Commit Graph

7165 Commits

Author SHA1 Message Date
Sebastiaan van Stijn 5cd19d1fec
opts: fix potential integer overflow CWE-190, CWE-681
Caught by CodeQL:

> Incorrect conversion of an integer with architecture-dependent bit size
> from strconv.ParseUint to a lower bit size type uint16 without an upper
> bound check.

fixes https://github.com/docker/cli/security/code-scanning/2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-24 01:30:42 +02:00
Sebastiaan van Stijn 064148042d
Merge pull request #2808 from charlottemach/master
Replace deprecated instruction
2020-10-24 00:44:12 +02:00
Charlotte Mach aa4cb24739 Replace deprecated instruction
MAINTAINER is deprecated, replacing with LABEL as recommended by
https://docs.docker.com/engine/reference/builder/#maintainer-deprecated

Signed-off-by: Charlotte Mach <charlotte.mach@fs.lmu.de>
2020-10-23 19:49:51 +02:00
Tibor Vass 95fe476706
Merge pull request #2803 from thaJeztah/bump_engine
Update docker/docker and dependencies to current master
2020-10-22 12:43:39 -07:00
Tibor Vass ff10c7ab96
Merge pull request #2796 from thaJeztah/bump_vndr
Bump vndr v0.1.2
2020-10-22 12:41:23 -07:00
Tibor Vass 7fedb0e54f
Merge pull request #2775 from thaJeztah/notabs
Replace tab with spaces in usage output
2020-10-22 12:40:42 -07:00
Sebastiaan van Stijn d1b4b61328
Merge pull request #2799 from tonistiigi/plugin-sigterm
handle sigterm on running a plugin
2020-10-22 20:55:07 +02:00
Tonis Tiigi 857f5856f8 handle sigterm on running a plugin
While running a plugin and canceling with SIGTERM, main process will
close right away without letting the plugin close itself down and handle
the exit code properly. Add appcontext that is useful for handling
sigterm, as well as supporting sigkill when things go wrong.

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-10-21 22:32:49 -07:00
Sebastiaan van Stijn b981f2454e
vendor: cloud.google.com/go v0.44.3
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-20 22:56:42 +02:00
Sebastiaan van Stijn f5670e1069
vendor: opencontainers/go-digest v1.0.0
full diff: https://github.com/opencontainers/go-digest/compare/v1.0.0-rc1...v1.0.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-20 22:48:55 +02:00
Sebastiaan van Stijn ceffcc527e
vendor: github.com/gofrs/flock v0.7.3
full diff: https://github.com/gofrs/flock/compare/v0.7.1...v0.7.3

Relevant changes:

- fix: close/Unlock won't close the file descriptor if not locked
- fix license text, update year

Note that there's also a v0.8.0 release; that release only adds aix support,
which is currently of no interest to us, so skipping that version for now.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-20 22:46:48 +02:00
Sebastiaan van Stijn 15c928eae1
vendor: docker/docker 73dc6a680cdd48f2f993f1a1b91aac1dd23d47c8
full diff: 7f7e4abb33...73dc6a680c

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-20 22:31:42 +02:00
Silvin Lubecki 46e24f515e
Merge pull request #2801 from thaJeztah/fix_missing_manual_entry
man-pages: fix missing manual title in heading
2020-10-20 14:22:48 +02:00
Sebastiaan van Stijn b46ef4659e
man-pages: fix missing manual title in heading
This was set in our manually written markdowns, but not in the man pages
generated through Cobra.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-20 12:54:57 +02:00
Silvin Lubecki 16127e2588
Merge pull request #2794 from thaJeztah/bump_cobra
vendor: github.com/spf13/cobra v1.1.1
2020-10-20 12:51:43 +02:00
Sebastiaan van Stijn 74d45bbf61
vendor: github.com/spf13/cobra v1.1.1
full diff: https://github.com/spf13/cobra/compare/v1.0.0...v1.1.1

Notable changes:

- Extend Go completions and revamp zsh comp
- Add completion for help command
- Complete subcommands when TraverseChildren is set
- Fix stderr printing functions
- fix: fish output redirection
- fix manpage building with new go-md2man

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-20 12:39:57 +02:00
Sebastiaan van Stijn 32861cb7aa
Merge pull request #2800 from thaJeztah/fix_man_titleblocks
Update man-page source MarkDown to work with go-md2man v2
2020-10-20 12:37:37 +02:00
Silvin Lubecki 94430f66b8
Merge pull request #2798 from thaJeztah/deprecate_lcow
Deprecate Linux containers on Windows (LCOW) (experimental)
2020-10-20 12:30:32 +02:00
Sebastiaan van Stijn 5355f2f639
Update man-page source MarkDown to work with go-md2man v2
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-20 12:21:15 +02:00
Sebastiaan van Stijn faac84e35d
Deprecate Linux containers on Windows (LCOW) (experimental)
The experimental feature to run Linux containers on Windows (LCOW) was introduced
as a technical preview in Docker 17.09. While many enhancements were made after
its introduction, the feature never reached completeness, and development has
now stopped in favor of running docker natively on Linux in WSL2.

