Commit Graph

7421 Commits

Author SHA1 Message Date
Sebastiaan van Stijn a0cacb0887
Merge pull request #2811 from thaJeztah/parse_uint
opts: fix potential integer overflow CWE-190, CWE-681
2020-10-24 10:31:58 +02:00
Sebastiaan van Stijn 7150736688
Deprecation: add experimental docker build --stream option
Docker v17.07 introduced an experimental `--stream` flag on `docker build` which
allowed the build-context to be incrementally sent to the daemon, instead of
unconditionally sending the whole build-context.

This functionality has been reimplemented as part of BuildKit, which uses streaming
by default and the `--stream` option will be ignored when using the classic builder,
printing a deprecation warning instead.

Users that want to use this feature are encouraged to enable BuildKit by setting
the `DOCKER_BUILDKIT=1` environment variable or through the daemon or CLI configuration
files.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-24 01:58:54 +02:00
Sebastiaan van Stijn a40beedcc3
builder: print deprecation warning instead of failing for --stream
While performance will be worse, we can safely ignore the --stream
option when used, and print a deprecation warning instead of failing
the build.

With this patch:

    echo -e "FROM scratch\nLABEL foo=bar" | docker build --stream -
    DEPRECATED: The experimental --stream flag has been removed and the build context
                will be sent non-streaming. Enable BuildKit instead with DOCKER_BUILDKIT=1
                to stream build context, see https://docs.docker.com/go/buildkit/

    Sending build context to Docker daemon  2.048kB
    Step 1/2 : FROM scratch
     --->
    Step 2/2 : LABEL foo=bar
     ---> Running in 99e4021085b6
    Removing intermediate container 99e4021085b6
     ---> 1a7a41be241f
    Successfully built 1a7a41be241f

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-24 01:58:47 +02:00
Sebastiaan van Stijn 5cd19d1fec
opts: fix potential integer overflow CWE-190, CWE-681
Caught by CodeQL:

> Incorrect conversion of an integer with architecture-dependent bit size
> from strconv.ParseUint to a lower bit size type uint16 without an upper
> bound check.

fixes https://github.com/docker/cli/security/code-scanning/2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-24 01:30:42 +02:00
Sebastiaan van Stijn 064148042d
Merge pull request #2808 from charlottemach/master
Replace deprecated instruction
2020-10-24 00:44:12 +02:00
Charlotte Mach aa4cb24739 Replace deprecated instruction
MAINTAINER is deprecated, replacing with LABEL as recommended by
https://docs.docker.com/engine/reference/builder/#maintainer-deprecated

Signed-off-by: Charlotte Mach <charlotte.mach@fs.lmu.de>
2020-10-23 19:49:51 +02:00
Tibor Vass 95fe476706
Merge pull request #2803 from thaJeztah/bump_engine
Update docker/docker and dependencies to current master
2020-10-22 12:43:39 -07:00
Tibor Vass ff10c7ab96
Merge pull request #2796 from thaJeztah/bump_vndr
Bump vndr v0.1.2
2020-10-22 12:41:23 -07:00
Tibor Vass 7fedb0e54f
Merge pull request #2775 from thaJeztah/notabs
Replace tab with spaces in usage output
2020-10-22 12:40:42 -07:00
Sebastiaan van Stijn d1b4b61328
Merge pull request #2799 from tonistiigi/plugin-sigterm
handle sigterm on running a plugin
2020-10-22 20:55:07 +02:00
Tonis Tiigi 857f5856f8 handle sigterm on running a plugin
While running a plugin and canceling with SIGTERM, main process will
close right away without letting the plugin close itself down and handle
the exit code properly. Add appcontext that is useful for handling
sigterm, as well as supporting sigkill when things go wrong.

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-10-21 22:32:49 -07:00
Sebastiaan van Stijn b981f2454e
vendor: cloud.google.com/go v0.44.3
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-20 22:56:42 +02:00
Sebastiaan van Stijn f5670e1069
vendor: opencontainers/go-digest v1.0.0
full diff: https://github.com/opencontainers/go-digest/compare/v1.0.0-rc1...v1.0.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-20 22:48:55 +02:00
Sebastiaan van Stijn ceffcc527e
vendor: github.com/gofrs/flock v0.7.3
full diff: https://github.com/gofrs/flock/compare/v0.7.1...v0.7.3

Relevant changes:

- fix: close/Unlock won't close the file descriptor if not locked
- fix license text, update year

Note that there's also a v0.8.0 release; that release only adds aix support,
which is currently of no interest to us, so skipping that version for now.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-20 22:46:48 +02:00
Sebastiaan van Stijn 15c928eae1
vendor: docker/docker 73dc6a680cdd48f2f993f1a1b91aac1dd23d47c8
full diff: 7f7e4abb33...73dc6a680c

