These are endpoint-specific driver options...
services:
myservice:
image: myimage
networks:
mynet:
driver_opts:
"option1": "value1"
The API has had support for a long time, it's only recently been
added to compose (unreleased right now).
Signed-off-by: Rob Murray <rob.murray@docker.com>
The API field `EnableIPv6` was marked as optional in our Swagger docs,
and its default value in the Go client came from that field being a
bool, thus defaulting to its zero value. That's not the case anymore.
This field is now a `*bool` as to let daemon's config define the default
value. IPv6 can still be enabled / disabled by explicitly specifying the
`--ipv6` flag when doing `docker network create`.
Signed-off-by: Albin Kerouanton <albinker@gmail.com>
github.com/mitchellh/mapstructure will no longer be maintained by the author,
and github.com/go-viper/mapstructure is nominated as the endorsed fork.
- v1.x changes since last release from mitchellh: https://github.com/go-viper/mapstructure/compare/v1.5.0...v1.6.0
- v2.0 changes: https://github.com/go-viper/mapstructure/compare/v1.6.0...v2.0.0
Breaking changes
Error is removed in favor of errors.Join (backported from Go 1.20 to preserve
compatibility with earlier versions)
What's Changed
- feat!: update module path
- build: update dev env
- feature: add StringToBasicTypeHookFunc and support complex
- Add an example showing how to use a DecodeHookFunc to parse a custom field.
- Remove exposed error type
- Replace internal joined error with errors.Join
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The completion functions only need the API-client, and not all of
the CLI. However, passing the API-client as argument would mean
that the API-client is initialized early, which may not be what
we want, so instead, defining an APIClientProvider interface to
preserve the behavior of initializing when needed only.
While updating, also simplify stack.format to only require an
io.Writer.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Docker Desktop currently ships with the "cloud integration" wrapper,
which outputs an additional ContextType field in the JSON output.
While this field is non-standard, it made its way into Visual Studio's
Docker integration, which uses this to exclude "aci" and "eci" context
types that are not supported by Visual Studio.
This patch;
- conditionally adds a ContextType field to the JSON output
- but ONLY when using the default "{{json .}}" or "json" formats
(which are the formats used by Visual Studio)
- if the context is a "aci" or "eci" context, that type is
preserved, otherwise the default "moby" type is used.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The CLI does not currently expose options to add custom metadata to
contexts, but contexts support them.
- update test-utilities to allow setting custom metadata
- update the inspect test to verify that custom metadata is included
when inspecting a context.
- update the import/export tests to verify that custom metadata
is preserved.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The github.com/containerd/containerd/platforms package was moved to a separate
module in preparation of the containerd v2.0 release.
Switch to the new module, which means we also remove containerd as a direct
dependency.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
When attempting to load a config-file that exists, but is not accessible for
the current user, we should not discard the error.
This patch makes sure that the error is returned by Load(), but does not yet
change LoadDefaultConfigFile, as this requires a change in signature.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This may need further discussion, but we currently handle dangling
symlinks gracefully, so let's add a test for this, and verify that
we don't replace symlinks with a file.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The "--rm" flag deletes both the container and any anonymous volumes
associated with the container when the container exits.
This patch updates the flag description to also mention volumes.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The test didn't do anything useful...
- Despite its name it used newCreateCommand() instead of
newConnectCommand() with create flags/options instead of connect.
- There was no fake networkCreateFunc(), so the result of the 'connect'
wasn't checked.
- The fake networkConnectFunc() was never called, so didn't spot the
problem.
Signed-off-by: Rob Murray <rob.murray@docker.com>
This commit adds a "terminal" attribute to `BaseMetricAttributes`
that allows us to discern whether an invocation was from an interactive
terminal or not.
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
This adds a default otel error handler for the cli in the debug package.
It uses logrus to log the error on the debug level and should work out
of the box with the `--debug` flag and `DEBUG` environment variable.
Signed-off-by: Jonathan A. Sternberg <jonathan.sternberg@docker.com>
This is needed because the project does not have a `go.mod` file and
gets sent to go 1.16 semantics whenever it's imported by another project
and `any` doesn't exist in go 1.16, but the linter requires us to use
`any` here.
Setting the `go:build` tag forces the per-file language to the go
version specified.
Signed-off-by: Jonathan A. Sternberg <jonathan.sternberg@docker.com>
This adds the code used by buildx and compose into the default CLI
program to help normalize the usage of these APIs and allow code reuse
between projects. It also allows these projects to benefit from
improvements or changes that may be made by another team.
At the moment, these APIs are a pretty thin layer on the OTEL SDK. It
configures an additional exporter to a docker endpoint that's used for
usage collection and is only active if the option is configured in
docker desktop.
This also upgrades the OTEL version to v1.19 which is the one being used
by buildkit, buildx, compose, etc.
