Running `docker stack services <STACK> --orchestrator swarm would yield
the message "Noting found in stack: asdf" with an exit code 0. The same
command with kubernetes orchestrator would yield "nothing found in
stack: adsf" (note the lower-case "nothing") and a non-zero exit code.
This change makes the `stack services` command uniform for both
orchestrators. The logic of getting and printing services is split to
reuse the same formatting code.
Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
API v1.41 adds a new option to get the number of desired
and running tasks when listing services. This patch enables
this functionality, and provides a fallback mechanism when
the ServiceStatus is not available, which would be when
using an older API version.
Now that the swarm.Service struct captures this information,
the `ListInfo` type is no longer needed, so it is removed,
and the related list- and formatting functions have been
modified accordingly.
To reduce repetition, sorting the services has been moved
to the formatter. This is a slight change in behavior, but
all calls to the formatter performed this sort first, so
the change will not lead to user-facing changes.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This patch:
- Adds new GlobalService and ServiceStatus options
- Makes the NodeList() function functional
- Minor improvment to the `newService()` function to allow passing options
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This test was intending to run all tests, but didn't, which was
caught by golangci-lint;
cli/compose/loader/windows_path_test.go:46:17: SA4010: this result of append is never used, except maybe in other appends (staticcheck)
tests := append(isabstests, winisabstests...)
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
```
cli/command/container/opts.go:700:37: Using a reference for the variable on range scope `n` (scopelint)
if err := applyContainerOptions(&n, copts); err != nil {
^
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
```
cli/command/service/update.go:1007:43: Using a reference for the variable on range scope `entry` (scopelint)
if _, ok := portSet[portConfigToString(&entry)]; !ok {
^
cli/command/service/update.go:1008:32: Using a reference for the variable on range scope `entry` (scopelint)
portSet[portConfigToString(&entry)] = entry
^
cli/command/service/update.go:1034:44: Using a reference for the variable on range scope `port` (scopelint)
if _, ok := portSet[portConfigToString(&port)]; ok {
^
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Looks like we're just on the edge of the deadline, and it's sometimes
failing;
```
cli/command/image/trust.go:346:1⚠️ nolint directive did not match any issue (nolint)
cli/command/manifest/push.go:211:1⚠️ nolint directive did not match any issue (nolint)
internal/pkg/containerized/snapshot.go:95:1⚠️ nolint directive did not match any issue (nolint)
internal/pkg/containerized/snapshot.go:138:1⚠️ nolint directive did not match any issue (nolint)
WARNING: deadline exceeded by linter interfacer (try increasing --deadline)
Exited with code 3
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
full diff: b6684a403c...a09e6e323e
relevant changes:
- moby/moby#39995 Update containerd binary to v1.2.10
- moby/moby#40001 Update runc to v1.0.0-rc8-92-g84373aaa (CVE-2019-16884)
- moby/moby#39999 bump golang 1.13.1 (CVE-2019-16276)
- moby/moby#40102 bump golang 1.13.3 (CVE-2019-17596)
- moby/moby#40134 Revert "homedir: add cgo or osusergo buildtag constraints for unix"
- reverts moby/moby#39994 homedir: add cgo or osusergo buildtag constraints for unix,
in favor of documenting when to set the `osusergo` build tag. The `osusergo`
build-flag must be used when compiling a static binary with `cgo` enabled,
and linking against `glibc`.
- moby/moby#39983 builder: remove legacy build's session handling
This feature was used by docker build --stream and it was kept experimental.
Users of this endpoint should enable BuildKit anyway by setting Version to BuilderBuildKit.
