Commit Graph

1800 Commits

Author SHA1 Message Date
Sebastiaan van Stijn 0d5df48121
Merge pull request #4520 from thaJeztah/24.0_backport_patternmatcher_dockerignore
[24.0 backport] replace dockerfile/dockerignore with patternmatcher/ignorefile
2023-08-23 14:04:04 +02:00
Sebastiaan van Stijn 710dd00e95
replace dockerfile/dockerignore with patternmatcher/ignorefile
The BuildKit dockerignore package was migrated to the patternmatcher
repository / module. This patch updates our uses of the BuildKit package
with its new location.

A small local change was made to keep the format of the existing error message,
because the "ignorefile" package is slightly more agnostic in that respect
and doesn't include ".dockerignore" in the error message.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 5bff12354d)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-23 13:22:56 +02:00
Sebastiaan van Stijn 3c6c0bce1c
cli/registry/client: set actions when authn with token
When using a personal access token, Docker Hub produces an error if actions
are requested beyond the token's allowed actions. This resulted in errors
when using a PAT with limited permissions to do a "docker manifest inspect".

This patch sets actions to "pull" only by default, and requests "push" action
for requests that need it.

To verify:

- create a PAT with limited access (read-only)
- log in with your username and the PAT as password

Before this patch:

    docker manifest inspect ubuntu:latest
    Get "https://registry-1.docker.io/v2/library/ubuntu/manifests/latest": unauthorized: access token has insufficient scopes

With this patch applied:

    docker manifest inspect ubuntu:latest
    {
       "schemaVersion": 2,
       "mediaType": "application/vnd.oci.image.index.v1+json",
       "manifests": [
          {
             "mediaType": "application/vnd.oci.image.manifest.v1+json",
             "size": 424,
             "digest": "sha256:56887c5194fddd8db7e36ced1c16b3569d89f74c801dc8a5adbf48236fb34564",
             "platform": {
                "architecture": "amd64",
                "os": "linux"
             }
          },
          {
             "mediaType": "application/vnd.oci.image.manifest.v1+json",
             "size": 424,
             "digest": "sha256:c835a4f2a632bc91a2b494e871549f0dd83f2966c780e66435774e77e048ddf0",
             "platform": {
                "architecture": "arm",
                "os": "linux",
                "variant": "v7"
             }
          }
       ]
    }

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit d2047b954e)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-22 21:55:01 +02:00
Djordje Lukic 11606268f8
login: Add message about using PATs
Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>
(cherry picked from commit 8d51f36ca3)
Signed-off-by: Bjorn Neergaard <bjorn.neergaard@docker.com>
2023-08-17 06:56:09 -06:00
Danial 1ee40e2c74
configfile: Initialize nil AuthConfigs
Initialize AuthConfigs map if it's nil before returning it.
This fixes fileStore.Store nil dereference panic when adding a new key
to the map.

Signed-off-by: Danial Gharib <danial.mail.gh@gmail.com>
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
(cherry picked from commit ad43df5e86)
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-07-19 16:00:16 +02:00
Paweł Gronowski bfe2ff8208
cli/container: Don't ignore error when parsing volume spec
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
(cherry picked from commit fe7afb700f)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-15 00:06:57 +02:00
Laura Brehm 2d5f041bde
commandconn: return original error while closing
Changes the `Read` and `Write` error handling
logic to return the original error while closing
the connection. We still skip calling `handleEOF`
if already closing the connection.

Fixes the flaky `TestCloseWhileWriting` and
`TestCloseWhileReading` tests.

Co-authored-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
(cherry picked from commit d5f564adaa)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-30 19:23:36 +02:00
Laura Brehm 520e3600ee
commandconn: don't return error if command closed successfully
---
commandconn: fix race on `Close()`

During normal operation, if a `Read()` or `Write()` call results
in an EOF, we call `onEOF()` to handle the terminating command,
and store it's exit value.

