Commit Graph

7620 Commits

Author SHA1 Message Date
Alexey Igrychev 0de4e6e9a7
Fix reading context and dockerfile from stdin with BuildKit
Signed-off-by: Alexey Igrychev <alexey.igrychev@flant.com>
(cherry picked from commit fc9ca9a94a)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-02-04 14:48:19 +01:00
Brian Goff 3c87f01b18
Ignore SIGURG on Linux.
In go1.14+, SIGURG is used by the runtime to handle preemtable system
calls.
In practice this signal caught *frequently*.

For reference:

https://go.googlesource.com/proposal/+/master/design/24543-non-cooperative-preemption.md
https://github.com/golang/go/issues/37942

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
(cherry picked from commit fff164c22e)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-02-04 14:44:39 +01:00
Sebastiaan van Stijn de40c2b172
Fix panic when failing to get DefaultAuthConfig
Commit f32731f902 fixed a potential panic
when an error was returned while trying to get existing credentials.

However, other code paths currently use the result of `GetDefaultAuthConfig()`
even in an error condition; this resulted in a panic, because a `nil` was
returned.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit c2820a7e3b)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-02-04 14:42:06 +01:00
Sebastiaan van Stijn d513e46bfc
cli/config: prevent warning if HOME is not set
commit c2626a8270 replaced the use of
github.com/docker/docker/pkg/homedir with Golang's os.UserHomeDir().

This change was partially reverted in 7a279af43d
to account for situations where `$HOME` is not set.

In  situations where no configuration file is present in `~/.config/`, the CLI
falls back to looking for the (deprecated) `~/.dockercfg` configuration file,
which was still using `os.UserHomeDir()`, which produces an error/warning if
`$HOME` is not set.

This patch introduces a helper function and a global variable to get the user's
home-directory. The global variable is used to prevent repeatedly looking up
the user's information (which, depending on the setup can be a costly operation).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit c85a37dbb4)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-02-04 14:38:27 +01:00
Sebastiaan van Stijn 2b74b90efb
Add docs and completion for docker node ls --filter node.label
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit f52a9e2fef)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-02-04 14:33:15 +01:00
Sebastiaan van Stijn 05343b36a2
fix docker-run man page table formatting
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit c0b7b58134)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-02-04 14:33:10 +01:00
DongGeon Lee f90db254d7
docs: Fix wrong variable name
Signed-off-by: LeeDongGeon <secmatth1996@gmail.com>
(cherry picked from commit 852fe05991)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-02-04 14:33:06 +01:00
Christopher Svensson 0dcfdde336
Removed format flag for inspect
Signed-off-by: Christopher Svensson <stoffus@stoffus.com>
(cherry picked from commit b04241d95a)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-02-04 14:33:01 +01:00
Christopher Svensson 03cd1dc50a
Added zsh completion for docker context subcommands
Signed-off-by: Christopher Svensson <stoffus@stoffus.com>
(cherry picked from commit 584c08e1fe)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-02-04 14:32:59 +01:00
Sebastiaan van Stijn 42811a7eb9
docs: add redirect for old reference URL
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit a4fb01f957)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-02-04 14:32:54 +01:00
Sebastiaan van Stijn be966aa194
docs: fix typo in deprecated.md
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 697c3a5b48)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-02-04 14:32:49 +01:00
Sebastiaan van Stijn b22fe0fb14
deprecate blkio-weight options with cgroups v1
These options were deprecated and removed in the Linux kernel v5.0 and up in;

- f382fb0bce
- fb5772cbfe
- 23aa16489c

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit fb2ea098a9)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-02-04 14:32:44 +01:00
Harald Albers 4eb050071e
Update bash completion for fluentd --log-options
Signed-off-by: Harald Albers <github@albersweb.de>
(cherry picked from commit 5a252fb3ad)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-02-04 14:32:39 +01:00
Harald Albers 08c4fdfa7a
Add bash completion for `dockerd --ip6tables`
Signed-off-by: Harald Albers <github@albersweb.de>
(cherry picked from commit ba2fef9bcb)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-02-04 14:32:34 +01:00
Harald Albers 6aa1b37c8d
Add bash completion for `docker run|create --pull`
Signed-off-by: Harald Albers <github@albersweb.de>
(cherry picked from commit 8242fe1fcc)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-02-04 14:32:29 +01:00
rochfeu e82920d76d
Remove duplicate word in push.md
Signed-off-by: Roch Feuillade <roch.feuillade@pandobac.com>
(cherry picked from commit 69b5487e39)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-02-04 14:32:24 +01:00
Harald Albers 82123939f7
Add bash completion for jobs
Signed-off-by: Harald Albers <github@albersweb.de>
(cherry picked from commit a4e86b5433)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-02-04 14:32:17 +01:00
Tibor Vass 48d30b5b32 Use golang.org/x/sys/execabs
On Windows, the os/exec.{Command,CommandContext,LookPath} functions
resolve command names that have neither path separators nor file extension
(e.g., "git") by first looking in the current working directory before
looking in the PATH environment variable.
Go maintainers intended to match cmd.exe's historical behavior.

