Commit Graph

125 Commits

Author SHA1 Message Date
Sebastiaan van Stijn 61baf2a3d9
Merge pull request #5570 from thaJeztah/credentials_coverage
cli/config/credentials: add test for save being idempotent
2024-10-22 16:36:58 +02:00
Sebastiaan van Stijn c34b80bc65
Merge pull request #5567 from thaJeztah/config_fix_err
cli/config: improve error when failing to parse config file
2024-10-22 14:05:45 +02:00
Sebastiaan van Stijn 3c78069240
cli/config/credentials: add test for save being idempotent
Test case for d3f6867e4d

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-10-22 12:22:54 +02:00
Sebastiaan van Stijn 0dd6f7f1b3
cil/config/credentials: remove newStore() test-utility
This function was names slightly confusing, as it returns a fakeStore,
and it didn't do any constructing, so didn't provide value above just
constructing the type.

I'm planning to add more functionality to the fakeStore, but don't want
to maintain a full-fledged constructor for all of that, so let's remove
this utility.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-10-22 10:58:29 +02:00
Sebastiaan van Stijn d96f8b7f91
cli/config: improve error when failing to parse config file
The format had a stray colon and space included. While fixing that, also
updating the error message to clarify the error happened while parsing
the file (not so much "loading" it).

Before:

    WARNING: Error loading config file: /root/.docker/config.json: : json: cannot unmarshal bool into Go struct field ConfigFile.features of type string

After:

    WARNING: Error parsing config file (/root/.docker/config.json): json: cannot unmarshal bool into Go struct field ConfigFile.features of type string

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-10-21 18:26:02 +02:00
Sebastiaan van Stijn d3f6867e4d
cli/config/credentials: skip saving config-file if credentials didn't change
Before this change, the config-file was always updated, even if there
were no changes to save. This could cause issues when the config-file
already had credentials set and was read-only for the current user.

For example, on NixOS, this poses a problem because `config.json` is a
symlink to a write-protected file;

    $ readlink ~/.docker/config.json
    /home/username/.config/sops-nix/secrets/ghcr_auth

    $ readlink -f ~/.docker/config.json
    /run/user/1000/secrets.d/28/ghcr_auth

Which causes `docker login` to fail, even if no changes were to be made;

    Error saving credentials: rename /home/derek/.docker/config.json2180380217 /home/username/.config/sops-nix/secrets/ghcr_auth: invalid cross-device link

This patch updates the code to only update the config file if changes
were detected. It there's nothing to save, it skips updating the file,
as well as skips printing the warning about credentials being stored
insecurely.

With this patch applied:

    $ docker login -u yourname
    Password:

    WARNING! Your credentials are stored unencrypted in '/root/.docker/config.json'.
    Configure a credential helper to remove this warning. See
    https://docs.docker.com/go/credential-store/

    Login Succeeded

    $ docker login -u yourname
    Password:
    Login Succeeded

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-10-21 00:19:52 +02:00
Laura Brehm 5eb3275c28
filestore: don't print warning multiple times
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2024-08-14 19:48:08 +01:00
Sebastiaan van Stijn ab80ea355f
cli/config/credentials: move warning to fileStore
The fileStore itself is aware that it's insecure, so we can make it
responsible for printing the warning. It's not "perfect", as we use
`os.Stderr` unconditionally (not `dockerCli.Err()`), but probably won't
make a difference in _most_ cases.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-07-19 01:42:01 +02:00
Sebastiaan van Stijn ab230240ad
test spring-cleaning
This makes a quick pass through our tests;

Discard output/err
----------------------------------------------

Many tests were testing for error-conditions, but didn't discard output.
This produced a lot of noise when running the tests, and made it hard
to discover if there were actual failures, or if the output was expected.
For example:

    === RUN   TestConfigCreateErrors
    Error: "create" requires exactly 2 arguments.
    See 'create --help'.

    Usage:  create [OPTIONS] CONFIG file|- [flags]

    Create a config from a file or STDIN
    Error: "create" requires exactly 2 arguments.
    See 'create --help'.

