Commit Graph

6446 Commits

Author SHA1 Message Date
Silvin Lubecki 57b7b75df8
Merge pull request #2174 from thaJeztah/fix_isabs_test
compose/loader: fix TestIsAbs not testing all combinations
2019-10-29 15:59:37 +01:00
Sebastiaan van Stijn b3cde356f6
Merge pull request #2157 from thaJeztah/servicestatus
Services: use ServiceStatus on API v1.41 and up
2019-10-29 15:57:32 +01:00
Silvin Lubecki 48f2426fbc
Merge pull request #2172 from thaJeztah/gometalinter_deadline
Gometalinter: raise deadline to 3 minutes
2019-10-29 15:53:58 +01:00
Sebastiaan van Stijn 20424e2f51
Add test for ServiceStatus
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-29 15:49:35 +01:00
Sebastiaan van Stijn 7405ac5c2d
Services: use ServiceStatus on API v1.41 and up
API v1.41 adds a new option to get the number of desired
and running tasks when listing services. This patch enables
this functionality, and provides a fallback mechanism when
the ServiceStatus is not available, which would be when
using an older API version.

Now that the swarm.Service struct captures this information,
the `ListInfo` type is no longer needed, so it is removed,
and the related list- and formatting functions have been
modified accordingly.

To reduce repetition, sorting the services has been moved
to the formatter. This is a slight change in behavior, but
all calls to the formatter performed this sort first, so
the change will not lead to user-facing changes.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-29 15:49:28 +01:00
Sebastiaan van Stijn 228e0f5e76
TestStackServicesErrors: use sub-tests, and return tasks
This also sets the services to have a Mode set, otherwise
they would be invalid.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-29 15:47:52 +01:00
Sebastiaan van Stijn 962015b057
internal/builders: add GlobalService, ServiceStatus, NodeList()
This patch:

- Adds new GlobalService and ServiceStatus options
- Makes the NodeList() function functional
- Minor improvment to the `newService()` function to allow passing options

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-29 15:47:49 +01:00
Sebastiaan van Stijn 0a21de05d2
compose/loader: fix TestIsAbs not testing all combinations
This test was intending to run all tests, but didn't, which was
caught by golangci-lint;

    cli/compose/loader/windows_path_test.go:46:17: SA4010: this result of append is never used, except maybe in other appends (staticcheck)
    	tests := append(isabstests, winisabstests...)
    	               ^

