Commit Graph

6531 Commits

Author SHA1 Message Date
Silvin Lubecki c35400655d
Merge pull request #2391 from thaJeztah/19.03_backport_fix_yamldocs
[19.03 backport] Fix yamldocs generator to accomodate nested subcommands
2020-03-17 16:50:45 +01:00
Sebastiaan van Stijn 9fd323afdc
Fix whitespace that caused short-format in generated YAML
If the markdown contains trailing spaces, or has tabs included,
the YAML generator uses a compact format for the text (using `\n`
and `\t`, instead of plain newlines).

The compact format makes it difficult to review changes in the
yaml docs when vendoring in the documentation repository.

This patch:

- removes trailing whitespace
- replaces tabs for spaces
- fixes some minor formatting and markdown issues

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit f912deeec7)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-03-17 16:42:19 +01:00
Sebastiaan van Stijn c936ea9693
Fix yamldocs generator to accomodate nested subcommands
The script was written to only take subcommands at the first and second level
into account, but failed to find the Markdown files for extended descriptions of
subcommands at the third level, such as `docker trust key generate`, and
`docker trust key load`:

    WARN: /go/src/github.com/docker/cli/docs/reference/commandline/key_generate.md does not exist, skipping
    WARN: /go/src/github.com/docker/cli/docs/reference/commandline/key_load.md does not exist, skipping
    WARN: /go/src/github.com/docker/cli/docs/reference/commandline/signer_add.md does not exist, skipping
    WARN: /go/src/github.com/docker/cli/docs/reference/commandline/signer_remove.md does not exist, skipping

This patch updates the script to accomodate subcommands that are more deeply
nested. While at it, some minor cleaning and linting issues were also addressed.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit e1b362847f)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-03-17 16:42:17 +01:00
Sebastiaan van Stijn d484456c29
Fix naming of reference docs files
These files were intended to document the `swarm join-token` and
`swarm unlock-key` subcommands, but were incorrectly using an underscore
instead of a hyphen (`-`). As a result, the examples were not picked up
by the yamldocs generator.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 5115bfa041)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-03-17 16:42:15 +01:00
Sebastiaan van Stijn 6a02465f4c
docs: update code-hints for compatibility with "rouge"
Unlike GitHub's web-UI, the "rouge" hightlighter used in our
online documentation is case-sensitive. As a result, code-blocks
having the Dockerfile (uppercase) code-hint were not highlighted.

This changes those to use lowercase, which is supported by both.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 824a9ce64b)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-03-17 15:04:51 +01:00
Silvin Lubecki f53663a951
Merge pull request #2364 from thaJeztah/19.03_backport_bump_golang_1.13
[19.03 backport] Update Golang 1.13.8
2020-03-12 18:00:04 +01:00
Sebastiaan van Stijn eb310fca49
Merge pull request #2373 from tiborvass/19.03-bump-grpc-1.23.1
[19.03 backport] Bump grpc to v1.23.1
2020-03-03 22:59:52 +01:00
Sebastiaan van Stijn 0e40b91921 vendor: bump google.golang.org/grpc v1.23.1
full diff: https://github.com/grpc/grpc-go/compare/v1.23.0...v1.23.1

- grpc/grpc-go#3018 server: set and advertise max frame size of 16KB
- grpc/grpc-go#3017 grpclb: fix deadlock in grpclb connection cache
    - Before the fix, if the timer to remove a SubConn fires at the
      same time NewSubConn cancels the timer, it caused a mutex leak
      and deadlock.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 013151ff78)
Signed-off-by: Tibor Vass <tibor@docker.com>
2020-03-03 21:39:18 +00:00
Tibor Vass a51e9e6397 vendor: update grpc to v1.23.0
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit 70a4eb2a49)
Signed-off-by: Tibor Vass <tibor@docker.com>
2020-03-03 21:39:13 +00:00
Sebastiaan van Stijn 6e07d210a4
Update Golang 1.13.8
Also pinning the e2e image to the "buster" variant,
which is what's currently used, but making it explicit.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 4313c8b3c6)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-27 17:52:57 +01:00
Silvin Lubecki 3ff19c3755
Merge pull request #2352 from thaJeztah/19.03_backport_add_daemon_redirect
[19.03 backport] docs: add redirect for old location of daemon reference
2020-02-26 17:18:59 +01:00
Sebastiaan van Stijn e94a87225a
docs: add redirect for old location of daemon reference
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 4cd4305b31)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-26 16:35:08 +01:00
Sebastiaan van Stijn 7c803f7c34
Merge pull request #2344 from thaJeztah/19.03_backport_builder_prune_flags
[19.03 backport] fix builder prune flag descriptions
2020-02-26 16:32:45 +01:00
Silvin Lubecki 4591b13318
Merge pull request #2342 from thaJeztah/19.03_backport_bump_golang_1.12.17
[19.03 backport] Update Golang 1.12.17
2020-02-19 11:48:11 +01:00
Sebastiaan van Stijn f9a5c1f152
Fix builder prune -a/--all flag description
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit aad9d2c958)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-18 14:33:42 +01:00
Samuel Cochran 829843333b
unused-for is a deprecated synonym
See 9e7d5ac5ea/builder/builder-next/builder.go (L574)

