Commit Graph

1108 Commits

Author SHA1 Message Date
Sebastiaan van Stijn 1fdbd6181e
docker ps: add State field to formatting
The State field allows printing the container state without
additional information about uptime, healthcheck, etc.

With this patch, the container's state can be printed independently:

```bash
docker ps -a --format '{{.State}}'
running
paused
exited
created
```

```bash
docker ps -a --format 'table {{.Names}}\t{{.State}}\t{{.Status}}'
NAMES                     STATE               STATUS
elastic_burnell           running             Up About a minute
pausie                    paused              Up 5 minutes (Paused)
peaceful_stonebraker      exited              Exited (0) 10 hours ago
vigilant_shaw             created             Created
```

```bash
docker ps -a --format 'raw'

container_id: 0445f73f3a71
image: docker-cli-dev
command: "ash"
created_at: 2019-07-12 11:16:11 +0000 UTC
state: running
status: Up 2 minutes
names: elastic_burnell
labels:
ports:

container_id: 1aff69a3912c
image: nginx:alpine
command: "nginx -g 'daemon of ..."
created_at: 2019-07-12 11:12:10 +0000 UTC
state: paused
status: Up 6 minutes (Paused)
names: pausie
labels: maintainer=NGINX Docker Maintainers <docker-maint@nginx.com>
ports: 80/tcp

container_id: d48acf66c318
image: alpine:3.9.3
command: "id -u"
created_at: 2019-07-12 00:52:17 +0000 UTC
state: exited
status: Exited (0) 10 hours ago
names: peaceful_stonebraker
labels:
ports:

container_id: a0733fe0dace
image: b7b28af77ffe
command: "/bin/sh -c '#(nop) ..."
created_at: 2019-07-12 00:51:29 +0000 UTC
state: created
status: Created
names: vigilant_shaw
labels:
ports:
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-07-12 13:31:16 +02:00
Sebastiaan van Stijn d6dd08d568
Detect Windows absolute paths on non-Windows CLI
When deploying a stack using a relative path as bind-mount
source in the compose file, the CLI converts the relative
path to an absolute path, relative to the location of the
docker-compose file.

This causes a problem when deploying a stack that uses
an absolute Windows path, because a non-Windows client will
fail to detect that the path (e.g. `C:\somedir`) is an absolute
path (and not a relative directory named `C:\`).

The existing code did already take Windows clients deploying
a Linux stack into account (by checking if the path had a leading
slash). This patch adds the reverse, and adds detection for Windows
absolute paths on non-Windows clients.

The code used to detect Windows absolute paths is copied from the
Golang filepath package;
1d0e94b1e1/src/path/filepath/path_windows.go (L12-L65)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-07-10 21:25:03 +02:00
Vincent Demeester c9db0fe938
Merge pull request #1968 from thaJeztah/skip_windows_permissions_check
Windows: skip permissions check on key
2019-07-05 10:16:21 +02:00
Silvin Lubecki efdf36fa81 Rollback config type interpolation on fields "parallelism" and "max_failure_ratio" were missing, as it uses the same type as update_config.
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-07-03 17:23:33 +02:00
Sebastiaan van Stijn ee29504923
Do not disable sig-proxy when using a TTY
This partially reverts e0b59ab52b,
and does not automatically disable proxying signals in TTY-mode

Before this change:
------------------------------------

Start a container with a TTY in one shell:

```
docker run -it --init --name repro-28872 busybox sleep 30
```

then, in another shell, kill the docker cli:

```
kill `pgrep -f repro-28872`
```

Notice that the CLI was killed, but the signal not forwarded to the container;
the container continues running

```
docker container inspect --format '{{ .State.Status }}' repro-28872
running

docker container rm -f repro-28872
```

After this change:
------------------------------------

Start a container with a TTY in one shell:

```
docker run -it --init --name repro-28872 busybox sleep 30
```

then, in another shell, kill the docker cli:

```
kill `pgrep -f repro-28872`
```

Verify that the signal was forwarded to the container, and the container exited

```
docker container inspect --format '{{ .State.Status }}' repro-28872
exited

docker container rm -f repro-28872
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-06-25 16:29:21 +02:00
Sebastiaan van Stijn 15d361fd77
Windows: skip permissions check on key
This code was attempting to check Linux file permissions
to determine if the key was accessible by other users, which
doesn't work, and therefore prevented users on Windows
to load keys.

