Commit Graph

1039 Commits

Author SHA1 Message Date
Sebastiaan van Stijn ea64a1ceb9
cli/command/utils: SA1006: printf-style with no further arguments (staticcheck)
```
cli/command/utils.go:81:20: SA1006: printf-style function with dynamic format string and no further arguments should use print-style function instead (staticcheck)
	fmt.Fprintf(outs, message)
	                  ^
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-31 19:22:29 +01:00
Sebastiaan van Stijn f0614ca788
cli/command/trust: SA1006: printf-style with no further arguments (staticcheck)
```
cli/command/trust/key_generate.go:91:30: SA1006: printf-style function with dynamic format string and no further arguments should use print-style function instead (staticcheck)
		fmt.Fprintf(streams.Out(), err.Error())
		                           ^
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-31 19:22:28 +01:00
Sebastiaan van Stijn 0e4bd30cfe
cli/command/image/build: G107: Potential HTTP request made with variable url (gosec)
cli/command/image/build/context.go:235: G107: Potential HTTP request made with variable url (gosec)
    	if resp, err = http.Get(url); err != nil {

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-31 19:22:28 +01:00
Sebastiaan van Stijn 8d64c2af1a
cli/command/service: SA1012: do not pass a nil Context (staticcheck)
```
cli/command/service/update_test.go:31:16: SA1012: do not pass a nil Context, even if a function permits it; pass context.TODO if you are unsure about which Context to use (staticcheck)
	updateService(nil, nil, flags, spec)
	              ^
cli/command/service/update_test.go:535:16: SA1012: do not pass a nil Context, even if a function permits it; pass context.TODO if you are unsure about which Context to use (staticcheck)
	updateService(nil, nil, flags, spec)
	              ^
cli/command/service/update_test.go:540:16: SA1012: do not pass a nil Context, even if a function permits it; pass context.TODO if you are unsure about which Context to use (staticcheck)
	updateService(nil, nil, flags, spec)
	              ^
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-31 19:22:27 +01:00
Sebastiaan van Stijn 1850a0595b
cli/command/secret: G101: Potential hardcoded credentials (gosec)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-31 19:22:27 +01:00
Silvin Lubecki b83545ebbc
cli/command/image/build/context_test.go:244:38: `createTestTempDir` - `prefix` always receives `"builder-context-test"` (unparam)
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-10-31 19:22:25 +01:00
Silvin Lubecki 4be924a0af
cli/command/registry/login_test.go:66:25: unnecessary conversion (unconvert)
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-10-31 19:22:25 +01:00
Silvin Lubecki 6047259e5a
File is not `goimports`-ed (goimports)
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-10-31 19:22:24 +01:00
Silvin Lubecki 0153624a56
cli/command/trust/sign_test.go:119:70: unnecessary conversion (unconvert)
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-10-31 19:22:23 +01:00
Silvin Lubecki 47741f81d1
cli/command/system/info.go:116:68: prettyPrintClientInfo - result 0 (error) is always nil (unparam)
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-10-31 19:22:20 +01:00
Silvin Lubecki a3c7cb4f12
cli/command/stack/kubernetes/deploy_test.go:65:68: `checkOwnerReferences` - `stackName` always receives `"test"` (unparam)
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-10-31 19:22:19 +01:00
Silvin Lubecki ab1aeedb27
cli/command/plugin/list_test.go:61:31: `TestList$1` - `filter` is unused (unparam)
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-10-31 19:22:19 +01:00
Silvin Lubecki 75c60c1af7
cli/command/image/build_session.go:133:45: getBuildSharedKey - result 1 (error) is always nil (unparam)
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-10-31 19:22:18 +01:00
Silvin Lubecki 28ac2f82c6
cli/command/image/build_buildkit.go:450:56: parseSSH - result 1 (error) is always nil (unparam)
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-10-31 19:22:18 +01:00
Silvin Lubecki 0ce2eae5a2
cli/command/image/build/context_test.go:252:71: `createTestTempFile` - `perm` always receives `0777` (`511`) (unparam)
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-10-31 19:22:17 +01:00
Silvin Lubecki 70bd64d037
cli/command/image/build/context_test.go:244:38: `createTestTempDir` - `dir` always receives `""` (unparam)
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-10-31 19:22:17 +01:00
Silvin Lubecki e1c0c7979e
unchecked errors
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-10-31 19:22:16 +01:00
Silvin Lubecki 584da37756
cli/command/container/attach.go:141:15: nilness: impossible condition: nil != nil (govet)
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-10-31 19:22:16 +01:00
Silvin Lubecki 9afeb6f432
cli/command/container/start.go:157:20: nilness: nil dereference in type assertion (govet)
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-10-31 19:22:13 +01:00
Silvin Lubecki 85cfd4e518
cli/command/stack/kubernetes/list.go:32:47: nilness: tautological condition: non-nil != nil (govet)
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-10-31 19:22:13 +01:00
Silvin Lubecki f5e8387067
cli/command/trust/key_generate.go:112:9: nilness: impossible condition: nil != nil (govet)
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-10-31 19:22:12 +01:00
Silvin Lubecki 3a428202bf
SA1019: httputil.ErrPersistEOF is deprecated: No longer used. (staticcheck)
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-10-31 19:22:12 +01:00
Silvin Lubecki 7da9360477
cli/command/container/stats.go:211:21: SA1015: using time.Tick leaks the underlying ticker, consider using it only in endless functions, tests and the main package, and use time.NewTicker here (staticcheck)
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-10-31 19:22:11 +01:00
Silvin Lubecki 8018a850cb
cli/command/trust/inspect_pretty_test.go:399:24: SA4010: this result of append is never used, except maybe in other appends (staticcheck)
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-10-31 19:22:10 +01:00
Sebastiaan van Stijn 2d0c10d77a
kubernetes/conversion_test: use test-builders package
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-31 16:10:22 +01:00
Samuel Cochran 758d12e651
unused-for is a deprecated synonym
See 9e7d5ac5ea/builder/builder-next/builder.go (L574)

Signed-off-by: Samuel Cochran <sj26@sj26.com>
2019-10-30 14:52:14 +11:00
Jonatas Baldin 56729bc0a4 Return empty string if image createdAt is zero
Signed-off-by: Jonatas Baldin <jonatas.baldin@gmail.com>
2019-10-29 17:15:28 -03:00
Djordje Lukic 568ea3a329
Refactor the `stack services` command to be uniform
Running `docker stack services <STACK> --orchestrator swarm would yield
the message "Noting found in stack: asdf" with an exit code 0. The same
command with kubernetes orchestrator would yield "nothing found in
stack: adsf" (note the lower-case "nothing") and a non-zero exit code.
This change makes the `stack services` command uniform for both
orchestrators. The logic of getting and printing services is split to
reuse the same formatting code.

Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-29 15:58:10 +01:00
Sebastiaan van Stijn 20424e2f51
Add test for ServiceStatus
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-29 15:49:35 +01:00
Sebastiaan van Stijn 7405ac5c2d
Services: use ServiceStatus on API v1.41 and up
API v1.41 adds a new option to get the number of desired
and running tasks when listing services. This patch enables
this functionality, and provides a fallback mechanism when
the ServiceStatus is not available, which would be when
using an older API version.

Now that the swarm.Service struct captures this information,
the `ListInfo` type is no longer needed, so it is removed,
and the related list- and formatting functions have been
modified accordingly.

To reduce repetition, sorting the services has been moved
to the formatter. This is a slight change in behavior, but
all calls to the formatter performed this sort first, so
the change will not lead to user-facing changes.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-29 15:49:28 +01:00
Sebastiaan van Stijn 228e0f5e76
TestStackServicesErrors: use sub-tests, and return tasks
This also sets the services to have a Mode set, otherwise
they would be invalid.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-29 15:47:52 +01:00
Sebastiaan van Stijn 962015b057
internal/builders: add GlobalService, ServiceStatus, NodeList()
This patch:

- Adds new GlobalService and ServiceStatus options
- Makes the NodeList() function functional
- Minor improvment to the `newService()` function to allow passing options

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-29 15:47:49 +01:00
Sebastiaan van Stijn 54411e5a92
cli/command/container: Using a reference for the variable on range scope `n` (scopelint)
```
cli/command/container/opts.go:700:37: Using a reference for the variable on range scope `n` (scopelint)
			if err := applyContainerOptions(&n, copts); err != nil {
			                                 ^
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-29 14:59:16 +01:00
Sebastiaan van Stijn 648199b321
cli/command/service: Using a reference for the variable on range scope `entry` (scopelint)
```
cli/command/service/update.go:1007:43: Using a reference for the variable on range scope `entry` (scopelint)
		if _, ok := portSet[portConfigToString(&entry)]; !ok {
		                                        ^
cli/command/service/update.go:1008:32: Using a reference for the variable on range scope `entry` (scopelint)
			portSet[portConfigToString(&entry)] = entry
			                            ^
cli/command/service/update.go:1034:44: Using a reference for the variable on range scope `port` (scopelint)
			if _, ok := portSet[portConfigToString(&port)]; ok {
			                                        ^
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-29 14:59:12 +01:00
Sebastiaan van Stijn 2eb5cdba46
Merge pull request #2087 from shahzzzam/sam/fix-print
fix formatting issue of encoded url
2019-10-29 12:28:09 +01:00
Derskeal 167b3906fe Update flag doc
Signed-off-by: Derskeal <27731088+derskeal@users.noreply.github.com>
2019-10-29 12:01:30 +01:00
Sebastiaan van Stijn 79aa6cce19
TestFormatInfo: add extra test-case
This case was in a test in the engine repository, where
it is being removed, so add it to the list of existing
tests here.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-18 23:40:02 +02:00
Tibor Vass 5d85cdacd2
Merge pull request #2123 from thaJeztah/hide_unsupported_buildkit_flags
Annotate flags that are not supported by Buildkit
2019-10-10 21:54:15 -07:00
Silvin Lubecki 3e07fa728a
Merge pull request #2110 from tiborvass/update-vendor
vendor: align with engine at b6684a403c99aaf6be5b8ce0bef3c6650fcdcd12
2019-10-07 21:37:19 +02:00
Sebastiaan van Stijn 7eecbb96af
Annotate flags that are not supported by Buildkit
Before this patch:

