Commit Graph

1969 Commits

Author SHA1 Message Date
Sebastiaan van Stijn efbcdce9b9
linting: cli/command/trust: unusedwrite: unused write to field Hashes (govet)
cli/command/trust/sign_test.go:211:9: unusedwrite: unused write to field Hashes (govet)
        target.Hashes, target.Length, err = getSignedManifestHashAndSize(notaryRepo, "test")
               ^

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-20 15:59:39 +01:00
Sebastiaan van Stijn 2b521e490c
Merge pull request #4655 from StealthyCoder/4653-fix-credential-helper
Fix setting ServerAddress property in NativeStore
2023-11-13 16:51:21 +01:00
Sebastiaan van Stijn 1862725b5c
Merge pull request #4638 from thaJeztah/ForwardAllSignals_no_cli
cli/command/container: ForwardAllSignals: rewrite to use ContainerAPIClient
2023-11-13 15:49:51 +01:00
Sebastiaan van Stijn b1a124ccbf
Merge pull request #4622 from thaJeztah/update_engine_step2
cli/command/network: runCreate: inline types.NetworkCreate
2023-11-13 15:47:51 +01:00
Sebastiaan van Stijn b0ee27d653
opts: ValidateIPAddress: improve error, godoc, and tests
- document accepted values
- add test-coverage for the function's behavior (including whitespace handling),
  and use sub-tests.
- improve error-message to use uppercase for "IP", and to use a common prefix.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-11 14:50:28 +01:00
Eric Bode b24e7f85a4
Fix setting ServerAddress property in NativeStore
This will return the ServerAddress property when using the NativeStore.
This happens when you use docker credential helpers, not the credential
store.

The reason this fix is needed is because it needs to be propagated
properly down towards `moby/moby` project in the following logic:

```golang
func authorizationCredsFromAuthConfig(authConfig registrytypes.AuthConfig) docker.AuthorizerOpt {
	cfgHost := registry.ConvertToHostname(authConfig.ServerAddress)
	if cfgHost == "" || cfgHost == registry.IndexHostname {
		cfgHost = registry.DefaultRegistryHost
	}

	return docker.WithAuthCreds(func(host string) (string, string, error) {
		if cfgHost != host {
			logrus.WithFields(logrus.Fields{
				"host":    host,
				"cfgHost": cfgHost,
			}).Warn("Host doesn't match")
			return "", "", nil
		}
		if authConfig.IdentityToken != "" {
			return "", authConfig.IdentityToken, nil
		}
		return authConfig.Username, authConfig.Password, nil
	})
}
```
This logic resides in the following file :
`daemon/containerd/resolver.go` .

In the case when using the containerd storage feature when setting the
`cfgHost` variable from the `authConfig.ServerAddress` it will always be
empty. Since it will never be returned from the NativeStore currently.
Therefore Docker Hub images will work fine, but anything else will fail
since the `cfgHost` will always be the `registry.DefaultRegistryHost`.

Signed-off-by: Eric Bode <eric.bode@foundries.io>
2023-11-11 14:22:23 +01:00
Sebastiaan van Stijn f65d4a4796
vendor: github.com/docker/go-connections fa09c952e3ea (v0.5.0-dev)
0b8c1f4e07...fa09c952e3

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-10 22:46:47 +01:00
Sebastiaan van Stijn 3cd77c9d54
cli/command/container: ForwardAllSignals: rewrite to use ContainerAPIClient
This function only needed the ContainerAPIClient, and not the whole CLI. This
patch refactors it to use the shallower interface.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-08 15:15:09 +01:00
Sebastiaan van Stijn ad861cdb39
Merge pull request #4637 from ndeloof/RunExecWithContextb
make runAttach public and allow passing context
2023-11-08 14:44:24 +01:00
Nicolas De Loof a2ec50a461
make `container` an explicit, required parameter
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
2023-11-08 14:32:55 +01:00
Nicolas De Loof a4abe42cbd
make runAttach public and allow passing context
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
2023-11-08 14:24:58 +01:00
Albin Kerouanton 2b1f5a2e38
TestParseWithMacAddress: check endpoint-specific MacAddress field
This is a follow-up of https://github.com/docker/cli/pull/4419. That PR
leveraged the fact that EndpointSettings.MacAddress is already
available, although not used by the CreateNetwork endpoint.

TestParseWithMacAddress was testing whether the container-wide
MacAddress field is set, and we still need to test that to ensure
backward compatibility. But we now also need to test whether the
endpoint-specific MacAddress is set.

