mirror of https://github.com/docker/cli.git
Merge pull request #5207 from thaJeztah/bump_engine_27.0.3
vendor: github.com/docker/docker v27.0.3
This commit is contained in:
commit
ab2373a18e
|
@ -12,7 +12,7 @@ require (
|
||||||
github.com/creack/pty v1.1.21
|
github.com/creack/pty v1.1.21
|
||||||
github.com/distribution/reference v0.6.0
|
github.com/distribution/reference v0.6.0
|
||||||
github.com/docker/distribution v2.8.3+incompatible
|
github.com/docker/distribution v2.8.3+incompatible
|
||||||
github.com/docker/docker v27.0.2+incompatible
|
github.com/docker/docker v27.0.3+incompatible
|
||||||
github.com/docker/docker-credential-helpers v0.8.2
|
github.com/docker/docker-credential-helpers v0.8.2
|
||||||
github.com/docker/go-connections v0.5.0
|
github.com/docker/go-connections v0.5.0
|
||||||
github.com/docker/go-units v0.5.0
|
github.com/docker/go-units v0.5.0
|
||||||
|
|
|
@ -57,8 +57,8 @@ github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5
|
||||||
github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
|
github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
|
||||||
github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk=
|
github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk=
|
||||||
github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
|
github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
|
||||||
github.com/docker/docker v27.0.2+incompatible h1:mNhCtgXNV1fIRns102grG7rdzIsGGCq1OlOD0KunZos=
|
github.com/docker/docker v27.0.3+incompatible h1:aBGI9TeQ4MPlhquTQKq9XbK79rKFVwXNUAYz9aXyEBE=
|
||||||
github.com/docker/docker v27.0.2+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
|
github.com/docker/docker v27.0.3+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
|
||||||
github.com/docker/docker-credential-helpers v0.8.2 h1:bX3YxiGzFP5sOXWc3bTPEXdEaZSeVMrFgOr3T+zrFAo=
|
github.com/docker/docker-credential-helpers v0.8.2 h1:bX3YxiGzFP5sOXWc3bTPEXdEaZSeVMrFgOr3T+zrFAo=
|
||||||
github.com/docker/docker-credential-helpers v0.8.2/go.mod h1:P3ci7E3lwkZg6XiHdRKft1KckHiO9a2rNtyFbZ/ry9M=
|
github.com/docker/docker-credential-helpers v0.8.2/go.mod h1:P3ci7E3lwkZg6XiHdRKft1KckHiO9a2rNtyFbZ/ry9M=
|
||||||
github.com/docker/go v1.5.1-1.0.20160303222718-d30aec9fd63c h1:lzqkGL9b3znc+ZUgi7FlLnqjQhcXxkNM/quxIjBVMD0=
|
github.com/docker/go v1.5.1-1.0.20160303222718-d30aec9fd63c h1:lzqkGL9b3znc+ZUgi7FlLnqjQhcXxkNM/quxIjBVMD0=
|
||||||
|
|
|
@ -20,7 +20,6 @@ import (
|
||||||
"syscall"
|
"syscall"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/containerd/containerd/pkg/userns"
|
|
||||||
"github.com/containerd/log"
|
"github.com/containerd/log"
|
||||||
"github.com/docker/docker/pkg/idtools"
|
"github.com/docker/docker/pkg/idtools"
|
||||||
"github.com/docker/docker/pkg/ioutils"
|
"github.com/docker/docker/pkg/ioutils"
|
||||||
|
@ -675,9 +674,11 @@ func createTarFile(path, extractDir string, hdr *tar.Header, reader io.Reader, o
|
||||||
inUserns, bestEffortXattrs bool
|
inUserns, bestEffortXattrs bool
|
||||||
chownOpts *idtools.Identity
|
chownOpts *idtools.Identity
|
||||||
)
|
)
|
||||||
|
|
||||||
|
// TODO(thaJeztah): make opts a required argument.
|
||||||
if opts != nil {
|
if opts != nil {
|
||||||
Lchown = !opts.NoLchown
|
Lchown = !opts.NoLchown
|
||||||
inUserns = opts.InUserNS
|
inUserns = opts.InUserNS // TODO(thaJeztah): consider deprecating opts.InUserNS and detect locally.