Skipping this check on Windows (correspinding tests
were already skipped).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-06-25 00:12:01 +02:00
Sebastiaan van Stijn 4d7e6bf629
Fix advanced options for backward compatibility
For backward compatibility: if no custom options are provided for the network,
and only a single network is specified, omit the endpoint-configuration
on the client (the daemon will still create it when creating the container)

This fixes an issue on older versions of legacy Swarm, which did not support
`NetworkingConfig.EndpointConfig`.

This was introduced in 5bc09639cc (#1767)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-06-24 23:17:25 +02:00
Sebastiaan van Stijn 5f93509668
Fix detection of invalid context files when importing
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-06-06 09:56:40 +02:00
Goksu Toprak 291e86289b Introduce .zip import for docker context
Adds capabilities to import a .zip file with importZip.
Detects the content type of source by checking bytes & DetectContentType.
Adds LimitedReader reader, a fork of io.LimitedReader,
was needed for better error messaging instead of just getting back EOF.
We are using limited reader to avoid very big files causing memory issues.
Adds a new file size limit for context imports,
this limit is used for the main file for .zip & .tar and individual compressed
files for .zip.
Added TestImportZip that will check the import content type
Then will assert no err on Importing .zip file

Signed-off-by: Goksu Toprak <goksu.toprak@docker.com>
2019-05-29 12:58:45 -07:00
Ian Campbell c455193d14 Push check for kubernetes requirement down into the endpoint
This is less of a layering violation and removes some ugly hardcoded
`"kubernetes"` strings which were needed to avoid an import loop.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-20 13:28:11 +01:00
Ian Campbell 520be05c49 Dynamically register kubernetes context store endpoint type.
This removes the need for the core context code to import
`github.com/docker/cli/cli/context/kubernetes` which in turn reduces the
transitive import tree in this file to not pull in all of Kubernetes.

Note that this means that any calling code which is interested in the
kubernetes endpoint must import `github.com/docker/cli/cli/context/kubernetes`
itself somewhere in order to trigger the dynamic registration. In practice
anything which is interested in Kubernetes must import that package (e.g.
`./cli/command/context.list` does for the `EndpointFromContext` function) to do
anything useful, so this restriction is not too onerous.

As a special case a small amount of Kubernetes related logic remains in
`ResolveDefaultContext` to handle error handling when the stack orchestrator
includes Kubernetes. In order to avoid a circular import loop this hardcodes
the kube endpoint name.

Similarly to avoid an import loop the existing `TestDefaultContextInitializer`
cannot continue to unit test for the Kubernetes case, so that aspect of the
test is carved off into a very similar test in the kubernetes context package.

Lastly, note that the kubernetes endpoint is now modifiable via
`WithContextEndpointType`.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-20 13:28:11 +01:00
Ian Campbell f820766f6a Export `DefaultContextStoreConfig()` and `ResolveDefaultContext()`
These are needed by any dynamically registered (via
`RegisterDefaultStoreEndpoints`) endpoint type to write a useful/sensible unit
test.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-20 13:28:11 +01:00
Ian Campbell 1433e27420 Allow dynamically registered context endpoint to provide their defaults.
Previously an endpoint registered using `RegisterDefaultStoreEndpoints` would
not be taken into consideration by `resolveDefaultContext` and so could not
provide any details.

Resolve this by passing a `store.Config` to `resolveDefaultContext` and using
it to iterate over all registered endpoints. Any endpoint can ensure that their
type implements the new `EndpointDefaultResolver` in order to provide a default.