Signed-off-by: Albin Kerouanton <albinker@gmail.com>
2023-11-08 10:46:19 +01:00
Albin Kerouanton 8f59f841ae
cli/command/container: mustParse: return network.NetworkingConfig
Next commit will need this change to test whether the endpoint-specific
MacAddress is correctly set.

Signed-off-by: Albin Kerouanton <albinker@gmail.com>
2023-11-08 10:44:18 +01:00
Sebastiaan van Stijn d46de7087c
vendor: github.com/docker/docker c14694a424ab (v25.0.0-dev)
full diff: ed1a61dcb7...c14694a424

Co-authored-by: Albin Kerouanton <albinker@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-07 23:41:34 +01:00
Evan Lezar 54eee599ba Update container-device-interface to v0.6.2
This includes migrating from the github.com/container-orchestrated-devices
repo to tags.cncf.io.

Signed-off-by: Evan Lezar <elezar@nvidia.com>
2023-11-04 01:18:41 +01:00
Sebastiaan van Stijn 9e1f8d646e
image/build: use "nolint" comment to work around gosec regression
Latest gosec linter has a regression in parsing "nosec" comments;
see https://github.com/securego/gosec/issues/1046

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-24 11:10:51 +02:00
Sebastiaan van Stijn 2294b17e7d
cli/command/network: runCreate: inline types.NetworkCreate
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-23 18:33:26 +02:00
Sebastiaan van Stijn 594aeb390a
cli/command: remove dot-imports and unhandled errors
Please the linters in preparation of updating golangci-lint;

- remove dot-imports
- add some checks for unhandled errors
- replace some fixed-value variables for consts

    cli/command/image/build/context.go:238:17: G107: Potential HTTP request made with variable url (gosec)
        if resp, err = http.Get(url); err != nil {
                       ^
    cli/command/idresolver/idresolver_test.go:7:2: dot-imports: should not use dot imports (revive)
        . "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
        ^
    cli/command/registry_test.go:7:2: dot-imports: should not use dot imports (revive)
        . "github.com/docker/cli/cli/command" // Prevents a circular import with "github.com/docker/cli/internal/test"
        ^
    cli/command/task/print_test.go:11:2: dot-imports: should not use dot imports (revive)
        . "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
        ^
    cli/command/swarm/update_test.go:10:2: dot-imports: should not use dot imports (revive)
        . "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
        ^
    cli/command/swarm/unlock_key_test.go:9:2: dot-imports: should not use dot imports (revive)
        . "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
        ^
    cli/command/swarm/join_token_test.go:9:2: dot-imports: should not use dot imports (revive)
        . "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
        ^
    cli/command/node/list_test.go:9:2: dot-imports: should not use dot imports (revive)
        . "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
        ^
    cli/command/node/promote_test.go:8:2: dot-imports: should not use dot imports (revive)
        . "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
        ^
    cli/command/node/demote_test.go:8:2: dot-imports: should not use dot imports (revive)
        . "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package functions
        ^
    cli/command/node/ps_test.go:11:2: dot-imports: should not use dot imports (revive)
        . "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
        ^
    cli/command/node/update_test.go:8:2: dot-imports: should not use dot imports (revive)
        . "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
        ^
    cli/command/node/inspect_test.go:9:2: dot-imports: should not use dot imports (revive)
        . "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package functions
        ^
    cli/command/secret/ls_test.go:11:2: dot-imports: should not use dot imports (revive)
        . "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
        ^
    cli/command/secret/inspect_test.go:11:2: dot-imports: should not use dot imports (revive)
        . "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
        ^
    cli/command/volume/inspect_test.go:9:2: dot-imports: should not use dot imports (revive)
        . "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
        ^
    cli/command/volume/list_test.go:9:2: dot-imports: should not use dot imports (revive)
        . "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
        ^
    cli/command/config/inspect_test.go:11:2: dot-imports: should not use dot imports (revive)
        . "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
        ^
    cli/command/config/ls_test.go:11:2: dot-imports: should not use dot imports (revive)
        . "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
        ^
    cli/command/network/list_test.go:9:2: dot-imports: should not use dot imports (revive)
        . "github.com/docker/cli/internal/test/builders"
        ^
    cli/command/container/list_test.go:10:2: dot-imports: should not use dot imports (revive)
        . "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
        ^
    cli/command/service/list_test.go:12:2: dot-imports: should not use dot imports (revive)
        . "github.com/docker/cli/internal/test/builders"
        ^
    cli/command/service/client_test.go:6:2: dot-imports: should not use dot imports (revive)
        . "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
        ^
    cli/command/stack/list_test.go:8:2: dot-imports: should not use dot imports (revive)
        . "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
        ^
    cli/command/stack/services_test.go:9:2: dot-imports: should not use dot imports (revive)
        . "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
        ^
    cli/command/stack/ps_test.go:10:2: dot-imports: should not use dot imports (revive)
        . "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
        ^

