Commit Graph

6565 Commits

Author SHA1 Message Date
Sebastiaan van Stijn f0e74408cf
Update Golang 1.12.17
full diff: https://github.com/golang/go/compare/go1.12.16...go1.12.17

go1.12.17 (released 2020/02/12) includes a fix to the runtime. See the Go 1.12.17
milestone on the issue tracker for details:

https://github.com/golang/go/issues?q=milestone%3AGo1.12.17+label%3ACherryPickApproved

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 5e5ef9e0b9)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-17 14:58:54 +01:00
Silvin Lubecki a4bedce165
Merge pull request #2320 from thaJeztah/19.03_docs_backports
[19.03 backport] assorted documentation updates
2020-02-10 17:20:36 +01:00
Sebastiaan van Stijn d4755cfbd5
docs: update deprecated status for --disable-legacy-registry
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 73c9a44d58)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-10 16:55:02 +01:00
Sebastiaan van Stijn 6eef644faf
docs: add status table to "deprecated.md"
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit d4c0de2719)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-10 16:32:37 +01:00
Sebastiaan van Stijn f47f8e333b
docs: mark deprecation of "docker engine" subcommands
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit e8c2dba697)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-10 16:32:36 +01:00
Sebastiaan van Stijn 64838b6907
docs: mark deprecation of "dab" files and top-level "deploy" subcommand
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit c7aca08497)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-10 16:32:33 +01:00
Sebastiaan van Stijn c8308ecf6c
docs: sort "deprecated.md" by deprecation release
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit b6875ad690)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-10 16:32:31 +01:00
Sebastiaan van Stijn 793c75015e
docs: update some release-versions in "deprecated.md"
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 672c00e1cc)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-10 16:32:29 +01:00
Sebastiaan van Stijn 776e181628
docs: minor touch-ups in "deprecated.md"
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit c3092d9408)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-10 16:32:27 +01:00
Sebastiaan van Stijn 7fac7eb1af
docs: service create: document os/arch constraints and more examples
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit f26e9a3a61)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-10 16:31:41 +01:00
Sebastiaan van Stijn 27f0612665
docs: service create: document non-matching/exclude constraints
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit b059c93c92)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-10 16:31:39 +01:00
Sebastiaan van Stijn d5ce81172f
docs: service create: use markdown table for constraints
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit abeb7babdf)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-10 16:31:36 +01:00
Misty Stanley-Jones 3a1d0c67ff
Give an example for --reserve-memory
Signed-off-by: Misty Stanley-Jones <misty@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 76852f82ba)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-10 16:30:55 +01:00
Silvin Lubecki e1c31c8910 Merge pull request #2315 from thaJeztah/19.03_backport_carry_855_config_opts
[19.03 backport] Add examples for configs
2020-02-10 12:01:37 +01:00
Abreto FU 2d6231ad4d
Remove a useless '\' and enhance a script in an example in the section 'Add entries ... (--add-host)'
Signed-off-by: Abreto FU <public@abreto.email>
(cherry picked from commit 07436dfe78)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-10 10:41:32 +01:00
Misty Stanley-Jones be60297514
Add examples for configs
Signed-off-by: Misty Stanley-Jones <misty@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 473a9d20cd)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-10 10:38:58 +01:00
Silvin Lubecki 528b959ebc
Merge pull request #2311 from thaJeztah/19.03_backport_carry_1889_build_docs_update
[19.03 backport] documentation updates
2020-02-06 17:16:35 +01:00
Venkateswara Reddy Bukkasamudram b668f31022
Syntax corrected
Below are the changes proposed.
- Corrected syntax error.
- Updated example commands to maintain consistency.
- Provided more clarity.

Signed-off-by: Venkateswara Reddy Bukkasamudram <bukkasamudram@outlook.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 74cc062d24)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-06 16:52:11 +01:00
Tonis Tiigi 7bfe3d2006
docs: document dockerignore update
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 4f3bc15817)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-06 16:52:09 +01:00
Tonis Tiigi f6ec0a368e
docs: document build outputs
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit f7009ee126)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-06 16:52:07 +01:00
Tonis Tiigi 56324e6348
docs: document cache-from
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 73cd257d0f)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-06 16:52:04 +01:00
Kovah 040920f428
Add notice about port binding and overriding of UFW to docker run reference
Signed-off-by: Kovah <mail@kovah.de>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit a955ed6477)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-06 16:52:02 +01:00
Silvin Lubecki 5908cdf87c
Merge pull request #2302 from thaJeztah/19.03_bump_golang_1.12.16
[19.03 backport] Update Golang 1.12.16, golang.org/x/crypto (CVE-2020-0601, CVE-2020-7919)
2020-01-30 16:25:51 +01:00
Sebastiaan van Stijn 3179a3b1e5
vendor: update golang.org/x/crypto 69ecbb4d6d5dab05e49161c6e77ea40a030884e1 (CVE-2020-7919)
Includes 69ecbb4d6d
(forward-port of 8b5121be2f),
which fixes CVE-2020-7919:

- Panic in crypto/x509 certificate parsing and golang.org/x/crypto/cryptobyte
  On 32-bit architectures, a malformed input to crypto/x509 or the ASN.1 parsing
  functions of golang.org/x/crypto/cryptobyte can lead to a panic.
  The malformed certificate can be delivered via a crypto/tls connection to a
  client, or to a server that accepts client certificates. net/http clients can
  be made to crash by an HTTPS server, while net/http servers that accept client
  certificates will recover the panic and are unaffected.
  Thanks to Project Wycheproof for providing the test cases that led to the
  discovery of this issue. The issue is CVE-2020-7919 and Go issue golang.org/issue/36837.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 27d9aa2d9f)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-29 22:39:00 +01:00
Sebastiaan van Stijn 4d630fe843
Update Golang 1.12.16 (CVE-2020-0601, CVE-2020-7919)
full diff: https://github.com/golang/go/compare/go1.12.15...go1.12.16

go1.12.16 (released 2020/01/28) includes two security fixes. One mitigates the
CVE-2020-0601 certificate verification bypass on Windows. The other affects only
32-bit architectures.

https://github.com/golang/go/issues?q=milestone%3AGo1.12.16+label%3ACherryPickApproved

- X.509 certificate validation bypass on Windows 10
  A Windows vulnerability allows attackers to spoof valid certificate chains when
  the system root store is in use. These releases include a mitigation for Go
  applications, but it’s strongly recommended that affected users install the
  Windows security update to protect their system.
  This issue is CVE-2020-0601 and Go issue golang.org/issue/36834.
- Panic in crypto/x509 certificate parsing and golang.org/x/crypto/cryptobyte
  On 32-bit architectures, a malformed input to crypto/x509 or the ASN.1 parsing
  functions of golang.org/x/crypto/cryptobyte can lead to a panic.
  The malformed certificate can be delivered via a crypto/tls connection to a
  client, or to a server that accepts client certificates. net/http clients can
  be made to crash by an HTTPS server, while net/http servers that accept client
  certificates will recover the panic and are unaffected.
  Thanks to Project Wycheproof for providing the test cases that led to the
  discovery of this issue. The issue is CVE-2020-7919 and Go issue golang.org/issue/36837.
  This is also fixed in version v0.0.0-20200124225646-8b5121be2f68 of golang.org/x/crypto/cryptobyte.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 19fd390c36)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-29 22:23:41 +01:00
Silvin Lubecki 9b02509a69
Merge pull request #2291 from thaJeztah/19.03_backport_update_flag_description
[19.03 backport] Update flag description for docker rm -v
2020-01-28 16:10:01 +01:00
Silvin Lubecki 696605c99b
Merge pull request #2292 from thaJeztah/19.03_backport_hide_unsupported_buildkit_flags
[19.03 backport] Annotate flags that are not supported by Buildkit
2020-01-27 18:19:34 +01:00
Sebastiaan van Stijn 25d53feb65
Annotate flags that are not supported by Buildkit
Before this patch:

```

Usage:	docker build [OPTIONS] PATH | URL | -

Build an image from a Dockerfile

Options:
      --add-host list           Add a custom host-to-IP mapping (host:ip)
      --build-arg list          Set build-time variables
      --cache-from strings      Images to consider as cache sources
      --cgroup-parent string    Optional parent cgroup for the container
      --cpu-period int          Limit the CPU CFS (Completely Fair Scheduler) period
      --cpu-quota int           Limit the CPU CFS (Completely Fair Scheduler) quota
  -c, --cpu-shares int          CPU shares (relative weight)
      --cpuset-cpus string      CPUs in which to allow execution (0-3, 0,1)
      --cpuset-mems string      MEMs in which to allow execution (0-3, 0,1)
      --disable-content-trust   Skip image verification (default true)
  -f, --file string             Name of the Dockerfile (Default is 'PATH/Dockerfile')
      --force-rm                Always remove intermediate containers
      --iidfile string          Write the image ID to the file
      --isolation string        Container isolation technology
      --label list              Set metadata for an image
  -m, --memory bytes            Memory limit
      --memory-swap bytes       Swap limit equal to memory plus swap: '-1' to enable unlimited swap
      --network string          Set the networking mode for the RUN instructions during build (default "default")
      --no-cache                Do not use cache when building the image
  -o, --output stringArray      Output destination (format: type=local,dest=path)
      --platform string         Set platform if server is multi-platform capable
      --progress string         Set type of progress output (auto, plain, tty). Use plain to show container output (default "auto")
      --pull                    Always attempt to pull a newer version of the image
  -q, --quiet                   Suppress the build output and print image ID on success
      --rm                      Remove intermediate containers after a successful build (default true)
      --secret stringArray      Secret file to expose to the build (only if BuildKit enabled): id=mysecret,src=/local/secret
      --security-opt strings    Security options
      --shm-size bytes          Size of /dev/shm
      --squash                  Squash newly built layers into a single new layer
      --ssh stringArray         SSH agent socket or keys to expose to the build (only if BuildKit enabled) (format: default|<id>[=<socket>|<key>[,<key>]])
  -t, --tag list                Name and optionally a tag in the 'name:tag' format
      --target string           Set the target build stage to build.
      --ulimit ulimit           Ulimit options (default [])
```

