Commit Graph

6854 Commits

Author SHA1 Message Date
Sebastiaan van Stijn 0a21de05d2
compose/loader: fix TestIsAbs not testing all combinations
This test was intending to run all tests, but didn't, which was
caught by golangci-lint;

    cli/compose/loader/windows_path_test.go:46:17: SA4010: this result of append is never used, except maybe in other appends (staticcheck)
    	tests := append(isabstests, winisabstests...)
    	               ^

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-29 15:02:23 +01:00
Sebastiaan van Stijn 54411e5a92
cli/command/container: Using a reference for the variable on range scope `n` (scopelint)
```
cli/command/container/opts.go:700:37: Using a reference for the variable on range scope `n` (scopelint)
			if err := applyContainerOptions(&n, copts); err != nil {
			                                 ^
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-29 14:59:16 +01:00
Sebastiaan van Stijn 648199b321
cli/command/service: Using a reference for the variable on range scope `entry` (scopelint)
```
cli/command/service/update.go:1007:43: Using a reference for the variable on range scope `entry` (scopelint)
		if _, ok := portSet[portConfigToString(&entry)]; !ok {
		                                        ^
cli/command/service/update.go:1008:32: Using a reference for the variable on range scope `entry` (scopelint)
			portSet[portConfigToString(&entry)] = entry
			                            ^
cli/command/service/update.go:1034:44: Using a reference for the variable on range scope `port` (scopelint)
			if _, ok := portSet[portConfigToString(&port)]; ok {
			                                        ^
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-29 14:59:12 +01:00
Sebastiaan van Stijn 3fa5aef0f9
Merge pull request #2078 from artheus/contrib/faster-bash-completion
Contrib: Make bash completion faster for services
2019-10-29 12:31:13 +01:00
Sebastiaan van Stijn 2eb5cdba46
Merge pull request #2087 from shahzzzam/sam/fix-print
fix formatting issue of encoded url
2019-10-29 12:28:09 +01:00
Sebastiaan van Stijn 4f9ee0721f
Merge pull request #2125 from albers/completion-builder-build-options
Add bash completion for `builder build` options
2019-10-29 12:24:38 +01:00
Derskeal 167b3906fe Update flag doc
Signed-off-by: Derskeal <27731088+derskeal@users.noreply.github.com>
2019-10-29 12:01:30 +01:00
Sebastiaan van Stijn 3e78cbc021
Gometalinter: raise deadline to 3 minutes
Looks like we're just on the edge of the deadline, and it's sometimes
failing;

```
cli/command/image/trust.go:346:1⚠️ nolint directive did not match any issue (nolint)
cli/command/manifest/push.go:211:1⚠️ nolint directive did not match any issue (nolint)
internal/pkg/containerized/snapshot.go:95:1⚠️ nolint directive did not match any issue (nolint)
internal/pkg/containerized/snapshot.go:138:1⚠️ nolint directive did not match any issue (nolint)
WARNING: deadline exceeded by linter interfacer (try increasing --deadline)
Exited with code 3
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-28 12:50:56 +01:00
Silvin Lubecki c887984b48
Merge pull request #2158 from thaJeztah/bump_engine
bump docker/docker to a09e6e323e55e1a9b21df9c2c555f5668df3ac9b
2019-10-28 11:19:00 +01:00
Sebastiaan van Stijn 7f6cd64335
bump docker/docker to a09e6e323e55e1a9b21df9c2c555f5668df3ac9b
full diff: b6684a403c...a09e6e323e

relevant changes:

- moby/moby#39995 Update containerd binary to v1.2.10
- moby/moby#40001 Update runc to v1.0.0-rc8-92-g84373aaa (CVE-2019-16884)
- moby/moby#39999 bump golang 1.13.1 (CVE-2019-16276)
- moby/moby#40102 bump golang 1.13.3 (CVE-2019-17596)
- moby/moby#40134 Revert "homedir: add cgo or osusergo buildtag constraints for unix"
    - reverts moby/moby#39994 homedir: add cgo or osusergo buildtag constraints for unix,
      in favor of documenting when to set the `osusergo` build tag. The `osusergo`
      build-flag must be used when compiling a static binary with `cgo` enabled,
      and linking against `glibc`.
- moby/moby#39983 builder: remove legacy build's session handling
  This feature was used by docker build --stream and it was kept experimental.
  Users of this endpoint should enable BuildKit anyway by setting Version to BuilderBuildKit.