    Usage:  create [OPTIONS] CONFIG file|- [flags]

    Create a config from a file or STDIN
    Error: error creating config
    --- PASS: TestConfigCreateErrors (0.00s)

And after discarding output:

    === RUN   TestConfigCreateErrors
    --- PASS: TestConfigCreateErrors (0.00s)

Use sub-tests where possible
----------------------------------------------

Some tests were already set-up to use test-tables, and even had a usable
name (or in some cases "error" to check for). Change them to actual sub-
tests. Same test as above, but now with sub-tests and output discarded:

    === RUN   TestConfigCreateErrors
    === RUN   TestConfigCreateErrors/requires_exactly_2_arguments
    === RUN   TestConfigCreateErrors/requires_exactly_2_arguments#01
    === RUN   TestConfigCreateErrors/error_creating_config
    --- PASS: TestConfigCreateErrors (0.00s)
        --- PASS: TestConfigCreateErrors/requires_exactly_2_arguments (0.00s)
        --- PASS: TestConfigCreateErrors/requires_exactly_2_arguments#01 (0.00s)
        --- PASS: TestConfigCreateErrors/error_creating_config (0.00s)
    PASS

It's not perfect in all cases (in the above, there's duplicate "expected"
errors, but Go conveniently adds "#01" for the duplicate). There's probably
also various tests I missed that could still use the same changes applied;
we can improve these in follow-ups.

Set cmd.Args to prevent test-failures
----------------------------------------------

When running tests from my IDE, it compiles the tests before running,
then executes the compiled binary to run the tests. Cobra doesn't like
that, because in that situation `os.Args` is taken as argument for the
command that's executed. The command that's tested now sees the test-
flags as arguments (`-test.v -test.run ..`), which causes various tests
to fail ("Command XYZ does not accept arguments").

    # compile the tests:
    go test -c -o foo.test

    # execute the test:
    ./foo.test -test.v -test.run TestFoo
    === RUN   TestFoo
    Error: "foo" accepts no arguments.

The Cobra maintainers ran into the same situation, and for their own
use have added a special case to ignore `os.Args` in these cases;
https://github.com/spf13/cobra/blob/v1.8.1/command.go#L1078-L1083

    args := c.args

    // Workaround FAIL with "go test -v" or "cobra.test -test.v", see #155
    if c.args == nil && filepath.Base(os.Args[0]) != "cobra.test" {
        args = os.Args[1:]
    }

Unfortunately, that exception is too specific (only checks for `cobra.test`),
so doesn't automatically fix the issue for other test-binaries. They did
provide a `cmd.SetArgs()` utility for this purpose
https://github.com/spf13/cobra/blob/v1.8.1/command.go#L276-L280

    // SetArgs sets arguments for the command. It is set to os.Args[1:] by default, if desired, can be overridden
    // particularly useful when testing.
    func (c *Command) SetArgs(a []string) {
        c.args = a
    }

And the fix is to explicitly set the command's args to an empty slice to
prevent Cobra from falling back to using `os.Args[1:]` as arguments.

    cmd := newSomeThingCommand()
    cmd.SetArgs([]string{})

Some tests already take this issue into account, and I updated some tests
for this, but there's likely many other ones that can use the same treatment.

Perhaps the Cobra maintainers would accept a contribution to make their
condition less specific and to look for binaries ending with a `.test`
suffix (which is what compiled binaries usually are named as).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-07-04 01:35:12 +02:00
Sebastiaan van Stijn 8b0a7b025d
cli/config/credentials: ConvertToHostname: handle IP-addresses
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-06-26 13:43:02 +02:00
Carston Schilds 2380481609 re-introduced support for port numbers in docker registry URL
Signed-off-by: Carston Schilds <Carston.Schilds@visier.com>
2024-06-25 15:36:31 -07:00
Sebastiaan van Stijn 9f8bda1df9
cli/config: replace pkg/homedir dependency with local copy
There's some consumers of the config package that don't need any of the
other parts of the code, but because of the pkg/homedir were now forced
to also depend on docker/docker.

This patch introduces a local copy of the function to prevent this.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-06-24 11:41:53 +02:00
Sebastiaan van Stijn 8376b3e428
use local ConvertToHostname() implementation
Commit 27b2797f7d added a local implementation
of this function, so let's use the local variant to (slightly) reduce the
dependency on moby's registry package.

Also made some minor cleanups.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-06-14 00:25:21 +02:00
Sebastiaan van Stijn dc75e9ed6c
cli/config: do not discard permission errors when loading config-file
When attempting to load a config-file that exists, but is not accessible for
the current user, we should not discard the error.

