Commit Graph

1598 Commits

Author SHA1 Message Date
Sebastiaan van Stijn 7aa0b273e5
vendor: github.com/docker/docker 2ed904cad7055847796433cc56ef1d1de0da868c
- replace deprecated types
- also fixing some minor nits

full diff: 8941dcfcc5...2ed904cad7

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-30 12:01:37 +02:00
Sebastiaan van Stijn b3ab7c9665
Merge pull request #3547 from cavcrosby/2382-add-force-flag
Add --force option to network rm subcommand
2022-04-30 11:56:59 +02:00
Sebastiaan van Stijn 14976338f0
Merge pull request #3544 from thaJeztah/carry_2740_add_config_command
Add stack config command (carry 2740)
2022-04-29 14:03:41 +02:00
Conner Crosby 0ea587b0d7
Add --force option to network rm subcommand
The code is similar to that used by the volume rm subcommand, however,
one difference I noticed was VolumeRemove takes the force flag/option
was a parameter. This isn't the case for NetworkRemove.

To get NetworkRemove to take a similar parameter, this would require
modifying the Docker daemon. For now this isn't a route I wish to take
when the code can be arrange to mimic the same behavior.

Co-authored-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Conner Crosby <conner@cavcrosby.tech>
2022-04-29 13:56:33 +02:00
Sebastiaan van Stijn 052b4086b9
cli/command/image: remove use of docker/docker/pkg/urlutil
pkg/urlutil (despite its poorly chosen name) is not really intended as a
generic utility to handle URLs, and should only be used by the builder to
handle (remote) build contexts.

The `IsURL()` function only does a very rudimentary check for `http(s)://`
prefixes, without any other validation, but due to its name may give
incorrect expectations.

As we're deprecating this package for uses other than for build-contexts,
this patch replaces this instance of the utility for a local function.

While changing, also cleaned up some intermediate variables, and made
the logic slightly more descriptive.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-29 12:21:53 +02:00
Sebastiaan van Stijn e0fba5ea2d
Merge pull request #3567 from ndeloof/context_show
introduce `context show` command
2022-04-29 12:01:18 +02:00
Djordje Lukic 7b4d7717b1 Always set the console size
This check doesn't really make sense because the client doesn't know on what
OS the daemon is really running.
The daemon uses the console size on creation when available (on windows).

Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>
2022-04-28 13:54:20 +02:00
Nicolas De Loof fd2bc1fa5e
use our own version of text/tabwriter
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
2022-04-25 15:01:41 +02:00
Nicolas De Loof e9a4d7e611
introduce `context show` command
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
2022-04-25 14:40:24 +02:00
Sebastiaan van Stijn 0b78efe8fe
Merge pull request #3543 from thaJeztah/remove_the_experiment
remove "Experimental" client field from "docker version"
2022-04-20 22:03:21 +02:00
Sebastiaan van Stijn b66f4b2c21
cli: use "Swarm Subcommands" instead of "Orchestrator"
Now that we no longer support kubernetes as orchestrator in the cli
itself, we may as well be using "Swarm" for these to make it clearer
what these commands are for :)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-08 16:57:10 +02:00
Sebastiaan van Stijn aaa912c9f7
move commonly used top-level commands to the top of --help
This adds a new annotation to commands that are known to be frequently
used, and allows setting a custom weight/order for these commands to
influence in what order they appear in the --help output.

I'm not entirely happy with the implementation (we could at least use
some helpers for this, and/or make it more generic to group commands
in output), but it could be a start.

For now, limiting this to only be used for the top-level --help, but
we can expand this to subcommands as well if we think it makes sense
to highlight "common" / "commonly used" commands.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-08 16:55:41 +02:00
Sebastiaan van Stijn a058f9774a
remove exec, push, pull, ps, images, info from "legacy" commands
These commands are commonly used, so removing them from the list of "legacy"
top-level commands that are hidden when setting DOCKER_HIDE_LEGACY_COMMANDS=1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-08 16:55:39 +02:00
Sebastiaan van Stijn cea26ac86b
commands.AddCommands(): re-order/group commands
Order/group the commands the commands

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-08 16:55:37 +02:00
Sebastiaan van Stijn ed71a5091d
move global flags to end of --help output
Before this change, the top-level flags, such as `--config` and `--tlscacert`,
were printed at the top of the `--help` output. These flags are not used
frequently, and putting them at the top, made the information that's more
relevant to most users harder to find.

This patch moves the top-level flags for the root command (`docker`) to the
bottom of the help output, putting the subcommands more prominent in view.

With this patch:

    Usage:  docker [OPTIONS] COMMAND

    A self-sufficient runtime for containers

    Management Commands:
      builder     Manage builds
      buildx*     Docker Buildx (Docker Inc., v0.7.1)
      checkpoint  Manage checkpoints
      completion  Generate the autocompletion script for the specified shell
      container   Manage containers
      context     Manage contexts
      image       Manage images
      manifest    Manage Docker image manifests and manifest lists
      network     Manage networks
      plugin      Manage plugins
      stack       Manage Swarm stacks
      system      Manage Docker
      trust       Manage trust on Docker images
      volume      Manage volumes

    Orchestration Commands:
      config      Manage Swarm configs
      node        Manage Swarm nodes
      secret      Manage Swarm secrets
      service     Manage Swarm services
      swarm       Manage Swarm

    Commands:
      attach      Attach local standard input, output, and error streams to a running container
      build       Build an image from a Dockerfile
      commit      Create a new image from a container's changes
      cp          Copy files/folders between a container and the local filesystem
      create      Create a new container
      diff        Inspect changes to files or directories on a container's filesystem
      events      Get real time events from the server
      exec        Run a command in a running container
      export      Export a container's filesystem as a tar archive
      history     Show the history of an image
      images      List images
      import      Import the contents from a tarball to create a filesystem image
      info        Display system-wide information
      inspect     Return low-level information on Docker objects
      kill        Kill one or more running containers
      load        Load an image from a tar archive or STDIN
      login       Log in to a Docker registry
      logout      Log out from a Docker registry
      logs        Fetch the logs of a container
      pause       Pause all processes within one or more containers
      port        List port mappings or a specific mapping for the container
      ps          List containers
      pull        Pull an image or a repository from a registry
      push        Push an image or a repository to a registry
      rename      Rename a container
      restart     Restart one or more containers
      rm          Remove one or more containers
      rmi         Remove one or more images
      run         Run a command in a new container
      save        Save one or more images to a tar archive (streamed to STDOUT by default)
      search      Search the Docker Hub for images
      start       Start one or more stopped containers
      stats       Display a live stream of container(s) resource usage statistics
      stop        Stop one or more running containers
      tag         Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
      top         Display the running processes of a container
      unpause     Unpause all processes within one or more containers
      update      Update configuration of one or more containers
      version     Show the Docker version information
      wait        Block until one or more containers stop, then print their exit codes

    Global Options:
          --config string      Location of client config files (default "/root/.docker")
      -c, --context string     Name of the context to use to connect to the daemon (overrides DOCKER_HOST env var and default context set with "docker context use")
      -D, --debug              Enable debug mode
      -H, --host list          Daemon socket(s) to connect to
      -l, --log-level string   Set the logging level ("debug"|"info"|"warn"|"error"|"fatal") (default "info")
          --tls                Use TLS; implied by --tlsverify
          --tlscacert string   Trust certs signed only by this CA (default "/root/.docker/ca.pem")
          --tlscert string     Path to TLS certificate file (default "/root/.docker/cert.pem")
          --tlskey string      Path to TLS key file (default "/root/.docker/key.pem")
          --tlsverify          Use TLS and verify the remote
      -v, --version            Print version information and quit

    Run 'docker COMMAND --help' for more information on a command.

