Commit Graph

6261 Commits

Author SHA1 Message Date
Sebastiaan van Stijn 9a39a10e03
Merge pull request #1754 from thaJeztah/add_sysctls_for_services
Add systctl support for services
2019-03-20 00:17:33 +01:00
Sebastiaan van Stijn 9d802706a5
vendor github.com/Microsoft/go-winio v0.4.12
no local changes

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-19 22:22:11 +01:00
Sebastiaan van Stijn aaffb71746
vendor golang.org/x/sync 42b317875d0fa942474b76e1b46a6060d720ae6e
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-19 22:22:03 +01:00
Sebastiaan van Stijn e06dedf365
bump containerd, runc and dependencies
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-19 22:22:00 +01:00
Sebastiaan van Stijn 208d69918d
vendor swarmkit 415dc72789e2b733ea884f09188c286ca187d8ec
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-19 22:21:57 +01:00
Sebastiaan van Stijn 5ccaaef8c1
vendor golang.org/x/sys d455e41777fca6e8a5a79e34a14b8368bc11d9ba
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-19 22:21:54 +01:00
Sebastiaan van Stijn fd769e1aff
Update docker/docker to 827cb09f87964ed38b46502f22a585f2ed4a78e1
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-19 22:21:51 +01:00
Sebastiaan van Stijn 84d34d959a
bump imdario/mergo v0.3.7
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-19 17:13:08 +01:00
Sebastiaan van Stijn 5db2f9e301
bump json-iterator/go 1.1.6
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-19 17:13:03 +01:00
Sebastiaan van Stijn a29b0c945d
bump mattn/go-shellwords v1.0.5
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-19 17:13:00 +01:00
Sebastiaan van Stijn 0f0cedc5ac
bump github.com/pkg/errors v0.8.1
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-19 17:12:57 +01:00
Sebastiaan van Stijn b5993fa3b2
Update authors
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-19 17:06:36 +01:00
Sebastiaan van Stijn 6d59892b66
Merge pull request #1704 from ijc/allow-passing-args-to-e2e-tests
Allow flags to be passed to e2e tests
2019-03-19 13:37:28 +01:00
Sebastiaan van Stijn f620349837
Add systctl support for services
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-19 13:33:32 +01:00
Vincent Demeester a4a50de4b8
Merge pull request #1671 from thaJeztah/fix_labels_expanding_env_vars
Fix labels copying value from environment variables
2019-03-19 12:18:55 +01:00
Vincent Demeester fc9ef7087e
Merge pull request #1732 from sjeandeaux/fix/issue-117
[pretty print] pretty print and healthcheck
2019-03-19 11:54:41 +01:00
Vincent Demeester 2871b723ad
Merge pull request #1746 from thaJeztah/carry_compose_template_driver
[carry] Add support for `template_driver` in composefiles
2019-03-19 08:09:27 +01:00
Sebastiaan van Stijn e5702e000c
Tweak validation messages
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-19 03:17:02 +01:00
Sebastiaan van Stijn b5d0d179e7
Add back validation for invalid label values on containers
This adds validation to `docker container run` / `docker container create`;

Validation of labels provided through flags was removed in 31dc5c0a9a,
after the validation was changed to fix labels without values, and to prevent
labels from being expanded with environment variables in 2b17f4c8a8

However, now empty label names from _files_ (`--label-file`) followed different
validation rules than labels passed through `--label`.

This patch adds back minimal validation for labels passed through the command-line

Before this patch:

```bash
docker container create \
  --name label \
  --label==with-leading-equal-sign \
  --label=without-value \
  --label=somelabel=somevalue \
  --label "  =  " \
  --label=with-quotes-in-value='{"foo"}' \
  --label='with"quotes"in-key=test' \
  busybox

docker container inspect --format '{{json .Config.Labels}}' label
```

```json
{
  "": "with-leading-equal-sign",
  "  ": "  ",
  "somelabel": "somevalue",
  "with\"quotes\"in-key": "test",
  "with-quotes-in-value": "{\"foo\"}",
  "without-value": ""
}
```