This patch makes sure that the error is returned by Load(), but does not yet
change LoadDefaultConfigFile, as this requires a change in signature.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-05-22 10:31:59 +02:00
Sebastiaan van Stijn c80adf4e87
cli/config: TestLoadDefaultConfigFile: check that no warnings are printed
Loading the config should print no warnings on a successful load.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-05-22 10:31:59 +02:00
Sebastiaan van Stijn de91207b87
cli/config: add test for dangling symlink for config-file
This may need further discussion, but we currently handle dangling
symlinks gracefully, so let's add a test for this, and verify that
we don't replace symlinks with a file.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-05-22 10:31:58 +02:00
Sebastiaan van Stijn 426fb2fd81
cli/config: Load(), LoadDefaultConfigFile(): improve GoDoc
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-05-22 10:31:47 +02:00
Laura Brehm c5016c6d5b
cli-plugins: Introduce support for hooks
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2024-03-22 17:30:18 +00:00
Sebastiaan van Stijn 8661552e7a
golangci-lint: enable thelper linter
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-20 16:02:17 +01:00
Sebastiaan van Stijn 888df09879
linting: address assorted issues found by gocritic
internal/test/builders/config.go:36:15: captLocal: `ID' should not be capitalized (gocritic)
    func ConfigID(ID string) func(config *swarm.Config) {
                  ^
    internal/test/builders/secret.go:45:15: captLocal: `ID' should not be capitalized (gocritic)
    func SecretID(ID string) func(secret *swarm.Secret) {
                  ^
    internal/test/builders/service.go:21:16: captLocal: `ID' should not be capitalized (gocritic)
    func ServiceID(ID string) func(*swarm.Service) {
                   ^
    cli/command/image/formatter_history.go💯15: wrapperFunc: use strings.ReplaceAll method in `strings.Replace(c.h.CreatedBy, "\t", " ", -1)` (gocritic)
        createdBy := strings.Replace(c.h.CreatedBy, "\t", " ", -1)
                     ^
    e2e/image/push_test.go:246:34: badCall: suspicious Join on 1 argument (gocritic)
        assert.NilError(t, os.RemoveAll(filepath.Join(dir.Join("trust"))))
                                        ^
    e2e/image/push_test.go:313:34: badCall: suspicious Join on 1 argument (gocritic)
        assert.NilError(t, os.RemoveAll(filepath.Join(dir.Join("trust"))))
                                        ^
    cli/config/configfile/file_test.go:185:2: assignOp: replace `c.GetAllCallCount = c.GetAllCallCount + 1` with `c.GetAllCallCount++` (gocritic)
        c.GetAllCallCount = c.GetAllCallCount + 1
        ^
    cli/command/context/inspect_test.go:20:58: wrapperFunc: use strings.ReplaceAll method in `strings.Replace(si.MetadataPath, `\`, `\\`, -1)` (gocritic)
        expected = strings.Replace(expected, "<METADATA_PATH>", strings.Replace(si.MetadataPath, `\`, `\\`, -1), 1)
                                                                ^
    cli/command/context/inspect_test.go:21:53: wrapperFunc: use strings.ReplaceAll method in `strings.Replace(si.TLSPath, `\`, `\\`, -1)` (gocritic)
        expected = strings.Replace(expected, "<TLS_PATH>", strings.Replace(si.TLSPath, `\`, `\\`, -1), 1)
                                                           ^
    cli/command/container/formatter_stats.go:119:46: captLocal: `Stats' should not be capitalized (gocritic)
    func statsFormatWrite(ctx formatter.Context, Stats []StatsEntry, osType string, trunc bool) error {
                                                 ^
    cli/command/container/stats_helpers.go:209:4: assignOp: replace `blkRead = blkRead + bioEntry.Value` with `blkRead += bioEntry.Value` (gocritic)
                blkRead = blkRead + bioEntry.Value
                ^
    cli/command/container/stats_helpers.go:211:4: assignOp: replace `blkWrite = blkWrite + bioEntry.Value` with `blkWrite += bioEntry.Value` (gocritic)
                blkWrite = blkWrite + bioEntry.Value
                ^
    cli/command/registry/formatter_search.go:67:10: wrapperFunc: use strings.ReplaceAll method in `strings.Replace(c.s.Description, "\n", " ", -1)` (gocritic)
        desc := strings.Replace(c.s.Description, "\n", " ", -1)
                ^
    cli/command/registry/formatter_search.go:68:9: wrapperFunc: use strings.ReplaceAll method in `strings.Replace(desc, "\r", " ", -1)` (gocritic)
        desc = strings.Replace(desc, "\r", " ", -1)
               ^
    cli/command/service/list_test.go:164:5: assignOp: replace `tc.doc = tc.doc + " with quiet"` with `tc.doc += " with quiet"` (gocritic)
                    tc.doc = tc.doc + " with quiet"
                    ^
    cli/command/service/progress/progress.go:274:11: wrapperFunc: use strings.ReplaceAll method in `strings.Replace(errMsg, "\n", " ", -1)` (gocritic)
        errMsg = strings.Replace(errMsg, "\n", " ", -1)
                 ^
    cli/manifest/store/store.go:153:9: wrapperFunc: use strings.ReplaceAll method in `strings.Replace(fileName, "/", "_", -1)` (gocritic)
        return strings.Replace(fileName, "/", "_", -1)
               ^
    cli/manifest/store/store.go:152:14: wrapperFunc: use strings.ReplaceAll method in `strings.Replace(ref, ":", "-", -1)` (gocritic)
        fileName := strings.Replace(ref, ":", "-", -1)
                    ^
    cli/command/plugin/formatter.go:79:10: wrapperFunc: use strings.ReplaceAll method in `strings.Replace(c.p.Config.Description, "\n", "", -1)` (gocritic)
        desc := strings.Replace(c.p.Config.Description, "\n", "", -1)
                ^
    cli/command/plugin/formatter.go:80:9: wrapperFunc: use strings.ReplaceAll method in `strings.Replace(desc, "\r", "", -1)` (gocritic)
        desc = strings.Replace(desc, "\r", "", -1)
               ^
    cli/compose/convert/service.go:642:23: captLocal: `DNS' should not be capitalized (gocritic)
    func convertDNSConfig(DNS []string, DNSSearch []string) *swarm.DNSConfig {
                          ^