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-29 15:02:23 +01:00
Sebastiaan van Stijn 3fa5aef0f9
Merge pull request #2078 from artheus/contrib/faster-bash-completion
Contrib: Make bash completion faster for services
2019-10-29 12:31:13 +01:00
Sebastiaan van Stijn 2eb5cdba46
Merge pull request #2087 from shahzzzam/sam/fix-print
fix formatting issue of encoded url
2019-10-29 12:28:09 +01:00
Sebastiaan van Stijn 4f9ee0721f
Merge pull request #2125 from albers/completion-builder-build-options
Add bash completion for `builder build` options
2019-10-29 12:24:38 +01:00
Sebastiaan van Stijn 3e78cbc021
Gometalinter: raise deadline to 3 minutes
Looks like we're just on the edge of the deadline, and it's sometimes
failing;

```
cli/command/image/trust.go:346:1⚠️ nolint directive did not match any issue (nolint)
cli/command/manifest/push.go:211:1⚠️ nolint directive did not match any issue (nolint)
internal/pkg/containerized/snapshot.go:95:1⚠️ nolint directive did not match any issue (nolint)
internal/pkg/containerized/snapshot.go:138:1⚠️ nolint directive did not match any issue (nolint)
WARNING: deadline exceeded by linter interfacer (try increasing --deadline)
Exited with code 3
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-28 12:50:56 +01:00
Silvin Lubecki c887984b48
Merge pull request #2158 from thaJeztah/bump_engine
bump docker/docker to a09e6e323e55e1a9b21df9c2c555f5668df3ac9b
2019-10-28 11:19:00 +01:00
Sebastiaan van Stijn 7f6cd64335
bump docker/docker to a09e6e323e55e1a9b21df9c2c555f5668df3ac9b
full diff: b6684a403c...a09e6e323e

relevant changes:

- moby/moby#39995 Update containerd binary to v1.2.10
- moby/moby#40001 Update runc to v1.0.0-rc8-92-g84373aaa (CVE-2019-16884)
- moby/moby#39999 bump golang 1.13.1 (CVE-2019-16276)
- moby/moby#40102 bump golang 1.13.3 (CVE-2019-17596)
- moby/moby#40134 Revert "homedir: add cgo or osusergo buildtag constraints for unix"
    - reverts moby/moby#39994 homedir: add cgo or osusergo buildtag constraints for unix,
      in favor of documenting when to set the `osusergo` build tag. The `osusergo`
      build-flag must be used when compiling a static binary with `cgo` enabled,
      and linking against `glibc`.
- moby/moby#39983 builder: remove legacy build's session handling
  This feature was used by docker build --stream and it was kept experimental.
  Users of this endpoint should enable BuildKit anyway by setting Version to BuilderBuildKit.
    - Related: #2105 build: remove --stream (was experimental)
- moby/moby #40045 Bump logrus 1.4.2, go-shellwords, mergo, flock, creack/pty,
  golang/gddo, gorilla/mux
- moby/moby#39713 bump containerd and dependencies to v1.3.0
- moby/moby#39987 Add ability to handle index acknowledgment with splunk log driver
- moby/moby#40070 Use ocischema package instead of custom handler
    - relates to moby/moby#39727 Docker 19.03 doesn't support OCI image
    - relates to docker/hub-feedback#1871
    - relates to docker/distribution#3024
- moby/moby#39231 Add support for sending down service Running and Desired task counts
- moby/moby#39822 daemon: Use short libnetwork ID in exec-root
- moby/moby#39100 Use Microsoft/hcsshim constants and deprecate pkg/system.GetOsVersion()
    - updates/requires Microsoft/hscshim@2226e083fc

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-26 15:34:43 +02:00
Sebastiaan van Stijn 5e4c7eba44
bump Microsoft/hcsshim 2226e083fc390003ae5aa8325c3c92789afa0e7a
full diff: 672e52e920...2226e083fc

- microsoft/hcsshim#569 Enhancement: add osversion.Build() utility
    - relates to moby/moby#39100 Use Microsoft/hcsshim constants and deprecate pkg/system.GetOsVersion()

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-26 15:24:36 +02:00
Silvin Lubecki 36707529d3
Merge pull request #2163 from thaJeztah/fixup_linting_config
Fix-up (gometalinter) linting config
2019-10-25 15:05:24 +02:00
Silvin Lubecki c44be24667
Merge pull request #2160 from thaJeztah/circleci_updates
CircleCI: add some info steps, and re-group jobs
2019-10-25 14:59:57 +02:00
