/Hello-World/issues{/number}",
    "keys_url": "http://api.github.com/repos/octocat/Hello-World/keys{/key_id}",
    "labels_url": "http://api.github.com/repos/octocat/Hello-World/labels{/name}",
    "languages_url": "http://api.github.com/repos/octocat/Hello-World/languages",
    "merges_url": "http://api.github.com/repos/octocat/Hello-World/merges",
    "milestones_url": "http://api.github.com/repos/octocat/Hello-World/milestones{/number}",
    "notifications_url": "http://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}",
    "pulls_url": "http://api.github.com/repos/octocat/Hello-World/pulls{/number}",
    "releases_url": "http://api.github.com/repos/octocat/Hello-World/releases{/id}",
    "ssh_url": "git@github.com:octocat/Hello-World.git",
    "stargazers_url": "http://api.github.com/repos/octocat/Hello-World/stargazers",
    "statuses_url": "http://api.github.com/repos/octocat/Hello-World/statuses/{sha}",
    "subscribers_url": "http://api.github.com/repos/octocat/Hello-World/subscribers",
    "subscription_url": "http://api.github.com/repos/octocat/Hello-World/subscription",
    "tags_url": "http://api.github.com/repos/octocat/Hello-World/tags",
    "teams_url": "http://api.github.com/repos/octocat/Hello-World/teams",
    "trees_url": "http://api.github.com/repos/octocat/Hello-World/git/trees{/sha}",
    "clone_url": "https://github.com/octocat/Hello-World.git",
    "mirror_url": "git:git.example.com/octocat/Hello-World",
    "hooks_url": "http://api.github.com/repos/octocat/Hello-World/hooks",
    "svn_url": "https://svn.github.com/octocat/Hello-World",
    "homepage": "https://github.com",
    "language": null,
    "forks_count": 9,
    "stargazers_count": 80,
    "watchers_count": 80,
    "size": 108,
    "default_branch": "master",
    "open_issues_count": 0,
    "is_template": true,
    "topics": [
      "octocat",
      "atom",
      "electron",
      "api"
    ],
    "has_issues": true,
    "has_projects": true,
    "has_wiki": true,
    "has_pages": false,
    "has_downloads": true,
    "archived": false,
    "disabled": false,
    "visibility": "public",
    "pushed_at": "2011-01-26T19:06:43Z",
    "created_at": "2011-01-26T19:01:12Z",
    "updated_at": "2011-01-26T19:14:43Z",
    "permissions": {
      "admin": false,
      "push": false,
      "pull": true
    },
    "allow_rebase_merge": true,
    "template_repository": null,
    "temp_clone_token": "ABTLWHOULUVAXGTRYU7OC2876QJ2O",
    "allow_squash_merge": true,
    "delete_branch_on_merge": true,
    "allow_merge_commit": true,
    "subscribers_count": 42,
    "network_count": 0
  },
  "source": {
    "id": 1296269,
    "node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
    "name": "Hello-World",
    "full_name": "octocat/Hello-World",
    "owner": {
      "login": "octocat",
      "id": 1,
      "node_id": "MDQ6VXNlcjE=",
      "avatar_url": "https://github.com/images/error/octocat_happy.gif",
      "gravatar_id": "",
      "url": "https://api.github.com/users/octocat",
      "html_url": "https://github.com/octocat",
      "followers_url": "https://api.github.com/users/octocat/followers",
      "following_url": "https://api.github.com/users/octocat/following{/other_user}",
      "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
      "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
      "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
      "organizations_url": "https://api.github.com/users/octocat/orgs",
      "repos_url": "https://api.github.com/users/octocat/repos",
      "events_url": "https://api.github.com/users/octocat/events{/privacy}",
      "received_events_url": "https://api.github.com/users/octocat/received_events",
      "type": "User",
      "site_admin": false
    },
    "private": false,
    "html_url": "https://github.com/octocat/Hello-World",
    "description": "This your first repo!",
    "fork": false,
    "url": "https://api.github.com/repos/octocat/Hello-World",
    "archive_url": "http://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}",
    "assignees_url": "http://api.github.com/repos/octocat/Hello-World/assignees{/user}",
    "blobs_url": "http://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}",
    "branches_url": "http://api.github.com/repos/octocat/Hello-World/branches{/branch}",
    "collaborators_url": "http://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}",
    "comments_url": "http://api.github.com/repos/octocat/Hello-World/comments{/number}",
    "commits_url": "http://api.github.com/repos/octocat/Hello-World/commits{/sha}",
    "compare_url": "http://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}",
    "contents_url": "http://api.github.com/repos/octocat/Hello-World/contents/{+path}",
    "contributors_url": "http://api.github.com/repos/octocat/Hello-World/contributors",
    "deployments_url": "http://api.github.com/repos/octocat/Hello-World/deployments",
    "downloads_url": "http://api.github.com/repos/octocat/Hello-World/downloads",
    "events_url": "http://api.github.com/repos/octocat/Hello-World/events",
    "forks_url": "http://api.github.com/repos/octocat/Hello-World/forks",
    "git_commits_url": "http://api.github.com/repos/octocat/Hello-World/git/commits{/sha}",
    "git_refs_url": "http://api.github.com/repos/octocat/Hello-World/git/refs{/sha}",
    "git_tags_url": "http://api.github.com/repos/octocat/Hello-World/git/tags{/sha}",
    "git_url": "git:github.com/octocat/Hello-World.git",
    "issue_comment_url": "http://api.github.com/repos/octocat/Hello-World/issues/comments{/number}",
    "issue_events_url": "http://api.github.com/repos/octocat/Hello-World/issues/events{/number}",
    "issues_url": "http://api.github.com/repos/octocat/Hello-World/issues{/number}",
    "keys_url": "http://api.github.com/repos/octocat/Hello-World/keys{/key_id}",
    "labels_url": "http://api.github.com/repos/octocat/Hello-World/labels{/name}",
    "languages_url": "http://api.github.com/repos/octocat/Hello-World/languages",
    "merges_url": "http://api.github.com/repos/octocat/Hello-World/merges",
    "milestones_url": "http://api.github.com/repos/octocat/Hello-World/milestones{/number}",
    "notifications_url": "http://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}",
    "pulls_url": "http://api.github.com/repos/octocat/Hello-World/pulls{/number}",
    "releases_url": "http://api.github.com/repos/octocat/Hello-World/releases{/id}",
    "ssh_url": "git@github.com:octocat/Hello-World.git",
    "stargazers_url": "http://api.github.com/repos/octocat/Hello-World/stargazers",
    "statuses_url": "http://api.github.com/repos/octocat/Hello-World/statuses/{sha}",
    "subscribers_url": "http://api.github.com/repos/octocat/Hello-World/subscribers",
    "subscription_url": "http://api.github.com/repos/octocat/Hello-World/subscription",
    "tags_url": "http://api.github.com/repos/octocat/Hello-World/tags",
    "teams_url": "http://api.github.com/repos/octocat/Hello-World/teams",
    "trees_url": "http://api.github.com/repos/octocat/Hello-World/git/trees{/sha}",
    "clone_url": "https://github.com/octocat/Hello-World.git",
    "mirror_url": "git:git.example.com/octocat/Hello-World",
    "hooks_url": "http://api.github.com/repos/octocat/Hello-World/hooks",
    "svn_url": "https://svn.github.com/octocat/Hello-World",
    "homepage": "https://github.com",
    "language": null,
    "forks_count": 9,
    "stargazers_count": 80,
    "watchers_count": 80,
    "size": 108,
    "default_branch": "master",
    "open_issues_count": 0,
    "is_template": true,
    "topics": [
      "octocat",
      "atom",
      "electron",
      "api"
    ],
    "has_issues": true,
    "has_projects": true,
    "has_wiki": true,
    "has_pages": false,
    "has_downloads": true,
    "archived": false,
    "disabled": false,
    "visibility": "public",
    "pushed_at": "2011-01-26T19:06:43Z",
    "created_at": "2011-01-26T19:01:12Z",
    "updated_at": "2011-01-26T19:14:43Z",
    "permissions": {
      "admin": false,
      "push": false,
      "pull": true
    },
    "allow_rebase_merge": true,
    "template_repository": null,
    "temp_clone_token": "ABTLWHOULUVAXGTRYU7OC2876QJ2O",
    "allow_squash_merge": true,
    "delete_branch_on_merge": true,
    "allow_merge_commit": true,
    "subscribers_count": 42,
    "network_count": 0
  }
 }
--- a/tests/fixtures/secret.txt
+++ b/tests/fixtures/secret.txt
@ -1 +1 @@
-bar
+bar
--- a/action.yml
+++ b/action.yml
@ -13,6 +13,12 @@ inputs:
  allow:
    description: "List of extra privileged entitlement (e.g., network.host,security.insecure)"
    required: false
  annotations:
    description: "List of annotation to set to the image"
    required: false
  attests:
    description: "List of attestation parameters (e.g., type=sbom,generator=image)"
    required: false