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-20 16:02:16 +01:00
Eric Bode b24e7f85a4
Fix setting ServerAddress property in NativeStore
This will return the ServerAddress property when using the NativeStore.
This happens when you use docker credential helpers, not the credential
store.

The reason this fix is needed is because it needs to be propagated
properly down towards `moby/moby` project in the following logic:

```golang
func authorizationCredsFromAuthConfig(authConfig registrytypes.AuthConfig) docker.AuthorizerOpt {
	cfgHost := registry.ConvertToHostname(authConfig.ServerAddress)
	if cfgHost == "" || cfgHost == registry.IndexHostname {
		cfgHost = registry.DefaultRegistryHost
	}

	return docker.WithAuthCreds(func(host string) (string, string, error) {
		if cfgHost != host {
			logrus.WithFields(logrus.Fields{
				"host":    host,
				"cfgHost": cfgHost,
			}).Warn("Host doesn't match")
			return "", "", nil
		}
		if authConfig.IdentityToken != "" {
			return "", authConfig.IdentityToken, nil
		}
		return authConfig.Username, authConfig.Password, nil
	})
}
```
This logic resides in the following file :
`daemon/containerd/resolver.go` .

In the case when using the containerd storage feature when setting the
`cfgHost` variable from the `authConfig.ServerAddress` it will always be
empty. Since it will never be returned from the NativeStore currently.
Therefore Docker Hub images will work fine, but anything else will fail
since the `cfgHost` will always be the `registry.DefaultRegistryHost`.

Signed-off-by: Eric Bode <eric.bode@foundries.io>
2023-11-11 14:22:23 +01:00
Danial ad43df5e86
configfile: Initialize nil AuthConfigs
Initialize AuthConfigs map if it's nil before returning it.
This fixes fileStore.Store nil dereference panic when adding a new key
to the map.

Signed-off-by: Danial Gharib <danial.mail.gh@gmail.com>
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-07-19 15:36:10 +02:00
Sebastiaan van Stijn e382d43f20
Merge pull request #4384 from thaJeztah/config_sync
cli/config: add synchronisation for configDir (Dir, SetDir)
2023-06-28 14:11:36 +02:00
Sebastiaan van Stijn 0b3cadb056
cli/config: add EnvOverrideConfigDir const
Add a const for the DOCKER_CONFIG to allow documenting its purpose
in code.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-28 13:20:29 +02:00
Sebastiaan van Stijn 13e842a110
cli/config: add synchronisation for configDir (Dir, SetDir)
commit 8a30653ed5 introduced a sync.Once
to allow for the config-directory (and home-dir) to be looked up lazily
instead of in an `init()`.

