Commit Graph

1076 Commits

Author SHA1 Message Date
Tibor Vass 5d85cdacd2
Merge pull request #2123 from thaJeztah/hide_unsupported_buildkit_flags
Annotate flags that are not supported by Buildkit
2019-10-10 21:54:15 -07:00
Sebastiaan van Stijn 06f34ba507
bump github.com/xeipuuv/gojsonschema v1.1.0
full diff: 93e72a773f...f971f3cd73

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-10 23:00:43 +02:00
Silvin Lubecki 3e07fa728a
Merge pull request #2110 from tiborvass/update-vendor
vendor: align with engine at b6684a403c99aaf6be5b8ce0bef3c6650fcdcd12
2019-10-07 21:37:19 +02:00
Sebastiaan van Stijn 7eecbb96af
Annotate flags that are not supported by Buildkit
Before this patch:

```

Usage:	docker build [OPTIONS] PATH | URL | -

Build an image from a Dockerfile

Options:
      --add-host list           Add a custom host-to-IP mapping (host:ip)
      --build-arg list          Set build-time variables
      --cache-from strings      Images to consider as cache sources
      --cgroup-parent string    Optional parent cgroup for the container
      --cpu-period int          Limit the CPU CFS (Completely Fair Scheduler) period
      --cpu-quota int           Limit the CPU CFS (Completely Fair Scheduler) quota
  -c, --cpu-shares int          CPU shares (relative weight)
      --cpuset-cpus string      CPUs in which to allow execution (0-3, 0,1)
      --cpuset-mems string      MEMs in which to allow execution (0-3, 0,1)
      --disable-content-trust   Skip image verification (default true)
  -f, --file string             Name of the Dockerfile (Default is 'PATH/Dockerfile')
      --force-rm                Always remove intermediate containers
      --iidfile string          Write the image ID to the file
      --isolation string        Container isolation technology
      --label list              Set metadata for an image
  -m, --memory bytes            Memory limit
      --memory-swap bytes       Swap limit equal to memory plus swap: '-1' to enable unlimited swap
      --network string          Set the networking mode for the RUN instructions during build (default "default")
      --no-cache                Do not use cache when building the image
  -o, --output stringArray      Output destination (format: type=local,dest=path)
      --platform string         Set platform if server is multi-platform capable
      --progress string         Set type of progress output (auto, plain, tty). Use plain to show container output (default "auto")
      --pull                    Always attempt to pull a newer version of the image
  -q, --quiet                   Suppress the build output and print image ID on success
      --rm                      Remove intermediate containers after a successful build (default true)
      --secret stringArray      Secret file to expose to the build (only if BuildKit enabled): id=mysecret,src=/local/secret
      --security-opt strings    Security options
      --shm-size bytes          Size of /dev/shm
      --squash                  Squash newly built layers into a single new layer
      --ssh stringArray         SSH agent socket or keys to expose to the build (only if BuildKit enabled) (format: default|<id>[=<socket>|<key>[,<key>]])
  -t, --tag list                Name and optionally a tag in the 'name:tag' format
      --target string           Set the target build stage to build.
      --ulimit ulimit           Ulimit options (default [])
```

