Merge pull request #4383 from thaJeztah/update_engine

vendor: docker/docker 7f8b1cd7f928dee54174d51dc9da17f443c31480 (v25.0-dev)
2023-06-28 14:42:37 +02:00 · 2023-06-28 14:42:37 +02:00 · 3403f277f2
parent 27bae1172a 9f4af6cb7d
commit 3403f277f2
17 changed files with 111 additions and 104 deletions
--- a/vendor.mod
+++ b/vendor.mod
@ -11,7 +11,7 @@ require (
 	github.com/containerd/containerd v1.6.21
 	github.com/creack/pty v1.1.18
 	github.com/docker/distribution v2.8.2+incompatible
-	github.com/docker/docker v24.0.0-rc.2.0.20230612074407-ed798d651a50+incompatible // master (v25.0.0-dev)
+	github.com/docker/docker v24.0.0-rc.2.0.20230627140857-7f8b1cd7f928+incompatible // master (v25.0.0-dev)
 	github.com/docker/docker-credential-helpers v0.7.0
 	github.com/docker/go-connections v0.4.0
 	github.com/docker/go-units v0.5.0
--- a/vendor.sum
+++ b/vendor.sum
@ -98,8 +98,8 @@ github.com/denisenkom/go-mssqldb v0.0.0-20191128021309-1d7a30a10f73/go.mod h1:xb
 github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
 github.com/docker/distribution v2.8.2+incompatible h1:T3de5rq0dB1j30rp0sA2rER+m322EBzniBPB6ZIzuh8=
 github.com/docker/distribution v2.8.2+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
-github.com/docker/docker v24.0.0-rc.2.0.20230612074407-ed798d651a50+incompatible h1:HJQK5UfDglLDjf9aIUzBR1UPDPpjWi3XJDV7bsndteM=
-github.com/docker/docker v24.0.0-rc.2.0.20230612074407-ed798d651a50+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
+github.com/docker/docker v24.0.0-rc.2.0.20230627140857-7f8b1cd7f928+incompatible h1:2NGrlnNNqZK8xzlRDfQO1gOnP5ODJzQ1W52PJKbMOVs=
+github.com/docker/docker v24.0.0-rc.2.0.20230627140857-7f8b1cd7f928+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
 github.com/docker/docker-credential-helpers v0.7.0 h1:xtCHsjxogADNZcdv1pKUHXryefjlVRqWqIhk/uXJp0A=
 github.com/docker/docker-credential-helpers v0.7.0/go.mod h1:rETQfLdHNT3foU5kuNkFR1R1V12OJRRO5lzt2D1b5X0=
 github.com/docker/go v1.5.1-1.0.20160303222718-d30aec9fd63c h1:lzqkGL9b3znc+ZUgi7FlLnqjQhcXxkNM/quxIjBVMD0=
--- a/vendor/github.com/docker/docker/pkg/archive/archive.go
+++ b/vendor/github.com/docker/docker/pkg/archive/archive.go
@ -20,6 +20,7 @@ import (
 	"syscall"
 	"time"

+	"github.com/containerd/containerd/log"
 	"github.com/containerd/containerd/pkg/userns"
 	"github.com/docker/docker/pkg/idtools"
 	"github.com/docker/docker/pkg/ioutils"
@ -205,21 +206,21 @@ func gzDecompress(ctx context.Context, buf io.Reader) (io.ReadCloser, error) {
 	if noPigzEnv := os.Getenv("MOBY_DISABLE_PIGZ"); noPigzEnv != "" {
 		noPigz, err := strconv.ParseBool(noPigzEnv)
 		if err != nil {
-			logrus.WithError(err).Warn("invalid value in MOBY_DISABLE_PIGZ env var")
+			log.G(ctx).WithError(err).Warn("invalid value in MOBY_DISABLE_PIGZ env var")
 		}
 		if noPigz {
-			logrus.Debugf("Use of pigz is disabled due to MOBY_DISABLE_PIGZ=%s", noPigzEnv)
+			log.G(ctx).Debugf("Use of pigz is disabled due to MOBY_DISABLE_PIGZ=%s", noPigzEnv)
 			return gzip.NewReader(buf)
 		}
 	}

 	unpigzPath, err := exec.LookPath("unpigz")
 	if err != nil {
-		logrus.Debugf("unpigz binary not found, falling back to go gzip library")
+		log.G(ctx).Debugf("unpigz binary not found, falling back to go gzip library")
 		return gzip.NewReader(buf)
 	}

