Commit Graph

36 Commits

Author SHA1 Message Date
Sebastiaan van Stijn 1850a0595b
cli/command/secret: G101: Potential hardcoded credentials (gosec)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-31 19:22:27 +01:00
Silvin Lubecki 6047259e5a
File is not `goimports`-ed (goimports)
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-10-31 19:22:24 +01:00
Sune Keller 217308d96d
Fix annotation on docker secret create --template-driver
Signed-off-by: Sune Keller <absukl@almbrand.dk>
2019-03-28 16:18:50 +01:00
Sebastiaan van Stijn f2424bd375
Fix labels copying value from environment variables
This patch fixes a bug where labels use the same behavior as `--env`, resulting
in a value to be copied from environment variables with the same name as the
label if no value is set (i.e. a simple key, no `=` sign, no value).

An earlier pull request addressed similar cases for `docker run`;
2b17f4c8a8, but this did not address the
same situation for (e.g.) `docker service create`.

Digging in history for this bug, I found that use of the `ValidateEnv`
function for  labels was added in the original implementation of the labels feature in
abb5e9a077 (diff-ae476143d40e21ac0918630f7365ed3cR34)

However, the design never intended it to expand environment variables,
and use of this function was either due to either a "copy/paste" of the
equivalent `--env` flags, or a misunderstanding (the name `ValidateEnv` does
not communicate that it also expands environment variables), and the existing
`ValidateLabel` was designed for _engine_ labels (which required a value to
be set).

Following the initial implementation, other parts of the code followed
the same (incorrect) approach, therefore leading the bug to be introduced
in services as well.

This patch:

- updates the `ValidateLabel` to match the expected validation
  rules (this function is no longer used since 31dc5c0a9a),
  and the daemon has its own implementation)
- corrects various locations in the code where `ValidateEnv` was used instead of `ValidateLabel`.

Before this patch:

```bash
export SOME_ENV_VAR=I_AM_SOME_ENV_VAR
docker service create --label SOME_ENV_VAR --tty --name test busybox

docker service inspect --format '{{json .Spec.Labels}}' test
{"SOME_ENV_VAR":"I_AM_SOME_ENV_VAR"}
```

