Commit Graph

9647 Commits

Author SHA1 Message Date
Sebastiaan van Stijn 230d4d0bab
vendor: github.com/containerd/containerd v1.7.17
no changes in vendored code

full diff: https://github.com/containerd/containerd/compare/v1.7.15...v1.7.17

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 558a910b85)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-06-05 12:34:30 +02:00
Sebastiaan van Stijn 6d47c06b0d
vendor: tags.cncf.io/container-device-interface v0.7.2
no changes in vendored code

full diff: https://github.com/cncf-tags/container-device-interface/compare/v0.6.2...v0.7.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit be2c284ee2)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-06-05 12:34:30 +02:00
Sebastiaan van Stijn a6d757c0e3
vendor: github.com/Microsoft/hcsshim v0.11.5
full diff: https://github.com/Microsoft/hcsshim/compare/v0.11.4...v0.11.5

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 16c8f4942e)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-06-05 12:34:30 +02:00
Sebastiaan van Stijn c463d968fc
vendor: github.com/opencontainers/image-spec v1.1.0
full diff: https://github.com/opencontainers/image-spec/compare/v1.1.0-rc5...v1.1.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit b7548ba7f1)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-06-05 12:34:27 +02:00
Sebastiaan van Stijn a61a0c3ac9
Merge pull request #5118 from thaJeztah/26.1_backport_bump_go1.21.11
[26.1 backport] update to go1.21.11, Alpine 3.20
2024-06-05 00:11:37 +02:00
Sebastiaan van Stijn 0576b3dad7
update to go1.21.11
go1.21.11 (released 2024-06-04) includes security fixes to the archive/zip
and net/netip packages, as well as bug fixes to the compiler, the go command,
the runtime, and the os package. See the Go 1.21.11 milestone on our issue
tracker for details;

- https://github.com/golang/go/issues?q=milestone%3AGo1.21.11+label%3ACherryPickApproved
- full diff: https://github.com/golang/go/compare/go1.21.10...go1.21.11

From the security announcement;

We have just released Go versions 1.22.4 and 1.21.11, minor point releases.
These minor releases include 2 security fixes following the security policy:

- archive/zip: mishandling of corrupt central directory record

  The archive/zip package's handling of certain types of invalid zip files
  differed from the behavior of most zip implementations. This misalignment
  could be exploited to create an zip file with contents that vary depending
  on the implementation reading the file. The archive/zip package now rejects
  files containing these errors.

  Thanks to Yufan You for reporting this issue.

  This is CVE-2024-24789 and Go issue https://go.dev/issue/66869.

- net/netip: unexpected behavior from Is methods for IPv4-mapped IPv6 addresses

  The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected
  for IPv4-mapped IPv6 addresses, returning false for addresses which would
  return true in their traditional IPv4 forms.

  Thanks to Enze Wang of Alioth and Jianjun Chen of Zhongguancun Lab
  for reporting this issue.

  This is CVE-2024-24790 and Go issue https://go.dev/issue/67680.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 630e1d3e95)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-06-04 23:43:37 +02:00
Sebastiaan van Stijn 60b13f1f80
Dockerfile: update ALPINE_VERSION to 3.20
Update to the current version of Alpine, which is also the default for
the golang:alpine image

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit e70f68595d)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-06-04 23:43:33 +02:00
Laura Brehm 5dab29765f
Merge pull request #5108 from thaJeztah/26.1_backport_use_containerd_platforms
[26.1 backport] migrate to new github.com/containerd/platforms package
2024-06-03 17:04:53 +01:00
Sebastiaan van Stijn b600054c51
migrate to new github.com/containerd/platforms package
The github.com/containerd/containerd/platforms package was moved to a separate
module in preparation of the containerd v2.0 release.