  build-args:
    description: "List of build-time variables"
    required: false
@ -51,12 +57,18 @@ inputs:
    description: "Do not use cache when building the image"
    required: false
    default: 'false'
  no-cache-filters:
    description: "Do not cache specified stages"
    required: false
  outputs:
    description: "List of output destinations (format: type=local,dest=path)"
    required: false
  platforms:
    description: "List of target platforms for build"
    required: false
  provenance:
    description: "Generate provenance attestation for the build (shorthand for --attest=type=provenance)"
    required: false
  pull:
    description: "Always attempt to pull all referenced images"
    required: false
@ -65,9 +77,15 @@ inputs:
    description: "Push is a shorthand for --output=type=registry"
    required: false
    default: 'false'
  sbom:
    description: "Generate SBOM attestation for the build (shorthand for --attest=type=sbom)"
    required: false
  secrets:
    description: "List of secrets to expose to the build (e.g., key=string, GIT_AUTH_TOKEN=mytoken)"
    required: false
  secret-envs:
    description: "List of secret env vars to expose to the build (e.g., key=envname, MY_SECRET=MY_ENV_VAR)"
    required: false
  secret-files:
    description: "List of secret files to expose to the build (e.g., key=filename, MY_SECRET=./secret.txt)"
    required: false
@ -100,6 +118,6 @@ outputs:
    description: 'Build result metadata'
 runs:
-  using: 'node16'
+  using: 'node20'
  main: 'dist/index.js'
  post: 'dist/index.js'
--- a/dev.Dockerfile
+++ b/dev.Dockerfile
@ -1,8 +1,6 @@
-# syntax=docker/dockerfile:1.4
+# syntax=docker/dockerfile:1
-ARG NODE_VERSION=16
+ARG NODE_VERSION=20
 ARG DOCKER_VERSION=20.10.13
 ARG BUILDX_VERSION=0.8.0
 FROM node:${NODE_VERSION}-alpine AS base
 RUN apk add --no-cache cpio findutils git
@ -62,17 +60,10 @@ RUN --mount=type=bind,target=.,rw \
  --mount=type=cache,target=/src/node_modules \
  yarn run lint
 FROM docker:${DOCKER_VERSION} as docker
 FROM docker/buildx-bin:${BUILDX_VERSION} as buildx
 FROM deps AS test
 ENV RUNNER_TEMP=/tmp/github_runner
 ENV RUNNER_TOOL_CACHE=/tmp/github_tool_cache
 RUN --mount=type=bind,target=.,rw \
  --mount=type=cache,target=/src/node_modules \
-  --mount=type=bind,from=docker,source=/usr/local/bin/docker,target=/usr/bin/docker \
+  yarn run test --coverage --coverageDirectory=/tmp/coverage
  --mount=type=bind,from=buildx,source=/buildx,target=/usr/libexec/docker/cli-plugins/docker-buildx \
  yarn run test --coverageDirectory=/tmp/coverage
 FROM scratch AS test-coverage
 COPY --from=test /tmp/coverage /
--- a/dist/index.js
+++ b/dist/index.js
--- a/dist/index.js.map
+++ b/dist/index.js.map
--- a/dist/licenses.txt
+++ b/dist/licenses.txt
--- a/dist/sourcemap-register.js
+++ b/dist/sourcemap-register.js
--- a/docs/advanced/cache.md
+++ b/docs/advanced/cache.md
@ -1,200 +1,3 @@
 # Cache
-* [Inline cache](#inline-cache)
+This page has moved to [Docker Docs website](https://docs.docker.com/build/ci/github-actions/cache/)
 * [Registry cache](#registry-cache)
 * [GitHub cache](#github-cache)
  * [Cache backend API](#cache-backend-api)
  * [Local cache](#local-cache)
 > More info about cache on [BuildKit](https://github.com/moby/buildkit#export-cache) and [Buildx](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#cache-from) repositories.
 ## Inline cache
 In most cases you want to use the [`type=inline` cache exporter](https://github.com/moby/buildkit#inline-push-image-and-cache-together).
 However, note that the `inline` cache exporter only supports `min` cache mode. To enable `max` cache mode, push the
 image and the cache separately by using the `registry` cache exporter as shown in the [next example](#registry-cache).
 ```yaml
 name: ci
 on:
  push:
    branches:
      - 'main'
 jobs:
  docker:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v2
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v1
      -
        name: Login to DockerHub
        uses: docker/login-action@v1 
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        name: Build and push
        uses: docker/build-push-action@v2
        with:
          context: .
          push: true
          tags: user/app:latest
          cache-from: type=registry,ref=user/app:latest
          cache-to: type=inline
 ```
 ## Registry cache
 You can import/export cache from a cache manifest or (special) image configuration on the registry with the
 [`type=registry` cache exporter](https://github.com/moby/buildkit/tree/master#registry-push-image-and-cache-separately).
 ```yaml
 name: ci
 on:
  push:
    branches:
      - 'main'
 jobs:
  docker:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v2
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v1
      -
        name: Login to DockerHub
        uses: docker/login-action@v1 
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        name: Build and push
        uses: docker/build-push-action@v2
        with:
          context: .
          push: true
          tags: user/app:latest
          cache-from: type=registry,ref=user/app:buildcache
          cache-to: type=registry,ref=user/app:buildcache,mode=max
 ```
 ## GitHub cache
 ### Cache backend API
 > :test_tube: This cache exporter is considered EXPERIMENTAL until further notice. Please provide feedback on
 > [BuildKit repository](https://github.com/moby/buildkit) if you encounter any issues.
 Since [buildx 0.6.0](https://github.com/docker/buildx/releases/tag/v0.6.0) and [BuildKit 0.9.0](https://github.com/moby/buildkit/releases/tag/v0.9.0),
 you can use the [`type=gha` cache exporter](https://github.com/moby/buildkit/tree/master#github-actions-cache-experimental).
 GitHub Actions cache exporter backend uses the [GitHub Cache API](https://github.com/tonistiigi/go-actions-cache/blob/master/api.md)
 to fetch and upload cache blobs. That's why this type of cache should be exclusively used in a GitHub Action workflow
 as the `url` (`$ACTIONS_CACHE_URL`) and `token` (`$ACTIONS_RUNTIME_TOKEN`) attributes are populated when a workflow
 is started.
 ```yaml
 name: ci
 on:
  push:
    branches:
      - 'main'
 jobs:
  docker:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v2
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v1
      -
        name: Login to DockerHub
        uses: docker/login-action@v1 
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        name: Build and push
        uses: docker/build-push-action@v2
        with:
          context: .
          push: true
          tags: user/app:latest
          cache-from: type=gha
          cache-to: type=gha,mode=max
 ```
 ### Local cache
 > :warning: At the moment caches are copied over the existing cache so it [keeps growing](https://github.com/docker/build-push-action/issues/252).
 > The `Move cache` step is used as a temporary fix (see https://github.com/moby/buildkit/issues/1896).
 You can also leverage [GitHub cache](https://docs.github.com/en/actions/configuring-and-managing-workflows/caching-dependencies-to-speed-up-workflows)
 using [actions/cache](https://github.com/actions/cache) and [`type=local` cache exporter](https://github.com/moby/buildkit#local-directory-1)
 with this action:
 ```yaml
 name: ci
 on:
  push:
    branches:
      - 'main'
 jobs:
  docker:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v2
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v1
      -
        name: Cache Docker layers
        uses: actions/cache@v2
        with:
          path: /tmp/.buildx-cache
          key: ${{ runner.os }}-buildx-${{ github.sha }}
          restore-keys: |
            ${{ runner.os }}-buildx-
      -
        name: Login to DockerHub
        uses: docker/login-action@v1 
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        name: Build and push
        uses: docker/build-push-action@v2
        with:
          context: .
          push: true
          tags: user/app:latest
          cache-from: type=local,src=/tmp/.buildx-cache
          cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
      -
        # Temp fix
        # https://github.com/docker/build-push-action/issues/252
        # https://github.com/moby/buildkit/issues/1896
        name: Move cache
        run: |
          rm -rf /tmp/.buildx-cache
          mv /tmp/.buildx-cache-new /tmp/.buildx-cache
 ```
--- a/docs/advanced/copy-between-registries.md
+++ b/docs/advanced/copy-between-registries.md
@ -1,73 +1,3 @@
 # Copy images between registries
-Multi-platform images built using buildx can be copied from one registry to another without
+This page has moved to [Docker Docs website](https://docs.docker.com/build/ci/github-actions/copy-image-registries/)
 changing the image SHA using the [tag-push-action](https://github.com/akhilerm/tag-push-action).