The Docker and Kubernetes endpoints are special cased, shortly the Kubernetes
one will be refactored to be dynamically registered.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-20 13:28:11 +01:00
Ian Campbell 4f14c4995e Add a helper to iterate over all endpoint types in a context store
Unused for now.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-20 13:28:11 +01:00
Ian Campbell 087c3f7d08 Support dynamic registration of context store endpoint types
This is a yet unused and the default set remains the same, no expected
functional change.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-20 13:28:11 +01:00
Ian Campbell d84e278aac fix a few typos
Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-20 13:28:11 +01:00
Sebastiaan van Stijn 57aa7731d0
Merge pull request #1887 from ijc/reduce-vendoring-impact
Allow vendorers of docker/cli to avoid transitively pulling in a big chunk if k8s too
2019-05-20 14:17:52 +02:00
Ian Campbell 33a9a63927 Revert "add a 10s timeout to the client object."
This reverts commit 59defcb34d which caused #1892
since the timeout applied not only to the dial phase but to everything, so it
would kill `docker logs -f ...` if the container was not chatty enough.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-17 10:35:01 +01:00
Ian Campbell 8635abd662 Use underlying `NewKubernetesConfig` directly from compose-on-kubernetes.
The comment on `github.com/docker/cli/kubernetes.NewKubernetesConfig` said:

    // Deprecated: Use github.com/docker/compose-on-kubernetes/api.NewKubernetesConfig instead

By making this switch in `github.com/docker/cli/context/kubernetes/load.go` we
break a vendoring chain:

`github.com/docker/cli/cli/command`
→ `vendor/github.com/docker/cli/cli/context/kubernetes/load.go`
  → `vendor/github.com/docker/cli/kubernetes`
     → `github.com/docker/compose-on-kubernetes/api/compose/...`

This means that projects which just want `github.com/docker/cli/cli/command`
(which is itself pulled in transitively by
`github.com/docker/cli/cli-plugins/plugin`) which do not themselves need the
compose-on-kubernetes API avoid a huge pile of transitive dependencies.

On one of my private projects the diff on the vendor dir is:

    280 files changed, 21 insertions(+), 211346 deletions(-)

and includes dropping:

* `github.com/docker/compose-on-kubernetes/api/compose/{clone,impersonation}`
* `github.com/docker/compose-on-kubernetes/api/compose/{v1alpha3,v1beta1,v1beta2,v1beta3}`
* `github.com/google/btree`
* `github.com/googleapis/gnostic`
* `github.com/gregjones/httpcache`
* `github.com/peterbourgon/diskv`
* `k8s.io/api/*` (_lots_ of subpackages)
* `k8s.io/client-go/{discovery,kubernetes/scheme}`

and I've gone from:

    $ du -sh vendor/k8s.io/
    8.1M	vendor/k8s.io/

to:

    $ du -sh vendor/k8s.io/
    2.1M	vendor/k8s.io/

(overall I went from 36M → 29M of vendor dir for this particular project)

The change to `cli/command/system/version.go` is just for consistency and
allows us to drop the now unused alias.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-14 15:43:15 +01:00
Ian Campbell 1e5129f027 rename package import kubcontext → kubecontext
The (small number) of other places which name this import use `kubecontext`,
make it consistent.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-14 13:46:40 +01:00
Silvin Lubecki 873afb9c94
Merge pull request #1845 from tiborvass/apiversion-negotiation
Apiversion negotiation
2019-05-14 10:27:05 +02:00
Tibor Vass 529ef6e89a vendor buildkit to f238f1e
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-05-14 01:29:18 +00:00
Tibor Vass c52e1f2487
context: ClientOpts() now includes WithAPIVersionNegotiation if version is missing
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-05-13 17:36:06 -07:00
Sebastiaan van Stijn 5f17b1d622
Merge pull request #1872 from ijc/reduce-connection-timeout
add a 10s timeout to the client object.
2019-05-13 17:00:06 -07:00
Ian Campbell ff44305c47 context: produce consistent output on `context create`.
Refactor `RunCreate` slightly so that all three paths always produce the same
output, namely the name of the new context of `stdout` (for scripting) and the
success log message on `stderr`.

Validate by extending the existing unit tests to always check the output is as
expected.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-13 16:42:03 +01:00
Ian Campbell 59defcb34d add a 10s timeout to the client object.
This partially mitigates #1739 ("Docker commands take 1 minute to timeout if
context endpoint is unreachable") and is a simpler alternative to #1747 (which
completely defers the client connection until an actual call is attempted).