```

Usage:	docker build [OPTIONS] PATH | URL | -

Build an image from a Dockerfile

Options:
      --add-host list           Add a custom host-to-IP mapping (host:ip)
      --build-arg list          Set build-time variables
      --cache-from strings      Images to consider as cache sources
      --cgroup-parent string    Optional parent cgroup for the container
      --cpu-period int          Limit the CPU CFS (Completely Fair Scheduler) period
      --cpu-quota int           Limit the CPU CFS (Completely Fair Scheduler) quota
  -c, --cpu-shares int          CPU shares (relative weight)
      --cpuset-cpus string      CPUs in which to allow execution (0-3, 0,1)
      --cpuset-mems string      MEMs in which to allow execution (0-3, 0,1)
      --disable-content-trust   Skip image verification (default true)
  -f, --file string             Name of the Dockerfile (Default is 'PATH/Dockerfile')
      --force-rm                Always remove intermediate containers
      --iidfile string          Write the image ID to the file
      --isolation string        Container isolation technology
      --label list              Set metadata for an image
  -m, --memory bytes            Memory limit
      --memory-swap bytes       Swap limit equal to memory plus swap: '-1' to enable unlimited swap
      --network string          Set the networking mode for the RUN instructions during build (default "default")
      --no-cache                Do not use cache when building the image
  -o, --output stringArray      Output destination (format: type=local,dest=path)
      --platform string         Set platform if server is multi-platform capable
      --progress string         Set type of progress output (auto, plain, tty). Use plain to show container output (default "auto")
      --pull                    Always attempt to pull a newer version of the image
  -q, --quiet                   Suppress the build output and print image ID on success
      --rm                      Remove intermediate containers after a successful build (default true)
      --secret stringArray      Secret file to expose to the build (only if BuildKit enabled): id=mysecret,src=/local/secret
      --security-opt strings    Security options
      --shm-size bytes          Size of /dev/shm
      --squash                  Squash newly built layers into a single new layer
      --ssh stringArray         SSH agent socket or keys to expose to the build (only if BuildKit enabled) (format: default|<id>[=<socket>|<key>[,<key>]])
  -t, --tag list                Name and optionally a tag in the 'name:tag' format
      --target string           Set the target build stage to build.
      --ulimit ulimit           Ulimit options (default [])
```

With this patch applied:

```
DOCKER_BUILDKIT=1 docker build --help

Usage:	docker build [OPTIONS] PATH | URL | -

Build an image from a Dockerfile

Options:
      --add-host list           Add a custom host-to-IP mapping (host:ip)
      --build-arg list          Set build-time variables
      --cache-from strings      Images to consider as cache sources
      --disable-content-trust   Skip image verification (default true)
  -f, --file string             Name of the Dockerfile (Default is 'PATH/Dockerfile')
      --iidfile string          Write the image ID to the file
      --isolation string        Container isolation technology
      --label list              Set metadata for an image
      --network string          Set the networking mode for the RUN instructions during build (default "default")
      --no-cache                Do not use cache when building the image
  -o, --output stringArray      Output destination (format: type=local,dest=path)
      --platform string         Set platform if server is multi-platform capable
      --progress string         Set type of progress output (auto, plain, tty). Use plain to show container output (default "auto")
      --pull                    Always attempt to pull a newer version of the image
  -q, --quiet                   Suppress the build output and print image ID on success
      --secret stringArray      Secret file to expose to the build (only if BuildKit enabled): id=mysecret,src=/local/secret
      --squash                  Squash newly built layers into a single new layer
      --ssh stringArray         SSH agent socket or keys to expose to the build (only if BuildKit enabled) (format: default|<id>[=<socket>|<key>[,<key>]])
  -t, --tag list                Name and optionally a tag in the 'name:tag' format
      --target string           Set the target build stage to build.
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-04 15:55:04 +02:00
Tibor Vass 38c02a9280 vendor: align with engine at b6684a403c99aaf6be5b8ce0bef3c6650fcdcd12
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-10-02 01:47:08 +00:00
Tibor Vass c3990f3ba6 build: remove --stream
--stream was always experimental and this patch removes the functionality.

Users should enable BuildKit with DOCKER_BUILDKIT=1

Signed-off-by: Tibor Vass <tibor@docker.com>
2019-10-01 18:30:46 +00:00
Sam ee76ac8f93 fix formatting issue of encoded urlSigned-off-by: Sam <samashah@microsoft.com> 2019-09-25 22:58:04 +00:00
Tibor Vass 0df5d6427e vendor: update buildkit to 10cef0c and fsutil 7f9f923
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-09-24 00:11:38 +00:00
Carlos de Paula 41aa20b6b5 Add riscv64 to manifest annotation and bash completion
Signed-off-by: Carlos de Paula <me@carlosedp.com>
2019-09-10 13:00:23 -03:00
Silvin Lubecki 7aa764bba9
Merge pull request #2028 from pszczekutowicz/master
Sort list of services from swarm stacks using natural sorting
2019-09-05 11:47:58 +02:00
Paweł Szczekutowicz 34447852b5 Sort services from stack from swarm
Signed-off-by: Paweł Szczekutowicz <pszczekutowicz@gmail.com>
2019-09-02 21:19:10 +02:00
knqyf263 7634872a39 fix(pull_test): for quiet option
Signed-off-by: Teppei Fukuda <knqyf263@gmail.com>
2019-08-27 18:23:24 +09:00
Nicolas De Loof e25e077a20
restore support for env variables to configure proxy
regression introduced by b34f34
close #39654

Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
2019-08-22 16:39:21 +02:00
Sebastiaan van Stijn 1fdbd6181e
docker ps: add State field to formatting
The State field allows printing the container state without
additional information about uptime, healthcheck, etc.