However, if a Read/Write call was blocked while `Close()` is called
the in/out pipes are immediately closed which causes an EOF to be
returned. Here, we shouldn't call `onEOF()`, since the reason why
we got an EOF is because we're already terminating the connection.
This also prevents a race between two calls to the commands `Wait()`,
in the `Close()` call and `onEOF()`

---
Add CLI init timeout to SSH connections

---
connhelper: add 30s ssh default dialer timeout

(same as non-ssh dialer)

Signed-off-by: Laura Brehm <laurabrehm@hey.com>
(cherry picked from commit a5ebe2282a)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-30 19:23:12 +02:00
Sebastiaan van Stijn cd68c8f003
docker info: fix condition for printing debug information
The daemon collects this information regardless if "debug" is
enabled. Print the debugging information if either the daemon,
or the client has debug enabled.

We should probably improve this logic and print any of these if
set (but some special rules are needed for file-descriptors, which
may use "-1".

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 92d7a234dd)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-30 15:15:38 +02:00
Sebastiaan van Stijn 8e3a2942a5
cli/command/context: don't use pkg/homedir in test
I'm considering deprecating the "Key()" utility, as it was only
used in tests.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 79ff64f06d)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-26 13:37:34 +02:00
Sebastiaan van Stijn f66f7ed7ff
cli/command: fix GoDoc referencing wrong const
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 0692d762ac)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-02 14:13:14 +02:00
David Karlsson 52ac1a974c docs: update description for docker -H flag
Signed-off-by: David Karlsson <david.karlsson@docker.com>
(cherry picked from commit 759fa585cf)
Signed-off-by: David Karlsson <david.karlsson@docker.com>
2023-05-08 15:16:07 +02:00
Sebastiaan van Stijn 8fc956ce77
Merge pull request #4244 from thaJeztah/update_engine_next
vendor: github.com/docker/docker github.com/docker/docker v24.0.0-rc.1.0.20230505222407-8d9a40a82034 (v24.0.0-rc.2)
2023-05-06 01:32:38 +02:00
Brian Goff f4201b9302
Merge pull request #4073 from panekj/feat/ssh-socket-path
connhelper: Allow socket path when using SSH
2023-05-05 15:50:18 -07:00
Sebastiaan van Stijn 9f15ba0d13
Merge pull request #4156 from AkihiroSuda/docker-run-annotation
cli/command/container: implement `docker run --annotation`
2023-05-06 00:49:15 +02:00
Sebastiaan van Stijn 4f97f55999
vendor: github.com/docker/docker v24.0.0-rc.1.0.20230505222407-8d9a40a82034
This will be v24.0.0-rc.2

full diff: https://github.com/docker/docker/compare/v24.0.0-rc.1...8d9a40a820349860405e142249c55215aa4da8e3

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-06 00:34:34 +02:00
Sebastiaan van Stijn 155f7d9e2b
cli/command/system: add utilities for printing
Adding some utilities to print the output, to keep the linters happier
without having to either suppress errors, or ignore them.

Perhaps we should consider adding utilities for this on the "command.Streams"
outputs.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-02 16:55:12 +02:00
Sebastiaan van Stijn 1e89037d72
cli/command/system: prettyInfo: accept Streams
No need to pass whole of DockerCLI, as all it needs is the outputs.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-02 16:54:05 +02:00
Sebastiaan van Stijn 8cfefc6ea2
cli/command/system: prettyPrintServerInfo: accept Streams
No need to pass whole of DockerCLI, as all it needs is the outputs.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-02 16:51:32 +02:00
Sebastiaan van Stijn ba7a200f0a
cli/command/system: prettyPrintClientInfo: accept Streams
No need to pass whole of DockerCLI, as all it needs is the outputs.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-02 16:50:54 +02:00
Sebastiaan van Stijn 73938cd618
cli/command/system: printSwarmInfo(): accept io.Writer
Don't require whole of DockerCLI to be passed, as all we need is a writer.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-02 16:50:29 +02:00
Sebastiaan van Stijn 2d0ea86b0a
cli/command/system: use io.Writer for printing warnings
Don't require whole of DockerCLI to be passed, as all we need is a writer.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-02 16:17:00 +02:00
Sebastiaan van Stijn be6f4cd56c
cli/command/system: prettyPrintServerInfo: refactor printing "runtimes"
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-02 16:05:52 +02:00
Sebastiaan van Stijn 1d70f7cdb4
cli/command/system: prettyPrintServerInfo: rename var that collided with import
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-02 16:01:46 +02:00
Sebastiaan van Stijn 416e55bedb
github.com/docker/cli/cli/command/system: add BenchmarkPrettyPrintInfo
goos: linux
    goarch: arm64
    pkg: github.com/docker/cli/cli/command/system
    BenchmarkPrettyPrintInfo
    BenchmarkPrettyPrintInfo-5   	  189028	      6156 ns/op	    1776 B/op	      88 allocs/op