-	logrus.Debugf("Using %s to decompress", unpigzPath)
+	log.G(ctx).Debugf("Using %s to decompress", unpigzPath)

 	return cmdStream(exec.CommandContext(ctx, unpigzPath, "-d", "-c"), buf)
 }
@ -754,7 +755,7 @@ func createTarFile(path, extractDir string, hdr *tar.Header, reader io.Reader, o
 		}

 	case tar.TypeXGlobalHeader:
-		logrus.Debug("PAX Global Extended Headers found and ignored")
+		log.G(context.TODO()).Debug("PAX Global Extended Headers found and ignored")
 		return nil

 	default:
@ -789,7 +790,7 @@ func createTarFile(path, extractDir string, hdr *tar.Header, reader io.Reader, o
 	}

 	if len(xattrErrs) > 0 {
-		logrus.WithFields(logrus.Fields{
+		log.G(context.TODO()).WithFields(logrus.Fields{
 			"errors": xattrErrs,
 		}).Warn("ignored xattrs in archive: underlying filesystem doesn't support them")
 	}
@ -907,13 +908,13 @@ func (t *Tarballer) Do() {
 	defer func() {
 		// Make sure to check the error on Close.
 		if err := ta.TarWriter.Close(); err != nil {
-			logrus.Errorf("Can't close tar writer: %s", err)
+			log.G(context.TODO()).Errorf("Can't close tar writer: %s", err)
 		}
 		if err := t.compressWriter.Close(); err != nil {
-			logrus.Errorf("Can't close compress writer: %s", err)
+			log.G(context.TODO()).Errorf("Can't close compress writer: %s", err)
 		}
 		if err := t.pipeWriter.Close(); err != nil {
-			logrus.Errorf("Can't close pipe writer: %s", err)
+			log.G(context.TODO()).Errorf("Can't close pipe writer: %s", err)
 		}
 	}()

@ -936,7 +937,7 @@ func (t *Tarballer) Do() {
 		// directory. So, we must split the source path and use the
 		// basename as the include.
 		if len(t.options.IncludeFiles) > 0 {
-			logrus.Warn("Tar: Can't archive a file with includes")
+			log.G(context.TODO()).Warn("Tar: Can't archive a file with includes")
 		}

 		dir, base := SplitPathDirEntry(t.srcPath)
@ -961,7 +962,7 @@ func (t *Tarballer) Do() {
 		walkRoot := getWalkRoot(t.srcPath, include)
 		filepath.WalkDir(walkRoot, func(filePath string, f os.DirEntry, err error) error {
 			if err != nil {
-				logrus.Errorf("Tar: Can't stat file %s to tar: %s", t.srcPath, err)
+				log.G(context.TODO()).Errorf("Tar: Can't stat file %s to tar: %s", t.srcPath, err)
 				return nil
 			}

@ -1000,7 +1001,7 @@ func (t *Tarballer) Do() {
 					skip, matchInfo, err = t.pm.MatchesUsingParentResults(relFilePath, patternmatcher.MatchInfo{})
 				}
 				if err != nil {
-					logrus.Errorf("Error matching %s: %v", relFilePath, err)
+					log.G(context.TODO()).Errorf("Error matching %s: %v", relFilePath, err)
 					return err
 				}

@ -1061,7 +1062,7 @@ func (t *Tarballer) Do() {
 			}

 			if err := ta.addTarFile(filePath, relFilePath); err != nil {
-				logrus.Errorf("Can't add file %s to tar: %s", filePath, err)
+				log.G(context.TODO()).Errorf("Can't add file %s to tar: %s", filePath, err)
 				// if pipe is broken, stop writing tar stream to it
 				if err == io.ErrClosedPipe {
 					return err
@ -1098,7 +1099,7 @@ loop:

 		// ignore XGlobalHeader early to avoid creating parent directories for them
 		if hdr.Typeflag == tar.TypeXGlobalHeader {
-			logrus.Debugf("PAX Global Extended Headers found for %s and ignored", hdr.Name)
+			log.G(context.TODO()).Debugf("PAX Global Extended Headers found for %s and ignored", hdr.Name)
 			continue
 		}

