Commit Graph

8913 Commits

Author SHA1 Message Date
Sebastiaan van Stijn fd0621d0fe
update go to go1.20.4
go1.20.4 (released 2023-05-02) includes three security fixes to the html/template
package, as well as bug fixes to the compiler, the runtime, and the crypto/subtle,
crypto/tls, net/http, and syscall packages. See the Go 1.20.4 milestone on our
issue tracker for details:

https://github.com/golang/go/issues?q=milestone%3AGo1.20.4+label%3ACherryPickApproved

release notes: https://go.dev/doc/devel/release#go1.20.4
full diff: https://github.com/golang/go/compare/go1.20.3...go1.20.4

from the announcement:

> These minor releases include 3 security fixes following the security policy:
>
> - html/template: improper sanitization of CSS values
>
>   Angle brackets (`<>`) were not considered dangerous characters when inserted
>   into CSS contexts. Templates containing multiple actions separated by a '/'
>   character could result in unexpectedly closing the CSS context and allowing
>   for injection of unexpected HMTL, if executed with untrusted input.
>
>   Thanks to Juho Nurminen of Mattermost for reporting this issue.
>
>   This is CVE-2023-24539 and Go issue https://go.dev/issue/59720.
>
> - html/template: improper handling of JavaScript whitespace
>
>   Not all valid JavaScript whitespace characters were considered to be
>   whitespace. Templates containing whitespace characters outside of the character
>   set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain
>   actions may not be properly sanitized during execution.
>
>   Thanks to Juho Nurminen of Mattermost for reporting this issue.
>
>   This is CVE-2023-24540 and Go issue https://go.dev/issue/59721.
>
> - html/template: improper handling of empty HTML attributes
>
>   Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}")
>   executed with empty input could result in output that would have unexpected
>   results when parsed due to HTML normalization rules. This may allow injection
>   of arbitrary attributes into tags.
>
>   Thanks to Juho Nurminen of Mattermost for reporting this issue.
>
>   This is CVE-2023-29400 and Go issue https://go.dev/issue/59722.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-03 20:59:02 +02:00
Sebastiaan van Stijn 054343be38
Merge pull request #4181 from thaJeztah/pass_streams_not_cli
cli/command/system: add utilities for printing, don't pass CLI if not needed
2023-05-03 16:43:21 +02:00
Sebastiaan van Stijn 7d72214202
Merge pull request #4248 from thaJeztah/update_moby_term
vendor: github.com/moby/term v0.5.0
2023-05-03 16:13:52 +02:00
Sebastiaan van Stijn 155f7d9e2b
cli/command/system: add utilities for printing
Adding some utilities to print the output, to keep the linters happier
without having to either suppress errors, or ignore them.

Perhaps we should consider adding utilities for this on the "command.Streams"
outputs.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-02 16:55:12 +02:00
Sebastiaan van Stijn 1e89037d72
cli/command/system: prettyInfo: accept Streams
No need to pass whole of DockerCLI, as all it needs is the outputs.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-02 16:54:05 +02:00
Sebastiaan van Stijn 8cfefc6ea2
cli/command/system: prettyPrintServerInfo: accept Streams
No need to pass whole of DockerCLI, as all it needs is the outputs.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-02 16:51:32 +02:00
Sebastiaan van Stijn ba7a200f0a
cli/command/system: prettyPrintClientInfo: accept Streams
No need to pass whole of DockerCLI, as all it needs is the outputs.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-02 16:50:54 +02:00
Sebastiaan van Stijn 73938cd618
cli/command/system: printSwarmInfo(): accept io.Writer
Don't require whole of DockerCLI to be passed, as all we need is a writer.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-02 16:50:29 +02:00
Sebastiaan van Stijn 2d0ea86b0a
cli/command/system: use io.Writer for printing warnings
Don't require whole of DockerCLI to be passed, as all we need is a writer.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-02 16:17:00 +02:00
Sebastiaan van Stijn be6f4cd56c
cli/command/system: prettyPrintServerInfo: refactor printing "runtimes"
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-02 16:05:52 +02:00
Sebastiaan van Stijn 1d70f7cdb4
cli/command/system: prettyPrintServerInfo: rename var that collided with import
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-02 16:01:46 +02:00
Sebastiaan van Stijn 416e55bedb
github.com/docker/cli/cli/command/system: add BenchmarkPrettyPrintInfo
goos: linux
    goarch: arm64
    pkg: github.com/docker/cli/cli/command/system
    BenchmarkPrettyPrintInfo
    BenchmarkPrettyPrintInfo-5   	  189028	      6156 ns/op	    1776 B/op	      88 allocs/op