- Related: #2105 build: remove --stream (was experimental)
- moby/moby #40045 Bump logrus 1.4.2, go-shellwords, mergo, flock, creack/pty,
golang/gddo, gorilla/mux
- moby/moby#39713 bump containerd and dependencies to v1.3.0
- moby/moby#39987 Add ability to handle index acknowledgment with splunk log driver
- moby/moby#40070 Use ocischema package instead of custom handler
- relates to moby/moby#39727 Docker 19.03 doesn't support OCI image
- relates to docker/hub-feedback#1871
- relates to docker/distribution#3024
- moby/moby#39231 Add support for sending down service Running and Desired task counts
- moby/moby#39822 daemon: Use short libnetwork ID in exec-root
- moby/moby#39100 Use Microsoft/hcsshim constants and deprecate pkg/system.GetOsVersion()
- updates/requires Microsoft/hscshim@2226e083fc
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
full diff: 672e52e920...2226e083fc
- microsoft/hcsshim#569 Enhancement: add osversion.Build() utility
- relates to moby/moby#39100 Use Microsoft/hcsshim constants and deprecate pkg/system.GetOsVersion()
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This patch:
- Combines the shellcheck and lint stages. Free CircleCI plans allow a maximum
of 4 concurrent jobs, and from the timing, the "lint" and "shellcheck" stages
combined would still take less time than the other stages, so combining them
keeps the same overall duration, but saving one machine "slot".
- Splits some steps, so that their output can be found more easily in the CI
results. For example, separating building of Docker images from running them.
- Adds a "Docker info" step, because information about the environment can be
useful when debugging.
- Adds the "Docker info" and "Docker version" steps to all stages, so that it's
possible to get that information without having to find the stage in which
it's printed.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The configuration abused "Exclude" to exclude file-paths by filtering
on the output, however, the `Skip` option was designed for that, whereas
`Exclude` is for matching warnings.
An explicit "Skip" was added for "vendor", because even though the vendor
directory should already be ignored by the linter, in some situations,
it still seemed to warn on issues, so let's explicitly ignore it.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
full diff: ed099d4238...00bdffe0f3
changes included:
- gorilla/mux#477 Improve CORS Method Middleware
- implements gorilla/mux#477 Make CORSMethodMiddleware actually make sense
- gorilla/mux#489 Fix nil panic in authentication middleware example
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Golang 1.12.12
-------------------------------
full diff: https://github.com/golang/go/compare/go1.12.11...go1.12.12
go1.12.12 (released 2019/10/17) includes fixes to the go command, runtime,
syscall and net packages. See the Go 1.12.12 milestone on our issue tracker for
details.
https://github.com/golang/go/issues?q=milestone%3AGo1.12.12
Golang 1.12.11 (CVE-2019-17596)
-------------------------------
full diff: https://github.com/golang/go/compare/go1.12.10...go1.12.11
go1.12.11 (released 2019/10/17) includes security fixes to the crypto/dsa
package. See the Go 1.12.11 milestone on our issue tracker for details.
https://github.com/golang/go/issues?q=milestone%3AGo1.12.11
[security] Go 1.13.2 and Go 1.12.11 are released
Hi gophers,
We have just released Go 1.13.2 and Go 1.12.11 to address a recently reported
security issue. We recommend that all affected users update to one of these
releases (if you're not sure which, choose Go 1.13.2).
Invalid DSA public keys can cause a panic in dsa.Verify. In particular, using
crypto/x509.Verify on a crafted X.509 certificate chain can lead to a panic,
even if the certificates don't chain to a trusted root. The chain can be
delivered via a crypto/tls connection to a client, or to a server that accepts
and verifies client certificates. net/http clients can be made to crash by an
HTTPS server, while net/http servers that accept client certificates will
recover the panic and are unaffected.
Moreover, an application might crash invoking
crypto/x509.(*CertificateRequest).CheckSignature on an X.509 certificate
request, parsing a golang.org/x/crypto/openpgp Entity, or during a
golang.org/x/crypto/otr conversation. Finally, a golang.org/x/crypto/ssh client
can panic due to a malformed host key, while a server could panic if either
PublicKeyCallback accepts a malformed public key, or if IsUserAuthority accepts
a certificate with a malformed public key.
The issue is CVE-2019-17596 and Go issue golang.org/issue/34960.
Thanks to Daniel Mandragona for discovering and reporting this issue. We'd also
like to thank regilero for a previous disclosure of CVE-2019-16276.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>