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-23 15:21:47 +02:00
Sebastiaan van Stijn b08e34b9f9
swarm: TestSwarmUpdate: remove non-existing "--quiet" flag
The `docker swarm update` copmmand does not have a `--quiet` flag, but this
test was trying to set it.

    docker swarm update --help

    Usage:  docker swarm update [OPTIONS]

    Update the swarm

    Options:
          --autolock                        Change manager autolocking setting (true|false)
          --cert-expiry duration            Validity period for node certificates (ns|us|ms|s|m|h) (default 2160h0m0s)
          --dispatcher-heartbeat duration   Dispatcher heartbeat period (ns|us|ms|s|m|h) (default 5s)
          --external-ca external-ca         Specifications of one or more certificate signing endpoints
          --max-snapshots uint              Number of additional Raft snapshots to retain
          --snapshot-interval uint          Number of log entries between Raft snapshots (default 10000)
          --task-history-limit int          Task history retention limit (default 5)

The test didn't catch this issue, because errors when setting the flag were
not handled, so also adding error-handling;

    === Failed
    === FAIL: cli/command/swarm TestSwarmUpdate (0.00s)
        update_test.go:177: assertion failed: error is not nil: no such flag -quiet

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-23 15:21:29 +02:00
Brian Goff defa52b8c6
stacks: Add support for start interval
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-20 18:42:59 +02:00
Sebastiaan van Stijn 9df7be5d5e
cli/compose: add schema 3.12 (no changes with 3.11 yet)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-20 18:42:55 +02:00
Sebastiaan van Stijn f2fced4876
cli/compose/loader: remove platform-specific path handling
Paths in the advanced / compose-file format are not converted
to be platform-specific, so for these tests, it should not be
needed to convert the paths to be Windows-paths.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-20 17:09:03 +02:00
Sebastiaan van Stijn 74990623e5
cli/compose/loader: use gotest.tools/v3/golden
use the golden utility instead of self-crafting expected output,
this allows automaticaly updating the expected output.

This change does break this specific test on Windows due to platform-
specific paths. Other tests already have this issue on Windows, so
skipping the test for now.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-20 17:08:58 +02:00
Sebastiaan van Stijn 46d0ba20f1
vendor: github.com/docker/docker cdb3f9fb8dca (v25.0.0-dev)
full diff: d3afa80b96...cdb3f9fb8d

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-13 22:09:04 +02:00
Akihiro Suda fc6976db45
mount: add `bind-recursive=<bool|string>` and deprecate `bind-nonrecursive=<bool>`
See `opts/mount_test.go:TestMountOptSetBindRecursive()` for the behavior.

Documentation will be added separately after reaching consensus on the
design.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2023-10-01 02:58:17 +09:00
Sebastiaan van Stijn 3e2187b4cb
vendor: github.com/docker/docker d3afa80b96bf (v25.0.0-dev)
full diff: 06499c52e2...d3afa80b96

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-09-21 15:30:51 +02:00
Sebastiaan van Stijn cd6467b2d1
Merge pull request #4419 from akerouanton/missing-nw-advanced-options
Add missing opts to --network advanced syntax
2023-09-13 23:46:17 +02:00
Bjorn Neergaard 86329b6063
Merge pull request #4539 from thaJeztah/bump_golangci_lint
update golangci-lint to v1.54.2
2023-09-13 10:05:25 -06:00
Albin Kerouanton 9e1b42e642
Add missing opts to --network advanced syntax
The new advanced --network syntax introduced in docker/cli#1767 is
lacking support for `link-local-ip` and `mac-address` fields. This
commit adds both.

Signed-off-by: Albin Kerouanton <albinker@gmail.com>
2023-09-10 18:57:50 +02:00
Albin Kerouanton 58f4260872
Rename expectedCfg into expectedHostCfg
Signed-off-by: Albin Kerouanton <albinker@gmail.com>
2023-09-10 18:57:46 +02:00
Albin Kerouanton f1048e1a3a
Create default EndpointSettings if no --network provided
Following flags are silently ignored when they're passed with no
`--network` specified (ie. when the default network is used):

- `--network-alias`
- `--ip`
- `--ip6`
- `--link-local-ip`

This is not really an issue right now since the first 3 parameters are
not allowed on the default bridge network. However, with
[moby/moby#45905][1], the container-wide MacAddress parameter will be
deprecated and dismissed. Because of that, with [docker/cli#4419][2],
it's currently not possible to use the `--mac-address` flag with no
default network specified.

