@@ -20,6 +20,7 @@ options:
2020 value_type : stringArray
2121 default_value : ' []'
2222 description : Allow build to access specified resources
23+ details_url : ' #allow'
2324 deprecated : false
2425 hidden : false
2526 experimental : false
@@ -218,6 +219,80 @@ inherited_options:
218219 kubernetes : false
219220 swarm : false
220221examples : |-
222+ ### Allow extra privileged entitlement (--allow) {#allow}
223+
224+ ```text
225+ --allow=ENTITLEMENT[=VALUE]
226+ ```
227+
228+ Entitlements are designed to provide controlled access to privileged
229+ operations. By default, Buildx and BuildKit operates with restricted
230+ permissions to protect users and their systems from unintended side effects or
231+ security risks. The `--allow` flag explicitly grants access to additional
232+ entitlements, making it clear when a build or bake operation requires elevated
233+ privileges.
234+
235+ In addition to BuildKit's `network.host` and `security.insecure` entitlements
236+ (see [`docker buildx build --allow`](/reference/cli/docker/buildx/build/#allow),
237+ Bake supports file system entitlements that grant granular control over file
238+ system access. These are particularly useful when working with builds that need
239+ access to files outside the default working directory.
240+
241+ Bake supports the following filesystem entitlements:
242+
243+ - `--allow fs=<path|*>` - Grant read and write access to files outside of the
244+ working directory.
245+ - `--allow fs.read=<path|*>` - Grant read access to files outside of the
246+ working directory.
247+ - `--allow fs.write=<path|*>` - Grant write access to files outside of the
248+ working directory.
249+
250+ The `fs` entitlements take a path value (relative or absolute) to a directory
251+ on the filesystem. Alternatively, you can pass a wildcard (`*`) to allow Bake
252+ to access the entire filesystem.
253+
254+ ### Example: fs.read
255+
256+ Given the following Bake configuration, Bake would need to access the parent
257+ directory, relative to the Bake file.
258+
259+ ```hcl
260+ target "app" {
261+ context = "../src"
262+ }
263+ ```
264+
265+ Assuming `docker buildx bake app` is executed in the same directory as the
266+ `docker-bake.hcl` file, you would need to explicitly allow Bake to read from
267+ the `../src` directory. In this case, the following invocations all work:
268+
269+ ```console
270+ $ docker buildx bake --allow fs.read=* app
271+ $ docker buildx bake --allow fs.read=../src app
272+ $ docker buildx bake --allow fs=* app
273+ ```
274+
275+ ### Example: fs.write
276+
277+ The following `docker-bake.hcl` file requires write access to the `/tmp`
278+ directory.
279+
280+ ```hcl
281+ target "app" {
282+ output = "/tmp"
283+ }
284+ ```
285+
286+ Assuming `docker buildx bake app` is executed outside of the `/tmp` directory,
287+ you would need to allow the `fs.write` entitlement, either by specifying the
288+ path or using a wildcard:
289+
290+ ```console
291+ $ docker buildx bake --allow fs=/tmp app
292+ $ docker buildx bake --allow fs.write=/tmp app
293+ $ docker buildx bake --allow fs.write=* app
294+ ```
295+
221296 ### Override the configured builder instance (--builder) {#builder}
222297
223298 Same as [`buildx --builder`](/reference/cli/docker/buildx/#builder).
0 commit comments