Previously, if while polling for oauth device-code login results a user
suspended the process (such as with CTRL-Z) and then restored it with
`fg`, an error might occur in the form of:
```
failed waiting for authentication: You are polling faster than the specified interval of 5 seconds.
```
This is due to our use of a `time.Ticker` here - if no receiver drains
the ticker channel (and timers/tickers use a buffered channel behind the
scenes), more than one tick will pile up, causing the program to "tick"
twice, in fast succession, after it is resumed.
The new implementation replaces the `time.Ticker` with a `time.Timer`
(`time.Ticker` is just a nice wrapper) and introduces a helper function
`resetTimer` to ensure that before every `select`, the timer is stopped
and it's channel is drained.
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
(cherry picked from commit 60d0450287)
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
(cherry picked from commit 81744d7aa8)
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
This commit adds support for the oauth [device-code](https://auth0.com/docs/get-started/authentication-and-authorization-flow/device-authorization-flow)
login flow when authenticating against the official registry.
This is achieved by adding `cli/internal/oauth`, which contains code to manage
interacting with the Docker OAuth tenant (`login.docker.com`), including launching
the device-code flow, refreshing access using the refresh-token, and logging out.
The `OAuthManager` introduced here is also made available through the `command.Cli`
interface method `OAuthManager()`.
In order to maintain compatibility with any clients manually accessing
the credentials through `~/.docker/config.json` or via credential
helpers, the added `OAuthManager` uses the retrieved access token to
automatically generate a PAT with Hub, and store that in the
credentials.
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
(cherry picked from commit fcfdd7b91f)
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
Ports that were picked from the ephemeral port range
were presented as `*:0->80/tcp`.
This patch changes the presentation to use the
actually assigned port, instead of the port specified
in `Endpoint.Spec` (which is always empty/zero (`0`))
Before this change;
ID NAME MODE REPLICAS IMAGE PORTS
5d44i665qj66 with-random-port replicated 1/1 nginx:alpine *:0->80/tcp
After this change;
ID NAME MODE REPLICAS IMAGE PORTS
5d44i665qj66 with-random-port replicated 1/1 nginx:alpine *:30000->80/tcp
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This fix use `scope=swarm` for service related network inspect.
The purpose is that, in case multiple networks with the same
name exist in different scopes, it is still possible to obtain
the network for services.
This fix is related to moby/moby#33630 and docker/cli#167
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
This adds a pretty template for both inspect subcommands. For configs,
it's particularly useful because it's a way to expose the config payload
in the CLI in a non-base64-encoded way.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>