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-02 15:49:16 +02:00
Sebastiaan van Stijn bd2c26328f
vendor: github.com/docker/docker v24.0.0-rc.1
full diff: https://github.com/docker/docker/compare/v24.0.0-beta.2...v24.0.0-rc.1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-28 17:56:17 +02:00
Sebastiaan van Stijn f02301ab5d
remove uses of deprecated VirtualSize field
The VirtualSize field is deprecated and the upcoming API version v1.44
will no longer propagate the field. See:
1261fe69a3,

Given that in docker 1.10 and up (API v1.22), the VirtualSize and Size
fields contain the same value, and the "df" endpoint was not supported
until API v1.25, we can "safely" use Size instead; see:

- 4ae7176ffb
- 4352da7803

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-28 14:58:53 +02:00
Sebastiaan van Stijn 59b07b7253
Merge pull request #4045 from vvoland/test-e2e-arm64-fixes
test/e2e: Fix running `test-e2e` on non-amd64 platforms
2023-04-27 11:41:43 +02:00
Paweł Gronowski ec5504a83f
test/e2e: Use "frozen" tag to reference test images
This makes it possible to update the image loaded for e2e tests without
modifying all tests that use them.

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-04-27 10:57:57 +02:00
Sebastiaan van Stijn 019657a986
Merge pull request #4174 from thaJeztah/remove_deprecated_streams
cli/command: remove deprecated Stream types
2023-04-26 13:10:21 +02:00
Sebastiaan van Stijn 04bf047a2c
Merge pull request #4205 from thaJeztah/info_dont_depend_on_IndexServerAddress
cli/command/system: prettyPrintServerInfo: don't depend on IndexServerAddress and credential-store
2023-04-26 13:07:01 +02:00
Sebastiaan van Stijn c180202cea
cli/command: remove deprecated Stream types
These were deprecated in eb0ba4f8d5, which
was part of docker 19.03, so users should have had a chance to migrate.

This removes InStream, OutStream, NewInStream and NewOutStream

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-25 11:07:45 +02:00
Sebastiaan van Stijn 0dec5d20a2
volumes: prune: add --all / -a option
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-20 23:31:47 +02:00
Sebastiaan van Stijn d4f2609ce8
Merge pull request #4216 from vvoland/buildkit-empty
Handle empty DOCKER_BUILDKIT like unset
2023-04-19 20:28:36 +02:00
Paweł Gronowski ff7f76af7a
Handle empty DOCKER_BUILDKIT like unset
This fixes the cli erroring out if the variable is set to an empty
value.

```
$ export DOCKER_BUILDKIT=
$ docker version
DOCKER_BUILDKIT environment variable expects boolean value: strconv.ParseBool: parsing "": invalid syntax
```

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-04-19 14:17:01 +02:00
Laura Brehm 271b9667ee
Swarm: allow additional properties in `build`
Since Swarm does not use the `build` section, there's no reason to validate properties here.
This makes it so we don't have to keep updating the schema in the CLI to support properties
added in the Compose Spec for build, and does not imply any new feature support since Swarm
does not consider this section.

Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2023-04-18 14:51:49 +01:00
Laura Brehm e2bfd21991
cli/compose: add schema 3.11 (no changes with 3.10 yet)
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2023-04-18 14:51:27 +01:00
Akihiro Suda 88be16cb5b
cli/command/container: implement `docker run --annotation`
For moby/moby PR 45025 (Docker v24, API v1.43).

