Commit Graph

8173 Commits

Author SHA1 Message Date
Sebastiaan van Stijn aea2a8c410
docs/reference: run.md update confusing example name
This example was mounting `/dev/zero` as `/dev/nulo` inside the container.
The `nulo` name was intended to be a "made up / custom" name, but various
readers thought it to be a typo for `/dev/null`.

This patch updates the example to use `/dev/foobar` as name, which should
make it more clear that it's a custom name.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-10-11 00:34:49 +02:00
Sebastiaan van Stijn 8d807a045c
Merge pull request #3805 from debfx/docs-security-opt
docs: use correct separator in --security-opt
2022-10-09 15:34:30 +02:00
Felix Geyer 4648c00848 docs: use correct separator in --security-opt
> Security options with `:` as a separator are deprecated and will be completely unsupported in 17.04, use `=` instead.

Signed-off-by: Felix Geyer <debfx@fobos.de>
2022-10-09 12:54:20 +02:00
Sebastiaan van Stijn d0bd373986
Merge pull request #3799 from thaJeztah/bump_go_1.19.2
Update to go 1.19.2 to address CVE-2022-2879, CVE-2022-2880, CVE-2022-41715
2022-10-04 23:23:15 +02:00
Sebastiaan van Stijn 485f1f79c5
Update to go 1.19.2 to address CVE-2022-2879, CVE-2022-2880, CVE-2022-41715
From the mailing list:

We have just released Go versions 1.19.2 and 1.18.7, minor point releases.

These minor releases include 3 security fixes following the security policy:

- archive/tar: unbounded memory consumption when reading headers

  Reader.Read did not set a limit on the maximum size of file headers.
  A maliciously crafted archive could cause Read to allocate unbounded
  amounts of memory, potentially causing resource exhaustion or panics.
  Reader.Read now limits the maximum size of header blocks to 1 MiB.

  Thanks to Adam Korczynski (ADA Logics) and OSS-Fuzz for reporting this issue.

  This is CVE-2022-2879 and Go issue https://go.dev/issue/54853.

- net/http/httputil: ReverseProxy should not forward unparseable query parameters

  Requests forwarded by ReverseProxy included the raw query parameters from the
  inbound request, including unparseable parameters rejected by net/http. This
  could permit query parameter smuggling when a Go proxy forwards a parameter
  with an unparseable value.

  ReverseProxy will now sanitize the query parameters in the forwarded query
  when the outbound request's Form field is set after the ReverseProxy.Director
  function returns, indicating that the proxy has parsed the query parameters.
  Proxies which do not parse query parameters continue to forward the original
  query parameters unchanged.

  Thanks to Gal Goldstein (Security Researcher, Oxeye) and
  Daniel Abeles (Head of Research, Oxeye) for reporting this issue.

  This is CVE-2022-2880 and Go issue https://go.dev/issue/54663.

- regexp/syntax: limit memory used by parsing regexps

  The parsed regexp representation is linear in the size of the input,
  but in some cases the constant factor can be as high as 40,000,
  making relatively small regexps consume much larger amounts of memory.

  Each regexp being parsed is now limited to a 256 MB memory footprint.
  Regular expressions whose representation would use more space than that
  are now rejected. Normal use of regular expressions is unaffected.

  Thanks to Adam Korczynski (ADA Logics) and OSS-Fuzz for reporting this issue.

  This is CVE-2022-41715 and Go issue https://go.dev/issue/55949.

View the release notes for more information: https://go.dev/doc/devel/release#go1.19.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-10-04 20:51:47 +02:00
Sebastiaan van Stijn 65438e008c
Merge pull request #3794 from thaJeztah/use_gofumpt
format code with gofumpt
2022-09-30 13:50:51 +02:00
Sebastiaan van Stijn 1da95ff6aa
format code with gofumpt
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-30 11:59:11 +02:00
Sebastiaan van Stijn fed93645f1
Merge pull request #3796 from thaJeztah/add_is_plugincommand_utility
cli-plugins/manager: add IsPluginCommand(() utility
2022-09-30 11:58:54 +02:00
Sebastiaan van Stijn a5c8d39a15
Merge pull request #3790 from thaJeztah/context_cleanup
context: various cleanups and improvements
2022-09-30 11:54:39 +02:00
Sebastiaan van Stijn cd7c493ea2
cli/context/store: rename removeAllContextData(), removeAllEndpointData()
The existing `remove()` was unused, and using that as name makes it more
consistent with the metadata-store. Also renaming `removeAllEndpointData`
to just `removeEndpoint`, as it's part of the TLS-store, which should already
make it clear it's about (TLS)data.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-30 11:19:26 +02:00
Sebastiaan van Stijn 09c94c1c21
cli/context/store: List(): don't interrupt listing for not-found errors
There's no reason to stop listing contexts if a context does not exist
while iterating over the directories,