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-20 22:31:42 +02:00
Silvin Lubecki 46e24f515e
Merge pull request #2801 from thaJeztah/fix_missing_manual_entry
man-pages: fix missing manual title in heading
2020-10-20 14:22:48 +02:00
Sebastiaan van Stijn b46ef4659e
man-pages: fix missing manual title in heading
This was set in our manually written markdowns, but not in the man pages
generated through Cobra.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-20 12:54:57 +02:00
Silvin Lubecki 16127e2588
Merge pull request #2794 from thaJeztah/bump_cobra
vendor: github.com/spf13/cobra v1.1.1
2020-10-20 12:51:43 +02:00
Sebastiaan van Stijn 74d45bbf61
vendor: github.com/spf13/cobra v1.1.1
full diff: https://github.com/spf13/cobra/compare/v1.0.0...v1.1.1

Notable changes:

- Extend Go completions and revamp zsh comp
- Add completion for help command
- Complete subcommands when TraverseChildren is set
- Fix stderr printing functions
- fix: fish output redirection
- fix manpage building with new go-md2man

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-20 12:39:57 +02:00
Sebastiaan van Stijn 32861cb7aa
Merge pull request #2800 from thaJeztah/fix_man_titleblocks
Update man-page source MarkDown to work with go-md2man v2
2020-10-20 12:37:37 +02:00
Silvin Lubecki 94430f66b8
Merge pull request #2798 from thaJeztah/deprecate_lcow
Deprecate Linux containers on Windows (LCOW) (experimental)
2020-10-20 12:30:32 +02:00
Sebastiaan van Stijn 5355f2f639
Update man-page source MarkDown to work with go-md2man v2
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-20 12:21:15 +02:00
Sebastiaan van Stijn faac84e35d
Deprecate Linux containers on Windows (LCOW) (experimental)
The experimental feature to run Linux containers on Windows (LCOW) was introduced
as a technical preview in Docker 17.09. While many enhancements were made after
its introduction, the feature never reached completeness, and development has
now stopped in favor of running docker natively on Linux in WSL2.

Developers that need to run Linux workloads on a Windows host are encouraged
to use Docker Desktop with WSL2 instead.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-16 14:10:22 +02:00
Sebastiaan van Stijn 8328ee1965
Bump vndr v0.1.2
full diff: https://github.com/LK4D4/vndr/compare/v0.1.1...v0.1.2

- cleanVCS: prevent panic
- Consider '.syso' as a Go file for vendoring

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-16 01:32:00 +02:00
Sebastiaan van Stijn 9b3eef5218
Merge pull request #2755 from thaJeztah/dont_save_useragent
Config-file: remove User-Agent from config.json when saving
2020-10-15 22:17:59 +02:00
Tibor Vass 8107a381c1
Merge pull request #2788 from thaJeztah/reversion
Update versions 20.03 -> 20.10
2020-10-13 14:37:16 -07:00
Sebastiaan van Stijn ee41923645
docs: update 20.03 -> 20.10 in docker update docs
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-13 09:39:42 +02:00
Sebastiaan van Stijn 6c0a3dfbff
docs: update 20.03 -> 20.10 in deprecated.md
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-13 09:38:48 +02:00
Sebastiaan van Stijn 06c1f784dd
Update version to 20.10-dev
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-13 09:37:17 +02:00
bn4t 53e2110fa3 Wait on waitgroup instead of using time.Sleep
Closes #2784
Signed-off-by: bn4t <me@bn4t.me>
2020-10-12 10:32:53 +02:00
Rahul Kadyan 7baac8c147
feat: allow ssh flag arguments
Signed-off-by: Rahul Kadyan <hi@znck.me>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-08 17:11:26 +02:00
Silvin Lubecki ac365d7175
Merge pull request #2780 from thaJeztah/fix_links
docs: fix broken links in build reference
2020-10-07 11:36:37 +02:00
Sebastiaan van Stijn 3fe574b7ef
docs: fix broken links in build reference
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-07 11:06:46 +02:00
Silvin Lubecki 6916b427a0
Merge pull request #2774 from thaJeztah/drop_experimental
Always enable experimental features
2020-10-02 17:34:01 +02:00
Sebastiaan van Stijn 610def40f1
Merge pull request #2773 from thaJeztah/deprecate_experimental_options
Deprecate configuration options for experimental CLI features
2020-10-02 16:36:15 +02:00
Sebastiaan van Stijn 977d3ae046
Always enable experimental features
The CLI disabled experimental features by default, requiring users
to set a configuration option to enable them.

