Docker Engine 1.13 (API v1.25) added an option to set a custom default seccomp
profile on the daemon (see [moby/moby@b237189]). A warning was added on the
client-side if a non-default profile was set.
Docker Engine 23.0 (API v1.42) added warnings about non-default seccomp
profiles to the "info" response ([moby/moby@04f932a]), and the client was
updated to skip generating client-side warnings for API v1.42 and up in
[docker/cli@8964595].
These warnings are purely informational, and given that Docker Engine versions
before 23.0 have reached EOL, and any current version of the Engine now returns
the Warnings, it should be safe to remove the client-side fall back logic.
This patch removes the client-side fall back code for warnings that was
added in 8964595692.
[moby/moby@b237189]: b237189e6c
[moby/moby@04f932a]: 04f932ac86
[docker/cli@8964595]: 8964595692
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This function was deprecated in 298bddcc23 for
v25.0, and unused. This patch removes the function.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
These types were deprecated in 7af509c7f1 (v25.0),
in favor of CLIOption, and are no longer used.
This patch removes the deprecated type-aliases, and while updating, also improves
the documentation for the CLIOption type.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Docker Engine 18.09 (API v1.39) introduced a Warnings field in the into response.
This enhancement was not gated by API version (see [moby/moby@a3d4238]), and
will be returned by Docker Engine 18.09 and up, regardless of the API version
chosen.
Likewise, the client-side code was written to prefer warnings returned by
the daemon, but to fall back on client-side detection of missing features
based on information in the Info response (see [docker/cli@3c27ce2]).
Thse warnings are purely informational, and given that Docker Engine versions
before 18.09 have reached EOL 6 Years ago, and any current version of the
Engine now returns the Warnings, it should be safe to remove the client-side
fall back logic.
This patch removes the client-side fall back code for warnings that was
added in 3c27ce21c9.
[moby/moby@a3d4238]: a3d4238b9c
[docker/cli@3c27ce2]: 3c27ce21c9
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Docker v23.0 and up allow the daemon to be configured to have seccomp disabled
by default (using the "unconfined" profile as default), and introduced a new
"builtin" profile-name for the default (see [moby@f8795ed364586acd][1] and
[mnoby@ac449d6b5ad29a50][2]).
However, the CLI had no special handling for the "builtin" profile, which
resulted in it trying to load it as a file, which would fail;
docker run -it --rm --security-opt seccomp=builtin busybox
docker: opening seccomp profile (builtin) failed: open builtin: no such file or directory.
See 'docker run --help'.
This patch adds a special case for the "builtin" profile, to allow using the
default profile on daemons with seccomp disabled (unconfined) by default.
[1]: f8795ed364
[2]: ac449d6b5a
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
commit 9e1f8d646e changed this to a
"nolint" comment due to a regression in GoSec. That regression was
fixed, so we can go back to use the more fine-grained "nosec" comment.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The filter option is not currently exposed on the command-line,
but can be added as a flag in future. It will be used by compose
to filter the list of containers to include based on compose
labels.
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
When running `docker stats` without a list of containers, `runStats` collects
an initial list of containers. If that API call fails, the error is sent to the
`closeChan`, however, `closeChan` is non-buffered, and nothing is reading the
channel until we received the initial list and start collecting stats.
This patch rewrites the code that gets the initial list of containers to
return the error if the API call fails. The `getContainerList` closure is
also removed and inlined to make the logic somewhat easier to read.
Before this patch, the command would hang without producing output;
docker stats
# hangs; no output
With this patch, the error is printed, and the CLI exits:
docker stats
Error response from daemon: some error occurred
echo $?
1
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The monitorContainerEvents and getContainerList closures where only
used when collecting "all" containers, so let's define them in that
branch of the code.
Also move some of the other variables closer to where they're used.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
We were unconditionally registering event-handlers for these events, but
the handler itself would ignore the event depending on the "all" option.
This patch skips registering the event handlers, so that we're not handling
them (saving some resources).
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
- memoize the API-client in a local variable.
- use struct-literals in some places.
- rename some variables for clarity and to prevent colliding with imports.
- make use of the event-constants (events.ContainerEventType).
- fix some grammar
- fix some minor linting warnings
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This is a follow-up to 0e73168b7e
This repository is not yet a module (i.e., does not have a `go.mod`). This
is not problematic when building the code in GOPATH or "vendor" mode, but
when using the code as a module-dependency (in module-mode), different semantics
are applied since Go1.21, which switches Go _language versions_ on a per-module,
per-package, or even per-file base.
A condensed summary of that logic [is as follows][1]:
- For modules that have a go.mod containing a go version directive; that
version is considered a minimum _required_ version (starting with the
go1.19.13 and go1.20.8 patch releases: before those, it was only a
recommendation).
- For dependencies that don't have a go.mod (not a module), go language
version go1.16 is assumed.
- Likewise, for modules that have a go.mod, but the file does not have a
go version directive, go language version go1.16 is assumed.
- If a go.work file is present, but does not have a go version directive,
language version go1.17 is assumed.
When switching language versions, Go _downgrades_ the language version,
which means that language features (such as generics, and `any`) are not
available, and compilation fails. For example:
# github.com/docker/cli/cli/context/store
/go/pkg/mod/github.com/docker/cli@v25.0.0-beta.2+incompatible/cli/context/store/storeconfig.go:6:24: predeclared any requires go1.18 or later (-lang was set to go1.16; check go.mod)
/go/pkg/mod/github.com/docker/cli@v25.0.0-beta.2+incompatible/cli/context/store/store.go:74:12: predeclared any requires go1.18 or later (-lang was set to go1.16; check go.mod)
Note that these fallbacks are per-module, per-package, and can even be
per-file, so _(indirect) dependencies_ can still use modern language
features, as long as their respective go.mod has a version specified.
Unfortunately, these failures do not occur when building locally (using
vendor / GOPATH mode), but will affect consumers of the module.
Obviously, this situation is not ideal, and the ultimate solution is to
move to go modules (add a go.mod), but this comes with a non-insignificant
risk in other areas (due to our complex dependency tree).
We can revert to using go1.16 language features only, but this may be
limiting, and may still be problematic when (e.g.) matching signatures
of dependencies.
There is an escape hatch: adding a `//go:build` directive to files that
make use of go language features. From the [go toolchain docs][2]:
> The go line for each module sets the language version the compiler enforces
> when compiling packages in that module. The language version can be changed
> on a per-file basis by using a build constraint.
>
> For example, a module containing code that uses the Go 1.21 language version
> should have a `go.mod` file with a go line such as `go 1.21` or `go 1.21.3`.
> If a specific source file should be compiled only when using a newer Go
> toolchain, adding `//go:build go1.22` to that source file both ensures that
> only Go 1.22 and newer toolchains will compile the file and also changes
> the language version in that file to Go 1.22.
This patch adds `//go:build` directives to those files using recent additions
to the language. It's currently using go1.19 as version to match the version
in our "vendor.mod", but we can consider being more permissive ("any" requires
go1.18 or up), or more "optimistic" (force go1.21, which is the version we
currently use to build).
