Commit Graph

6646 Commits

Author SHA1 Message Date
Sebastiaan van Stijn 013151ff78
vendor: bump google.golang.org/grpc v1.23.1
full diff: https://github.com/grpc/grpc-go/compare/v1.23.0...v1.23.1

- grpc/grpc-go#3018 server: set and advertise max frame size of 16KB
- grpc/grpc-go#3017 grpclb: fix deadlock in grpclb connection cache
    - Before the fix, if the timer to remove a SubConn fires at the
      same time NewSubConn cancels the timer, it caused a mutex leak
      and deadlock.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-07 10:26:47 +01:00
Sebastiaan van Stijn 268cc5df24
vendor: bump golang.org/x/sys 6d18c012aee9febd81bbf9806760c8c4480e870d
full diff: 9eafafc0a8...6d18c012ae

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-07 10:26:26 +01:00
Silvin Lubecki f7f4a19328
Merge pull request #2236 from thaJeztah/plugin_sorting
docker info: list CLI plugins alphabetically
2020-01-06 15:42:16 +01:00
Silvin Lubecki f870440c35
Merge pull request #2153 from thaJeztah/bump_containerd_1.3.0
bump containerd and dependencies to v1.3.0
2020-01-06 15:38:00 +01:00
Sebastiaan van Stijn 9efca8e7b4
Merge pull request #2231 from oscrx/patch-1
Change example networks
2020-01-06 15:25:53 +01:00
Sebastiaan van Stijn 43c131f0ae
Merge pull request #2238 from thaJeztah/carry_platform_docs
docs: document from platform (carry 2003)
2020-01-06 15:22:36 +01:00
Oscar Wieman 2d6aec78a1
Change example networks
Signed-off-by: Oscar Wieman <oscar@oscarr.nl>
2020-01-06 13:39:02 +01:00
Vincent Demeester a2e252c92a
Merge pull request #2234 from thaJeztah/bump_golang_1.12.14
Bump Golang 1.12.14
2020-01-06 10:47:47 +01:00
Vincent Demeester 389fa742ff
Merge pull request #2232 from thaJeztah/fixup_docker_ps_formatting
Fix some issues with docker ps --format
2020-01-06 10:46:33 +01:00
Tonis Tiigi ce42168940
docs: document from platform
Co-Authored-By: Tibor Vass <tiborvass@users.noreply.github.com>
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-03 17:25:28 +01:00
Sebastiaan van Stijn 4beea58531
Bump Golang 1.12.14
go1.12.14 (released 2019/12/04) includes a fix to the runtime. See the Go 1.12.14
milestone on our issue tracker for details:

https://github.com/golang/go/issues?q=milestone%3AGo1.12.14+label%3ACherryPickApproved

Update Golang 1.12.13
------------------------

go1.12.13 (released 2019/10/31) fixes an issue on macOS 10.15 Catalina where the
non-notarized installer and binaries were being rejected by Gatekeeper. Only macOS
users who hit this issue need to update.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-03 12:37:59 +01:00
Sebastiaan van Stijn ef37a8a57c
Fix "make build" (non-containerized) on macOS
macOS doesn't ship with the GNU version of `date`, which
causes the command to fail if the `--rfc-3339 ns` format option
is used.

Given that we don't need the build-time with nanosecond precision,
this patch changes the format used, so that the CLI binary can be
built on the host (outside of a container);

Before this change, `make binary` would fail:

    DISABLE_WARN_OUTSIDE_CONTAINER=1 make binary
    WARNING: binary creates a Linux executable. Use cross for macOS or Windows.
    ./scripts/build/binary
    make: *** [binary] Error 1

With this change, the binary can be built on the host:

    DISABLE_WARN_OUTSIDE_CONTAINER=1 make binary
    WARNING: binary creates a Linux executable. Use cross for macOS or Windows.
    ./scripts/build/binary
    Building statically linked build/docker-darwin-amd64

While the previous version formatted (and parsed) the date with nanoseconds precision,
that level of precision is not actually used;

```go
func reformatDate(buildTime string) string {
	t, errTime := time.Parse(time.RFC3339Nano, buildTime)
	if errTime == nil {
		return t.Format(time.ANSIC)
	}
	return buildTime
}
```