|
||||||
chownOpts = opts.ChownOpts
|
chownOpts = opts.ChownOpts
|
||||||
bestEffortXattrs = opts.BestEffortXattrs
|
bestEffortXattrs = opts.BestEffortXattrs
|
||||||
}
|
}
|
||||||
|
@ -712,6 +713,7 @@ func createTarFile(path, extractDir string, hdr *tar.Header, reader io.Reader, o
|
||||||
|
|
||||||
case tar.TypeBlock, tar.TypeChar:
|
case tar.TypeBlock, tar.TypeChar:
|
||||||
if inUserns { // cannot create devices in a userns
|
if inUserns { // cannot create devices in a userns
|
||||||
|
log.G(context.TODO()).WithFields(log.Fields{"path": path, "type": hdr.Typeflag}).Debug("skipping device nodes in a userns")
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
// Handle this is an OS-specific way
|
// Handle this is an OS-specific way
|
||||||
|
@ -722,6 +724,11 @@ func createTarFile(path, extractDir string, hdr *tar.Header, reader io.Reader, o
|
||||||
case tar.TypeFifo:
|
case tar.TypeFifo:
|
||||||
// Handle this is an OS-specific way
|
// Handle this is an OS-specific way
|
||||||
if err := handleTarTypeBlockCharFifo(hdr, path); err != nil {
|
if err := handleTarTypeBlockCharFifo(hdr, path); err != nil {
|
||||||
|
if inUserns && errors.Is(err, syscall.EPERM) {
|
||||||
|
// In most cases, cannot create a fifo if running in user namespace
|
||||||
|
log.G(context.TODO()).WithFields(log.Fields{"error": err, "path": path, "type": hdr.Typeflag}).Debug("creating fifo node in a userns")
|
||||||
|
return nil
|
||||||
|
}
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -765,7 +772,7 @@ func createTarFile(path, extractDir string, hdr *tar.Header, reader io.Reader, o
|
||||||
}
|
}
|
||||||
if err := os.Lchown(path, chownOpts.UID, chownOpts.GID); err != nil {
|
if err := os.Lchown(path, chownOpts.UID, chownOpts.GID); err != nil {
|
||||||
msg := "failed to Lchown %q for UID %d, GID %d"
|
msg := "failed to Lchown %q for UID %d, GID %d"
|
||||||
if errors.Is(err, syscall.EINVAL) && userns.RunningInUserNS() {
|
if inUserns && errors.Is(err, syscall.EINVAL) {
|
||||||
msg += " (try increasing the number of subordinate IDs in /etc/subuid and /etc/subgid)"
|
msg += " (try increasing the number of subordinate IDs in /etc/subuid and /etc/subgid)"
|
||||||
}
|
}
|
||||||
return errors.Wrapf(err, msg, path, hdr.Uid, hdr.Gid)
|
return errors.Wrapf(err, msg, path, hdr.Uid, hdr.Gid)
|
||||||
|
@ -871,11 +878,6 @@ func NewTarballer(srcPath string, options *TarOptions) (*Tarballer, error) {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
whiteoutConverter, err := getWhiteoutConverter(options.WhiteoutFormat, options.InUserNS)
|
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
|
|
||||||
return &Tarballer{
|
return &Tarballer{
|
||||||
// Fix the source path to work with long path names. This is a no-op
|
// Fix the source path to work with long path names. This is a no-op
|
||||||
// on platforms other than Windows.
|
// on platforms other than Windows.
|
||||||
|
@ -885,7 +887,7 @@ func NewTarballer(srcPath string, options *TarOptions) (*Tarballer, error) {
|
||||||
pipeReader: pipeReader,
|
pipeReader: pipeReader,
|
||||||
pipeWriter: pipeWriter,
|
pipeWriter: pipeWriter,
|
||||||
compressWriter: compressWriter,
|
compressWriter: compressWriter,
|
||||||
whiteoutConverter: whiteoutConverter,
|
whiteoutConverter: getWhiteoutConverter(options.WhiteoutFormat),
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1080,10 +1082,7 @@ func Unpack(decompressedArchive io.Reader, dest string, options *TarOptions) err
|
||||||
defer pools.BufioReader32KPool.Put(trBuf)
|
defer pools.BufioReader32KPool.Put(trBuf)
|
||||||
|
|
||||||
var dirs []*tar.Header
|
var dirs []*tar.Header
|
||||||
whiteoutConverter, err := getWhiteoutConverter(options.WhiteoutFormat, options.InUserNS)
|
whiteoutConverter := getWhiteoutConverter(options.WhiteoutFormat)
|
||||||
if err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
|
|
||||||
// Iterate through the files in the archive.
|
// Iterate through the files in the archive.