For completeness sake, note that any file _without_ a `//go:build` directive
will continue to use go1.16 language version when used as a module.
[1]: 58c28ba286/src/cmd/go/internal/gover/version.go (L9-L56)
[2]; https://go.dev/doc/toolchain#:~:text=The%20go%20line%20for,file%20to%20Go%201.22
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This driver has been deprecated and removed because the service
is no longer operational. Remove it from the tests to better reflect
reality.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The cli/command package defined two option-types with the same signature.
This patch creates a new type instead (CLIOption), and makes the existing
types an alias for this (deprecating their old names).
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
fix some nolintlint false positives
For some reason, nolintlint doesn't consider these used, but they seem to be
legitimate cases where deprecated fields are used.
templates/templates.go:27:29: directive `//nolint:staticcheck // strings.Title is deprecated, but we only use it for ASCII, so replacing with golang.org/x/text is out of scope` is unused for linter "staticcheck" (nolintlint)
"title": strings.Title, //nolint:staticcheck // strings.Title is deprecated, but we only use it for ASCII, so replacing with golang.org/x/text is out of scope
^
cli/command/formatter/image_test.go:75:31: directive `//nolint:staticcheck // ignore SA1019: field is deprecated, but still set on API < v1.44.` is unused for linter "staticcheck" (nolintlint)
call: ctx.VirtualSize, //nolint:staticcheck // ignore SA1019: field is deprecated, but still set on API < v1.44.
^
cli/command/registry/formatter_search.go💯39: directive `//nolint:staticcheck // ignore SA1019 (IsAutomated is deprecated).` is unused for linter "staticcheck" (nolintlint)
return c.formatBool(c.s.IsAutomated) //nolint:staticcheck // ignore SA1019 (IsAutomated is deprecated).
^
cli/command/registry/formatter_search_test.go:50:55: directive `//nolint:staticcheck // ignore SA1019 (IsAutomated is deprecated).` is unused for linter "staticcheck" (nolintlint)
s: registrytypes.SearchResult{IsAutomated: true}, //nolint:staticcheck // ignore SA1019 (IsAutomated is deprecated).
^
cli/command/registry/formatter_search_test.go:53:31: directive `//nolint:staticcheck // ignore SA1019 (IsAutomated is deprecated).` is unused for linter "staticcheck" (nolintlint)
call: ctx.IsAutomated, //nolint:staticcheck // ignore SA1019 (IsAutomated is deprecated).
^
cli/command/registry/formatter_search_test.go:59:27: directive `//nolint:staticcheck // ignore SA1019 (IsAutomated is deprecated).` is unused for linter "staticcheck" (nolintlint)
call: ctx.IsAutomated, //nolint:staticcheck // ignore SA1019 (IsAutomated is deprecated).
^
cli/command/registry/formatter_search_test.go:202:84: directive `//nolint:staticcheck // ignore SA1019 (IsAutomated is deprecated).` is unused for linter "staticcheck" (nolintlint)
{Name: "result2", Description: "Not official", StarCount: 5, IsAutomated: true}, //nolint:staticcheck // ignore SA1019 (IsAutomated is deprecated).
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
cli/compose/types/types.go:568:17: fmt.Sprintf can be replaced with faster strconv.FormatBool (perfsprint)
return []byte(fmt.Sprintf("%v", e.External)), nil
^
cli/command/formatter/buildcache.go:174:9: fmt.Sprintf can be replaced with faster strconv.Itoa (perfsprint)
return fmt.Sprintf("%d", c.v.UsageCount)
^
cli/command/formatter/buildcache.go:178:9: fmt.Sprintf can be replaced with faster strconv.FormatBool (perfsprint)
return fmt.Sprintf("%t", c.v.InUse)
^
cli/command/formatter/buildcache.go:182:9: fmt.Sprintf can be replaced with faster strconv.FormatBool (perfsprint)
return fmt.Sprintf("%t", c.v.Shared)
^
cli/command/formatter/image.go:259:9: fmt.Sprintf can be replaced with faster strconv.FormatInt (perfsprint)
return fmt.Sprintf("%d", c.i.Containers)
^
cli/command/formatter/tabwriter/tabwriter_test.go:698:9: fmt.Sprintf can be replaced with faster strconv.Itoa (perfsprint)
b.Run(fmt.Sprintf("%d", x), func(b *testing.B) {
^
cli/command/formatter/tabwriter/tabwriter_test.go:720:9: fmt.Sprintf can be replaced with faster strconv.Itoa (perfsprint)
b.Run(fmt.Sprintf("%d", h), func(b *testing.B) {
^
cli/command/image/prune.go:62:31: fmt.Sprintf can be replaced with faster strconv.FormatBool (perfsprint)
pruneFilters.Add("dangling", fmt.Sprintf("%v", !options.all))
^
cli/command/network/formatter.go:92:9: fmt.Sprintf can be replaced with faster strconv.FormatBool (perfsprint)
return fmt.Sprintf("%v", c.n.EnableIPv6)
^
cli/command/network/formatter.go:96:9: fmt.Sprintf can be replaced with faster strconv.FormatBool (perfsprint)
return fmt.Sprintf("%v", c.n.Internal)
^
cli/command/service/formatter.go:745:9: fmt.Sprintf can be replaced with faster strconv.FormatUint (perfsprint)
pub = fmt.Sprintf("%d", pr.pStart)
^
cli/command/service/formatter.go:750:9: fmt.Sprintf can be replaced with faster strconv.FormatUint (perfsprint)
tgt = fmt.Sprintf("%d", pr.tStart)
^
cli/command/service/opts.go:49:10: fmt.Sprintf can be replaced with faster strconv.FormatUint (perfsprint)
return fmt.Sprintf("%v", *i.value)
^
cli/compose/loader/loader.go:720:36: fmt.Sprint can be replaced with faster strconv.Itoa (perfsprint)
v, err := toServicePortConfigs(fmt.Sprint(value))
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
cli/command/idresolver/idresolver.go:33:4: error is not nil (line 31) but it returns nil (nilerr)
return id, nil
^
cli/command/idresolver/idresolver.go:45:4: error is not nil (line 43) but it returns nil (nilerr)
return id, nil
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
cli/command/utils.go:190:35: param new has same name as predeclared identifier (predeclared)
func StringSliceReplaceAt(s, old, new []string, requireIndex int) ([]string, bool) {
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
cli/command/system/info.go:470:1: deprecatedComment: use `Deprecated: ` (note the casing) instead of `DEPRECATED: ` (gocritic)
// DEPRECATED: warnings are now generated by the daemon, and returned in
^
cli/command/system/info.go:492:1: deprecatedComment: use `Deprecated: ` (note the casing) instead of `DEPRECATED: ` (gocritic)
// DEPRECATED: warnings are now generated by the daemon, and returned in
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
cli/command/trust/inspect.go:74:33: appendAssign: append result not assigned to the same slice (gocritic)
signatureRows[idx].Signers = append(sig.Signers, releasedRoleName)
^
cli/command/task/print.go:92:7: appendAssign: append result not assigned to the same slice (gocritic)
t := append(tasks[:0:0], tasks...)
