Commit Graph

189 Commits

Author SHA1 Message Date
Sebastiaan van Stijn 60c3836365
cli/compose/schema: make version: "3" equivalent to "3.x" (latest)
Previously, `version: "3"` was equivalent to `version: "3.0"`, which
caused confusion for many users, as they expected it to be "3.x".

docker-compose and docker compose (v2) have adopted the compose-spec
(https://compose-spec.io), which no longer has a version field in
the compose file, and always picks the "latest" supported version.

This changes how `docker stack` interprets "major" version numbers
specified in compose-files:

When only the major version ("3") is specified, it is now equivalent
to "3.x" (latest supported v3 schema).

Compose-files that specify both major and minor version (e.g. "3.0"
or "3.1") continue to use the existing behavior; validation is down-
graded to the specified version and will produce an error if options
are used that are not supported in that schema version. This allows
users to locally verify that a composse-file does not use options
that are not supported in the intended deployment environment (for
example if the deploy environment only supports older versions of
the schema).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-01 09:40:33 +01:00
Sebastiaan van Stijn 6c75b75aaa
Merge pull request #3257 from thaJeztah/compose_remove_required_version
cli/compose: add schema 3.10, with optional version field (default to "latest")
2022-02-25 19:47:55 +01:00
Sebastiaan van Stijn b9f0340b68
cli/compose: remove deprecated io/ioutil
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-25 15:42:15 +01:00
Sebastiaan van Stijn a7778806a0
cli/compose/schema: make version optional, default to "latest"
The compose spec (https://compose-spec.io) defines the version to be optional,
and implementations of the spec to check for supported attributes instead.

While this change does not switch the `docker stack` implementation to use the
compose-spec, it makes it function more similar. Previously, omitting a version
number would either produce an error (as the field was required), or switched
the handling to assume it was version 1.0 (which is deprecated).

With this change, compose files without a version number will be handled as
the latest version supported by `docker stack` (currently 3.10). This allows
users that work with docker-compose or docker compose (v2) to deploy their
compose file, without having to re-add a version number. Fields that are
not supported by stackes (schema 3.10) will still produce an error.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-18 12:26:04 +01:00
Sebastiaan van Stijn a9fd697737
cli/compose: add schema 3.10 (no changes with 3.9 yet)
Adding a copy of the 3.9 schema, with only the version-string changed.
This makes it easier to find changes since 3.9, which are added after
this.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-18 12:26:02 +01:00
Sebastiaan van Stijn d44eca129f
cli/compose/schema: Validate(): normalize version before validating
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-18 12:26:00 +01:00
Sebastiaan van Stijn 818564af51
cli/compose: use go1.16 native embed functionality for schemas
This allows us to drop the `//go:generate` and use of the github.com/mjibson/esc
utility.

worth noting that Go's native "embed" does not compress files. We could compress
these files as part of a build / validate step (which would add some complexity
when updating these files) if this is a concern, but not sure if the additional
complexity is warranted.

Comparing before/after sizes (see below);

    macOS: 54125840 - 54005264 = 120576 (+120.58 kB)
    Linux: 52393231 - 52277701 = 115530 (+115.53 kB)

Before:

    ls -l build/
    total 208736
    lrwxr-xr-x  1 sebastiaan  staff        19 Aug 15 09:36 docker@ -> docker-linux-amd64
    -rwxr-xr-x  1 sebastiaan  staff  54005264 Aug 15 09:35 docker-darwin-amd64*
    -rwxr-xr-x  1 sebastiaan  staff  52277701 Aug 15 09:36 docker-linux-amd64*

After:

    ls -l build/
    total 208960
    lrwxr-xr-x  1 sebastiaan  staff        18 Aug 15 09:32 docker@ -> docker-linux-amd64
    -rwxr-xr-x  1 sebastiaan  staff  54125840 Aug 15 09:31 docker-darwin-amd64*
    -rwxr-xr-x  1 sebastiaan  staff  52393231 Aug 15 09:32 docker-linux-amd64*

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-08-15 10:04:13 +02:00
Albin Kerouanton 940907951b
Support ulimits in docker stack deploy
This is related to moby/moby 40639.

Signed-off-by: Albin Kerouanton <albin@akerouanton.name>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-10 14:59:02 +02:00
Sebastiaan van Stijn 190c64b415
Service cap-add/cap-drop: improve handling of combinations and special "ALL" value
When creating and updating services, we need to avoid unneeded service churn.