With this patch, the container's state can be printed independently:

```bash
docker ps -a --format '{{.State}}'
running
paused
exited
created
```

```bash
docker ps -a --format 'table {{.Names}}\t{{.State}}\t{{.Status}}'
NAMES                     STATE               STATUS
elastic_burnell           running             Up About a minute
pausie                    paused              Up 5 minutes (Paused)
peaceful_stonebraker      exited              Exited (0) 10 hours ago
vigilant_shaw             created             Created
```

```bash
docker ps -a --format 'raw'

container_id: 0445f73f3a71
image: docker-cli-dev
command: "ash"
created_at: 2019-07-12 11:16:11 +0000 UTC
state: running
status: Up 2 minutes
names: elastic_burnell
labels:
ports:

container_id: 1aff69a3912c
image: nginx:alpine
command: "nginx -g 'daemon of ..."
created_at: 2019-07-12 11:12:10 +0000 UTC
state: paused
status: Up 6 minutes (Paused)
names: pausie
labels: maintainer=NGINX Docker Maintainers <docker-maint@nginx.com>
ports: 80/tcp

container_id: d48acf66c318
image: alpine:3.9.3
command: "id -u"
created_at: 2019-07-12 00:52:17 +0000 UTC
state: exited
status: Exited (0) 10 hours ago
names: peaceful_stonebraker
labels:
ports:

container_id: a0733fe0dace
image: b7b28af77ffe
command: "/bin/sh -c '#(nop) ..."
created_at: 2019-07-12 00:51:29 +0000 UTC
state: created
status: Created
names: vigilant_shaw
labels:
ports:
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-07-12 13:31:16 +02:00
Vincent Demeester c9db0fe938
Merge pull request #1968 from thaJeztah/skip_windows_permissions_check
Windows: skip permissions check on key
2019-07-05 10:16:21 +02:00
Sebastiaan van Stijn ee29504923
Do not disable sig-proxy when using a TTY
This partially reverts e0b59ab52b,
and does not automatically disable proxying signals in TTY-mode

Before this change:
------------------------------------

Start a container with a TTY in one shell:

```
docker run -it --init --name repro-28872 busybox sleep 30
```

then, in another shell, kill the docker cli:

```
kill `pgrep -f repro-28872`
```

Notice that the CLI was killed, but the signal not forwarded to the container;
the container continues running

```
docker container inspect --format '{{ .State.Status }}' repro-28872
running

docker container rm -f repro-28872
```

After this change:
------------------------------------

Start a container with a TTY in one shell:

```
docker run -it --init --name repro-28872 busybox sleep 30
```

then, in another shell, kill the docker cli:

```
kill `pgrep -f repro-28872`
```

Verify that the signal was forwarded to the container, and the container exited

```
docker container inspect --format '{{ .State.Status }}' repro-28872
exited

docker container rm -f repro-28872
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-06-25 16:29:21 +02:00
Sebastiaan van Stijn 15d361fd77
Windows: skip permissions check on key
This code was attempting to check Linux file permissions
to determine if the key was accessible by other users, which
doesn't work, and therefore prevented users on Windows
to load keys.

Skipping this check on Windows (correspinding tests
were already skipped).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-06-25 00:12:01 +02:00
Sebastiaan van Stijn 4d7e6bf629
Fix advanced options for backward compatibility
For backward compatibility: if no custom options are provided for the network,
and only a single network is specified, omit the endpoint-configuration
on the client (the daemon will still create it when creating the container)

This fixes an issue on older versions of legacy Swarm, which did not support
`NetworkingConfig.EndpointConfig`.

This was introduced in 5bc09639cc (#1767)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-06-24 23:17:25 +02:00
Goksu Toprak 291e86289b Introduce .zip import for docker context
Adds capabilities to import a .zip file with importZip.
Detects the content type of source by checking bytes & DetectContentType.
Adds LimitedReader reader, a fork of io.LimitedReader,
was needed for better error messaging instead of just getting back EOF.
We are using limited reader to avoid very big files causing memory issues.
Adds a new file size limit for context imports,
this limit is used for the main file for .zip & .tar and individual compressed
files for .zip.
Added TestImportZip that will check the import content type
Then will assert no err on Importing .zip file

Signed-off-by: Goksu Toprak <goksu.toprak@docker.com>
2019-05-29 12:58:45 -07:00
Ian Campbell c455193d14 Push check for kubernetes requirement down into the endpoint
This is less of a layering violation and removes some ugly hardcoded
`"kubernetes"` strings which were needed to avoid an import loop.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-20 13:28:11 +01:00
Ian Campbell 520be05c49 Dynamically register kubernetes context store endpoint type.
This removes the need for the core context code to import
`github.com/docker/cli/cli/context/kubernetes` which in turn reduces the
transitive import tree in this file to not pull in all of Kubernetes.

Note that this means that any calling code which is interested in the
kubernetes endpoint must import `github.com/docker/cli/cli/context/kubernetes`
itself somewhere in order to trigger the dynamic registration. In practice
anything which is interested in Kubernetes must import that package (e.g.
`./cli/command/context.list` does for the `EndpointFromContext` function) to do
anything useful, so this restriction is not too onerous.

As a special case a small amount of Kubernetes related logic remains in
`ResolveDefaultContext` to handle error handling when the stack orchestrator
includes Kubernetes. In order to avoid a circular import loop this hardcodes
the kube endpoint name.

Similarly to avoid an import loop the existing `TestDefaultContextInitializer`
cannot continue to unit test for the Kubernetes case, so that aspect of the
test is carved off into a very similar test in the kubernetes context package.

Lastly, note that the kubernetes endpoint is now modifiable via
`WithContextEndpointType`.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-20 13:28:11 +01:00
Ian Campbell f820766f6a Export `DefaultContextStoreConfig()` and `ResolveDefaultContext()`
These are needed by any dynamically registered (via
`RegisterDefaultStoreEndpoints`) endpoint type to write a useful/sensible unit
test.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-20 13:28:11 +01:00
Ian Campbell 1433e27420 Allow dynamically registered context endpoint to provide their defaults.
Previously an endpoint registered using `RegisterDefaultStoreEndpoints` would
not be taken into consideration by `resolveDefaultContext` and so could not
provide any details.

Resolve this by passing a `store.Config` to `resolveDefaultContext` and using
it to iterate over all registered endpoints. Any endpoint can ensure that their
type implements the new `EndpointDefaultResolver` in order to provide a default.

The Docker and Kubernetes endpoints are special cased, shortly the Kubernetes
one will be refactored to be dynamically registered.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-20 13:28:11 +01:00
Ian Campbell 087c3f7d08 Support dynamic registration of context store endpoint types
This is a yet unused and the default set remains the same, no expected
functional change.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-20 13:28:11 +01:00
Ian Campbell d84e278aac fix a few typos
Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-20 13:28:11 +01:00
Ian Campbell 8635abd662 Use underlying `NewKubernetesConfig` directly from compose-on-kubernetes.
The comment on `github.com/docker/cli/kubernetes.NewKubernetesConfig` said:

    // Deprecated: Use github.com/docker/compose-on-kubernetes/api.NewKubernetesConfig instead

By making this switch in `github.com/docker/cli/context/kubernetes/load.go` we
break a vendoring chain:

`github.com/docker/cli/cli/command`
→ `vendor/github.com/docker/cli/cli/context/kubernetes/load.go`
  → `vendor/github.com/docker/cli/kubernetes`
     → `github.com/docker/compose-on-kubernetes/api/compose/...`

This means that projects which just want `github.com/docker/cli/cli/command`
(which is itself pulled in transitively by
`github.com/docker/cli/cli-plugins/plugin`) which do not themselves need the
compose-on-kubernetes API avoid a huge pile of transitive dependencies.

On one of my private projects the diff on the vendor dir is:

    280 files changed, 21 insertions(+), 211346 deletions(-)

and includes dropping:

* `github.com/docker/compose-on-kubernetes/api/compose/{clone,impersonation}`
* `github.com/docker/compose-on-kubernetes/api/compose/{v1alpha3,v1beta1,v1beta2,v1beta3}`
* `github.com/google/btree`
* `github.com/googleapis/gnostic`
* `github.com/gregjones/httpcache`
* `github.com/peterbourgon/diskv`
* `k8s.io/api/*` (_lots_ of subpackages)
* `k8s.io/client-go/{discovery,kubernetes/scheme}`

and I've gone from:

    $ du -sh vendor/k8s.io/
    8.1M	vendor/k8s.io/

to:

    $ du -sh vendor/k8s.io/
    2.1M	vendor/k8s.io/

(overall I went from 36M → 29M of vendor dir for this particular project)

The change to `cli/command/system/version.go` is just for consistency and
allows us to drop the now unused alias.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-14 15:43:15 +01:00
Ian Campbell 1e5129f027 rename package import kubcontext → kubecontext
The (small number) of other places which name this import use `kubecontext`,
make it consistent.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-14 13:46:40 +01:00
Tibor Vass 529ef6e89a vendor buildkit to f238f1e
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-05-14 01:29:18 +00:00
Ian Campbell ff44305c47 context: produce consistent output on `context create`.
Refactor `RunCreate` slightly so that all three paths always produce the same
output, namely the name of the new context of `stdout` (for scripting) and the
success log message on `stderr`.

