Regression with attestations local export since 0.23.0 #6049
Description
relates to docker/buildkit-syft-scanner#133
FROM alpine AS base
ARG BUILDKIT_SBOM_SCAN_STAGE=true
RUN apk add git
COPY <<EOF /empty
EOF
FROM scratch
COPY --from=base /empty /$ docker buildx create --name sbomtest --driver-opt "image=moby/buildkit:v0.23.1"
$ docker buildx --builder sbomtest build --sbom=true --output ./bin .
$ tree ./bin
./bin
├── empty
├── sbom-base.spdx.linux_amd64.json
└── sbom.spdx.linux_amd64.json
0 directories, 3 files
With BuildKit 0.22.0:
$ docker buildx create --name sbomtest --driver-opt "image=moby/buildkit:v0.22.0"
$ docker buildx --builder sbomtest build --sbom=true --output ./bin .
$ tree ./bin
./bin
├── empty
├── sbom-base.spdx.json
└── sbom.spdx.json
0 directories, 3 files
Looks related to #6007