With this patch applied:

```
DOCKER_BUILDKIT=1 docker build --help

Usage:	docker build [OPTIONS] PATH | URL | -

Build an image from a Dockerfile

Options:
      --add-host list           Add a custom host-to-IP mapping (host:ip)
      --build-arg list          Set build-time variables
      --cache-from strings      Images to consider as cache sources
      --disable-content-trust   Skip image verification (default true)
  -f, --file string             Name of the Dockerfile (Default is 'PATH/Dockerfile')
      --iidfile string          Write the image ID to the file
      --isolation string        Container isolation technology
      --label list              Set metadata for an image
      --network string          Set the networking mode for the RUN instructions during build (default "default")
      --no-cache                Do not use cache when building the image
  -o, --output stringArray      Output destination (format: type=local,dest=path)
      --platform string         Set platform if server is multi-platform capable
      --progress string         Set type of progress output (auto, plain, tty). Use plain to show container output (default "auto")
      --pull                    Always attempt to pull a newer version of the image
  -q, --quiet                   Suppress the build output and print image ID on success
      --secret stringArray      Secret file to expose to the build (only if BuildKit enabled): id=mysecret,src=/local/secret
      --squash                  Squash newly built layers into a single new layer
      --ssh stringArray         SSH agent socket or keys to expose to the build (only if BuildKit enabled) (format: default|<id>[=<socket>|<key>[,<key>]])
  -t, --tag list                Name and optionally a tag in the 'name:tag' format
      --target string           Set the target build stage to build.
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-04 15:55:04 +02:00
Tibor Vass 38c02a9280 vendor: align with engine at b6684a403c99aaf6be5b8ce0bef3c6650fcdcd12
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-10-02 01:47:08 +00:00
Tibor Vass c3990f3ba6 build: remove --stream
--stream was always experimental and this patch removes the functionality.

Users should enable BuildKit with DOCKER_BUILDKIT=1

Signed-off-by: Tibor Vass <tibor@docker.com>
2019-10-01 18:30:46 +00:00
Tibor Vass 7543883244
Merge pull request #2103 from tiborvass/buildkit-vendor
vendor: update buildkit to 10cef0c and fsutil 7f9f923
2019-09-24 19:27:49 -07:00
Tibor Vass 47f059db7a config: keep configDir empty when homedir errors
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-09-24 23:48:59 +00:00
Tibor Vass 0df5d6427e vendor: update buildkit to 10cef0c and fsutil 7f9f923
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-09-24 00:11:38 +00:00
Tibor Vass c2626a8270 cli/config: use os.UserHomeDir instead of github.com/docker/docker/pkg/homedir
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-09-23 23:27:52 +00:00
Ulysses Souza 821f5ecf53 Add option remove `env_file` entry after merged
This avoids having a redundant `env_file` entry
output when rendering the compose file

Signed-off-by: Ulysses Souza <ulysses.souza@docker.com>
2019-09-23 17:40:45 +02:00
Carlos de Paula 41aa20b6b5 Add riscv64 to manifest annotation and bash completion
Signed-off-by: Carlos de Paula <me@carlosedp.com>
2019-09-10 13:00:23 -03:00
Silvin Lubecki 7aa764bba9
Merge pull request #2028 from pszczekutowicz/master
Sort list of services from swarm stacks using natural sorting
2019-09-05 11:47:58 +02:00
Vincent Demeester 4a57770bb0
Merge pull request #2073 from thaJeztah/add_compose_schema_3.9
Add docker-compose schema v3.9
2019-09-03 09:10:47 +02:00
Paweł Szczekutowicz 34447852b5 Sort services from stack from swarm
Signed-off-by: Paweł Szczekutowicz <pszczekutowicz@gmail.com>
2019-09-02 21:19:10 +02:00
Sebastiaan van Stijn 5bc1f24dfd
Add docker-compose schema v3.9
This is currently just a copy of the v3.8 schema, in preparation
of new features to be added in the new schema.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-08-30 10:58:05 +02:00
knqyf263 7634872a39 fix(pull_test): for quiet option
Signed-off-by: Teppei Fukuda <knqyf263@gmail.com>
2019-08-27 18:23:24 +09:00
Nicolas De Loof e25e077a20
restore support for env variables to configure proxy
regression introduced by b34f34
close #39654

Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
2019-08-22 16:39:21 +02:00
Sebastiaan van Stijn 1fdbd6181e
docker ps: add State field to formatting
The State field allows printing the container state without
additional information about uptime, healthcheck, etc.

With this patch, the container's state can be printed independently:

```bash
docker ps -a --format '{{.State}}'
running
paused
exited
created
```

```bash
docker ps -a --format 'table {{.Names}}\t{{.State}}\t{{.Status}}'
NAMES                     STATE               STATUS
elastic_burnell           running             Up About a minute
pausie                    paused              Up 5 minutes (Paused)
peaceful_stonebraker      exited              Exited (0) 10 hours ago
vigilant_shaw             created             Created
```