    To get more help with docker, check out our guides at https://docs.docker.com/go/guides/

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-08 16:55:36 +02:00
Sebastiaan van Stijn ae611f4c07
move orchestration commands to their own section in --help output
This groups all swarm-related subcommands to their own section in the --help
output, to make it clearer which commands require swarm to be enabled

With this change:

    Usage:  docker [OPTIONS] COMMAND

    A self-sufficient runtime for containers

    Options:
          --config string      Location of client config files (default "/Users/sebastiaan/.docker")
      -c, --context string     Name of the context to use to connect to the daemon (overrides DOCKER_HOST env var and default context set with "docker context use")
      -D, --debug              Enable debug mode
      -H, --host list          Daemon socket(s) to connect to
      -l, --log-level string   Set the logging level ("debug"|"info"|"warn"|"error"|"fatal") (default "info")
          --tls                Use TLS; implied by --tlsverify
          --tlscacert string   Trust certs signed only by this CA (default "/Users/sebastiaan/.docker/ca.pem")
          --tlscert string     Path to TLS certificate file (default "/Users/sebastiaan/.docker/cert.pem")
          --tlskey string      Path to TLS key file (default "/Users/sebastiaan/.docker/key.pem")
          --tlsverify          Use TLS and verify the remote
      -v, --version            Print version information and quit

    Management Commands:
      builder     Manage builds
      buildx*     Docker Buildx (Docker Inc., v0.8.1)
      checkpoint  Manage checkpoints
      completion  Generate the autocompletion script for the specified shell
      compose*    Docker Compose (Docker Inc., v2.3.3)
      container   Manage containers
      context     Manage contexts
      image       Manage images
      manifest    Manage Docker image manifests and manifest lists
      network     Manage networks
      plugin      Manage plugins
      scan*       Docker Scan (Docker Inc., v0.17.0)
      system      Manage Docker
      trust       Manage trust on Docker images
      volume      Manage volumes

    Orchestration Commands:
      config      Manage Swarm configs
      node        Manage Swarm nodes
      secret      Manage Swarm secrets
      service     Manage Swarm services
      stack       Manage Swarm stacks
      swarm       Manage Swarm

    Commands:
      attach      Attach local standard input, output, and error streams to a running container
      build       Build an image from a Dockerfile
      commit      Create a new image from a container's changes
      cp          Copy files/folders between a container and the local filesystem
      create      Create a new container
      diff        Inspect changes to files or directories on a container's filesystem
      events      Get real time events from the server
      exec        Run a command in a running container
      export      Export a container's filesystem as a tar archive
      history     Show the history of an image
      images      List images
      import      Import the contents from a tarball to create a filesystem image
      info        Display system-wide information
      inspect     Return low-level information on Docker objects
      kill        Kill one or more running containers
      load        Load an image from a tar archive or STDIN
      login       Log in to a Docker registry
      logout      Log out from a Docker registry
      logs        Fetch the logs of a container
      pause       Pause all processes within one or more containers
      port        List port mappings or a specific mapping for the container
      ps          List containers
      pull        Pull an image or a repository from a registry
      push        Push an image or a repository to a registry
      rename      Rename a container
      restart     Restart one or more containers
      rm          Remove one or more containers
      rmi         Remove one or more images
      run         Run a command in a new container
      save        Save one or more images to a tar archive (streamed to STDOUT by default)
      search      Search the Docker Hub for images
      start       Start one or more stopped containers
      stats       Display a live stream of container(s) resource usage statistics
      stop        Stop one or more running containers
      tag         Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
      top         Display the running processes of a container
      unpause     Unpause all processes within one or more containers
      update      Update configuration of one or more containers
      version     Show the Docker version information
      wait        Block until one or more containers stop, then print their exit codes

    Run 'docker COMMAND --help' for more information on a command.

    To get more help with docker, check out our guides at https://docs.docker.com/go/guides/

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-08 16:55:34 +02:00
Sebastiaan van Stijn bb610a59b4
cli: annotate "stack" command to be a swarm subcommand
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-08 16:55:31 +02:00
Sebastiaan van Stijn 78da8e3ef3
Merge pull request #3520 from thaJeztah/fix_TestRemoveForce
fix race condition in TestRemoveForce
2022-04-08 16:53:11 +02:00
Sebastiaan van Stijn 2784bb565c
Merge pull request #3512 from thaJeztah/update_engine_local_changes
client: local changes after engine update
2022-04-08 15:50:52 +02:00
Sebastiaan van Stijn bbc95c7bb7
remove "Experimental" client field from "docker version"
Configuration (enabling/disabling) of Experimental client features
was deprecated in Docker 19.03, and removed in 20.10. Experimental
CLI features are now always enabled. In Docker 20.10, the Experimental
field in `docker version` was kept (but always true).

This patch removes the field from the output (both "pretty" output
and the JSON struct).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-08 15:48:00 +02:00
Sebastiaan van Stijn 5df36e51b9
Merge pull request #3542 from thaJeztah/update_deprecated
update status of deprecated features for 22.04 (docs, and some code)
2022-04-08 15:47:50 +02:00
Sebastiaan van Stijn 51a84fe86c
cli/command: fix documentation of CopyToFile mentioning ioutil
The package we're using was updated, so this no longer was correct.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-08 14:56:48 +02:00
Stoica-Marcu Floris-Andrei cff702d889
Add merge to ShellCommand properties in config
Signed-off-by: Stoica-Marcu Floris-Andrei <floris.sm@gmail.com>
2022-04-08 14:56:14 +02:00
Stoica-Marcu Floris-Andrei fbea85d472
Change merge strategy for service volumes
Signed-off-by: Stoica-Marcu Floris-Andrei <floris.sm@gmail.com>
2022-04-08 14:56:11 +02:00
Stoica-Marcu Floris-Andrei dfc214115b
Add stack config command
Make use of existing modules and functions in order to output the merged configs.
Added skip interpolation flag of variables, so that you can pipe the output back to stack deploy without much hassle.

Signed-off-by: Stoica-Marcu Floris-Andrei <floris.sm@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-08 14:56:01 +02:00
Sebastiaan van Stijn 51aa683a88
cli/command/system: remove printStorageDriverWarnings()
These warnings were for features that are no longer supported (overlay
on a backingFS without d_type support), or related to the deprecated
devicemapper storage driver.

Removing this function for that reason.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-07 22:25:59 +02:00
Sebastiaan van Stijn 41fd1c49b6
update deprecation status of --kernel-memory(-tcp)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-07 22:24:27 +02:00
Sebastiaan van Stijn ee218fa89e
Deprecation: config: remove support for old ~/.dockercfg
The `~/.dockercfg` file was replaced by `~/.docker/config.json` in 2015
(github.com/docker/docker/commit/18c9b6c6455f116ae59cde8544413b3d7d294a5e),
but the CLI still falls back to checking if this file exists if no current
(`~/.docker/config.json`) file was found.

Given that no version of the CLI since Docker v1.7.0 has created this file,
and if such a file exists, it means someone hasn't re-authenticated for
5 years, it's probably safe to remove this fallback.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-06 21:35:03 +02:00
Sebastiaan van Stijn bcd4101f3d
tweak description of login/logout
Remove "Docker" from registry, as the registry specification is no
longer docker-specific, but part of the OCI distribution spec.

Also removed "Register" from one of the docs pages, as the login
command hasn't supported creating a new acccount on Docker Hub for
a long time.