    - Related: #2105 build: remove --stream (was experimental)
- moby/moby #40045 Bump logrus 1.4.2, go-shellwords, mergo, flock, creack/pty,
  golang/gddo, gorilla/mux
- moby/moby#39713 bump containerd and dependencies to v1.3.0
- moby/moby#39987 Add ability to handle index acknowledgment with splunk log driver
- moby/moby#40070 Use ocischema package instead of custom handler
    - relates to moby/moby#39727 Docker 19.03 doesn't support OCI image
    - relates to docker/hub-feedback#1871
    - relates to docker/distribution#3024
- moby/moby#39231 Add support for sending down service Running and Desired task counts
- moby/moby#39822 daemon: Use short libnetwork ID in exec-root
- moby/moby#39100 Use Microsoft/hcsshim constants and deprecate pkg/system.GetOsVersion()
    - updates/requires Microsoft/hscshim@2226e083fc

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-26 15:34:43 +02:00
Sebastiaan van Stijn 5e4c7eba44
bump Microsoft/hcsshim 2226e083fc390003ae5aa8325c3c92789afa0e7a
full diff: 672e52e920...2226e083fc

- microsoft/hcsshim#569 Enhancement: add osversion.Build() utility
    - relates to moby/moby#39100 Use Microsoft/hcsshim constants and deprecate pkg/system.GetOsVersion()

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-26 15:24:36 +02:00
Silvin Lubecki 36707529d3
Merge pull request #2163 from thaJeztah/fixup_linting_config
Fix-up (gometalinter) linting config
2019-10-25 15:05:24 +02:00
Silvin Lubecki c44be24667
Merge pull request #2160 from thaJeztah/circleci_updates
CircleCI: add some info steps, and re-group jobs
2019-10-25 14:59:57 +02:00
Sebastiaan van Stijn 937e65cac5
CircleCI: add some info steps, and re-group jobs
This patch:

- Combines the shellcheck and lint stages. Free CircleCI plans allow a maximum
  of 4 concurrent jobs, and from the timing, the "lint" and "shellcheck" stages
  combined would still take less time than the other stages, so combining them
  keeps the same overall duration, but saving one machine "slot".
- Splits some steps, so that their output can be found more easily in the CI
  results. For example, separating building of Docker images from running them.
- Adds a "Docker info" step, because information about the environment can be
  useful when debugging.
- Adds the "Docker info" and "Docker version" steps to all stages, so that it's
  possible to get that information without having to find the stage in which
  it's printed.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-25 12:48:55 +02:00
Sebastiaan van Stijn 69b73f7519
Merge pull request #2156 from danielhelfand/master
Correct Jenkins Build Status URLs for README
2019-10-24 17:29:31 +02:00
Daniel Helfand 46f3f9ac04 update Jenkins Build Status urls for README
Signed-off-by: danielhelfand <helfand.4@gmail.com>
2019-10-24 11:21:12 -04:00
Sebastiaan van Stijn 71e525f74f
gometalinter: fix configuration
The configuration abused "Exclude" to exclude file-paths by filtering
on the output, however, the `Skip` option was designed for that, whereas
`Exclude` is for matching warnings.

An explicit "Skip" was added for "vendor", because even though the vendor
directory should already be ignored by the linter, in some situations,
it still seemed to warn on issues, so let's explicitly ignore it.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-24 16:57:14 +02:00
Sebastiaan van Stijn 87cf5b606a
bump hashicorp/go-version v1.2.0
full diff: 23480c0665...v1.2.0

includes:

- hashicorp/go-version#53 Implement GreaterThanOrEqual + LessThanOrEqual
- hashicorp/go-version#45 Add new constructor that strictly adheres to semver specs
- hashicorp/go-version#40 Support Original to return original version
    - fixes hashicorp/go-version#16 Store and allow retrieval of the string of the version in its original form
    - fixes hashicorp/go-version#27 Support for zero padded numbers (e.g. `17.03.0-ce`)
- hashicorp/go-version#41 Segments64 makes a copy to match Segments
- hashicorp/go-version#38 When using a specific pattern, unintended results are returned

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-24 13:21:28 +02:00
Sebastiaan van Stijn ad4ca6f0d0
bump gofrs/flock v0.7.1
full diff: https://github.com/gofrs/flock/compare/v0.7.0...v0.7.1