Morever, `docker network connect --link-local-ip ...` works properly, so
it should also work on `docker container create`. This also lay the
ground for making the default bridge network just a "normal" network.

Since the 3 parameters in the list above aren't ignored anymore, if
users provide them, moby's ContainerStart endpoint will complain about
those. To provide better UX, [moby/moby#46183][3] make sure these
invalid parameters lead to a proper error message on `docker container
create` / `docker run`.

[1]: https://github.com/moby/moby/pull/45905
[2]: https://github.com/docker/cli/pull/4419
[3]: https://github.com/moby/moby/pull/46183

Signed-off-by: Albin Kerouanton <albinker@gmail.com>
2023-09-10 17:19:43 +02:00
Sebastiaan van Stijn fb2ba5d63b
migrate reference github.com/distribution/reference
The "reference" package was moved to a separate module, which was extracted
from b9b19409cf

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-09-05 17:53:20 +02:00
Sebastiaan van Stijn 04af128211
vendor: github.com/docker/docker 7abd7fa73965 (v25.0.0-dev)
full diff: a65c948e7e...7abd7fa739

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-09-05 13:43:35 +02:00
Sebastiaan van Stijn 6dfdd1eae9
cli/command/system: fix "docker events" not supporting --format=json
Before this patch:

    docker events --format=json
    json
    json
    json
    ^C

With this patch:

    docker events --format=json
    {"status":"create","id":"4ac3bba8abd68961e627540fed81ad16d55b88e45629d7cdb792126d09b6488d","from":"hello-world","Type":"container","Action":"create","Actor":{"ID":"4ac3bba8abd68961e627540fed81ad16d55b88e45629d7cdb792126d09b6488d","Attributes":{"image":"hello-world","name":"dreamy_goldstine"}},"scope":"local","time":1693168508,"timeNano":1693168508190136885}
    {"status":"attach","id":"4ac3bba8abd68961e627540fed81ad16d55b88e45629d7cdb792126d09b6488d","from":"hello-world","Type":"container","Action":"attach","Actor":{"ID":"4ac3bba8abd68961e627540fed81ad16d55b88e45629d7cdb792126d09b6488d","Attributes":{"image":"hello-world","name":"dreamy_goldstine"}},"scope":"local","time":1693168508,"timeNano":1693168508192851593}
    {"Type":"network","Action":"connect","Actor":{"ID":"c54920dd5074a73e28bea62007e0334d81cc040a90372be311cf16806403d350","Attributes":{"container":"4ac3bba8abd68961e627540fed81ad16d55b88e45629d7cdb792126d09b6488d","name":"bridge","type":"bridge"}},"scope":"local","time":1693168508,"timeNano":1693168508212398802}
    {"status":"start","id":"4ac3bba8abd68961e627540fed81ad16d55b88e45629d7cdb792126d09b6488d","from":"hello-world","Type":"container","Action":"start","Actor":{"ID":"4ac3bba8abd68961e627540fed81ad16d55b88e45629d7cdb792126d09b6488d","Attributes":{"image":"hello-world","name":"dreamy_goldstine"}},"scope":"local","time":1693168508,"timeNano":1693168508312969843}
    ^C

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-29 14:48:49 +02:00
Sebastiaan van Stijn db6209abdd
update golangci-lint to v1.54.2
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-29 14:21:47 +02:00
Sebastiaan van Stijn a1367a0231
Merge pull request #4540 from thaJeztah/manifest_deref
cli/registry: fix client.pullManifestList not de-referencing manifest, and remove "v1" check
2023-08-29 11:43:19 +02:00
Sebastiaan van Stijn 9ad0792443
cli/registry/client: remove some redundant conditions
Remove some redundant error-checks or combine them. Also made a small
optimisation when initialising a slice.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-29 09:43:58 +02:00
Sebastiaan van Stijn 22b4bab90f
cli/registry: client.iterateEndpoints: remove check for APIVersion1
registryService.LookupPullEndpoints uses lookupV2Endpoints
https://github.com/moby/moby/blob/v24.0.5/registry/service.go#L137-L142

which, as the name indicates, only returns V2 endpoints;
https://github.com/moby/moby/blob/v24.0.5/registry/service_v2.go#L10-L80

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-29 09:41:48 +02:00
Sebastiaan van Stijn 5250f1bab5
cli/registry: fix client.pullManifestList not de-referencing manifest
Kudos to gosec;

    cli/registry/client/fetcher.go:205:57: G601: Implicit memory aliasing in for loop. (gosec)
            imageManifest.Descriptor.Platform = types.OCIPlatform(&manifestDescriptor.Platform)
                                                                  ^