I'm wondering if we should be more explicit about what log in / out
does (effectively; authenticate, and on success store the credentials
or token, and on log out; remove credentials/token).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-04 10:44:11 +02:00
Sebastiaan van Stijn b7b923db41
tweak description of "docker push" and "docker pull" commands
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-01 12:33:05 +02:00
Sebastiaan van Stijn 6e6652b702
tweak description of "docker run" command
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-01 12:28:37 +02:00
Sebastiaan van Stijn ac22b2bf52
tweak description of "docker exec" command
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-01 12:28:34 +02:00
Sebastiaan van Stijn 9688f62d20
fix race condition in TestRemoveForce
This test uses two subtests that were sharing the same variable.
Subtests run in a goroutine, which could lead to them concurrently
accessing the variable, resulting in a panic:

    === FAIL: cli/command/container TestRemoveForce/without_force (0.00s)
    Error: Error: No such container: nosuchcontainer
        --- FAIL: TestRemoveForce/without_force (0.00s)
    panic: runtime error: invalid memory address or nil pointer dereference [recovered]
    	panic: runtime error: invalid memory address or nil pointer dereference
    [signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x40393f]
    goroutine 190 [running]:
    testing.tRunner.func1.2({0xb76380, 0x124c9a0})
    	/usr/local/go/src/testing/testing.go:1389 +0x24e
    testing.tRunner.func1()
    	/usr/local/go/src/testing/testing.go:1392 +0x39f
    panic({0xb76380, 0x124c9a0})
    	/usr/local/go/src/runtime/panic.go:838 +0x207
    sort.StringSlice.Less(...)
    	/usr/local/go/src/sort/sort.go:319
    sort.insertionSort({0xd87380, 0xc00051b3b0}, 0x0, 0x2)
    	/usr/local/go/src/sort/sort.go:40 +0xb1
    sort.quickSort({0xd87380, 0xc00051b3b0}, 0x18?, 0xb4f060?, 0xc000540e01?)
    	/usr/local/go/src/sort/sort.go:222 +0x171
    sort.Sort({0xd87380, 0xc00051b3b0})
    	/usr/local/go/src/sort/sort.go:231 +0x53
    sort.Strings(...)
    	/usr/local/go/src/sort/sort.go:335
    github.com/docker/cli/cli/command/container.TestRemoveForce.func2(0xc0005389c0?)
    	/go/src/github.com/docker/cli/cli/command/container/rm_test.go:36 +0x125
    testing.tRunner(0xc00053e4e0, 0xc00051b140)
    	/usr/local/go/src/testing/testing.go:1439 +0x102
    created by testing.(*T).Run
    	/usr/local/go/src/testing/testing.go:1486 +0x35f
    === FAIL: cli/command/container TestRemoveForce (0.00s)

This patch changes the test to use to separate variables.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-31 22:54:17 +02:00
Sebastiaan van Stijn 801113fb8d
cli/registry/client: remove unused IsNotFound(), and slight refactor
This function was not used anywhere, and the error type already satisfied
the github.com/docker/docker/errdefs.ErrNotFound interface, so let's remove
this utility and (if needed at some point) use errdefs.IsNotFound() instead.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-30 20:00:36 +02:00
Sebastiaan van Stijn 48745da16c
cli/registry/client: remove unused RegistryClient.GetTags()
This was added in fd2f1b3b66 as part of
the `docker engine` sub-commands, which were deprecated, and removed in
43b2f52d0c.

This function is not used by anyone, so safe to remove.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-30 20:00:34 +02:00
Sebastiaan van Stijn e83d6cd2c8
cli/registry/client: remove unused GetRegistryAuth()
This was added in fd2f1b3b66 as part of
the `docker engine` sub-commands, which were deprecated, and removed
in 43b2f52d0c.

This function is not used by anyone, so safe to remove.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-30 20:00:32 +02:00
Sebastiaan van Stijn 04347f793d
context: Endpoint.ClientOpts(): use client.WithVersionFromEnv()
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-30 17:42:23 +02:00
Sebastiaan van Stijn 1db2da57c8
use client consts for environment variable names
It's slightly more verbose, but helps finding the purpose of each
of the environment variables. In tests, I kept the fixed strings.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-30 17:42:20 +02:00
Sebastiaan van Stijn ccbaaf0722
search: remove client-side default for --limit
The daemon (and registry) already have a default limit. This patch
removes the default from the client side, to not duplicate setting
these defaults.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-30 10:05:43 +02:00
Sebastiaan van Stijn 2dc178c802
search: change "the Docker Hub" to just "Docker Hub"
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-30 10:05:12 +02:00
Sebastiaan van Stijn 174e51cc94
Merge pull request #3486 from thaJeztah/update_engine
vendor: github.com/docker/docker 4a26fdda76d996708aa8100dd23ea90215984451
2022-03-29 10:31:12 +02:00
Sebastiaan van Stijn 8e2d63d5df
Fix flaky TestContainerList tests
These tests were creating a stub container, using the current timestamp as
created date. However, if CI was slow to run the test, `Less than a second ago`
would change into `1 second ago`, causing the test to fail:

    --- FAIL: TestContainerListNoTrunc (0.00s)
        list_test.go:198: assertion failed:
            --- expected
            +++ actual
            @@ -1,4 +1,4 @@
            -CONTAINER ID   IMAGE            COMMAND   CREATED                  STATUS        PORTS     NAMES
            -container_id   busybox:latest   "top"     Less than a second ago   Up 1 second             c1
            -container_id   busybox:latest   "top"     Less than a second ago   Up 1 second             c2,foo/bar
            +CONTAINER ID   IMAGE            COMMAND   CREATED        STATUS        PORTS     NAMES
            +container_id   busybox:latest   "top"     1 second ago   Up 1 second             c1
            +container_id   busybox:latest   "top"     1 second ago   Up 1 second             c2,foo/bar

This patch changes the "created" time of the container to be a minute ago. This
will result in `About a minute ago`, with a margin of 1 minute.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-28 20:37:06 +02:00
Sebastiaan van Stijn a1e67401d2
vendor: github.com/docker/docker 8941dcfcc5db4aefc351cd5b5bb4d524823035c0
- updated the default value for `--limit` on `docker search` as the const has been
  removed (added a todo to remove it)
- updated some fixtures to account for `KernelMemoryTCP` no longer being included
  in the output.

full diff: 83b51522df...8941dcfcc5

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-28 17:21:59 +02:00
Sebastiaan van Stijn 4ab70bf61e
linting: fix incorrectly formatted errors (revive)
cli/compose/interpolation/interpolation.go:102:4: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
                "invalid interpolation format for %s: %#v. You may need to escape any $ with another $.",
                ^

    cli/command/stack/loader/loader.go:30:30: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
                return nil, errors.Errorf("Compose file contains unsupported options:\n\n%s\n",
                                          ^

    cli/command/formatter/formatter.go:76:30: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
            return tmpl, errors.Errorf("Template parsing error: %v\n", err)
                                       ^

    cli/command/formatter/formatter.go:97:24: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
            return errors.Errorf("Template parsing error: %v\n", err)
                                 ^

    cli/command/image/build.go:257:25: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
                return errors.Errorf("error checking context: '%s'.", err)
                                     ^

    cli/command/volume/create.go:35:27: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
                        return errors.Errorf("Conflicting options: either specify --name or provide positional arg, not both\n")
                                             ^

    cli/command/container/create.go:160:24: error-strings: error strings should not be capitalized or end with punctuation or a newline (revive)
            return errors.Errorf("failed to remove the CID file '%s': %s \n", cid.path, err)
                                 ^

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-28 10:37:25 +02:00
Sebastiaan van Stijn d7c1fb9112
linting: ignore some "G101: Potential hardcoded credentials" warnings
cli/config/credentials/native_store.go:10:2: G101: Potential hardcoded credentials (gosec)
        remoteCredentialsPrefix = "docker-credential-"
        ^
    cli/command/service/opts.go:917:2: G101: Potential hardcoded credentials (gosec)
        flagCredentialSpec          = "credential-spec"
        ^