However, this is pretty much never the intended behavior and as an abundance of precaution
this patch prevents that when executing commands.
Example of commands that docker.exe may execute: `git`, `docker-buildx` (or other cli plugin), `docker-credential-wincred`, `docker`.

Note that this was prompted by the [Go 1.15.7 security fixes](https://blog.golang.org/path-security), but unlike in `go.exe`,
the windows path lookups in docker are not in a code path allowing remote code execution, thus there is no security impact on docker.

Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit 8d199d5bba)
Signed-off-by: Tibor Vass <tibor@docker.com>
2021-01-28 22:27:59 +00:00
Tibor Vass 5941f4104a vendor docker, docker-credential-helpers and golang/sys for execabs package
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit 7bef248765)
Signed-off-by: Tibor Vass <tibor@docker.com>
2021-01-28 22:27:59 +00:00
Chris Crone 18f33b337d context: Add tarball e2e tests
Signed-off-by: Chris Crone <christopher.crone@docker.com>
2021-01-28 22:27:59 +00:00
Chris Crone 9ecc69d17e context: Ensure context name is valid on import
Signed-off-by: Chris Crone <christopher.crone@docker.com>
2021-01-28 22:27:59 +00:00
Chris Crone 6f49197cab context: Ensure import paths are valid
Signed-off-by: Chris Crone <christopher.crone@docker.com>
2021-01-28 22:27:59 +00:00
Tibor Vass 2291f610ae
Merge pull request #2886 from thaJeztah/bump_buildkit
vendor: BuildKit v0.8.1, Engine v20.10.1
2020-12-22 09:32:20 -08:00
Sebastiaan van Stijn 6c97008f67
Merge pull request #2896 from ccouzens/patch-2
Fix link to docker build with squash experiment
2020-12-22 16:27:26 +01:00
Silvin Lubecki 1f0dff6752
Merge pull request #2883 from elboulangero/fix-container-creation-time-in-tests
Fix container creation time in test/builders
2020-12-22 14:18:49 +01:00
Chris Couzens 5e430753f2
Fix link to docker build with squash experiment
Signed-off-by: Chris Couzens <ccouzens@gmail.com>
2020-12-18 22:33:02 +00:00
Arnaud Rebillout 4d6bc775b3 Fix container creation time in test/builders
The created time of the containerd is initialized with nanoseconds,
it seems to be a mistake.

In other places of the code, this field is initialized with seconds:

    $ grep -rh 'time\.Now()\.Unix()' | grep Created
    Created: time.Now().Unix(),
    Created: time.Now().Unix(),
    return []image.HistoryResponseItem{{ID: img, Created: time.Now().Unix()}}, nil

We can also see the the formatter assumes it to be seconds:

    cli/command/formatter/container.go
    ----
    func (c *ContainerContext) CreatedAt() string {
        return time.Unix(c.c.Created, 0).String()
    }

Interestingly, initializing the field with nanoseconds seems to work,
except on mips architecture, where it causes some kind of overflow.

~~~~
=== Failed
=== FAIL: cli/command/container TestContainerListWithoutFormat (0.00s)
    list_test.go:183: assertion failed:
        --- expected
        +++ actual
        @@ -1,7 +1,7 @@
         CONTAINER ID   IMAGE            COMMAND   CREATED                  STATUS        PORTS                NAMES
        -container_id   busybox:latest   "top"     Less than a second ago   Up 1 second                        c1
        -container_id   busybox:latest   "top"     Less than a second ago   Up 1 second                        c2
        -container_id   busybox:latest   "top"     Less than a second ago   Up 1 second   80-82/tcp            c3
        -container_id   busybox:latest   "top"     Less than a second ago   Up 1 second   81/udp               c4
        -container_id   busybox:latest   "top"     Less than a second ago   Up 1 second   8.8.8.8:82->82/tcp   c5
        +container_id   busybox:latest   "top"     -153722867 minutes ago   Up 1 second                        c1
        +container_id   busybox:latest   "top"     -153722867 minutes ago   Up 1 second                        c2
        +container_id   busybox:latest   "top"     -153722867 minutes ago   Up 1 second   80-82/tcp            c3
        +container_id   busybox:latest   "top"     -153722867 minutes ago   Up 1 second   81/udp               c4
        +container_id   busybox:latest   "top"     -153722867 minutes ago   Up 1 second   8.8.8.8:82->82/tcp   c5

=== FAIL: cli/command/container TestContainerListNoTrunc (0.00s)
    list_test.go:198: assertion failed:
        --- expected
        +++ actual
        @@ -1,4 +1,4 @@
         CONTAINER ID   IMAGE            COMMAND   CREATED                  STATUS        PORTS     NAMES
        -container_id   busybox:latest   "top"     Less than a second ago   Up 1 second             c1
        -container_id   busybox:latest   "top"     Less than a second ago   Up 1 second             c2,foo/bar
        +container_id   busybox:latest   "top"     -153722867 minutes ago   Up 1 second             c1
        +container_id   busybox:latest   "top"     -153722867 minutes ago   Up 1 second             c2,foo/bar
~~~~