Note that the previous 60s delay was the culmination of two separate 30s
timeouts since the ping is tried twice. This with this patch the overall
timeout is 20s. https://github.com/moby/moby/pull/39206 will remove the second
ping and once that propagates to this tree the timeout will be 10s.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-13 13:53:03 +01:00
Tibor Vass daca70d820 build: add --platform local
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-05-07 22:25:40 +00:00
Tibor Vass 8adcedd658 build: honor BUILDKIT_PROGRESS env config
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-05-07 22:16:01 +00:00
Zander Mackie 483c53ad9d Use single table for all ContainerImagePullPolicy tests
- Cleans up assertions
 - Centralizes and simplifies handler functions

Signed-off-by: Zander Mackie <zmackie@gmail.com>
2019-05-06 14:16:26 -07:00
Zander Mackie ffba7659cc Improve testing of never pull and always pull scenarios
Signed-off-by: Zander Mackie <zmackie@gmail.com>
2019-05-06 14:16:26 -07:00
Zander Mackie ec56136d61 Use closure for common pulling and tagging bevior in container creation
Signed-off-by: Zander Mackie <zmackie@gmail.com>
2019-05-06 14:16:26 -07:00
Zander Mackie 965664d89b Improve flow pull behavior before container creation.
- Also improve test coverage

Signed-off-by: Zander Mackie <zmackie@gmail.com>
2019-05-06 14:16:26 -07:00
Ravi Shekhar Jethani a06b5db594 Update cli/command/container/create.go
Co-Authored-By: Zanadar <zmackie@gmail.com>
Signed-off-by: Zander Mackie <zmackie@gmail.com>
2019-05-06 14:16:26 -07:00
Zander Mackie 22cd418967 Adds flag modifying pull behavior for running and creating containers
- Follows the proposal on issue [#34394](https://github.com/moby/moby/issues/34394)
 - Maintains current behavior as default (Pull image if missing)
 - Adds tristate flag allowing modification (PullMissing, PullAlways, PullNever)

Signed-off-by: Zander Mackie <zmackie@gmail.com>
2019-05-06 14:16:26 -07:00
Tõnis Tiigi 70f48f2231
Merge pull request #1840 from tiborvass/cli-plugin-aliases
cli-plugins: alias an existing allowed command (only builder for now)
2019-04-23 19:13:51 -07:00
Tibor Vass 1ed02c40fe cli-plugins: alias an existing allowed command (only builder for now)
With this patch it is possible to alias an existing allowed command.
At the moment only builder allows an alias.

This also properly puts the build command under builder, instead of image
where it was for historical reasons.

Signed-off-by: Tibor Vass <tibor@docker.com>
2019-04-19 01:26:45 +00:00
Sebastiaan van Stijn 8ca1f0bb7d
Merge pull request #1715 from AkihiroSuda/fix-bastion
commandconn: set SysProcAttr.Setsid (Fix DOCKER_HOST=ssh://host-behind-bastion)
2019-04-18 19:55:53 +02:00
Sebastiaan van Stijn d365225c32
Merge pull request #1838 from simonferquel/remove-context-in-function-names
Remove "context" from context store interfaces function names
2019-04-18 18:38:01 +02:00
Sebastiaan van Stijn 04751fd58e
Merge pull request #1830 from thaJeztah/use_google_shlex
Switch to google/shlex
2019-04-18 17:53:37 +02:00
Sebastiaan van Stijn 71570160c1
Merge pull request #1826 from thaJeztah/bump_engine2
bump docker/docker ed07e1152879a4d156dff2e86abca3c4c811e743
2019-04-18 17:48:44 +02:00
Simon Ferquel a3efd5d195 Cleanup context store interfaces
This remove the term "context" from context store interfaces, to make
them more concise

Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>
2019-04-18 15:49:36 +02:00
Sebastiaan van Stijn 84b3805feb
Merge pull request #1836 from simonferquel/context-export-source
Split the context store interface
2019-04-18 15:36:13 +02:00
Simon Ferquel 225c9b189a Split the context store interface
This is to make it easier to implement support for exporting contexts in
3rd party code, or to create mocks in tests.

