Commit Graph

149 Commits

Author SHA1 Message Date
Akihiro Suda e942084530
build: add SSH agent socket forwarder (`docker build --ssh $SSHMOUNTID=$SSH_AUTH_SOCK`)
Unlike `docker build --secret`, `docker build --ssh` allows the build container to
use SSH keys with passphrases.

  $ eval $(ssh-agent)
  $ ssh-add ~/.ssh/id_rsa
  (Input your passphrase here)
  $ docker build --ssh default=$SSH_AUTH_SOCK ...

This feature requires the daemon with `CapExecMountSSH` build capability (moby/moby#37973) .

Currently, the official Dockerfile frontend does not provide the syntax for using the SSH forwarder.

However, the experimental `RUN --mount=type=ssh` syntax can be enabled by using
the Dockerfile frontend image built with the `BUILDTAGS="dfrunmount dfssh"`, via the `# syntax =` "shebang".

The Dockerfile for the Dockerfile frontend is available at  github.com/moby/buildkit/frontend/dockerfile/cmd/dockerfile-frontend)
The pre-built image is also available as `tonistiigi/dockerfile:ssh20181002` .

An example Dockerfile with `RUN --mount=type=ssh`:

  # syntax = tonistiigi/dockerfile:ssh20181002
  FROM alpine
  RUN apk add --no-cache openssh-client
  RUN mkdir -p -m 0700 ~/.ssh && ssh-keyscan gitlab.com >> ~/.ssh/known_hosts
  RUN --mount=type=ssh ssh git@gitlab.com | tee /hello
  # "Welcome to GitLab, @GITLAB_USERNAME_ASSOCIATED_WITH_SSHKEY" should be printed here

More info available at moby/buildkit#608, moby/buildkit#655

Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
(cherry picked from commit db7399a016)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2018-10-12 00:16:42 +02:00
Akihiro Suda 50f529fa47
bump up buildkit
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
(cherry picked from commit 846c38cbd7)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2018-10-12 00:16:38 +02:00
Sebastiaan van Stijn b4bee9be75
Bump buildkit and dependencies to 39404586a50d1b9d0fb1c578cf0f4de7bdb7afe5
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 8cfd24049f)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2018-10-12 00:16:29 +02:00
Daniel Hiltgen 41910b6d68 Vendor bump of licensing lib
Signed-off-by: Daniel Hiltgen <daniel.hiltgen@docker.com>
2018-09-28 20:50:43 +00:00
Daniel Hiltgen ec1812188f Fix vendoring glitch
Signed-off-by: Daniel Hiltgen <daniel.hiltgen@docker.com>
2018-09-21 13:16:34 -07:00
Michael Crosby cfec8027ed Install binaries on host for upgrade
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2018-09-19 19:06:28 -07:00
Andrew Hsu 4e6798794d vndr docker/docker to docker/engine d2ecc7b
And update the associated packages that have also updated from
docker/docker vendor.conf.

Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
2018-09-05 17:35:51 +00:00
Tibor Vass 9d43f1ed48 build: add options to builder prune
This patch adds --filter, --keep-storage, --all and --force to builder prune.

Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit c806eb49c9)
Signed-off-by: Tibor Vass <tibor@docker.com>
2018-09-05 03:33:30 +00:00
Daniel Hiltgen 264ee43c2a Vendor bump for licensing library to support multiple signing keys
Signed-off-by: Daniel Hiltgen <daniel.hiltgen@docker.com>
2018-08-27 15:20:19 -07:00
Sebastiaan van Stijn 7da71329bc
bump docker/docker
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2018-08-21 22:29:43 +02:00
selansen 587a94c935 Global Default Address Pool feature support
This feature brings new attribute/option for swarm init command.
default-addr-pool will take string input which can be in below format.
"CIDR,CIDR,CIDR...:SUBNET-SIZE".
Signed-off-by: selansen <elango.siva@docker.com>
2018-08-21 14:34:00 -04:00
Anda Xu acf43b62b5 vendor dependency
Signed-off-by: Anda Xu <anda.xu@docker.com>
2018-08-20 15:32:25 -07:00
Andrew Hsu 7a73d112ff vndr buildkit, containerd, and console
vndr buildkit to e8c7acc
vndr containerd to v1.2.0-beta.0
vndr console to 4d8a41f

Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
2018-08-20 17:59:40 +00:00
Daniel Hiltgen 11a312118f Vendoring bump for containerd and licensing
Signed-off-by: Daniel Hiltgen <daniel.hiltgen@docker.com>
2018-08-20 09:42:05 -07:00
Tibor Vass 8ae74b38d5 vendor: update tlsconfig in go-connections to 7395e3f8aa162843a74ed6d48e79627d9792ac55
Signed-off-by: Tibor Vass <tibor@docker.com>
2018-08-17 17:53:22 +00:00
Tibor Vass b4057f0293 vendor: Bump default API version to 1.39
vendors github.com/docker/docker to a7ff19d69a90dfe152abd146221c8b9b46a0903d

Signed-off-by: Tibor Vass <tibor@docker.com>
2018-08-17 15:52:11 +00:00
Tibor Vass c4c4825591 build: implement build secrets with buildkit
This patch implements `docker build --secret id=mysecret,src=/secret/file`
for buildkit frontends that request the mysecret secret.