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-02 15:49:16 +02:00
Sebastiaan van Stijn f233becf91
vendor: github.com/moby/term v0.5.0
- split exported functions from implementation
- windows: IsConsole(): fix deprecation comment
- deprecate Termios in favor of unix.Termios
- windows: keyToString(): fix string conversion
- gha: update actions, add macOS, and add Go1.20
- gha: add windows

full diff: https://github.com/moby/term/compare/c43b287e0e0f...v0.5.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-02 14:22:36 +02:00
Sebastiaan van Stijn afd320c5ab
Merge pull request #4236 from thaJeztah/update_engine
vendor: github.com/docker/docker v24.0.0-rc.1
2023-05-02 11:06:54 +02:00
Sebastiaan van Stijn bd2c26328f
vendor: github.com/docker/docker v24.0.0-rc.1
full diff: https://github.com/docker/docker/compare/v24.0.0-beta.2...v24.0.0-rc.1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-28 17:56:17 +02:00
Sebastiaan van Stijn 69181952e1
Merge pull request #4242 from thaJeztah/dont_use_deprecated_virtualsize
remove uses of deprecated VirtualSize field
2023-04-28 15:51:49 +02:00
Sebastiaan van Stijn f02301ab5d
remove uses of deprecated VirtualSize field
The VirtualSize field is deprecated and the upcoming API version v1.44
will no longer propagate the field. See:
1261fe69a3,

Given that in docker 1.10 and up (API v1.22), the VirtualSize and Size
fields contain the same value, and the "df" endpoint was not supported
until API v1.25, we can "safely" use Size instead; see:

- 4ae7176ffb
- 4352da7803

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-28 14:58:53 +02:00
Sebastiaan van Stijn 59b07b7253
Merge pull request #4045 from vvoland/test-e2e-arm64-fixes
test/e2e: Fix running `test-e2e` on non-amd64 platforms
2023-04-27 11:41:43 +02:00
Paweł Gronowski eeaaf5d016
e2e: Update alpine to 3.17.2
Previous one was linux/amd64 only.

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-04-27 10:58:02 +02:00
Paweł Gronowski 4569378ca6
e2e: Match notary server version with the main Dockerfile
notary server version 0.5.0 is linux/amd64 only.
Also, e2e stage from top level Dockerfile uses 0.6.1 notary version -
change the Dockerfiles in e2e/testdata to have the same version.

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-04-27 10:57:59 +02:00
Paweł Gronowski ec5504a83f
test/e2e: Use "frozen" tag to reference test images
This makes it possible to update the image loaded for e2e tests without
modifying all tests that use them.

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-04-27 10:57:57 +02:00
Paweł Gronowski 41b6ec07ce
e2e: Skip tests with platform-specific digests on other platforms
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-04-27 10:57:56 +02:00
Sebastiaan van Stijn b9e84d6817
Merge pull request #4235 from thaJeztah/update_engine_deps
update docker dependencies in preparation of v24.0.0-rc.1
2023-04-27 10:57:36 +02:00
Sebastiaan van Stijn 962e22c311
vendor: github.com/moby/swarmkit/v2 v2.0.0-20230406225228-75e92ce14ff7
full diff: e28e8ba9bc...75e92ce14f

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-27 02:22:45 +02:00
Sebastiaan van Stijn 72192c75c2
vendor: github.com/moby/buildkit v0.11.6
no changes in vendored files

full diff: https://github.com/moby/buildkit/compare/v0.11.5...v0.11.6

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-27 02:21:59 +02:00
Sebastiaan van Stijn c177e2060d
vendor: github.com/creack/pty v1.1.18
full diff: https://github.com/creack/pty/compare/v1.1.11...v1.1.18

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-27 02:20:43 +02:00
Sebastiaan van Stijn eabb927811
Merge pull request #4144 from ChrisChinchilla/chrisward/cmd-run-refresh
Docs freshness updates to Docker run command docs
2023-04-26 16:20:45 +02:00
Chris Chinchilla e693e7f3b4
Docs freshness updates
Signed-off-by: Chris Chinchilla <chris.ward@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-26 15:37:12 +02:00
Sebastiaan van Stijn 6d58b07ac6
Merge pull request #4219 from thaJeztah/update_graphderiver_deprecation
docs: update deprecation status of "overlay" and "AuFS"
2023-04-26 15:22:41 +02:00
Sebastiaan van Stijn 019657a986
Merge pull request #4174 from thaJeztah/remove_deprecated_streams
cli/command: remove deprecated Stream types
2023-04-26 13:10:21 +02:00
Sebastiaan van Stijn 04bf047a2c
Merge pull request #4205 from thaJeztah/info_dont_depend_on_IndexServerAddress
cli/command/system: prettyPrintServerInfo: don't depend on IndexServerAddress and credential-store
2023-04-26 13:07:01 +02:00
Sebastiaan van Stijn 1c1fca4ebe
docs: update deprecation status of "overlay" and "AuFS"
These drivers have been removed in Docker Engine 24.0.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-26 13:05:09 +02:00
Sebastiaan van Stijn 73e12985f2
Merge pull request #4220 from thaJeztah/remove_overlay2.override_kernel_check
docs: update deprecation status for overlay2.override_kernel_check
2023-04-26 13:01:39 +02:00
Sebastiaan van Stijn 591320db4a
Merge pull request #4213 from docker/dependabot/github_actions/docker/bake-action-3
build(deps): bump docker/bake-action from 2 to 3
2023-04-25 12:20:43 +02:00
Sebastiaan van Stijn c180202cea
cli/command: remove deprecated Stream types
These were deprecated in eb0ba4f8d5, which
was part of docker 19.03, so users should have had a chance to migrate.