With this patch applied:

```
DOCKER_BUILDKIT=1 docker build --help

Usage:	docker build [OPTIONS] PATH | URL | -

Build an image from a Dockerfile

Options:
      --add-host list           Add a custom host-to-IP mapping (host:ip)
      --build-arg list          Set build-time variables
      --cache-from strings      Images to consider as cache sources
      --disable-content-trust   Skip image verification (default true)
  -f, --file string             Name of the Dockerfile (Default is 'PATH/Dockerfile')
      --iidfile string          Write the image ID to the file
      --isolation string        Container isolation technology
      --label list              Set metadata for an image
      --network string          Set the networking mode for the RUN instructions during build (default "default")
      --no-cache                Do not use cache when building the image
  -o, --output stringArray      Output destination (format: type=local,dest=path)
      --platform string         Set platform if server is multi-platform capable
      --progress string         Set type of progress output (auto, plain, tty). Use plain to show container output (default "auto")
      --pull                    Always attempt to pull a newer version of the image
  -q, --quiet                   Suppress the build output and print image ID on success
      --secret stringArray      Secret file to expose to the build (only if BuildKit enabled): id=mysecret,src=/local/secret
      --squash                  Squash newly built layers into a single new layer
      --ssh stringArray         SSH agent socket or keys to expose to the build (only if BuildKit enabled) (format: default|<id>[=<socket>|<key>[,<key>]])
  -t, --tag list                Name and optionally a tag in the 'name:tag' format
      --target string           Set the target build stage to build.
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 7eecbb96af)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-27 15:57:30 +01:00
Sebastiaan van Stijn 1d540a50d0
Update flag description for docker rm -v
The `-v` option removes anonymous volume only, and keeps
named volumes.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 8f5379b301)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-27 15:53:37 +01:00
Silvin Lubecki 16d5974584
Merge pull request #2276 from thaJeztah/19.03_backport_bump_golang_1.12.15
[19.03 backport] Update Golang 1.12.15
2020-01-21 14:36:04 +01:00
Sebastiaan van Stijn 3694e78a56
Update Golang 1.12.15
full diff: https://github.com/golang/go/compare/go1.12.14...go1.12.15

go1.12.15 (released 2020/01/09) includes fixes to the runtime and the net/http
package. See the Go 1.12.15 milestone on the issue tracker for details:

https://github.com/golang/go/issues?q=milestone%3AGo1.12.15+label%3ACherryPickApproved

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 84c6b08cf6)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-21 13:11:24 +01:00
Sebastiaan van Stijn 998d8235c3
Bump Golang 1.12.14
go1.12.14 (released 2019/12/04) includes a fix to the runtime. See the Go 1.12.14
milestone on our issue tracker for details:

https://github.com/golang/go/issues?q=milestone%3AGo1.12.14+label%3ACherryPickApproved

Update Golang 1.12.13
------------------------

go1.12.13 (released 2019/10/31) fixes an issue on macOS 10.15 Catalina where the
non-notarized installer and binaries were being rejected by Gatekeeper. Only macOS
users who hit this issue need to update.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 4beea58531)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-21 13:11:17 +01:00
Silvin Lubecki a3e131b323
Merge pull request #2264 from thaJeztah/19.03_backport_passthrough_user_pass
[19.03 backport] Allow username/password in config file
2020-01-17 14:53:33 +01:00
Silvin Lubecki 7a9a020688
Merge pull request #2265 from thaJeztah/19.03_backport_fix_pull_test
[19.03 backport] fix(pull_test): for quiet option
2020-01-17 14:49:03 +01:00
Silvin Lubecki 39676cc33e
Merge pull request #2266 from thaJeztah/19.03_backport_circleci_updates
[19.03 backport] CircleCI: add some info steps, and re-group jobs