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
- document accepted values
- add test-coverage for the function's behavior (including whitespace handling),
and use sub-tests.
- improve error-message to use uppercase for "IP", and to use a common prefix.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This function only needed the ContainerAPIClient, and not the whole CLI. This
patch refactors it to use the shallower interface.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This is a follow-up of https://github.com/docker/cli/pull/4419. That PR
leveraged the fact that EndpointSettings.MacAddress is already
available, although not used by the CreateNetwork endpoint.
TestParseWithMacAddress was testing whether the container-wide
MacAddress field is set, and we still need to test that to ensure
backward compatibility. But we now also need to test whether the
endpoint-specific MacAddress is set.
Signed-off-by: Albin Kerouanton <albinker@gmail.com>
Next commit will need this change to test whether the endpoint-specific
MacAddress is correctly set.
Signed-off-by: Albin Kerouanton <albinker@gmail.com>
Please the linters in preparation of updating golangci-lint;
- remove dot-imports
- add some checks for unhandled errors
- replace some fixed-value variables for consts
cli/command/image/build/context.go:238:17: G107: Potential HTTP request made with variable url (gosec)
if resp, err = http.Get(url); err != nil {
^
cli/command/idresolver/idresolver_test.go:7:2: dot-imports: should not use dot imports (revive)
. "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
^
cli/command/registry_test.go:7:2: dot-imports: should not use dot imports (revive)
. "github.com/docker/cli/cli/command" // Prevents a circular import with "github.com/docker/cli/internal/test"
^
cli/command/task/print_test.go:11:2: dot-imports: should not use dot imports (revive)
. "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
^
cli/command/swarm/update_test.go:10:2: dot-imports: should not use dot imports (revive)
. "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
^
cli/command/swarm/unlock_key_test.go:9:2: dot-imports: should not use dot imports (revive)
. "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
^
cli/command/swarm/join_token_test.go:9:2: dot-imports: should not use dot imports (revive)
. "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
^
cli/command/node/list_test.go:9:2: dot-imports: should not use dot imports (revive)
. "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
^
cli/command/node/promote_test.go:8:2: dot-imports: should not use dot imports (revive)
. "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
^
cli/command/node/demote_test.go:8:2: dot-imports: should not use dot imports (revive)
. "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package functions
^
cli/command/node/ps_test.go:11:2: dot-imports: should not use dot imports (revive)
. "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
^
cli/command/node/update_test.go:8:2: dot-imports: should not use dot imports (revive)
. "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
^
cli/command/node/inspect_test.go:9:2: dot-imports: should not use dot imports (revive)
. "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package functions
^
cli/command/secret/ls_test.go:11:2: dot-imports: should not use dot imports (revive)
. "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
^
cli/command/secret/inspect_test.go:11:2: dot-imports: should not use dot imports (revive)
. "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
^
cli/command/volume/inspect_test.go:9:2: dot-imports: should not use dot imports (revive)
. "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
^
cli/command/volume/list_test.go:9:2: dot-imports: should not use dot imports (revive)
. "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
^
cli/command/config/inspect_test.go:11:2: dot-imports: should not use dot imports (revive)
. "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
^
cli/command/config/ls_test.go:11:2: dot-imports: should not use dot imports (revive)
. "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
^
cli/command/network/list_test.go:9:2: dot-imports: should not use dot imports (revive)
. "github.com/docker/cli/internal/test/builders"
^
cli/command/container/list_test.go:10:2: dot-imports: should not use dot imports (revive)
. "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
^
cli/command/service/list_test.go:12:2: dot-imports: should not use dot imports (revive)
. "github.com/docker/cli/internal/test/builders"
^
cli/command/service/client_test.go:6:2: dot-imports: should not use dot imports (revive)
. "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
^
cli/command/stack/list_test.go:8:2: dot-imports: should not use dot imports (revive)
. "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
^
cli/command/stack/services_test.go:9:2: dot-imports: should not use dot imports (revive)
. "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
^
cli/command/stack/ps_test.go:10:2: dot-imports: should not use dot imports (revive)
. "github.com/docker/cli/internal/test/builders" // Import builders to get the builder function as package function
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The `docker swarm update` copmmand does not have a `--quiet` flag, but this
test was trying to set it.
docker swarm update --help
Usage: docker swarm update [OPTIONS]
Update the swarm
Options:
--autolock Change manager autolocking setting (true|false)
--cert-expiry duration Validity period for node certificates (ns|us|ms|s|m|h) (default 2160h0m0s)
--dispatcher-heartbeat duration Dispatcher heartbeat period (ns|us|ms|s|m|h) (default 5s)
--external-ca external-ca Specifications of one or more certificate signing endpoints
--max-snapshots uint Number of additional Raft snapshots to retain
--snapshot-interval uint Number of log entries between Raft snapshots (default 10000)
--task-history-limit int Task history retention limit (default 5)
The test didn't catch this issue, because errors when setting the flag were
not handled, so also adding error-handling;
=== Failed
=== FAIL: cli/command/swarm TestSwarmUpdate (0.00s)
update_test.go:177: assertion failed: error is not nil: no such flag -quiet
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
See `opts/mount_test.go:TestMountOptSetBindRecursive()` for the behavior.
Documentation will be added separately after reaching consensus on the
design.
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
The new advanced --network syntax introduced in docker/cli#1767 is
lacking support for `link-local-ip` and `mac-address` fields. This
commit adds both.
Signed-off-by: Albin Kerouanton <albinker@gmail.com>
Following flags are silently ignored when they're passed with no
`--network` specified (ie. when the default network is used):
- `--network-alias`
- `--ip`
- `--ip6`
- `--link-local-ip`
This is not really an issue right now since the first 3 parameters are
not allowed on the default bridge network. However, with
[moby/moby#45905][1], the container-wide MacAddress parameter will be
deprecated and dismissed. Because of that, with [docker/cli#4419][2],
it's currently not possible to use the `--mac-address` flag with no
default network specified.
Morever, `docker network connect --link-local-ip ...` works properly, so
it should also work on `docker container create`. This also lay the
ground for making the default bridge network just a "normal" network.
Since the 3 parameters in the list above aren't ignored anymore, if
users provide them, moby's ContainerStart endpoint will complain about
those. To provide better UX, [moby/moby#46183][3] make sure these
invalid parameters lead to a proper error message on `docker container
create` / `docker run`.
[1]: https://github.com/moby/moby/pull/45905
[2]: https://github.com/docker/cli/pull/4419
[3]: https://github.com/moby/moby/pull/46183
Signed-off-by: Albin Kerouanton <albinker@gmail.com>
Also make it slightly more clearer we're returning a default (empty)
policy if the input is empty.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This test was skipped if the host was not using UTC timezone, because the output
of timestamps would be different, causing the test to fail.
This patch overrides the TZ env-var to make the test use UTC, so that we don't
have to skip the test.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The BuildKit dockerignore package was migrated to the patternmatcher
repository / module. This patch updates our uses of the BuildKit package
with its new location.