It is currently implemented in the tonistiigi/dockerfile:secrets20180808
frontend via RUN --mount=type=secret,id=mysecret

Signed-off-by: Tibor Vass <tibor@docker.com>
2018-08-17 14:01:32 +00:00
Akihiro Suda 6f61cf053a support SSH connection
e.g. docker -H ssh://me@server

The `docker` CLI also needs to be installed on the remote host to
provide `docker system dial-stdio`, which proxies the daemon socket to stdio.

Please refer to docs/reference/commandline/dockerd.md .

Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-08-02 13:10:06 +09:00
Vincent Demeester 1f1507b0a4
Bump mergo to v0.3.6
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2018-07-31 09:57:56 +02:00
Vincent Demeester 8788a4804f
Bump some dependencies to more recent versions (and tagged if available)
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2018-07-25 14:16:41 +02:00
Vincent Demeester c8f0e211b9
Bump kubernetes dependencies to 1.11
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2018-07-25 11:34:59 +02:00
Silvin f285fe67e9
Merge pull request #1163 from thaJeztah/bump_engine
bump docker and dependencies
2018-07-04 16:17:12 +02:00
Sebastiaan van Stijn 5f6d5c7328 Bump docker and dependencies
Updates docker/docker to 1436dc8f8d0f6f60b6e335fbd918d6b22ee6574d,
matching 18.06.0-rc1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2018-07-04 01:14:40 +00:00
Vincent Demeester 9e36ff4491
Merge pull request #1160 from euank/simpler-pass
config/credentials: don't run 'pass' to detect it
2018-07-02 09:40:47 +02:00
Sebastiaan van Stijn 34ba66b0c5
Merge pull request #1157 from AzureCR/master
Updated the go-winio library to release 0.4.8 that has the fix for Windows Container
2018-06-29 21:11:53 +02:00
Euan Kemp 056015c3d8 config/credentials: don't run 'pass' to detect it
'CheckInitialized' in the credential-helper library actually invokes
`pass`, which isn't desirable (see #699).

This moves the check to be simpler, and then pass will only be invoked
when it's needed (such as for `docker login` or when pulling from a
private registry).

This logic could also reasonably live in the credential-helper library,
but it's simple enough it seems fine in either location.

Signed-off-by: Euan Kemp <euank@euank.com>
2018-06-29 11:38:39 -07:00
Tejaswini Duggaraju c98c4080a3 Updated the go-winio library to release 0.4.8 that has the fix for Windows containers
Signed-off-by: Tejaswini Duggaraju <naduggar@microsoft.com>
2018-06-29 10:49:52 -07:00
Vincent Demeester d9741fc96b
Update docker-credential-helpers dependency
This is mainly for the `pass` helper ; `pass` shouldn't be called
every docker command anymore ;).

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2018-06-28 14:44:53 +02:00
Andrew Hsu 2daec78609
Merge pull request #1111 from tiborvass/experimental-buildkit
Support for experimental BuildKit
2018-06-13 18:21:41 -07:00
Tibor Vass 6c60bb4436 vendor: update docker/docker to c752b0991e31ba9869ab6a0661af57e9423874fb
Signed-off-by: Tibor Vass <tibor@docker.com>
2018-06-13 18:32:29 +00:00
Tonis Tiigi 8945270cba vendor: update buildkit and fsutil
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-06-13 18:32:29 +00:00
Tibor Vass ed75f6202b build: add experimental --no-console flag to support non-tty human-readable output with buildkit
Unfortunately, this is for now the only way to see the output of RUN commands when using buildkit.
It is equivalent to `DOCKER_BUILDKIT=1 docker build . 2>&1 | cat`

Signed-off-by: Tibor Vass <tibor@docker.com>
2018-06-13 18:32:28 +00:00
Silvin 4cb3c70f36
Merge pull request #1121 from vdemeester/gotestyourself-with-tools
Update gotestyourself to gotest.tools
2018-06-11 14:49:20 +02:00
Tonis Tiigi 0f97642915 build: basic buildkit progress support
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-06-09 20:51:34 +00:00
Tonis Tiigi 656fe85c74 build: add experimental buildkit base
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-06-09 20:51:30 +00:00
Vincent Demeester dd9478a1f7
Replace gotestyourself by gotest.tools
github.com/gotestyourself/gotestyourself moved to gotest.tools with
version 2.0.0. Moving to that one, bumping it to v2.1.0.