Switch to the new module, which means we also remove containerd as a direct
dependency.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 7dc271a8be)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-06-03 17:45:45 +02:00
Laura Brehm 42912d4d68
Merge pull request #5102 from thaJeztah/26.1_backport_docs
[26.1 backport] assorted docs backports
2024-06-03 16:31:45 +01:00
Laura Brehm 28638aab95
Merge pull request #5103 from thaJeztah/26.1_backport_bump_gowinio
[26.1 backport] vendor: github.com/Microsoft/go-winio v0.6.2
2024-06-03 15:55:36 +01:00
Sebastiaan van Stijn e89982aea9
Merge pull request #5105 from laurazard/update-actions-26.1
[26.1 backport] gha: update to actions/upload-artifact@v4
2024-06-03 16:47:35 +02:00
Sebastiaan van Stijn dafe63b085
gha: update to actions/upload-artifact@v4
v3 is using Node.js 16 which are being deprecated:

    Node.js 16 actions are deprecated. Please update the following actions to use Node.js 20: actions/upload-artifact@v3. For more information see: https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/.

ci: incl. platform pair in artifact name

This fixes an the issue w/ `upload-artifact@v4`.
See: https://github.blog/2024-02-12-get-started-with-v4-of-github-actions-artifacts/#compatibility

Co-authored-by: Laura Brehm <laurabrehm@hey.com>
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit b9cd722595)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-06-03 16:41:45 +02:00
Sebastiaan van Stijn 7dfc99c17e
Merge pull request #5104 from thaJeztah/26.1_vendor_engine
[26.1] vendor: github.com/docker/docker v26.1.3
2024-06-03 15:08:09 +02:00
Sebastiaan van Stijn 079107e1bc
[26.1] vendor: github.com/docker/docker v26.1.3
no changes; same commit, but tagged

full diff: https://github.com/docker/docker/compare/8e96db1c328d...v26.1.3

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-06-03 14:06:05 +02:00
Sebastiaan van Stijn 14d7485d98
vendor: github.com/Microsoft/go-winio v0.6.2
- Fix compatibility with go1.22
- fileinfo: internally fix FileBasicInfo memory alignment (fixes compatibility
  with go1.22)
- Switch from syscall to golang.org/x/sys/windows
- Remove golang.org/x/mod as dependency
- Remove golang.org/x/tools as dependency

full diff: https://github.com/Microsoft/go-winio/compare/v0.6.1...v0.6.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 12aaeae21b)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-06-03 13:31:46 +02:00
Bjorn Neergaard 50bb59277a
docs: tidy up CDI docs
Signed-off-by: Bjorn Neergaard <bjorn.neergaard@docker.com>
(cherry picked from commit 116db4fc82)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-06-03 13:28:38 +02:00
cncal c4767b3141
docs: fix json syntax error
Signed-off-by: cncal <flycalvin@qq.com>
(cherry picked from commit 6a4d38c7f2)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-06-03 13:28:24 +02:00
Bjorn Neergaard 3f807ede91
Merge pull request #5083 from vvoland/v26.1-5078
[26.1 backport] plugins/hooks: Don't show empty hook messages
2024-05-31 14:08:59 -06:00
Sebastiaan van Stijn 836fc57e2a
Merge pull request #5095 from thaJeztah/26.1_backport_context_type_stub
[26.1 backport] context list: temporarily add ContextType to JSON output
2024-05-31 22:01:29 +02:00
Sebastiaan van Stijn 258e27438f
context list: temporarily add ContextType to JSON output
Docker Desktop currently ships with the "cloud integration" wrapper,
which outputs an additional ContextType field in the JSON output.

While this field is non-standard, it made its way into Visual Studio's
Docker integration, which uses this to exclude "aci" and "eci" context
types that are not supported by Visual Studio.

This patch;

- conditionally adds a ContextType field to the JSON output
- but ONLY when using the default "{{json .}}" or "json" formats
  (which are the formats used by Visual Studio)
- if the context is a "aci" or "eci" context, that type is
  preserved, otherwise the default "moby" type is used.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit fed9fa0f72)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-05-31 14:48:35 +02:00
Sebastiaan van Stijn 29cd8591ee
cli/command/context: list: add test for JSON output
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 40a1da8b42)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-05-31 14:48:19 +02:00
Sebastiaan van Stijn e23a63eb4c
cli/command/context: test inspecting context with custom metadata
The CLI does not currently expose options to add custom metadata to
contexts, but contexts support them.