A small local change was made to keep the format of the existing error message,
because the "ignorefile" package is slightly more agnostic in that respect
and doesn't include ".dockerignore" in the error message.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This attempts to make it clearer that the --cgroup-parent option is only used
for the containers used during build. Instead of mentioning "build container",
I opted for using "RUN instructions" (to match the --network description),
although this may not be ideal (as it assumes the "Dockerfile" front-end, which
of course may not be the case).
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
In previous versions of the Docker API, `system prune --volumes` and `volume prune`
would remove all dangling volumes. With API v1.42, this was changed so that only
anonymous volumes would be removed unless the all filter was specified.
Some of the docs were updated in #4218, however, there were a couple of places
left that didn't make the anonymous vs named volumes distinction clear.
This replaces #4079, which was bitrotted by #4218. See also #4028.
Closes#4079.
Signed-off-by: Ed Morley <501702+edmorley@users.noreply.github.com>
The IsAutomated field is being deprecated by Docker Hub's search API and
will always be "false" in future.
This patch:
- Deprecates the field and the related "is-automated" filter
- Removes the "AUTOMATED" column from the default output of "docker search"
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Both these functions took the whole DockerCLI as argument, but only needed
the ConfigFile. ResolveAuthConfig also had an unused context.Context as
argument.
This patch updates both functions to accept a ConfigFile, and removes the
unused context.Context.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
- use consts for fixed values, and rename some for clarity
- remove testAuthErrors map and inline the logic (same as we do for other cases)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
- TestSearchContext: don't use un-keyed structs
- TestSearchContext: don't use CompareMultipleValues as it was not needed
- TestSearchContextDescription: don't use un-keyed structs
- TestSearchContextDescription: don't use CompareMultipleValues as it was not needed
- TestSearchContextWrite: don't use un-keyed structs, and include the
code-comments into the test-table as names for the tests to give them
some context.
- TestSearchContextWriteJSON and TestSearchContextWriteJSONField were not
validating the output format, but validating if the JSON output could
be marshalled back to a struct. Let's just role them into TestSearchContextWrite.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
It's unused in the CLI itself, and does nothing other than
initializing a new, empty StartOptions struct.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The daemon collects this information regardless if "debug" is
enabled. Print the debugging information if either the daemon,
or the client has debug enabled.
We should probably improve this logic and print any of these if
set (but some special rules are needed for file-descriptors, which
may use "-1".
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
support for kubernetes contexts was deprecated in docker 20.10 through
b639ea8b89, 0793f96394,
and 1d37fb3027, and removed altoghether in
23.0 through 193ede9b12.
This patch removes the remaining stubs for options that were deprecated
and no longer used.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
More things to be done after this, to allow passing a custom user-agent,
but let's start with just using this utility.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
When passing a Dockerfile through stdin, it's not possible to specify the
name of the Dockerfile (using the `-f` option). When building with BuildKit
enabled, an error is already produced for this case, but the classic builder
silently ignored it.
This patch adds an error for this situation:
echo -e 'FROM busybox' | DOCKER_BUILDKIT=0 docker build -f some.Dockerfile -
DEPRECATED: The legacy builder is deprecated and will be removed in a future release.
BuildKit is currently disabled; enable it by removing the DOCKER_BUILDKIT=0
environment-variable.
unable to prepare context: ambiguous Dockerfile source: both stdin and flag correspond to Dockerfiles
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This error was only used in a single location, so no need to define a
package-level variable for this.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
commandconn: fix race on `Close()`
During normal operation, if a `Read()` or `Write()` call results
in an EOF, we call `onEOF()` to handle the terminating command,
and store it's exit value.
However, if a Read/Write call was blocked while `Close()` is called
the in/out pipes are immediately closed which causes an EOF to be
returned. Here, we shouldn't call `onEOF()`, since the reason why
we got an EOF is because we're already terminating the connection.
This also prevents a race between two calls to the commands `Wait()`,
in the `Close()` call and `onEOF()`
---
Add CLI init timeout to SSH connections
---
connhelper: add 30s ssh default dialer timeout
(same as non-ssh dialer)
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
This code was introduced in 15aa2a663b,
but from those changes, it appears that overwriting the config value was
merely out of convenience, and that struct being used as an intermediate.
While changing the config here should be mostly ephemeral, and not written
back to the config-file, let's be clear on intent, and not mutatte the config
as part of this code.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This function returned the whole response, but we already handled the
warnings included in the response as part of the function. All consumers
of this function only used the container-ID, so let's simplify and return
just that (it's a non-exported func, so we can change the signature again
if we really need it).
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Add a const for the name of the environment-variable we accept, so
that we can document its purpose in code.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
the "golang.org/x/sys/execabs" package was introduced to address a security
issue on Windows, and changing the default behavior of os/exec was considered
a breaking change. go1.19 applied the behavior that was previously implemented
in the execabs package;
from the release notes: https://go.dev/doc/go1.19#os-exec-path
> Command and LookPath no longer allow results from a PATH search to be found
> relative to the current directory. This removes a common source of security
> problems but may also break existing programs that depend on using, say,
> exec.Command("prog") to run a binary named prog (or, on Windows, prog.exe)
> in the current directory. See the os/exec package documentation for information
> about how best to update such programs.
>
> On Windows, Command and LookPath now respect the NoDefaultCurrentDirectoryInExePath
> environment variable, making it possible to disable the default implicit search
> of “.” in PATH lookups on Windows systems.
With those changes, we no longer need to use the execabs package, and we can
switch back to os/exec.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The AuFS storage driver was deprecated and has been removed, so let's
update the test-fixtures accordingly.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
None of the client will return the old error-types, so there's no need
to keep the compatibility code. We can consider deprecating this function
in favor of the errdefs equivalent this.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This function was deprecated in b87ed34351,
which is part of the v24.0 release, so we can remove it from master.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
These were deprecated in f08252c10a, which
is part of the v24.0 release, so we can remove these on master.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Adding some utilities to print the output, to keep the linters happier
without having to either suppress errors, or ignore them.
Perhaps we should consider adding utilities for this on the "command.Streams"
outputs.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The VirtualSize field is deprecated and the upcoming API version v1.44
will no longer propagate the field. See:
1261fe69a3,
Given that in docker 1.10 and up (API v1.22), the VirtualSize and Size
fields contain the same value, and the "df" endpoint was not supported
until API v1.25, we can "safely" use Size instead; see:
- 4ae7176ffb
- 4352da7803
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This makes it possible to update the image loaded for e2e tests without
modifying all tests that use them.
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
These were deprecated in eb0ba4f8d5, which
was part of docker 19.03, so users should have had a chance to migrate.
This removes InStream, OutStream, NewInStream and NewOutStream
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This fixes the cli erroring out if the variable is set to an empty
value.
```
$ export DOCKER_BUILDKIT=
$ docker version
DOCKER_BUILDKIT environment variable expects boolean value: strconv.ParseBool: parsing "": invalid syntax
```
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
For moby/moby PR 45025 (Docker v24, API v1.43).