```bash
docker ps -a --format 'raw'

container_id: 0445f73f3a71
image: docker-cli-dev
command: "ash"
created_at: 2019-07-12 11:16:11 +0000 UTC
state: running
status: Up 2 minutes
names: elastic_burnell
labels:
ports:

container_id: 1aff69a3912c
image: nginx:alpine
command: "nginx -g 'daemon of ..."
created_at: 2019-07-12 11:12:10 +0000 UTC
state: paused
status: Up 6 minutes (Paused)
names: pausie
labels: maintainer=NGINX Docker Maintainers <docker-maint@nginx.com>
ports: 80/tcp

container_id: d48acf66c318
image: alpine:3.9.3
command: "id -u"
created_at: 2019-07-12 00:52:17 +0000 UTC
state: exited
status: Exited (0) 10 hours ago
names: peaceful_stonebraker
labels:
ports:

container_id: a0733fe0dace
image: b7b28af77ffe
command: "/bin/sh -c '#(nop) ..."
created_at: 2019-07-12 00:51:29 +0000 UTC
state: created
status: Created
names: vigilant_shaw
labels:
ports:
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-07-12 13:31:16 +02:00
Sebastiaan van Stijn d6dd08d568
Detect Windows absolute paths on non-Windows CLI
When deploying a stack using a relative path as bind-mount
source in the compose file, the CLI converts the relative
path to an absolute path, relative to the location of the
docker-compose file.

This causes a problem when deploying a stack that uses
an absolute Windows path, because a non-Windows client will
fail to detect that the path (e.g. `C:\somedir`) is an absolute
path (and not a relative directory named `C:\`).

The existing code did already take Windows clients deploying
a Linux stack into account (by checking if the path had a leading
slash). This patch adds the reverse, and adds detection for Windows
absolute paths on non-Windows clients.

The code used to detect Windows absolute paths is copied from the
Golang filepath package;
1d0e94b1e1/src/path/filepath/path_windows.go (L12-L65)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-07-10 21:25:03 +02:00
Vincent Demeester c9db0fe938
Merge pull request #1968 from thaJeztah/skip_windows_permissions_check
Windows: skip permissions check on key
2019-07-05 10:16:21 +02:00
Silvin Lubecki efdf36fa81 Rollback config type interpolation on fields "parallelism" and "max_failure_ratio" were missing, as it uses the same type as update_config.
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-07-03 17:23:33 +02:00
Sebastiaan van Stijn ee29504923
Do not disable sig-proxy when using a TTY
This partially reverts e0b59ab52b,
and does not automatically disable proxying signals in TTY-mode

Before this change:
------------------------------------

Start a container with a TTY in one shell:

```
docker run -it --init --name repro-28872 busybox sleep 30
```

then, in another shell, kill the docker cli:

```
kill `pgrep -f repro-28872`
```

Notice that the CLI was killed, but the signal not forwarded to the container;
the container continues running

```
docker container inspect --format '{{ .State.Status }}' repro-28872
running

docker container rm -f repro-28872
```

After this change:
------------------------------------

Start a container with a TTY in one shell:

```
docker run -it --init --name repro-28872 busybox sleep 30
```

then, in another shell, kill the docker cli:

```
kill `pgrep -f repro-28872`
```