The interaction of separate lists to "add" and "drop" capabilities, a special
("ALL") capability, as well as a "relaxed" format for accepted capabilities
(case-insensitive, `CAP_` prefix optional) make this rather involved.

This patch updates how we handle `--cap-add` / `--cap-drop` when  _creating_ as
well as _updating_, with the following rules/assumptions applied:

- both existing (service spec) and new (values passed through flags or in
  the compose-file) are normalized and de-duplicated before use.
- the special "ALL" capability is equivalent to "all capabilities" and taken
  into account when normalizing capabilities. Combining "ALL" capabilities
  and other capabilities is therefore equivalent to just specifying "ALL".
- adding capabilities takes precedence over dropping, which means that if
  a capability is both set to be "dropped" and to be "added", it is removed
  from the list to "drop".
- the final lists should be sorted and normalized to reduce service churn
- no validation of capabilities is handled by the client. Validation is
  delegated to the daemon/server.

When deploying a service using a docker-compose file, the docker-compose file
is *mostly* handled as being "declarative". However, many of the issues outlined
above also apply to compose-files, so similar handling is applied to compose
files as well to prevent service churn.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-08 14:38:35 +02:00
Olli Janatuinen 0db61ff6da
stack: Support cap_add and cap_drop on services
Signed-off-by: Olli Janatuinen <olli.janatuinen@gmail.com>
Signed-off-by: Albin Kerouanton <albin@akerouanton.name>
2020-09-08 14:24:52 +02:00
Sebastiaan van Stijn 251861237a
Replace mattn/go-shellwords with google/shlex
Both libaries provide similar functionality. We're currently using
Google Shlex in more places, so prefering that one for now, but we
could decide to switch to mattn/go-shellwords in future if that
library is considered better (it looks to be more actively maintained,
but that may be related to it providing "more features").

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-07-20 10:20:42 +02:00
Sebastiaan van Stijn 851eeb9639
Add support for pids limit in stacks (swarm)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-06-18 21:25:08 +02:00
Sebastiaan van Stijn 0d57a400b3
vendor: docker/docker aaf470eca7b588aa19e6681bff8bf08d17be1bf2
full diff: 41ac6bef8d...aaf470eca7

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-06-15 13:32:53 +02:00
Sebastiaan van Stijn 0c5f97ed72
compose: add build.extra_hosts to v3.9 schema
This is not currently used by the CLI, but can be used by
docker compose to bring parity on this feature with the
compose v2.4 schema.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-05-10 20:01:03 +02:00
Sebastiaan van Stijn f88ae74135
Add "host-gateway" to tests for extra_hosts / --add-host
67ebcd6dcf added an exception for
the "host-gateway" magic value to the validation rules, but didn't
add thise value to any of the tests.

This patch adds the magic value to tests, to verify the validation
is skipped for this magic value.

Note that validation on the client side is "optional" and mostly
done to provide a more user-friendly error message for regular
values (IP-addresses).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-04-15 09:52:55 +02:00
Silvin Lubecki 30d6ee997b
Merge pull request #2357 from thaJeztah/gofmt_test
gofmt compose loader test
2020-02-26 15:23:57 +01:00
Sebastiaan van Stijn 2c0e93063b
bump gotest.tools v3.0.1 for compatibility with Go 1.14
full diff: https://github.com/gotestyourself/gotest.tools/compare/v2.3.0...v3.0.1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-23 00:28:55 +01:00
Sebastiaan van Stijn 5ef0fa10de
gofmt compose loader test
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-22 18:22:27 +01:00
Sebastiaan van Stijn 11869fa42a
fix panic on single-character volumes
Before this change, this would cause a panic:

    docker run -it --rm -v 1:/1 alpine
    panic: runtime error: index out of range

    goroutine 1 [running]:
    github.com/docker/cli/cli/compose/loader.isFilePath(0xc42027e058, 0x1, 0x557dcb978c20)
    ...