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-29 08:50:07 +02:00
Sebastiaan van Stijn 962056e434
Merge pull request #4534 from thaJeztah/update_engine
vendor: github.com/docker/docker 5b53ddfcdd1c (v25.0.0-dev)
2023-08-28 23:03:41 +02:00
Sebastiaan van Stijn 16ac0e7b86
Merge pull request #4532 from thaJeztah/tests_dont_require_utc
force TestNewHistoryCommandSuccess to use UTC timezone
2023-08-28 22:59:40 +02:00
Sebastiaan van Stijn d40fc1a0fa
vendor: github.com/docker/docker a65c948e7edf (v25.0.0-dev)
full diff: 4b19b2f4ba...a65c948e7e

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-28 21:11:17 +02:00
Sebastiaan van Stijn be9e42ee00
Merge pull request #4533 from thaJeztah/test_table_TestParseRestartPolicy
rewrite TestParseRestartPolicy to use sub-tests
2023-08-28 14:41:36 +02:00
Sebastiaan van Stijn 261c18f9ee
ParseRestartPolicy: validate for missing policy-names
Also make it slightly more clearer we're returning a default (empty)
policy if the input is empty.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-28 12:58:54 +02:00
Sebastiaan van Stijn dfca19a796
Merge pull request #4510 from thaJeztah/info_cdi_dirs
info: add CDI spec directories to output
2023-08-28 12:19:16 +02:00
Sebastiaan van Stijn 4cce7bb2fc
rewrite TestParseRestartPolicy to use sub-tests
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-28 11:58:42 +02:00
Sebastiaan van Stijn 42ac5d4bf9
force TestNewHistoryCommandSuccess to use UTC timezone
This test was skipped if the host was not using UTC timezone, because the output
of timestamps would be different, causing the test to fail.

This patch overrides the TZ env-var to make the test use UTC, so that we don't
have to skip the test.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-28 10:43:21 +02:00
Sebastiaan van Stijn fcb2b7920e
Merge pull request #3781 from imjasonh/history-test
un-skip history test and fix golden mismatches
2023-08-28 10:35:23 +02:00
Sebastiaan van Stijn 273f2cd95e
cli/command/manifest: update link to Go documentation
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-25 14:12:45 +02:00
Sebastiaan van Stijn 41183c2c92
Merge pull request #4514 from thaJeztah/patternmatcher_dockerignore
replace dockerfile/dockerignore with patternmatcher/ignorefile
2023-08-23 13:53:41 +02:00
Sebastiaan van Stijn 5bff12354d
replace dockerfile/dockerignore with patternmatcher/ignorefile
The BuildKit dockerignore package was migrated to the patternmatcher
repository / module. This patch updates our uses of the BuildKit package
with its new location.

A small local change was made to keep the format of the existing error message,
because the "ignorefile" package is slightly more agnostic in that respect
and doesn't include ".dockerignore" in the error message.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-23 12:09:12 +02:00
Sebastiaan van Stijn e050312e6d
update flag-description for --cgroup-parent
This attempts to make it clearer that the --cgroup-parent option is only used
for the containers used during build. Instead of mentioning "build container",
I opted for using "RUN instructions" (to match the --network description),
although this may not be ideal (as it assumes the "Dockerfile" front-end, which
of course may not be the case).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-23 11:39:32 +02:00
Sebastiaan van Stijn d2047b954e
cli/registry/client: set actions when authn with token
When using a personal access token, Docker Hub produces an error if actions
are requested beyond the token's allowed actions. This resulted in errors
when using a PAT with limited permissions to do a "docker manifest inspect".

This patch sets actions to "pull" only by default, and requests "push" action
for requests that need it.

To verify:

- create a PAT with limited access (read-only)
- log in with your username and the PAT as password

Before this patch:

    docker manifest inspect ubuntu:latest
    Get "https://registry-1.docker.io/v2/library/ubuntu/manifests/latest": unauthorized: access token has insufficient scopes

With this patch applied:

    docker manifest inspect ubuntu:latest
    {
       "schemaVersion": 2,
       "mediaType": "application/vnd.oci.image.index.v1+json",
       "manifests": [
          {
             "mediaType": "application/vnd.oci.image.manifest.v1+json",
             "size": 424,
             "digest": "sha256:56887c5194fddd8db7e36ced1c16b3569d89f74c801dc8a5adbf48236fb34564",
             "platform": {
                "architecture": "amd64",
                "os": "linux"
             }
          },
          {
             "mediaType": "application/vnd.oci.image.manifest.v1+json",
             "size": 424,
             "digest": "sha256:c835a4f2a632bc91a2b494e871549f0dd83f2966c780e66435774e77e048ddf0",
             "platform": {
                "architecture": "arm",
                "os": "linux",
                "variant": "v7"
             }
          }
       ]
    }