Both the old, and new input will yield the same output:

```go
fmt.Println(reformatDate("2019-12-31T13:41:44.846741804+00:00"))
// Tue Dec 31 13:41:44 2019

fmt.Println(reformatDate("2019-12-31T13:41:44Z"))
// Tue Dec 31 13:41:44 2019
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-12-31 15:06:11 +01:00
Sebastiaan van Stijn 54ba28f402
docker info: list CLI plugins alphabetically
Before this change, plugins were listed in a random order:

    Client:
     Debug Mode: false
     Plugins:
      doodle: Docker Doodles  all around! 🐳 🎃 (thaJeztah, v0.0.1)
      shell: Open a browser shell on the Docker Host. (thaJeztah, v0.0.1)
      app: Docker Application (Docker Inc., v0.8.0)
      buildx: Build with BuildKit (Docker Inc., v0.3.1-tp-docker)

With this change, plugins are listed alphabetically:

    Client:
     Debug Mode: false
     Plugins:
      app: Docker Application (Docker Inc., v0.8.0)
      buildx: Build with BuildKit (Docker Inc., v0.3.1-tp-docker)
      doodle: Docker Doodles  all around! 🐳 🎃 (thaJeztah, v0.0.1)
      shell: Open a browser shell on the Docker Host. (thaJeztah, v0.0.1)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-12-31 14:33:07 +01:00
Sebastiaan van Stijn aef6b04a7c
Fix docker ps table headers with custom format and "split" or "join"
Update the list of overrides for table headers so that columns using split or
join will produce the correct table header.

Before this patch:

    docker ps --format='table {{split .Names "/"}}'
    [NAMES]
    [unruffled_mclean]
    [eloquent_meitner]
    [sleepy_grothendieck]

With this patch applied:

    docker ps --format='table {{split .Names "/"}}'
    NAMES
    [unruffled_mclean]
    [eloquent_meitner]
    [sleepy_grothendieck]

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-12-27 12:36:02 +01:00
Sebastiaan van Stijn 69f216f6e4
Fix docker ps --format with templating functions
Before this patch, using a template that used templating functions (such as
`lower` or `json`) caused the command to fail in the pre-processor step (in
`buildContainerListOptions`):

    docker ps --format='{{upper .Names}}'
    template: :1:8: executing "" at <.Names>: invalid value; expected string

This problem was due to the pre-processing using a different "context" type than
was used in the actual template, and custom functions to not be defined when
instantiating the Go template.

With this patch, using functions in templates works correctly:

    docker ps --format='{{upper .Names}}'
    MUSING_NEUMANN
    ELOQUENT_MEITNER

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-12-27 12:35:55 +01:00
Silvin Lubecki ba63a92655
Merge pull request #2230 from thaJeztah/unify_ps_tests
command/container: unify list tests in a single file
2019-12-20 15:55:25 +01:00
Sebastiaan van Stijn b062726313
command/container: unify list tests in a single file
Move the remaining test with the others, and rename it from
`TestBuildContainerListOptions` to `TestContainerListBuildContainerListOptions`,
so that it has the same prefix as the other tests.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-12-20 14:59:43 +01:00
Sebastiaan van Stijn 6732347e55
bump containerd v1.3.0
full diff: 7c1e88399e...v1.3.0

This also adds back containerd/ttrpc as a dependency, which is referenced by the BuildKit client (indirectly)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-12-19 13:58:23 +01:00
Sebastiaan van Stijn 22a291f703
config: preserve ownership and permissions on configfile
When running `docker login` or `docker logout`, the CLI updates
the configuration file by creating a temporary file, to replace
the old one (if exists).

When using `sudo`, this caused the file to be created as `root`,
making it inaccessible to the current user.

This patch updates the CLI to fetch permissions and ownership of
the existing configuration file, and applies those permissions
to the new file, so that it has the same permissions as the
existing file (if any).

Currently, only done for "Unix-y" systems (Mac, Linux), but
can be implemented for Windows in future if there's a need.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-12-17 09:57:33 +01:00
Sebastiaan van Stijn c07f50afab
bump buildkit f7042823e340d38d1746aa675b83d1aca431cee3
full diff: 10cef0c6e1...f7042823e3

no local changes, other than updated go.mod

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-12-12 21:21:30 +01:00
Sebastiaan van Stijn cf3f902df4
update runc to v1.0.0-rc8-92-g84373aaa (CVE-2019-16884)
full diff: https://github.com/opencontainers/runc/compare/v1.0.0-rc8...3e425f80a8c931f88e6d94a8c831b9d5aa481657

  - opencontainers/runc#2010 criu image path permission error when checkpoint rootless container
  - opencontainers/runc#2028 Update to Go 1.12 and drop obsolete versions
  - opencontainers/runc#2029 Update dependencies
