Commit Graph

10259 Commits

Author SHA1 Message Date
Sebastiaan van Stijn 42ce06aa5b
Dockerfile: update buildx to v0.17.1
Update the buildx cli plugin used in the dev-container

full diff: https://github.com/docker/buildx/compare/0.16.1...0.17.1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-09-16 15:01:56 +02:00
Laura Brehm 7b630458bd
Merge pull request #5437 from thaJeztah/remove_deprecated_cors_headers
docs, man: dockerd: remove --api-cors-header (deprecated)
2024-09-16 13:42:01 +01:00
Sebastiaan van Stijn ccc87eb6ab
Merge pull request #5438 from thaJeztah/dockerd_logformat
docs, man: dockerd: add documentation for "--log-format" option
2024-09-16 13:44:19 +02:00
Sebastiaan van Stijn 4f78ffaa03
Merge pull request #5436 from thaJeztah/update_dockerd_docs
docs: add documentation for dockerd --feature flag
2024-09-16 13:43:57 +02:00
Sebastiaan van Stijn baceb4b158
docs: dockerd: add documentation for --log-format option
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-09-16 13:23:13 +02:00
Sebastiaan van Stijn a42ca1148d
docs/reference: dockerd: add docs for --feature option
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-09-16 13:20:48 +02:00
Sebastiaan van Stijn 9ae514fdc7
man: dockerd: add description for --log-format option
This option was added in a08abec9f8d59eaa44c375900e254384a68c5a31,
as part of Docker v25.0, but did not update the docs and manpage.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-09-16 12:46:30 +02:00
Sebastiaan van Stijn 1a0e32099a
docs: dockerd: remove --api-cors-header (deprecated)
Updates 9d9bb19f01

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-09-16 12:20:54 +02:00
Sebastiaan van Stijn 9bfd0e1a40
man: remove docs for deprecated --api-cors-header
It was deprecated in 27.0x through 7ea9acc97f4c884ecdaebd06ed0353b28263d118,
and removed in ae96ce866f4b3dc09dc4eab019d7725a63623d94.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-09-16 12:15:24 +02:00
Sebastiaan van Stijn a357db0aba
man: dockerd: value is optional for --feature flag
The --feature flag allows the boolean value to be omitted.
If only a name is provided, the default is "true".

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-09-16 11:22:21 +02:00
Sebastiaan van Stijn fb056d2ceb
man: fix duplicate word in --feature flag description
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-09-16 11:22:15 +02:00
Sebastiaan van Stijn 610f9157f5
man: update dockerd man-page to include --feature flag
commit f13c08246d93dd5aae200d5881a3a374e6cac876 introduced
this flag, but did not yet update the manpage.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-09-16 11:22:08 +02:00
Julio Cesar Garcia 605c9bf160 docs: Fix --rm=false flag in container_run.md
Signed-off-by: Julio Cesar Garcia <juliogarciamelgarejo@gmail.com>
2024-09-13 18:45:26 -05:00
Sebastiaan van Stijn a18c896928
Merge pull request #5424 from jsternberg/wsl-socket-path
command: check for wsl mount path on windows
2024-09-13 00:33:13 +02:00
Sebastiaan van Stijn b0333da63c
Merge pull request #5427 from thaJeztah/bump_docker_deps
vendor: update various dependencies
2024-09-12 19:07:02 +02:00
Sebastiaan van Stijn dccb8bfa5d
vendor: google.golang.org/grpc v1.62.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-09-12 18:38:40 +02:00
Sebastiaan van Stijn 8cdf90cd93
vendor: tags.cncf.io/container-device-interface v0.8.0
Breaking change: The .ToOCI() functions in the specs-go package have been
removed. This removes the dependency on the OCI runtime specification from
the CDI specification definition itself.

What's Changed

- Add workflow to mark prs and issues as stale
- Remove the ToOCI functions from the specs-go package
- docs: add a pointer to community meetings in our docs.
- Bump spec version to v0.8.0
- Update spec version in README

Full diff: https://github.com/cncf-tags/container-device-interface/compare/v0.7.2...v0.8.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-09-12 18:36:26 +02:00
Sebastiaan van Stijn a5f15bee7a
vendor: golang.org/x/net v0.28.0
full diff: https://github.com/golang/net/compare/v0.25.0...v0.28.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-09-12 18:33:40 +02:00
Sebastiaan van Stijn b93fc39639
vendor: golang.org/x/crypto v0.26.0
full diff: https://github.com/golang/crypto/compare/v0.23.0...v0.26.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-09-12 18:32:05 +02:00
Sebastiaan van Stijn 3a63df265f
vendor: golang.org/x/text v0.17.0
full diff: https://github.com/golang/text/compare/v0.15.0...v0.17.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-09-12 18:31:04 +02:00
Sebastiaan van Stijn c6e5341934
vendor: golang.org/x/term v0.23.0
full diff: https://github.com/golang/term/compare/v0.20.0...v0.23.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-09-12 18:29:52 +02:00
Sebastiaan van Stijn 5f9fe33b6b
vendor: golang.org/x/time v0.6.0
full diff: https://github.com/golang/time/compare/v0.3.0...v0.6.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-09-12 18:26:45 +02:00
Sebastiaan van Stijn 7074e5011f
vendor: golang.org/x/sync v0.8.0
full diff: https://github.com/golang/sync/compare/v0.7.0...v0.8.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-09-12 18:24:38 +02:00
Sebastiaan van Stijn 958fff82f1
vendor: golang.org/x/sys v0.24.0
full diff: https://github.com/golang/sys/compare/v0.22.0...v0.24.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-09-12 18:24:02 +02:00
Sebastiaan van Stijn fb264ffc08
vendor: dario.cat/mergo v1.0.1
- fix: overwriteWithEmptyValue is forced to true when merging an object
  involving maps
- fix: WithoutDereference should respect non-nil struct pointers