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-30 11:19:26 +02:00
Sebastiaan van Stijn 951bb481c0
cli/context/store: New(): return concrete type
Go conventions are for interfaces to be defined on the receiver side,
and for producers to return concrete types. This patch changes the
constructor to return a concrete type.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-30 11:19:25 +02:00
Sebastiaan van Stijn de6020a240
cli/context/store: simplify error handling, and make it more idiomatic
The package defined various special errors; these errors existed for two reasons;

- being able to distinguish "not found" errors from other errors (as "not found"
  errors can be ignored in various cases).
- to be able to update the context _name_ in the error message after the error
  was created. This was needed in cases where the name was not available at the
  location where the error was produced (e.g. only the "id" was present), and
  the helpers to detect "not found" errors did not support wrapped errors (so
  wrapping the error with a "name" could break logic); a `setContextName` interface
  and corresponding `patchErrContextName()` utility was created for this (which
  was a "creative", but not very standard approach).

This patch:

- Removes the special error-types, replacing them with errdefs definitions (which
  is a more common approach in our code-base to detect error types / classes).
- Removes the internal utilities for error-handling, and deprecates the exported
  utilities (to allow external consumers to adjust their code).
- Some errors have been enriched with detailed information (which may be useful
  for debugging / problem solving).
- Note that in some cases, `patchErrContextName()` was called, but the code
  producing the error would never return a `setContextName` error, so would
  never update the error message.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-30 11:19:25 +02:00
Sebastiaan van Stijn 38f54e7926
cli/context/store: remove filePath(), make contextDir() accept name
removing the extra abstraction, and simplify use of contextDir()

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-30 11:18:52 +02:00
Sebastiaan van Stijn 9720d5b451
cli/context/store: listContextData(): accept name instead of ID
This allows callers to just pass the name, and handle the conversion to ID and
path internally.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-30 10:35:06 +02:00
Sebastiaan van Stijn 712cc9a1c7
cli/context/store: remove(): accept name instead of ID
This allows callers to just pass the name, and handle the conversion to ID and
path internally.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-30 10:35:06 +02:00
Sebastiaan van Stijn 0bcdff2571
cli/context/store: getData(): accept name instead of ID
This allows callers to just pass the name, and handle the conversion to ID and
path internally.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-30 10:35:06 +02:00
Sebastiaan van Stijn 3b7f13a5e5
cli/context/store: createOrUpdate(): accept name instead of ID
This allows callers to just pass the name, and handle the conversion to ID and
path internally.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-30 10:35:06 +02:00
Sebastiaan van Stijn c3eb116f9c
cli/context/store: removeAllEndpointData(): accept name instead of ID
This allows callers to just pass the name, and handle the conversion to ID and
path internally.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-30 10:35:06 +02:00
Sebastiaan van Stijn 42e275eaf6
cli/context/store: TestTlsCreateUpdateGetRemove(): use correct ID
This test was depending on the fact that contextDir's are a string,
and for the test is was using the context _name_ as a pseudo-ID.

This patch updates the test to be more explicit where ID's and where
names are used.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-30 10:35:05 +02:00
Sebastiaan van Stijn d0398c423f
cli/context/store: removeAllContextData(): accept name instead of ID
This allows callers to just pass the name, and handle the conversion to ID and
path internally. This also fixes a test which incorrectly used "names" as
pseudo-IDs.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-30 10:35:05 +02:00
Sebastiaan van Stijn f843c42c05
cli/context/store: listRecursivelyMetadataDirs(): use filepath.Join()
Looks like the intent here is to get the path of a subdirectory.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-30 10:35:05 +02:00
Sebastiaan van Stijn c6dfff131f
cli/context/store: metadataStore.get(), .remove(): accept name instead of ID
This allows callers to just pass the name, and handle the conversion to ID and
path internally.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-30 10:35:05 +02:00
Sebastiaan van Stijn 90f1238fb2
cli-plugins/manager: add IsPluginCommand(() utility
This makes it more convenient to check if a command is a plugin-stub

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-30 02:24:23 +02:00
Sebastiaan van Stijn a496a7d501
Merge pull request #3795 from thaJeztah/ignore_stubs_in_aliases
fix broken alias check is buildx is installed as alias for builder
2022-09-30 02:24:04 +02:00
Sebastiaan van Stijn 7af8aac169
fix broken alias check is buildx is installed as alias for builder
Commit cbec75e2f3 updated `runDocker()` to load
plugin-stubs before `processAliases()` was executed. As a result, plugin
stubs were considered as "builtin commands", causing the alias verification
to fail;