Signed-off-by: Samuel Cochran <sj26@sj26.com>
(cherry picked from commit 758d12e651)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-18 14:33:28 +01:00
Sebastiaan van Stijn f0e74408cf
Update Golang 1.12.17
full diff: https://github.com/golang/go/compare/go1.12.16...go1.12.17

go1.12.17 (released 2020/02/12) includes a fix to the runtime. See the Go 1.12.17
milestone on the issue tracker for details:

https://github.com/golang/go/issues?q=milestone%3AGo1.12.17+label%3ACherryPickApproved

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 5e5ef9e0b9)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-17 14:58:54 +01:00
Silvin Lubecki a4bedce165
Merge pull request #2320 from thaJeztah/19.03_docs_backports
[19.03 backport] assorted documentation updates
2020-02-10 17:20:36 +01:00
Sebastiaan van Stijn d4755cfbd5
docs: update deprecated status for --disable-legacy-registry
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 73c9a44d58)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-10 16:55:02 +01:00
Sebastiaan van Stijn 6eef644faf
docs: add status table to "deprecated.md"
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit d4c0de2719)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-10 16:32:37 +01:00
Sebastiaan van Stijn f47f8e333b
docs: mark deprecation of "docker engine" subcommands
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit e8c2dba697)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-10 16:32:36 +01:00
Sebastiaan van Stijn 64838b6907
docs: mark deprecation of "dab" files and top-level "deploy" subcommand
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit c7aca08497)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-10 16:32:33 +01:00
Sebastiaan van Stijn c8308ecf6c
docs: sort "deprecated.md" by deprecation release
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit b6875ad690)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-10 16:32:31 +01:00
Sebastiaan van Stijn 793c75015e
docs: update some release-versions in "deprecated.md"
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 672c00e1cc)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-10 16:32:29 +01:00
Sebastiaan van Stijn 776e181628
docs: minor touch-ups in "deprecated.md"
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit c3092d9408)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-10 16:32:27 +01:00
Sebastiaan van Stijn 7fac7eb1af
docs: service create: document os/arch constraints and more examples
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit f26e9a3a61)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-10 16:31:41 +01:00
Sebastiaan van Stijn 27f0612665
docs: service create: document non-matching/exclude constraints
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit b059c93c92)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-10 16:31:39 +01:00
Sebastiaan van Stijn d5ce81172f
docs: service create: use markdown table for constraints
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit abeb7babdf)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-10 16:31:36 +01:00
Misty Stanley-Jones 3a1d0c67ff
Give an example for --reserve-memory
Signed-off-by: Misty Stanley-Jones <misty@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 76852f82ba)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-10 16:30:55 +01:00
Silvin Lubecki e1c31c8910 Merge pull request #2315 from thaJeztah/19.03_backport_carry_855_config_opts
[19.03 backport] Add examples for configs
2020-02-10 12:01:37 +01:00
Abreto FU 2d6231ad4d
Remove a useless '\' and enhance a script in an example in the section 'Add entries ... (--add-host)'
Signed-off-by: Abreto FU <public@abreto.email>
(cherry picked from commit 07436dfe78)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-10 10:41:32 +01:00
Misty Stanley-Jones be60297514
Add examples for configs
Signed-off-by: Misty Stanley-Jones <misty@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 473a9d20cd)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-10 10:38:58 +01:00
Silvin Lubecki 528b959ebc
Merge pull request #2311 from thaJeztah/19.03_backport_carry_1889_build_docs_update
[19.03 backport] documentation updates
2020-02-06 17:16:35 +01:00
Venkateswara Reddy Bukkasamudram b668f31022
Syntax corrected
Below are the changes proposed.
- Corrected syntax error.
- Updated example commands to maintain consistency.
- Provided more clarity.