full diff: https://github.com/darccio/mergo/compare/v1.0.0...v1.0.1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-09-12 18:18:47 +02:00
Jonathan A. Sternberg 38c3fef1a8
command: check for wsl mount path on windows
This checks for the equivalent WSL mount path on windows. WSL will mount
the windows drives at `/mnt/c` (or whichever drive is being used).

This is done by parsing a UNC path with forward slashes from the unix
socket URL.

Signed-off-by: Jonathan A. Sternberg <jonathan.sternberg@docker.com>
2024-09-12 11:14:43 -05:00
Laura Brehm 986baf22c7
Merge pull request #5425 from zeghong/remove-dup-linter
chore: remove duplicated `govet` linter config
2024-09-11 11:35:50 +01:00
Li Zeghong 5b81f0dcb0 chore: remove duplicated `govet` linter config
Signed-off-by: Li Zeghong <zeghong@hotmail.com>
2024-09-11 17:55:43 +08:00
Sebastiaan van Stijn 6965f40090
Merge pull request #5422 from thaJeztah/info_no_expected_version
info: stop printing "Expected" commits
2024-09-10 19:43:51 +02:00
Sebastiaan van Stijn 88ca4e958f
info: stop printing "Expected" commits
The `Commit` type was introduced in 2790ac68b3,
to assist triaging issues that were reported with an incorrect version of
runc or containerd. At the time, both `runc` and `containerd` were not yet
stable, and had to be built from a specific commit to guarantee compatibility.

We encountered various situations where unexpected (and incompatible) versions
of those binaries were packaged, resulting in hard to trace bug-reports.
For those situations, a "expected" version was set at compile time, to
indicate if the version installed was different from the expected version;

    docker info
    ...
    runc version: a592beb5bc4c4092b1b1bac971afed27687340c5 (expected: 69663f0bd4b60df09991c08812a60108003fa340)

Both `runc` and `containerd` are stable now, and docker 19.03 and up set the
expected version to the actual version since c65f0bd13c
and 23.0 did the same for the `init` binary b585c64e2b,
to prevent the CLI from reporting "unexpected version".

In short; the `Expected` fields no longer serves a real purpose, so we should
no longer print it.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-09-10 13:49:12 +02:00
Sebastiaan van Stijn a464a63d33
Merge pull request #5420 from laurazard/fix-panic-volume-update
volume/update: require 1 argument/fix panic
2024-09-09 20:46:30 +02:00
Laura Brehm daea277ee8
volume/update: require 1 argument/fix panic
This command was declaring that it requires at least 1 argument, when it
needs exactly 1 argument. This was causing the CLI to panic when the
command was invoked with no argument:

`docker volume update`

Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2024-09-09 13:40:03 +01:00
Alano Terblanche 6372ec9c75
Merge pull request #5415 from lentil32/master
fix: docstring for cli/command: `ContainerFormat.CreatedAt`
2024-09-09 12:19:53 +02:00
Sebastiaan van Stijn 21ee2685e3
Merge pull request #5403 from dvdksn/docs-update-titles
docs: rename plugins index file and add linkTitle
2024-09-09 11:04:09 +02:00
David Karlsson 0fcaffb7e4 chore: fix style/lint issues in deprecated.md
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2024-09-09 10:53:38 +02:00
Alano Terblanche 2230089371
Merge pull request #5381 from Benehiko/lf-exclude-binary
fix: gitattributes enforcing line endings
2024-09-09 08:51:54 +02:00
Dilep Dev 45d55961d0
Fix broken links in CONTRIBUTING.md
Signed-off-by: Dilep Dev <34891655+DilepDev@users.noreply.github.com>
2024-09-08 23:08:14 +05:30
lentil32 0b9d58245a
cli/command: fix docstring for ContainerFormat.CreatedAt
Signed-off-by: lentil32 <lentil32@icloud.com>
2024-09-08 15:47:21 +09:00
Sebastiaan van Stijn 6b741602c8
Merge pull request #5410 from vvoland/update-go
update to go1.22.7
2024-09-06 10:27:26 +02:00
Alano Terblanche 4a6ab2b37d
fix: binary file line endings
Signed-off-by: Alano Terblanche <18033717+Benehiko@users.noreply.github.com>
2024-09-06 10:23:23 +02:00
Paweł Gronowski 3bf39d25a0
update to go1.22.7
- https://github.com/golang/go/issues?q=milestone%3AGo1.22.7+label%3ACherryPickApproved
- full diff: https://github.com/golang/go/compare/go1.22.6...go1.22.7

These minor releases include 3 security fixes following the security policy:

- go/parser: stack exhaustion in all Parse* functions

    Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion.