  - opencontainers/runc#2034 Support for logging from children processes
  - opencontainers/runc#2035 specconv: always set "type: bind" in case of MS_BIND
  - opencontainers/runc#2038 `r.destroy` can defer exec in `runner.run` method
  - opencontainers/runc#2041 Change the permissions of the notify listener socket to rwx for everyone
  - opencontainers/runc#2042 libcontainer: intelrdt: add missing destroy handler in defer func
  - opencontainers/runc#2047 Move systemd.Manager initialization into a function in that module
  - opencontainers/runc#2057 main: not reopen /dev/stderr
      - closes opencontainers/runc#2056 Runc + podman|cri-o + systemd issue with stderr
      - closes kubernetes/kubernetes#77615 kubelet fails starting CRI-O containers (Ubuntu 18.04 + systemd cgroups driver)
      - closes cri-o/cri-o#2368 Joining worker node not starting flannel or kube-proxy / CRI-O error "open /dev/stderr: no such device or address"
  - opencontainers/runc#2061 libcontainer: fix TestGetContainerState to check configs.NEWCGROUP
  - opencontainers/runc#2065 Fix cgroup hugetlb size prefix for kB
  - opencontainers/runc#2067 libcontainer: change seccomp test for clone syscall
  - opencontainers/runc#2074 Update dependency libseccomp-golang
  - opencontainers/runc#2081 Bump CRIU to 3.12
  - opencontainers/runc#2089 doc: First process in container needs `Init: true`
  - opencontainers/runc#2094 Skip searching /dev/.udev for device nodes
      - closes opencontainers/runc#2093 HostDevices() race with older udevd versions
  - opencontainers/runc#2098 man: fix man-pages
  - opencontainers/runc#2103 cgroups/fs: check nil pointers in cgroup manager
  - opencontainers/runc#2107 Make get devices function public
  - opencontainers/runc#2113 libcontainer: initial support for cgroups v2
  - opencontainers/runc#2116 Avoid the dependency on cgo through go-systemd/util package
      - removes github.com/coreos/pkg as dependency
  - opencontainers/runc#2117 Remove libcontainer detection for systemd features
      - fixes opencontainers/runc#2117 Cache the systemd detection results
  - opencontainers/runc#2119 libcontainer: update masked paths of /proc
      - relates to #36368 Add /proc/keys to masked paths
      - relates to #38299 Masked /proc/asound
      - relates to #37404 Add /proc/acpi to masked paths (CVE-2018-10892)
  - opencontainers/runc#2122 nsenter: minor fixes
  - opencontainers/runc#2123 Bump x/sys and update syscall for initial Risc-V support
  - opencontainers/runc#2125 cgroup: support mount of cgroup2
  - opencontainers/runc#2126 libcontainer/nsenter: Don't import C in non-cgo file
  - opencontainers/runc#2129 Only allow proc mount if it is procfs
      - addresses opencontainers/runc#2129 AppArmor can be bypassed by a malicious image that specifies a volume at /proc (CVE-2019-16884)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-12-12 21:21:27 +01:00
Sebastiaan van Stijn 4b267469b9
bump hashicorp/golang-lru v0.5.3
full diff: 0fb14efe8c...v0.5.3

- hashicorp/golang-lru#53 remove defer keyword to avoid overhead
- hashicorp/golang-lru#56 lru.Get(): avoid nil pointer dereference
- hashicorp/golang-lru#57 Adds LRU cache resize
- hashicorp/golang-lru#58 lru: don't kill the return values of Remove and RemoveOldest

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-12-12 21:21:22 +01:00
Sebastiaan van Stijn b104da4a09
bump containerd/continuity f2a389ac0a02ce21c09edd7344677a601970f41c
full diff: aaeac12a7f...f2a389ac0a

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-12-12 21:19:59 +01:00
Brian Goff ebca141311
Merge pull request #2207 from thaJeztah/remove_engine_activate
Remove "docker engine" subcommands
2019-12-12 11:17:48 -08:00
Sebastiaan van Stijn 7e5451316f
docs: add redirects for engine reference pages
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-12-12 17:51:33 +01:00
Sebastiaan van Stijn 43b2f52d0c
Remove "docker engine" subcommands
These subcommands were created to allow upgrading a Docker Community
engine to Docker Enterprise, but never really took off.

This patch removes the `docker engine` subcommands, as they added
quite some complexity / additional code.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-12-12 17:51:25 +01:00
Sebastiaan van Stijn 9ef0c7a9dd
Merge pull request #2196 from tiborvass/test-tlsverify
e2e: add new test package "global" with TestTLSVerify
2019-12-12 15:15:15 +01:00
Silvin Lubecki 02ef51e927
Merge pull request #2224 from thaJeztah/update_proxy_docs
Add docs for proxy configuration in config.json
2019-12-12 15:06:04 +01:00
Silvin Lubecki eb33f8759c
Merge pull request #1590 from thaJeztah/docs_add_management_notes
Docs: add note about management commands targeting a manager
2019-12-12 15:03:46 +01:00
Sebastiaan van Stijn cff1a88126
Merge pull request #2211 from thaJeztah/refresh_maintainers