Developers that need to run Linux workloads on a Windows host are encouraged
to use Docker Desktop with WSL2 instead.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-16 14:10:22 +02:00
Sebastiaan van Stijn 8328ee1965
Bump vndr v0.1.2
full diff: https://github.com/LK4D4/vndr/compare/v0.1.1...v0.1.2

- cleanVCS: prevent panic
- Consider '.syso' as a Go file for vendoring

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-16 01:32:00 +02:00
Sebastiaan van Stijn 9b3eef5218
Merge pull request #2755 from thaJeztah/dont_save_useragent
Config-file: remove User-Agent from config.json when saving
2020-10-15 22:17:59 +02:00
Tibor Vass 8107a381c1
Merge pull request #2788 from thaJeztah/reversion
Update versions 20.03 -> 20.10
2020-10-13 14:37:16 -07:00
Sebastiaan van Stijn ee41923645
docs: update 20.03 -> 20.10 in docker update docs
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-13 09:39:42 +02:00
Sebastiaan van Stijn 6c0a3dfbff
docs: update 20.03 -> 20.10 in deprecated.md
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-13 09:38:48 +02:00
Sebastiaan van Stijn 06c1f784dd
Update version to 20.10-dev
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-13 09:37:17 +02:00
Silvin Lubecki ac365d7175
Merge pull request #2780 from thaJeztah/fix_links
docs: fix broken links in build reference
2020-10-07 11:36:37 +02:00
Sebastiaan van Stijn 3fe574b7ef
docs: fix broken links in build reference
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-07 11:06:46 +02:00
Silvin Lubecki 6916b427a0
Merge pull request #2774 from thaJeztah/drop_experimental
Always enable experimental features
2020-10-02 17:34:01 +02:00
Sebastiaan van Stijn 610def40f1
Merge pull request #2773 from thaJeztah/deprecate_experimental_options
Deprecate configuration options for experimental CLI features
2020-10-02 16:36:15 +02:00
Sebastiaan van Stijn 977d3ae046
Always enable experimental features
The CLI disabled experimental features by default, requiring users
to set a configuration option to enable them.

Disabling experimental features was a request from Enterprise users
that did not want experimental features to be accessible.

We are changing this policy, and now enable experimental features
by default. Experimental features may still change and/or removed,
and will be highlighted in the documentation and "usage" output.

For example, the `docker manifest inspect --help` output now shows:

    EXPERIMENTAL:
      docker manifest inspect is an experimental feature.

      Experimental features provide early access to product functionality. These features
      may change between releases without warning or can be removed entirely from a future
      release. Learn more about experimental features: https://docs.docker.com/go/experimental/

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-02 15:59:42 +02:00
Sebastiaan van Stijn e6ef3349f6
update docs usage output to match new format
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-02 15:51:01 +02:00
Sebastiaan van Stijn 7f3717bd2a
Replace tab with spaces in usage output
All output of the usage / --help output uses spaces, and having a tab
in the output can be somewhat cumbersome (e.g. our YAML docs generator
doesn't like them, and copy/pasing the output in iTerm produces a warning).

This patch changes the output to use two spaces instead.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-02 15:41:17 +02:00
Sebastiaan van Stijn d9c36c2878
cli: print experimental message in usage output
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-02 15:30:52 +02:00
Sebastiaan van Stijn de8b696ed6
docs/deprecated: remove minor versions
Some deprecations are ammended during a major (YY.MM) release, to
inform users as early as possible about deprecations. Removing the
minor version from this overview clarifies that features are
marked deprecated during which major release's lifecycle.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-02 14:15:42 +02:00
Sebastiaan van Stijn 48822564b6
docs: deprecate CLI options for experimental CLI features
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-02 14:10:27 +02:00
Sebastiaan van Stijn c2225ad126
docs: add /go/experimental/ vanity URL
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-02 13:59:55 +02:00
Silvin Lubecki 9b92be00e4
Merge pull request #2770 from thaJeztah/codeql_cron_only
GH Actions: run CodeQL only on cron-job, not on pull requests
2020-10-01 17:17:07 +02:00
Sebastiaan van Stijn 0d11ef3056
GH Actions: run CodeQL only on cron-job, not on pull requests
Analysis takes more than 10 minutes, which is quite long to
run, so change it to only run on a cron job.