 The following workflow will first push the image to dockerhub, run some tests using the images
 and then push to quay and ghcr
 ```yaml
 name: ci
 on:
  push:
    branches:
      - 'main'
 jobs:
  docker:
    runs-on: ubuntu-latest
    steps:
      - 
        name: Checkout
        uses: actions/checkout@v2
      -
        name: Set up QEMU
        uses: docker/setup-qemu-action@v1
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v1
      - # quay and ghcr logins for pushing image after testing
        name: Login to Quay Registry
        uses: docker/login-action@v1 
        with:
          registry: quay.io
          username: ${{ secrets.QUAY_USERNAME }}
          password: ${{ secrets.QUAY_TOKEN }}
      -
        name: Login to GitHub Container Registry
        uses: docker/login-action@v1
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}
      -
        name: Login to DockerHub
        uses: docker/login-action@v1 
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        name: Build and push
        uses: docker/build-push-action@v2
        with:
          context: .
          platforms: linux/amd64,linux/arm64
          push: true
          tags: |
            user/app:latest
            user/app:1.0.0
      - # run tests using image from docker hub
        name: Run Tests
        run: make tests
      - # copy multiplatform image from dockerhub to quay and ghcr
        name: Push Image to multiple registries
        uses: akhilerm/tag-push-action@v2.0.0
        with:
          src: docker.io/user/app:1.0.0
          dst: |
            quay.io/user/app:latest
            quay.io/user/app:1.0.0
            ghcr.io/user/app:latest
            ghcr.io/user/app:1.0.0
 ```
--- a/docs/advanced/dockerhub-desc.md
+++ b/docs/advanced/dockerhub-desc.md
@ -1,48 +1,3 @@
-# Update DockerHub repo description
+# Update Docker Hub repo description
-You can update the [DockerHub repository description](https://docs.docker.com/docker-hub/repos/) using
+This page has moved to [Docker Docs website](https://docs.docker.com/build/ci/github-actions/update-dockerhub-desc/)
 a third party action called [DockerHub Description](https://github.com/peter-evans/dockerhub-description)
 with this action:
 ```yaml
 name: ci
 on:
  push:
    branches:
      - 'main'
 jobs:
  docker:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v2
      -
        name: Set up QEMU
        uses: docker/setup-qemu-action@v1
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v1
      -
        name: Login to DockerHub
        uses: docker/login-action@v1 
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        name: Build and push
        uses: docker/build-push-action@v2
        with:
          context: .
          push: true
          tags: user/app:latest
      -
        name: Update repo description
        uses: peter-evans/dockerhub-description@v2
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_PASSWORD }}
          repository: user/app
 ```
--- a/docs/advanced/export-docker.md
+++ b/docs/advanced/export-docker.md
@ -1,35 +1,3 @@
 # Export image to Docker
-You may want your build result to be available in the Docker client through `docker images` to be able to use it
+This page has moved to [Docker Docs website](https://docs.docker.com/build/ci/github-actions/export-docker/)
 in another step of your workflow:
 ```yaml
 name: ci
 on:
  push:
    branches:
      - 'main'
 jobs:
  docker:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v2
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v1
      -
        name: Build
        uses: docker/build-push-action@v2
        with:
          context: .
          load: true
          tags: myimage:latest
      -
        name: Inspect
        run: |
          docker image inspect myimage:latest
 ```
--- a/docs/advanced/isolated-builders.md
+++ b/docs/advanced/isolated-builders.md
@ -1,44 +1,3 @@
 # Isolated builders
-```yaml
+This page has moved to [Docker Docs website](https://docs.docker.com/build/ci/github-actions/configure-builder/#isolated-builders)
 name: ci
 on:
  push:
    branches:
      - 'main'
 jobs:
  docker:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v2
      -
        uses: docker/setup-buildx-action@v1
        id: builder1
      -
        uses: docker/setup-buildx-action@v1
        id: builder2
      -
        name: Builder 1 name
        run: echo ${{ steps.builder1.outputs.name }}
      -
        name: Builder 2 name
        run: echo ${{ steps.builder2.outputs.name }}
      -
        name: Build against builder1
        uses: docker/build-push-action@v2
        with:
          builder: ${{ steps.builder1.outputs.name }}
          context: .
          target: mytarget1
      -
        name: Build against builder2
        uses: docker/build-push-action@v2
        with:
          builder: ${{ steps.builder2.outputs.name }}
          context: .
          target: mytarget2
 ```
--- a/docs/advanced/local-registry.md
+++ b/docs/advanced/local-registry.md
@ -1,44 +1,3 @@
 # Local registry
-For testing purposes you may need to create a [local registry](https://hub.docker.com/_/registry) to push images into:
+This page has moved to [Docker Docs website](https://docs.docker.com/build/ci/github-actions/local-registry/)
 ```yaml
 name: ci
 on:
  push:
    branches:
      - 'main'
 jobs:
  docker:
    runs-on: ubuntu-latest
    services:
      registry:
        image: registry:2
        ports:
          - 5000:5000
    steps:
      -
        name: Checkout
        uses: actions/checkout@v2
      -
        name: Set up QEMU
        uses: docker/setup-qemu-action@v1
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v1
        with:
          driver-opts: network=host
      -
        name: Build and push to local registry
        uses: docker/build-push-action@v2
        with:
          context: .
          push: true
          tags: localhost:5000/name/app:latest
      -
        name: Inspect
        run: |
          docker buildx imagetools inspect localhost:5000/name/app:latest
 ```
--- a/docs/advanced/multi-platform.md
+++ b/docs/advanced/multi-platform.md
@ -1,44 +1,3 @@
 # Multi-platform image
-You can build multi-platform images using the [`platforms` input](../../README.md#inputs) as described below.
+This page has moved to [Docker Docs website](https://docs.docker.com/build/ci/github-actions/multi-platform/)
 > :bulb: List of available platforms will be displayed and available through our [setup-buildx](https://github.com/docker/setup-buildx-action#about) action.
 > :bulb: If you want support for more platforms, you can use QEMU with our [setup-qemu](https://github.com/docker/setup-qemu-action) action.
 ```yaml
 name: ci
 on:
  push:
    branches:
      - 'main'
 jobs:
  docker:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v2
      -
        name: Set up QEMU
        uses: docker/setup-qemu-action@v1
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v1
      -
        name: Login to DockerHub
        uses: docker/login-action@v1 
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        name: Build and push
        uses: docker/build-push-action@v2
        with:
          context: .
          platforms: linux/amd64,linux/arm64
          push: true
          tags: user/app:latest
 ```
--- a/docs/advanced/named-contexts.md
+++ b/docs/advanced/named-contexts.md
@ -0,0 +1,3 @@
 # Named contexts
 This page has moved to [Docker Docs website](https://docs.docker.com/build/ci/github-actions/named-contexts/)
--- a/docs/advanced/push-multi-registries.md
+++ b/docs/advanced/push-multi-registries.md
@ -1,57 +1,3 @@
 # Push to multi-registries
-* [Docker Hub and GHCR](#docker-hub-and-ghcr)
+This page has moved to [Docker Docs website](https://docs.docker.com/build/ci/github-actions/push-multi-registries/)
 ## Docker Hub and GHCR
 The following workflow will connect you to [DockerHub](https://github.com/docker/login-action#dockerhub)
 and [GitHub Container Registry](https://github.com/docker/login-action#github-container-registry) and push the
 image to these registries.
 ```yaml
 name: ci
 on:
  push:
    branches:
      - 'main'
 jobs:
  docker:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v2
      -
        name: Set up QEMU
        uses: docker/setup-qemu-action@v1
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v1
      -
        name: Login to DockerHub
        uses: docker/login-action@v1 
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        name: Login to GitHub Container Registry
        uses: docker/login-action@v1 
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}
      -
        name: Build and push
        uses: docker/build-push-action@v2
        with:
          context: .
          platforms: linux/amd64,linux/arm64
          push: true
          tags: |
            user/app:latest
            user/app:1.0.0
            ghcr.io/user/app:latest
            ghcr.io/user/app:1.0.0
 ```
--- a/docs/advanced/secrets.md
+++ b/docs/advanced/secrets.md
@ -1,84 +1,3 @@
 # Secrets
-In the following example we will expose and use the [GITHUB_TOKEN secret](https://docs.github.com/en/actions/reference/authentication-in-a-workflow#about-the-github_token-secret)
+This page has moved to [Docker Docs website](https://docs.docker.com/build/ci/github-actions/secrets/)
 as provided by GitHub in your workflow.