Sebastiaan van Stijn 937e65cac5
CircleCI: add some info steps, and re-group jobs
This patch:

- Combines the shellcheck and lint stages. Free CircleCI plans allow a maximum
  of 4 concurrent jobs, and from the timing, the "lint" and "shellcheck" stages
  combined would still take less time than the other stages, so combining them
  keeps the same overall duration, but saving one machine "slot".
- Splits some steps, so that their output can be found more easily in the CI
  results. For example, separating building of Docker images from running them.
- Adds a "Docker info" step, because information about the environment can be
  useful when debugging.
- Adds the "Docker info" and "Docker version" steps to all stages, so that it's
  possible to get that information without having to find the stage in which
  it's printed.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-25 12:48:55 +02:00
Sebastiaan van Stijn 69b73f7519
Merge pull request #2156 from danielhelfand/master
Correct Jenkins Build Status URLs for README
2019-10-24 17:29:31 +02:00
Daniel Helfand 46f3f9ac04 update Jenkins Build Status urls for README
Signed-off-by: danielhelfand <helfand.4@gmail.com>
2019-10-24 11:21:12 -04:00
Sebastiaan van Stijn 71e525f74f
gometalinter: fix configuration
The configuration abused "Exclude" to exclude file-paths by filtering
on the output, however, the `Skip` option was designed for that, whereas
`Exclude` is for matching warnings.

An explicit "Skip" was added for "vendor", because even though the vendor
directory should already be ignored by the linter, in some situations,
it still seemed to warn on issues, so let's explicitly ignore it.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-24 16:57:14 +02:00
Silvin Lubecki 146d29c018
Merge pull request #2146 from thaJeztah/bump_golang_1.12.12
Update Golang 1.12.12 (CVE-2019-17596)
2019-10-22 08:53:06 +02:00
Tibor Vass 3afe327a6d
Merge pull request #2142 from thaJeztah/info_test
TestFormatInfo: add extra test-case
2019-10-21 18:25:53 -07:00
Sebastiaan van Stijn 474d522ee2
Update Golang 1.12.12 (CVE-2019-17596)
Golang 1.12.12
-------------------------------

full diff: https://github.com/golang/go/compare/go1.12.11...go1.12.12

go1.12.12 (released 2019/10/17) includes fixes to the go command, runtime,
syscall and net packages. See the Go 1.12.12 milestone on our issue tracker for
details.

https://github.com/golang/go/issues?q=milestone%3AGo1.12.12

Golang 1.12.11 (CVE-2019-17596)
-------------------------------

full diff: https://github.com/golang/go/compare/go1.12.10...go1.12.11

go1.12.11 (released 2019/10/17) includes security fixes to the crypto/dsa
package. See the Go 1.12.11 milestone on our issue tracker for details.

https://github.com/golang/go/issues?q=milestone%3AGo1.12.11

    [security] Go 1.13.2 and Go 1.12.11 are released

    Hi gophers,

    We have just released Go 1.13.2 and Go 1.12.11 to address a recently reported
    security issue. We recommend that all affected users update to one of these
    releases (if you're not sure which, choose Go 1.13.2).

    Invalid DSA public keys can cause a panic in dsa.Verify. In particular, using
    crypto/x509.Verify on a crafted X.509 certificate chain can lead to a panic,
    even if the certificates don't chain to a trusted root. The chain can be
    delivered via a crypto/tls connection to a client, or to a server that accepts
    and verifies client certificates. net/http clients can be made to crash by an
    HTTPS server, while net/http servers that accept client certificates will
    recover the panic and are unaffected.

    Moreover, an application might crash invoking
    crypto/x509.(*CertificateRequest).CheckSignature on an X.509 certificate
    request, parsing a golang.org/x/crypto/openpgp Entity, or during a
    golang.org/x/crypto/otr conversation. Finally, a golang.org/x/crypto/ssh client
    can panic due to a malformed host key, while a server could panic if either
    PublicKeyCallback accepts a malformed public key, or if IsUserAuthority accepts