`docker run --annotation foo=bar` is similar to `podman run --annotation foo=bar`,
however, unlike Podman, Docker implementation also accepts an annotation with an empty value.
(`docker run --annotation foo`)
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Set the client's API version that's used in the info, instead of requesting
it as part of printing.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Make this function only _print_ the info we have, and not read the username
from the credential-store.
This patch adds a Username field to the (local) `info` type, and sets it
when needed, so that prettyPrintServerInfo only has to format and print
the information, instead of calling out to the credential-store.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Starting with b4ca1c7368, docker login
no longer depends on info.IndexServerAddress to determine the default
registry.
The prettyPrintServerInfo() still depended on this information, which
could potentially show the wrong information.
This patch changes it to also depend on the same information as docker login
now does.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The IndexServerAddress field was as part of the initial Windows implementation
of the engine. For legal reasons, Microsoft Windows (and thus Docker images
based on Windows) were not allowed to be distributed through non-Microsoft
infrastructure. As a temporary solution, a dedicated "registry-win-tp3.docker.io"
registry was created to serve Windows images.
Currently, this field always shows "https://index.docker.io/v1/", which is
confusing, because that address is not used for the registry (only for
authentication and "v1" search).
docker info
...
Registry: https://index.docker.io/v1/
Starting with b4ca1c7368, this field is also
no longer used during authentication, and a3d56e7d06
removed the (deprecated) ElectAuthServer() which was previously used to
query it.
Given that there's currently no practical use for this information, and
it only adds "noise" (and confusion), this patch removes it from the default
output.
For now, the field is (still) available for those that want to use it;
docker info --format '{{.IndexServerAddress}}'
https://index.docker.io/v1/
But it won't be printed by default.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Deprecate this function in favor of the implementation in the API types,
considering that to be the canonical implementation.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This utility provides the same logic as was implemented here (and using it
aligns with the "docker pull" equivalent).
Also added a TODO to replace this function with the regular "docker pull"
code.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
replace the local code with RetrieveAuthTokenFromImage, which does exactly the same;
623356001f/cli/command/registry.go (L163-L188)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Replace uses of this function in favor of the implementation in the
API types, so that we have a single, canonical implementation.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
changes readInput() to trim whitespace. The existing code tried to be
conservative and only trimmed whitespace for username (not for password).
Passwords with leading/trailing whitespace would be _very_ unlikely, and
trimming whitespace is generally accepted.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
ConfigureAuth used the readInput() utility to read the username and password.
However, this utility did not return errors it encountered, but instead did
an os.Exit(1). A result of this was that the terminal was not restored if
an error happened. When reading the password, the terminal is configured to
disable echo (i.e. characters are not printed), and failing to restore
the previous state means that the terminal is now "non-functional".
This patch:
- changes readInput() to return errors it encounters
- uses a defer() to restore terminal state
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This function no longer uses the /info endpoint to resolve the registry
to use. The documentation for this function was still referring to
the (once used) special registry for Windows images, which is no longer
in use, so update the docs to reflect reality :)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This patch adds additional information to the Client section of the output.
We were already outputting versions of CLI Plugins, and the Server, but not
for the Client.
Adding this information can help with bug-reports where the reporter only
provided the `docker info` output, or (e.g.) only `docker --version`. The
platform name helps identify what kind of builds the user has installed
(e.g. docker's docker-ce packages have "Docker Engine - Community" set
for this), although we should consider including "packager" information
as a more formalized field for this information.
Before this patch:
$ docker info
Client:
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.10.4
Path: /usr/libexec/docker/cli-plugins/docker-buildx
...
With this patch applied:
$ docker info
Client: Docker Engine - Community
Version: 24.0.0-dev
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.10.4
Path: /usr/libexec/docker/cli-plugins/docker-buildx
...
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This allows the type to be used for situations where this information is
not present, or not to be printed.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The Platform field was defined with omitempty, but would always be shown
in the JSON output, because it was never nil.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
It's defined on a non-exported type, and was only used in a template.
Replacing for a basic "nil" check, which should do the same.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The --format=json option was added for all inspect commands, but was not
implemented for "docker version". This patch implements the missing option.
Before this patch:
docker version --format=json
json
With this patch:
docker version --format=json
{"Client":{"Platform":{"Name":""},"Version":"24.0.0-dev","ApiVersion":"..."}}
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The --format=json option was added for all inspect commands, but was not implemented
for "docker info". This patch implements the missing option.
Before this patch:
docker info --format=json
json
With this patch applied:
docker info --format=json
{"ID":"80c2f18a-2c88-4e4a-ba69-dca0eea59835","Containers":7,"ContainersRunning":"..."}
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Of both "--quiet" and "--format" are set, --quiet takes precedence. This
patch adds a warning to inform the user that their custom format is not
used:
docker ps --format='{{.Image}}'
ubuntu:22.04
alpine
docker ps --format='{{.Image}}' --quiet
WARNING: Ignoring custom format, because both --format and --quiet are set.
40111f61d5c5
482efdf39fac
The warning is printed on STDERR, so can be redirected:
docker ps --format='{{.Image}}' --quiet 2> /dev/null
40111f61d5c5
482efdf39fac
The warning is only shown if the format is set using the "--format" option.
No warning is shown if a custom format is set through the CLI configuration
file:
mkdir -p ~/.docker/
echo '{"psFormat": "{{.Image}}"}' > ~/.docker/config.json
docker ps
ubuntu:22.04
alpine
docker ps --quiet
40111f61d5c5
482efdf39fac
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Previously, the formatter would ignore the quiet option if a custom format
was passed; this situation was handled in runPs(), where custom formats
would only be applied if the quiet option was not set, but only if the
format was set in the CLI's config.
This patch updates NewContainerFormat() to do the same, even if a `--format`
was passed on the command-line.
This is a change in behavior, so may need some discussion; possible alternatives;
- produce an error if both `--format` and `--quiet` are passed
- print a warning if both are passed (but use the logic from this patch)
Before this patch:
```console
docker ps --format '{{.Image}}'
ubuntu:22.04
alpine
docker ps --format '{{.Image}}' --quiet
ubuntu:22.04
alpine
mkdir -p ~/.docker/
echo '{"psFormat": "{{.Image}}"}' > ~/.docker/config.json
docker ps
ubuntu:22.04
alpine
docker ps --quiet
ubuntu:22.04
alpine
```
With this patch applied:
```console
docker ps --format '{{.Image}}'
ubuntu:22.04
alpine
docker ps --format '{{.Image}}' --quiet
40111f61d5c5
482efdf39fac
mkdir -p ~/.docker/
echo '{"psFormat": "{{.Image}}"}' > ~/.docker/config.json
docker ps
ubuntu:22.04
alpine
docker ps --quiet
40111f61d5c5
482efdf39fac
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
- containerConfig collided with the containerConfig type
- warning collided with the warning const
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This was deprecated in 467e650d4c, which
is part of docker 23.0, so users should have had a chance to migrate.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
These were deprecated in 6c400a9c2009bba9376ad61ab59c04c1ad675871 (docker 19.03),
but the "Deprecated:" comments were missing a newline before them.