Validate by extending the existing unit tests to always check the output is as
expected.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-05-13 16:42:03 +01:00
Tibor Vass daca70d820 build: add --platform local
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-05-07 22:25:40 +00:00
Tibor Vass 8adcedd658 build: honor BUILDKIT_PROGRESS env config
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-05-07 22:16:01 +00:00
Zander Mackie 483c53ad9d Use single table for all ContainerImagePullPolicy tests
- Cleans up assertions
 - Centralizes and simplifies handler functions

Signed-off-by: Zander Mackie <zmackie@gmail.com>
2019-05-06 14:16:26 -07:00
Zander Mackie ffba7659cc Improve testing of never pull and always pull scenarios
Signed-off-by: Zander Mackie <zmackie@gmail.com>
2019-05-06 14:16:26 -07:00
Zander Mackie ec56136d61 Use closure for common pulling and tagging bevior in container creation
Signed-off-by: Zander Mackie <zmackie@gmail.com>
2019-05-06 14:16:26 -07:00
Zander Mackie 965664d89b Improve flow pull behavior before container creation.
- Also improve test coverage

Signed-off-by: Zander Mackie <zmackie@gmail.com>
2019-05-06 14:16:26 -07:00
Ravi Shekhar Jethani a06b5db594 Update cli/command/container/create.go
Co-Authored-By: Zanadar <zmackie@gmail.com>
Signed-off-by: Zander Mackie <zmackie@gmail.com>
2019-05-06 14:16:26 -07:00
Zander Mackie 22cd418967 Adds flag modifying pull behavior for running and creating containers
- Follows the proposal on issue [#34394](https://github.com/moby/moby/issues/34394)
 - Maintains current behavior as default (Pull image if missing)
 - Adds tristate flag allowing modification (PullMissing, PullAlways, PullNever)

Signed-off-by: Zander Mackie <zmackie@gmail.com>
2019-05-06 14:16:26 -07:00
Tõnis Tiigi 70f48f2231
Merge pull request #1840 from tiborvass/cli-plugin-aliases
cli-plugins: alias an existing allowed command (only builder for now)
2019-04-23 19:13:51 -07:00
Tibor Vass 1ed02c40fe cli-plugins: alias an existing allowed command (only builder for now)
With this patch it is possible to alias an existing allowed command.
At the moment only builder allows an alias.

This also properly puts the build command under builder, instead of image
where it was for historical reasons.

Signed-off-by: Tibor Vass <tibor@docker.com>
2019-04-19 01:26:45 +00:00
Sebastiaan van Stijn d365225c32
Merge pull request #1838 from simonferquel/remove-context-in-function-names
Remove "context" from context store interfaces function names
2019-04-18 18:38:01 +02:00
Sebastiaan van Stijn 04751fd58e
Merge pull request #1830 from thaJeztah/use_google_shlex
Switch to google/shlex
2019-04-18 17:53:37 +02:00
Simon Ferquel a3efd5d195 Cleanup context store interfaces
This remove the term "context" from context store interfaces, to make
them more concise

Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>
2019-04-18 15:49:36 +02:00
Sebastiaan van Stijn 84b3805feb
Merge pull request #1836 from simonferquel/context-export-source
Split the context store interface
2019-04-18 15:36:13 +02:00
Simon Ferquel 225c9b189a Split the context store interface
This is to make it easier to implement support for exporting contexts in
3rd party code, or to create mocks in tests.

2 exemples where it simplify things:
- docker-app desktop-specific context decorator (which rewrites parts of
the docker context to simplify UX when using on Docker Desktop contexts)
- ucp for including a context in the connection bundle

Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>
2019-04-18 15:03:46 +02:00
Tibor Vass 2432af701a
Merge pull request #1808 from martencassel/securityopt-systempaths-unconfined
add cli integration for unconfined systempaths
2019-04-16 11:48:43 -07:00
Sebastiaan van Stijn 49bd6b729d
Merge pull request #1835 from dhiltgen/refined_login_warning
Refine warning for storing registry passwords
2019-04-16 10:36:24 +02:00
Daniel Hiltgen 5b3f171482 Add unit test coverage for token auth
Signed-off-by: Daniel Hiltgen <daniel.hiltgen@docker.com>
2019-04-15 16:13:55 -07:00
Sebastiaan van Stijn d043ab5993
Merge pull request #1823 from simonferquel/refactor-kubernetes-extras
Regroup all kubernetes extra-fields under x-kubernetes
2019-04-14 22:59:41 +02:00
Daniel Hiltgen 80d2496f99 Refine warning for storing registry passwords
This change refines the warning message returned during docker login to
only warn for unencrypted storage when the users password is being stored.
If the remote registry supports identity tokens, omit the warning,
since those tokens can be independently managed and revoked.

Signed-off-by: Daniel Hiltgen <daniel.hiltgen@docker.com>
2019-04-14 08:33:53 -07:00
Sebastiaan van Stijn acb24f5164
Switch to google/shlex
The github.com/flynn-archive/go-shlex package is a fork of Google/shlex,
and the repository is now archived, so let's switch to the maintained
version.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-04-13 17:51:15 +02:00
Drew Erny 42ec51e1ae add support for config credentialspecs to compose
Signed-off-by: Drew Erny <drew.erny@docker.com>
2019-04-12 11:17:34 -05:00
Drew Erny 4cacd1304a Add CredentialSpec tests
Adds tests for setting and updating swarm service CredentialSpecs,
especially when using a Config as a credential spec.

Signed-off-by: Drew Erny <drew.erny@docker.com>
2019-04-12 11:17:34 -05:00
Drew Erny 01f4f2e80a Update CredentialSpec code to allow using configs
Updates the CredentialSpec handling code for services to allow using
swarm Configs.

Additionally, fixes a bug where the `--credential-spec` flag would not
be respected on service updates.

Signed-off-by: Drew Erny <drew.erny@docker.com>
2019-04-12 11:17:33 -05:00
Sebastiaan van Stijn 6511da877f Add support for using Configs as CredentialSpecs in services
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-04-12 11:17:29 -05:00
Simon Ferquel e0f20fd86a Regroup all kubernetes extra-fields under x-kubernetes
This regroup all Kubernetes extra fields for compose-on-kubernetes
v1alpha3 in a single x-kubernetes object.
Also use the same naming scheme as cap_add etc. for fiels inside this
object.

Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>
2019-04-12 15:46:11 +02:00
Sebastiaan van Stijn 409c590fcf
Merge pull request #1815 from simonferquel/expose-to-internal-ports
Support internal Load Balancing for Kubernetes stacks
2019-04-12 14:02:15 +02:00
Simon Ferquel cad20c759f Support internal Load Balancing for Kubernetes stacks
On the server v0.4.21 has introduced a better way of dealing with
intra-stack networking: if the user can specify a list of endpoints
exposed internally, we now can setup a ClusterIP for this to avoid the
pitfalls of DNS-based load balancing.
This exposes the feature using the "Expose" compose field, and adds an
extra x-internal-service-type field to explicitly define how intra-stack
networking is handled on a service.

Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>
2019-04-12 11:43:30 +02:00
Simon Ferquel 1cefe057cd Add warnings when DOCKER_HOST conflicts with contexts
For clarity, on `docker context use` or `docker context ls`, this adds a
warning if the DOCKER_HOST variable is set because it overrides the
active context.

Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>
2019-04-10 10:14:47 +02:00
Sebastiaan van Stijn d6af3e143e
Merge pull request #1773 from zappy-shu/create-context-from-current
add --from flag to context create
2019-04-09 16:38:46 +02:00
Mårten Cassel 5bc9f490a9 add cli integration for unconfined systempaths with unit test, implement suggested changes
Signed-off-by: Mårten Cassel <marten.cassel@gmail.com>
2019-04-05 15:46:15 +02:00
Tibor Vass 45ec86b10f vendor github.com/docker/docker to bcaa613d823
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-04-03 20:57:18 +00:00
Sebastiaan van Stijn 70d8e0b867
Add ip and ip6 to advanced network syntax
This allows setting the ip/ipv6 address as an option in the
advanced `--network` syntax;

```
docker run --network name=mynetwork,ip=172.20.88.22,ip6=2001:db8::8822
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-04-03 17:03:34 +02:00
Silvin Lubecki 39f30ef168
Merge pull request #1767 from thaJeztah/carry_317_network_advanced
[carry 317] Cli change to pass driver specific options to docker run
2019-04-03 17:00:03 +02:00
Sebastiaan van Stijn 7ad850e58d
Merge pull request #1800 from tonistiigi/update-buildkit
vendor: update buildkit to 62e55427
2019-04-03 16:56:05 +02:00
Sebastiaan van Stijn 5bc09639cc
Refactor network parsing, add preliminary support for multiple networks
This refactors the way networking options are parsed, and makes the
client able to pass options for multiple networks. Currently, the
daemon does not yet accept multiple networks when creating a container,
and will produce an error.

For backward-compatibility, the following global networking-related
options are associated with the first network (in case multiple
networks are set);

  - `--ip`
  - `--ip6`
  - `--link`
  - `--link-local-ip`
  - `--network-alias`

Not all of these options are supported yet in the advanced notation,
but for options that are supported, setting both the per-network option
and the global option will produce a "conflicting options" error.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-04-03 16:42:57 +02:00
Abhinandan Prativadi c4844b1fdd
Cli change to pass driver specific options to docker run
The commit contains cli changes to support driver options for a network in
docker run and docker network connect cli's. The driver-opt, aliases is now
supported in the form of csv as per network option in service commands in
swarm mode since docker/cli#62 . This commit extends this support to docker
run command as well.

For docker connect command `--driver-opt` is added to pass driver specific
options for the network the container is connecting to.

Signed-off-by: Abhinandan Prativadi <abhi@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-04-03 16:30:26 +02:00
Tonis Tiigi 198407c56b vendor: update buildkit to 62e55427
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-04-02 23:40:56 -07:00
Nick Adcock 8bb152d967 add --from option to context create
--from creates a context from a named context.
By default `context create` will create a context from the current context.
Replaced "from-current=" docker/kubernetes option with "from=" to allow specifying which context to copy the settings from.

Signed-off-by: Nick Adcock <nick.adcock@docker.com>
2019-04-02 13:41:47 +01:00
Tibor Vass 5bbb56bfee
Merge pull request #1772 from AkihiroSuda/dialstdio-1736
dial-stdio: fix goroutine leakage
2019-04-01 15:17:10 -07:00
Simon Ferquel 8cd74eb33a Fix the stack informer's selector used to track deployment
Old selector was wrong (it watched for the label we applied to child
resources when reconciling the stack, instead of the stack itself)

This should be back-ported to older version of the CLI

Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>
2019-04-01 15:18:55 +02:00
Sebastiaan van Stijn f28d078426
Merge pull request #1577 from orisano/1576-improve-validate-context-directory
feat: improves ValidateContextDirectory performance
2019-04-01 13:22:27 +02:00
Sebastiaan van Stijn aa53429cb7
Merge pull request #1774 from zappy-shu/bump-kubernetes-1-13-4
bump kubernetes to v1.14.0
2019-04-01 11:49:52 +02:00
Sebastiaan van Stijn 2236568053
Merge pull request #1789 from djs55/fix-login-logout
Fix login logout when engine is down and credential helper is in use
2019-03-29 15:39:55 +01:00
Nick Adcock 0b6685bca8 bump kubernetes to v1.14.0
bump required:
- replacing vendor ghodss/yaml with sigs.k8s.io/yaml
- adding vendor k8s.io/klog and github.com/evanphx
- compose-on-kubernetes
removed 'IncludeUninitialized' from watch as it have been removed from k8s

Signed-off-by: Nick Adcock <nick.adcock@docker.com>
2019-03-29 09:20:28 +00:00
David Scott c9d0e47414 Simplify ElectAuthServer
Instead of using an `if else if else`, switch to a sequence of independent
`if` blocks containing a `return`.

Instead of defining a return variable and updating it in the `if` blocks
and returning at the end, make each `if` block return the desired value
independenly.

Signed-off-by: David Scott <dave.scott@docker.com>
2019-03-28 21:08:13 +00:00
David Scott a82e6868cc Use the default registry even without --debug
Previously if the Docker engine was not running the behaviour of
commands would vary depending on whether the --debug flag was provided.

For example, consider `docker logout`:

    $ docker logout
    Not logged in to

-- note the missing server URL

    $ docker --debug logout
    Warning: failed to get default registry endpoint from daemon (Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?). Using system default: https://index.docker.io/v1/
    Not logged in to https://index.docker.io/v1/

-- note the server URL is present

This patch makes only the debug printing conditional on the `--debug` flag,
not the return value.

Signed-off-by: David Scott <dave.scott@docker.com>
2019-03-28 21:04:39 +00:00
Sune Keller 217308d96d
Fix annotation on docker secret create --template-driver
Signed-off-by: Sune Keller <absukl@almbrand.dk>
2019-03-28 16:18:50 +01:00
Nao YONASHIRO 446762dc19 test: add filepathMatches test
Signed-off-by: Nao YONASHIRO <owan.orisano@gmail.com>
2019-03-28 01:22:11 +09:00
Nao YONASHIRO b41ddc6058 feat: improves ValidateContextDirectory performance
Signed-off-by: Nao YONASHIRO <owan.orisano@gmail.com>
2019-03-28 01:20:42 +09:00
Akihiro Suda f8d4c443ba dial-stdio: fix goroutine leakage
Fix #1736

Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2019-03-22 20:22:00 +09:00
Lifubang 06e250d37b add test case for DetectArchiveReader
Signed-off-by: Lifubang <lifubang@acmcoder.com>
2019-03-21 15:38:31 -07:00
Kir Kolyshkin 0c20554f69 image build: fix archive detection
As pointed out in #1459, docker cli fails to detect that the input is a tarball,
in case it is generated by `git archive --format=tgz`.

This happens because `git archive` adds some metadata to the initial tar header,
and so it is more than 1 block (of 512 bytes) long, while we only provide 1 block
to archive/tar.Next() and it fails.

To fix, give it 2 blocks :)

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2019-03-21 15:38:07 -07:00
Tõnis Tiigi dca6d2afa1
Merge pull request #1765 from thaJeztah/carry_181_pids_limit
Add `--pids-limit` flag to `docker update`
2019-03-21 14:11:09 -07:00
Sebastiaan van Stijn 059c085261
Merge pull request #1714 from tiborvass/nvidia-gpu
container: --gpus support
2019-03-21 21:26:16 +01:00
Tibor Vass 1ba368a5ac container: --gpus support
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-03-21 20:14:25 +00:00
Tibor Vass bc5ad41e87
Merge pull request #1766 from tonistiigi/outputs
build: allow setting buildkit outputs
2019-03-21 10:49:46 -07:00
Tonis Tiigi ca6eb5049b build: allow setting buildkit outputs
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-03-21 10:27:59 -07:00
Simon Ferquel 470afe11ed Fix annnotation on docker config create --template-driver
Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>
2019-03-21 16:19:06 +01:00
Sunny de3a5f0fe5
Add `--pids-limit` flag to `docker update`
Signed-off-by: Sunny Gogoi <indiasuny000@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-21 01:20:32 +01:00
Vincent Demeester f762697628
Merge pull request #1756 from thaJeztah/bump_engine_no_buildkit
Update docker/docker, containerd, runc, and some dependencies
2019-03-20 11:35:55 +01:00
Sebastiaan van Stijn fd769e1aff
Update docker/docker to 827cb09f87964ed38b46502f22a585f2ed4a78e1
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-19 22:21:51 +01:00
Sebastiaan van Stijn f620349837
Add systctl support for services
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-19 13:33:32 +01:00
Vincent Demeester a4a50de4b8
Merge pull request #1671 from thaJeztah/fix_labels_expanding_env_vars
Fix labels copying value from environment variables
2019-03-19 12:18:55 +01:00
Vincent Demeester fc9ef7087e
Merge pull request #1732 from sjeandeaux/fix/issue-117
[pretty print] pretty print and healthcheck
2019-03-19 11:54:41 +01:00
Sebastiaan van Stijn b5d0d179e7
Add back validation for invalid label values on containers
This adds validation to `docker container run` / `docker container create`;

Validation of labels provided through flags was removed in 31dc5c0a9a,
after the validation was changed to fix labels without values, and to prevent
labels from being expanded with environment variables in 2b17f4c8a8

However, now empty label names from _files_ (`--label-file`) followed different
validation rules than labels passed through `--label`.

This patch adds back minimal validation for labels passed through the command-line

Before this patch:

```bash
docker container create \
  --name label \
  --label==with-leading-equal-sign \
  --label=without-value \
  --label=somelabel=somevalue \
  --label "  =  " \
  --label=with-quotes-in-value='{"foo"}' \
  --label='with"quotes"in-key=test' \
  busybox

docker container inspect --format '{{json .Config.Labels}}' label
```

```json
{
  "": "with-leading-equal-sign",
  "  ": "  ",
  "somelabel": "somevalue",
  "with\"quotes\"in-key": "test",
  "with-quotes-in-value": "{\"foo\"}",
  "without-value": ""
}
```

After this patch:

```bash
docker container create \
  --name label \
  --label==with-leading-equal-sign \
  --label=without-value \
  --label=somelabel=somevalue \
  --label "  =  " \
  --label=with-quotes-in-value='{"foo"}' \
  --label='with"quotes"in-key=test' \
  busybox

invalid argument "=with-leading-equal-sign" for "-l, --label" flag: invalid label format: "=with-leading-equal-sign"
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-19 03:02:06 +01:00
Sebastiaan van Stijn f2424bd375
Fix labels copying value from environment variables
This patch fixes a bug where labels use the same behavior as `--env`, resulting
in a value to be copied from environment variables with the same name as the
label if no value is set (i.e. a simple key, no `=` sign, no value).

An earlier pull request addressed similar cases for `docker run`;
2b17f4c8a8, but this did not address the
same situation for (e.g.) `docker service create`.

Digging in history for this bug, I found that use of the `ValidateEnv`
function for  labels was added in the original implementation of the labels feature in
abb5e9a077 (diff-ae476143d40e21ac0918630f7365ed3cR34)

However, the design never intended it to expand environment variables,
and use of this function was either due to either a "copy/paste" of the
equivalent `--env` flags, or a misunderstanding (the name `ValidateEnv` does
not communicate that it also expands environment variables), and the existing
`ValidateLabel` was designed for _engine_ labels (which required a value to
be set).

Following the initial implementation, other parts of the code followed
the same (incorrect) approach, therefore leading the bug to be introduced
in services as well.

This patch:

- updates the `ValidateLabel` to match the expected validation
  rules (this function is no longer used since 31dc5c0a9a),
  and the daemon has its own implementation)
- corrects various locations in the code where `ValidateEnv` was used instead of `ValidateLabel`.

Before this patch:

```bash
export SOME_ENV_VAR=I_AM_SOME_ENV_VAR
docker service create --label SOME_ENV_VAR --tty --name test busybox

docker service inspect --format '{{json .Spec.Labels}}' test
{"SOME_ENV_VAR":"I_AM_SOME_ENV_VAR"}
```

After this patch:

```bash
export SOME_ENV_VAR=I_AM_SOME_ENV_VAR
docker service create --label SOME_ENV_VAR --tty --name test busybox

docker container inspect --format '{{json .Config.Labels}}' test
{"SOME_ENV_VAR":""}
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-19 03:01:57 +01:00
Stephane Jeandeaux d4ad7a94d2 [#117] remove blank line and fix order
Signed-off-by: Stephane Jeandeaux <stephane.jeandeaux@gmail.com>
2019-03-18 21:37:22 -04:00
Sebastiaan van Stijn 8c3a619d13
Merge pull request #1740 from tonistiigi/platform-flag
build: enable platform flag for build if buildkit
2019-03-18 19:21:46 +01:00
Tonis Tiigi 2caffb12c7 build: enable platform flag for build if buildkit
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-03-18 10:37:08 -07:00
Sebastiaan van Stijn 26e004797b
Make system prune warning filters human-readable
The warning, printed before running `docker system prune` was printing the
filters in JSON format.

This patch attempts to make the output human readable;

- updating the code, and template to print filters individually
- reducing the indentation (which was quite deep)

Before this patch was applied;

```
docker system prune --filter until=24h --filter label=hello-world --filter label!=foo=bar --filter label=bar=baz

WARNING! This will remove:
        - all stopped containers
        - all networks not used by at least one container
        - all dangling images
        - all dangling build cache
        - Elements to be pruned will be filtered with:
        - label={"label":{"bar=baz":true,"hello-world":true},"label!":{"foo=bar":true},"until":{"24h":true}}
Are you sure you want to continue? [y/N]
```

With this patch applied;

```
WARNING! This will remove:
  - all stopped containers
  - all networks not used by at least one container
  - all dangling images
  - all dangling build cache

  Items to be pruned will be filtered with:
  - label!=foo=bar
  - label!=never=remove-me
  - label=bar=baz
  - label=hello-world
  - label=remove=me
  - until=24h

Are you sure you want to continue? [y/N]
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-18 13:57:18 +01:00
Sebastiaan van Stijn 4a0218bb11
Fix system prune warning missing filters from config-file
The warning, printed before runing docker system prune was missing any filter
that was set in the configuration file. In addition, the warning prefixes the
filters with `label=`, which is no longer accurate, now that the prune command
also supports "until" as a filter.

Before this change, only the filters set on the command-line were shown,
and any filter set in the configuration file was missing;

```
mkdir -p ./test-config
echo '{"pruneFilters": ["label!=never=remove-me", "label=remove=me"]}' > test-config/config.json
docker --config=./test-config system prune --filter until=24h --filter label=hello-world --filter label!=foo=bar --filter label=bar=baz

WARNING! This will remove:
        - all stopped containers
        - all networks not used by at least one container
        - all dangling images
        - all dangling build cache
        - Elements to be pruned will be filtered with:
        - label={"label":{"bar=baz":true,"hello-world":true},"label!":{"foo=bar":true},"until":{"24h":true}}
Are you sure you want to continue? [y/N]
```