After this patch:

```bash
docker container create \
  --name label \
  --label==with-leading-equal-sign \
  --label=without-value \
  --label=somelabel=somevalue \
  --label "  =  " \
  --label=with-quotes-in-value='{"foo"}' \
  --label='with"quotes"in-key=test' \
  busybox

invalid argument "=with-leading-equal-sign" for "-l, --label" flag: invalid label format: "=with-leading-equal-sign"
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-19 03:02:06 +01:00
Sebastiaan van Stijn f2424bd375
Fix labels copying value from environment variables
This patch fixes a bug where labels use the same behavior as `--env`, resulting
in a value to be copied from environment variables with the same name as the
label if no value is set (i.e. a simple key, no `=` sign, no value).

An earlier pull request addressed similar cases for `docker run`;
2b17f4c8a8, but this did not address the
same situation for (e.g.) `docker service create`.

Digging in history for this bug, I found that use of the `ValidateEnv`
function for  labels was added in the original implementation of the labels feature in
abb5e9a077 (diff-ae476143d40e21ac0918630f7365ed3cR34)

However, the design never intended it to expand environment variables,
and use of this function was either due to either a "copy/paste" of the
equivalent `--env` flags, or a misunderstanding (the name `ValidateEnv` does
not communicate that it also expands environment variables), and the existing
`ValidateLabel` was designed for _engine_ labels (which required a value to
be set).

Following the initial implementation, other parts of the code followed
the same (incorrect) approach, therefore leading the bug to be introduced
in services as well.

This patch:

- updates the `ValidateLabel` to match the expected validation
  rules (this function is no longer used since 31dc5c0a9a),
  and the daemon has its own implementation)
- corrects various locations in the code where `ValidateEnv` was used instead of `ValidateLabel`.

Before this patch:

```bash
export SOME_ENV_VAR=I_AM_SOME_ENV_VAR
docker service create --label SOME_ENV_VAR --tty --name test busybox

docker service inspect --format '{{json .Spec.Labels}}' test
{"SOME_ENV_VAR":"I_AM_SOME_ENV_VAR"}
```

After this patch:

```bash
export SOME_ENV_VAR=I_AM_SOME_ENV_VAR
docker service create --label SOME_ENV_VAR --tty --name test busybox

docker container inspect --format '{{json .Config.Labels}}' test
{"SOME_ENV_VAR":""}
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-19 03:01:57 +01:00
Stephane Jeandeaux d4ad7a94d2 [#117] remove blank line and fix order
Signed-off-by: Stephane Jeandeaux <stephane.jeandeaux@gmail.com>
2019-03-18 21:37:22 -04:00
Sebastiaan van Stijn e4aa87ff6e
Merge pull request #1663 from cwilhit/crwilhit-WindowsDocs-Update
Add docs for --device option in Windows
2019-03-19 02:33:32 +01:00
Tibor Vass bf959a2be4
Merge pull request #1708 from thaJeztah/bump_golang_1.12
Bump Golang 1.12.1
2019-03-18 17:57:17 -07:00
Vincent Demeester 7764101a54
Add support for `template_driver` in composefiles
This maps the `--template-driver` flag on secret and config creation.

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-18 23:49:30 +01:00
Sebastiaan van Stijn 8c3a619d13
Merge pull request #1740 from tonistiigi/platform-flag
build: enable platform flag for build if buildkit
2019-03-18 19:21:46 +01:00
Tonis Tiigi 2caffb12c7 build: enable platform flag for build if buildkit
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-03-18 10:37:08 -07:00
Vincent Demeester f2123b3fe4
Merge pull request #1749 from thaJeztah/compose_3.8_compose_credential_spec_fix
Update compose 3.8 to disallow additional properties
2019-03-18 16:02:47 +01:00
Silvin Lubecki 0d922266e2
Merge pull request #1397 from thaJeztah/fix-subscription-filter
[master] fix subscription filter
2019-03-18 15:35:08 +01:00
Silvin Lubecki d80e023382
Merge pull request #1750 from thaJeztah/fix_circle_vendor_flakiness
CircleCI: Increase no-output timeout to 15 minutes for vendoring
2019-03-18 15:22:48 +01:00
Sebastiaan van Stijn 69f1727248
Merge pull request #1524 from thaJeztah/fix_system_prune_output
Fix "warning" output on docker system prune
2019-03-18 15:11:22 +01:00
Mason Fish e7176e8dd0
fix subscription filter
Signed-off-by: Mason Fish <mason.fish@docker.com>
(cherry picked from commit a31b20d7db)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-18 14:57:30 +01:00
Sebastiaan van Stijn 81b319aa5f
Bump Golang 1.12.1
go1.12.1 (released 2019/03/14) includes fixes to cgo, the compiler, the go
command, and the fmt, net/smtp, os, path/filepath, sync, and text/template
packages. See the Go 1.12.1 milestone on our issue tracker for details.

For the relase notes of Go 1.12.0, see: https://golang.org/doc/go1.12

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-18 14:47:24 +01:00
Silvin Lubecki 7f09b9d8e2
Merge pull request #1742 from thaJeztah/bump_golang_1.11.6
Bump Golang 1.11.6
2019-03-18 14:46:51 +01:00
Sebastiaan van Stijn 26e004797b
Make system prune warning filters human-readable
The warning, printed before running `docker system prune` was printing the
filters in JSON format.