Verify that the signal was forwarded to the container, and the container exited

```
docker container inspect --format '{{ .State.Status }}' repro-28872
exited

docker container rm -f repro-28872
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-06-25 16:29:21 +02:00
Sebastiaan van Stijn 15d361fd77
Windows: skip permissions check on key
This code was attempting to check Linux file permissions
to determine if the key was accessible by other users, which
doesn't work, and therefore prevented users on Windows
to load keys.

Skipping this check on Windows (correspinding tests
were already skipped).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-06-25 00:12:01 +02:00
Sebastiaan van Stijn 4d7e6bf629
Fix advanced options for backward compatibility
For backward compatibility: if no custom options are provided for the network,
and only a single network is specified, omit the endpoint-configuration
on the client (the daemon will still create it when creating the container)

This fixes an issue on older versions of legacy Swarm, which did not support
`NetworkingConfig.EndpointConfig`.

This was introduced in 5bc09639cc (#1767)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-06-24 23:17:25 +02:00
Sebastiaan van Stijn 5f93509668
Fix detection of invalid context files when importing
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-06-06 09:56:40 +02:00
Goksu Toprak 291e86289b Introduce .zip import for docker context
Adds capabilities to import a .zip file with importZip.
Detects the content type of source by checking bytes & DetectContentType.
Adds LimitedReader reader, a fork of io.LimitedReader,
was needed for better error messaging instead of just getting back EOF.
We are using limited reader to avoid very big files causing memory issues.
Adds a new file size limit for context imports,
this limit is used for the main file for .zip & .tar and individual compressed
files for .zip.
Added TestImportZip that will check the import content type
Then will assert no err on Importing .zip file

Signed-off-by: Goksu Toprak <goksu.toprak@docker.com>
2019-05-29 12:58:45 -07:00
Ian Campbell c455193d14 Push check for kubernetes requirement down into the endpoint
This is less of a layering violation and removes some ugly hardcoded
`"kubernetes"` strings which were needed to avoid an import loop.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-20 13:28:11 +01:00
Ian Campbell 520be05c49 Dynamically register kubernetes context store endpoint type.
This removes the need for the core context code to import
`github.com/docker/cli/cli/context/kubernetes` which in turn reduces the
transitive import tree in this file to not pull in all of Kubernetes.

Note that this means that any calling code which is interested in the
kubernetes endpoint must import `github.com/docker/cli/cli/context/kubernetes`
itself somewhere in order to trigger the dynamic registration. In practice
anything which is interested in Kubernetes must import that package (e.g.
`./cli/command/context.list` does for the `EndpointFromContext` function) to do
anything useful, so this restriction is not too onerous.

As a special case a small amount of Kubernetes related logic remains in
`ResolveDefaultContext` to handle error handling when the stack orchestrator
includes Kubernetes. In order to avoid a circular import loop this hardcodes
the kube endpoint name.

Similarly to avoid an import loop the existing `TestDefaultContextInitializer`
cannot continue to unit test for the Kubernetes case, so that aspect of the
test is carved off into a very similar test in the kubernetes context package.

Lastly, note that the kubernetes endpoint is now modifiable via
`WithContextEndpointType`.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-20 13:28:11 +01:00
Ian Campbell f820766f6a Export `DefaultContextStoreConfig()` and `ResolveDefaultContext()`
These are needed by any dynamically registered (via
`RegisterDefaultStoreEndpoints`) endpoint type to write a useful/sensible unit
test.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-20 13:28:11 +01:00
Ian Campbell 1433e27420 Allow dynamically registered context endpoint to provide their defaults.
Previously an endpoint registered using `RegisterDefaultStoreEndpoints` would
not be taken into consideration by `resolveDefaultContext` and so could not
provide any details.

Resolve this by passing a `store.Config` to `resolveDefaultContext` and using
it to iterate over all registered endpoints. Any endpoint can ensure that their
type implements the new `EndpointDefaultResolver` in order to provide a default.

The Docker and Kubernetes endpoints are special cased, shortly the Kubernetes
one will be refactored to be dynamically registered.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-20 13:28:11 +01:00
Ian Campbell 4f14c4995e Add a helper to iterate over all endpoint types in a context store
Unused for now.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-20 13:28:11 +01:00
Ian Campbell 087c3f7d08 Support dynamic registration of context store endpoint types
This is a yet unused and the default set remains the same, no expected
functional change.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-20 13:28:11 +01:00
Ian Campbell d84e278aac fix a few typos
Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-20 13:28:11 +01:00