2020-01-17 14:47:14 +01:00
Silvin Lubecki 4b4e4c2504
Merge pull request #2267 from thaJeztah/19.03_backport_fix_print
[19.03 backport] fix formatting issue of encoded url
2020-01-17 14:46:14 +01:00
Silvin Lubecki 66905dcff8
Merge pull request #2268 from thaJeztah/19.03_backport_docs_changes
[19.03 backport] assorted documentation changes
2020-01-17 14:44:41 +01:00
Oscar Wieman 05aa524a7b
Change example networks
Signed-off-by: Oscar Wieman <oscar@oscarr.nl>
(cherry picked from commit 2d6aec78a1)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-17 13:59:38 +01:00
Sebastiaan van Stijn 3f39587e3b
Add docs for proxy configuration in config.json
Setting proxy-configuration in config.json was added in
commit 35f1e301b5 (docker
17.07), but never found its way to the documentation.

This patch adds some basic information about the feature.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit e70d6bcb8a)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-17 13:59:07 +01:00
Adrian Plata e22f088abb
Fixing some links and deleting an older page reference
Signed-off-by: Adrian Plata <adrian.plata@docker.com>
(cherry picked from commit 8195512206)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-17 13:57:47 +01:00
Jose J. Escobar ae7bb665e7
Update service_create.md
Typo in word propagation.

Signed-off-by: Jose Escobar <joseescobar@JE-MBP15-2017.local>
(cherry picked from commit 265bee4d57)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-17 13:56:59 +01:00
Sebastiaan van Stijn f0bf0d2c46
Docs: add note about management commands targeting a manager
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit f540eae7fe)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-17 13:56:23 +01:00
Sam 5761759e43
fix formatting issue of encoded url
Signed-off-by: Sam <samashah@microsoft.com>
(cherry picked from commit ee76ac8f93)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-17 13:48:54 +01:00
Sebastiaan van Stijn e669be6a1b
CircleCI: add some info steps, and re-group jobs
This patch:

- Combines the shellcheck and lint stages. Free CircleCI plans allow a maximum
  of 4 concurrent jobs, and from the timing, the "lint" and "shellcheck" stages
  combined would still take less time than the other stages, so combining them
  keeps the same overall duration, but saving one machine "slot".
- Splits some steps, so that their output can be found more easily in the CI
  results. For example, separating building of Docker images from running them.
- Adds a "Docker info" step, because information about the environment can be
  useful when debugging.
- Adds the "Docker info" and "Docker version" steps to all stages, so that it's
  possible to get that information without having to find the stage in which
  it's printed.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 937e65cac5)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-17 13:45:00 +01:00
knqyf263 8291738733
fix(pull_test): for quiet option
Signed-off-by: Teppei Fukuda <knqyf263@gmail.com>
(cherry picked from commit 7634872a39)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-17 13:40:54 +01:00
Jon Johnson a42f8129fd
Fix lint issue
Signed-off-by: Jon Johnson <jonjohnson@google.com>
(cherry picked from commit 8f11fbc876)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-17 13:37:04 +01:00
Jon Johnson 41b01f1319
Add test case to cover non-empty auth entry
Signed-off-by: Jon Johnson <jonjohnson@google.com>
(cherry picked from commit 415f608620)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-17 13:36:56 +01:00
Jon Johnson a1c4a0f9e8
Allow username/password in config file
Signed-off-by: Jon Johnson <jonjohnson@google.com>
(cherry picked from commit 37e9cabf11)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-17 13:36:48 +01:00
Silvin Lubecki ab4a5cc0f7
Merge pull request #2195 from tiborvass/19.03-fix-cp
[19.03 backport] cp: allow trailing slash in non-existant destination
2020-01-16 22:39:34 +01:00
Sebastiaan van Stijn a7cad2fec2
Merge pull request #2184 from thaJeztah/19.03_backport_fix_max_replicas_per_node_interpolation
[19.03 backport] Add interpolation type cast for max_replicas_per_node
2020-01-16 21:17:38 +01:00