 First let's create our `Dockerfile` to use our secret:
 ```Dockerfile
 #syntax=docker/dockerfile:1.2
 FROM alpine
 RUN --mount=type=secret,id=github_token \
  cat /run/secrets/github_token
 ```
 As you can see we have named our secret `github_token`. Here is the workflow you can use to expose this secret using
 the [`secrets` input](../../README.md#inputs):
 ```yaml
 name: ci
 on:
  push:
    branches:
      - 'main'
 jobs:
  docker:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v2
      -
        name: Set up QEMU
        uses: docker/setup-qemu-action@v1
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v1
      -
        name: Build
        uses: docker/build-push-action@v2
        with:
          context: .
          platforms: linux/amd64,linux/arm64
          tags: user/app:latest
          secrets: |
            "github_token=${{ secrets.GITHUB_TOKEN }}"
 ```
 > :bulb: You can also expose a secret file to the build with [`secret-files`](../../README.md#inputs) input:
 > ```yaml
 > secret-files: |
 >   "MY_SECRET=./secret.txt"
 > ```
 If you're using [GitHub secrets](https://docs.github.com/en/actions/reference/encrypted-secrets) and need to handle
 multi-line value, you will need to place the key-value pair between quotes:
 ```yaml
 secrets: |
  "MYSECRET=${{ secrets.GPG_KEY }}"
  GIT_AUTH_TOKEN=abcdefghi,jklmno=0123456789
  "MYSECRET=aaaaaaaa
  bbbbbbb
  ccccccccc"
  FOO=bar
  "EMPTYLINE=aaaa
  bbbb
  ccc"
  "JSON_SECRET={""key1"":""value1"",""key2"":""value2""}"
 ```
 | Key                | Value                                            |
 |--------------------|--------------------------------------------------|
 | `MYSECRET`         | `***********************` |
 | `GIT_AUTH_TOKEN`   | `abcdefghi,jklmno=0123456789` |
 | `MYSECRET`         | `aaaaaaaa\nbbbbbbb\nccccccccc` |
 | `FOO`              | `bar` |
 | `EMPTYLINE`        | `aaaa\n\nbbbb\nccc` |
 | `JSON_SECRET`      | `{"key1":"value1","key2":"value2"}` |
 > :bulb: All quote signs need to be doubled for escaping.
--- a/docs/advanced/share-image-jobs.md
+++ b/docs/advanced/share-image-jobs.md
@ -1,58 +1,3 @@
 # Share built image between jobs
-As each job is isolated in its own runner you cannot use your built image between jobs (except for [self-hosted runners](https://docs.github.com/en/actions/hosting-your-own-runners/about-self-hosted-runners)).
+This page has moved to [Docker Docs website](https://docs.docker.com/build/ci/github-actions/share-image-jobs/)
 However, you can [pass data between jobs in a workflow](https://docs.github.com/en/actions/guides/storing-workflow-data-as-artifacts#passing-data-between-jobs-in-a-workflow)
 using the [actions/upload-artifact](https://github.com/actions/upload-artifact) and [actions/download-artifact](https://github.com/actions/download-artifact)
 actions:
 ```yaml
 name: ci
 on:
  push:
    branches:
      - 'main'
 jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v2
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v1
      -
        name: Build and export
        uses: docker/build-push-action@v2
        with:
          context: .
          tags: myimage:latest
          outputs: type=docker,dest=/tmp/myimage.tar
      -
        name: Upload artifact
        uses: actions/upload-artifact@v2
        with:
          name: myimage
          path: /tmp/myimage.tar
  use:
    runs-on: ubuntu-latest
    needs: build
    steps:
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v1
      -
        name: Download artifact
        uses: actions/download-artifact@v2
        with:
          name: myimage
          path: /tmp
      -
        name: Load image
        run: |
          docker load --input /tmp/myimage.tar
          docker image ls -a
 ```
--- a/docs/advanced/tags-labels.md
+++ b/docs/advanced/tags-labels.md
@ -1,76 +1,3 @@
 # Handle tags and labels
-If you want an "automatic" tag management and [OCI Image Format Specification](https://github.com/opencontainers/image-spec/blob/master/annotations.md)
+This page has moved to [Docker Docs website](https://docs.docker.com/build/ci/github-actions/manage-tags-labels/)
 for labels, you can do it in a dedicated step. The following workflow will use the [Docker metadata action](https://github.com/docker/metadata-action)
 to handle tags and labels based on GitHub actions events and Git metadata.
 ```yaml
 name: ci
 on:
  schedule:
    - cron: '0 10 * * *'
  push:
    branches:
      - '**'
    tags:
      - 'v*.*.*'
  pull_request:
    branches:
      - 'main'
 jobs:
  docker:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v2
      -
        name: Docker meta
        id: meta
        uses: docker/metadata-action@v3
        with:
          # list of Docker images to use as base name for tags
          images: |
            name/app
            ghcr.io/username/app
          # generate Docker tags based on the following events/attributes
          tags: |
            type=schedule
            type=ref,event=branch
            type=ref,event=pr
            type=semver,pattern={{version}}
            type=semver,pattern={{major}}.{{minor}}
            type=semver,pattern={{major}}
            type=sha
      -
        name: Set up QEMU
        uses: docker/setup-qemu-action@v1
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v1
      -
        name: Login to DockerHub
        if: github.event_name != 'pull_request'
        uses: docker/login-action@v1 
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        name: Login to GHCR
        if: github.event_name != 'pull_request'
        uses: docker/login-action@v1
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}
      -
        name: Build and push
        uses: docker/build-push-action@v2
        with:
          context: .
          push: ${{ github.event_name != 'pull_request' }}
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
 ```
--- a/docs/advanced/test-before-push.md
+++ b/docs/advanced/test-before-push.md
@ -1,64 +1,3 @@
 # Test your image before pushing it
-In some cases, you might want to validate that the image works as expected
+This page has moved to [Docker Docs website](https://docs.docker.com/build/ci/github-actions/test-before-push/)
 before pushing it.
 The workflow below will be composed of several steps to achieve this:
 * Build and export the image to Docker
 * Test your image
 * Multi-platform build and push the image
 ```yaml
 name: ci
 on:
  push:
    branches:
      - 'main'
 env:
  TEST_TAG: user/myapp:test
 jobs:
  docker:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v2
      -
        name: Set up QEMU
        uses: docker/setup-qemu-action@v1
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v1
      -
        name: Login to DockerHub
        uses: docker/login-action@v1
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        name: Build and export to Docker
        uses: docker/build-push-action@v2
        with:
          context: .
          load: true
          tags: ${{ env.TEST_TAG }}
      -
        name: Test
        run: |
          docker run --rm ${{ env.TEST_TAG }}
      -
        name: Build and push
        uses: docker/build-push-action@v2
        with:
          context: .
          platforms: linux/amd64,linux/arm64
          push: true
          tags: user/app:latest
 ```
 > :bulb: Build time will not be increased with this workflow because internal
 > cache for `linux/amd64` will be used from previous step on `Build and push`
 > step so only `linux/arm64` will be actually built.
--- a/jest.config.ts
+++ b/jest.config.ts
@ -1,7 +1,22 @@
 import fs from 'fs';
 import os from 'os';
 import path from 'path';
 const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'docker-build-push-action-'));
 process.env = Object.assign({}, process.env, {
  TEMP: tmpDir,
  GITHUB_REPOSITORY: 'docker/build-push-action',
  RUNNER_TEMP: path.join(tmpDir, 'runner-temp'),
  RUNNER_TOOL_CACHE: path.join(tmpDir, 'runner-tool-cache')
 }) as {
  [key: string]: string;
 };
 module.exports = {
  clearMocks: false,
  testEnvironment: 'node',
  moduleFileExtensions: ['js', 'ts'],
  setupFiles: ['dotenv/config'],
  testMatch: ['**/*.test.ts'],
  transform: {
    '^.+\\.ts$': 'ts-jest'
@ -9,5 +24,7 @@ module.exports = {
  moduleNameMapper: {
    '^csv-parse/sync': '<rootDir>/node_modules/csv-parse/dist/cjs/sync.cjs'
  },
  collectCoverageFrom: ['src/**/{!(main.ts),}.ts'],
  coveragePathIgnorePatterns: ['lib/', 'node_modules/', '__mocks__/', '__tests__/'],
  verbose: true