--- a/vendor/github.com/docker/docker/pkg/archive/changes.go
+++ b/vendor/github.com/docker/docker/pkg/archive/changes.go
@ -3,6 +3,7 @@ package archive // import "github.com/docker/docker/pkg/archive"
 import (
 	"archive/tar"
 	"bytes"
+	"context"
 	"fmt"
 	"io"
 	"os"
@ -12,10 +13,10 @@ import (
 	"syscall"
 	"time"

+	"github.com/containerd/containerd/log"
 	"github.com/docker/docker/pkg/idtools"
 	"github.com/docker/docker/pkg/pools"
 	"github.com/docker/docker/pkg/system"
-	"github.com/sirupsen/logrus"
 )

 // ChangeType represents the change type.
@ -371,7 +372,7 @@ func ChangesSize(newDir string, changes []Change) int64 {
 			file := filepath.Join(newDir, change.Path)
 			fileInfo, err := os.Lstat(file)
 			if err != nil {
-				logrus.Errorf("Can not stat %q: %s", file, err)
+				log.G(context.TODO()).Errorf("Can not stat %q: %s", file, err)
 				continue
 			}

@ -420,22 +421,22 @@ func ExportChanges(dir string, changes []Change, idMap idtools.IdentityMapping)
 					ChangeTime: timestamp,
 				}
 				if err := ta.TarWriter.WriteHeader(hdr); err != nil {
-					logrus.Debugf("Can't write whiteout header: %s", err)
+					log.G(context.TODO()).Debugf("Can't write whiteout header: %s", err)
 				}
 			} else {
 				path := filepath.Join(dir, change.Path)
 				if err := ta.addTarFile(path, change.Path[1:]); err != nil {
-					logrus.Debugf("Can't add file %s to tar: %s", path, err)
+					log.G(context.TODO()).Debugf("Can't add file %s to tar: %s", path, err)
 				}
 			}
 		}

 		// Make sure to check the error on Close.
 		if err := ta.TarWriter.Close(); err != nil {
-			logrus.Debugf("Can't close layer: %s", err)
+			log.G(context.TODO()).Debugf("Can't close layer: %s", err)
 		}
 		if err := writer.Close(); err != nil {
-			logrus.Debugf("failed close Changes writer: %s", err)
+			log.G(context.TODO()).Debugf("failed close Changes writer: %s", err)
 		}
 	}()
 	return reader, nil
--- a/vendor/github.com/docker/docker/pkg/archive/copy.go
+++ b/vendor/github.com/docker/docker/pkg/archive/copy.go
@ -2,14 +2,15 @@ package archive // import "github.com/docker/docker/pkg/archive"

 import (
 	"archive/tar"
+	"context"
 	"errors"
 	"io"
 	"os"
 	"path/filepath"
 	"strings"

+	"github.com/containerd/containerd/log"
 	"github.com/docker/docker/pkg/system"
-	"github.com/sirupsen/logrus"
 )

 // Errors used or returned by this file.
@ -107,7 +108,7 @@ func TarResourceRebase(sourcePath, rebaseName string) (content io.ReadCloser, er
 	sourceDir, sourceBase := SplitPathDirEntry(sourcePath)
 	opts := TarResourceRebaseOpts(sourceBase, rebaseName)

-	logrus.Debugf("copying %q from %q", sourceBase, sourceDir)
+	log.G(context.TODO()).Debugf("copying %q from %q", sourceBase, sourceDir)
 	return TarWithOptions(sourceDir, opts)
 }

--- a/vendor/github.com/docker/docker/pkg/archive/diff.go
+++ b/vendor/github.com/docker/docker/pkg/archive/diff.go
@ -2,6 +2,7 @@ package archive // import "github.com/docker/docker/pkg/archive"

 import (
 	"archive/tar"
+	"context"
 	"fmt"
 	"io"
 	"os"
@ -9,9 +10,9 @@ import (
 	"runtime"
 	"strings"

+	"github.com/containerd/containerd/log"
 	"github.com/docker/docker/pkg/pools"
 	"github.com/docker/docker/pkg/system"
-	"github.com/sirupsen/logrus"
 )