    This is CVE-2024-34155 and Go issue https://go.dev/issue/69138.

- encoding/gob: stack exhaustion in Decoder.Decode

    Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion.

    This is a follow-up to CVE-2022-30635.

    Thanks to Md Sakib Anwar of The Ohio State University (anwar.40@osu.edu) for reporting this issue.

    This is CVE-2024-34156 and Go issue https://go.dev/issue/69139.

- go/build/constraint: stack exhaustion in Parse

    Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

    This is CVE-2024-34158 and Go issue https://go.dev/issue/69141.

View the release notes for more information:
https://go.dev/doc/devel/release#go1.23.1

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2024-09-05 17:51:27 +02:00
Laura Brehm 2b6d2d98d8
Merge pull request #5407 from thaJeztah/mod_tidy
vendor.mod: put github.com/pkg/browser in the right group
2024-09-05 13:47:37 +01:00
Sebastiaan van Stijn 1b8180a405
vendor.mod: put github.com/pkg/browser in the right group
commit fcfdd7b91f introduced github.com/pkg/browser
as a direct dependency, but it ended up in the group for indirect dependencies.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-09-05 14:36:51 +02:00
David Karlsson 5ca40e0a35 docs: add front matter title to deprecated.md
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2024-09-04 13:48:37 +02:00
David Karlsson 071f6f9391 docs: rename plugins index file and add linkTitle
We publish this page on docs.docker.com, and hugo expects index pages
for sections to be named _index.md. We currently rename the page when we
mount it to the docs repo but might as well change the filename in the
source.

Also adds a linkTitle to the page, which is a shorter title that will be
used in the sidebar navigation and breadcrumbs.

Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2024-09-04 13:48:37 +02:00
Sebastiaan van Stijn f75abad8a1
Merge pull request #5401 from laurazard/login-non-tty-standardize
login: handle non-tty scenario consistently
2024-09-03 16:36:14 +02:00
Laura Brehm bbb6e7643d
login: handle non-tty scenario consistently
Running `docker login` in a non-interactive environment sometimes errors
out if no username/pwd is provided. This handling is somewhat
inconsistent – this commit addresses that.

Before:
| `--username` | `--password` | Result                                                             |
|:------------:|:------------:| ------------------------------------------------------------------ |
|            |            |                                                                  |
|            |            | `Error: Cannot perform an interactive login from a non TTY device` |
|            |            | `Error: Cannot perform an interactive login from a non TTY device` |
|            |            | hangs                                                              |

After:
| `--username` | `--password` | Result                                                             |
|:------------:|:------------:| ------------------------------------------------------------------ |
|            |            |                                                                  |
|            |            | `Error: Cannot perform an interactive login from a non TTY device` |
|            |            | `Error: Cannot perform an interactive login from a non TTY device` |
|            |            | `Error: Cannot perform an interactive login from a non TTY device` |

It's worth calling out a separate scenario – if there are previous,
valid credentials, then running `docker login` with no username or
password provided will use the previously stored credentials, and not
error out.

```console
cat ~/.docker/config.json
{
        "auths": {
                "https://index.docker.io/v1/": {
                        "auth": "xxxxxxxxxxx"
                }
        }
}
⭑ docker login 0>/dev/null
Authenticating with existing credentials...

Login Succeeded
```

This commit also applies the same non-interactive handling logic to the
new web-based login flow, which means that now, if there are no prior
credentials stored and a user runs `docker login`, instead of initiating
the new web-based login flow, an error is returned.

Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2024-09-03 14:26:11 +01:00
Sebastiaan van Stijn 2dd127a1ff
Merge pull request #5387 from thaJeztah/update_go_1.22
update to go1.22.6
2024-09-03 13:25:16 +02:00
Sebastiaan van Stijn 51f320ff62
Merge pull request #5376 from laurazard/fix-oauth-login-timer
oauth/api: drain timer channel on each iteration
2024-09-03 13:14:54 +02:00
Laura Brehm 60d0450287
oauth/api: drain timer channel on each iteration
Previously, if while polling for oauth device-code login results a user
suspended the process (such as with CTRL-Z) and then restored it with
`fg`, an error might occur in the form of:

```
failed waiting for authentication: You are polling faster than the specified interval of 5 seconds.
```

This is due to our use of a `time.Ticker` here - if no receiver drains
the ticker channel (and timers/tickers use a buffered channel behind the
scenes), more than one tick will pile up, causing the program to "tick"
twice, in fast succession, after it is resumed.

The new implementation replaces the `time.Ticker` with a `time.Timer`
(`time.Ticker` is just a nice wrapper) and introduces a helper function
`resetTimer` to ensure that before every `select`, the timer is stopped
and it's channel is drained.

Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2024-09-03 11:31:03 +01:00