With this patch applied, both options from the commandline and options set
in the configuration file are shown;

```
mkdir -p ./test-config
echo '{"pruneFilters": ["label!=never=remove-me", "label=remove=me"]}' > test-config/config.json
docker --config=./test-config system prune --filter until=24h --filter label=hello-world --filter label!=foo=bar --filter label=bar=baz

WARNING! This will remove:
        - all stopped containers
        - all networks not used by at least one container
        - all dangling images
        - all dangling build cache
        - Elements to be pruned will be filtered with:
        - filter={"label":{"bar=baz":true,"hello-world":true,"remove=me":true},"label!":{"foo=bar":true,"never=remove-me":true},"until":{"24h":true}}
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-18 13:57:09 +01:00
Jean-Christophe Sirot b3aa17187f Make default context behaves like a real context:
- when using "--context default" parameter
- when printing the list of contexts
- when exporting the default context to a tarball

Signed-off-by: Jean-Christophe Sirot <jean-christophe.sirot@docker.com>
(+1 squashed commit)
Squashed commits:
[20670495] Fix CLI initialization for the `docker stack deploy --help` command and ensure that the dockerCli.CurrentContext() always returns a non empty context name (default as a fallback)
Remove now obsolete code handling empty string context name
Minor code cleanup

Signed-off-by: Jean-Christophe Sirot <jean-christophe.sirot@docker.com>
2019-03-18 11:45:46 +01:00
Jean-Christophe Sirot a1af6e261f Cover the changes with unit test
Signed-off-by: Jean-Christophe Sirot <jean-christophe.sirot@docker.com>
2019-03-13 14:18:41 +01:00
Jean-Christophe Sirot 37fcaf7a29 Resolve the docker Endpoint even if the client already exists. In that case the `TestDialStdio` e2e test had to be modified: the `--tls` option triggers an error since the endpoint resolution tries to read the `${DOCKER_CERT_PATH}/ca.pem` file which does not exist.
Signed-off-by: Jean-Christophe Sirot <jean-christophe.sirot@docker.com>
2019-03-13 14:18:41 +01:00
Jean-Christophe Sirot 3b26cfce8b Always initialize context store
Signed-off-by: Jean-Christophe Sirot <jean-christophe.sirot@docker.com>
2019-03-13 14:18:41 +01:00
Sebastiaan van Stijn d6a230606c
Merge pull request #1718 from ijc/dial-stdio-npipe-on-windows
dial-stdio: handle connections which lack CloseRead method.
2019-03-13 11:49:25 +01:00
Stephane Jeandeaux 05674a5096 [pretty print] pretty print and healthcheck
fixes #117

Print healthcheck information in pretty mode.

Signed-off-by: Stephane Jeandeaux <stephane.jeandeaux@gmail.com>
2019-03-12 22:00:46 -04:00
Tibor Vass 81ac432cc2
Merge pull request #1700 from thaJeztah/update_engine
Update docker/docker 8aca18d, containerd v1.2.4
2019-03-12 10:41:51 -07:00
Ian Campbell 0449ad8d06 Revert "Disable `docker system dial-stdio` on Windows"
This reverts commit c41c23813c.

This case is now handled due to the previous commit.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-03-12 14:57:52 +00:00
Ian Campbell 186e7456ac dial-stdio: Close the connection
This was leaking the fd.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-03-12 14:57:40 +00:00
Ian Campbell 8919bbf04d dial-stdio: handle connections which lack CloseRead method.
This happens on Windows when dialing a named pipe (a path which is used by CLI
plugins), in that case some debugging shows:

    DEBU[0000] conn is a *winio.win32MessageBytePipe
    DEBU[0000] conn is a halfReadCloser: false
    DEBU[0000] conn is a halfWriteCloser: true
    the raw stream connection does not implement halfCloser
In such cases we can simply wrap with a nop function since closing for read
isn't too critical.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-03-12 14:52:42 +00:00
Sebastiaan van Stijn bf4a96e564
Merge pull request #1688 from luoyunpeng/optimize-blockIOTypecheck
use char to check blockIO type
2019-03-12 10:32:31 +01:00
Silvin Lubecki b86bff84b6
Merge pull request #1710 from ijc/no-dial-stdio-on-windows
Disable `docker system dial-stdio` on Windows
2019-03-11 15:14:23 +01:00
Elliot Luo 0bb397f9ef use char to check blockIO type
Signed-off-by: Elliot Luo <956941328@qq.com>
2019-03-11 10:01:22 +08:00
Ryan Zhang f60369dfe6 Export cli/command/config
Signed-off-by: Ryan Zhang <ryan.zhang@docker.com>
2019-03-05 14:26:42 -08:00
Ian Campbell c41c23813c Disable `docker system dial-stdio` on Windows
The `conn` here is `*winio.win32MessageBytePipe` which does not have a
`CloseRead` method (it does have `CloseWrite`) resulting in:

    docker@WIN-NUC0 C:\Users\docker>.\docker-windows-amd64.exe system dial-stdio
    the raw stream connection does not implement halfCloser

Also disable the path which uses this for cli-plugins on Windows.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-03-04 17:36:21 +00:00
Sebastiaan van Stijn 0fc0015173
bump docker/docker to 8aca18d631f3f72d4c6e3dc01b6e5d468ad941b8
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-02 13:41:42 +01:00
Ian Campbell 3c2832637a Reformat the output of CLI plugins in `docker system info`
This matches the `docker --help` output after 92013600f9.

Added a unit test case for unversioned.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-02-25 13:13:51 +00:00
Sebastiaan van Stijn f1de399a54
Merge pull request #1612 from olljanat/replicas-max-per-node-cli
Add support for maximum replicas per node without stack
2019-02-22 11:17:18 +01:00
Olli Janatuinen f7f4d3bbb8 Add support for maximum replicas per node without stack
Signed-off-by: Olli Janatuinen <olli.janatuinen@gmail.com>
2019-02-22 09:53:21 +02:00
Sebastiaan van Stijn 06b837a7d7
Merge pull request #1654 from ijc/plugins-dial-stdio
cli-plugins: use system dial-stdio to contact the engine.
2019-02-21 12:11:24 +01:00
Ian Campbell 891b3d953e cli-plugins: use `docker system dial-stdio` to call the daemon
This means that plugins can use whatever methods the monolithic CLI supports,
which is good for consistency.

This relies on `os.Args[0]` being something which can be executed again to
reach the same binary, since it is propagated (via an envvar) to the plugin for
this purpose. This essentially requires that the current working directory and
path are not modified by the monolithic CLI before it launches the plugin nor
by the plugin before it initializes the client. This should be the case.

Previously the fake apiclient used by `TestExperimentalCLI` was not being used,
since `cli.Initialize` was unconditionally overwriting it with a real one
(talking to a real daemon during unit testing, it seems). This wasn't expected
nor desirable and no longer happens with the new arrangements, exposing the
fact that no `pingFunc` is provided, leading to a panic. Add a `pingFunc` to
the fake client to avoid this.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-02-18 11:53:37 +00:00
Silvin Lubecki 7f612bfca6
Merge pull request #1529 from lifubang/ttyexecresize
fixes 1492: tty initial size error
2019-02-12 10:31:17 +01:00
Lifubang 3fbffc682b tty initial size error
Signed-off-by: Lifubang <lifubang@acmcoder.com>
Signed-off-by: lifubang <lifubang@acmcoder.com>
2019-02-12 09:14:50 +08:00
Tibor Vass 60e774305d
Merge pull request #1602 from thaJeztah/hide_experimental_deploy
Hide legacy top-level "deploy" command with DOCKER_HIDE_LEGACY_COMMANDS=1
2019-02-08 13:53:12 -08:00
Sebastiaan van Stijn d21d1ce675
Merge pull request #1648 from thaJeztah/hide_builder_and_network
Hide "builder" and "network" commands on old API versions
2019-02-07 18:34:08 +01:00
Silvin Lubecki b1d27091e5
Merge pull request #1515 from sw-pschmied/1514-prevent-replacing-irregular-files
Prevent overwriting irregular files (cp, save, export commands)
2019-02-07 10:05:02 +01:00
Philipp Schmied 7632776b35 Prevent overwriting irregular files (cp, save, export commands)
Signed-off-by: Philipp Schmied <pschmied@schutzwerk.com>
2019-02-07 09:17:35 +01:00
Vincent Demeester 8ef8df81a8
Merge pull request #1655 from thaJeztah/bump_engine
Update docker, swarmkit, containerd v1.2.2
2019-02-06 18:24:05 +01:00
John Howard 593acf077b Add --device support for Windows
Adds support for --device in Windows. This must take the form of:
--device='class/clsid'. See this post for more information:

https://blogs.technet.microsoft.com/virtualization/2018/08/13/bringing-device-support-to-windows-server-containers/

Signed-off-by: John Howard <jhoward@microsoft.com>
2019-02-04 08:32:47 -08:00
Sebastiaan van Stijn d034df736b
Update docker, swarmkit, containerd v1.2.2
Also update the tests to account for the new "Builder" field
in docker info.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-02-02 17:03:12 +01:00
Tonis Tiigi 27b2797f7d Remove docker api dependency from cli/config
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-01-31 21:25:43 +00:00
Silvin Lubecki 2e5639da02
Merge pull request #1564 from ijc/plugins
Basic framework for writing and running CLI plugins
2019-01-31 17:44:46 +01:00
Sebastiaan van Stijn 5486cddbd9
Merge pull request #1617 from simonferquel/pull-secrets
Add support for Kubernetes Pull secrets and Pull policies
2019-01-31 13:37:45 +01:00
Ian Campbell 1c576e9043 Integrate CLI plugins into `docker info`
Fairly straight forward. It became necessary to wrap `Plugin.Err` with a type
which implements `encoding.MarshalText` in order to have that field rendered
properly in the `docker info -f '{{json}}'` output.

Since I changed the type somewhat I also added a unit test for `formatInfo`.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-01-30 13:45:26 +00:00
Sebastiaan van Stijn 99fb2c1baa
Hide "builder" and "network" commands on old API versions
- The `/build/prune` endpoint was added in API v1.31
- The `/network` endpoints were added in API v1.21

This patch hides these commands on older API versions

Before this change:

```
DOCKER_API_VERSION=1.0 docker

...

Management Commands:
  builder     Manage builds
  container   Manage containers
  image       Manage images
  manifest    Manage Docker image manifests and manifest lists
  network     Manage networks
  system      Manage Docker
  trust       Manage trust on Docker images
```

After this change

```
DOCKER_API_VERSION=1.0 docker

...