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-28 10:37:22 +02:00
Sebastiaan van Stijn 5a65aadd8d
cli/command/container: unnecessary use of fmt.Sprintf (gosimple)
cli/command/container/formatter_stats.go:184:10: S1039: unnecessary use of fmt.Sprintf (gosimple)
            return fmt.Sprintf("--")
                   ^
    cli/command/container/formatter_stats.go:191:10: S1039: unnecessary use of fmt.Sprintf (gosimple)
            return fmt.Sprintf("-- / --")
                   ^
    cli/command/container/formatter_stats.go:201:10: S1039: unnecessary use of fmt.Sprintf (gosimple)
            return fmt.Sprintf("--")
                   ^
    cli/command/container/formatter_stats.go:184:10: S1039: unnecessary use of fmt.Sprintf (gosimple)
            return fmt.Sprintf("--")
                   ^
    cli/command/container/formatter_stats.go:191:10: S1039: unnecessary use of fmt.Sprintf (gosimple)
            return fmt.Sprintf("-- / --")
                   ^
    cli/command/container/formatter_stats.go:201:10: S1039: unnecessary use of fmt.Sprintf (gosimple)
            return fmt.Sprintf("--")
                   ^

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-28 10:36:53 +02:00
Sebastiaan van Stijn a0f0578299
gofmt with go1.17
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-26 20:21:00 +01:00
Nicolas De loof d8afb01e00
Merge pull request #3466 from glebsts/docker-push-all-tags-docs-improve-signed 2022-03-17 12:27:23 +01:00
Sebastiaan van Stijn b4ca1c7368
registry: don't call "/info" API endpoint to get default registry
The CLI currenly calls the `/info` endpoint to get the address
of the default registry to use.

This functionality was added as part of the initial Windows implementation
of the engine. For legal reasons, Microsoft Windows (and thus Docker images
based on Windows) were not allowed to be distributed through non-Microsoft
infrastructure. As a temporary solution, a dedicated "registry-win-tp3.docker.io"
registry was created to serve Windows images.

As a result, the default registry was no longer "fixed", so a helper function
(`ElectAuthServer`) was added to allow the CLI to get the correct registry
address from the daemon. (docker/docker PR's/issues 18019, 19891, 19973)

Using separate registries was not an ideal solution, and a more permanent
solution was created by introducing "foreign image layers" in the distribution
spec, after which the "registry-win-tp3.docker.io" ceased to exist, and
removed from the engine through docker/docker PR 21100.

However, the `ElectAuthServer` was left in place, quoting from that PR;

> make the client check which default registry the daemon uses is still
> more correct than leaving it up to the client, even if it won't technically
> matter after this PR. There may be some backward compatibility scenarios
> where `ElectAuthServer` [sic] is still helpful.

That comment was 5 years ago, and given that the engine and cli are
released in tandem, and the default registry is not configurable, we
can save the extra roundtrip to the daemon by using a fixed value.

This patch deprecates the `ElectAuthServer` function, and makes it
return the default registry without calling (potentially expensie)
`/info` API endpoint.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-15 16:30:42 +01:00
Sebastiaan van Stijn 3304c49771
Merge pull request #2936 from silvin-lubecki/format-json
Add --format=json to inspect and list commands
2022-03-15 16:22:16 +01:00
Djordje Lukic 9c0234bbcb
Output compact JSON by default for --format=json
With this change all `inspect` commands will output a compact JSON
representation of the elements, the default format (indented JSON) stays the
same.

Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-15 15:42:35 +01:00
Silvin Lubecki a4a734df44
Update list commands with better format flag description
including all the directives and a link to the documentation.

Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-15 15:35:53 +01:00
Silvin Lubecki eb27a94c3f
Added "json" as specific value for --format flag in list commands, as an alias to `{{json .}}`
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-15 15:33:19 +01:00
Silvin Lubecki 84d47b544e
Add "json" as default value to format flag in all inspect commands.
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-15 15:31:16 +01:00
Silvin Lubecki c700bbcb4b
Add specific "json" value to format flag with inspect commands to output json, as empty flag does.
Added tests on that new behavior.

Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-15 15:19:45 +01:00
Sebastiaan van Stijn 6745f62a0b
Merge pull request #3136 from thaJeztah/remove_clientinfo
Remove ClientInfo as it is not practically used.
2022-03-15 15:12:22 +01:00
Sebastiaan van Stijn 831704e56c
search: do not sort results by stars on client side
Once upon a time, there was a website named ["The Docker index"][2]; a complimentary
service for users of Docker, provided by dotCloud. The Docker Index was the place
to find and explore pre-made container images, and allowed you to [share your
images and download them][1]. The Docker Index evolved rapidly, and gained new
features, such as [Trusted Images][3], and "stars" to rank your favorite images.

The website also provided an API, which allowed you to search images, even from
the comfort of your `docker` CLI. Things moved fast in container-land, and while
there was an API to use, it was still a work in progress. While the Docker Index
allowed users to "star" images, the search API did not rank results accordingly.

As any engineer knows, there's no problem that can't be solved with some elbow-
grease and a piece of Duct tape, so while the Docker Index team worked on making
the search API better, the `docker` engine [fixed the problem on the client side][4]

Years went by, and the Docker Index API became the "registry V1" specification,
including search. The registry got a major "v2" rewrite and became the [OCI Distribution
Spec][5], and Docker Index became Docker Hub, which included V2 and V3 search APIs.
The V1 search API continued to be supported, as it was the only documented API
for registries, but improvements were made, including ranking of search results.

Duct tape is durable, and even though improvements were made, the Docker client
continued to sort the results as well. Unfortunately, this meant that search
results on the command-line were ranked different from their equivalent on the
registry (such as Docker Hub).

This patch removes the client-side sorting of results, using the order in which
the search API returned them to (finally) celebrate the work of the engineers
working on the search API, also when used from the command-line.

[1]: https://web.archive.org/web/20130708004229/http://docker.io/
[2]: https://web.archive.org/web/20130623223614/https://index.docker.io/
[3]: https://web.archive.org/web/20140208001647/https://index.docker.io/
[4]: 1669b802cc
[5]: https://github.com/opencontainers/distribution-spec

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-15 14:20:22 +01:00
Djordje Lukic ab35e3fac3 Handle relative source mounts
With this change it is now possible to give a relative path to the --volume and
--mount flags.

$ docker run --mount type=bind,source=./,target=/test ...

$ docker run -v .:/test ...

Fixes #1203

Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>
2022-03-14 15:18:48 +01:00
Gleb Stsenov de05499267
align wording of push --all-tags parameter description
Signed-off-by: Gleb Stsenov <gleb.stsenov@gmail.com>
2022-03-10 19:48:41 +02:00
Sebastiaan van Stijn dc9e069ff2
vendor: github.com/docker/docker v20.10.3-0.20220309172631-83b51522df43
Changed `matcher.Matches(file)` to `matcher.MatchesOrParentMatches(file)`:

    cli/command/image/build/context.go:95:9: SA1019: matcher.Matches is deprecated: This implementation is buggy (it only checks a single parent dir against the pattern) and will be removed soon. Use either MatchesOrParentMatches or MatchesUsingParentResults instead.  (staticcheck)
        return matcher.Matches(file)
               ^

And updated a test to match the JSON omitting empty RootFS.Type fields (in
practice, this field should never be empty in real situations, and always
be "layer"). Changed the test to use subtests to easier find which case
is failing.

full diff: 343665850e...83b51522df

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-09 18:45:37 +01:00
Sebastiaan van Stijn 257f6149ba
Remove ClientInfo as it is not practically used.
The information in this struct was basically fixed (there's
some discrepancy around the "DefaultVersion" which, probably,
should never vary, and always be set to the Default (maximum)
API version supported by the client.

