Docker v23.0 and up allow the daemon to be configured to have seccomp disabled
by default (using the "unconfined" profile as default), and introduced a new
"builtin" profile-name for the default (see [moby@f8795ed364586acd][1] and
[mnoby@ac449d6b5ad29a50][2]).
However, the CLI had no special handling for the "builtin" profile, which
resulted in it trying to load it as a file, which would fail;
docker run -it --rm --security-opt seccomp=builtin busybox
docker: opening seccomp profile (builtin) failed: open builtin: no such file or directory.
See 'docker run --help'.
This patch adds a special case for the "builtin" profile, to allow using the
default profile on daemons with seccomp disabled (unconfined) by default.
[1]: f8795ed364
[2]: ac449d6b5a
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Fixes#4648
Make it easier to specify IPv6 addresses in the '--add-host' option by
permitting 'host=ip' in addition to 'host:ip', and allowing square
brackets around the address.
For example:
--add-host=my-hostname:127.0.0.1
--add-host=my-hostname:::1
--add-host=my-hostname=::1
--add-host=my-hostname:[::1]
To avoid compatibility problems, the CLI will replace an '=' separator
with ':', and strip brackets, before sending the request to the API.
Signed-off-by: Rob Murray <rob.murray@docker.com>
For moby/moby PR 45025 (Docker v24, API v1.43).
`docker run --annotation foo=bar` is similar to `podman run --annotation foo=bar`,
however, unlike Podman, Docker implementation also accepts an annotation with an empty value.
(`docker run --annotation foo`)
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Keep frontmatter for docker, dockerd and index markdown files.
Also needs to move cli.md > docker.md before generation and
then move it back because cli.md is needed for yaml generation on docs
website: https://github.com/docker/cli/pull/3924#discussion_r1059986605
Signed-off-by: Kevin Alvarez <crazy-max@users.noreply.github.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This example was mounting `/dev/zero` as `/dev/nulo` inside the container.
The `nulo` name was intended to be a "made up / custom" name, but various
readers thought it to be a typo for `/dev/null`.
This patch updates the example to use `/dev/foobar` as name, which should
make it more clear that it's a custom name.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Cobra allows for aliases to be defined for a command, but only allows these
to be defined at the same level (for example, `docker image ls` as alias for
`docker image list`). Our CLI has some commands that are available both as a
top-level shorthand as well as `docker <object> <verb>` subcommands. For example,
`docker ps` is a shorthand for `docker container ps` / `docker container ls`.
This patch introduces a custom "aliases" annotation that can be used to print
all available aliases for a command. While this requires these aliases to be
defined manually, in practice the list of aliases rarely changes, so maintenance
should be minimal.
As a convention, we could consider the first command in this list to be the
canonical command, so that we can use this information to add redirects in
our documentation in future.
Before this patch:
docker images --help
Usage: docker images [OPTIONS] [REPOSITORY[:TAG]]
List images
Options:
-a, --all Show all images (default hides intermediate images)
...
With this patch:
docker images --help
Usage: docker images [OPTIONS] [REPOSITORY[:TAG]]
List images
Aliases:
docker image ls, docker image list, docker images
Options:
-a, --all Show all images (default hides intermediate images)
...
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This will generate "details_url" for options, so that the options
table on the pages at docs.docker.com link to the section describing
the option.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Support for LCOW has been removed from the daemon, so removing the
corresponding daemon configuration options.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The `docker create` command shares most (all) of its options with `docker run`,
which uses `docker create` under the hood. The `docker create` reference docs
already referred users to the `docker run` sections for details, but some
flags were only documented on the `docker create` page.
This patch:
- moves those flags from the `docker create` to the `docker run` page
- does some minor rephrasing and touch-ups.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
These options were added in 22cd418967,
but did not update the documentation.
Signed-off-by: Chee Hau Lim <cheehau.lim@mobimeo.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>