Split out a swarmCAOptions struct for options that are shared between
the ca and update commands.
Change the 'no trust root' message to an error.
Add some unit tests.
Signed-off-by: Daniel Nephin <dnephin@docker.com>
If a task encounters an error, the interactive "service create" and
"service update" commands should show that error instead of showing a
stuck progress bar.
To validate:
docker service create --detach=false --name broken --restart-condition=none --replicas 3 busybox asdf
and
docker service create --detach=false --name broken --mode global --restart-condition none busybox asdf
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
This was only showing tasks that belong to nodes that are currently up,
so that tasks on down nodes don't appear to be stuck. But this
unintentionally excludes tasks that haven't been assigned yet, so if a
task is stuck before assignment, for example because no nodes meet its
constraints, a progress bar won't even be shown. The check should only
apply to tasks that have a node assignment.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Running `docker inspect --format "{{.ID}} {{.Size}}" alpine` prints
sha256:651aa95985aa4a17a38ffcf71f598ec461924ca96865facc2c5782ef2d2be07f 3983636
While `docker inspect --format "{{.Id}} {{.Size}}" alpine` prints
sha256:651aa95985aa4a17a38ffcf71f598ec461924ca96865facc2c5782ef2d2be07f 3.983636e+06
This happens because "Id" is not a field of types.ImageInspect and thus
tryRawInspectFallback is called and converts the raw response into `interface{}`
using a JSON decoder. However, by default that decoder converts numbers into
`float64` unless `UseNumber` is set.
Signed-off-by: Boaz Shuster <ripcurld.github@gmail.com>
flags, including cert expiry, will be ignored, so warn if a user attempts
to use `docker swarm ca --cert-expiry` or something.
Signed-off-by: Ying Li <ying.li@docker.com>
This commit modifies config.json to allow for any proxies allowed in
build-args to be configured. These values will then be used
by default as build-args in docker build.
Signed-off-by: Dave Tucker <dt@docker.com>
Signed-off-by: zebrilee <zebrilee@gmail.com>
revert change on docker.go, set HasExperimental to true in cli.go
Signed-off-by: zebrilee <zebrilee@gmail.com>
This fix use `scope=swarm` for service related network inspect.
The purpose is that, in case multiple networks with the same
name exist in different scopes, it is still possible to obtain
the network for services.
This fix is related to moby/moby#33630 and docker/cli#167
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
If configs are declared for a service and pointing on an old
daemon, error out properly (instead of "page not found").
If there is no configs declared, don't call convertServiceConfigObjs
to avoid having an error.
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
Commit 78c204ef79 added
(f9bd8ec8b268581f93095c5a80679f0a8ff498bf in the moby repo)
a validation to prevent `--rollback` from being used
in combination with other flags that update the
service spec.
This validation was not taking into account that
some flags only affect the CLI behavior, and
are okay to be used when rolling back.
This patch updates the validation, and adds
`--quiet` and `--detach` to the list of allowed
flags.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The `docker login -e` / `docker login --email` option was deprecated in
Docker 1.11 (https://github.com/moby/moby/releases/tag/v1.11.0) through
aee260d4eb3aa0fc86ee5038010b7bbc24512ae5 (April 2016), and when used has
been outputing a deprecation warning since;
Flag --email has been deprecated, will be removed in 17.06.
Originally this option was scheduled to be removed in docker 1.13, but
extended to docker 17.06 due to a change in our deprecation policy.
Given that only docker 1.10 and older use this flag (which is EOL, including
for CS versions, as of February 2017), will now be removed.
With this patch, `docker login` will now produce an Error if the flag
is used.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The docker CLI matches objects either by ID _prefix_
or a full name match, but not partial name matches.
The correct order of resolution is;
- Full ID match (a name should not be able to mask an ID)
- Full name
- ID-prefix
This patch changes the way services are matched.
Also change to use the first matching service, if there's a
full match (by ID or Name) instead of continue looking for
other possible matches.
Error handling changed;
- Do not error early if multiple services were requested
and one or more services were not found. Print the
services that were not found after printing those that
_were_ found instead
- Print an error if ID-prefix matching is ambiguous
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Volumes tend to carry important data and pruning them on `docker system
prune` can easily cause unwanted data loss.
Let's play it safe and not prune volumes on `system prune` by default,
and instead provide an option.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
The current implementation of the ElectAuthServer doesn't handle well when the
default Registry server is not included in the response from the daemon Info
endpoint.
That leads to the storage and usage of the credentials for the default registry
(`https://index.docker.io/v1/`) under an empty string on the client config file.
Sample config file after a login via a Docker Daemon without Registry
information:
```json
{
"auths": {
"": {
"auth": "***"
}
}
}
```
That can lead to duplication of the password for the default registry and
authentication failures against the default registry if a pull/push is performed
without first authenticating via the misbehaving daemon.
Also, changes the output of the warning message from stdout to sdterr as
per dnephin suggestion.
Signed-off-by: Marcus Martins <marcus@docker.com>
be attached to special networks such as host and bridge. This fix brings
in the required changes to make sure the stack file accepts these
networks as well.
Signed-off-by: Madhu Venugopal <madhu@docker.com>
If use docker attach command to attach to a stop container, it will return
"You cannot attach to a stopped container" error, it's ok, but when
attach to a running container, it(docker attach) use inspect to check
the container's state, if it pass the state check on the client side,
and then the container is stopped, docker attach command still attach to
the container and not exit.
Signed-off-by: Shukui Yang <yangshukui@huawei.com>