 };
--- a/package.json
+++ b/package.json
@ -4,9 +4,13 @@
  "main": "lib/main.js",
  "scripts": {
    "build": "ncc build src/main.ts --source-map --minify --license licenses.txt",
-    "lint": "eslint src/**/*.ts __tests__/**/*.ts",
+    "lint": "yarn run prettier && yarn run eslint",
-    "format": "eslint --fix src/**/*.ts __tests__/**/*.ts",
+    "format": "yarn run prettier:fix && yarn run eslint:fix",
-    "test": "jest --coverage",
+    "eslint": "eslint --max-warnings=0 .",
    "eslint:fix": "eslint --fix .",
    "prettier": "prettier --check \"./**/*.ts\"",
    "prettier:fix": "prettier --write \"./**/*.ts\"",
    "test": "jest",
    "all": "yarn run build && yarn run format && yarn test"
  },
  "repository": {
@ -19,40 +23,27 @@
    "build",
    "push"
  ],
-  "author": "Docker",
+  "author": "Docker Inc.",
  "contributors": [
    {
      "name": "CrazyMax",
      "url": "https://crazymax.dev"
    }
  ],
  "license": "Apache-2.0",
  "dependencies": {
-    "@actions/core": "^1.6.0",
+    "@actions/core": "^1.10.1",
-    "@actions/exec": "^1.1.1",
+    "@docker/actions-toolkit": "0.18.0",
-    "@actions/github": "^5.0.1",
+    "handlebars": "^4.7.7"
    "csv-parse": "^5.0.4",
    "handlebars": "^4.7.7",
    "semver": "^7.3.7",
    "tmp": "^0.2.1"
  },
  "devDependencies": {
    "@types/csv-parse": "^1.2.2",
-    "@types/node": "^16.11.26",
+    "@types/node": "^20.5.9",
-    "@types/semver": "^7.3.9",
+    "@typescript-eslint/eslint-plugin": "^6.6.0",
-    "@types/tmp": "^0.2.3",
+    "@typescript-eslint/parser": "^6.6.0",
-    "@typescript-eslint/eslint-plugin": "^5.14.0",
+    "@vercel/ncc": "^0.38.0",
-    "@typescript-eslint/parser": "^5.14.0",
+    "eslint": "^8.48.0",
-    "@vercel/ncc": "^0.33.3",
+    "eslint-config-prettier": "^9.0.0",
-    "dotenv": "^16.0.0",
+    "eslint-plugin-jest": "^27.2.3",
-    "eslint": "^8.11.0",
+    "eslint-plugin-prettier": "^5.0.0",
-    "eslint-config-prettier": "^8.5.0",
+    "jest": "^29.6.4",
-    "eslint-plugin-jest": "^26.1.1",
+    "prettier": "^3.0.3",
-    "eslint-plugin-prettier": "^4.0.0",
+    "ts-jest": "^29.1.1",
-    "jest": "^27.2.5",
+    "ts-node": "^10.9.1",
-    "prettier": "^2.3.1",
+    "typescript": "^5.2.2"
    "ts-jest": "^27.1.2",
    "ts-node": "^10.7.0",
    "typescript": "^4.4.4"
  }
 }
--- a/src/buildx.ts
+++ b/src/buildx.ts
@ -1,161 +0,0 @@
 import {parse} from 'csv-parse/sync';
 import fs from 'fs';
 import path from 'path';
 import * as semver from 'semver';
 import * as exec from '@actions/exec';
 import * as context from './context';
 export async function getImageIDFile(): Promise<string> {
  return path.join(context.tmpDir(), 'iidfile').split(path.sep).join(path.posix.sep);
 }
 export async function getImageID(): Promise<string | undefined> {
  const iidFile = await getImageIDFile();
  if (!fs.existsSync(iidFile)) {
    return undefined;
  }
  return fs.readFileSync(iidFile, {encoding: 'utf-8'}).trim();
 }
 export async function getMetadataFile(): Promise<string> {
  return path.join(context.tmpDir(), 'metadata-file').split(path.sep).join(path.posix.sep);
 }
 export async function getMetadata(): Promise<string | undefined> {
  const metadataFile = await getMetadataFile();
  if (!fs.existsSync(metadataFile)) {
    return undefined;
  }
  const content = fs.readFileSync(metadataFile, {encoding: 'utf-8'}).trim();
  if (content === 'null') {
    return undefined;
  }
  return content;
 }
 export async function getDigest(metadata: string | undefined): Promise<string | undefined> {
  if (metadata === undefined) {
    return undefined;
  }
  const metadataJSON = JSON.parse(metadata);
  if (metadataJSON['containerimage.digest']) {
    return metadataJSON['containerimage.digest'];
  }
  return undefined;
 }
 export async function getSecretString(kvp: string): Promise<string> {
  return getSecret(kvp, false);
 }
 export async function getSecretFile(kvp: string): Promise<string> {
  return getSecret(kvp, true);
 }
 export async function getSecret(kvp: string, file: boolean): Promise<string> {
  const delimiterIndex = kvp.indexOf('=');
  const key = kvp.substring(0, delimiterIndex);
  let value = kvp.substring(delimiterIndex + 1);
  if (key.length == 0 || value.length == 0) {
    throw new Error(`${kvp} is not a valid secret`);
  }
  if (file) {
    if (!fs.existsSync(value)) {
      throw new Error(`secret file ${value} not found`);
    }
    value = fs.readFileSync(value, {encoding: 'utf-8'});
  }
  const secretFile = context.tmpNameSync({
    tmpdir: context.tmpDir()
  });
  fs.writeFileSync(secretFile, value);
  return `id=${key},src=${secretFile}`;
 }
 export function isLocalOrTarExporter(outputs: string[]): boolean {
  const records = parse(outputs.join(`\n`), {
    delimiter: ',',
    trim: true,
    columns: false,
    relaxColumnCount: true
  });
  for (const record of records) {
    // Local if no type is defined
    // https://github.com/docker/buildx/blob/d2bf42f8b4784d83fde17acb3ed84703ddc2156b/build/output.go#L29-L43
    if (record.length == 1 && !record[0].startsWith('type=')) {
      return true;
    }
    for (const [key, value] of record.map(chunk => chunk.split('=').map(item => item.trim()))) {
      if (key == 'type' && (value == 'local' || value == 'tar')) {
        return true;
      }
    }
  }
  return false;
 }
 export function hasGitAuthToken(secrets: string[]): boolean {
  for (const secret of secrets) {
    if (secret.startsWith('GIT_AUTH_TOKEN=')) {
      return true;
    }
  }
  return false;
 }
 export async function isAvailable(standalone?: boolean): Promise<boolean> {
  const cmd = getCommand([], standalone);
  return await exec
    .getExecOutput(cmd.command, cmd.args, {
      ignoreReturnCode: true,
      silent: true
    })
    .then(res => {
      if (res.stderr.length > 0 && res.exitCode != 0) {
        return false;
      }
      return res.exitCode == 0;
    })
    // eslint-disable-next-line @typescript-eslint/no-unused-vars
    .catch(error => {
      return false;
    });
 }
 export async function getVersion(standalone?: boolean): Promise<string> {
  const cmd = getCommand(['version'], standalone);
  return await exec
    .getExecOutput(cmd.command, cmd.args, {
      ignoreReturnCode: true,
      silent: true
    })
    .then(res => {
      if (res.stderr.length > 0 && res.exitCode != 0) {
        throw new Error(res.stderr.trim());
      }
      return parseVersion(res.stdout.trim());
    });
 }
 export function parseVersion(stdout: string): string {
  const matches = /\sv?([0-9a-f]{7}|[0-9.]+)/.exec(stdout);
  if (!matches) {
    throw new Error(`Cannot parse buildx version`);
  }
  return matches[1];
 }
 export function satisfies(version: string, range: string): boolean {
  return semver.satisfies(version, range) || /^[0-9a-f]{7}$/.exec(version) !== null;
 }
 export function getCommand(args: Array<string>, standalone?: boolean) {
  return {
    command: standalone ? 'buildx' : 'docker',
    args: standalone ? args : ['buildx', ...args]
  };
 }
--- a/src/context.ts
+++ b/src/context.ts
@ -1,21 +1,16 @@
 import {parse} from 'csv-parse/sync';
 import * as fs from 'fs';
 import * as os from 'os';
 import * as path from 'path';
 import * as tmp from 'tmp';
 import * as core from '@actions/core';
 import {issueCommand} from '@actions/core/lib/command';
 import * as github from '@actions/github';
 import * as buildx from './buildx';
 import * as handlebars from 'handlebars';
-
+import {Context} from '@docker/actions-toolkit/lib/context';
-let _defaultContext, _tmpDir: string;
+import {GitHub} from '@docker/actions-toolkit/lib/github';
 import {Inputs as BuildxInputs} from '@docker/actions-toolkit/lib/buildx/inputs';
 import {Toolkit} from '@docker/actions-toolkit/lib/toolkit';
 import {Util} from '@docker/actions-toolkit/lib/util';
 export interface Inputs {
  addHosts: string[];
  allow: string[];
  annotations: string[];
  attests: string[];
  buildArgs: string[];
  buildContexts: string[];
  builder: string;
@ -28,11 +23,15 @@ export interface Inputs {
  load: boolean;
  network: string;
  noCache: boolean;
  noCacheFilters: string[];
  outputs: string[];
  platforms: string[];
  provenance: string;
  pull: boolean;
  push: boolean;
  sbom: string;
  secrets: string[];
  secretEnvs: string[];
  secretFiles: string[];
  shmSize: string;
  ssh: string[];
@ -42,147 +41,179 @@ export interface Inputs {
  githubToken: string;
 }
-export function defaultContext(): string {
+export async function getInputs(): Promise<Inputs> {