While most IDEs will detect such comments as "deprecated", pkg.go.dev and linters
will ignore them, which may result in users not being aware of them being deprecated.
This patch;
- Fixes the "Deprecated:" comments.
- Changes the var aliases to functions, which is slightly more boilerplating,
but makes sure the functions are documented as "function", instead of shown
in the "variables" section on pkg.go.dev.
- Adds some punctuation and adds "doc links", which allows readers to navigate
to related content on pkg.go.dev.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This moves all the terminal writing to a goroutine that updates the
terminal periodically.
In our MITM copier we just use an atomic to add to the total number of
bytes read/written, the goroutine reads the total and updates the
terminal as needed.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
cli/command/volume/prune_test.go:113:22: unused-parameter: parameter 'args' seems to be unused, consider removing or renaming it as _ (revive)
func simplePruneFunc(args filters.Args) (types.VolumesPruneReport, error) {
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
cli/command/service/update_test.go:507:41: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
func (s secretAPIClientMock) SecretList(ctx context.Context, options types.SecretListOptions) ([]swarm.Secret, error) {
^
cli/command/service/update_test.go:511:43: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
func (s secretAPIClientMock) SecretCreate(ctx context.Context, secret swarm.SecretSpec) (types.SecretCreateResponse, error) {
^
cli/command/service/update_test.go:515:43: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
func (s secretAPIClientMock) SecretRemove(ctx context.Context, id string) error {
^
cli/command/service/update_test.go:519:51: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
func (s secretAPIClientMock) SecretInspectWithRaw(ctx context.Context, name string) (swarm.Secret, []byte, error) {
^
cli/command/service/update_test.go:523:43: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
func (s secretAPIClientMock) SecretUpdate(ctx context.Context, id string, version swarm.Version, secret swarm.SecretSpec) error {
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
cli/command/plugin/client_test.go:23:35: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
func (c *fakeClient) PluginCreate(ctx context.Context, createContext io.Reader, createOptions types.PluginCreateOptions) error {
^
cli/command/plugin/client_test.go:30:35: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
func (c *fakeClient) PluginEnable(ctx context.Context, name string, enableOptions types.PluginEnableOptions) error {
^
cli/command/plugin/client_test.go:37:36: unused-parameter: parameter 'context' seems to be unused, consider removing or renaming it as _ (revive)
func (c *fakeClient) PluginDisable(context context.Context, name string, disableOptions types.PluginDisableOptions) error {
^
cli/command/plugin/client_test.go:44:35: unused-parameter: parameter 'context' seems to be unused, consider removing or renaming it as _ (revive)
func (c *fakeClient) PluginRemove(context context.Context, name string, removeOptions types.PluginRemoveOptions) error {
^
cli/command/plugin/client_test.go:51:36: unused-parameter: parameter 'context' seems to be unused, consider removing or renaming it as _ (revive)
func (c *fakeClient) PluginInstall(context context.Context, name string, installOptions types.PluginInstallOptions) (io.ReadCloser, error) {
^
cli/command/plugin/client_test.go:58:33: unused-parameter: parameter 'context' seems to be unused, consider removing or renaming it as _ (revive)
func (c *fakeClient) PluginList(context context.Context, filter filters.Args) (types.PluginsListResponse, error) {
^
cli/command/plugin/client_test.go:66:43: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
func (c *fakeClient) PluginInspectWithRaw(ctx context.Context, name string) (*types.Plugin, []byte, error) {
^
cli/command/plugin/client_test.go:74:27: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
func (c *fakeClient) Info(ctx context.Context) (types.Info, error) {
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
cli/command/image/build/context_test.go:21:19: unused-parameter: parameter 't' seems to be unused, consider removing or renaming it as _ (revive)
func prepareEmpty(t *testing.T) string {
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
I could either remove the name for these contexts, or make the fake functions
more accurately reflect the actual implementation (decided to go for the latter
one)
cli/command/secret/client_test.go:19:35: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
func (c *fakeClient) SecretCreate(ctx context.Context, spec swarm.SecretSpec) (types.SecretCreateResponse, error) {
^
cli/command/secret/client_test.go:26:43: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
func (c *fakeClient) SecretInspectWithRaw(ctx context.Context, id string) (swarm.Secret, []byte, error) {
^
cli/command/secret/client_test.go:33:33: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
func (c *fakeClient) SecretList(ctx context.Context, options types.SecretListOptions) ([]swarm.Secret, error) {
^
cli/command/secret/client_test.go:40:35: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
func (c *fakeClient) SecretRemove(ctx context.Context, name string) error {
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
I could either remove the name for these contexts, or make the fake functions
more accurately reflect the actual implementation (decided to go for the latter
one)
. cli/command/config/client_test.go:19:35: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
func (c *fakeClient) ConfigCreate(ctx context.Context, spec swarm.ConfigSpec) (types.ConfigCreateResponse, error) {
^
cli/command/config/client_test.go:26:43: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
func (c *fakeClient) ConfigInspectWithRaw(ctx context.Context, id string) (swarm.Config, []byte, error) {
^
cli/command/config/client_test.go:33:33: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
func (c *fakeClient) ConfigList(ctx context.Context, options types.ConfigListOptions) ([]swarm.Config, error) {
^
cli/command/config/client_test.go:40:35: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
func (c *fakeClient) ConfigRemove(ctx context.Context, name string) error {
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This function must match the interface, but doesn't use the firs argument.
cli/command/service/progress/progress.go:417:40: unused-parameter: parameter 'service' seems to be unused, consider removing or renaming it as _ (revive)
func (u *globalProgressUpdater) update(service swarm.Service, tasks []swarm.Task, activeNodes map[string]struct{}, rollback bool) (bool, error) {
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
These functions must have the same signature, but only some of them accept
an "all" boolean argument;
88924b1802/cli/command/system/prune.go (L79)
cli/command/container/prune.go:78:38: unused-parameter: parameter 'all' seems to be unused, consider removing or renaming it as _ (revive)
func RunPrune(dockerCli command.Cli, all bool, filter opts.FilterOpt) (uint64, string, error) {
^
cli/command/network/prune.go:73:38: unused-parameter: parameter 'all' seems to be unused, consider removing or renaming it as _ (revive)
func RunPrune(dockerCli command.Cli, all bool, filter opts.FilterOpt) (uint64, string, error) {
^
cli/command/volume/prune.go:78:38: unused-parameter: parameter 'all' seems to be unused, consider removing or renaming it as _ (revive)
func RunPrune(dockerCli command.Cli, all bool, filter opts.FilterOpt) (uint64, string, error) {
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
These wrappers were added to abstract stack deploy to k8s and swarm. Now
that support for deploying to k8s was removed, we can remove these wrappers.