    a certificate with a malformed public key.

    The issue is CVE-2019-17596 and Go issue golang.org/issue/34960.

    Thanks to Daniel Mandragona for discovering and reporting this issue. We'd also
    like to thank regilero for a previous disclosure of CVE-2019-16276.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-20 23:26:31 +02:00
Sebastiaan van Stijn 79aa6cce19
TestFormatInfo: add extra test-case
This case was in a test in the engine repository, where
it is being removed, so add it to the list of existing
tests here.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-18 23:40:02 +02:00
Vincent Demeester a8ff7f8210
Merge pull request #2122 from jonjohnsonjr/passthrough-user-pass
Allow username/password in config file
2019-10-17 10:35:24 +02:00
Jon Johnson 8f11fbc876 Fix lint issue
Signed-off-by: Jon Johnson <jonjohnson@google.com>
2019-10-16 09:59:49 -07:00
Jon Johnson 415f608620 Add test case to cover non-empty auth entry
Signed-off-by: Jon Johnson <jonjohnson@google.com>
2019-10-16 09:54:19 -07:00
Silvin Lubecki b14a42a5a5
Merge pull request #2137 from Lah123/master
update docs based on PR 39949
2019-10-15 14:52:25 +02:00
Lukas Heeren 86281a7b4b
daemon: document --max-download-attempts option
update docs based on PR 39949

Signed-off-by: Lukas Heeren <lukas-heeren@hotmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-15 12:06:58 +02:00
Sebastiaan van Stijn b27ac92ef7
Merge pull request #2133 from sudo-bmitch/pr-from-glossary-ref
Adjusting glossary reference and clarrifying the start of a Dockerfile
2019-10-15 12:00:25 +02:00
Sebastiaan van Stijn 4ce0640a09
Merge pull request #2111 from tiborvass/revert-homedir
config: revert to using pkg/homedir
2019-10-15 11:58:32 +02:00
Morten Hekkvang fc19fb6d95 Fix erroneous space indentation of shell script
Signed-off-by: Morten Hekkvang <morten.hekkvang@sbab.se>
2019-10-11 09:59:10 +02:00
Tibor Vass 5d85cdacd2
Merge pull request #2123 from thaJeztah/hide_unsupported_buildkit_flags
Annotate flags that are not supported by Buildkit
2019-10-10 21:54:15 -07:00
Kirill Kolyshkin 83d0c5df4f
Merge pull request #1827 from thaJeztah/bump_go_json_schema_1.1.0
bump github.com/xeipuuv/gojsonschema v1.1.0
2019-10-10 17:16:49 -07:00
Sebastiaan van Stijn 82d88e77ed
Merge pull request #2128 from adrian-plata/commandline-typo
Minor formatting changes and a typo fix.
2019-10-11 00:59:36 +02:00
Sebastiaan van Stijn 7b8c6a6325
bump github.com/xeipuuv/gojsonpointer 02993c407bfbf5f6dae44c4f4b1cf6a39b5fc5bb
full diff: 4e3ac2762d...02993c407b

only a gofmt and documentation change

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-11 00:30:57 +02:00
Brandon Mitchell 937ce69b42 Adjusting glossary reference and clarrifying the start of a Dockerfile
Signed-off-by: Brandon Mitchell <git@bmitch.net>
2019-10-10 17:03:48 -04:00
Sebastiaan van Stijn 06f34ba507
bump github.com/xeipuuv/gojsonschema v1.1.0
full diff: 93e72a773f...f971f3cd73

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-10 23:00:43 +02:00
Adrian Plata ba7ec36de2 Minor formatting changes and a typo fix.
Signed-off-by: Adrian Plata <adrian.plata@docker.com>
2019-10-07 15:29:19 -07:00
Tibor Vass 7a279af43d config: revert to using pkg/homedir
In c2626a82 homedir logic got extremely simplified to only
checking HOME environment variable on UNIX systems.

Although this should work well enough in traditional environments,
this could break minimal containerized environments.

This patch reverts to using github.com/docker/docker/pkg/homedir
that was recently updated to have less dependencies.

Signed-off-by: Tibor Vass <tibor@docker.com>
2019-10-07 21:05:58 +00:00
Silvin Lubecki 3e07fa728a
Merge pull request #2110 from tiborvass/update-vendor
vendor: align with engine at b6684a403c99aaf6be5b8ce0bef3c6650fcdcd12
2019-10-07 21:37:19 +02:00
Harald Albers cd9b39fc52 Add bash completion for `builder build` options
Signed-off-by: Harald Albers <github@albersweb.de>
2019-10-05 22:33:11 +02:00
Sebastiaan van Stijn 7eecbb96af
Annotate flags that are not supported by Buildkit
Before this patch:

```

Usage:	docker build [OPTIONS] PATH | URL | -

Build an image from a Dockerfile

Options:
      --add-host list           Add a custom host-to-IP mapping (host:ip)
      --build-arg list          Set build-time variables
      --cache-from strings      Images to consider as cache sources
      --cgroup-parent string    Optional parent cgroup for the container
      --cpu-period int          Limit the CPU CFS (Completely Fair Scheduler) period
      --cpu-quota int           Limit the CPU CFS (Completely Fair Scheduler) quota
  -c, --cpu-shares int          CPU shares (relative weight)
      --cpuset-cpus string      CPUs in which to allow execution (0-3, 0,1)
      --cpuset-mems string      MEMs in which to allow execution (0-3, 0,1)
      --disable-content-trust   Skip image verification (default true)
  -f, --file string             Name of the Dockerfile (Default is 'PATH/Dockerfile')
      --force-rm                Always remove intermediate containers
      --iidfile string          Write the image ID to the file
      --isolation string        Container isolation technology
      --label list              Set metadata for an image
  -m, --memory bytes            Memory limit
      --memory-swap bytes       Swap limit equal to memory plus swap: '-1' to enable unlimited swap
      --network string          Set the networking mode for the RUN instructions during build (default "default")
      --no-cache                Do not use cache when building the image
  -o, --output stringArray      Output destination (format: type=local,dest=path)
      --platform string         Set platform if server is multi-platform capable
      --progress string         Set type of progress output (auto, plain, tty). Use plain to show container output (default "auto")
      --pull                    Always attempt to pull a newer version of the image
  -q, --quiet                   Suppress the build output and print image ID on success
      --rm                      Remove intermediate containers after a successful build (default true)
      --secret stringArray      Secret file to expose to the build (only if BuildKit enabled): id=mysecret,src=/local/secret
      --security-opt strings    Security options
      --shm-size bytes          Size of /dev/shm
      --squash                  Squash newly built layers into a single new layer
      --ssh stringArray         SSH agent socket or keys to expose to the build (only if BuildKit enabled) (format: default|<id>[=<socket>|<key>[,<key>]])
  -t, --tag list                Name and optionally a tag in the 'name:tag' format
      --target string           Set the target build stage to build.
      --ulimit ulimit           Ulimit options (default [])
```

With this patch applied:

```
DOCKER_BUILDKIT=1 docker build --help

Usage:	docker build [OPTIONS] PATH | URL | -

Build an image from a Dockerfile

Options:
      --add-host list           Add a custom host-to-IP mapping (host:ip)
      --build-arg list          Set build-time variables
      --cache-from strings      Images to consider as cache sources
      --disable-content-trust   Skip image verification (default true)
  -f, --file string             Name of the Dockerfile (Default is 'PATH/Dockerfile')
      --iidfile string          Write the image ID to the file
      --isolation string        Container isolation technology
      --label list              Set metadata for an image
      --network string          Set the networking mode for the RUN instructions during build (default "default")
      --no-cache                Do not use cache when building the image
  -o, --output stringArray      Output destination (format: type=local,dest=path)
      --platform string         Set platform if server is multi-platform capable
      --progress string         Set type of progress output (auto, plain, tty). Use plain to show container output (default "auto")
      --pull                    Always attempt to pull a newer version of the image
  -q, --quiet                   Suppress the build output and print image ID on success
      --secret stringArray      Secret file to expose to the build (only if BuildKit enabled): id=mysecret,src=/local/secret
      --squash                  Squash newly built layers into a single new layer
      --ssh stringArray         SSH agent socket or keys to expose to the build (only if BuildKit enabled) (format: default|<id>[=<socket>|<key>[,<key>]])
  -t, --tag list                Name and optionally a tag in the 'name:tag' format
      --target string           Set the target build stage to build.
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-04 15:55:04 +02:00
Harald Albers e3060aa27c
Merge pull request #2116 from trapier/bash-completion-builder-build
Add bash completion for `builder build`
2019-10-04 15:22:01 +02:00
Jon Johnson 37e9cabf11 Allow username/password in config file
Signed-off-by: Jon Johnson <jonjohnson@google.com>
2019-10-02 12:55:27 -07:00
Tibor Vass 70a4eb2a49 vendor: update grpc to v1.23.0
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-10-02 17:48:26 +00:00
Tibor Vass 72bc29a2ae vendor: update go-winio to v0.4.14
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-10-02 17:47:27 +00:00
Tibor Vass 38c02a9280 vendor: align with engine at b6684a403c99aaf6be5b8ce0bef3c6650fcdcd12
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-10-02 01:47:08 +00:00
Michael Crosby d04032d088
Merge pull request #2105 from tiborvass/rm-build-stream
build: remove --stream (was experimental)
2019-10-01 15:01:49 -04:00