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-22 17:29:04 +02:00
Sebastiaan van Stijn 1c2cc4bbe3
info: add CDI spec directories to output
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-22 14:05:07 +02:00
Bjorn Neergaard cdabfa2aa5
Merge pull request #4497 from edmorley/improve-pruning-docs
Update docs/command output for volume pruning
2023-08-17 07:01:59 -06:00
Bjorn Neergaard 3dbf1af2ea
Merge pull request #4478 from rumpl/feat-pat-suggest
login: Add message about using PATs
2023-08-16 07:23:13 -06:00
Ed Morley 6e2e92d774
Update docs/command output for volume pruning
In previous versions of the Docker API, `system prune --volumes` and `volume prune`
would remove all dangling volumes. With API v1.42, this was changed so that only
anonymous volumes would be removed unless the all filter was specified.

Some of the docs were updated in #4218, however, there were a couple of places
left that didn't make the anonymous vs named volumes distinction clear.

This replaces #4079, which was bitrotted by #4218. See also #4028.

Closes #4079.

Signed-off-by: Ed Morley <501702+edmorley@users.noreply.github.com>
2023-08-12 14:22:23 +01:00
Sebastiaan van Stijn 4fc3f0e6f6
search: deprecate "is-automated" filter and "IsAutomated" field
The IsAutomated field is being deprecated by Docker Hub's search API and
will always be "false" in future.

This patch:

- Deprecates the field and the related "is-automated" filter
- Removes the "AUTOMATED" column from the default output of "docker search"

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-09 12:11:05 +02:00
Sebastiaan van Stijn 53671c2fef
Merge pull request #4488 from thaJeztah/registry_test_cleanups
cli/command/registry: cleanup "search" and "login" tests
2023-08-09 12:04:54 +02:00
Sebastiaan van Stijn 211220cbb0
cli/command: ResolveAuthConfig, GetDefaultAuthConfig: take ConfigFile as arg
Both these functions took the whole DockerCLI as argument, but only needed
the ConfigFile. ResolveAuthConfig also had an unused context.Context as
argument.

This patch updates both functions to accept a ConfigFile, and removes the
unused context.Context.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-08 17:35:16 +02:00
Sebastiaan van Stijn 57f0e46de1
cli/command/registry: cleanup login tests
- use consts for fixed values, and rename some for clarity
- remove testAuthErrors map and inline the logic (same as we do for other cases)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-08 17:32:03 +02:00
Sebastiaan van Stijn 84c956a171
cli/command/registry: cleanup search tests
- TestSearchContext: don't use un-keyed structs
- TestSearchContext: don't use CompareMultipleValues as it was not needed
- TestSearchContextDescription: don't use un-keyed structs
- TestSearchContextDescription: don't use CompareMultipleValues as it was not needed
- TestSearchContextWrite: don't use un-keyed structs, and include the
  code-comments into the test-table as names for the tests to give them
  some context.
- TestSearchContextWriteJSON and TestSearchContextWriteJSONField were not
  validating the output format, but validating if the JSON output could
  be marshalled back to a struct. Let's just role them into TestSearchContextWrite.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-08 17:32:03 +02:00
Sebastiaan van Stijn 3d0b14c3e3
vendor: github.com/docker/docker 4b19b2f4babd (25.0-dev)
full diff: dab9ffb252...4b19b2f4ba

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-08 09:41:47 +02:00
Djordje Lukic 8d51f36ca3
login: Add message about using PATs
Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>
2023-08-03 10:35:04 +02:00
Sebastiaan van Stijn 7a89e897ea
cli/command/container: waitExitOrRemoved: take APIClient as argument
It only needs the API client, not the whole DockerCLI.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-24 09:54:11 +02:00
Sebastiaan van Stijn 0b7c72c3ba
cli/command/container: RunStart: inline variable
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-20 00:03:11 +02:00
Danial ad43df5e86
configfile: Initialize nil AuthConfigs
Initialize AuthConfigs map if it's nil before returning it.
This fixes fileStore.Store nil dereference panic when adding a new key
to the map.