After this change, a correct error is returned:

    docker run -it --rm -v 1:/1 alpine
    docker: Error response from daemon: create 1: volume name is too short, names should be at least two alphanumeric characters.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-21 01:38:52 +01:00
Rob Gulewich 5ad1d4d4c8 docker run: specify cgroup namespace mode with --cgroupns
Signed-off-by: Rob Gulewich <rgulewich@netflix.com>
2020-01-29 22:50:37 +00:00
Sebastiaan van Stijn 97010520d4
bump mjibson/esc v0.2.0
full diff: https://github.com/mjibson/esc/compare/v0.1.0...v0.2.0

includes:

- mjibson/esc#51 Readdir Implementation - and covering with tests
- mjibson/esc#53 update go versions and golint import location
- mjibson/esc#58 Avoid unnecessary conversion and so pass with unconvert linter

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-27 17:40:56 +01:00
Nick Adcock 4006c42e13 Added transforms for compose overrides
Added transforms for when merging compose overrides to preserve the
functionality that was broken by bumping mergo to v1.3.8

This includes:
- Special transform for ulimits so single overrides both soft/hard and
the reverse
- Special transform for service network configs so the override replaces
all aliases

Signed-off-by: Nick Adcock <nick.adcock@docker.com>
2020-01-24 15:52:36 +00:00
Djordje Lukic cb29ef6c6d Add interpolation type cast for max_replicas_per_node
Fixes https://github.com/docker/app/issues/688

Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>
2019-11-05 08:31:36 +01:00
Sebastiaan van Stijn aafe3df8b3
cli/compose/template: Using the variable on range scope `tc` in function literal (scopelint)
```
cli/compose/template/template_test.go:279:31: Using the variable on range scope `tc` in function literal (scopelint)
			actual := ExtractVariables(tc.dict, defaultPattern)
			                           ^
cli/compose/template/template_test.go:280:41: Using the variable on range scope `tc` in function literal (scopelint)
			assert.Check(t, is.DeepEqual(actual, tc.expected))
			                                     ^
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-31 19:22:38 +01:00
Sebastiaan van Stijn 612d83d6df
cli: remove unnecessary newlines (whitespace)
```
cli/config/config_test.go:465: unnecessary trailing newline (whitespace)

}
cli/compose/interpolation/interpolation.go:56: unnecessary leading newline (whitespace)
	switch value := value.(type) {

cli/compose/interpolation/interpolation.go:94: unnecessary trailing newline (whitespace)

	}
cli/command/image/build/context.go:348: unnecessary trailing newline (whitespace)

		}
internal/licenseutils/client_test.go:98: unnecessary leading newline (whitespace)
func (c *fakeLicensingClient) LoadLocalLicense(ctx context.Context, dclnt licensing.WrappedDockerClient) (*model.Subscription, error) {