  if (!_defaultContext) {
    let ref = github.context.ref;
    if (github.context.sha && ref && !ref.startsWith('refs/')) {
      ref = `refs/heads/${github.context.ref}`;
    }
    if (github.context.sha && !ref.startsWith(`refs/pull/`)) {
      ref = github.context.sha;
    }
    _defaultContext = `${process.env.GITHUB_SERVER_URL || 'https://github.com'}/${github.context.repo.owner}/${github.context.repo.repo}.git#${ref}`;
  }
  return _defaultContext;
 }
 export function tmpDir(): string {
  if (!_tmpDir) {
    _tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'docker-build-push-')).split(path.sep).join(path.posix.sep);
  }
  return _tmpDir;
 }
 export function tmpNameSync(options?: tmp.TmpNameOptions): string {
  return tmp.tmpNameSync(options);
 }
 export async function getInputs(defaultContext: string): Promise<Inputs> {
  return {
-    addHosts: await getInputList('add-hosts'),
+    addHosts: Util.getInputList('add-hosts'),
-    allow: await getInputList('allow'),
+    allow: Util.getInputList('allow'),
-    buildArgs: await getInputList('build-args', true),
+    annotations: Util.getInputList('annotations', {ignoreComma: true}),
-    buildContexts: await getInputList('build-contexts', true),
+    attests: Util.getInputList('attests', {ignoreComma: true}),
    buildArgs: Util.getInputList('build-args', {ignoreComma: true}),
    buildContexts: Util.getInputList('build-contexts', {ignoreComma: true}),
    builder: core.getInput('builder'),
-    cacheFrom: await getInputList('cache-from', true),
+    cacheFrom: Util.getInputList('cache-from', {ignoreComma: true}),
-    cacheTo: await getInputList('cache-to', true),
+    cacheTo: Util.getInputList('cache-to', {ignoreComma: true}),
    cgroupParent: core.getInput('cgroup-parent'),
-    context: core.getInput('context') || defaultContext,
+    context: core.getInput('context') || Context.gitContext(),
    file: core.getInput('file'),
-    labels: await getInputList('labels', true),
+    labels: Util.getInputList('labels', {ignoreComma: true}),
    load: core.getBooleanInput('load'),
    network: core.getInput('network'),
    noCache: core.getBooleanInput('no-cache'),
-    outputs: await getInputList('outputs', true),
+    noCacheFilters: Util.getInputList('no-cache-filters'),
-    platforms: await getInputList('platforms'),
+    outputs: Util.getInputList('outputs', {ignoreComma: true}),
    platforms: Util.getInputList('platforms'),
    provenance: BuildxInputs.getProvenanceInput('provenance'),
    pull: core.getBooleanInput('pull'),
    push: core.getBooleanInput('push'),
-    secrets: await getInputList('secrets', true),
+    sbom: core.getInput('sbom'),
-    secretFiles: await getInputList('secret-files', true),
+    secrets: Util.getInputList('secrets', {ignoreComma: true}),
    secretEnvs: Util.getInputList('secret-envs'),
    secretFiles: Util.getInputList('secret-files', {ignoreComma: true}),
    shmSize: core.getInput('shm-size'),
-    ssh: await getInputList('ssh'),
+    ssh: Util.getInputList('ssh'),
-    tags: await getInputList('tags'),
+    tags: Util.getInputList('tags'),
    target: core.getInput('target'),
-    ulimit: await getInputList('ulimit', true),
+    ulimit: Util.getInputList('ulimit', {ignoreComma: true}),
    githubToken: core.getInput('github-token')
  };
 }
-export async function getArgs(inputs: Inputs, defaultContext: string, buildxVersion: string): Promise<Array<string>> {
+export async function getArgs(inputs: Inputs, toolkit: Toolkit): Promise<Array<string>> {
  const context = handlebars.compile(inputs.context)({
    defaultContext: Context.gitContext()
  });
  // prettier-ignore
  return [
-    ...await getBuildArgs(inputs, defaultContext, buildxVersion),
+    ...await getBuildArgs(inputs, context, toolkit),
-    ...await getCommonArgs(inputs, buildxVersion),
+    ...await getCommonArgs(inputs, toolkit),
-    handlebars.compile(inputs.context)({defaultContext})
+    context
  ];
 }
-async function getBuildArgs(inputs: Inputs, defaultContext: string, buildxVersion: string): Promise<Array<string>> {
+async function getBuildArgs(inputs: Inputs, context: string, toolkit: Toolkit): Promise<Array<string>> {
  const args: Array<string> = ['build'];
-  await asyncForEach(inputs.addHosts, async addHost => {
+  await Util.asyncForEach(inputs.addHosts, async addHost => {
    args.push('--add-host', addHost);
  });
  if (inputs.allow.length > 0) {
    args.push('--allow', inputs.allow.join(','));
  }
-  await asyncForEach(inputs.buildArgs, async buildArg => {
+  if (await toolkit.buildx.versionSatisfies('>=0.10.0')) {
    await Util.asyncForEach(inputs.attests, async attest => {
      args.push('--attest', attest);
    });
  } else if (inputs.attests.length > 0) {
    core.warning("Attestations are only supported by buildx >= 0.10.0; the input 'attests' is ignored.");
  }
  if (await toolkit.buildx.versionSatisfies('>=0.12.0')) {
    await Util.asyncForEach(inputs.annotations, async annotation => {
      args.push('--annotation', annotation);
    });
  } else if (inputs.annotations.length > 0) {
    core.warning("Annotations are only supported by buildx >= 0.12.0; the input 'annotations' is ignored.");
  }
  await Util.asyncForEach(inputs.buildArgs, async buildArg => {
    args.push('--build-arg', buildArg);
  });
-  if (buildx.satisfies(buildxVersion, '>=0.8.0')) {
+  if (await toolkit.buildx.versionSatisfies('>=0.8.0')) {
-    await asyncForEach(inputs.buildContexts, async buildContext => {
+    await Util.asyncForEach(inputs.buildContexts, async buildContext => {
      args.push('--build-context', buildContext);
    });
  } else if (inputs.buildContexts.length > 0) {
    core.warning("Build contexts are only supported by buildx >= 0.8.0; the input 'build-contexts' is ignored.");
  }
-  await asyncForEach(inputs.cacheFrom, async cacheFrom => {
+  await Util.asyncForEach(inputs.cacheFrom, async cacheFrom => {
    args.push('--cache-from', cacheFrom);
  });
-  await asyncForEach(inputs.cacheTo, async cacheTo => {
+  await Util.asyncForEach(inputs.cacheTo, async cacheTo => {
    args.push('--cache-to', cacheTo);
  });
  if (inputs.cgroupParent) {
    args.push('--cgroup-parent', inputs.cgroupParent);
  }
  await Util.asyncForEach(inputs.secretEnvs, async secretEnv => {
    try {
      args.push('--secret', BuildxInputs.resolveBuildSecretEnv(secretEnv));
    } catch (err) {
      core.warning(err.message);
    }
  });
  if (inputs.file) {
    args.push('--file', inputs.file);
  }
-  if (!buildx.isLocalOrTarExporter(inputs.outputs) && (inputs.platforms.length == 0 || buildx.satisfies(buildxVersion, '>=0.4.2'))) {
+  if (!BuildxInputs.hasLocalExporter(inputs.outputs) && !BuildxInputs.hasTarExporter(inputs.outputs) && (inputs.platforms.length == 0 || (await toolkit.buildx.versionSatisfies('>=0.4.2')))) {
-    args.push('--iidfile', await buildx.getImageIDFile());
+    args.push('--iidfile', BuildxInputs.getBuildImageIDFilePath());
  }
-  await asyncForEach(inputs.labels, async label => {
+  await Util.asyncForEach(inputs.labels, async label => {
    args.push('--label', label);
  });
-  await asyncForEach(inputs.outputs, async output => {
+  await Util.asyncForEach(inputs.noCacheFilters, async noCacheFilter => {
    args.push('--no-cache-filter', noCacheFilter);
  });
  await Util.asyncForEach(inputs.outputs, async output => {
    args.push('--output', output);
  });
  if (inputs.platforms.length > 0) {
    args.push('--platform', inputs.platforms.join(','));
  }
-  await asyncForEach(inputs.secrets, async secret => {
+  if (await toolkit.buildx.versionSatisfies('>=0.10.0')) {
    if (inputs.provenance) {
      args.push('--provenance', inputs.provenance);
    } else if ((await toolkit.buildkit.versionSatisfies(inputs.builder, '>=0.11.0')) && !BuildxInputs.hasDockerExporter(inputs.outputs, inputs.load)) {
      // if provenance not specified and BuildKit version compatible for
      // attestation, set default provenance. Also needs to make sure user
      // doesn't want to explicitly load the image to docker.
      if (GitHub.context.payload.repository?.private ?? false) {
        // if this is a private repository, we set the default provenance
        // attributes being set in buildx: https://github.com/docker/buildx/blob/fb27e3f919dcbf614d7126b10c2bc2d0b1927eb6/build/build.go#L603
        args.push('--provenance', BuildxInputs.resolveProvenanceAttrs(`mode=min,inline-only=true`));
      } else {
        // for a public repository, we set max provenance mode.