|
||||||
loop:
|
loop:
|
||||||
|
|
|
@ -12,14 +12,11 @@ import (
|
||||||
"golang.org/x/sys/unix"
|
"golang.org/x/sys/unix"
|
||||||
)
|
)
|
||||||
|
|
||||||
func getWhiteoutConverter(format WhiteoutFormat, inUserNS bool) (tarWhiteoutConverter, error) {
|
func getWhiteoutConverter(format WhiteoutFormat) tarWhiteoutConverter {
|
||||||
if format == OverlayWhiteoutFormat {
|
if format == OverlayWhiteoutFormat {
|
||||||
if inUserNS {
|
return overlayWhiteoutConverter{}
|
||||||
return nil, errors.New("specifying OverlayWhiteoutFormat is not allowed in userns")
|
|
||||||
}
|
|
||||||
return overlayWhiteoutConverter{}, nil
|
|
||||||
}
|
}
|
||||||
return nil, nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
type overlayWhiteoutConverter struct{}
|
type overlayWhiteoutConverter struct{}
|
||||||
|
|
|
@ -2,6 +2,6 @@
|
||||||
|
|
||||||
package archive // import "github.com/docker/docker/pkg/archive"
|
package archive // import "github.com/docker/docker/pkg/archive"
|
||||||
|
|
||||||
func getWhiteoutConverter(format WhiteoutFormat, inUserNS bool) (tarWhiteoutConverter, error) {
|
func getWhiteoutConverter(format WhiteoutFormat) tarWhiteoutConverter {
|
||||||
return nil, nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
|
@ -11,7 +11,6 @@ import (
|
||||||
"strings"
|
"strings"
|
||||||
"syscall"
|
"syscall"
|
||||||
|
|
||||||
"github.com/containerd/containerd/pkg/userns"
|
|
||||||
"github.com/docker/docker/pkg/idtools"
|
"github.com/docker/docker/pkg/idtools"
|
||||||
"github.com/docker/docker/pkg/system"
|
"github.com/docker/docker/pkg/system"
|
||||||
"golang.org/x/sys/unix"
|
"golang.org/x/sys/unix"
|
||||||
|
@ -95,7 +94,10 @@ func getFileUIDGID(stat interface{}) (idtools.Identity, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// handleTarTypeBlockCharFifo is an OS-specific helper function used by
|
// handleTarTypeBlockCharFifo is an OS-specific helper function used by
|
||||||
// createTarFile to handle the following types of header: Block; Char; Fifo
|
// createTarFile to handle the following types of header: Block; Char; Fifo.
|
||||||
|
//
|
||||||
|
// Creating device nodes is not supported when running in a user namespace,
|
||||||
|
// produces a [syscall.EPERM] in most cases.
|
||||||
func handleTarTypeBlockCharFifo(hdr *tar.Header, path string) error {
|
func handleTarTypeBlockCharFifo(hdr *tar.Header, path string) error {
|
||||||
mode := uint32(hdr.Mode & 0o7777)
|
mode := uint32(hdr.Mode & 0o7777)
|
||||||
switch hdr.Typeflag {
|
switch hdr.Typeflag {
|
||||||
|
@ -107,12 +109,7 @@ func handleTarTypeBlockCharFifo(hdr *tar.Header, path string) error {
|
||||||
mode |= unix.S_IFIFO
|
mode |= unix.S_IFIFO
|
||||||
}
|
}
|
||||||
|
|
||||||
err := system.Mknod(path, mode, int(system.Mkdev(hdr.Devmajor, hdr.Devminor)))
|
return system.Mknod(path, mode, int(system.Mkdev(hdr.Devmajor, hdr.Devminor)))
|
||||||
if errors.Is(err, syscall.EPERM) && userns.RunningInUserNS() {
|
|
||||||
// In most cases, cannot create a device if running in user namespace
|
|
||||||
err = nil
|
|
||||||
}
|
|
||||||
return err
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func handleLChmod(hdr *tar.Header, path string, hdrInfo os.FileInfo) error {
|
func handleLChmod(hdr *tar.Header, path string, hdrInfo os.FileInfo) error {
|
||||||
|
|
|
@ -53,7 +53,7 @@ github.com/docker/distribution/registry/client/transport
|
||||||
github.com/docker/distribution/registry/storage/cache
|
github.com/docker/distribution/registry/storage/cache
|
||||||
github.com/docker/distribution/registry/storage/cache/memory
|
github.com/docker/distribution/registry/storage/cache/memory
|
||||||
github.com/docker/distribution/uuid
|
github.com/docker/distribution/uuid
|
||||||
# github.com/docker/docker v27.0.2+incompatible
|
# github.com/docker/docker v27.0.3+incompatible
|
||||||
## explicit
|
## explicit
|
||||||
github.com/docker/docker/api
|
github.com/docker/docker/api
|
||||||
github.com/docker/docker/api/types
|
github.com/docker/docker/api/types
|
||||||
|
|
Loading…
Reference in New Issue