Experimental is now always enabled, so this information did
not require any dynamic info as well.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-04 15:46:50 +01:00
Sebastiaan van Stijn ac06c971fa
remove unneeded "digest" alias for "go-digest"
This was there for historic reasons (I think `goimports` expected this,
and we used to have a linter that wanted it), but it's not needed, so
let's remove it (to make my IDE less complaining about unneeded aliases)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-04 14:45:37 +01:00
Sebastiaan van Stijn e40529aa3b
use consistent alias for api/types/registry
Not a fan of aliases, but unfortunately they're sometimes needed. We import both
docker/docker/registry and docker/registry and api/types/registry, so I looked
for which one to continue using an alias, and this was the one "least" used,
and which already used this alias everywhere, except for two places.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-04 14:45:34 +01:00
Sebastiaan van Stijn b7e4f3daa6
remove alias for cli/config imports
Just `config` as name for the package should work; this also revealed that one
file was importing the same package twice.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-04 14:45:33 +01:00
Sebastiaan van Stijn cc08fc1af0
Implement WithDefaultContextStoreConfig() DockerCliOption
Just a minor refactor to make this slightly cleaner

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-03 14:47:59 +01:00
Sebastiaan van Stijn d35b50c0c3
NewAPIClientFromFlags: rename variable to not collide with import
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-03 14:47:54 +01:00
Chee Hau Lim 1d4431c1e7
cli/command: Add quiet option for create and run
Signed-off-by: Chee Hau Lim <cheehau.lim@mobimeo.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-01 14:20:18 +01:00
Sebastiaan van Stijn 60c3836365
cli/compose/schema: make version: "3" equivalent to "3.x" (latest)
Previously, `version: "3"` was equivalent to `version: "3.0"`, which
caused confusion for many users, as they expected it to be "3.x".

docker-compose and docker compose (v2) have adopted the compose-spec
(https://compose-spec.io), which no longer has a version field in
the compose file, and always picks the "latest" supported version.

This changes how `docker stack` interprets "major" version numbers
specified in compose-files:

When only the major version ("3") is specified, it is now equivalent
to "3.x" (latest supported v3 schema).

Compose-files that specify both major and minor version (e.g. "3.0"
or "3.1") continue to use the existing behavior; validation is down-
graded to the specified version and will produce an error if options
are used that are not supported in that schema version. This allows
users to locally verify that a composse-file does not use options
that are not supported in the intended deployment environment (for
example if the deploy environment only supports older versions of
the schema).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-01 09:40:33 +01:00
Sebastiaan van Stijn 6c75b75aaa
Merge pull request #3257 from thaJeztah/compose_remove_required_version
cli/compose: add schema 3.10, with optional version field (default to "latest")
2022-02-25 19:47:55 +01:00
Sebastiaan van Stijn 86db51e86e
cli: remove deprecated io/ioutil
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-25 15:42:19 +01:00
Sebastiaan van Stijn 1e54bca833
cli/trust: remove deprecated io/ioutil and use t.TempDir()
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-25 15:42:18 +01:00
Sebastiaan van Stijn 58cf16da45
cli/manifest: remove deprecated io/ioutil and use t.TempDir()
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-25 15:42:17 +01:00
Sebastiaan van Stijn cca80cdddd
cli/context: remove deprecated io/ioutil and use t.TempDir()
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-25 15:42:16 +01:00
Sebastiaan van Stijn 71575ab3b5
cli/config: remove deprecated io/ioutil and use t.TempDir()
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-25 15:42:15 +01:00
Sebastiaan van Stijn b9f0340b68
cli/compose: remove deprecated io/ioutil
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-25 15:42:15 +01:00
Sebastiaan van Stijn 3f7e7bf9d2
cli/command: remove deprecated io/ioutil and use t.TempDir()
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-25 15:42:14 +01:00
Sebastiaan van Stijn cca73bff41
cli/command/volume: remove deprecated io/ioutil
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-25 15:42:13 +01:00
Sebastiaan van Stijn b5dce3c9e6
cli/command/trust: remove deprecated io/ioutil and use t.TempDir()
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-25 15:42:12 +01:00
Sebastiaan van Stijn e0299ff862
cli/command/system: remove deprecated io/ioutil
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-25 15:42:11 +01:00
Sebastiaan van Stijn 78cb61c61c
cli/command/swarm: remove deprecated io/ioutil and use t.TempDir()
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-25 15:42:11 +01:00
Sebastiaan van Stijn d59330f40d
cli/command/stack: remove deprecated io/ioutil
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-25 15:42:10 +01:00
Sebastiaan van Stijn d1f26de646
cli/command/service: remove deprecated io/ioutil
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-25 15:42:09 +01:00
Sebastiaan van Stijn c558df7ced
cli/command/secret: remove deprecated io/ioutil
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-25 15:42:08 +01:00
Sebastiaan van Stijn 3b3a0b898f
cli/command/registry: remove deprecated io/ioutil
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-25 15:42:07 +01:00
Sebastiaan van Stijn f61aab59f7
cli/command/plugin: remove deprecated io/ioutil
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-25 15:42:07 +01:00
Sebastiaan van Stijn 9bdeb09ae9
cli/command/node: remove deprecated io/ioutil
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-25 15:42:06 +01:00
Sebastiaan van Stijn f28c063e2f
cli/command/context: remove deprecated io/ioutil
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-25 15:42:05 +01:00
Sebastiaan van Stijn 43795ec8f7
cli/command/manifest: remove deprecated io/ioutil and use t.TempDir()
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-25 15:42:04 +01:00
Sebastiaan van Stijn d14b5bff80
cli/command/image: remove deprecated io/ioutil and use t.TempDir()
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-25 15:41:55 +01:00
Sebastiaan van Stijn 76b47359cb
cli/command/context: remove deprecated io/ioutil and use t.TempDir()
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-25 15:41:50 +01:00
Sebastiaan van Stijn e946bf0804
cli/command/container: remove deprecated io/ioutil
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-25 15:36:23 +01:00
Sebastiaan van Stijn bc1790c5c2
cli/command/config: remove deprecated io/ioutil
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-25 15:36:08 +01:00
Sebastiaan van Stijn 8dc53344e0
cli/command/checkpoint: remove deprecated io/ioutil
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-25 15:35:51 +01:00
Sebastiaan van Stijn df7adf4aa3
Merge pull request #3434 from howardjohn/json/unmarshal-pointer
Fix incorrect pointer inputs to `json.Unmarshal`
2022-02-25 12:06:10 +01:00
Sebastiaan van Stijn cb65bd4de8
Merge pull request #3436 from ndeloof/public_RunExec
publish RunExec for use by docker/compose
2022-02-25 11:43:13 +01:00
Sebastiaan van Stijn 1c5256d8e1
Merge pull request #3442 from thaJeztah/drop_kube_cleanup_test
update/remove various tests and options related to kubernetes support
2022-02-25 11:15:14 +01:00
CrazyMax e38e6c51ff
bring back and expose BuildKitEnabled func
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-02-24 17:57:56 +01:00
Sebastiaan van Stijn ee9d17caec
cli/context: update package documentation
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-24 17:53:21 +01:00
Sebastiaan van Stijn 242857dd81
update/remove various tests and options related to kubernetes support
Remove various tests and utilities related to testing kubernetes support

Also removing the Kubernetes and DefaultStackOrchestrator from CreateOptions
and UpdateOptions, instead updating the flags to not be bound to a variable.

This might break some consumers of those options, but given that they've become
non-functional, that's probably ok (otherwise they may ignore the deprecation
warning and end up with non-functional code).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-24 17:53:18 +01:00
Nicolas De Loof 2d268392d1
publish RunExec for use by docker/compose
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
2022-02-24 16:31:24 +01:00
Sebastiaan van Stijn 467e650d4c
formatter: mark KubernetesEndpoint templating option as deprecated
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-24 13:36:01 +01:00
Sebastiaan van Stijn 6ea2767289
config: mark stackOrchestrator option as deprecated
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-24 13:35:03 +01:00
Sebastiaan van Stijn 16ece9bb82
system/version: remove dead-code
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-24 12:26:18 +01:00
Sebastiaan van Stijn 1924bc9f0f
stack/swarm: remove unneeded getStackServiceFilter()
It was now an alias for getStackFilter, so no longer needed

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-24 12:26:15 +01:00
Sebastiaan van Stijn cff010c61f
context export: remove docker context export --kubeconfig options
Removes the --kubeconfig flag, and the corresponding ExportOptions.Kubeconfig,
as well as special handling for kubeconfig export, as it's no longer used.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-24 12:26:09 +01:00
John Howard ee97fe95bc Fix incorrect pointer inputs to `json.Unmarshal`
See https://github.com/howardjohn/go-unmarshal-double-pointer for more
info on why this is not safe and how this is detected.