 // UnpackLayer unpack `layer` to a `dest`. The stream `layer` can be
@ -67,7 +68,7 @@ func UnpackLayer(dest string, layer io.Reader, options *TarOptions) (size int64,
 		// image but have it tagged as Windows inadvertently.
 		if runtime.GOOS == "windows" {
 			if strings.Contains(hdr.Name, ":") {
-				logrus.Warnf("Windows: Ignoring %s (is this a Linux image?)", hdr.Name)
+				log.G(context.TODO()).Warnf("Windows: Ignoring %s (is this a Linux image?)", hdr.Name)
 				continue
 			}
 		}
--- a/vendor/github.com/docker/docker/pkg/homedir/homedir.go
+++ b/vendor/github.com/docker/docker/pkg/homedir/homedir.go
@ -0,0 +1,44 @@
+package homedir
+
+import (
+	"os"
+	"os/user"
+	"runtime"
+)
+
+// Key returns the env var name for the user's home dir based on
+// the platform being run on.
+//
+// Deprecated: this function is no longer used, and will be removed in the next release.
+func Key() string {
+	return envKeyName
+}
+
+// Get returns the home directory of the current user with the help of
+// environment variables depending on the target operating system.
+// Returned path should be used with "path/filepath" to form new paths.
+//
+// On non-Windows platforms, it falls back to nss lookups, if the home
+// directory cannot be obtained from environment-variables.
+//
+// If linking statically with cgo enabled against glibc, ensure the
+// osusergo build tag is used.
+//
+// If needing to do nss lookups, do not disable cgo or set osusergo.
+func Get() string {
+	home, _ := os.UserHomeDir()
+	if home == "" && runtime.GOOS != "windows" {
+		if u, err := user.Current(); err == nil {
+			return u.HomeDir
+		}
+	}
+	return home
+}
+
+// GetShortcutString returns the string that is shortcut to user's home directory
+// in the native shell of the platform running on.
+//
+// Deprecated: this function is no longer used, and will be removed in the next release.
+func GetShortcutString() string {
+	return homeShortCut
+}
--- a/vendor/github.com/docker/docker/pkg/homedir/homedir_unix.go
+++ b/vendor/github.com/docker/docker/pkg/homedir/homedir_unix.go
@ -2,37 +2,7 @@

 package homedir // import "github.com/docker/docker/pkg/homedir"

-import (
-	"os"
-	"os/user"
+const (
+	envKeyName   = "HOME"
+	homeShortCut = "~"
 )
-
-// Key returns the env var name for the user's home dir based on
-// the platform being run on
-func Key() string {
-	return "HOME"
-}
-
-// Get returns the home directory of the current user with the help of
-// environment variables depending on the target operating system.
-// Returned path should be used with "path/filepath" to form new paths.
-//
-// If linking statically with cgo enabled against glibc, ensure the
-// osusergo build tag is used.
-//
-// If needing to do nss lookups, do not disable cgo or set osusergo.
-func Get() string {
-	home := os.Getenv(Key())
-	if home == "" {
-		if u, err := user.Current(); err == nil {
-			return u.HomeDir
-		}
-	}
-	return home
-}
-
-// GetShortcutString returns the string that is shortcut to user's home directory
-// in the native shell of the platform running on.
-func GetShortcutString() string {
-	return "~"
-}
--- a/vendor/github.com/docker/docker/pkg/homedir/homedir_windows.go
+++ b/vendor/github.com/docker/docker/pkg/homedir/homedir_windows.go
@ -1,24 +1,6 @@
 package homedir // import "github.com/docker/docker/pkg/homedir"