This patch attempts to make the output human readable;

- updating the code, and template to print filters individually
- reducing the indentation (which was quite deep)

Before this patch was applied;

```
docker system prune --filter until=24h --filter label=hello-world --filter label!=foo=bar --filter label=bar=baz

WARNING! This will remove:
        - all stopped containers
        - all networks not used by at least one container
        - all dangling images
        - all dangling build cache
        - Elements to be pruned will be filtered with:
        - label={"label":{"bar=baz":true,"hello-world":true},"label!":{"foo=bar":true},"until":{"24h":true}}
Are you sure you want to continue? [y/N]
```

With this patch applied;

```
WARNING! This will remove:
  - all stopped containers
  - all networks not used by at least one container
  - all dangling images
  - all dangling build cache

  Items to be pruned will be filtered with:
  - label!=foo=bar
  - label!=never=remove-me
  - label=bar=baz
  - label=hello-world
  - label=remove=me
  - until=24h

Are you sure you want to continue? [y/N]
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-18 13:57:18 +01:00
Sebastiaan van Stijn 4a0218bb11
Fix system prune warning missing filters from config-file
The warning, printed before runing docker system prune was missing any filter
that was set in the configuration file. In addition, the warning prefixes the
filters with `label=`, which is no longer accurate, now that the prune command
also supports "until" as a filter.

Before this change, only the filters set on the command-line were shown,
and any filter set in the configuration file was missing;

```
mkdir -p ./test-config
echo '{"pruneFilters": ["label!=never=remove-me", "label=remove=me"]}' > test-config/config.json
docker --config=./test-config system prune --filter until=24h --filter label=hello-world --filter label!=foo=bar --filter label=bar=baz

WARNING! This will remove:
        - all stopped containers
        - all networks not used by at least one container
        - all dangling images
        - all dangling build cache
        - Elements to be pruned will be filtered with:
        - label={"label":{"bar=baz":true,"hello-world":true},"label!":{"foo=bar":true},"until":{"24h":true}}
Are you sure you want to continue? [y/N]
```

With this patch applied, both options from the commandline and options set
in the configuration file are shown;

```
mkdir -p ./test-config
echo '{"pruneFilters": ["label!=never=remove-me", "label=remove=me"]}' > test-config/config.json
docker --config=./test-config system prune --filter until=24h --filter label=hello-world --filter label!=foo=bar --filter label=bar=baz

WARNING! This will remove:
        - all stopped containers
        - all networks not used by at least one container
        - all dangling images
        - all dangling build cache
        - Elements to be pruned will be filtered with:
        - filter={"label":{"bar=baz":true,"hello-world":true,"remove=me":true},"label!":{"foo=bar":true,"never=remove-me":true},"until":{"24h":true}}
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-18 13:57:09 +01:00
Sebastiaan van Stijn 80918147ff
Merge pull request #1748 from silvin-lubecki/cosmetics
Add some spaces in docs for cosmetics and readability reasons.
2019-03-18 13:50:32 +01:00
Silvin Lubecki 9e9fbf0699
Merge pull request #1719 from jcsirot/fix-default-context
Makes the default docker context behavior consistent
2019-03-18 13:48:38 +01:00
Sebastiaan van Stijn dba90e4999
CircleCI: Increase no-output timeout to 15 minutes for vendoring
Vendoring can take some time, depending on network-speed, so
reduce flakiness by increasing the default timeout, to prevent:

    make[1]: Entering directory '/go/src/github.com/docker/cli'
    rm -rf vendor
    bash -c 'vndr |& grep -v -i clone'
    2019/03/18 11:38:26 Collecting initial packages
    Too long with no output (exceeded 10m0s)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-18 13:07:22 +01:00
Sebastiaan van Stijn 70846619a9
Update compose 3.8 to disallow additional properties
This was added in other schemas in 1e99ed3ca3,
but not coppied to version 3.8

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-18 12:56:16 +01:00
Silvin Lubecki 8401c81b46 Add some spaces for cosmetics and readability reasons.
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-03-18 12:32:48 +01:00
Silvin Lubecki cfd5b16ae0
Merge pull request #1745 from ijc/disable-dial-stdio-for-plugins
cli-plugins: disable use of dial-stdio
2019-03-18 12:29:41 +01:00
Ian Campbell ff2ed6efa8 cli-plugins: disable use of dial-stdio
Since #1654 so far we've had problems with it not working on Windows (npipe
lacked the `CloseRead` method) and problems with using tcp with tls (the tls
connection also lacks `CloseRead`). Both of these were workedaround in #1718
which added a nop `CloseRead` method.