Also changing the cron to run on Thursdays instead of Fridays;
no need to worry about security issues during the Weekend.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-01 16:51:28 +02:00
Sebastiaan van Stijn 3f19902eae
Config-file: remove User-Agent from config.json when saving
The config.json allows for setting custom HTTP headers, but given that
User-Agent is not customizable, we should remove it from the config before saving;

Before this change;

    $ cat ~/.docker/config.json
    {
        "auths": {
            "https://index.docker.io/v1/": {
                "auth": "<base64 auth>"
            }
        },
        "HttpHeaders": {
            "User-Agent": "Docker-Client/19.03.12 (linux)"
        }
    }

    $ docker logout
    {
        "auths": {},
        "HttpHeaders": {
            "User-Agent": "Docker-Client/19.03.12 (linux)"
        }
    }

After this change:

    $ cat ~/.docker/config.json
    {
        "auths": {
            "https://index.docker.io/v1/": {
                "auth": "<base64 auth>"
            }
        },
        "HttpHeaders": {
            "User-Agent": "Docker-Client/19.03.12 (linux)"
        }
    }

    $ docker logout
    Removing login credentials for https://index.docker.io/v1/

    $ cat ~/.docker/config.json
    {
        "auths": {}
    }

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-01 15:04:39 +02:00
Silvin Lubecki 749c62fb4d
Merge pull request #2768 from thaJeztah/add_codeql
Add CodeQL Analysis workflow (again)
2020-10-01 15:02:49 +02:00
Sebastiaan van Stijn c8e3ddc768
Add CodeQL Analysis workflow (again)
This feature went GA, so adding this workflow again. Workflow
is updated to the suggested template when enabling.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-01 14:23:28 +02:00
Silvin Lubecki b4097f7ef2
Merge pull request #2756 from thaJeztah/fix_overwrite_headers
Fix initializing client modifying custom HTTPHeaders
2020-09-30 15:13:12 +02:00
Silvin Lubecki de632b7ab0
Merge pull request #2763 from thaJeztah/update_logrus
vendor: sirupsen/logrus v1.7.0
2020-09-30 15:01:06 +02:00
Sebastiaan van Stijn 2d6b5e8abc
vendor: sirupsen/logrus v1.7.0
full diff: https://github.com/sirupsen/logrus/compare/v1.6.0...v1.7.0

removes dependency on github.com/konsorten/go-windows-terminal-sequences

Features:
   * a new buffer pool management API has been added
   * a set of `<LogLevel>Fn()` functions have been added

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-30 13:42:17 +02:00
Tibor Vass 8b916c9300
Merge pull request #2757 from thaJeztah/update_security_link
docs: update URL for security landing page
2020-09-29 16:36:47 -07:00
Tibor Vass 88c6089300
Merge pull request #2759 from thaJeztah/fix_yaml_gen
docs: fix generated YAML due to trailing whitespace
2020-09-29 14:14:43 -07:00
Sebastiaan van Stijn 2484a30534
docs: fix generated YAML due to trailing whitespace
If a file contains trailing whitespace, the YAML generator uses a
compact format, which is hard to read.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-29 21:59:36 +02:00
Sebastiaan van Stijn 54bbd782bf
docs: update URL for security landing page
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-29 21:16:58 +02:00
Sebastiaan van Stijn 2b1138c118
Fix initializing client modifying custom HTTPHeaders
When initializing the API client, the User-Agent was added to any custom
HTTPHeaders that were configured. However, because the map was not properly
dereferenced, the original map was modified, causing the User-Agent to also
be saved to config.json after `docker login` and `docker logout`:

Before this change;

    $ cat ~/.docker/config.json
    cat: can't open '/root/.docker/config.json': No such file or directory

    $ docker login -u myusername
    Password:
    ...
    Login Succeeded

    $ cat ~/.docker/config.json
    {
        "auths": {
            "https://index.docker.io/v1/": {
                "auth": "<base64 auth>"
            }
        },
        "HttpHeaders": {
            "User-Agent": "Docker-Client/19.03.12 (linux)"
        }
    }

    $ docker logout
    {
        "auths": {},
        "HttpHeaders": {
            "User-Agent": "Docker-Client/19.03.12 (linux)"
        }
    }

After this change:

    $ cat ~/.docker/config.json
    cat: can't open '/root/.docker/config.json': No such file or directory

    $ docker login -u myusername
    Password:
    ...
    Login Succeeded

    $ cat ~/.docker/config.json
    {
        "auths": {
            "https://index.docker.io/v1/": {
                "auth": "<base64 auth>"
            }
        }
    }

    $ docker logout
    Removing login credentials for https://index.docker.io/v1/

    $ cat ~/.docker/config.json
    {
        "auths": {}
    }

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-29 17:24:07 +02:00