- update test-utilities to allow setting custom metadata
- update the inspect test to verify that custom metadata is included
  when inspecting a context.
- update the import/export tests to verify that custom metadata
  is preserved.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 2e9eff235d)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-05-31 14:48:19 +02:00
Sebastiaan van Stijn 1e52a86d42
cli/command/context: add test-utility to create multiple contexts
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 54291dd47a)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-05-31 14:48:16 +02:00
Paweł Gronowski e382a5f225
plugins/hooks: Don't show empty hooks
Don't show `Next steps:` with no messages at all when plugin returns an
unitialized value of `HookMessage` (zero-initialization sets its type to
NextSteps and empty template).

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
(cherry picked from commit 296a6f5872)
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2024-05-20 17:58:52 +02:00
Paweł Gronowski b72abbb6f0
Merge pull request #5073 from vvoland/vendor-docker
[26.1] vendor: github.com/docker/docker v26.1.3-dev (8e96db1c328d)
2024-05-16 09:47:24 +02:00
Paweł Gronowski 26e9ff49c8
vendor: github.com/docker/docker v26.1.3-dev (8e96db1c328d)
- full diff: ef1912d8b6...8e96db1c32

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2024-05-15 13:01:52 +02:00
Paweł Gronowski 4021ee92fe
Merge pull request #5071 from laurazard/backport/5051-26.1
[26.1 backport] Add OTel instrumentation to CLI plugins
2024-05-15 11:24:12 +02:00
Laura Brehm 326c7138bb
OTel: implement missing MeterProvider `ForceFlush`
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
(cherry picked from commit 5f4f4f64d3)
2024-05-15 02:00:06 +01:00
Laura Brehm ee359a394b
OTel: add `command.time` metric to plugin commands
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
(cherry picked from commit f07834d185)
2024-05-15 02:00:05 +01:00
Laura Brehm 004e2925d7
Merge pull request #5070 from laurazard/backport/5067-26.1
[26.1 backport] Centralize init of Meter/TracerProviders
2024-05-14 16:52:23 +01:00
Christopher Petito 6691085012
Use funcs on DockerCli to return Meter/TracerProviders, not initialize them. Initialize them during DockerCli struct init
Signed-off-by: Christopher Petito <chrisjpetito@gmail.com>
(cherry picked from commit 02537eac59)
2024-05-14 16:31:06 +01:00
Sebastiaan van Stijn 60f2d38d53
Merge pull request #5068 from dvdksn/26.1_backport_doc-vxlan-listen-addr
[26.1 Backport] docs: clarify that --data-path-addr doesn't restrict access
2024-05-13 20:48:38 +02:00
David Karlsson 81b482ea5e docs: clarify that --data-path-addr doesn't restrict access
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
(cherry picked from commit faf096b25c)
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2024-05-13 19:01:26 +02:00
Paweł Gronowski 211e74b240
Merge pull request #5066 from vvoland/vendor-docker
[26.1] vendor: github.com/docker/docker v26.1.2-dev (ef1912d8b6ae)
2024-05-08 11:31:07 +02:00
Paweł Gronowski 8beff78d85
Merge pull request #5065 from vvoland/v26.1-5064
[26.1 backport] update to go1.21.10
2024-05-08 11:30:55 +02:00
Paweł Gronowski e64914c890
vendor: github.com/docker/docker v26.1.2-dev (ef1912d8b6ae)
- full diff: ac2de55998...ef1912d8b6

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2024-05-08 11:04:04 +02:00
Paweł Gronowski c1d70d1fbb
update to go1.21.10
These minor releases include 2 security fixes following the security policy:

- cmd/go: arbitrary code execution during build on darwin
On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to
usage of the -lto_library flag in a "#cgo LDFLAGS" directive.
Thanks to Juho Forsén of Mattermost for reporting this issue.
This is CVE-2024-24787 and Go issue https://go.dev/issue/67119.