Signed-off-by: Jonathan A. Sternberg <jonathan.sternberg@docker.com>
This code was only used as part of container.RunStats, so moving the code
there instead as a non-exported type. The actual use also did not have to
handle concurrency, so the mutex is removed in the new location.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The daemonOSType variable is already set when collecting stats, so we unlikely
hit this code in practice, and it would only be set if `collect()` failed and
we never got a stats response. If we do need to get this information, let's use
the OSVersion we already obtained from the ping response.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Added --detach/-d to stack rm. Setting --detach=false waits until
all of the stack tasks have reached a terminal state.
Co-authored-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: George Margaritis <gmargaritis@protonmail.com>
Added --detach and --quiet/-q flags to stack deploy. Setting --detach=false
waits until all of the stack services have converged. Shows progress bars for
each individual task, unless --quiet/-q is specified.
Co-authored-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: George Margaritis <gmargaritis@protonmail.com>
Inline the variables used to define the command + args used in the
tests, which makes it slightly easier to see what's run.
Also explicitly define a context, in case we want to add telemetry
to these tests.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
extra_hosts in the compose file format allows '=' as a separator, and brackets
around IP addresses, the engine API doesn't.
So, transform the values when reading a compose file for 'docker stack'.
Signed-off-by: Rob Murray <rob.murray@docker.com>
- Return error when user refuses at confirmation prompt
- Avoid sending space freed msg if user cancelled
- Fixed unit tests
Signed-off-by: Christopher Petito <chrisjpetito@gmail.com>
The `docker images` top-level subcommand predates the `docker <object> <verb>`
convention (e.g. `docker image ls`), but accepts a positional argument to
search/filter images by name (globbing). It's common for users to accidentally
mistake these commands, and to use (e.g.) `docker images ls`, expecting
to see all images, but ending up with an empty list because no image named
"ls" was found.
Disallowing these search-terms would be a breaking change, but we can print
and informational message to help the users correct their mistake.
Before this patch:
docker images ls
REPOSITORY TAG IMAGE ID CREATED SIZE
With this patch applied:
docker images ls
REPOSITORY TAG IMAGE ID CREATED SIZE
No images found matching "ls": did you mean "docker image ls"?
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Use the `XXXVar` equivalent for flags that don't have a shorthand flag
instead of passing an empty string for the shorthand flag.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
- rename confusing `target` argument, and use `containerID` in all places;
also make the variable more clearly local-scoped.
- rename `dockerCli` to be correctly camel-case, and to be consistent in
all places in this file.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Docker Engine 1.13 (API v1.25) added an option to set a custom default seccomp
profile on the daemon (see [moby/moby@b237189]). A warning was added on the
client-side if a non-default profile was set.
Docker Engine 23.0 (API v1.42) added warnings about non-default seccomp
profiles to the "info" response ([moby/moby@04f932a]), and the client was
updated to skip generating client-side warnings for API v1.42 and up in
[docker/cli@8964595].
These warnings are purely informational, and given that Docker Engine versions
before 23.0 have reached EOL, and any current version of the Engine now returns
the Warnings, it should be safe to remove the client-side fall back logic.
This patch removes the client-side fall back code for warnings that was
added in 8964595692.
[moby/moby@b237189]: b237189e6c
[moby/moby@04f932a]: 04f932ac86
[docker/cli@8964595]: 8964595692
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This function was deprecated in 298bddcc23 for
v25.0, and unused. This patch removes the function.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
These types were deprecated in 7af509c7f1 (v25.0),
in favor of CLIOption, and are no longer used.
This patch removes the deprecated type-aliases, and while updating, also improves
the documentation for the CLIOption type.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Docker Engine 18.09 (API v1.39) introduced a Warnings field in the into response.
This enhancement was not gated by API version (see [moby/moby@a3d4238]), and
will be returned by Docker Engine 18.09 and up, regardless of the API version
chosen.
Likewise, the client-side code was written to prefer warnings returned by
the daemon, but to fall back on client-side detection of missing features
based on information in the Info response (see [docker/cli@3c27ce2]).
Thse warnings are purely informational, and given that Docker Engine versions
before 18.09 have reached EOL 6 Years ago, and any current version of the
Engine now returns the Warnings, it should be safe to remove the client-side
fall back logic.
This patch removes the client-side fall back code for warnings that was
added in 3c27ce21c9.
[moby/moby@a3d4238]: a3d4238b9c
[docker/cli@3c27ce2]: 3c27ce21c9
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
golden.AssertBytes prints the failure as a bytes-array, which makes
it not human-readable; let's compare strings instead.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Docker v23.0 and up allow the daemon to be configured to have seccomp disabled
by default (using the "unconfined" profile as default), and introduced a new
"builtin" profile-name for the default (see [moby@f8795ed364586acd][1] and
[mnoby@ac449d6b5ad29a50][2]).
However, the CLI had no special handling for the "builtin" profile, which
resulted in it trying to load it as a file, which would fail;
docker run -it --rm --security-opt seccomp=builtin busybox
docker: opening seccomp profile (builtin) failed: open builtin: no such file or directory.
See 'docker run --help'.
This patch adds a special case for the "builtin" profile, to allow using the
default profile on daemons with seccomp disabled (unconfined) by default.