`docker run --annotation foo=bar` is similar to `podman run --annotation foo=bar`,
however, unlike Podman, Docker implementation also accepts an annotation with an empty value.
(`docker run --annotation foo`)

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2023-04-14 12:59:12 +09:00
Sebastiaan van Stijn da3871fd8e
cli/command/system: printServerWarnings: use client API version from info
Set the client's API version that's used in the info, instead of requesting
it as part of printing.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-14 00:49:49 +02:00
Sebastiaan van Stijn be307c5792
cli/command/system: prettyPrintServerInfo: move out collecting username
Make this function only _print_ the info we have, and not read the username
from the credential-store.

This patch adds a Username field to the (local) `info` type, and sets it
when needed, so that prettyPrintServerInfo only has to format and print
the information, instead of calling out to the credential-store.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-14 00:25:08 +02:00
Sebastiaan van Stijn 71fde20e17
cli/command/system: prettyPrintServerInfo: simplify username
Starting with b4ca1c7368, docker login
no longer depends on info.IndexServerAddress to determine the default
registry.

The prettyPrintServerInfo() still depended on this information, which
could potentially show the wrong information.

This patch changes it to also depend on the same information as docker login
now does.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-14 00:22:47 +02:00
Sebastiaan van Stijn fcd3bca1e7
Merge pull request #4204 from thaJeztah/docker_info_remove_registry
docker info: don't print "registry" (IndexServerAddress)
2023-04-13 20:23:15 +02:00
Sebastiaan van Stijn 375b17a312
docker info: don't print "registry" (IndexServerAddress)
The IndexServerAddress field was  as part of the initial Windows implementation
of the engine. For legal reasons, Microsoft Windows (and thus Docker images
based on Windows) were not allowed to be distributed through non-Microsoft
infrastructure. As a temporary solution, a dedicated "registry-win-tp3.docker.io"
registry was created to serve Windows images.

Currently, this field always shows "https://index.docker.io/v1/", which is
confusing, because that address is not used for the registry (only for
authentication and "v1" search).

    docker info
    ...
    Registry: https://index.docker.io/v1/

Starting with b4ca1c7368, this field is also
no longer used during authentication, and a3d56e7d06
removed the (deprecated) ElectAuthServer() which was previously used to
query it.

Given that there's currently no practical use for this information, and
it only adds "noise" (and confusion), this patch removes it from the default
output.

For now, the field is (still) available for those that want to use it;

    docker info --format '{{.IndexServerAddress}}'
    https://index.docker.io/v1/

But it won't be printed by default.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-13 14:49:14 +02:00
Sebastiaan van Stijn b87ed34351
cli/command: deprecate EncodeAuthToBase64
Deprecate this function in favor of the implementation in the API types,
considering that to be the canonical implementation.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-13 14:29:59 +02:00
Sebastiaan van Stijn c25115e968
Merge pull request #4190 from thaJeztah/command_auth_cleanups
cli/command: some cleanups / refactoring, and fixes related to auth
2023-04-13 14:23:26 +02:00
Sebastiaan van Stijn 400b9a6129
Merge pull request #4197 from thaJeztah/cobra_template_const
cli: make cobra templates a const
2023-04-13 14:20:07 +02:00
Sebastiaan van Stijn 6416d810dc
Merge pull request #3666 from thaJeztah/ps_always_accept_quiet
docker ps: always use --quiet, also combined with --format
2023-04-13 13:53:39 +02:00
Sebastiaan van Stijn 5d856a5d91
cli/command/container: pullImage: use DisplayJSONMessagesToStream utility
This utility provides the same logic as was implemented here (and using it
aligns with the "docker pull" equivalent).

Also added a TODO to replace this function with the regular "docker pull"
code.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-12 21:17:16 +02:00
Sebastiaan van Stijn b9b98aee5d
cli/command/container/create: pullImage(): use RetrieveAuthTokenFromImage
replace the local code with RetrieveAuthTokenFromImage, which does exactly the same;
623356001f/cli/command/registry.go (L163-L188)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-12 21:17:15 +02:00
Sebastiaan van Stijn a27acd62b3
cli/command/container/create: pullImage() remove intermediate vars
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-12 21:17:15 +02:00