However, the package-level `configDir` variable can be set through two
separate paths; implicitly (through `config.Dir()`), and explicitly,
through `config.SetDir()`. The existing code had no synchronisation for
this, which could lead to a potential race-condition (code requesting
`config.Dir()` and code setting a custom path through `config.SetDir()`).

This patch adds synchronisation by triggering the `sync.Once` as part of
`config.SetDir()` to prevent it being triggered later (overwriting the
value that was set). It also restores the `resetConfigDir()` utility that
was removed in 379122b033, to allow resetting
the `sync.Once` for this test.

In general, we should get rid of this package-level variable, and store
it as a config on the client (passing the option to locations where its
used instead).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-28 12:58:26 +02:00
Sebastiaan van Stijn 4cf04988ae
remove uses of golang.org/x/sys/execabs
the "golang.org/x/sys/execabs" package was introduced to address a security
issue on Windows, and changing the default behavior of os/exec was considered
a breaking change. go1.19 applied the behavior that was previously implemented
in the execabs package;

from the release notes: https://go.dev/doc/go1.19#os-exec-path

> Command and LookPath no longer allow results from a PATH search to be found
> relative to the current directory. This removes a common source of security
> problems but may also break existing programs that depend on using, say,
> exec.Command("prog") to run a binary named prog (or, on Windows, prog.exe)
> in the current directory. See the os/exec package documentation for information
> about how best to update such programs.
>
> On Windows, Command and LookPath now respect the NoDefaultCurrentDirectoryInExePath
> environment variable, making it possible to disable the default implicit search
> of “.” in PATH lookups on Windows systems.

With those changes, we no longer need to use the execabs package, and we can
switch back to os/exec.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-26 02:03:45 +02:00
Sebastiaan van Stijn 10bade23e1
Merge pull request #4261 from thaJeztah/remove_old_buildtags
remove pre-go1.17 build-tags
2023-05-16 18:12:50 +01:00
Sebastiaan van Stijn 97795bb75f
Merge pull request #4281 from thaJeztah/remove_deprecated_config_warning
cli/config: remove warning for deprecated ~/.dockercfg file
2023-05-16 18:12:26 +01:00
Sebastiaan van Stijn 379122b033
cli/config: remove warning for deprecated ~/.dockercfg file
The `~/.dockercfg` file was replaced by `~/.docker/config.json` in 2015
(github.com/docker/docker/commit/18c9b6c6455f116ae59cde8544413b3d7d294a5e).

Commit b83bc67136 (v23.0.0, but backported to
v20.10) added a warning if no "current" config file was found but a legacy
file was, and if the CLI would fall back to using the deprecated file.

Commit ee218fa89e removed support for the
legacy file, but kept a warning in place if a legacy file was in place,
and now ignored.

This patch removes the warning as well, fully deprecating the legacy
`~/.dockercfg` file.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-10 10:58:10 +02:00
Sebastiaan van Stijn 9b791b4fe9
cli/config: Load: remove outdated FIXME
This FIXME was added in 2013 in c72ff318d3
and it's both unclear which "internal golang config parser" is referred to
here. Given that 10 Years have passed, this will unlikely happen, and doesn't
warrant a FIXME here.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-10 10:33:50 +02:00
Sebastiaan van Stijn ce11b28d83
cli/config/credentials: skip unneeded exec.LookPath()
defaultCredentialsStore() on Linux does an exec.LookPath() for "pass", but
if a custom credential-store is passed to DetectDefaultStore, the result
of that won't be used.

This patch changes the logic to return early if a custom credential-store
is passed.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-05 21:10:18 +02:00
Sebastiaan van Stijn 2ae223038c
remove pre-go1.17 build-tags
Removed pre-go1.17 build-tags with go fix;

    go mod init
    go fix -mod=readonly ./...
    rm go.mod

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-05 18:23:03 +02:00
Sebastiaan van Stijn 66a1c3bab9
cli/config/configfile: remove deprecated StackOrchestrator field
This field was deprecated in 6ea2767289, which
is part of docker 23.0, so users should have had a chance to migrate.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-01 20:36:02 +02:00
Sebastiaan van Stijn dd6ede2109
cli/config/configfile: mockNativeStore: remove name for unused arg (revive)
cli/config/configfile/file_test.go:189:33: unused-parameter: parameter 'authConfig' seems to be unused, consider removing or renaming it as _ (revive)
    func (c *mockNativeStore) Store(authConfig types.AuthConfig) error {
                                    ^