- gofrs/flock#34 don't mention sync.Locker in package documentation
    - fixes gofrs/flock#33 incorrect interface
- gofrs/flock#35 Fix linting issues and add goreportcard badge

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-23 16:30:01 +02:00
Sebastiaan van Stijn 9b92804656
bump logrus v1.4.2
full diff: https://github.com/sirupsen/logrus/compare/v1.4.1...v1.4.2

- sirupsen/logrus#946 Fix solaris build
- sirupsen/logrus#966 Add a checkTerminal for nacl to support running on play.golang.org
- sirupsen/logrus#969 fix build break for plan9

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-23 16:14:10 +02:00
Sebastiaan van Stijn 6a26d370ad
bump mattn/go-shellwords v1.0.6
full diff: https://github.com/mattn/go-shellwords/compare/v1.0.5...v1.0.6

relevant changes:

- mattn/go-shellwords#24 Add dir option for parser
- mattn/go-shellwords#26 Fix backquote in part of argument
    - fixes mattn/go-shellwords#25 Backtick "eats" all runes until isSpace
- mattn/go-shellwords#28 Fix dollar quote
    - fixes mattn/go-shellwords#27 Multi-commands inside of command substitution are throwing "invalid command line string" errors
- mattn/go-shellwords#24 Add dir option for parser
- mattn/go-shellwords#24 Add dir option for parser
- mattn/go-shellwords#24 Add dir option for parser

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-23 16:14:07 +02:00
Sebastiaan van Stijn c07b1b275e
bump creack/pty v1.1.9
full diff: https://github.com/creack/pty/compare/v1.1.7...v1.1.9

adds go mod support

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-23 16:14:05 +02:00
Sebastiaan van Stijn 4b5ecc982a
bump gorilla/mux v1.7.3
full diff: ed099d4238...00bdffe0f3

changes included:

- gorilla/mux#477 Improve CORS Method Middleware
    - implements gorilla/mux#477 Make CORSMethodMiddleware actually make sense
- gorilla/mux#489 Fix nil panic in authentication middleware example

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-23 16:14:03 +02:00
Silvin Lubecki 146d29c018
Merge pull request #2146 from thaJeztah/bump_golang_1.12.12
Update Golang 1.12.12 (CVE-2019-17596)
2019-10-22 08:53:06 +02:00
Tibor Vass 3afe327a6d
Merge pull request #2142 from thaJeztah/info_test
TestFormatInfo: add extra test-case
2019-10-21 18:25:53 -07:00
Sebastiaan van Stijn 474d522ee2
Update Golang 1.12.12 (CVE-2019-17596)
Golang 1.12.12
-------------------------------

full diff: https://github.com/golang/go/compare/go1.12.11...go1.12.12

go1.12.12 (released 2019/10/17) includes fixes to the go command, runtime,
syscall and net packages. See the Go 1.12.12 milestone on our issue tracker for
details.

https://github.com/golang/go/issues?q=milestone%3AGo1.12.12

Golang 1.12.11 (CVE-2019-17596)
-------------------------------

full diff: https://github.com/golang/go/compare/go1.12.10...go1.12.11

go1.12.11 (released 2019/10/17) includes security fixes to the crypto/dsa
package. See the Go 1.12.11 milestone on our issue tracker for details.

https://github.com/golang/go/issues?q=milestone%3AGo1.12.11

    [security] Go 1.13.2 and Go 1.12.11 are released

    Hi gophers,

    We have just released Go 1.13.2 and Go 1.12.11 to address a recently reported
    security issue. We recommend that all affected users update to one of these
    releases (if you're not sure which, choose Go 1.13.2).

    Invalid DSA public keys can cause a panic in dsa.Verify. In particular, using
    crypto/x509.Verify on a crafted X.509 certificate chain can lead to a panic,
    even if the certificates don't chain to a trusted root. The chain can be
    delivered via a crypto/tls connection to a client, or to a server that accepts
    and verifies client certificates. net/http clients can be made to crash by an
    HTTPS server, while net/http servers that accept client certificates will
    recover the panic and are unaffected.

    Moreover, an application might crash invoking
    crypto/x509.(*CertificateRequest).CheckSignature on an X.509 certificate
    request, parsing a golang.org/x/crypto/openpgp Entity, or during a
    golang.org/x/crypto/otr conversation. Finally, a golang.org/x/crypto/ssh client
    can panic due to a malformed host key, while a server could panic if either
    PublicKeyCallback accepts a malformed public key, or if IsUserAuthority accepts