Logs above taken from:
https://buildd.debian.org/status/fetch.php?pkg=docker.io&arch=mipsel&ver=20.10.0%7Erc1%2Bdfsg3-1&stamp=1606895899

~~~~
=== RUN   TestChtimesLinux
    chtimes_linux_test.go:87: Expected: 2262-04-11 23:47:16 +0000 UTC, got: 1990-01-27 10:50:44 +0000 UTC
--- FAIL: TestChtimesLinux (0.00s)
=== RUN   TestChtimes
    chtimes_test.go:92: Expected: 2262-04-11 23:47:16 +0000 UTC, got: 1990-01-27 10:50:44 +0000 UTC
--- FAIL: TestChtimes (0.00s)
~~~~

Logs above taken from:
https://buildd.debian.org/status/fetch.php?pkg=docker.io&arch=mips64el&ver=20.10.0%7Erc1%2Bdfsg3-1&stamp=1606895622

Signed-off-by: Arnaud Rebillout <elboulangero@gmail.com>
2020-12-16 08:55:29 +07:00
Sebastiaan van Stijn 47ecb13fe4
vendor: github.com/docker/docker v20.10.1
full diff: cf31b9622a...v20.10.1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-12-15 18:14:29 +01:00
Sebastiaan van Stijn a2b4d9c74f
vendor: github.com/moby/buildkit v0.8.1
full diff: https://github.com/moby/buildkit/compare/v0.8.0...v0.8.1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-12-15 18:09:01 +01:00
Tibor Vass 831ebeae96
Merge pull request #2884 from thaJeztah/format_help_link
Help link: remove color, add "bold" style, and white-space
2020-12-14 18:27:14 -08:00
Sebastiaan van Stijn fa3e0bcdaf
Help link: remove color, add "bold" style, and white-space
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-12-14 14:28:29 +01:00
Silvin Lubecki 42d4489992
Merge pull request #2877 from Foxboron/morten/fix-man
generate-man.sh: Only build md2man if it's not installed
2020-12-10 09:41:38 +01:00
Morten Linderud 29bd82ba14
generate-man.sh: Only build md2man if it's not installed
Distributions uses generate-man.sh to create man pages, however it only
assumes a container environment and attempts to build binaries towards
`/go` which might be an illegal path in `fakeroot`.

This patch ensures we only build `md2man` from the vendored sources if
the command is not present. This allows distributions to supply thier
packaged `md2man`.

Signed-off-by: Morten Linderud <morten@linderud.pw>
2020-12-09 23:06:18 +01:00
Tibor Vass 12164ff157
Merge pull request #2874 from thaJeztah/fix_deprecation_table
Deprecation: add pulling from non-compliant registries to table
2020-12-08 18:27:42 -08:00
Sebastiaan van Stijn 06c60dea90
Deprecation: add pulling from non-compliant registries to table
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-12-09 02:36:30 +01:00
Tibor Vass 7287ab3890
Merge pull request #2872 from thaJeztah/deprecate_non_compliant_registries
Add deprecation note for non-compliant registries
2020-12-07 15:36:43 -08:00
Tibor Vass 029ab0255a
Merge pull request #2857 from gtardif/help_guides_link
Help guides link
2020-12-07 15:34:45 -08:00
Silvin Lubecki 37f45817b6
Merge pull request #2869 from thaJeztah/fix_yaml_formatting
docs: un-wrap line to prevent YAML docs from using "compact" formatting
2020-12-07 14:15:07 +01:00
Silvin Lubecki cd409fc76a
Merge pull request #2871 from thaJeztah/bump_engine_buildkit
vendor: docker cf31b9622ae9de4b5fb7a1c9456460980ab80281, buildkit v0.8.0
2020-12-07 14:12:54 +01:00
Sebastiaan van Stijn aa91af81c6
Add deprecation note for non-compliant registries
Docker Engine v20.10 and up includes optimizations to verify if images in the
local image cache need updating before pulling, preventing the Docker Engine
from making unnecessary API requests. These optimizations require the container
image registry to conform to the Open Container Initiative Distribution Specification
(https://github.com/opencontainers/distribution-spec).