This deprecates:
- RunDeploy()
- RunPs()
- RunRemove()
- GetServices()
This also addresses some linting failers, due to these functions having
unused arguments:
cli/command/stack/deploy.go:51:39: unused-parameter: parameter 'flags' seems to be unused, consider removing or renaming it as _ (revive)
func RunDeploy(dockerCli command.Cli, flags *pflag.FlagSet, config *composetypes.Config, opts options.Deploy) error {
^
cli/command/stack/ps.go:42:35: unused-parameter: parameter 'flags' seems to be unused, consider removing or renaming it as _ (revive)
func RunPs(dockerCli command.Cli, flags *pflag.FlagSet, opts options.PS) error {
^
cli/command/stack/remove.go:35:39: unused-parameter: parameter 'flags' seems to be unused, consider removing or renaming it as _ (revive)
func RunRemove(dockerCli command.Cli, flags *pflag.FlagSet, opts options.Remove) error {
^
cli/command/stack/list.go:37:14: unused-parameter: parameter 'cmd' seems to be unused, consider removing or renaming it as _ (revive)
func RunList(cmd *cobra.Command, dockerCli command.Cli, opts options.List) error {
^
cli/command/stack/services.go:56:41: unused-parameter: parameter 'flags' seems to be unused, consider removing or renaming it as _ (revive)
func GetServices(dockerCli command.Cli, flags *pflag.FlagSet, opts options.Services) ([]swarmtypes.Service, error) {
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
cli/command/container/run.go:176:3: redefines-builtin-id: redefinition of the built-in function close (revive)
close, err := attachContainer(ctx, dockerCli, &errCh, config, createResponse.ID)
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Only show progress updates after a time threshold has elapsed in order
to reduce the number of writes to the terminal.
This improves readability of the progress.
Also moves cursor show/hide into the progress printer to reduce chances
if messing up the user's terminal in case of cancellation.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
- Instead of rewriting the entire line every time only clear and write
the parts that changed.
- Hide the cursor while writing progress
Both these things make the progress updates significantly easier to
read.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
This fixes a case where a non-tty will have control characters + the log
line for every single read operation.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
This code depended on the registry Service interface, which has been removed,
so needed to be refactored. Digging further into the reason this code existed,
it looked like the Class=plugin was previously required on Docker Hub to handle
plugins, but this requirement is no longer there, so we can remove this special
handling.
This patch removes the special handling to both remove the use of the registry.Service
interface, as well as removing complexity that is no longer needed.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This function was deprecated in b4ca1c7368,
which is part of the v23.0 release, and is no longer used, so we can remove it.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The comment was not formatted correctly, and because of that not picked up as
being deprecated.
updates b4ca1c7368
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
These tests were deliberately producing errors as part of the test, but
printing those errors could be confusing / make it more difficult to find
actual test-failures.
Before this patch:
=== RUN TestVolumeCreateErrors
Error: conflicting options: either specify --name or provide positional arg, not both
Error: "create" requires at most 1 argument.
See 'create --help'.
Usage: create [OPTIONS] [VOLUME] [flags]
Create a volume
Error: error creating volume
--- PASS: TestVolumeCreateErrors (0.00s)
PASS
With this patch applied:
=== RUN TestVolumeCreateErrors
--- PASS: TestVolumeCreateErrors (0.00s)
PASS
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Make the error more specific by stating that it's caused by a specific
environment variable and not an environment as a whole.
Also don't escape the variable to make it more readable.
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
On Windows, ignore all variables that start with "=" when building an
environment variables map for stack.
For MS-DOS compatibility cmd.exe can set some special environment
variables that start with a "=" characters, which breaks the general
assumption that the first encountered "=" separates a variable name from
variable value and causes trouble when parsing.
These variables don't seem to be documented anywhere, but they are
described by some third-party sources and confirmed empirically on my
Windows installation.
Useful sources:
https://devblogs.microsoft.com/oldnewthing/20100506-00/?p=14133https://ss64.com/nt/syntax-variables.html
Known variables:
- `=ExitCode` stores the exit code returned by external command (in hex
format)
- `=ExitCodeAscii` - same as above, except the value is the ASCII
representation of the code (so exit code 65 (0x41) becomes 'A').
- `=::=::\` and friends - store drive specific working directory.
There is one env variable for each separate drive letter that was
accessed in the shell session and stores the working directory for that
specific drive.
The general format for these is:
`=<DRIVE_LETTER>:=<CWD>` (key=`=<DRIVE_LETTER>:`, value=`<CWD>`)
where <CWD> is a working directory for the drive that is assigned to
the letter <DRIVE_LETTER>
A couple of examples:
`=C:=C:\some\dir` (key: `=C:`, value: `C:\some\dir`)
`=D:=D:\some\other\dir` (key: `=C:`, value: `C:\some\dir`)
`=Z:=Z:\` (key: `=Z:`, value: `Z:\`)
`=::=::\` is the one that seems to be always set and I'm not exactly
sure what this one is for (what's drive `::`?). Others are set as
soon as you CD to a path on some drive. Considering that you start a
cmd.exe also has some working directory, there are 2 of these on start.
All these variables can be safely ignored because they can't be
deliberately set by the user, their meaning is only relevant to the
cmd.exe session and they're all are related to the MS-DOS/Batch feature
that are irrelevant for us.
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
Tests mocking the output of GET images/json with fakeClient used an
array with one empty element as an empty response.
Change it to just an empty array.
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
The error returned from "os/exec".Command when attempting to execute a
directory has been changed from syscall.EACCESS to syscall.EISDIR on
Go 1.20. 2b8f214094
Consequently, any runc runtime built against Go 1.20 will return an
error containing 'is a directory' and not 'permission denied'. Update
the string matching so the CLI exits with status code 126 on 'is a
directory' errors (EISDIR) in addition to 'permission denied' (EACCESS).
Signed-off-by: Cory Snider <csnider@mirantis.com>
This prevents us needing to attempt to reconstruct the exact indentation
registry side, which is not canonical - so may differ.
Signed-off-by: Justin Chadwell <me@jedevc.com>
This behavior should not break any more use cases than before.
Previously, if the mismatch occured, we would actually push a manifest
that we then never referred to in the manifest list! If this was done in
a new repository, the command would fail with an obscure error from the
registry - the content wouldn't exist with the descriptor we expect it
to.
Signed-off-by: Justin Chadwell <me@jedevc.com>
The DockerCLI interface was repeating the Streams interface. Embed
the interface to make it more transparent that they're the same.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Synchronize append on the `removed` slice with mutex because
containerRemoveFunc is called in parallel for each removed container by
`container rm` cli command.
Also reduced the shared access area by separating the scopes of test
cases.
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
This comment was added in 7929888214
when this code was still in the Moby repository. That comment doesn't appear
to apply to the CLI's usage of this struct though, as nothing in the CLI
sets this field (or uses it), so this should be safe to remove.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This allows the cli to be initialized with a (custom) API client.
Currently to be used for unit tests, but could be used for other
scenarios.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Make sure that the container has multiple port-mappings to illustrate
that only the given port is matched.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
- use strings.Cut
- don't use nat.NewPort as we don't accept port ranges
- use an early return if there's no results
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
if a context is set (e.g. through DOCKER_CONTEXT or the CLI config file), but
wasn't found, then a "stub" context is added, including an error message that
the context doesn't exist.