2 exemples where it simplify things:
- docker-app desktop-specific context decorator (which rewrites parts of
the docker context to simplify UX when using on Docker Desktop contexts)
- ucp for including a context in the connection bundle

Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>
2019-04-18 15:03:46 +02:00
Tibor Vass 2432af701a
Merge pull request #1808 from martencassel/securityopt-systempaths-unconfined
add cli integration for unconfined systempaths
2019-04-16 11:48:43 -07:00
Sebastiaan van Stijn 49bd6b729d
Merge pull request #1835 from dhiltgen/refined_login_warning
Refine warning for storing registry passwords
2019-04-16 10:36:24 +02:00
Daniel Hiltgen 5b3f171482 Add unit test coverage for token auth
Signed-off-by: Daniel Hiltgen <daniel.hiltgen@docker.com>
2019-04-15 16:13:55 -07:00
Sebastiaan van Stijn d043ab5993
Merge pull request #1823 from simonferquel/refactor-kubernetes-extras
Regroup all kubernetes extra-fields under x-kubernetes
2019-04-14 22:59:41 +02:00
Daniel Hiltgen 80d2496f99 Refine warning for storing registry passwords
This change refines the warning message returned during docker login to
only warn for unencrypted storage when the users password is being stored.
If the remote registry supports identity tokens, omit the warning,
since those tokens can be independently managed and revoked.

Signed-off-by: Daniel Hiltgen <daniel.hiltgen@docker.com>
2019-04-14 08:33:53 -07:00
Sebastiaan van Stijn acb24f5164
Switch to google/shlex
The github.com/flynn-archive/go-shlex package is a fork of Google/shlex,
and the repository is now archived, so let's switch to the maintained
version.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-04-13 17:51:15 +02:00
Sebastiaan van Stijn f07e16d42c
bump docker/docker ed07e1152879a4d156dff2e86abca3c4c811e743
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-04-13 03:09:15 +02:00
Drew Erny 42ec51e1ae add support for config credentialspecs to compose
Signed-off-by: Drew Erny <drew.erny@docker.com>
2019-04-12 11:17:34 -05:00
Drew Erny 4cacd1304a Add CredentialSpec tests
Adds tests for setting and updating swarm service CredentialSpecs,
especially when using a Config as a credential spec.

Signed-off-by: Drew Erny <drew.erny@docker.com>
2019-04-12 11:17:34 -05:00
Drew Erny 01f4f2e80a Update CredentialSpec code to allow using configs
Updates the CredentialSpec handling code for services to allow using
swarm Configs.

Additionally, fixes a bug where the `--credential-spec` flag would not
be respected on service updates.

Signed-off-by: Drew Erny <drew.erny@docker.com>
2019-04-12 11:17:33 -05:00
Sebastiaan van Stijn 6511da877f Add support for using Configs as CredentialSpecs in services
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-04-12 11:17:29 -05:00
Sebastiaan van Stijn 8b9cdab4e6
Merge pull request #1783 from sirlatrom/stack_compose_secret_driver
Add driver field to top-level secret object
2019-04-12 18:15:36 +02:00
Simon Ferquel e0f20fd86a Regroup all kubernetes extra-fields under x-kubernetes
This regroup all Kubernetes extra fields for compose-on-kubernetes
v1alpha3 in a single x-kubernetes object.
Also use the same naming scheme as cap_add etc. for fiels inside this
object.

Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>
2019-04-12 15:46:11 +02:00
Sebastiaan van Stijn 409c590fcf
Merge pull request #1815 from simonferquel/expose-to-internal-ports
Support internal Load Balancing for Kubernetes stacks
2019-04-12 14:02:15 +02:00
Simon Ferquel cad20c759f Support internal Load Balancing for Kubernetes stacks
On the server v0.4.21 has introduced a better way of dealing with
intra-stack networking: if the user can specify a list of endpoints
exposed internally, we now can setup a ClusterIP for this to avoid the
pitfalls of DNS-based load balancing.
This exposes the feature using the "Expose" compose field, and adds an
extra x-internal-service-type field to explicitly define how intra-stack
networking is handled on a service.

Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>
2019-04-12 11:43:30 +02:00
Simon Ferquel 1cefe057cd Add warnings when DOCKER_HOST conflicts with contexts
For clarity, on `docker context use` or `docker context ls`, this adds a
warning if the DOCKER_HOST variable is set because it overrides the
active context.

Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>
2019-04-10 10:14:47 +02:00
Sebastiaan van Stijn d6af3e143e
Merge pull request #1773 from zappy-shu/create-context-from-current
add --from flag to context create
2019-04-09 16:38:46 +02:00
Mårten Cassel 5bc9f490a9 add cli integration for unconfined systempaths with unit test, implement suggested changes
Signed-off-by: Mårten Cassel <marten.cassel@gmail.com>
2019-04-05 15:46:15 +02:00
Sune Keller ed838bff1f Add test case
Signed-off-by: Sune Keller <absukl@almbrand.dk>
2019-04-05 12:01:21 +02:00
Sune Keller c662ba03de Make use of driver and driver_opts fields in secrets
Signed-off-by: Sune Keller <absukl@almbrand.dk>
2019-04-05 12:01:21 +02:00
Sune Keller 89f9d806ff Add driver and driver_opts to secret in compose schema 3.8
Signed-off-by: Sune Keller <absukl@almbrand.dk>
2019-04-05 12:01:21 +02:00
Tibor Vass 45ec86b10f vendor github.com/docker/docker to bcaa613d823
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-04-03 20:57:18 +00:00
Silvin Lubecki 39f30ef168
Merge pull request #1767 from thaJeztah/carry_317_network_advanced
[carry 317] Cli change to pass driver specific options to docker run
2019-04-03 17:00:03 +02:00
Sebastiaan van Stijn 7ad850e58d
Merge pull request #1800 from tonistiigi/update-buildkit
vendor: update buildkit to 62e55427
2019-04-03 16:56:05 +02:00
Sebastiaan van Stijn 5bc09639cc
Refactor network parsing, add preliminary support for multiple networks
This refactors the way networking options are parsed, and makes the
client able to pass options for multiple networks. Currently, the
daemon does not yet accept multiple networks when creating a container,
and will produce an error.

For backward-compatibility, the following global networking-related
options are associated with the first network (in case multiple
networks are set);

  - `--ip`
  - `--ip6`
  - `--link`
  - `--link-local-ip`
  - `--network-alias`

Not all of these options are supported yet in the advanced notation,
but for options that are supported, setting both the per-network option
and the global option will produce a "conflicting options" error.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-04-03 16:42:57 +02:00
Abhinandan Prativadi c4844b1fdd
Cli change to pass driver specific options to docker run
The commit contains cli changes to support driver options for a network in
docker run and docker network connect cli's. The driver-opt, aliases is now
supported in the form of csv as per network option in service commands in
swarm mode since docker/cli#62 . This commit extends this support to docker
run command as well.

For docker connect command `--driver-opt` is added to pass driver specific
options for the network the container is connecting to.

Signed-off-by: Abhinandan Prativadi <abhi@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-04-03 16:30:26 +02:00
Tonis Tiigi 198407c56b vendor: update buildkit to 62e55427
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-04-02 23:40:56 -07:00
Nick Adcock 8bb152d967 add --from option to context create
--from creates a context from a named context.
By default `context create` will create a context from the current context.
Replaced "from-current=" docker/kubernetes option with "from=" to allow specifying which context to copy the settings from.

Signed-off-by: Nick Adcock <nick.adcock@docker.com>
2019-04-02 13:41:47 +01:00
Tibor Vass 5bbb56bfee
Merge pull request #1772 from AkihiroSuda/dialstdio-1736
dial-stdio: fix goroutine leakage
2019-04-01 15:17:10 -07:00
Simon Ferquel 8cd74eb33a Fix the stack informer's selector used to track deployment
Old selector was wrong (it watched for the label we applied to child
resources when reconciling the stack, instead of the stack itself)

This should be back-ported to older version of the CLI

Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>
2019-04-01 15:18:55 +02:00
Sebastiaan van Stijn f28d078426
Merge pull request #1577 from orisano/1576-improve-validate-context-directory
feat: improves ValidateContextDirectory performance
2019-04-01 13:22:27 +02:00
Sebastiaan van Stijn aa53429cb7
Merge pull request #1774 from zappy-shu/bump-kubernetes-1-13-4
bump kubernetes to v1.14.0
2019-04-01 11:49:52 +02:00
Sebastiaan van Stijn 51235e8253
Merge pull request #1787 from ijc/cli-plugins-help-options
cli-plugins: Reinstate deprecated `-h` short form of `--help`.
2019-03-29 17:13:42 +01:00
Sebastiaan van Stijn 2236568053
Merge pull request #1789 from djs55/fix-login-logout
Fix login logout when engine is down and credential helper is in use
2019-03-29 15:39:55 +01:00
Nick Adcock 0b6685bca8 bump kubernetes to v1.14.0
bump required:
- replacing vendor ghodss/yaml with sigs.k8s.io/yaml
- adding vendor k8s.io/klog and github.com/evanphx
- compose-on-kubernetes
removed 'IncludeUninitialized' from watch as it have been removed from k8s