Without alias installed:

```bash
docker version
Client:
 Version:           22.06.0-beta.0-140-g3dad26ca2.m
 API version:       1.42
 Go version:        go1.19.1
 Git commit:        3dad26ca2
 Built:             Wed Sep 28 22:36:09 2022
 OS/Arch:           darwin/arm64
 Context:           default
...
```

After running `docker buildx install`;

```bash
./build/docker buildx install

cat ~/.docker/config.json
{
    "aliases": {
        "builder": "buildx"
    }
}

./build/docker version
not allowed to alias with builtin "buildx" as target
```

This patch moves loading the stubs _after_ the call to `processAliases()`, so
that verification passes. As an extra precaution, the `processAliases()` function
is also updated to exclude plugin-stub commands.

Note that cbec75e2f3 also introduced a performance
regression, which may be related to the early loading of plugins (and creating
stubs); it looks like various other code locations may also be loading plugins,
for example `tryPluginRun()` calls `pluginmanager.PluginRunCommand()`, which
also traverses plugin directories.

We should look under what circumstances the plugin stub-commands are actually
needed, and make sure that they're only created in those situations.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-29 22:40:51 +02:00
Sebastiaan van Stijn ef80de39ab
Merge pull request #3792 from thaJeztah/compose_tests
cli/compose: remove redundant reflection from tests
2022-09-29 16:15:21 +02:00
Sebastiaan van Stijn a9ccb6552d
cli/compose: remove redundant reflection from tests
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-29 15:35:31 +02:00
Sebastiaan van Stijn c39dfc3801
Merge pull request #3791 from thaJeztah/context_force_remove
docker context rm: allow --force to ignore non-existing contexts
2022-09-29 11:26:12 +02:00
Sebastiaan van Stijn 9a493b1bf7
docker context rm: allow --force to ignore non-existing contexts
Before this change, running `docker context rm --force` would fail if the context
did not exist. This behavior was different from other commands, which allowed
ignoring non-existing objects.

For example; when trying to remove a non-existing volume, the command would
fail without "force":

```bash
docker volume rm nosuchvolume
Error: No such volume: nosuchvolume
echo $?
1
```

But using the `-f` / `--force` option would make the command complete successfully
(the error itself is still printed for informational purposes);

```bash
docker volume rm -f nosuchvolume
nosuchvolume
echo $?
0
```

With this patch, `docker context rm` behaves the same:

```bash
docker context rm nosuchcontext
context "nosuchcontext" does not exist
echo $?
1
```

```bash
docker context rm -f nosuchcontext
nosuchcontext
echo $?
0
```

This patch also simplifies how we check if the context exists; previously we
would try to read the context's metadata; this could fail if a context was
corrupted, or if an empty directory was present. This patch now only checks
if the directory exists, without first validating the context's data.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-29 10:57:51 +02:00
Sebastiaan van Stijn 3dad26ca2d
Merge pull request #3760 from thaJeztah/update_credshelpers
vendor: github.com/docker/docker-credential-helpers v0.7.0
2022-09-22 19:07:00 +02:00
Sebastiaan van Stijn b07a52195e
Merge pull request #3784 from thaJeztah/bump_gotest_tools
vendor: gotest.tools v3.3.0 and use t.SetEnv()
2022-09-22 17:48:26 +02:00
Sebastiaan van Stijn ef2a826636
vendor: gotest.tools v3.3.0
full diff: https://github.com/gotestyourself/gotest.tools/compare/v3.1.0...v3.3.0

- golden: accept -update for updating files
- assert: golden variables

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-22 17:28:07 +02:00
Sebastiaan van Stijn 28b0aa9f1a
replace uses of deprecated env.Patch()
Also removing redundant defer for env.PatchAll(), which is now automatically
handled in t.Cleanup()

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-22 17:28:07 +02:00
Sebastiaan van Stijn 843e71672f
vendor: github.com/docker/docker-credential-helpers v0.7.0
no significant local changes

full diff: https://github.com/docker/docker-credential-helpers/compare/v0.6.4...v0.7.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-22 17:27:16 +02:00
Sebastiaan van Stijn 320337f17a
Merge pull request #3783 from thaJeztah/update_engine
vendor: docker v20.10.3-0.20220922131805-e143eed8bc4f (22.06 branch)
2022-09-22 17:25:50 +02:00
Sebastiaan van Stijn de2105d151
vendor: docker v20.10.3-0.20220922131805-e143eed8bc4f (22.06 branch)
full diff: 8af2e62556...e143eed8bc