This removes InStream, OutStream, NewInStream and NewOutStream

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-25 11:07:45 +02:00
Sebastiaan van Stijn 4e19b8128f
docs: update deprecation status for overlay2.override_kernel_check
This opton has been removed in Docker Engine v24.0.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-21 00:20:05 +02:00
Brian Goff 26a73575f1
Merge pull request #4218 from thaJeztah/volumes_prune_all
volumes: prune: add --all / -a option
2023-04-20 14:47:44 -07:00
Sebastiaan van Stijn 0dec5d20a2
volumes: prune: add --all / -a option
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-20 23:31:47 +02:00
Sebastiaan van Stijn d4f2609ce8
Merge pull request #4216 from vvoland/buildkit-empty
Handle empty DOCKER_BUILDKIT like unset
2023-04-19 20:28:36 +02:00
Sebastiaan van Stijn 1277e8f8dc
Merge pull request #4214 from laurazard/compose-schema-x-props
Swarm: Add schema 3.11, and Allow additional properties in `build`
2023-04-19 16:52:08 +02:00
Sebastiaan van Stijn d70b539fa8
Merge pull request #4215 from kolyshkin/fix-man
dockerd(8): formatting fixes
2023-04-19 15:26:25 +02:00
Paweł Gronowski ff7f76af7a
Handle empty DOCKER_BUILDKIT like unset
This fixes the cli erroring out if the variable is set to an empty
value.

```
$ export DOCKER_BUILDKIT=
$ docker version
DOCKER_BUILDKIT environment variable expects boolean value: strconv.ParseBool: parsing "": invalid syntax
```

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-04-19 14:17:01 +02:00
Sebastiaan van Stijn 3bc814ed3d
Merge pull request #4209 from thaJeztah/deprecate_oom_score_adjust
docs: deprecation: OOM-score adjust for the daemon
2023-04-18 21:56:34 +02:00
Laura Brehm 271b9667ee
Swarm: allow additional properties in `build`
Since Swarm does not use the `build` section, there's no reason to validate properties here.
This makes it so we don't have to keep updating the schema in the CLI to support properties
added in the Compose Spec for build, and does not imply any new feature support since Swarm
does not consider this section.

Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2023-04-18 14:51:49 +01:00
Laura Brehm e2bfd21991
cli/compose: add schema 3.11 (no changes with 3.10 yet)
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2023-04-18 14:51:27 +01:00
Sebastiaan van Stijn bad7a04ad3
Merge pull request #4210 from thaJeztah/engine_24.0.0-beta.2
vendor: github.com/docker/docker v24.0.0-beta.2
2023-04-18 13:34:49 +02:00
dependabot[bot] 6c4c3c23c7
build(deps): bump docker/bake-action from 2 to 3
Bumps [docker/bake-action](https://github.com/docker/bake-action) from 2 to 3.
- [Release notes](https://github.com/docker/bake-action/releases)
- [Commits](https://github.com/docker/bake-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/bake-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-18 09:03:03 +00:00
Kir Kolyshkin 8ef8f41311 man/dockerd.8: assorted formatting fixes
Mostly, this makes sure that literals (such as true, false, host,
private, examples of options usage etc.) are typeset in bold, except for
filenames, which are typeset in italic.

While at it,
 - remove some default values from synopsis as it should not
   be there;
 - fix man pages references (page name in bold, volume number in
   regular).

This is not a complete fix, but a step in the right direction.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-04-17 15:47:48 -07:00
Kir Kolyshkin e3cb324ed9 man/dockerd.8: escape asterisks and underscores
1. Escape asterisks and underscores, that have special meaning in
   Markdown. While most markdown processors are smart enough to
   distinguish whether it's a literal * or _ or a formatting directive,
   escaping makes things more explicit.

2. Fix using wrong level of headings in some dm options (most are ####,
   but some were #####).

3. Do not use sub-heading for examples in some dm options (this is how
   it's done in the rest of the man page).

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2023-04-17 15:41:26 -07:00
Sebastiaan van Stijn a4bcabc7d2
vendor: github.com/docker/docker v24.0.0-beta.2
full diff: https://github.com/docker/docker/compare/v24.0.0-beta.1...v24.0.0-beta.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-17 23:14:51 +02:00