Docker Desktop 4.20: Docker Engine and CLI updated to Moby 24.0 | Docker
We are happy to announce the major release of Moby 24.0 in Docker Desktop 4.20. We have dedicated significant effort to this release, marking a major milestone in the open source Moby project.
This effort began in September of last year when we announced we were extending the integration of the Docker Engine with containerd
. Since then, we have continued working on the image store integration and contributing this work to the Moby project.
In this release, we are adding support for image history, pulling images from private repositories, image importing, and support for the classic builder when using the containerd
image store.
To explore and test these new features, activate the option Use containerd for pulling and storing images in the Features in Development panel within the Docker Desktop Settings (Figure 1).
When enabling this feature, you will notice your existing images are no longer listed, but there’s no need to worry. The containerd
image store functions differently from the classic store, and you can only view one of them at a time. Images in the classic store can be accessed again by disabling the feature.
On the other hand, if you want to transfer your existing images to the new containerd
store, simply push your images to the Docker Hub using the command docker push <my image name>
. Then, activate the containerd
store in the Settings and pull the image using docker pull <my image name>
.
You can read all bug fixes and enhancements in the Moby release notes.
SBOM and provenance attestations using BuildKit v0.11
BuildKit v0.11 helps you secure your software supply chain by allowing you to add an SBOM (Software Bill of Materials) and provenance attestations in the SLSA format to your container images. This can be done with the container driver as described in the blog post Generating SBOMs for Your Image with BuildKit or by enabling the containerd image store and following the steps in the SBOM attestations documentation.
New Dockerfile inspection features
In version 4.20, you can use the docker build
command to preview the configuration of your upcoming build or view a list of available build targets in your Dockerfile. This is particularly beneficial when dealing with multi-stage Dockerfiles or when diving into new projects.
When you run the build command, it processes your Dockerfile, evaluates all environment variables, and determines reachable build stages, but stops before running the build steps. You can use --print=outline
to get detailed information on all build arguments, secrets, and SSH forwarding keys, along with their current values. Alternatively, use --print=targets
to list all the possible stages that can be built with the --target
flag.
We also aim to present textual descriptions for these elements by parsing the comments in your Dockerfile. Currently, you need to define BUILDX_EXPERIMENTAL
environment variable to use the --print
flag (Figure 2).
Check out the Dockerfile 1.5 changelog for more updates, such as loading images from on-disk OCI layout and improved Git source and checksum validation for ADD commands in the labs channel. Read the Highlights from the BuildKit v0.11 Release blog post to learn more.
Docker Compose dry run
In our continued efforts to make Docker Compose better for developer workflows, we’re addressing a long-standing user request. You can now dry run any Compose command by adding a flag (--dry-run
). This gives you insight on what exactly Compose will generate or execute so nothing unexpected happens.
We’re also excited to highlight contributions from the community, such as First implementation of viz subcommand #10376 by @BenjaminGuzman, which generates a graph of your stack, with details like networks and ports. Try docker compose alpha viz
on your project to check out your own graph.
Conclusion
We love hearing your feedback. Please leave any feedback on our public GitHub roadmap and let us know what else you’d like to see. Check out the Docker Desktop 4.20 release notes for a full breakdown of what’s new in the latest release.