- client: ignore kernel-memory on API >= 1.42

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-22 15:31:25 +02:00
Sebastiaan van Stijn edd51b2288
Merge pull request #3779 from imjasonh/created-na
cli: use N/A as placeholder for old CREATED dates
2022-09-22 10:57:19 +02:00
Jason Hall 90db6b82a3
cli: use N/A as placeholder for old CREATED dates
Signed-off-by: Jason Hall <jason@chainguard.dev>
2022-09-19 12:08:10 -04:00
Sebastiaan van Stijn 06cbd267c9
Merge pull request #3778 from imjasonh/created
cli: hide old CREATED times, instead of "52 years ago"
2022-09-16 18:21:21 +01:00
Jason Hall 0253634f59
cli: hide old CREATED times, instead of "52 years ago"
Signed-off-by: Jason Hall <jason@chainguard.dev>
2022-09-16 10:52:12 -04:00
Sebastiaan van Stijn 9ac8584acf
Merge pull request #3775 from thaJeztah/bump_engine
vendor: docker v20.10.3-0.20220909113731-8af2e62556de (22.06 branch)
2022-09-11 21:44:21 +02:00
Sebastiaan van Stijn beb92650d1
vendor: docker v20.10.3-0.20220909113731-8af2e62556de (22.06 branch)
full diff: b5a0d7a188...8af2e62556

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-10 19:12:42 +02:00
Sebastiaan van Stijn 8771b956ea
vendor: github.com/klauspost/compress v1.15.9
various fixes in zstd compression

- https://github.com/klauspost/compress/releases/tag/v1.15.9
- https://github.com/klauspost/compress/releases/tag/v1.15.8
- https://github.com/klauspost/compress/releases/tag/v1.15.7
- https://github.com/klauspost/compress/releases/tag/v1.15.6
- https://github.com/klauspost/compress/releases/tag/v1.15.5
- https://github.com/klauspost/compress/releases/tag/v1.15.4
- https://github.com/klauspost/compress/releases/tag/v1.15.3
- https://github.com/klauspost/compress/releases/tag/v1.15.2

full diff: https://github.com/klauspost/compress/compare/v1.15.1...v1.15.9

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-10 18:50:02 +02:00
Sebastiaan van Stijn 813bd79471
Merge pull request #3767 from thaJeztah/bump_go_119
update to golang 1.19.1
2022-09-08 16:14:37 +02:00
Sebastiaan van Stijn 48da8a4b3b
Merge pull request #3764 from thaJeztah/cli_remove_intermediate_var
cli: createContainer() remove intermediate variable
2022-09-08 16:14:20 +02:00
Sebastiaan van Stijn 3a17d8a909
Update to go 1.19.1 to address CVE-2022-27664, CVE-2022-32190
From the mailing list:

We have just released Go versions 1.19.1 and 1.18.6, minor point releases.
These minor releases include 2 security fixes following the security policy:

- net/http: handle server errors after sending GOAWAY
  A closing HTTP/2 server connection could hang forever waiting for a clean
  shutdown that was preempted by a subsequent fatal error. This failure mode
  could be exploited to cause a denial of service.

  Thanks to Bahruz Jabiyev, Tommaso Innocenti, Anthony Gavazzi, Steven Sprecher,
  and Kaan Onarlioglu for reporting this.

  This is CVE-2022-27664 and Go issue https://go.dev/issue/54658.

- net/url: JoinPath does not strip relative path components in all circumstances
  JoinPath and URL.JoinPath would not remove `../` path components appended to a
  relative path. For example, `JoinPath("https://go.dev", "../go")` returned the
  URL `https://go.dev/../go`, despite the JoinPath documentation stating that
  `../` path elements are cleaned from the result.

  Thanks to q0jt for reporting this issue.

  This is CVE-2022-32190 and Go issue https://go.dev/issue/54385.

Release notes:

go1.19.1 (released 2022-09-06) includes security fixes to the net/http and
net/url packages, as well as bug fixes to the compiler, the go command, the pprof
command, the linker, the runtime, and the crypto/tls and crypto/x509 packages.
See the Go 1.19.1 milestone on the issue tracker for details.

https://github.com/golang/go/issues?q=milestone%3AGo1.19.1+label%3ACherryPickApproved

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-08 10:40:08 +02:00
Sebastiaan van Stijn 07ac2d8dc4
update to golang 1.19
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-08 10:40:06 +02:00
Sebastiaan van Stijn 2ae9e21c1a
Merge pull request #3774 from thaJeztah/bump_x_net
vendor: golang.org/x/net v0.0.0-20220906165146-f3363e06e74c
2022-09-08 10:19:17 +02:00
Sebastiaan van Stijn a76f6405a4
Merge pull request #3772 from thaJeztah/bump_golang_1.18.6
Update to go 1.18.6 to address CVE-2022-27664, CVE-2022-32190
2022-09-08 10:18:47 +02:00