Refresh maintainers list
2019-12-12 15:01:52 +01:00
Sebastiaan van Stijn f540eae7fe
Docs: add note about management commands targeting a manager
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-12-12 14:57:05 +01:00
Silvin Lubecki 0fd5c16ab9
Merge pull request #1936 from thaJeztah/bump_jwt_go
bump dgrijalva/jwt-go v3.2.0, docker/licencing 7c3de6a
2019-12-12 14:50:10 +01:00
Brian Goff 08eaead288
Merge pull request #2216 from thaJeztah/remove_dab_deploy
Remove experimental "deploy" from "dab" files
2019-12-10 11:00:34 -08:00
Sebastiaan van Stijn e70d6bcb8a
Add docs for proxy configuration in config.json
Setting proxy-configuration in config.json was added in
commit 35f1e301b5 (docker
17.07), but never found its way to the documentation.

This patch adds some basic information about the feature.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-12-10 15:36:30 +01:00
Sebastiaan van Stijn dd87cd9feb
bump github.com/dgrijalva/jwt-go v3.2.0, docker/licencing 7c3de6a4f59e9e70764ea6f6901cf17b88059789
full diff:

- a2c85815a7...v3.2.0
  - https://github.com/dgrijalva/jwt-go/blob/v3.2.0/VERSION_HISTORY.md
- 9781369abd...5f0f1276fe42dd721c1c093604995a9f758ace21

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-12-10 14:24:37 +01:00
Silvin Lubecki 79578882a1
Merge pull request #2221 from thaJeztah/fix_docker_cp_npe
docker cp: prevent NPE when failing to stat destination
2019-12-09 21:40:42 +01:00
Sebastiaan van Stijn 585ec4da97
docker cp: prevent NPE when failing to stat destination
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-12-09 15:32:02 +01:00
Sebastiaan van Stijn 99ad13e374
Remove experimental "deploy" from "dab" files
The top-level `docker deploy` command (using the "Docker Application Bundle"
(`.dab`) file format was introduced as an experimental feature in Docker 1.13 /
17.03, but superseded by support for Docker Compose files.

With no development being done on this feature, and no active use of the file
format, support for the DAB file format and the top-level `docker deploy` command
(hidden by default in 19.03), is removed in this patch, in favour of `docker stack deploy`
using compose files.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-12-09 10:34:14 +01:00
Akhil Mohan e1daa22ba1
Modify docs to specify working of device flag
Modify the docker run docs, to specify working of --device flag
in containers that are started in privileged mode. The custom device
permissions that are given to a device in privileged mode are ignored
and goes with `rwm` by default

Signed-off-by: Akhil Mohan <akhil.mohan@mayadata.io>
2019-12-08 19:55:18 +05:30
Silvin Lubecki 8547dfcff7
Merge pull request #1803 from thaJeztah/add_ip_address_to_advanced_options
Add ip address to advanced options
2019-12-04 15:16:15 +01:00
Silvin Lubecki d263e29ab5
Merge pull request #2152 from thaJeztah/bump_various_deps
Bump various dependencies
2019-12-04 15:03:23 +01:00
Silvin Lubecki 6eee39df0c
Merge pull request #2175 from thaJeztah/pin_in_scope
parseNetworkOpts, updatePorts: pin variables in scope (scopelint)
2019-12-04 14:50:00 +01:00
Sebastiaan van Stijn 7f063899ef
Maintainers: remove Justin and Aaron
Updating this file to match reality. Both Justin and Aaron
have informed me that they were not expecting to be involved
with maintaining the CLI, so removing them from the list.

Aaron was mostly active on the daemon / engine, so I decided
to not include him in the alumni on this repository, and
Justin remains active as a maintainer on the engine.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-12-04 13:08:15 +01:00
Sebastiaan van Stijn 2e2d2e16c9
Move Daniel to alumni
Thanks Daniel!

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-12-04 13:04:47 +01:00
Sebastiaan van Stijn 046a13f996
Maintainers file: remove "docs maintainers" section
The "docs maintainers" role was never defined; removing
the section from the file to make the file less confusing.

We can add people with specific expertise to the general
"maintainers" section instead.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-12-04 13:00:37 +01:00
Tibor Vass 13fb276442
Merge pull request #2129 from derskeal/patch-1
Fix typo
2019-12-02 15:02:38 -08:00
Sebastiaan van Stijn 54d085b857
Merge pull request #2202 from adrian-plata/builder-links
Fixing some links and deleting an older page reference
2019-11-26 21:36:49 +01:00
Sebastiaan van Stijn 01883d5e2c
Merge pull request #2194 from tiborvass/fix-cp-trailing-slash
cp: allow trailing slash in non-existant destination
2019-11-26 21:27:42 +01:00
Sebastiaan van Stijn fc83b941f5
Merge pull request #2198 from usb79/patch-1
Typo in documentation of volume create
2019-11-26 21:25:27 +01:00
Adrian Plata 8195512206 Fixing some links and deleting an older page reference
Signed-off-by: Adrian Plata <adrian.plata@docker.com>
2019-11-21 10:52:50 -08:00