Signed-off-by: Danial Gharib <danial.mail.gh@gmail.com>
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-07-19 15:36:10 +02:00
Sebastiaan van Stijn 298bddcc23
cli/command/container: deprecate NewStartOptions
It's unused in the CLI itself, and does nothing other than
initializing a new, empty StartOptions struct.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-19 14:12:07 +02:00
Sebastiaan van Stijn 223bf80d4b
cli/context/docker: Endpoint.ClientOpts, withHTTPClient: inline variables
Remove some intermediate variables, and inline them.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-15 14:41:25 +02:00
Sebastiaan van Stijn 3469beb80d
replace uses of deprecated api/types that moved to api/types/system
These types were moved to api/types/system:

- types.Info
- types.Commit
- types.PluginsInfo
- types.NetworkAddressPool
- types.Runtime
- types.SecurityOpt
- types/KeyValue
- types.DecodeSecurityOptions()

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-15 01:20:49 +02:00
Paweł Gronowski fe7afb700f
cli/container: Don't ignore error when parsing volume spec
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-07-12 09:45:55 +02:00
Sebastiaan van Stijn df04aca5d2
Merge pull request #4405 from cpuguy83/health_start_interval
Add support for health start interval
2023-07-07 18:15:10 +02:00
Brian Goff 986879c071 Add flags to container/service for health start interval
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2023-07-06 19:05:34 +00:00
Evan Lezar dad225d1e2 Support CDI devices in --device flag
Signed-off-by: Evan Lezar <elezar@nvidia.com>
2023-07-04 14:52:46 +02:00
Sebastiaan van Stijn dc2eb3bf7c
Merge pull request #4394 from laurazard/fix-flaky-ssh
commandconn: return original error while closing
2023-06-30 19:25:22 +02:00
Laura Brehm d5f564adaa
commandconn: return original error while closing
Changes the `Read` and `Write` error handling
logic to return the original error while closing
the connection. We still skip calling `handleEOF`
if already closing the connection.

Fixes the flaky `TestCloseWhileWriting` and
`TestCloseWhileReading` tests.

Co-authored-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2023-06-30 19:15:18 +02:00
Sebastiaan van Stijn 92d7a234dd
docker info: fix condition for printing debug information
The daemon collects this information regardless if "debug" is
enabled. Print the debugging information if either the daemon,
or the client has debug enabled.

We should probably improve this logic and print any of these if
set (but some special rules are needed for file-descriptors, which
may use "-1".

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-30 15:00:31 +02:00
Sebastiaan van Stijn 88f44ec159
cli: SetupRootCommand: remove redundant flags return
The flag-set that was returned is a pointer to the command's Flags(), which
is in itself passed by reference (as it is modified / set up).

This patch removes the flags return, to prevent assuming it's different than
the command's flags.

While SetupRootCommand is exported, a search showed that it's only used internally,
so changing the signature should not be a problem.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-28 16:26:50 +02:00
Sebastiaan van Stijn 3cad05fbf9
cli: move "config" flag to cli/flags/ClientOptions.InstallFlags()
This flag was kept separate from the other flags, because at the time, the
CLI code and Daemon code still used the same codebase, and shared some parts.
This option only applied to the `docker` CLI, and thus was kept separate when
migrating to Cobra in 0452ff5a4d

Now that this code is only used for the CLI (and plugins), we can move this
flag together with the other flags.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-28 16:04:09 +02:00
Sebastiaan van Stijn 27bae1172a
Merge pull request #4366 from thaJeztah/remove_deprecated_context_stubs
cli/command/context: remove deprecated k8s / orchestrator option-stubs
2023-06-28 14:42:18 +02:00
Sebastiaan van Stijn fcaf1def27
Merge pull request #4386 from thaJeztah/tls_const
cli/flags: add EnvEnableTLS const for "DOCKER_TLS"
2023-06-28 14:41:59 +02:00
Sebastiaan van Stijn 697bd4bebf
Merge pull request #4378 from acim/master
rename and update mergo module
2023-06-28 14:17:24 +02:00
Sebastiaan van Stijn e382d43f20
Merge pull request #4384 from thaJeztah/config_sync
cli/config: add synchronisation for configDir (Dir, SetDir)
2023-06-28 14:11:36 +02:00
Sebastiaan van Stijn 1c1329fc7e
cli/flags: add EnvEnableTLS const for "DOCKER_TLS"
Add a const to allow documenting the environment variable in code. The location
of this const is a bit "unfortunate", due to CLI and Client-config to be spread
over the cli/config, cli/config/configfile, and docker/docker/client packages
(some options are for the client, others for the CLI), and some reorganizing
may be useful for easier consumption.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-28 13:56:24 +02:00
Sebastiaan van Stijn 0b3cadb056
cli/config: add EnvOverrideConfigDir const
Add a const for the DOCKER_CONFIG to allow documenting its purpose
in code.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-28 13:20:29 +02:00
Sebastiaan van Stijn 13e842a110
cli/config: add synchronisation for configDir (Dir, SetDir)
commit 8a30653ed5 introduced a sync.Once
to allow for the config-directory (and home-dir) to be looked up lazily
instead of in an `init()`.