        args.push('--provenance', BuildxInputs.resolveProvenanceAttrs(`mode=max`));
      }
    }
    if (inputs.sbom) {
      args.push('--sbom', inputs.sbom);
    }
  } else if (inputs.provenance || inputs.sbom) {
    core.warning("Attestations are only supported by buildx >= 0.10.0; the inputs 'provenance' and 'sbom' are ignored.");
  }
  await Util.asyncForEach(inputs.secrets, async secret => {
    try {
-      args.push('--secret', await buildx.getSecretString(secret));
+      args.push('--secret', BuildxInputs.resolveBuildSecretString(secret));
    } catch (err) {
      core.warning(err.message);
    }
  });
-  await asyncForEach(inputs.secretFiles, async secretFile => {
+  await Util.asyncForEach(inputs.secretFiles, async secretFile => {
    try {
-      args.push('--secret', await buildx.getSecretFile(secretFile));
+      args.push('--secret', BuildxInputs.resolveBuildSecretFile(secretFile));
    } catch (err) {
      core.warning(err.message);
    }
  });
-  if (inputs.githubToken && !buildx.hasGitAuthToken(inputs.secrets) && inputs.context == defaultContext) {
+  if (inputs.githubToken && !BuildxInputs.hasGitAuthTokenSecret(inputs.secrets) && context.startsWith(Context.gitContext())) {
-    args.push('--secret', await buildx.getSecretString(`GIT_AUTH_TOKEN=${inputs.githubToken}`));
+    args.push('--secret', BuildxInputs.resolveBuildSecretString(`GIT_AUTH_TOKEN=${inputs.githubToken}`));
  }
  if (inputs.shmSize) {
    args.push('--shm-size', inputs.shmSize);
  }
-  await asyncForEach(inputs.ssh, async ssh => {
+  await Util.asyncForEach(inputs.ssh, async ssh => {
    args.push('--ssh', ssh);
  });
-  await asyncForEach(inputs.tags, async tag => {
+  await Util.asyncForEach(inputs.tags, async tag => {
    args.push('--tag', tag);
  });
  if (inputs.target) {
    args.push('--target', inputs.target);
  }
-  await asyncForEach(inputs.ulimit, async ulimit => {
+  await Util.asyncForEach(inputs.ulimit, async ulimit => {
    args.push('--ulimit', ulimit);
  });
  return args;
 }
-async function getCommonArgs(inputs: Inputs, buildxVersion: string): Promise<Array<string>> {
+async function getCommonArgs(inputs: Inputs, toolkit: Toolkit): Promise<Array<string>> {
  const args: Array<string> = [];
  if (inputs.builder) {
    args.push('--builder', inputs.builder);
@ -190,8 +221,8 @@ async function getCommonArgs(inputs: Inputs, buildxVersion: string): Promise<Arr
  if (inputs.load) {
    args.push('--load');
  }
-  if (buildx.satisfies(buildxVersion, '>=0.6.0')) {
+  if (await toolkit.buildx.versionSatisfies('>=0.6.0')) {
-    args.push('--metadata-file', await buildx.getMetadataFile());
+    args.push('--metadata-file', BuildxInputs.getBuildMetadataFilePath());
  }
  if (inputs.network) {
    args.push('--network', inputs.network);
@ -207,43 +238,3 @@ async function getCommonArgs(inputs: Inputs, buildxVersion: string): Promise<Arr
  }
  return args;
 }
 export async function getInputList(name: string, ignoreComma?: boolean): Promise<string[]> {
  const res: Array<string> = [];
  const items = core.getInput(name);
  if (items == '') {
    return res;
  }
  const records = await parse(items, {
    columns: false,
    relaxQuotes: true,
    relaxColumnCount: true,
    skipEmptyLines: true
  });
  for (const record of records as Array<string[]>) {
    if (record.length == 1) {
      res.push(record[0]);
      continue;
    } else if (!ignoreComma) {
      res.push(...record);
      continue;
    }
    res.push(record.join(','));
  }
  return res.filter(item => item).map(pat => pat.trim());
 }
 export const asyncForEach = async (array, callback) => {
  for (let index = 0; index < array.length; index++) {
    await callback(array[index], index, array);
  }
 };
 // FIXME: Temp fix https://github.com/actions/toolkit/issues/777
 export function setOutput(name: string, value: unknown): void {
  issueCommand('set-output', {name}, value);
 }
--- a/src/docker.ts
+++ b/src/docker.ts
@ -1,19 +0,0 @@
 import * as exec from '@actions/exec';
 export async function isAvailable(): Promise<boolean> {
  return await exec
    .getExecOutput('docker', undefined, {
      ignoreReturnCode: true,
      silent: true
    })
    .then(res => {
      if (res.stderr.length > 0 && res.exitCode != 0) {
        return false;
      }
      return res.exitCode == 0;
    })
    // eslint-disable-next-line @typescript-eslint/no-unused-vars
    .catch(error => {
      return false;
    });
 }
--- a/src/main.ts
+++ b/src/main.ts
@ -1,95 +1,116 @@
 import * as fs from 'fs';
-import * as buildx from './buildx';
+import * as path from 'path';
 import * as context from './context';
 import * as docker from './docker';
 import * as stateHelper from './state-helper';
 import * as core from '@actions/core';
-import * as exec from '@actions/exec';
+import * as actionsToolkit from '@docker/actions-toolkit';
 import {Context} from '@docker/actions-toolkit/lib/context';
 import {Docker} from '@docker/actions-toolkit/lib/docker/docker';
 import {Exec} from '@docker/actions-toolkit/lib/exec';
 import {GitHub} from '@docker/actions-toolkit/lib/github';
 import {Inputs as BuildxInputs} from '@docker/actions-toolkit/lib/buildx/inputs';
 import {Toolkit} from '@docker/actions-toolkit/lib/toolkit';
 import {ConfigFile} from '@docker/actions-toolkit/lib/types/docker';
-async function run(): Promise<void> {
+import * as context from './context';
  try {
    const defContext = context.defaultContext();
    const inputs: context.Inputs = await context.getInputs(defContext);
-    // standalone if docker cli not available
+actionsToolkit.run(
-    const standalone = !(await docker.isAvailable());
+  // main
  async () => {
    const inputs: context.Inputs = await context.getInputs();
    const toolkit = new Toolkit();
-    core.startGroup(`Docker info`);
+    await core.group(`GitHub Actions runtime token ACs`, async () => {
-    if (standalone) {
+      try {
-      core.info(`Docker info skipped in standalone mode`);
+        await GitHub.printActionsRuntimeTokenACs();
-    } else {
+      } catch (e) {
-      await exec.exec('docker', ['version'], {
+        core.warning(e.message);
-        failOnStdErr: false
+      }
-      });
+    });
      await exec.exec('docker', ['info'], {
        failOnStdErr: false
      });
    }
    core.endGroup();
-    if (!(await buildx.isAvailable(standalone))) {
+    await core.group(`Docker info`, async () => {
      try {
        await Docker.printVersion();
        await Docker.printInfo();
      } catch (e) {
        core.info(e.message);
      }
    });
    await core.group(`Proxy configuration`, async () => {
      let dockerConfig: ConfigFile | undefined;
      let dockerConfigMalformed = false;
      try {
        dockerConfig = await Docker.configFile();
      } catch (e) {
        dockerConfigMalformed = true;
        core.warning(`Unable to parse config file ${path.join(Docker.configDir, 'config.json')}: ${e}`);
      }
      if (dockerConfig && dockerConfig.proxies) {
        for (const host in dockerConfig.proxies) {
          let prefix = '';
          if (Object.keys(dockerConfig.proxies).length > 1) {
            prefix = '  ';
            core.info(host);
          }
          for (const key in dockerConfig.proxies[host]) {
            core.info(`${prefix}${key}: ${dockerConfig.proxies[host][key]}`);
          }
        }
      } else if (!dockerConfigMalformed) {
        core.info('No proxy configuration found');
      }
    });
    if (!(await toolkit.buildx.isAvailable())) {
      core.setFailed(`Docker buildx is required. See https://github.com/docker/setup-buildx-action to set up buildx.`);
      return;
    }
    stateHelper.setTmpDir(context.tmpDir());
-    const buildxVersion = await buildx.getVersion(standalone);
+    stateHelper.setTmpDir(Context.tmpDir());
    await core.group(`Buildx version`, async () => {
-      const versionCmd = buildx.getCommand(['version'], standalone);
+      await toolkit.buildx.printVersion();
      await exec.exec(versionCmd.command, versionCmd.args, {
        failOnStdErr: false
      });
    });
-    const args: string[] = await context.getArgs(inputs, defContext, buildxVersion);
+    const args: string[] = await context.getArgs(inputs, toolkit);
-    const buildCmd = buildx.getCommand(args, standalone);
+    const buildCmd = await toolkit.buildx.getCommand(args);
-    await exec
+    await Exec.getExecOutput(buildCmd.command, buildCmd.args, {
-      .getExecOutput(buildCmd.command, buildCmd.args, {
+      ignoreReturnCode: true
-        ignoreReturnCode: true
+    }).then(res => {
-      })
+      if (res.stderr.length > 0 && res.exitCode != 0) {
-      .then(res => {
+        throw new Error(`buildx failed with: ${res.stderr.match(/(.*)\s*$/)?.[0]?.trim() ?? 'unknown error'}`);
-        if (res.stderr.length > 0 && res.exitCode != 0) {
+      }
-          throw new Error(`buildx failed with: ${res.stderr.match(/(.*)\s*$/)?.[0]?.trim() ?? 'unknown error'}`);
+    });
        }
      });
-    const imageID = await buildx.getImageID();
+    const imageID = BuildxInputs.resolveBuildImageID();
-    const metadata = await buildx.getMetadata();
+    const metadata = BuildxInputs.resolveBuildMetadata();
-    const digest = await buildx.getDigest(metadata);
+    const digest = BuildxInputs.resolveDigest();
    if (imageID) {
      await core.group(`ImageID`, async () => {
        core.info(imageID);
-        context.setOutput('imageid', imageID);
+        core.setOutput('imageid', imageID);
      });
    }
    if (digest) {
      await core.group(`Digest`, async () => {
        core.info(digest);
-        context.setOutput('digest', digest);
+        core.setOutput('digest', digest);
      });
    }
    if (metadata) {
      await core.group(`Metadata`, async () => {
        core.info(metadata);
-        context.setOutput('metadata', metadata);
+        core.setOutput('metadata', metadata);
      });
    }
  },
  // post
  async () => {
    if (stateHelper.tmpDir.length > 0) {
      await core.group(`Removing temp folder ${stateHelper.tmpDir}`, async () => {
        fs.rmSync(stateHelper.tmpDir, {recursive: true});
      });
    }
  } catch (error) {
    core.setFailed(error.message);
  }
-}
+);
 async function cleanup(): Promise<void> {
  if (stateHelper.tmpDir.length > 0) {
    core.startGroup(`Removing temp folder ${stateHelper.tmpDir}`);
    fs.rmdirSync(stateHelper.tmpDir, {recursive: true});
    core.endGroup();
  }
 }
 if (!stateHelper.IsPost) {
  run();
 } else {
  cleanup();
 }
--- a/src/state-helper.ts
+++ b/src/state-helper.ts
@ -1,12 +1,7 @@
 import * as core from '@actions/core';
 export const IsPost = !!process.env['STATE_isPost'];
 export const tmpDir = process.env['STATE_tmpDir'] || '';
 export function setTmpDir(tmpDir: string) {
  core.saveState('tmpDir', tmpDir);
 }
 if (!IsPost) {
  core.saveState('isPost', 'true');
 }
--- a/test/Dockerfile
+++ b/test/Dockerfile
@ -1,3 +1,3 @@
 # syntax=docker/dockerfile:1
 FROM alpine
 RUN echo "Hello world!"