However I am now seeing hangs (on Windows) where the `system dial-stdio`
subprocess is not exiting (I'm unsure why so far).

I think the 3rd problem found with this is an indication that `dial-stdio` is
not quite ready for wider use outside of its initial usecase (support for
`ssh://` URLs to connect to remote daemons).

This change simply disables the `dial-stdio` path for all plugins. However
rather than completely reverting 891b3d953e ("cli-plugins: use `docker system
dial-stdio` to call the daemon") I've just disabled the functionality at the
point of use and left in a trap door environment variable so that those who
want to experiment with this mode (and perhaps fully debug it) have an easier
path do doing so.

The e2e test for this case is disabled unless the trap door envvar is set. I
also renamed the test to clarify that it is about cli plugins.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-03-18 10:58:51 +00:00
Jean-Christophe Sirot b3aa17187f Make default context behaves like a real context:
- when using "--context default" parameter
- when printing the list of contexts
- when exporting the default context to a tarball

Signed-off-by: Jean-Christophe Sirot <jean-christophe.sirot@docker.com>
(+1 squashed commit)
Squashed commits:
[20670495] Fix CLI initialization for the `docker stack deploy --help` command and ensure that the dockerCli.CurrentContext() always returns a non empty context name (default as a fallback)
Remove now obsolete code handling empty string context name
Minor code cleanup

Signed-off-by: Jean-Christophe Sirot <jean-christophe.sirot@docker.com>
2019-03-18 11:45:46 +01:00
Sebastiaan van Stijn 86a5a489f7
Merge pull request #1690 from jcsirot/fix-contextstore-for-plugins
Always initialize context store
2019-03-18 11:27:07 +01:00
Silvin Lubecki 33c8c0543b
Merge pull request #1629 from thaJeztah/update_rmi_docs
Improve `docker image rm` reference docs
2019-03-18 10:39:45 +01:00
Sebastiaan van Stijn 1500105975
Bump Golang 1.11.6
go1.11.6 (released 2019/03/14) includes fixes to cgo, the compiler, linker,
runtime, go command, and the crypto/x509, encoding/json, net, and net/url
packages. See the Go 1.11.6 milestone on our issue tracker for details:

https://github.com/golang/go/issues?q=milestone%3AGo1.11.6

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-17 16:01:58 +01:00
Silvin Lubecki 651ccc0711
Merge pull request #1713 from thaJeztah/fix_plugin_test
Fix: plugin-tests discarding current environment
2019-03-14 16:22:05 +01:00
Sebastiaan van Stijn 7f1176b8aa
Merge pull request #1737 from ijc/plugins-using-PersistentPreRunE
Fix regression for CLI plugins using PersistentPreRunE
2019-03-14 15:51:13 +01:00
Ian Campbell 3af168c7df Ensure plugins can use PersistentPreRunE again.
I got a bit carried away in d4ced2ef77 ("allow plugins to have argument
which match a top-level flag.") and broke the ability of a plugin to use the
`PersistentPreRun(E)` hook on its top-level command (by unconditionally
overwriting it) and also broke the plugin framework if a plugin's subcommand
used those hooks (because they would shadow the root one). This could result in
either `dockerCli.Client()` returning `nil` or whatever initialisation the
plugin hoped to do not occuring.

This change revert the relevant bits and reinstates the requirement that a
plugin calls `plugin.PersistentPreRunE` if it uses that hook itself.

It is at least a bit nicer now since we avoid the need for the global struct
since the interesting state is now encapsulated in `tcmd` (and the closure).

In principal this could be done even more simply (by calling `tcmd.Initialize`
statically between `tcmd.HandleGlobalFlags` and `cmd.Execute`) however this has
the downside of _always_ initialising the cli (and therefore dialing the
daemon) even for the `docker-cli-plugin-metadata` command but also for the
`help foo` and `foo --help` commands (Cobra short-circuits the hooks in this
case).

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-03-14 14:29:09 +00:00
Ian Campbell 0b794e0620 e2e/cli-plugins: explicitly check that PersistentPreRunE works
I regressed this in d4ced2ef77 ("allow plugins to have argument which match a
top-level flag.") by unconditionally overwriting any `PersistentRunE` that the
user may have supplied.

We need to ensure two things:

1. That the user can use `PersistentRunE` (or `PersistentRun`) for their own
   purposes.
2. That our initialisation always runs, even if the user has used
   `PersistentRun*`, since that will shadow the root.

To do this add a `PersistentRunE` to the helloworld plugin which logs (covers 1
above) and then use it when calling the `apiversion` subcommand (which covers 2
since that uses the client)

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-03-14 14:20:19 +00:00