cli/registry/client/fetcher.go:211: unnecessary leading newline (whitespace)
	for _, endpoint := range endpoints {
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-31 19:22:36 +01:00
Sebastiaan van Stijn 96ec7299d8
cli/compose/loader: Using a reference for the variable on range scope `overrideService` (scopelint)
```
cli/compose/loader/merge.go:64:41: Using a reference for the variable on range scope `overrideService` (scopelint)
			if err := mergo.Merge(&baseService, &overrideService, mergo.WithAppendSlice, mergo.WithOverride, mergo.WithTransformers(specials)); err != nil {
			                                     ^
cli/compose/loader/loader_test.go:1587:28: Using the variable on range scope `testcase` in function literal (scopelint)
			config, err := loadYAML(testcase.yaml)
			                        ^
cli/compose/loader/loader_test.go:1590:58: Using the variable on range scope `testcase` in function literal (scopelint)
			assert.Check(t, is.DeepEqual(config.Services[0].Init, testcase.init))
			                                                      ^
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-31 19:22:34 +01:00
Sebastiaan van Stijn 34f595975d
cli/compose/convert: driverObjectConfig - result 1 (error) is always nil (unparam)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-31 19:22:26 +01:00
Silvin Lubecki c237379167
cli/compose/convert/service_test.go:274:72: unnecessary conversion (unconvert)
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-10-31 19:22:24 +01:00
Sebastiaan van Stijn 9118b2b2b8
compose/loader: define type for transformer-functions
Also explicitly type transformer-functions

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-31 19:22:21 +01:00
Silvin Lubecki 6eb0c9c613
disable unparam linter on these functions, as we need an error in these function signatures
cli/compose/loader/loader.go:756:66: transformServiceNetworkMap - result 1 (error) is always nil (unparam)
cli/compose/loader/loader.go:767:67: transformStringOrNumberList - result 1 (error) is always nil (unparam)

Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-31 19:22:21 +01:00
Silvin Lubecki d640f44df3
cli/compose/convert: result 1 (error) is always nil (unparam)
cli/compose/convert/service.go:592:76: convertDNSConfig - result 1 (error) is always nil (unparam)
cli/compose/convert/service.go:538:110: convertEndpointSpec - result 1 (error) is always nil (unparam)

Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-31 19:22:20 +01:00
Silvin Lubecki 1bfe81318d
cli/compose/types/types.go:106:2: structtag: struct field tag `yaml:",inline", json:"-"` not compatible with reflect.StructTag.Get: key:"value" pairs not separated by spaces (govet)
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-10-31 19:22:14 +01:00
Sebastiaan van Stijn 0a21de05d2
compose/loader: fix TestIsAbs not testing all combinations
This test was intending to run all tests, but didn't, which was
caught by golangci-lint;

    cli/compose/loader/windows_path_test.go:46:17: SA4010: this result of append is never used, except maybe in other appends (staticcheck)
    	tests := append(isabstests, winisabstests...)
    	               ^

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-29 15:02:23 +01:00
Sebastiaan van Stijn 06f34ba507
bump github.com/xeipuuv/gojsonschema v1.1.0
full diff: 93e72a773f...f971f3cd73

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-10 23:00:43 +02:00
Ulysses Souza 821f5ecf53 Add option remove `env_file` entry after merged
This avoids having a redundant `env_file` entry
output when rendering the compose file

Signed-off-by: Ulysses Souza <ulysses.souza@docker.com>
2019-09-23 17:40:45 +02:00
Sebastiaan van Stijn 5bc1f24dfd
Add docker-compose schema v3.9
This is currently just a copy of the v3.8 schema, in preparation
of new features to be added in the new schema.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-08-30 10:58:05 +02:00
Sebastiaan van Stijn d6dd08d568
Detect Windows absolute paths on non-Windows CLI
When deploying a stack using a relative path as bind-mount
source in the compose file, the CLI converts the relative
path to an absolute path, relative to the location of the
docker-compose file.

This causes a problem when deploying a stack that uses
an absolute Windows path, because a non-Windows client will
fail to detect that the path (e.g. `C:\somedir`) is an absolute
path (and not a relative directory named `C:\`).

The existing code did already take Windows clients deploying
a Linux stack into account (by checking if the path had a leading
slash). This patch adds the reverse, and adds detection for Windows
absolute paths on non-Windows clients.

The code used to detect Windows absolute paths is copied from the
Golang filepath package;
1d0e94b1e1/src/path/filepath/path_windows.go (L12-L65)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-07-10 21:25:03 +02:00
Silvin Lubecki efdf36fa81 Rollback config type interpolation on fields "parallelism" and "max_failure_ratio" were missing, as it uses the same type as update_config.
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-07-03 17:23:33 +02:00
Drew Erny 42ec51e1ae add support for config credentialspecs to compose
Signed-off-by: Drew Erny <drew.erny@docker.com>
2019-04-12 11:17:34 -05:00
Sebastiaan van Stijn 6511da877f Add support for using Configs as CredentialSpecs in services
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-04-12 11:17:29 -05:00
Sune Keller ed838bff1f Add test case
Signed-off-by: Sune Keller <absukl@almbrand.dk>
2019-04-05 12:01:21 +02:00
Sune Keller c662ba03de Make use of driver and driver_opts fields in secrets
Signed-off-by: Sune Keller <absukl@almbrand.dk>
2019-04-05 12:01:21 +02:00
Sune Keller 89f9d806ff Add driver and driver_opts to secret in compose schema 3.8
Signed-off-by: Sune Keller <absukl@almbrand.dk>
2019-04-05 12:01:21 +02:00
Sebastiaan van Stijn f620349837
Add systctl support for services
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-19 13:33:32 +01:00
Vincent Demeester 7764101a54
Add support for `template_driver` in composefiles
This maps the `--template-driver` flag on secret and config creation.

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-18 23:49:30 +01:00
Sebastiaan van Stijn 70846619a9
Update compose 3.8 to disallow additional properties
This was added in other schemas in 1e99ed3ca3,
but not coppied to version 3.8

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-18 12:56:16 +01:00
Sebastiaan van Stijn 0fc0015173
bump docker/docker to 8aca18d631f3f72d4c6e3dc01b6e5d468ad941b8
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-02 13:41:42 +01:00
Sebastiaan van Stijn cfe12f4135
Merge pull request #1410 from olljanat/replicas-max-per-node
Add maximum replicas per node support to stack version 3.8
2019-02-20 13:22:18 +01:00
Olli Janatuinen 6347ab315b Add maximum replicas per node support to stack version 3.8
Signed-off-by: Olli Janatuinen <olli.janatuinen@gmail.com>
2019-02-19 11:25:12 +02:00
Sebastiaan van Stijn 1e99ed3ca3
Disallow additional properties in credential_spec
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-02-02 18:27:50 +01:00