After this patch:

```bash
export SOME_ENV_VAR=I_AM_SOME_ENV_VAR
docker service create --label SOME_ENV_VAR --tty --name test busybox

docker container inspect --format '{{json .Config.Labels}}' test
{"SOME_ENV_VAR":""}
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-19 03:01:57 +01:00
Vincent Demeester 69fdd2a4ad
formatter package heavy refactoring
- make it possible to extract the formatter implementation from the
  "common" code, that way, the formatter package stays small
- extract some formatter into their own packages

This is essentially moving the "formatter" implementation of each type
in their respective packages. The *main* reason to do that, is to be
able to depend on `cli/command/formatter` without depending of the
implementation detail of the formatter. As of now, depending on
`cli/command/formatter` means we depend on `docker/docker/api/types`,
`docker/licensing`, … — that should not be the case. `formatter`
should hold the common code (or helpers) to easily create formatter,
not all formatter implementations.

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2018-10-23 17:05:44 +02:00
Arash Deshmeh ceed42217d refactored all commands under cli/command/ to use sort.Slice instead of declaring custom types for sorting
Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>
2018-07-06 15:49:32 -04:00
Vincent Demeester 2c4de4fb5e
Update tests to use gotest.tools 👼
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2018-06-08 18:24:26 +02:00
Kir Kolyshkin 6f8070deb2 Switch from x/net/context to context
Since go 1.7, "context" is a standard package. Since go 1.9,
x/net/context merely provides some types aliased to those in
the standard context package.

The changes were performed by the following script:

for f in $(git ls-files \*.go | grep -v ^vendor/); do
	sed -i 's|golang.org/x/net/context|context|' $f
	goimports -w $f
	for i in 1 2; do
		awk '/^$/ {e=1; next;}
			/\t"context"$/ {e=0;}
			{if (e) {print ""; e=0}; print;}' < $f > $f.new && \
				mv $f.new $f
		goimports -w $f
	done
done

[v2: do awk/goimports fixup twice]
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2018-05-11 16:49:43 -07:00
Daniel Nephin e15b208e96 Convert assert.Check(t, is.Error()) to assert.Error
git grep -l -P '^\s+assert\.Check\(t, is\.Error\(' | \
    xargs perl -pi -e 's/^(\s+assert\.)Check\(t, is\.Error\((.*)\)$/\1Error(t, \2/'

Signed-off-by: Daniel Nephin <dnephin@docker.com>
2018-03-06 16:00:28 -05:00
Daniel Nephin 078cbc9c4b Convert assert.Check with
git grep -l -P '^\s+assert\.Check\(t, ' | \
    xargs perl -pi -e 's/^(\s+assert)\.Check(\(t, (?!is).*(\.Execute\(|\.Set\(|\.Write\(|\.Close\(|\.Untar\(|\.WriteFile\(|Validate\().*\)$)/\1.NilError\2/'

Signed-off-by: Daniel Nephin <dnephin@docker.com>
2018-03-06 15:43:53 -05:00
Daniel Nephin baf65a5502 Convert to assert.NilError
Using:

  git grep -l '^\s\+assert\.Check(t, err)$' | \
    xargs sed -i -e 's/^\(\s\+assert\)\.Check(t, err)$/\1.NilError(t, err)/'

Signed-off-by: Daniel Nephin <dnephin@docker.com>
2018-03-06 15:27:34 -05:00
Daniel Nephin 681c921528 Remove testutil
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2018-03-06 14:38:35 -05:00
Daniel Nephin 39c2ca57c1 Automated migration
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2018-03-05 19:41:17 -05:00
Sebastiaan van Stijn d11b5ccdfa
Add --template-driver option for secrets/configs
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2018-02-21 23:22:32 +01:00
Vincent Demeester 1a2244e384 Error out on orchestrator command that don't support k8s yet
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2017-12-26 11:46:59 +01:00
Daniel Nephin c0d004f7cf Update gometalinter
and enable the new WarnUnmatchedDirective to warn if a nolint is unnecessary.
remove some unnecessary nolint

Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-10-26 12:21:02 -04:00
Daniel Nephin 4205416c9b Update code for upstream cobra
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-10-25 14:49:26 -04:00
allencloud 26f06c5bcb sort secrets and configs in cli
Signed-off-by: Allen Sun <shlallen1990@gmail.com>
2017-09-25 13:18:13 +08:00
Liron Levin 0ee9e05d8f Plugable secret backend
This commit extends SwarmKit secret management with pluggable secret
backends support.
Following previous commits:
1. docker/swarmkit@eebac27434
2. docker/docker@08f7cf0526
Added driver parameter to `docker secret` command.

Specifically:

1. `docker secret create [secret_name] --driver [driver_name]`
2.  Displaying the driver in
```
    $ docker secret ls
    $ docker secret inspect [secret_name]
    $ docker secret inspect [secret_name] -pretty
```

Signed-off-by: Liron Levin <liron@twistlock.com>
2017-09-07 11:10:44 +03:00
Daniel Nephin 846a31aa50 Use new internal testutil.ErrorContains()
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-08-22 10:14:25 -04:00
Daniel Nephin b3f843afe2 Move internal/test package out of cli.
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-08-22 10:14:25 -04:00
Daniel Nephin 4c62d7288f Update service and secret command tests to new golden
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-08-16 14:23:28 -04:00
Sebastiaan van Stijn b9a7f35e02
Singularize / pluralize "argument(s)" in error message
The validation functions to test for the number of passed arguments did not
pluralize `argument(s)`, and used `argument(s)` in all cases.

This patch adds a simple `pluralize()` helper to improve this.

Before this change, `argument(s)` was used in all cases:

    $ docker container ls foobar
    "docker container ls" accepts no argument(s).

    $ docker network create one two
    "docker network create" requires exactly 1 argument(s).

    $ docker network connect
    "docker network connect" requires exactly 2 argument(s).

    $ docker volume create one two
    "docker volume create" requires at most 1 argument(s).

After this change, `argument(s)` is properly singularized or plurarized:

    $ docker container ls foobar
    "docker container ls" accepts no arguments.

    $ docker network create one two
    "docker network create" requires exactly 1 argument.

    $ docker network connect
    "docker network connect" requires exactly 2 arguments.

    $ docker volume create one two
    "docker volume create" requires at most 1 argument.

Test cases were updated accordingly.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-08-12 18:25:38 +02:00
Daniel Nephin 42a3800783 Update some tests to remove unnecessary buffers.
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-07-11 17:52:43 -04:00
Daniel Nephin 3da0cbfdd1 Remove unnecessary use of SetConfigfile
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-07-11 14:49:30 -04:00
Daniel Nephin 69b142b52a Update FakeCli to remove duplication in tests.
Use byte buffers by default, since that is what is done most of the time.

Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-07-11 14:49:30 -04:00
Arash Deshmeh 77062a09dc fixed the output leak from secret/remove command error test case
Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>
2017-06-09 13:21:14 -04:00
Vincent Demeester 44ac80881f
Update vendoring of docker/docker
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2017-06-06 00:23:21 +02:00
Aaron Lehmann 62567078ff Add --pretty option to "secret inspect" and "config inspect"
This adds a pretty template for both inspect subcommands. For configs,
it's particularly useful because it's a way to expose the config payload
in the CLI in a non-base64-encoded way.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2017-05-16 15:12:20 -07:00
Vincent Demeester d7f6563efc
Update cli imports to using local package
Also, rename a bunch of variable to not *shadow* the `opts` package
name.

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2017-05-15 14:45:19 +02:00
Aaron Lehmann db5620026d Add support for configs
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2017-05-11 13:42:49 -07:00
Daniel Nephin 37ccc00d0e Add interfacer linter
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-05-08 15:57:50 -04:00
Gaetan de Villele 295140edf2 cli: gofmt + goimports
Signed-off-by: Gaetan de Villele <gdevillele@gmail.com>
2017-05-08 10:51:30 -07:00
Tibor Vass 57230a7212 rm client and vendor it instead
Signed-off-by: Tibor Vass <tibor@docker.com>
2017-05-08 10:33:56 -07:00
Daniel Nephin 10641c2aae Update imports.
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-04-17 18:07:56 -04:00
Daniel Nephin 1630fc40f8 Import docker/docker/cli
Signed-off-by: Daniel Nephin <dnephin@gmail.com>
2017-04-17 17:40:59 -04:00