While most registries conform to the specification, we encountered some registries
to be non-compliant, resulting in `docker pull` to fail.

As a temporary solution, Docker Engine v20.10 includes a fallback mechanism to
allow `docker pull` to be functional when using a non-compliant registry. A
warning message is printed in this situation:

    WARNING Failed to pull manifest by the resolved digest. This registry does not
            appear to conform to the distribution registry specification; falling back to
            pull by tag. This fallback is DEPRECATED, and will be removed in a future
            release.

The fallback is added to allow users to either migrate their images to a compliant
registry, or for these registries to become compliant.

Note that this fallback only addresses failures on `docker pull`. Other commands,
such as `docker stack deploy`, or pulling images with `containerd` will continue
to fail.

Given that other functionality is still broken with these registries, we consider
this fallback a _temporary_ solution, and will remove the fallback in an upcoming
major release.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-12-07 13:34:50 +01:00
Sebastiaan van Stijn c54aec5c85
vendor: BuildKit v0.8.0
full diff: https://github.com/moby/buildkit/compare/v0.8.0-rc2...v0.8.0

note that this is currently a few commits "behind" the version used in docker,
but changes since v0.8.0 do not affect the code that's vendored in the CLI,
so prefering to use a tagged version.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-12-07 12:50:36 +01:00
Sebastiaan van Stijn aae8d2dfde
vendor: github.com/docker/docker cf31b9622ae9de4b5fb7a1c9456460980ab80281
full diff: 6c0a036dce...cf31b9622a

changes affecting vendored code:

- client: Fix error handling

Other changes:

- handleContainerExit: timeout on containerd DeleteTask
- vendor libnetwork to fix mix up between IPv4 and IPv6
- update containerd binary to v1.4.2
- update containerd binary to v1.4.3 (CVE-2020-15257)
- vendor: BuildKit v0.8.0-rc2, containerd, and dependencies
- Add fallback for pull by tag
- vendor: BuildKit 950603da215ae03b843f3f66fbe86c4876a6f5a1
- IPv6 iptables config option

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-12-07 12:43:03 +01:00
Sebastiaan van Stijn 3455643194
docs: un-wrap line to prevent YAML docs from using "compact" formatting
Looks like the YAML conversion doesn't like lines starting with `[`, and
causing it to use the "compact" formatting in the generated YAML.

This patch un-wraps these lines to prevent this.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-12-07 12:24:44 +01:00
Silvin Lubecki beab92999a
Merge pull request #2862 from rumpl/chore-remove-kubernetes-dependency
Remove k8s.io/kubernetes dependency
2020-12-04 21:15:39 +01:00
Djordje Lukic 9f9c4b7f3b Remove k8s.io/kubernetes dependency
We are only using the `IsPodReady` function that can be rewritten easily.

Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>
2020-12-04 00:27:40 +01:00
Sebastiaan van Stijn 98625314fa
Merge pull request #2846 from bboehmke/dockerd_ip6tables
added ip6tables to daemon CLI and config file documentation
2020-12-03 20:56:21 +01:00
Tibor Vass dca98e3c87
Merge pull request #2843 from thaJeztah/bump_docker_buildkit
vendor: buildkit v0.8.0-rc2, docker, containerd, and dependencies
2020-12-02 14:02:57 -08:00
Tibor Vass 40ec81a79a build: display [auth] output
Signed-off-by: Tibor Vass <tibor@docker.com>
2020-12-02 21:22:36 +00:00
Sebastiaan van Stijn 9a0a071d55 vendor: buildkit v0.8.0-rc2, docker
diffs:

- full diff: af34b94a78...6c0a036dce
- full diff: 4d1f260e84...v0.8.0-rc2

New dependencies:

- go.opencensus.io v0.22.3
- github.com/containerd/typeurl v1.0.1
- github.com/golang/groupcache 869f871628b6baa9cfbc11732cdf6546b17c1298

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-12-02 21:01:12 +00:00
Sebastiaan van Stijn 4cab568abb vendor: github.com/moby/term bea5bbe245bf407372d477f1361d2ff042d2f556
full diff: 7f0af18e79...bea5bbe245

- Fix windows integer overflow on GOOS=windows, GOARCH=arm
- go.mod: github.com/creack/pty v1.1.11
  - v1.1.11: Add arm support for OpenBSD
  - v1.1.10: Fix CTTY to work with go1.15
- CI: fix Go version matrix, and drop go 1.12, add go 1.15
- CI: remove "sudo" to fix incorrect Go versions (incorrect PATH, GOROOT)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-12-02 21:01:12 +00:00