Signed-off-by: Nick Adcock <nick.adcock@docker.com>
2019-03-29 09:20:28 +00:00
David Scott c9d0e47414 Simplify ElectAuthServer
Instead of using an `if else if else`, switch to a sequence of independent
`if` blocks containing a `return`.

Instead of defining a return variable and updating it in the `if` blocks
and returning at the end, make each `if` block return the desired value
independenly.

Signed-off-by: David Scott <dave.scott@docker.com>
2019-03-28 21:08:13 +00:00
David Scott a82e6868cc Use the default registry even without --debug
Previously if the Docker engine was not running the behaviour of
commands would vary depending on whether the --debug flag was provided.

For example, consider `docker logout`:

    $ docker logout
    Not logged in to

-- note the missing server URL

    $ docker --debug logout
    Warning: failed to get default registry endpoint from daemon (Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?). Using system default: https://index.docker.io/v1/
    Not logged in to https://index.docker.io/v1/

-- note the server URL is present

This patch makes only the debug printing conditional on the `--debug` flag,
not the return value.

Signed-off-by: David Scott <dave.scott@docker.com>
2019-03-28 21:04:39 +00:00
Ian Campbell 8f3798cf04 cli-plugins: Reinstate deprecated `-h` short form of `--help`.
In the initial implementation I thought it would be good to not pass on the
deprecation to plugins (since they are new). However it turns out this causes
`docker helloworld -h` to print a spurious "pflag: help requested" line:

    $ docker helloworld -h
    pflag: help requested
    See 'docker helloworld --help'.

    Usage:	docker helloworld [OPTIONS] COMMAND

    A basic Hello World plugin for tests
    ...

Compared with:

    $ docker ps -h
    Flag shorthand -h has been deprecated, please use --help

    Usage:	docker ps [OPTIONS]

This is in essence because having the flag undefined hits a different path
within cobra, causing `c.execute()` to return early due to getting an error
(`flag.ErrHelp`) from `c.ParseFlags`, which launders the error through our
`FlagErrorFunc` which wraps it in a `StatusError` which in turn defeats an `if
err == flag.ErrHelp` check further up the call chain. If the flag is defined we
instead hit a path which returns a bare `flag.ErrHelp` without wrapping it.

I considered updating our `FlagErrorFunc` to not wrap `flag.ErrHelp` (and then
following the chain to the next thing) however while doing that I realised that
the code for `-h` (and `--help`) is deeply embedded into cobra (and its flags
library) such that actually using `-h` as a plugin argument meaning something
other than `help` is basically impossible/impractical. Therefore we may as well
have plugins behave identically to the monolithic CLI and support (deprecated)
the `-h` argument.

With this changed the help related blocks of `SetupRootCommand` and
`SetupPluginRootCommand` are now identical, so consolidate into
`setupCommonRootCommand`.

Tests are updated to check `-h` in a variety of scenarios, including the happy
case here.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-03-28 17:18:20 +00:00
Sune Keller 217308d96d
Fix annotation on docker secret create --template-driver
Signed-off-by: Sune Keller <absukl@almbrand.dk>
2019-03-28 16:18:50 +01:00
Nao YONASHIRO 446762dc19 test: add filepathMatches test
Signed-off-by: Nao YONASHIRO <owan.orisano@gmail.com>
2019-03-28 01:22:11 +09:00
Nao YONASHIRO b41ddc6058 feat: improves ValidateContextDirectory performance
Signed-off-by: Nao YONASHIRO <owan.orisano@gmail.com>
2019-03-28 01:20:42 +09:00
Akihiro Suda f8d4c443ba dial-stdio: fix goroutine leakage
Fix #1736

Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2019-03-22 20:22:00 +09:00
Lifubang 06e250d37b add test case for DetectArchiveReader
Signed-off-by: Lifubang <lifubang@acmcoder.com>
2019-03-21 15:38:31 -07:00
Kir Kolyshkin 0c20554f69 image build: fix archive detection
As pointed out in #1459, docker cli fails to detect that the input is a tarball,
in case it is generated by `git archive --format=tgz`.