DOCKER_CONTEXT=nosuchcontext docker context ls
NAME DESCRIPTION DOCKER ENDPOINT ERROR
default Current DOCKER_HOST based configuration unix:///var/run/docker.sock
nosuchcontext * context "nosuchcontext": context not found: …
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This updates `docker context ls` to:
- not abort listing contexts when failing one (or more) contexts
- instead, adding an ERROR column to inform the user there was
an issue loading the context.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This allows commands that don't require a client connection (such as `context use`)
to be functional, but still produces an error when trying to run a command that
needs to connect with the API;
mkdir -p ~/.docker/ && echo '{"currentContext":"nosuchcontext"}' > ~/.docker/config.json
docker version
Failed to initialize: unable to resolve docker endpoint: load context "nosuchcontext": context does not exist: open /root/.docker/contexts/meta/8bfef2a74c7d06add4bf4c73b0af97d9f79c76fe151ae0e18b9d7e57104c149b/meta.json: no such file or directory
docker context use default
default
Current context is now "default"
docker version
Client:
Version: 22.06.0-dev
API version: 1.42
...
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The "docker context show" command is intended to show the currently configured
context. While the context that's configured may not be valid (e.g., in case
an environment variable was set to configure the context, or if the context
was removed from the filesystem), we should still be able to _show_ the
context.
This patch removes the context validation, and instead only shows the context.
This can help in cases where the context is used to (e.g.) set the command-
prompt, but the user removed the context. With this change, the context name
can still be shown, but commands that _require_ the context will still fail.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This internalizes constructing the Client(), which allows us to provide
fallbacks when trying to determin the current API version.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Also move the resolveContextName() function together with the
method for easier cross-referencing.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
There's no strict need to perform this validation inside this function;
validating flags should happen earlier, to allow faster detecting of
configuration issues (we may want to have a central config "validate"
function though).
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
resolveContextName() is used to find which context to use, based on the
available configuration options. Once resolved, the context name is
used to load the actual context, which will fail if the context doesn't
exist, so there's no need to produce an error at this stage; only
check priority of the configuration options to pick the context
with the highest priority.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
CommonOptions was inherited from when the cli and daemon were in the same
repository, and some options would be shared between them. That's no longer
the case, and some options are even "incorrect" (for example, while the
daemon can be configured to run on multiple hosts, the CLI can only connect
with a single host / connection). This patch does not (yet) address that,
but merges the CommonOptions into the ClientOptions.
An alias is created for the old type, although it doesn't appear there's
any external consumers using the CommonOptions type (or its constructor).
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
- Make the package-level configMergeTests local to the test itself.
- Rename fields to better describe intent
- Remove some redundant variables
- Reverse "expected" and "actual" fields for consistency
- Use assert.Check() to not fail early
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Looks like the linter uses an explicit -lang, which (for go1.19)
results in some additional formatting for octal values.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The package defined various special errors; these errors existed for two reasons;
- being able to distinguish "not found" errors from other errors (as "not found"
errors can be ignored in various cases).
- to be able to update the context _name_ in the error message after the error
was created. This was needed in cases where the name was not available at the
location where the error was produced (e.g. only the "id" was present), and
the helpers to detect "not found" errors did not support wrapped errors (so
wrapping the error with a "name" could break logic); a `setContextName` interface
and corresponding `patchErrContextName()` utility was created for this (which
was a "creative", but not very standard approach).
This patch:
- Removes the special error-types, replacing them with errdefs definitions (which
is a more common approach in our code-base to detect error types / classes).
- Removes the internal utilities for error-handling, and deprecates the exported
utilities (to allow external consumers to adjust their code).
- Some errors have been enriched with detailed information (which may be useful
for debugging / problem solving).
- Note that in some cases, `patchErrContextName()` was called, but the code
producing the error would never return a `setContextName` error, so would
never update the error message.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Before this change, running `docker context rm --force` would fail if the context
did not exist. This behavior was different from other commands, which allowed
ignoring non-existing objects.
For example; when trying to remove a non-existing volume, the command would
fail without "force":
```bash
docker volume rm nosuchvolume
Error: No such volume: nosuchvolume
echo $?
1
```
But using the `-f` / `--force` option would make the command complete successfully
(the error itself is still printed for informational purposes);
```bash
docker volume rm -f nosuchvolume
nosuchvolume
echo $?
0
```
With this patch, `docker context rm` behaves the same:
```bash
docker context rm nosuchcontext
context "nosuchcontext" does not exist
echo $?
1
```
```bash
docker context rm -f nosuchcontext
nosuchcontext
echo $?
0
```
This patch also simplifies how we check if the context exists; previously we
would try to read the context's metadata; this could fail if a context was
corrupted, or if an empty directory was present. This patch now only checks
if the directory exists, without first validating the context's data.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Also removing redundant defer for env.PatchAll(), which is now automatically
handled in t.Cleanup()
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
cli/command/container/opts.go:928:2: assigned to src, but reassigned without using the value (wastedassign)
src := ""
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
While fixing, also updated errors without placeholders to `errors.New()`, and
updated some code to use pkg/errors if it was already in use in the file.
cli/command/config/inspect.go:59:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/node/inspect.go:61:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/secret/inspect.go:57:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Cannot supply extra formatting options to the pretty template")
^
cli/command/trust/common.go:77:74: ST1005: error strings should not be capitalized (stylecheck)
return []trustTagRow{}, []client.RoleWithSignatures{}, []data.Role{}, fmt.Errorf("No signatures or cannot access %s", remote)
^
cli/command/trust/common.go:85:73: ST1005: error strings should not be capitalized (stylecheck)
return []trustTagRow{}, []client.RoleWithSignatures{}, []data.Role{}, fmt.Errorf("No signers for %s", remote)
^
cli/command/trust/sign.go:137:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("No tag specified for %s", imgRefAndAuth.Name())
^
cli/command/trust/sign.go:151:19: ST1005: error strings should not be capitalized (stylecheck)
return *target, fmt.Errorf("No tag specified")
^
cli/command/trust/signer_add.go:77:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Failed to add signer to: %s", strings.Join(errRepos, ", "))
^
cli/command/trust/signer_remove.go:52:10: ST1005: error strings should not be capitalized (stylecheck)
return fmt.Errorf("Error removing signer from: %s", strings.Join(errRepos, ", "))
^
cli/command/trust/signer_remove.go:67:17: ST1005: error strings should not be capitalized (stylecheck)
return false, fmt.Errorf("All signed tags are currently revoked, use docker trust sign to fix")
^
cli/command/trust/signer_remove.go:108:17: ST1005: error strings should not be capitalized (stylecheck)
return false, fmt.Errorf("No signer %s for repository %s", signerName, repoName)
^
opts/hosts.go:89:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", addr)
^
opts/hosts.go💯14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid proto, expected %s: %s", proto, addr)
^
opts/hosts.go:119:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid proto, expected tcp: %s", tryAddr)
^
opts/hosts.go:144:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", tryAddr)
^
opts/hosts.go:155:14: ST1005: error strings should not be capitalized (stylecheck)
return "", fmt.Errorf("Invalid bind address format: %s", tryAddr)
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>