Signed-off-by: John Howard <howardjohn@google.com>
2022-02-22 13:08:37 -08:00
Nicolas De Loof 193ede9b12
remove obsolete mutli-orchestrator support
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
2022-02-22 15:28:12 +01:00
Nicolas De Loof 1d48749c1c warn user kubernetes is deprecated and options won't be stored in context
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
2022-02-22 13:47:34 +01:00
Nicolas De Loof 7b9580df51 Drop support for (archived) Compose-on-Kubernetes
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
2022-02-22 13:47:34 +01:00
Sebastiaan van Stijn a7778806a0
cli/compose/schema: make version optional, default to "latest"
The compose spec (https://compose-spec.io) defines the version to be optional,
and implementations of the spec to check for supported attributes instead.

While this change does not switch the `docker stack` implementation to use the
compose-spec, it makes it function more similar. Previously, omitting a version
number would either produce an error (as the field was required), or switched
the handling to assume it was version 1.0 (which is deprecated).

With this change, compose files without a version number will be handled as
the latest version supported by `docker stack` (currently 3.10). This allows
users that work with docker-compose or docker compose (v2) to deploy their
compose file, without having to re-add a version number. Fields that are
not supported by stackes (schema 3.10) will still produce an error.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-18 12:26:04 +01:00
Sebastiaan van Stijn a9fd697737
cli/compose: add schema 3.10 (no changes with 3.9 yet)
Adding a copy of the 3.9 schema, with only the version-string changed.
This makes it easier to find changes since 3.9, which are added after
this.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-18 12:26:02 +01:00
Sebastiaan van Stijn d44eca129f
cli/compose/schema: Validate(): normalize version before validating
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-18 12:26:00 +01:00
Sebastiaan van Stijn bce65f0edc
builder: simplify error generation, and rephrase error/warning
With this change:

    echo 'FROM busybox' | DOCKER_BUILDKIT=1 docker build -
    ERROR: BuildKit is enabled but the buildx component is missing or broken.
           Install the buildx component to build images with BuildKit:
           https://docs.docker.com/go/buildx/

    echo 'FROM busybox' | docker build -
    DEPRECATED: The legacy builder is deprecated and will be removed in a future release.
                Install the buildx component to build images with BuildKit:
                https://docs.docker.com/go/buildx/

    Sending build context to Docker daemon  2.048kB
    ...

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-03 10:38:05 +01:00
CrazyMax 4d8e45782b
builder: fallback to legacy
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-02-03 10:38:05 +01:00
CrazyMax 6fef143dbc
Set buildx as default builder
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-02-03 10:38:05 +01:00
Sebastiaan van Stijn 08a1ccc60a
Remove support for encrypted TLS private keys
> Legacy PEM encryption as specified in RFC 1423 is insecure by design. Since
> it does not authenticate the ciphertext, it is vulnerable to padding oracle
> attacks that can let an attacker recover the plaintext

From https://go-review.googlesource.com/c/go/+/264159

> It's unfortunate that we don't implement PKCS#8 encryption so we can't
> recommend an alternative but PEM encryption is so broken that it's worth
> deprecating outright.

This feature allowed using an encrypted private key with a supplied password,
but did not provide additional security as the encryption is known to be broken,
and the key is sitting next to the password in the filesystem. Users are recommended
to decrypt the private key, and store it un-encrypted to continue using it.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-01-27 14:26:32 +01:00
Sebastiaan van Stijn 48cbe0bfa1
Merge pull request #3264 from coryb/fix-data-race
fix innocuous data-race when config.Load called in parallel
2022-01-27 10:26:56 +01:00
Amey Shrivastava dfb39e9e5f Fix Typos
This commit fixes spelling mistakes (typos) at a few places in the codebase.

Signed-off-by: Amey Shrivastava <72866602+AmeyShrivastava@users.noreply.github.com>
2021-12-20 01:49:19 +05:30
Silvin Lubecki ed86571bfa
Merge pull request #3256 from thaJeztah/cleanup_rootcommand
cli.SetupRootCommand(): minor cleanup
2021-12-08 11:31:59 +01:00
CrazyMax 4d93717ae5
ci: github actions test workflow
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-12-07 14:50:22 +01:00
Mathieu Champlon 8b85274d26 Fix typo
Signed-off-by: Mathieu Champlon <mathieu.champlon@docker.com>
2021-11-05 18:10:51 +01:00
Sebastiaan van Stijn 3fb4fb83df
Merge pull request #3245 from thaJeztah/remove_stopsignal_default
create/run: remove default --stop-signal
2021-11-02 12:17:39 +01:00
Sebastiaan van Stijn 46f8c8b926
Merge pull request #3322 from samuelkarp/ensure-default-auth-config
registry: ensure default auth config has address
2021-10-15 12:59:56 +02:00
CrazyMax 75284bd1d1
Use goversioninfo to create Windows Version Info
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-10-11 16:54:22 +02:00
Samuel Karp 1f8cb1fbbd
registry: ensure default auth config has address
Signed-off-by: Samuel Karp <skarp@amazon.com>
(cherry picked from commit 42d1c02750)
Signed-off-by: Samuel Karp <skarp@amazon.com>
2021-10-04 11:36:13 -07:00
Sebastiaan van Stijn 214cd05aa1
create/run: remove default --stop-signal
The DefaultStopSignal const has been deprecated, because the daemon already
handles a default value. The current code did not actually send the default
value unless the flag was set, which also made the flag description incorrect,
because in that case, the _daemon's_ default would be used, which could
potentially be different as was specified here.

This patch removes the default value from the flag, leaving it to the daemon
to set a default.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-08-25 09:53:42 +02:00
Sebastiaan van Stijn e8fdc3c491
Merge pull request #3230 from thaJeztah/remove_seccomp_warning
info: skip client-side warning about seccomp profile on API >= 1.42
2021-08-24 22:04:58 +02:00
coryb b5f4a6e45f fix innocuous data-race when config.Load called in parallel
Locking was removed in https://github.com/docker/cli/pull/3025 which
allows for parallel calls to config.Load to modify global state.
The consequence in this case is innocuous, but it does trigger a
`DATA RACE` exception when tests run with `-race` option.

Signed-off-by: coryb <cbennett@netflix.com>
2021-08-21 13:27:23 -07:00
Alex Couture-Beil af1bb80c34 Enable ssh forwarding when building a remote target
- this fixes https://github.com/moby/buildkit/issues/2040 by enabling
ssh forwarding when a remote address is given on the command line, this
is a similar fix to https://github.com/docker/buildx/pull/581

Signed-off-by: Alex Couture-Beil <alex@earthly.dev>
2021-08-19 08:54:37 -07:00
Sebastiaan van Stijn 7e15d136bb
cli.SetupRootCommand(): minor cleanup
Had this in a branch locally, so thought I'd open as a PR

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-08-16 12:32:16 +02:00
Sebastiaan van Stijn 818564af51
cli/compose: use go1.16 native embed functionality for schemas
This allows us to drop the `//go:generate` and use of the github.com/mjibson/esc
utility.

worth noting that Go's native "embed" does not compress files. We could compress
these files as part of a build / validate step (which would add some complexity
when updating these files) if this is a concern, but not sure if the additional
complexity is warranted.