This happens because `git archive` adds some metadata to the initial tar header,
and so it is more than 1 block (of 512 bytes) long, while we only provide 1 block
to archive/tar.Next() and it fails.

To fix, give it 2 blocks :)

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2019-03-21 15:38:07 -07:00
Tõnis Tiigi dca6d2afa1
Merge pull request #1765 from thaJeztah/carry_181_pids_limit
Add `--pids-limit` flag to `docker update`
2019-03-21 14:11:09 -07:00
Sebastiaan van Stijn 059c085261
Merge pull request #1714 from tiborvass/nvidia-gpu
container: --gpus support
2019-03-21 21:26:16 +01:00
Tibor Vass 1ba368a5ac container: --gpus support
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-03-21 20:14:25 +00:00
Tibor Vass bc5ad41e87
Merge pull request #1766 from tonistiigi/outputs
build: allow setting buildkit outputs
2019-03-21 10:49:46 -07:00
Tonis Tiigi ca6eb5049b build: allow setting buildkit outputs
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-03-21 10:27:59 -07:00
Simon Ferquel 470afe11ed Fix annnotation on docker config create --template-driver
Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>
2019-03-21 16:19:06 +01:00
Sunny de3a5f0fe5
Add `--pids-limit` flag to `docker update`
Signed-off-by: Sunny Gogoi <indiasuny000@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-21 01:20:32 +01:00
Vincent Demeester f762697628
Merge pull request #1756 from thaJeztah/bump_engine_no_buildkit
Update docker/docker, containerd, runc, and some dependencies
2019-03-20 11:35:55 +01:00
Sebastiaan van Stijn fd769e1aff
Update docker/docker to 827cb09f87964ed38b46502f22a585f2ed4a78e1
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-19 22:21:51 +01:00
Sebastiaan van Stijn f620349837
Add systctl support for services
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-19 13:33:32 +01:00
Vincent Demeester a4a50de4b8
Merge pull request #1671 from thaJeztah/fix_labels_expanding_env_vars
Fix labels copying value from environment variables
2019-03-19 12:18:55 +01:00
Vincent Demeester fc9ef7087e
Merge pull request #1732 from sjeandeaux/fix/issue-117
[pretty print] pretty print and healthcheck
2019-03-19 11:54:41 +01:00
Sebastiaan van Stijn b5d0d179e7
Add back validation for invalid label values on containers
This adds validation to `docker container run` / `docker container create`;

Validation of labels provided through flags was removed in 31dc5c0a9a,
after the validation was changed to fix labels without values, and to prevent
labels from being expanded with environment variables in 2b17f4c8a8

However, now empty label names from _files_ (`--label-file`) followed different
validation rules than labels passed through `--label`.

This patch adds back minimal validation for labels passed through the command-line

Before this patch:

```bash
docker container create \
  --name label \
  --label==with-leading-equal-sign \
  --label=without-value \
  --label=somelabel=somevalue \
  --label "  =  " \
  --label=with-quotes-in-value='{"foo"}' \
  --label='with"quotes"in-key=test' \
  busybox

docker container inspect --format '{{json .Config.Labels}}' label
```

```json
{
  "": "with-leading-equal-sign",
  "  ": "  ",
  "somelabel": "somevalue",
  "with\"quotes\"in-key": "test",
  "with-quotes-in-value": "{\"foo\"}",
  "without-value": ""
}
```

After this patch:

```bash
docker container create \
  --name label \
  --label==with-leading-equal-sign \
  --label=without-value \
  --label=somelabel=somevalue \
  --label "  =  " \
  --label=with-quotes-in-value='{"foo"}' \
  --label='with"quotes"in-key=test' \
  busybox

invalid argument "=with-leading-equal-sign" for "-l, --label" flag: invalid label format: "=with-leading-equal-sign"
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-19 03:02:06 +01:00