--- a/test/addhost.Dockerfile
+++ b/test/addhost.Dockerfile
@ -1,2 +1,3 @@
 # syntax=docker/dockerfile:1
 FROM busybox
 RUN cat /etc/hosts
--- a/test/buildcontext.Dockerfile
+++ b/test/buildcontext.Dockerfile
@ -1,3 +0,0 @@
 # syntax=docker/dockerfile-upstream:master
 FROM alpine
 RUN cat /etc/*release
--- a/test/cgroup.Dockerfile
+++ b/test/cgroup.Dockerfile
@ -1,2 +1,3 @@
 # syntax=docker/dockerfile:1
 FROM alpine
 RUN cat /proc/self/cgroup
--- a/test/go/Dockerfile
+++ b/test/go/Dockerfile
@ -0,0 +1,19 @@
 # syntax=docker/dockerfile:1
 FROM golang:alpine AS base
 ENV CGO_ENABLED=0
 RUN apk add --no-cache file git
 WORKDIR /src
 FROM base AS build
 RUN --mount=type=bind,target=/src \
    --mount=type=cache,target=/root/.cache/go-build \
    go build -ldflags "-s -w" -o /usr/bin/app .
 FROM scratch AS binary
 COPY --from=build /usr/bin/app /bin/app
 FROM alpine AS image
 COPY --from=build /usr/bin/app /bin/app
 EXPOSE 8080
 ENTRYPOINT ["/bin/app"]
--- a/test/go/go.mod
+++ b/test/go/go.mod
@ -0,0 +1,3 @@
 module github.com/docker/build-push-action/test/go
 go 1.18
--- a/test/go/main.go
+++ b/test/go/main.go
@ -0,0 +1,14 @@
 package main
 import (
 	"fmt"
 	"log"
 	"net/http"
 )
 func main() {
 	http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
 		fmt.Fprintf(w, "Hello, Go!")
 	})
 	log.Fatal(http.ListenAndServe(":8080", nil))
 }
--- a/test/multi-sudo.Dockerfile
+++ b/test/multi-sudo.Dockerfile
@ -1,9 +1,8 @@
 # syntax=docker/dockerfile:1
 FROM --platform=$BUILDPLATFORM golang:alpine AS build
 ARG TARGETPLATFORM
 ARG BUILDPLATFORM
 RUN echo "I am running on $BUILDPLATFORM, building for $TARGETPLATFORM" > /log
 RUN apk --update --no-cache add \
    shadow \
    sudo \
@ -17,6 +16,5 @@ RUN sudo chown buildx. /log
 USER root
 FROM alpine
 COPY --from=build /log /log
 RUN ls -al /log
--- a/test/multi.Dockerfile
+++ b/test/multi.Dockerfile
@ -1,3 +1,4 @@
 # syntax=docker/dockerfile:1
 FROM --platform=$BUILDPLATFORM golang:alpine AS build
 ARG TARGETPLATFORM
--- a/test/named-context-base.Dockerfile
+++ b/test/named-context-base.Dockerfile
@ -0,0 +1,4 @@
 # syntax=docker/dockerfile:1
 FROM debian
 RUN echo "Hello debian!"
--- a/test/named-context.Dockerfile
+++ b/test/named-context.Dockerfile
@ -0,0 +1,4 @@
 # syntax=docker/dockerfile:1
 FROM alpine
 RUN cat /etc/*release
--- a/test/nocachefilter.Dockerfile
+++ b/test/nocachefilter.Dockerfile
@ -0,0 +1,9 @@
 # syntax=docker/dockerfile:1
 FROM busybox AS base
 RUN echo "Hello world!" > /hello
 FROM alpine AS build
 COPY --from=base /hello /hello
 RUN uname -a
 FROM build
--- a/test/proxy.Dockerfile
+++ b/test/proxy.Dockerfile
@ -0,0 +1,9 @@
 # syntax=docker/dockerfile:1
 FROM alpine
 RUN apk add --no-cache curl net-tools
 ARG HTTP_PROXY
 ARG HTTPS_PROXY
 RUN printenv HTTP_PROXY
 RUN printenv HTTPS_PROXY
 RUN netstat -aptn
 RUN curl --retry 5 --retry-all-errors --retry-delay 0 --connect-timeout 5 --proxy $HTTP_PROXY -v --insecure --head https://www.google.com
--- a/test/secret.Dockerfile
+++ b/test/secret.Dockerfile
@ -0,0 +1,4 @@
 # syntax=docker/dockerfile:1
 FROM busybox
 RUN --mount=type=secret,id=MYSECRET \
  echo "MYSECRET=$(cat /run/secrets/MYSECRET)"
--- a/test/shmsize.Dockerfile
+++ b/test/shmsize.Dockerfile
@ -1,2 +1,3 @@
 # syntax=docker/dockerfile:1
 FROM busybox
 RUN mount | grep /dev/shm
--- a/test/ulimit.Dockerfile
+++ b/test/ulimit.Dockerfile
@ -1,2 +1,3 @@
 # syntax=docker/dockerfile:1
 FROM busybox
 RUN ulimit -a
--- a/tsconfig.json
+++ b/tsconfig.json
@ -1,19 +1,22 @@
 {
  "compilerOptions": {
    "esModuleInterop": true,
    "target": "es6",
    "module": "commonjs",
    "strict": true,
    "newLine": "lf",
    "outDir": "./lib",
    "rootDir": "./src",
    "esModuleInterop": true,
    "forceConsistentCasingInFileNames": true,
    "strict": true,
    "noImplicitAny": false,
    "resolveJsonModule": true,
    "useUnknownInCatchVariables": false,
  },
  "exclude": [
    "./__mocks__/**/*",
    "./__tests__/**/*",
    "./lib/**/*",
    "node_modules",
    "**/*.test.ts",
    "jest.config.ts"
  ]
 }
--- a/yarn.lock
+++ b/yarn.lock
		`@ -0,0 +1,3 @@`
							`# Code of conduct`

							`- [Moby community guidelines](https://github.com/moby/moby/blob/master/CONTRIBUTING.md#moby-community-guidelines)`
		`@ -0,0 +1,3 @@`
							`# Named contexts`

							`This page has moved to [Docker Docs website](https://docs.docker.com/build/ci/github-actions/named-contexts/)`
		`@ -0,0 +1,3 @@`
							`module github.com/docker/build-push-action/test/go`

							`go 1.18`