Comparing before/after sizes (see below);

    macOS: 54125840 - 54005264 = 120576 (+120.58 kB)
    Linux: 52393231 - 52277701 = 115530 (+115.53 kB)

Before:

    ls -l build/
    total 208736
    lrwxr-xr-x  1 sebastiaan  staff        19 Aug 15 09:36 docker@ -> docker-linux-amd64
    -rwxr-xr-x  1 sebastiaan  staff  54005264 Aug 15 09:35 docker-darwin-amd64*
    -rwxr-xr-x  1 sebastiaan  staff  52277701 Aug 15 09:36 docker-linux-amd64*

After:

    ls -l build/
    total 208960
    lrwxr-xr-x  1 sebastiaan  staff        18 Aug 15 09:32 docker@ -> docker-linux-amd64
    -rwxr-xr-x  1 sebastiaan  staff  54125840 Aug 15 09:31 docker-darwin-amd64*
    -rwxr-xr-x  1 sebastiaan  staff  52393231 Aug 15 09:32 docker-linux-amd64*

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-08-15 10:04:13 +02:00
Sebastiaan van Stijn fc85fe4eb8
vendor: update docker to current master (API v1.42)
full diff: 25917217ca...343665850e

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-08-12 13:24:05 +02:00
Sebastiaan van Stijn 847aef321e
build: fix AddDockerfileToBuildContext not de-referencing tar header template
Commit 73aef6edfe
modified archive.ReplaceFileTarWrapper to set the Name field in the tar header,
if the field was not set.

That change exposed an issue in how a Dockerfile from stdin was sent to the daemon.
When attempting to build using a build-context, and a Dockerfile from stdin, the
following happened:

```bash
mkdir build-stdin && cd build-stdin && echo hello > hello.txt

DOCKER_BUILDKIT=0 docker build --no-cache -t foo -f- . <<'EOF'
FROM alpine
COPY . .
EOF

Sending build context to Docker daemon  2.607kB
Error response from daemon: dockerfile parse error line 1: unknown instruction: .DOCKERIGNORE
```

Removing the `-t foo`, oddly lead to a different failure:

```bash
DOCKER_BUILDKIT=0 docker build --no-cache -f- . <<'EOF'
FROM alpine
COPY . .
EOF

Sending build context to Docker daemon  2.581kB
Error response from daemon: Cannot locate specified Dockerfile: .dockerfile.701d0d71fb1497d6a7ce
```

From the above, it looks like the tar headers got mangled, causing (in the first
case) the daemon to use the build-context tar as a plain-text file, and therefore
parsing it as Dockerfile, and in the second case, causing it to not being able to
find the Dockerfile in the context.

I noticed that both TarModifierFuncs were using the same `hdrTmpl` struct, which
looks to caused them to step on each other's toes. Changing them to each initialize
their own struct made the issue go away.