Disabling experimental features was a request from Enterprise users
that did not want experimental features to be accessible.

We are changing this policy, and now enable experimental features
by default. Experimental features may still change and/or removed,
and will be highlighted in the documentation and "usage" output.

For example, the `docker manifest inspect --help` output now shows:

    EXPERIMENTAL:
      docker manifest inspect is an experimental feature.

      Experimental features provide early access to product functionality. These features
      may change between releases without warning or can be removed entirely from a future
      release. Learn more about experimental features: https://docs.docker.com/go/experimental/

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-02 15:59:42 +02:00
Sebastiaan van Stijn e6ef3349f6
update docs usage output to match new format
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-02 15:51:01 +02:00
Sebastiaan van Stijn 7f3717bd2a
Replace tab with spaces in usage output
All output of the usage / --help output uses spaces, and having a tab
in the output can be somewhat cumbersome (e.g. our YAML docs generator
doesn't like them, and copy/pasing the output in iTerm produces a warning).

This patch changes the output to use two spaces instead.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-02 15:41:17 +02:00
Sebastiaan van Stijn d9c36c2878
cli: print experimental message in usage output
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-02 15:30:52 +02:00
Sebastiaan van Stijn de8b696ed6
docs/deprecated: remove minor versions
Some deprecations are ammended during a major (YY.MM) release, to
inform users as early as possible about deprecations. Removing the
minor version from this overview clarifies that features are
marked deprecated during which major release's lifecycle.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-02 14:15:42 +02:00
Sebastiaan van Stijn 48822564b6
docs: deprecate CLI options for experimental CLI features
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-02 14:10:27 +02:00
Sebastiaan van Stijn c2225ad126
docs: add /go/experimental/ vanity URL
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-02 13:59:55 +02:00
Silvin Lubecki 9b92be00e4
Merge pull request #2770 from thaJeztah/codeql_cron_only
GH Actions: run CodeQL only on cron-job, not on pull requests
2020-10-01 17:17:07 +02:00
Sebastiaan van Stijn 0d11ef3056
GH Actions: run CodeQL only on cron-job, not on pull requests
Analysis takes more than 10 minutes, which is quite long to
run, so change it to only run on a cron job.

Also changing the cron to run on Thursdays instead of Fridays;
no need to worry about security issues during the Weekend.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-01 16:51:28 +02:00
Sebastiaan van Stijn 3f19902eae
Config-file: remove User-Agent from config.json when saving
The config.json allows for setting custom HTTP headers, but given that
User-Agent is not customizable, we should remove it from the config before saving;

Before this change;

    $ cat ~/.docker/config.json
    {
        "auths": {
            "https://index.docker.io/v1/": {
                "auth": "<base64 auth>"
            }
        },
        "HttpHeaders": {
            "User-Agent": "Docker-Client/19.03.12 (linux)"
        }
    }

    $ docker logout
    {
        "auths": {},
        "HttpHeaders": {
            "User-Agent": "Docker-Client/19.03.12 (linux)"
        }
    }

After this change:

    $ cat ~/.docker/config.json
    {
        "auths": {
            "https://index.docker.io/v1/": {
                "auth": "<base64 auth>"
            }
        },
        "HttpHeaders": {
            "User-Agent": "Docker-Client/19.03.12 (linux)"
        }
    }

    $ docker logout
    Removing login credentials for https://index.docker.io/v1/

    $ cat ~/.docker/config.json
    {
        "auths": {}
    }

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-01 15:04:39 +02:00
Silvin Lubecki 749c62fb4d
Merge pull request #2768 from thaJeztah/add_codeql
Add CodeQL Analysis workflow (again)
2020-10-01 15:02:49 +02:00
Sebastiaan van Stijn c8e3ddc768
Add CodeQL Analysis workflow (again)
This feature went GA, so adding this workflow again. Workflow
is updated to the suggested template when enabling.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-01 14:23:28 +02:00
Silvin Lubecki b4097f7ef2
Merge pull request #2756 from thaJeztah/fix_overwrite_headers
Fix initializing client modifying custom HTTPHeaders
2020-09-30 15:13:12 +02:00
Silvin Lubecki de632b7ab0
Merge pull request #2763 from thaJeztah/update_logrus
vendor: sirupsen/logrus v1.7.0
2020-09-30 15:01:06 +02:00
Sebastiaan van Stijn 2d6b5e8abc
vendor: sirupsen/logrus v1.7.0
full diff: https://github.com/sirupsen/logrus/compare/v1.6.0...v1.7.0

removes dependency on github.com/konsorten/go-windows-terminal-sequences

Features:
   * a new buffer pool management API has been added
   * a set of `<LogLevel>Fn()` functions have been added

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-30 13:42:17 +02:00