-import (
-	"os"
+const (
+	envKeyName   = "USERPROFILE"
+	homeShortCut = "%USERPROFILE%" // be careful while using in format functions
 )
-
-// Key returns the env var name for the user's home dir based on
-// the platform being run on
-func Key() string {
-	return "USERPROFILE"
-}
-
-// Get returns the home directory of the current user with the help of
-// environment variables depending on the target operating system.
-// Returned path should be used with "path/filepath" to form new paths.
-func Get() string {
-	return os.Getenv(Key())
-}
-
-// GetShortcutString returns the string that is shortcut to user's home directory
-// in the native shell of the platform running on.
-func GetShortcutString() string {
-	return "%USERPROFILE%" // be careful while using in format functions
-}
--- a/vendor/github.com/docker/docker/pkg/idtools/idtools_unix.go
+++ b/vendor/github.com/docker/docker/pkg/idtools/idtools_unix.go
@ -166,7 +166,10 @@ func callGetent(database, key string) (io.Reader, error) {
 	if getentCmd == "" {
 		return nil, fmt.Errorf("unable to find getent command")
 	}
-	out, err := exec.Command(getentCmd, database, key).CombinedOutput()
+	command := exec.Command(getentCmd, database, key)
+	// we run getent within container filesystem, but without /dev so /dev/null is not available for exec to mock stdin
+	command.Stdin = io.NopCloser(bytes.NewReader(nil))
+	out, err := command.CombinedOutput()
 	if err != nil {
 		exitCode, errC := getExitCode(err)
 		if errC != nil {
--- a/vendor/github.com/docker/docker/registry/auth.go
+++ b/vendor/github.com/docker/docker/registry/auth.go
@ -1,17 +1,18 @@
 package registry // import "github.com/docker/docker/registry"

 import (
+	"context"
 	"net/http"
 	"net/url"
 	"strings"
 	"time"

+	"github.com/containerd/containerd/log"
 	"github.com/docker/distribution/registry/client/auth"
 	"github.com/docker/distribution/registry/client/auth/challenge"
 	"github.com/docker/distribution/registry/client/transport"
 	"github.com/docker/docker/api/types/registry"
 	"github.com/pkg/errors"
-	"github.com/sirupsen/logrus"
 )

 // AuthClientID is used the ClientID used for the token server
@ -74,7 +75,7 @@ func loginV2(authConfig *registry.AuthConfig, endpoint APIEndpoint, userAgent st
 		creds                = loginCredentialStore{authConfig: &credentialAuthConfig}
 	)

-	logrus.Debugf("attempting v2 login to registry endpoint %s", endpointStr)
+	log.G(context.TODO()).Debugf("attempting v2 login to registry endpoint %s", endpointStr)

 	loginClient, err := v2AuthHTTPClient(endpoint.URL, authTransport, modifiers, creds, nil)
 	if err != nil {
--- a/vendor/github.com/docker/docker/registry/endpoint_v1.go
+++ b/vendor/github.com/docker/docker/registry/endpoint_v1.go
@ -1,6 +1,7 @@
 package registry // import "github.com/docker/docker/registry"

 import (
+	"context"
 	"crypto/tls"
 	"encoding/json"
 	"io"
@ -8,9 +9,9 @@ import (
 	"net/url"
 	"strings"

+	"github.com/containerd/containerd/log"
 	"github.com/docker/distribution/registry/client/transport"
 	"github.com/docker/docker/api/types/registry"
-	"github.com/sirupsen/logrus"
 )

 // v1PingResult contains the information returned when pinging a registry. It
@ -55,7 +56,7 @@ func newV1Endpoint(index *registry.IndexInfo, headers http.Header) (*v1Endpoint,
 }

 func validateEndpoint(endpoint *v1Endpoint) error {
-	logrus.Debugf("pinging registry endpoint %s", endpoint)
+	log.G(context.TODO()).Debugf("pinging registry endpoint %s", endpoint)

 	// Try HTTPS ping to registry
 	endpoint.URL.Scheme = "https"
@ -67,7 +68,7 @@ func validateEndpoint(endpoint *v1Endpoint) error {
 		}

 		// If registry is insecure and HTTPS failed, fallback to HTTP.
-		logrus.WithError(err).Debugf("error from registry %q marked as insecure - insecurely falling back to HTTP", endpoint)
+		log.G(context.TODO()).WithError(err).Debugf("error from registry %q marked as insecure - insecurely falling back to HTTP", endpoint)
 		endpoint.URL.Scheme = "http"

 		var err2 error
@ -138,7 +139,7 @@ func (e *v1Endpoint) ping() (v1PingResult, error) {
 		return v1PingResult{}, nil
 	}