However, the package-level `configDir` variable can be set through two
separate paths; implicitly (through `config.Dir()`), and explicitly,
through `config.SetDir()`. The existing code had no synchronisation for
this, which could lead to a potential race-condition (code requesting
`config.Dir()` and code setting a custom path through `config.SetDir()`).

This patch adds synchronisation by triggering the `sync.Once` as part of
`config.SetDir()` to prevent it being triggered later (overwriting the
value that was set). It also restores the `resetConfigDir()` utility that
was removed in 379122b033, to allow resetting
the `sync.Once` for this test.

In general, we should get rid of this package-level variable, and store
it as a config on the client (passing the option to locations where its
used instead).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-28 12:58:26 +02:00
Boban Acimovic b32264a1af rename and update mergo module
Signed-off-by: Boban Acimovic <boban.acimovic@gmail.com>
2023-06-26 22:25:52 +02:00
Sebastiaan van Stijn 79ff64f06d
cli/command/context: don't use pkg/homedir in test
I'm considering deprecating the "Key()" utility, as it was only
used in tests.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-26 13:35:42 +02:00
Sebastiaan van Stijn 085d5c2816
Merge pull request #4343 from thaJeztah/cleanup_sprintf
replace some basic uses of fmt.Sprintf(), and minor refactor
2023-06-21 11:49:50 +02:00
Sebastiaan van Stijn c96484a114
Merge pull request #4346 from thaJeztah/build_errors
build: error if Dockerfile name is passed with Dockerfile from stdin
2023-06-21 11:48:12 +02:00
Sebastiaan van Stijn 2133d0446a
cli/command/context: remove deprecated k8s / orchestrator option-stubs
support for kubernetes contexts was deprecated in docker 20.10 through
b639ea8b89, 0793f96394,
and 1d37fb3027, and removed altoghether in
23.0 through 193ede9b12.

This patch removes the remaining stubs for options that were deprecated
and no longer used.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-21 11:39:04 +02:00
Sebastiaan van Stijn 3c99d229d9
Merge pull request #4363 from thaJeztah/cleanup_useragent
cli/command: newAPIClientFromEndpoint: use WithUserAgent
2023-06-21 11:38:55 +02:00
Sebastiaan van Stijn 2d06cfcde6
cli/command: newAPIClientFromEndpoint: use WithUserAgent
More things to be done after this, to allow passing a custom user-agent,
but let's start with just using this utility.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-20 15:01:41 +02:00
Sebastiaan van Stijn 8181aa8879
cli/command/context: don't pass CLI if we only need context-store
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-20 13:39:02 +02:00
Sebastiaan van Stijn c2535aa467
build: error if Dockerfile name is passed with Dockerfile from stdin
When passing a Dockerfile through stdin, it's not possible to specify the
name of the Dockerfile (using the `-f` option). When building with BuildKit
enabled, an error is already produced for this case, but the classic builder
silently ignored it.

This patch adds an error for this situation:

    echo -e 'FROM busybox' | DOCKER_BUILDKIT=0 docker build -f some.Dockerfile -
    DEPRECATED: The legacy builder is deprecated and will be removed in a future release.
    BuildKit is currently disabled; enable it by removing the DOCKER_BUILDKIT=0
    environment-variable.

    unable to prepare context: ambiguous Dockerfile source: both stdin and flag correspond to Dockerfiles

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-13 14:03:03 +02:00
Sebastiaan van Stijn 77dd05caad
cli/command/image: remove errStdinConflict
This error was only used in a single location, so no need to define a
package-level variable for this.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-13 13:47:56 +02:00
Sebastiaan van Stijn 7d723e2ba7
Merge pull request #4337 from thaJeztah/dont_mutate_configfile
cli/command/container: don't mutate ConfigFile.DetachKeys
2023-06-12 21:37:37 +02:00
Sebastiaan van Stijn d68b361538
cli/compose/convert: convertEnvironment: sort results
All users of this function sorted the results afterwards, so let's
do it as part of the function itself.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-12 19:03:59 +02:00
Sebastiaan van Stijn f4bde68694
replace some basic uses of fmt.Sprintf()
Really tiny gains here, and doesn't significantly impact readability:

    BenchmarkSprintf
    BenchmarkSprintf-10    11528700     91.59 ns/op   32 B/op  1 allocs/op
    BenchmarkConcat
    BenchmarkConcat-10    100000000     11.76 ns/op    0 B/op  0 allocs/op

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-12 19:03:49 +02:00
Sebastiaan van Stijn 9e481e09e0
Merge pull request #4226 from laurazard/fix-connhelper-docker-example
ssh: fix error on commandconn close, add ping and default timeout
2023-06-09 22:56:16 +02:00