    a certificate with a malformed public key.

    The issue is CVE-2019-17596 and Go issue golang.org/issue/34960.

    Thanks to Daniel Mandragona for discovering and reporting this issue. We'd also
    like to thank regilero for a previous disclosure of CVE-2019-16276.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-20 23:26:31 +02:00
Sebastiaan van Stijn 79aa6cce19
TestFormatInfo: add extra test-case
This case was in a test in the engine repository, where
it is being removed, so add it to the list of existing
tests here.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-18 23:40:02 +02:00
Vincent Demeester a8ff7f8210
Merge pull request #2122 from jonjohnsonjr/passthrough-user-pass
Allow username/password in config file
2019-10-17 10:35:24 +02:00
Jon Johnson 8f11fbc876 Fix lint issue
Signed-off-by: Jon Johnson <jonjohnson@google.com>
2019-10-16 09:59:49 -07:00
Jon Johnson 415f608620 Add test case to cover non-empty auth entry
Signed-off-by: Jon Johnson <jonjohnson@google.com>
2019-10-16 09:54:19 -07:00
Silvin Lubecki b14a42a5a5
Merge pull request #2137 from Lah123/master
update docs based on PR 39949
2019-10-15 14:52:25 +02:00
Lukas Heeren 86281a7b4b
daemon: document --max-download-attempts option
update docs based on PR 39949

Signed-off-by: Lukas Heeren <lukas-heeren@hotmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-15 12:06:58 +02:00
Sebastiaan van Stijn b27ac92ef7
Merge pull request #2133 from sudo-bmitch/pr-from-glossary-ref
Adjusting glossary reference and clarrifying the start of a Dockerfile
2019-10-15 12:00:25 +02:00
Sebastiaan van Stijn 4ce0640a09
Merge pull request #2111 from tiborvass/revert-homedir
config: revert to using pkg/homedir
2019-10-15 11:58:32 +02:00
Comical DERSKEAL 0076ee6cd5 Fix typo
Signed-off-by: Derskeal <27731088+derskeal@users.noreply.github.com>
2019-10-15 10:33:54 +01:00
Morten Hekkvang fc19fb6d95 Fix erroneous space indentation of shell script
Signed-off-by: Morten Hekkvang <morten.hekkvang@sbab.se>
2019-10-11 09:59:10 +02:00
Tibor Vass 5d85cdacd2
Merge pull request #2123 from thaJeztah/hide_unsupported_buildkit_flags
Annotate flags that are not supported by Buildkit
2019-10-10 21:54:15 -07:00
Kirill Kolyshkin 83d0c5df4f
Merge pull request #1827 from thaJeztah/bump_go_json_schema_1.1.0
bump github.com/xeipuuv/gojsonschema v1.1.0
2019-10-10 17:16:49 -07:00
Sebastiaan van Stijn 82d88e77ed
Merge pull request #2128 from adrian-plata/commandline-typo
Minor formatting changes and a typo fix.
2019-10-11 00:59:36 +02:00
Sebastiaan van Stijn 7b8c6a6325
bump github.com/xeipuuv/gojsonpointer 02993c407bfbf5f6dae44c4f4b1cf6a39b5fc5bb
full diff: 4e3ac2762d...02993c407b

only a gofmt and documentation change

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-11 00:30:57 +02:00
Brandon Mitchell 937ce69b42 Adjusting glossary reference and clarrifying the start of a Dockerfile
Signed-off-by: Brandon Mitchell <git@bmitch.net>
2019-10-10 17:03:48 -04:00
Sebastiaan van Stijn 06f34ba507
bump github.com/xeipuuv/gojsonschema v1.1.0
full diff: 93e72a773f...f971f3cd73

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-10 23:00:43 +02:00
Adrian Plata ba7ec36de2 Minor formatting changes and a typo fix.
Signed-off-by: Adrian Plata <adrian.plata@docker.com>
2019-10-07 15:29:19 -07:00
Tibor Vass 7a279af43d config: revert to using pkg/homedir
In c2626a82 homedir logic got extremely simplified to only
checking HOME environment variable on UNIX systems.

Although this should work well enough in traditional environments,
this could break minimal containerized environments.

This patch reverts to using github.com/docker/docker/pkg/homedir
that was recently updated to have less dependencies.

Signed-off-by: Tibor Vass <tibor@docker.com>
2019-10-07 21:05:58 +00:00
Silvin Lubecki 3e07fa728a
Merge pull request #2110 from tiborvass/update-vendor
vendor: align with engine at b6684a403c99aaf6be5b8ce0bef3c6650fcdcd12
2019-10-07 21:37:19 +02:00
Harald Albers cd9b39fc52 Add bash completion for `builder build` options
Signed-off-by: Harald Albers <github@albersweb.de>
2019-10-05 22:33:11 +02:00
Sebastiaan van Stijn 7eecbb96af
Annotate flags that are not supported by Buildkit
Before this patch:

```

Usage:	docker build [OPTIONS] PATH | URL | -

Build an image from a Dockerfile

Options:
      --add-host list           Add a custom host-to-IP mapping (host:ip)
      --build-arg list          Set build-time variables
      --cache-from strings      Images to consider as cache sources
      --cgroup-parent string    Optional parent cgroup for the container
      --cpu-period int          Limit the CPU CFS (Completely Fair Scheduler) period
      --cpu-quota int           Limit the CPU CFS (Completely Fair Scheduler) quota
  -c, --cpu-shares int          CPU shares (relative weight)
      --cpuset-cpus string      CPUs in which to allow execution (0-3, 0,1)
      --cpuset-mems string      MEMs in which to allow execution (0-3, 0,1)
      --disable-content-trust   Skip image verification (default true)
  -f, --file string             Name of the Dockerfile (Default is 'PATH/Dockerfile')
      --force-rm                Always remove intermediate containers
      --iidfile string          Write the image ID to the file
      --isolation string        Container isolation technology
      --label list              Set metadata for an image
  -m, --memory bytes            Memory limit
      --memory-swap bytes       Swap limit equal to memory plus swap: '-1' to enable unlimited swap
      --network string          Set the networking mode for the RUN instructions during build (default "default")
      --no-cache                Do not use cache when building the image
  -o, --output stringArray      Output destination (format: type=local,dest=path)
      --platform string         Set platform if server is multi-platform capable
      --progress string         Set type of progress output (auto, plain, tty). Use plain to show container output (default "auto")
      --pull                    Always attempt to pull a newer version of the image
  -q, --quiet                   Suppress the build output and print image ID on success
      --rm                      Remove intermediate containers after a successful build (default true)
      --secret stringArray      Secret file to expose to the build (only if BuildKit enabled): id=mysecret,src=/local/secret
      --security-opt strings    Security options
      --shm-size bytes          Size of /dev/shm
      --squash                  Squash newly built layers into a single new layer
      --ssh stringArray         SSH agent socket or keys to expose to the build (only if BuildKit enabled) (format: default|<id>[=<socket>|<key>[,<key>]])
  -t, --tag list                Name and optionally a tag in the 'name:tag' format
      --target string           Set the target build stage to build.
      --ulimit ulimit           Ulimit options (default [])
```

With this patch applied:

```
DOCKER_BUILDKIT=1 docker build --help

Usage:	docker build [OPTIONS] PATH | URL | -

Build an image from a Dockerfile

Options:
      --add-host list           Add a custom host-to-IP mapping (host:ip)
      --build-arg list          Set build-time variables
      --cache-from strings      Images to consider as cache sources
      --disable-content-trust   Skip image verification (default true)
  -f, --file string             Name of the Dockerfile (Default is 'PATH/Dockerfile')
      --iidfile string          Write the image ID to the file
      --isolation string        Container isolation technology
      --label list              Set metadata for an image
      --network string          Set the networking mode for the RUN instructions during build (default "default")
      --no-cache                Do not use cache when building the image
  -o, --output stringArray      Output destination (format: type=local,dest=path)
      --platform string         Set platform if server is multi-platform capable
      --progress string         Set type of progress output (auto, plain, tty). Use plain to show container output (default "auto")
      --pull                    Always attempt to pull a newer version of the image
  -q, --quiet                   Suppress the build output and print image ID on success
      --secret stringArray      Secret file to expose to the build (only if BuildKit enabled): id=mysecret,src=/local/secret
      --squash                  Squash newly built layers into a single new layer
      --ssh stringArray         SSH agent socket or keys to expose to the build (only if BuildKit enabled) (format: default|<id>[=<socket>|<key>[,<key>]])
  -t, --tag list                Name and optionally a tag in the 'name:tag' format
      --target string           Set the target build stage to build.
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-04 15:55:04 +02:00
Harald Albers e3060aa27c
Merge pull request #2116 from trapier/bash-completion-builder-build
Add bash completion for `builder build`
2019-10-04 15:22:01 +02:00
Jon Johnson 37e9cabf11 Allow username/password in config file
Signed-off-by: Jon Johnson <jonjohnson@google.com>
2019-10-02 12:55:27 -07:00
Tibor Vass 70a4eb2a49 vendor: update grpc to v1.23.0
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-10-02 17:48:26 +00:00