Sebastiaan van Stijn 57aa7731d0
Merge pull request #1887 from ijc/reduce-vendoring-impact
Allow vendorers of docker/cli to avoid transitively pulling in a big chunk if k8s too
2019-05-20 14:17:52 +02:00
Ian Campbell 33a9a63927 Revert "add a 10s timeout to the client object."
This reverts commit 59defcb34d which caused #1892
since the timeout applied not only to the dial phase but to everything, so it
would kill `docker logs -f ...` if the container was not chatty enough.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-17 10:35:01 +01:00
Ian Campbell 8635abd662 Use underlying `NewKubernetesConfig` directly from compose-on-kubernetes.
The comment on `github.com/docker/cli/kubernetes.NewKubernetesConfig` said:

    // Deprecated: Use github.com/docker/compose-on-kubernetes/api.NewKubernetesConfig instead

By making this switch in `github.com/docker/cli/context/kubernetes/load.go` we
break a vendoring chain:

`github.com/docker/cli/cli/command`
→ `vendor/github.com/docker/cli/cli/context/kubernetes/load.go`
  → `vendor/github.com/docker/cli/kubernetes`
     → `github.com/docker/compose-on-kubernetes/api/compose/...`

This means that projects which just want `github.com/docker/cli/cli/command`
(which is itself pulled in transitively by
`github.com/docker/cli/cli-plugins/plugin`) which do not themselves need the
compose-on-kubernetes API avoid a huge pile of transitive dependencies.

On one of my private projects the diff on the vendor dir is:

    280 files changed, 21 insertions(+), 211346 deletions(-)

and includes dropping:

* `github.com/docker/compose-on-kubernetes/api/compose/{clone,impersonation}`
* `github.com/docker/compose-on-kubernetes/api/compose/{v1alpha3,v1beta1,v1beta2,v1beta3}`
* `github.com/google/btree`
* `github.com/googleapis/gnostic`
* `github.com/gregjones/httpcache`
* `github.com/peterbourgon/diskv`
* `k8s.io/api/*` (_lots_ of subpackages)
* `k8s.io/client-go/{discovery,kubernetes/scheme}`

and I've gone from:

    $ du -sh vendor/k8s.io/
    8.1M	vendor/k8s.io/

to:

    $ du -sh vendor/k8s.io/
    2.1M	vendor/k8s.io/

(overall I went from 36M → 29M of vendor dir for this particular project)

The change to `cli/command/system/version.go` is just for consistency and
allows us to drop the now unused alias.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-14 15:43:15 +01:00
Ian Campbell 1e5129f027 rename package import kubcontext → kubecontext
The (small number) of other places which name this import use `kubecontext`,
make it consistent.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-14 13:46:40 +01:00
Silvin Lubecki 873afb9c94
Merge pull request #1845 from tiborvass/apiversion-negotiation
Apiversion negotiation
2019-05-14 10:27:05 +02:00
Tibor Vass 529ef6e89a vendor buildkit to f238f1e
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-05-14 01:29:18 +00:00
Tibor Vass c52e1f2487
context: ClientOpts() now includes WithAPIVersionNegotiation if version is missing
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-05-13 17:36:06 -07:00
Sebastiaan van Stijn 5f17b1d622
Merge pull request #1872 from ijc/reduce-connection-timeout
add a 10s timeout to the client object.
2019-05-13 17:00:06 -07:00
Ian Campbell ff44305c47 context: produce consistent output on `context create`.
Refactor `RunCreate` slightly so that all three paths always produce the same
output, namely the name of the new context of `stdout` (for scripting) and the
success log message on `stderr`.

Validate by extending the existing unit tests to always check the output is as
expected.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-13 16:42:03 +01:00
Ian Campbell 59defcb34d add a 10s timeout to the client object.
This partially mitigates #1739 ("Docker commands take 1 minute to timeout if
context endpoint is unreachable") and is a simpler alternative to #1747 (which
completely defers the client connection until an actual call is attempted).

Note that the previous 60s delay was the culmination of two separate 30s
timeouts since the ping is tried twice. This with this patch the overall
timeout is 20s. https://github.com/moby/moby/pull/39206 will remove the second
ping and once that propagates to this tree the timeout will be 10s.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-13 13:53:03 +01:00
Tibor Vass daca70d820 build: add --platform local
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-05-07 22:25:40 +00:00
Tibor Vass 8adcedd658 build: honor BUILDKIT_PROGRESS env config
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-05-07 22:16:01 +00:00
Zander Mackie 483c53ad9d Use single table for all ContainerImagePullPolicy tests
- Cleans up assertions
 - Centralizes and simplifies handler functions

Signed-off-by: Zander Mackie <zmackie@gmail.com>
2019-05-06 14:16:26 -07:00
Zander Mackie ffba7659cc Improve testing of never pull and always pull scenarios
Signed-off-by: Zander Mackie <zmackie@gmail.com>
2019-05-06 14:16:26 -07:00
Zander Mackie ec56136d61 Use closure for common pulling and tagging bevior in container creation
Signed-off-by: Zander Mackie <zmackie@gmail.com>
2019-05-06 14:16:26 -07:00
Zander Mackie 965664d89b Improve flow pull behavior before container creation.
- Also improve test coverage

Signed-off-by: Zander Mackie <zmackie@gmail.com>
2019-05-06 14:16:26 -07:00