buildah

buildah [global options] command [command options] [arguments...]

--add-history
    Add an empty layer to the image with the specified annotation.

--annotation
    Add an annotation to the image.

--author
    Set the author for the image.

--cert-dir
    Path to a directory containing TLS certificates and keys.

--cni-config-dir
    Path to the CNI configuration directory.

--creds
    Use these credentials for authenticating against the registry. Format: `username[:password]`

--digestfile
    Write the digest of the image to the file.

--format
    The format to use when saving an image to disk. Can be 'oci', 'docker', or 'v2s2'.

--help
    Show help.

--history-comment
    Add a history comment to the image.

--manifest
    Name of the manifest list.

--no-hosts
    Do not update /etc/hosts in the container.

--pull
    Attempt to pull the image before building from it. 'Always', 'missing', or 'never' (default).

--pull-always
    Pull the image even if it exists locally (deprecated, use --pull always).

--pull-never
    Do not pull the image (deprecated, use --pull never).

--registry
    Override the registry used to pull or push images.

--root
    Root directory to use for storage (experimental).

--signature-policy
    Path to the signature policy file.

--tls-verify
    Require TLS verification (default: true).

--timestamp
    Use specified timestamp when building image.

--umask
    Override the default umask for the image.

buildah is a tool that facilitates building Open Container Initiative (OCI) or Docker images. It allows users to create and modify container images without requiring a Docker daemon. buildah focuses on providing a core set of commands for building images from scratch, reusing existing images as base layers, adding content, and committing changes. It's designed to be used in scripts and other automation tools to streamline the image building process.

Key features include support for various image formats, rootless building, and integration with other container tools like Podman and Skopeo. Unlike Docker, buildah does not require a running daemon and provides more granular control over the image creation process. It promotes a layered approach, making it easy to inspect and modify image contents. Users can commit the containers to tarballs or push them directly to remote registries.

buildah excels in situations where a lightweight and flexible image building solution is needed, particularly in CI/CD pipelines and development environments.

buildah focuses solely on building images and does not provide container runtime functionality. For running containers, use tools like Podman or Docker.

buildah provides a variety of commands, including `buildah from` to create a working container, `buildah add` to add content, `buildah commit` to create an image, `buildah push` to push images to registries, and `buildah bud` to build an image from a Dockerfile. Each command offers a specific set of options to customize the image building process.

buildah supports rootless builds, allowing users to build images without requiring root privileges. This enhances security and simplifies the build process in many environments. Rootless builds require proper configuration of user namespaces and storage drivers.

buildah was developed by Red Hat as a command-line tool and library for building OCI and Docker images. Its development was driven by the need for a lightweight, daemon-less image building solution that offers more control and flexibility compared to Docker's build process. The tool has evolved to support rootless builds and seamless integration with other container technologies, making it a popular choice for modern container workflows.

podman(1), skopeo(1), docker(1)