Signed-off-by: Venkateswara Reddy Bukkasamudram <bukkasamudram@outlook.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 74cc062d24)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-06 16:52:11 +01:00
Tonis Tiigi 7bfe3d2006
docs: document dockerignore update
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 4f3bc15817)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-06 16:52:09 +01:00
Tonis Tiigi f6ec0a368e
docs: document build outputs
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit f7009ee126)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-06 16:52:07 +01:00
Tonis Tiigi 56324e6348
docs: document cache-from
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 73cd257d0f)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-06 16:52:04 +01:00
Kovah 040920f428
Add notice about port binding and overriding of UFW to docker run reference
Signed-off-by: Kovah <mail@kovah.de>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit a955ed6477)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-06 16:52:02 +01:00
Silvin Lubecki 5908cdf87c
Merge pull request #2302 from thaJeztah/19.03_bump_golang_1.12.16
[19.03 backport] Update Golang 1.12.16, golang.org/x/crypto (CVE-2020-0601, CVE-2020-7919)
2020-01-30 16:25:51 +01:00
Sebastiaan van Stijn 3179a3b1e5
vendor: update golang.org/x/crypto 69ecbb4d6d5dab05e49161c6e77ea40a030884e1 (CVE-2020-7919)
Includes 69ecbb4d6d
(forward-port of 8b5121be2f),
which fixes CVE-2020-7919:

- Panic in crypto/x509 certificate parsing and golang.org/x/crypto/cryptobyte
  On 32-bit architectures, a malformed input to crypto/x509 or the ASN.1 parsing
  functions of golang.org/x/crypto/cryptobyte can lead to a panic.
  The malformed certificate can be delivered via a crypto/tls connection to a
  client, or to a server that accepts client certificates. net/http clients can
  be made to crash by an HTTPS server, while net/http servers that accept client
  certificates will recover the panic and are unaffected.
  Thanks to Project Wycheproof for providing the test cases that led to the
  discovery of this issue. The issue is CVE-2020-7919 and Go issue golang.org/issue/36837.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 27d9aa2d9f)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-29 22:39:00 +01:00
Sebastiaan van Stijn 4d630fe843
Update Golang 1.12.16 (CVE-2020-0601, CVE-2020-7919)
full diff: https://github.com/golang/go/compare/go1.12.15...go1.12.16

go1.12.16 (released 2020/01/28) includes two security fixes. One mitigates the
CVE-2020-0601 certificate verification bypass on Windows. The other affects only
32-bit architectures.

https://github.com/golang/go/issues?q=milestone%3AGo1.12.16+label%3ACherryPickApproved

- X.509 certificate validation bypass on Windows 10
  A Windows vulnerability allows attackers to spoof valid certificate chains when
  the system root store is in use. These releases include a mitigation for Go
  applications, but it’s strongly recommended that affected users install the
  Windows security update to protect their system.
  This issue is CVE-2020-0601 and Go issue golang.org/issue/36834.
- Panic in crypto/x509 certificate parsing and golang.org/x/crypto/cryptobyte
  On 32-bit architectures, a malformed input to crypto/x509 or the ASN.1 parsing
  functions of golang.org/x/crypto/cryptobyte can lead to a panic.
  The malformed certificate can be delivered via a crypto/tls connection to a
  client, or to a server that accepts client certificates. net/http clients can
  be made to crash by an HTTPS server, while net/http servers that accept client
  certificates will recover the panic and are unaffected.
  Thanks to Project Wycheproof for providing the test cases that led to the
  discovery of this issue. The issue is CVE-2020-7919 and Go issue golang.org/issue/36837.
  This is also fixed in version v0.0.0-20200124225646-8b5121be2f68 of golang.org/x/crypto/cryptobyte.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 19fd390c36)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-29 22:23:41 +01:00
Silvin Lubecki 9b02509a69
Merge pull request #2291 from thaJeztah/19.03_backport_update_flag_description
[19.03 backport] Update flag description for docker rm -v
2020-01-28 16:10:01 +01:00
Silvin Lubecki 696605c99b
Merge pull request #2292 from thaJeztah/19.03_backport_hide_unsupported_buildkit_flags
[19.03 backport] Annotate flags that are not supported by Buildkit
2020-01-27 18:19:34 +01:00
Sebastiaan van Stijn 25d53feb65
Annotate flags that are not supported by Buildkit
Before this patch:

```

Usage:	docker build [OPTIONS] PATH | URL | -

Build an image from a Dockerfile

Options:
      --add-host list           Add a custom host-to-IP mapping (host:ip)
      --build-arg list          Set build-time variables
      --cache-from strings      Images to consider as cache sources
      --cgroup-parent string    Optional parent cgroup for the container
      --cpu-period int          Limit the CPU CFS (Completely Fair Scheduler) period
      --cpu-quota int           Limit the CPU CFS (Completely Fair Scheduler) quota
  -c, --cpu-shares int          CPU shares (relative weight)
      --cpuset-cpus string      CPUs in which to allow execution (0-3, 0,1)
      --cpuset-mems string      MEMs in which to allow execution (0-3, 0,1)
      --disable-content-trust   Skip image verification (default true)
  -f, --file string             Name of the Dockerfile (Default is 'PATH/Dockerfile')
      --force-rm                Always remove intermediate containers
      --iidfile string          Write the image ID to the file
      --isolation string        Container isolation technology
      --label list              Set metadata for an image
  -m, --memory bytes            Memory limit
      --memory-swap bytes       Swap limit equal to memory plus swap: '-1' to enable unlimited swap
      --network string          Set the networking mode for the RUN instructions during build (default "default")
      --no-cache                Do not use cache when building the image
  -o, --output stringArray      Output destination (format: type=local,dest=path)
      --platform string         Set platform if server is multi-platform capable
      --progress string         Set type of progress output (auto, plain, tty). Use plain to show container output (default "auto")
      --pull                    Always attempt to pull a newer version of the image
  -q, --quiet                   Suppress the build output and print image ID on success
      --rm                      Remove intermediate containers after a successful build (default true)
      --secret stringArray      Secret file to expose to the build (only if BuildKit enabled): id=mysecret,src=/local/secret
      --security-opt strings    Security options
      --shm-size bytes          Size of /dev/shm
      --squash                  Squash newly built layers into a single new layer
      --ssh stringArray         SSH agent socket or keys to expose to the build (only if BuildKit enabled) (format: default|<id>[=<socket>|<key>[,<key>]])
  -t, --tag list                Name and optionally a tag in the 'name:tag' format
      --target string           Set the target build stage to build.
      --ulimit ulimit           Ulimit options (default [])
```