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-03-30 17:22:10 +02:00
Laura Brehm 9e3d5d1528
Fix issue where one bad credential helper causes none to be returned
Instead, skip bad credential helpers (and warn the user about the error)

Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2023-01-31 17:14:30 +01:00
Sebastiaan van Stijn c8bd8932a1
cli/config: use strings.Cut
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-29 15:19:31 +01:00
Sebastiaan van Stijn 616124525e
format go with gofumpt (with -lang=1.19)
Looks like the linter uses an explicit -lang, which (for go1.19)
results in some additional formatting for octal values.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-30 19:14:36 +02:00
Sebastiaan van Stijn 28b0aa9f1a
replace uses of deprecated env.Patch()
Also removing redundant defer for env.PatchAll(), which is now automatically
handled in t.Cleanup()

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-22 17:28:07 +02:00
Sebastiaan van Stijn b901f5d142
TestSaveFileToDirs: use filepath.Join()
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-05-04 19:49:10 +02:00
Sebastiaan van Stijn ee218fa89e
Deprecation: config: remove support for old ~/.dockercfg
The `~/.dockercfg` file was replaced by `~/.docker/config.json` in 2015
(github.com/docker/docker/commit/18c9b6c6455f116ae59cde8544413b3d7d294a5e),
but the CLI still falls back to checking if this file exists if no current
(`~/.docker/config.json`) file was found.

Given that no version of the CLI since Docker v1.7.0 has created this file,
and if such a file exists, it means someone hasn't re-authenticated for
5 years, it's probably safe to remove this fallback.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-06 21:35:03 +02:00
Sebastiaan van Stijn d7c1fb9112
linting: ignore some "G101: Potential hardcoded credentials" warnings
cli/config/credentials/native_store.go:10:2: G101: Potential hardcoded credentials (gosec)
        remoteCredentialsPrefix = "docker-credential-"
        ^
    cli/command/service/opts.go:917:2: G101: Potential hardcoded credentials (gosec)
        flagCredentialSpec          = "credential-spec"
        ^

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-28 10:37:22 +02:00
Sebastiaan van Stijn a0f0578299
gofmt with go1.17
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-26 20:21:00 +01:00
Sebastiaan van Stijn 71575ab3b5
cli/config: remove deprecated io/ioutil and use t.TempDir()
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-25 15:42:15 +01:00
Sebastiaan van Stijn df7adf4aa3
Merge pull request #3434 from howardjohn/json/unmarshal-pointer
Fix incorrect pointer inputs to `json.Unmarshal`
2022-02-25 12:06:10 +01:00
Sebastiaan van Stijn 6ea2767289
config: mark stackOrchestrator option as deprecated
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-24 13:35:03 +01:00
John Howard ee97fe95bc Fix incorrect pointer inputs to `json.Unmarshal`
See https://github.com/howardjohn/go-unmarshal-double-pointer for more
info on why this is not safe and how this is detected.

Signed-off-by: John Howard <howardjohn@google.com>
2022-02-22 13:08:37 -08:00
Nicolas De Loof 7b9580df51 Drop support for (archived) Compose-on-Kubernetes
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
2022-02-22 13:47:34 +01:00
coryb b5f4a6e45f fix innocuous data-race when config.Load called in parallel
Locking was removed in https://github.com/docker/cli/pull/3025 which
allows for parallel calls to config.Load to modify global state.
The consequence in this case is innocuous, but it does trigger a
`DATA RACE` exception when tests run with `-race` option.

Signed-off-by: coryb <cbennett@netflix.com>
2021-08-21 13:27:23 -07:00
Sebastiaan van Stijn 7a0dc924f9
Add support for ALL_PROXY
Support for ALL_PROXY as default build-arg was added recently in
buildkit and the classic builder.

This patch adds the `ALL_PROXY` environment variable to the list of
configurable proxy variables, and updates the documentation.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-07-21 09:06:18 +02:00
Sebastiaan van Stijn be327a4f0f
cli/config/configfile: various test cleanups
- use var/const blocks when declaring a list of variables
- use const where possible

TestCheckKubernetesConfigurationRaiseAnErrorOnInvalidValue:

- use keys when assigning values
- make sure test is dereferenced in the loop
- use subtests

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-04-30 10:03:51 +02:00