Management Commands:
  container   Manage containers
  image       Manage images
  manifest    Manage Docker image manifests and manifest lists
  system      Manage Docker
  trust       Manage trust on Docker images
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-01-30 01:06:09 +01:00
Simon Ferquel d184c0908a Add support for pull secrets and policies
Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>
2019-01-29 18:12:43 +01:00
Silvin Lubecki b258f458cc
Merge pull request #1573 from thaJeztah/fix_proxy_on_create
Fix proxy-configuration being ignored on docker create
2019-01-29 18:11:06 +01:00
Ian Campbell 8cf946d1bc Unit test for WithContentTrustFromEnv
I authored this for `contentTrustEnabled` prior to 7f207f3f95, so this now
tests the funcation argument version.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-01-29 11:26:40 +00:00
Ian Campbell 20c19830a9 Move versioning variables to a separate package.
This helps to avoid circular includes, by separating the pure data out from the
actual functionality in the cli subpackage, allowing other code which is
imported to access the data.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-01-29 11:26:40 +00:00
Ian Campbell 158a766886 Fold `dockerPreRun` into `DockerCli.Initialize`
All of the current callers follow the pattern:

    dockerPreRun(opts)
    err := dockerCli.Initialize(opts) ...

So there is no semantic change into merging the content of `dockerPreRun` into the head of `Initialize`.

I'm about to add a new caller outside of the `cmd/docker` package and this
seems preferable exporting `DockerPreRun`.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-01-29 11:26:21 +00:00
Simon Ferquel 3126920af1 Add context store config options and expose context commands
This will allow plugins to have custom typed endpoints, as well as
create/remove/update contexts with the exact same results as the main
CLI (thinking of things like `docker ee login https://my-ucp-server
--context ucp-prod)`

Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>
2019-01-29 11:19:54 +01:00
Sebastiaan van Stijn cf6c238660
Merge pull request #1615 from simonferquel/handle-v1alpha3
Handle v1alpha3 of Compose on Kubernetes API
2019-01-28 21:02:51 +01:00
Silvin Lubecki 7f207f3f95 Introduce functional arguments to NewDockerCli for a more stable API.
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-01-28 14:52:58 +01:00
Silvin Lubecki eb0ba4f8d5 Extract streams helpers from command package to their own package to remove a cyclic dependency from command to internal/containerizedengine
Aliasing old types
* streams.InStream -> streams.In
* streams.NewInStream -> streams.NewIn
* streams.OutStream -> streams.Out
* streams.NewOutStream -> streams.NewOut

Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-01-28 14:36:00 +01:00
Sebastiaan van Stijn 080f30a60f
Merge pull request #1638 from ijc/separate-client-system-info
Separate client infomation in `docker system info`
2019-01-25 17:32:07 +01:00
Ian Campbell bcb06b5f58 Rework `docker info` output to be more like `docker version`
That is, reindent the two sections by one space.

While the code was done by hand the `.golden` files had the extra space
inserted with emacs' `string-insert-rectangle` macro to (try to) avoid possible
manual errors. The docs were edited the same way.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-01-25 14:46:26 +00:00
Ian Campbell c9e60ae17a Allow `prettyPrintInfo` to return multiple errors
This allows it to print what it can, rather than aborting half way when a bad
security context is hit.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-01-25 14:40:33 +00:00
Ian Campbell 62ed1c0c5b Separate client and daemon info in `docker system info`
Right now the only client side info we have is whether debug is enabled, but we
expect more in the future.

We also preemptively prepare for the possibility of multiple errors when
gathering both daemon and client info.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-01-25 14:38:04 +00:00
Ian Campbell 7913fb6a5e Check json output in existing `docker info` unit tests.
This is in addition to the more specific `formatInfo` unit tests added
previously.

Signed-off-by: Ian Campbell <ijc@docker.com>
2019-01-25 11:55:54 +00:00
Ian Campbell eb714f7c0e Add unit test for `formatInfo`.
Signed-off-by: Ian Campbell <ijc@docker.com>
2019-01-25 11:55:52 +00:00
Simon Ferquel 820b6f1742 Added stack conversion tests
Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>
2019-01-25 09:58:31 +01:00
Simon Ferquel 2e5981d613 Handle version v1alpha3
Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>
2019-01-24 20:24:45 +01:00
Silvin Lubecki ebb121ee2d
Merge pull request #1611 from simonferquel/stack-children-atomic
Make child resource creation atomic when creating a k8s stack
2019-01-24 11:34:29 +01:00
Simon Ferquel e16a875408 Make child resource creation atomic when creating a k8s stack
Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>
2019-01-22 11:25:41 +01:00
Sebastiaan van Stijn 91bc4ddde2
Fix: proxy-configuration being ignored on docker create
Proxies configured in config.json were only taking effect
when using `docker run`, but were being ignored when
using `docker create`.

Before this change:

    echo '{"proxies":{"default":{"httpProxy":"httpProxy","httpsProxy":"httpsProxy","noProxy":"noProxy","ftpProxy":"ftpProxy"}}}' > config.json
    docker inspect --format '{{.Config.Env}}' $(docker --config=./ create busybox)
    [PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin]

With this change applied:

    echo '{"proxies":{"default":{"httpProxy":"httpProxy","httpsProxy":"httpsProxy","noProxy":"noProxy","ftpProxy":"ftpProxy"}}}' > config.json
    docker inspect --format '{{.Config.Env}}' $(docker --config=./ create busybox)
    [NO_PROXY=noProxy no_proxy=noProxy FTP_PROXY=ftpProxy ftp_proxy=ftpProxy HTTP_PROXY=httpProxy http_proxy=httpProxy HTTPS_PROXY=httpsProxy https_proxy=httpsProxy PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin]

Reported-by: Silvano Cirujano Cuesta <Silvanoc@users.noreply.github.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-01-19 12:33:33 +01:00
Silvin Lubecki cf0271ace4 Expose all stack commands to be used by downstream projects.
Factorize orchestrator switch among stack commands.

Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-01-16 14:47:50 +01:00
Sebastiaan van Stijn 48bd4c6deb
Merge pull request #1501 from simonferquel/use-context-commands
Fast context switch: commands
2019-01-15 18:11:38 +01:00
Simon Ferquel 591385a1d0 Fast Context Switch: commands
Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>
2019-01-10 22:25:43 +01:00
Akihiro Suda a7b5f2df86 support --mount type=bind,bind-nonrecursive,...
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2019-01-10 12:07:46 +09:00
Silvin Lubecki 308b1f340a
Merge pull request #1572 from thaJeztah/minor_test_nit
TestRunLabel: pass detach as argument
2019-01-08 10:17:01 +01:00
Silvin Lubecki edf6f4a3e7
Merge pull request #1571 from thaJeztah/warn_on_create
Fix warnings not being printed on "create", only on "run"
2019-01-08 10:14:01 +01:00
Daniel Hiltgen b9f1d30fa7
Remove e-mail from trial flow
Signed-off-by: Daniel Hiltgen <daniel.hiltgen@docker.com>
(cherry picked from commit 0ff9e5cd10)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-01-08 00:35:24 +01:00
Sebastiaan van Stijn 4c0aa94698
Hide legacy top-level "deploy" command with DOCKER_HIDE_LEGACY_COMMANDS=1
The `DOCKER_HIDE_LEGACY_COMMANDS` environment variable allows hiding legacy
top-level commands that are now available under `docker <object> <verb>`. The
`docker deploy` top-level command is experimental, and replaced by
`docker stack deploy`.

This patch hides the top-level `docker deploy` if the `DOCKER_HIDE_LEGACY_COMMANDS`
environment variable is set.

Before this change:

    DOCKER_HIDE_LEGACY_COMMANDS=1 docker --help

    ...

    Commands:
      build       Build an image from a Dockerfile
      deploy      Deploy a new stack or update an existing stack
      login       Log in to a Docker registry
      logout      Log out from a Docker registry
      run         Run a command in a new container
      search      Search the Docker Hub for images
      version     Show the Docker version information
    ...

With this patch applied:

    DOCKER_HIDE_LEGACY_COMMANDS=1 docker --help

    ...

    Commands:
      build       Build an image from a Dockerfile
      login       Log in to a Docker registry
      logout      Log out from a Docker registry
      run         Run a command in a new container
      search      Search the Docker Hub for images
      version     Show the Docker version information
    ...

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-01-07 17:24:35 +01:00