- net: malformed DNS message can cause infinite loop
A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop.
Thanks to long-name-let-people-remember-you on GitHub for reporting this issue, and to Mateusz Poliwczak for bringing the issue to
our attention.
This is CVE-2024-24788 and Go issue https://go.dev/issue/66754.

View the release notes for more information:
https://go.dev/doc/devel/release#go1.22.3

- https://github.com/golang/go/issues?q=milestone%3AGo1.21.10+label%3ACherryPickApproved
- full diff: https://github.com/golang/go/compare/go1.21.9...go1.21.10

**- Description for the changelog**

```markdown changelog
Update Go runtime to 1.21.10
```

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
(cherry picked from commit eb99994c75)
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2024-05-08 09:52:05 +02:00
Paweł Gronowski 53a3f0be18
Merge pull request #5062 from laurazard/cherry-pick-run-hang
[26.1 backport] Fix hang when container fails to start
2024-05-07 13:35:09 +02:00
Laura Brehm 4add46d686
Add e2e tests for run w/ bad entrypoint
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
(cherry picked from commit 8d6e571c03)
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2024-05-07 11:57:36 +01:00
Laura Brehm ccea7d8a30
Fix hang when container fails to start
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
(cherry picked from commit 31644d5ea7)
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2024-05-07 11:57:24 +01:00
Paweł Gronowski 4cf5afaefa
Merge pull request #5047 from vvoland/v26.1-5038
[26.1 backport] cli-plugins: PluginRunCommand: use cmd.Environ instead of os.Environ
2024-04-30 13:40:03 +02:00
Paweł Gronowski 6c2b06d535
Merge pull request #5045 from vvoland/vendor-docker-26.1.1-dev
[26.1] vendor: github.com/docker/docker ac2de55998d4 (v26.1.1)
2024-04-30 13:12:54 +02:00
Sebastiaan van Stijn 1c6a8ecf2e
cli-plugins: PluginRunCommand: use cmd.Environ instead of os.Environ
Commit 5011759056 implemented a fix that
caused the current environment to be discarded, using `os.Environ()`.
On Windows, `os.Environ()` may produce an incorrect value for `PWD`,
for which a new function was added in go1.19;

- https://tip.golang.org/doc/go1.19#osexecpkgosexec
- https://go-review.googlesource.com/c/go/+/401340

Replace the use of `os.Environ()` with `cmd.Environ()` to address that.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 5ccb48459b)
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2024-04-30 13:03:15 +02:00
Paweł Gronowski 6d1c387af2
vendor: github.com/docker/docker ac2de55998d4 (v26.1.1)
full diff: c8af8ebe4a...ac2de55998

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2024-04-30 11:55:51 +02:00
Paweł Gronowski 1e6db5d24b
Merge pull request #5044 from vvoland/wait-cancel-noerror
[26.1 backport] waitExitOrRemoved: Handle context cancellation
2024-04-29 17:46:55 +02:00
Paweł Gronowski 840016ea05
waitExitOrRemoved: Handle context cancellation
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2024-04-29 16:46:11 +02:00
Paweł Gronowski 9714adc6c7
Merge pull request #5034 from vvoland/vendor-docker
vendor: github.com/docker/docker v26.1.0-dev (c8af8ebe4a89)
2024-04-22 19:00:04 +02:00
Paweł Gronowski aec1d364bf
vendor: github.com/docker/docker v26.1.0-dev (c8af8ebe4a89)
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2024-04-22 18:53:51 +02:00
Paweł Gronowski e397e505d9
Merge pull request #5033 from laurazard/hooks-error-message
hooks: pass command execution error to plugins
2024-04-22 18:49:19 +02:00