-	logrus.Debugf("attempting v1 ping for registry endpoint %s", e)
+	log.G(context.TODO()).Debugf("attempting v1 ping for registry endpoint %s", e)
 	pingURL := e.String() + "_ping"
 	req, err := http.NewRequest(http.MethodGet, pingURL, nil)
 	if err != nil {
@ -163,13 +164,13 @@ func (e *v1Endpoint) ping() (v1PingResult, error) {
 		Standalone: true,
 	}
 	if err := json.Unmarshal(jsonString, &info); err != nil {
-		logrus.WithError(err).Debug("error unmarshaling _ping response")
+		log.G(context.TODO()).WithError(err).Debug("error unmarshaling _ping response")
 		// don't stop here. Just assume sane defaults
 	}
 	if hdr := resp.Header.Get("X-Docker-Registry-Version"); hdr != "" {
 		info.Version = hdr
 	}
-	logrus.Debugf("v1PingResult.Version: %q", info.Version)
+	log.G(context.TODO()).Debugf("v1PingResult.Version: %q", info.Version)

 	standalone := resp.Header.Get("X-Docker-Registry-Standalone")

@ -180,6 +181,6 @@ func (e *v1Endpoint) ping() (v1PingResult, error) {
 		// there is a header set, and it is not "true" or "1", so assume fails
 		info.Standalone = false
 	}
-	logrus.Debugf("v1PingResult.Standalone: %t", info.Standalone)
+	log.G(context.TODO()).Debugf("v1PingResult.Standalone: %t", info.Standalone)
 	return info, nil
 }
--- a/vendor/github.com/docker/docker/registry/registry.go
+++ b/vendor/github.com/docker/docker/registry/registry.go
@ -2,6 +2,7 @@
 package registry // import "github.com/docker/docker/registry"

 import (
+	"context"
 	"crypto/tls"
 	"net"
 	"net/http"
@ -10,9 +11,9 @@ import (
 	"strings"
 	"time"

+	"github.com/containerd/containerd/log"
 	"github.com/docker/distribution/registry/client/transport"
 	"github.com/docker/go-connections/tlsconfig"
-	"github.com/sirupsen/logrus"
 )

 // HostCertsDir returns the config directory for a specific host.
@ -29,7 +30,7 @@ func newTLSConfig(hostname string, isSecure bool) (*tls.Config, error) {

 	if isSecure && CertsDir() != "" {
 		hostDir := HostCertsDir(hostname)
-		logrus.Debugf("hostDir: %s", hostDir)
+		log.G(context.TODO()).Debugf("hostDir: %s", hostDir)
 		if err := ReadCertsDirectory(tlsConfig, hostDir); err != nil {
 			return nil, err
 		}
@ -65,7 +66,7 @@ func ReadCertsDirectory(tlsConfig *tls.Config, directory string) error {
 				}
 				tlsConfig.RootCAs = systemPool
 			}
-			logrus.Debugf("crt: %s", filepath.Join(directory, f.Name()))
+			log.G(context.TODO()).Debugf("crt: %s", filepath.Join(directory, f.Name()))
 			data, err := os.ReadFile(filepath.Join(directory, f.Name()))
 			if err != nil {
 				return err
@ -75,7 +76,7 @@ func ReadCertsDirectory(tlsConfig *tls.Config, directory string) error {
 		if strings.HasSuffix(f.Name(), ".cert") {
 			certName := f.Name()
 			keyName := certName[:len(certName)-5] + ".key"
-			logrus.Debugf("cert: %s", filepath.Join(directory, f.Name()))
+			log.G(context.TODO()).Debugf("cert: %s", filepath.Join(directory, f.Name()))
 			if !hasFile(fs, keyName) {
 				return invalidParamf("missing key %s for client certificate %s. CA certificates must use the extension .crt", keyName, certName)
 			}
@ -88,7 +89,7 @@ func ReadCertsDirectory(tlsConfig *tls.Config, directory string) error {
 		if strings.HasSuffix(f.Name(), ".key") {
 			keyName := f.Name()
 			certName := keyName[:len(keyName)-4] + ".cert"
-			logrus.Debugf("key: %s", filepath.Join(directory, f.Name()))
+			log.G(context.TODO()).Debugf("key: %s", filepath.Join(directory, f.Name()))
 			if !hasFile(fs, certName) {
 				return invalidParamf("missing client certificate %s for key %s", certName, keyName)
 			}
--- a/vendor/github.com/docker/docker/registry/search.go
+++ b/vendor/github.com/docker/docker/registry/search.go
@ -10,9 +10,9 @@ import (
 	"github.com/docker/docker/api/types/registry"
 	"github.com/docker/docker/errdefs"