With this patch applied:

```
DOCKER_BUILDKIT=1 docker build --help

Usage:	docker build [OPTIONS] PATH | URL | -

Build an image from a Dockerfile

Options:
      --add-host list           Add a custom host-to-IP mapping (host:ip)
      --build-arg list          Set build-time variables
      --cache-from strings      Images to consider as cache sources
      --disable-content-trust   Skip image verification (default true)
  -f, --file string             Name of the Dockerfile (Default is 'PATH/Dockerfile')
      --iidfile string          Write the image ID to the file
      --isolation string        Container isolation technology
      --label list              Set metadata for an image
      --network string          Set the networking mode for the RUN instructions during build (default "default")
      --no-cache                Do not use cache when building the image
  -o, --output stringArray      Output destination (format: type=local,dest=path)
      --platform string         Set platform if server is multi-platform capable
      --progress string         Set type of progress output (auto, plain, tty). Use plain to show container output (default "auto")
      --pull                    Always attempt to pull a newer version of the image
  -q, --quiet                   Suppress the build output and print image ID on success
      --secret stringArray      Secret file to expose to the build (only if BuildKit enabled): id=mysecret,src=/local/secret
      --squash                  Squash newly built layers into a single new layer
      --ssh stringArray         SSH agent socket or keys to expose to the build (only if BuildKit enabled) (format: default|<id>[=<socket>|<key>[,<key>]])
  -t, --tag list                Name and optionally a tag in the 'name:tag' format
      --target string           Set the target build stage to build.
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 7eecbb96af)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-27 15:57:30 +01:00
Sebastiaan van Stijn 1d540a50d0
Update flag description for docker rm -v
The `-v` option removes anonymous volume only, and keeps
named volumes.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 8f5379b301)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-27 15:53:37 +01:00
Silvin Lubecki 16d5974584
Merge pull request #2276 from thaJeztah/19.03_backport_bump_golang_1.12.15
[19.03 backport] Update Golang 1.12.15
2020-01-21 14:36:04 +01:00
Sebastiaan van Stijn 3694e78a56
Update Golang 1.12.15
full diff: https://github.com/golang/go/compare/go1.12.14...go1.12.15

go1.12.15 (released 2020/01/09) includes fixes to the runtime and the net/http
package. See the Go 1.12.15 milestone on the issue tracker for details:

https://github.com/golang/go/issues?q=milestone%3AGo1.12.15+label%3ACherryPickApproved

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 84c6b08cf6)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-21 13:11:24 +01:00
Sebastiaan van Stijn 998d8235c3
Bump Golang 1.12.14
go1.12.14 (released 2019/12/04) includes a fix to the runtime. See the Go 1.12.14
milestone on our issue tracker for details:

https://github.com/golang/go/issues?q=milestone%3AGo1.12.14+label%3ACherryPickApproved

Update Golang 1.12.13
------------------------

go1.12.13 (released 2019/10/31) fixes an issue on macOS 10.15 Catalina where the
non-notarized installer and binaries were being rejected by Gatekeeper. Only macOS
users who hit this issue need to update.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 4beea58531)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-21 13:11:17 +01:00
Silvin Lubecki a3e131b323
Merge pull request #2264 from thaJeztah/19.03_backport_passthrough_user_pass
[19.03 backport] Allow username/password in config file
2020-01-17 14:53:33 +01:00
Silvin Lubecki 7a9a020688
Merge pull request #2265 from thaJeztah/19.03_backport_fix_pull_test
[19.03 backport] fix(pull_test): for quiet option
2020-01-17 14:49:03 +01:00