[1]: f8795ed364
[2]: ac449d6b5a
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
commit 9e1f8d646e changed this to a
"nolint" comment due to a regression in GoSec. That regression was
fixed, so we can go back to use the more fine-grained "nosec" comment.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The filter option is not currently exposed on the command-line,
but can be added as a flag in future. It will be used by compose
to filter the list of containers to include based on compose
labels.
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
When running `docker stats` without a list of containers, `runStats` collects
an initial list of containers. If that API call fails, the error is sent to the
`closeChan`, however, `closeChan` is non-buffered, and nothing is reading the
channel until we received the initial list and start collecting stats.
This patch rewrites the code that gets the initial list of containers to
return the error if the API call fails. The `getContainerList` closure is
also removed and inlined to make the logic somewhat easier to read.
Before this patch, the command would hang without producing output;
docker stats
# hangs; no output
With this patch, the error is printed, and the CLI exits:
docker stats
Error response from daemon: some error occurred
echo $?
1
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The monitorContainerEvents and getContainerList closures where only
used when collecting "all" containers, so let's define them in that
branch of the code.
Also move some of the other variables closer to where they're used.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
We were unconditionally registering event-handlers for these events, but
the handler itself would ignore the event depending on the "all" option.
This patch skips registering the event handlers, so that we're not handling
them (saving some resources).
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
- memoize the API-client in a local variable.
- use struct-literals in some places.
- rename some variables for clarity and to prevent colliding with imports.
- make use of the event-constants (events.ContainerEventType).
- fix some grammar
- fix some minor linting warnings
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This is a follow-up to 0e73168b7e
This repository is not yet a module (i.e., does not have a `go.mod`). This
is not problematic when building the code in GOPATH or "vendor" mode, but
when using the code as a module-dependency (in module-mode), different semantics
are applied since Go1.21, which switches Go _language versions_ on a per-module,
per-package, or even per-file base.
A condensed summary of that logic [is as follows][1]:
- For modules that have a go.mod containing a go version directive; that
version is considered a minimum _required_ version (starting with the
go1.19.13 and go1.20.8 patch releases: before those, it was only a
recommendation).
- For dependencies that don't have a go.mod (not a module), go language
version go1.16 is assumed.
- Likewise, for modules that have a go.mod, but the file does not have a
go version directive, go language version go1.16 is assumed.
- If a go.work file is present, but does not have a go version directive,
language version go1.17 is assumed.
When switching language versions, Go _downgrades_ the language version,
which means that language features (such as generics, and `any`) are not
available, and compilation fails. For example:
# github.com/docker/cli/cli/context/store
/go/pkg/mod/github.com/docker/cli@v25.0.0-beta.2+incompatible/cli/context/store/storeconfig.go:6:24: predeclared any requires go1.18 or later (-lang was set to go1.16; check go.mod)
/go/pkg/mod/github.com/docker/cli@v25.0.0-beta.2+incompatible/cli/context/store/store.go:74:12: predeclared any requires go1.18 or later (-lang was set to go1.16; check go.mod)
Note that these fallbacks are per-module, per-package, and can even be
per-file, so _(indirect) dependencies_ can still use modern language
features, as long as their respective go.mod has a version specified.
Unfortunately, these failures do not occur when building locally (using
vendor / GOPATH mode), but will affect consumers of the module.
Obviously, this situation is not ideal, and the ultimate solution is to
move to go modules (add a go.mod), but this comes with a non-insignificant
risk in other areas (due to our complex dependency tree).
We can revert to using go1.16 language features only, but this may be
limiting, and may still be problematic when (e.g.) matching signatures
of dependencies.
There is an escape hatch: adding a `//go:build` directive to files that
make use of go language features. From the [go toolchain docs][2]:
> The go line for each module sets the language version the compiler enforces
> when compiling packages in that module. The language version can be changed
> on a per-file basis by using a build constraint.
>
> For example, a module containing code that uses the Go 1.21 language version
> should have a `go.mod` file with a go line such as `go 1.21` or `go 1.21.3`.
> If a specific source file should be compiled only when using a newer Go
> toolchain, adding `//go:build go1.22` to that source file both ensures that
> only Go 1.22 and newer toolchains will compile the file and also changes
> the language version in that file to Go 1.22.
This patch adds `//go:build` directives to those files using recent additions
to the language. It's currently using go1.19 as version to match the version
in our "vendor.mod", but we can consider being more permissive ("any" requires
go1.18 or up), or more "optimistic" (force go1.21, which is the version we
currently use to build).
For completeness sake, note that any file _without_ a `//go:build` directive
will continue to use go1.16 language version when used as a module.
[1]: 58c28ba286/src/cmd/go/internal/gover/version.go (L9-L56)
[2]; https://go.dev/doc/toolchain#:~:text=The%20go%20line%20for,file%20to%20Go%201.22
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This driver has been deprecated and removed because the service
is no longer operational. Remove it from the tests to better reflect
reality.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>