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2018-06-08 18:23:38 +02:00
Vincent Demeester 48ed659bc6
Bump mergo to v0.3.5
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2018-06-08 17:15:12 +02:00
Vincent Demeester b1065767cd
Bump moby version (and its dependencies)
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2018-06-08 11:26:10 +02:00
Simon Ferquel 8cb2e44d68 Vendoring for stack watch status and testing
Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>
2018-05-24 16:43:04 +02:00
Vincent Demeester 08d6c18570
Update vndr commit to latest
Some fixes and it also preserves directories with *.c files now.

See a6e196d8b4...1fc68ee0c8

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2018-05-24 09:39:22 +02:00
Sebastiaan van Stijn 0acb2522bd
Bump spf13/cobra to v0.0.3, spf13/pflag to v1.0.1
Use a tagged release of Cobra

Relevant changes:

- spf13/cobra#567 Add `CalledAs` method to cobra.Command
- spf13/cobra#580 Update error message for missing required flags
- spf13/cobra#584 Add support for --version flag
- spf13/cobra#614 If user has a project in symlink, just use its destination folder and work there
- spf13/cobra#649 terminates the flags when -- is found in commandline
- spf13/cobra#662 Add support for ignoring parse errors
- spf13/cobra#686 doc: hide hidden parent flags

Also various improvements were added for generating Bash
completion scripts (currently not used by us)

Bump spf13/pflag to v1.0.1

Relevant changes:

- spf13/pflag#122 DurationSlice: implementation and tests
- spf13/pflag#115 Implement BytesHex type of argument
- spf13/pflag#150 Add uintSlice and boolSlice to name prettifier
- spf13/pflag#155 Add multiline wrapping support
- spf13/pflag#158 doc: clarify difference between string slice vs. array
- spf13/pflag#160 add ability to ignore unknown flags
- spf13/pflag#163 Allow Users To Show Deprecated Flags

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2018-05-19 02:51:33 +02:00
Mathieu Champlon 5d54584f03 Bump moby to d37f5c6bdf788a6cb82c07fb707e31a240eff5f9
Also bringing:
. golang.org/x/net 5561cd9b4330353950f399814f427425c0a26fd2
. github.com/docker/distribution 83389a148052d74ac602f5f1d62f86ff2f3c4aa5
. github.com/docker/swarmkit bd69f6e8e301645afd344913fa1ede53a0a111fb
. github.com/docker/go-metrics d466d4f6fd960e01820085bd7e1a24426ee7ef18
. github.com/prometheus/client_golang 52437c81da6b127a9925d17eb3a382a2e5fd395e
. github.com/beorn7/perks 4c0e84591b9aa9e6dcfdf3e020114cd81f89d5f9
. github.com/prometheus/client_model fa8ad6fec33561be4280a8f0514318c79d7f6cb6
. github.com/prometheus/common ebdfc6da46522d58825777cf1f90490a5b1ef1d8
. github.com/prometheus/procfs abf152e5f3e97f2fafac028d2cc06c1feb87ffa5
. github.com/matttproud/golang_protobuf_extensions v1.0.0

Signed-off-by: Mathieu Champlon <mathieu.champlon@docker.com>
2018-05-18 11:44:14 +02:00
Silvin Lubecki f958c66a6d Add a common interface between different Kubernetes Stack API versions and use it in kubernetes stack commands
* Add kubernetes Stack API v1beta2 client
* Upgrade v1beta1 client to remove generated code

Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2018-04-30 11:27:22 +02:00
Justin Cormack 8812c54a4d
Update Notary vendor to 0.6.1
Minor update.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2018-04-11 14:10:52 +01:00
Vincent Demeester 0122730faf
Fix error with merge composefile with networks…
… and other cases too. Updating mergo fixes the bugs (but introduced a
slight behaviour change that had to be fixed too)

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2018-04-05 10:37:35 +02:00
Tonis Tiigi a1cbaa827b vendor: update moby to ed7b6428
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-03-27 14:11:29 -07:00
Sebastiaan van Stijn 236a84759a
Merge pull request #941 from dnephin/fix-compose-network-name
Fix compose network name
2018-03-26 23:41:44 +02:00
Sebastiaan van Stijn b17215c456
Bump moby to ae7016427f8cba4e4d8fcb979d6ba313ee2c0702
Bring in:

- moby 36517 ensure hijackedConn implements CloseWrite function
- moby 36489 (fixes `errdefs.ErrSystem` interface)
- moby 36506 pkg/mount: use sort.Slice
- moby 36451 Windows: Report Version and UBR

Also update moby dependencies to keep them in sync

- golang.org/x/sync (no code changes)
- Bump runc to 4fc53a81fb7c994640722ac585fa9ca548971871
- Bump swarmkit to 49a9d7f6ba3c1925262641e694c18eb43575f74b

no local code changes

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2018-03-15 01:51:31 +01:00
Daniel Nephin ca88e5e9df update vendor, add cmpopts
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2018-03-12 15:15:23 -04:00
Sebastiaan van Stijn f351f00f9e
Merge pull request #914 from justincormack/notaryup
Update Notary vendor to 0.6.0 release
2018-03-07 10:38:53 +01:00