After this change:

```bash
DOCKER_BUILDKIT=0 docker build --no-cache -t foo -f- . <<'EOF'
FROM alpine
COPY . .
EOF
Sending build context to Docker daemon  2.607kB
Step 1/2 : FROM alpine
 ---> d4ff818577bc
Step 2/2 : COPY . .
 ---> 556f745e6938
Successfully built 556f745e6938
Successfully tagged foo:latest

DOCKER_BUILDKIT=0 docker build --no-cache -f- . <<'EOF'
FROM alpine
COPY . .
EOF

Sending build context to Docker daemon  2.607kB
Step 1/2 : FROM alpine
 ---> d4ff818577bc
Step 2/2 : COPY . .
 ---> aaaee43bec5e
Successfully built aaaee43bec5e
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-08-10 23:19:14 +02:00
Sebastiaan van Stijn 23ed50c10f
replace docker/pkg/signal with github.com/moby/sys/signal
The github.com/docker/docker/pkg/signal package was moved to a separate
module in moby/sys.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-08-09 19:15:46 +02:00
Sebastiaan van Stijn 8964595692
info: skip client-side warning about seccomp profile on API >= 1.42
This warning will be moved to the daemon-side, similar to how it returns
other warnings. There's work in progress to change the name of the default
profile, so we may need to backport this change to prevent existing clients
from printing an incorrect warning if they're connecting to a newer daemon.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-08-04 16:03:09 +02:00
Sebastiaan van Stijn 0b2eaa7f72
cli/command: don't use client.CustomHTTPHeaders(), and simplify asserts
It's the only use of this function, and it's better to check that
the client actually sends the header.

This also simplifies some asserts, and makes sure that "actual" and "expected"
are in the correct order.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-07-29 10:26:10 +02:00
Sebastiaan van Stijn 40c6b117e7
change TestNewAPIClientFromFlagsWithHttpProxyEnv to an e2e test
Golang uses a `sync.Once` when determining the proxy to use. This means
that it's not possible to test the proxy configuration in unit tests,
because the proxy configuration will be "fixated" the first time Golang
detects the proxy configuration.

This patch changes TestNewAPIClientFromFlagsWithHttpProxyEnv to an e2e
test so that we can verify the CLI picks up the proxy configuration.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-07-28 22:33:12 +02:00
Sebastiaan van Stijn 15535d4594
context: deprecate support for encrypted TLS private keys
> Legacy PEM encryption as specified in RFC 1423 is insecure by design. Since
> it does not authenticate the ciphertext, it is vulnerable to padding oracle
> attacks that can let an attacker recover the plaintext

From https://go-review.googlesource.com/c/go/+/264159

> It's unfortunate that we don't implement PKCS#8 encryption so we can't
> recommend an alternative but PEM encryption is so broken that it's worth
> deprecating outright.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-07-28 14:42:45 +02:00
Sebastiaan van Stijn 2688f25eb7
cli/context: ignore linting warnings about RFC 1423 encryption
From https://go-review.googlesource.com/c/go/+/264159

> It's unfortunate that we don't implement PKCS#8 encryption so we can't
> recommend an alternative but PEM encryption is so broken that it's worth
> deprecating outright.

When linting on Go 1.16:

    cli/context/docker/load.go:69:6: SA1019: x509.IsEncryptedPEMBlock is deprecated: Legacy PEM encryption as specified in RFC 1423 is insecure by design. Since it does not authenticate the ciphertext, it is vulnerable to padding oracle attacks that can let an attacker recover the plaintext.  (staticcheck)
            if x509.IsEncryptedPEMBlock(pemBlock) {
               ^
    cli/context/docker/load.go:70:20: SA1019: x509.DecryptPEMBlock is deprecated: Legacy PEM encryption as specified in RFC 1423 is insecure by design. Since it does not authenticate the ciphertext, it is vulnerable to padding oracle attacks that can let an attacker recover the plaintext.  (staticcheck)
                keyBytes, err = x509.DecryptPEMBlock(pemBlock, []byte(c.TLSPassword))
                                ^

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-07-26 18:00:01 +02:00
Sebastiaan van Stijn 7a0dc924f9
Add support for ALL_PROXY
Support for ALL_PROXY as default build-arg was added recently in
buildkit and the classic builder.

This patch adds the `ALL_PROXY` environment variable to the list of
configurable proxy variables, and updates the documentation.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-07-21 09:06:18 +02:00
Brian Goff 4ce521c503
info: print errors to stderr
Errors always need to go to stderr.
This also fixes a test in moby/moby's integration-cli which is checking
to see if errors connecting to the daemon are output on stderr.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-07-13 11:43:32 +02:00
Sebastiaan van Stijn d738e7c489
docker info: skip API connection if possible
The docker info output contains both "local" and "remote" (daemon-side) information.
The API endpoint to collect daemon information (`/info`) is known to be "heavy",
and (depending on what information is needed) not needed.

This patch checks if the template (`--format`) used requires information from the
daemon, and if not, omits making an API request.

This will improve performance if (for example), the current "context" is requested
from `docker info` or if only plugin information is requested.

Before:

    time docker info --format '{{range  .ClientInfo.Plugins}}Plugin: {{.Name}}, {{end}}'
    Plugin: buildx, Plugin: compose, Plugin: scan,

    ________________________________________________________
    Executed in  301.91 millis    fish           external
       usr time  168.64 millis   82.00 micros  168.56 millis
       sys time  113.72 millis  811.00 micros  112.91 millis

    time docker info --format '{{json .ClientInfo.Plugins}}'

    time docker info --format '{{.ClientInfo.Context}}'
    default

    ________________________________________________________
    Executed in  334.38 millis    fish           external
       usr time  177.23 millis   93.00 micros  177.13 millis
       sys time  124.90 millis  927.00 micros  123.97 millis

    docker context use remote-ssh-daemon
    time docker info --format '{{.ClientInfo.Context}}'
    remote-ssh-daemon

    ________________________________________________________
    Executed in    1.22 secs   fish           external
       usr time  116.93 millis  110.00 micros  116.82 millis
       sys time  144.36 millis  887.00 micros  143.47 millis

And daemon logs:

    Jul 06 12:42:12 remote-ssh-daemon dockerd[14377]: time="2021-07-06T12:42:12.139529947Z" level=debug msg="Calling HEAD /_ping"
    Jul 06 12:42:12 remote-ssh-daemon dockerd[14377]: time="2021-07-06T12:42:12.140772052Z" level=debug msg="Calling HEAD /_ping"
    Jul 06 12:42:12 remote-ssh-daemon dockerd[14377]: time="2021-07-06T12:42:12.163832016Z" level=debug msg="Calling GET /v1.41/info"

After:

    time ./build/docker info --format '{{range  .ClientInfo.Plugins}}Plugin: {{.Name}}, {{end}}'
    Plugin: buildx, Plugin: compose, Plugin: scan,

    ________________________________________________________
    Executed in  139.84 millis    fish           external
       usr time   76.53 millis   62.00 micros   76.46 millis
       sys time   69.25 millis  723.00 micros   68.53 millis

    time ./build/docker info --format '{{.ClientInfo.Context}}'
    default

    ________________________________________________________
    Executed in  136.94 millis    fish           external
       usr time   74.61 millis   74.00 micros   74.54 millis
       sys time   65.77 millis  858.00 micros   64.91 millis

    docker context use remote-ssh-daemon
    time ./build/docker info --format '{{.ClientInfo.Context}}'
    remote-ssh-daemon

    ________________________________________________________
    Executed in    1.02 secs   fish           external
       usr time   74.25 millis   76.00 micros   74.17 millis
       sys time   65.09 millis  643.00 micros   64.44 millis

And daemon logs:

    Jul 06 12:42:55 remote-ssh-daemon dockerd[14377]: time="2021-07-06T12:42:55.313654687Z" level=debug msg="Calling HEAD /_ping"
    Jul 06 12:42:55 remote-ssh-daemon dockerd[14377]: time="2021-07-06T12:42:55.314811624Z" level=debug msg="Calling HEAD /_ping"

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-07-06 17:04:34 +02:00
Mathieu Champlon a033cdf515 Deprecate Kubernetes context support
Signed-off-by: Mathieu Champlon <mathieu.champlon@docker.com>
2021-07-01 18:39:00 +02:00
Mathieu Champlon c05f0f5957 Deprecate Kubernetes stack support
Signed-off-by: Mathieu Champlon <mathieu.champlon@docker.com>
2021-07-01 18:39:00 +02:00
Sebastiaan van Stijn 4a6fe51157
Merge pull request #2940 from thaJeztah/rollback_progress_bars
UX: don't reverse progress-bars when rolling back
2021-06-29 16:02:45 +02:00
Sebastiaan van Stijn 678c2fde98
UX: don't reverse progress-bars when rolling back
Commit 330a003533
introduced "synchronous" service update and rollback, using progress bars to show
current status for each task.

As part of that change, progress bars were "reversed" when doing a rollback, to
indicate that status was rolled back to a previous state.

Reversing direction is somewhat confusing, as progress bars now return to their
"initial" state to indicate it was "completed"; for an "automatic" rollback, this
may be somewhat clear (progress bars "move to the right", then "roll back" if the
update failed), but when doing a manual rollback, it feels counter-intuitive
(rolling back is the _expected_ outcome).

This patch removes the code to reverse the direction of progress-bars, and makes
progress-bars always move from left ("start") to right ("finished").

Before this patch
----------------------------------------

1. create a service with automatic rollback on failure

    $ docker service create --update-failure-action=rollback --name foo --tty --replicas=5 nginx:alpine
    9xi1w3mv5sqtyexsuh78qg0cb
    overall progress: 5 out of 5 tasks
    1/5: running   [==================================================>]
    2/5: running   [==================================================>]
    3/5: running   [==================================================>]
    4/5: running   [==================================================>]
    5/5: running   [==================================================>]
    verify: Waiting 2 seconds to verify that tasks are stable...

2. update the service, making it fail after 3 seconds

    $ docker service update --entrypoint="/bin/sh -c 'sleep 3; exit 1'" foo
    overall progress: rolling back update: 2 out of 5 tasks
    1/5: running   [==================================================>]
    2/5: running   [==================================================>]
    3/5: starting  [============================================>      ]
    4/5: running   [==================================================>]
    5/5: running   [==================================================>]

3. Once the service starts failing, automatic rollback is started; progress-bars now move in the reverse direction;

    overall progress: rolling back update: 3 out of 5 tasks
    1/5: ready     [===========>                                       ]
    2/5: ready     [===========>                                       ]
    3/5: running   [>                                                  ]
    4/5: running   [>                                                  ]
    5/5: running   [>                                                  ]

4. When the rollback is completed, the progressbars are at the "start" to indicate they completed;

    overall progress: rolling back update: 5 out of 5 tasks
    1/5: running   [>                                                  ]
    2/5: running   [>                                                  ]
    3/5: running   [>                                                  ]
    4/5: running   [>                                                  ]
    5/5: running   [>                                                  ]
    rollback: update rolled back due to failure or early termination of task bndiu8a998agr8s6sjlg9tnrw
    verify: Service converged

After this patch
----------------------------------------

Progress bars always go from left to right; also in a rollback situation;

After updating to the "faulty" entrypoint, task are deployed:

    $ docker service update --entrypoint="/bin/sh -c 'sleep 3; exit 1'" foo
    foo
    overall progress: 1 out of 5 tasks
    1/5:
    2/5: running   [==================================================>]
    3/5: ready     [======================================>            ]
    4/5:
    5/5:

Once tasks start failing, rollback is started, and presented the same as a regular
update; progress bars go from left to right;

    overall progress: rolling back update: 3 out of 5 tasks
    1/5: ready     [======================================>            ]
    2/5: starting  [============================================>      ]
    3/5: running   [==================================================>]
    4/5: running   [==================================================>]
    5/5: running   [==================================================>]
    rollback: update rolled back due to failure or early termination of task c11dxd7ud3d5pq8g45qkb4rjx

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-06-22 10:28:46 +02:00
Sebastiaan van Stijn a04c8210a6
vendor: github.com/docker/docker 25917217cab38eab40c3db0010b915258f4a8491
b0f5bc36fe..25917217ca

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-06-22 10:16:54 +02:00
Sebastiaan van Stijn 16131fb459
Slight cleanup/refactor of attachContainer
Return early in case there's an error, and declare variables closer
to where they're used.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-05-31 15:33:31 +02:00
Sebastiaan van Stijn 1142740996
Merge pull request #2972 from thaJeztah/ipv6_port_join
Use net.JoinHostPort() to fix formatting with IPv6 addresses
2021-05-25 14:58:47 +02:00
Sebastiaan van Stijn 6b4d2e83cd
Merge pull request #3103 from djs55/ignore_sigurg_darwin
Ignore SIGURG on Unix (including Darwin)
2021-05-25 12:29:14 +02:00