+	"github.com/containerd/containerd/log"
 	"github.com/docker/distribution/registry/client/auth"
 	"github.com/pkg/errors"
-	"github.com/sirupsen/logrus"
 )

 var acceptedSearchFilterTags = map[string]bool{
@ -126,7 +126,7 @@ func (s *Service) searchUnfiltered(ctx context.Context, term string, limit int,
 		v2Client.CheckRedirect = endpoint.client.CheckRedirect
 		v2Client.Jar = endpoint.client.Jar

-		logrus.Debugf("using v2 client for search to %s", endpoint.URL)
+		log.G(ctx).Debugf("using v2 client for search to %s", endpoint.URL)
 		client = v2Client
 	} else {
 		client = endpoint.client
--- a/vendor/github.com/docker/docker/registry/service.go
+++ b/vendor/github.com/docker/docker/registry/service.go
@ -7,10 +7,10 @@ import (
 	"strings"
 	"sync"

+	"github.com/containerd/containerd/log"
 	"github.com/docker/distribution/reference"
 	"github.com/docker/docker/api/types/registry"
 	"github.com/docker/docker/errdefs"
-	"github.com/sirupsen/logrus"
 )

 // Service is a registry service. It tracks configuration data such as a list
@ -85,7 +85,7 @@ func (s *Service) Auth(ctx context.Context, authConfig *registry.AuthConfig, use
 			// Failed to authenticate; don't continue with (non-TLS) endpoints.
 			return status, token, err
 		}
-		logrus.WithError(err).Infof("Error logging in to endpoint, trying next endpoint")
+		log.G(ctx).WithError(err).Infof("Error logging in to endpoint, trying next endpoint")
 	}

 	return "", "", err
--- a/vendor/github.com/docker/docker/registry/session.go
+++ b/vendor/github.com/docker/docker/registry/session.go
@ -2,6 +2,7 @@ package registry // import "github.com/docker/docker/registry"

 import (
 	// this is required for some certificates
+	"context"
 	_ "crypto/sha512"
 	"encoding/json"
 	"fmt"
@ -11,12 +12,12 @@ import (
 	"strings"
 	"sync"

+	"github.com/containerd/containerd/log"
 	"github.com/docker/docker/api/types/registry"
 	"github.com/docker/docker/errdefs"
 	"github.com/docker/docker/pkg/ioutils"
 	"github.com/docker/docker/pkg/jsonmessage"
 	"github.com/pkg/errors"
-	"github.com/sirupsen/logrus"
 )

 // A session is used to communicate with a V1 registry
@ -155,7 +156,7 @@ func authorizeClient(client *http.Client, authConfig *registry.AuthConfig, endpo
 			return err
 		}
 		if info.Standalone && authConfig != nil {
-			logrus.Debugf("Endpoint %s is eligible for private registry. Enabling decorator.", endpoint.String())
+			log.G(context.TODO()).Debugf("Endpoint %s is eligible for private registry. Enabling decorator.", endpoint.String())
 			alwaysSetBasicAuth = true
 		}
 	}
@ -191,7 +192,7 @@ func (r *session) searchRepositories(term string, limit int) (*registry.SearchRe
 	if limit < 1 || limit > 100 {
 		return nil, invalidParamf("limit %d is outside the range of [1, 100]", limit)
 	}
-	logrus.Debugf("Index server: %s", r.indexEndpoint)
+	log.G(context.TODO()).Debugf("Index server: %s", r.indexEndpoint)
 	u := r.indexEndpoint.String() + "search?q=" + url.QueryEscape(term) + "&n=" + url.QueryEscape(fmt.Sprintf("%d", limit))

 	req, err := http.NewRequest(http.MethodGet, u, nil)
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@ -43,7 +43,7 @@ github.com/docker/distribution/registry/client/transport
 github.com/docker/distribution/registry/storage/cache
 github.com/docker/distribution/registry/storage/cache/memory
 github.com/docker/distribution/uuid
-# github.com/docker/docker v24.0.0-rc.2.0.20230612074407-ed798d651a50+incompatible
+# github.com/docker/docker v24.0.0-rc.2.0.20230627140857-7f8b1cd7f928+incompatible
 ## explicit
 github.com/docker/docker/api
 github.com/docker/docker/api/types