mirror of https://github.com/docker/cli.git
517 lines
16 KiB
Go
517 lines
16 KiB
Go
package command
|
|
|
|
import (
|
|
"context"
|
|
"io"
|
|
"os"
|
|
"path/filepath"
|
|
"runtime"
|
|
"strconv"
|
|
"strings"
|
|
"time"
|
|
|
|
"github.com/docker/cli/cli/config"
|
|
"github.com/docker/cli/cli/config/configfile"
|
|
dcontext "github.com/docker/cli/cli/context"
|
|
"github.com/docker/cli/cli/context/docker"
|
|
"github.com/docker/cli/cli/context/store"
|
|
"github.com/docker/cli/cli/debug"
|
|
cliflags "github.com/docker/cli/cli/flags"
|
|
manifeststore "github.com/docker/cli/cli/manifest/store"
|
|
registryclient "github.com/docker/cli/cli/registry/client"
|
|
"github.com/docker/cli/cli/streams"
|
|
"github.com/docker/cli/cli/trust"
|
|
"github.com/docker/cli/cli/version"
|
|
dopts "github.com/docker/cli/opts"
|
|
"github.com/docker/docker/api"
|
|
"github.com/docker/docker/api/types"
|
|
"github.com/docker/docker/api/types/registry"
|
|
"github.com/docker/docker/api/types/swarm"
|
|
"github.com/docker/docker/client"
|
|
"github.com/docker/go-connections/tlsconfig"
|
|
"github.com/pkg/errors"
|
|
"github.com/spf13/cobra"
|
|
notaryclient "github.com/theupdateframework/notary/client"
|
|
)
|
|
|
|
const defaultInitTimeout = 2 * time.Second
|
|
|
|
// Streams is an interface which exposes the standard input and output streams
|
|
type Streams interface {
|
|
In() *streams.In
|
|
Out() *streams.Out
|
|
Err() io.Writer
|
|
}
|
|
|
|
// Cli represents the docker command line client.
|
|
type Cli interface {
|
|
Client() client.APIClient
|
|
Out() *streams.Out
|
|
Err() io.Writer
|
|
In() *streams.In
|
|
SetIn(in *streams.In)
|
|
Apply(ops ...DockerCliOption) error
|
|
ConfigFile() *configfile.ConfigFile
|
|
ServerInfo() ServerInfo
|
|
NotaryClient(imgRefAndAuth trust.ImageRefAndAuth, actions []string) (notaryclient.Repository, error)
|
|
DefaultVersion() string
|
|
CurrentVersion() string
|
|
ManifestStore() manifeststore.Store
|
|
RegistryClient(bool) registryclient.RegistryClient
|
|
ContentTrustEnabled() bool
|
|
BuildKitEnabled() (bool, error)
|
|
ContextStore() store.Store
|
|
CurrentContext() string
|
|
DockerEndpoint() docker.Endpoint
|
|
}
|
|
|
|
// DockerCli is an instance the docker command line client.
|
|
// Instances of the client can be returned from NewDockerCli.
|
|
type DockerCli struct {
|
|
configFile *configfile.ConfigFile
|
|
in *streams.In
|
|
out *streams.Out
|
|
err io.Writer
|
|
client client.APIClient
|
|
serverInfo ServerInfo
|
|
contentTrust bool
|
|
contextStore store.Store
|
|
currentContext string
|
|
dockerEndpoint docker.Endpoint
|
|
contextStoreConfig store.Config
|
|
initTimeout time.Duration
|
|
}
|
|
|
|
// DefaultVersion returns api.defaultVersion.
|
|
func (cli *DockerCli) DefaultVersion() string {
|
|
return api.DefaultVersion
|
|
}
|
|
|
|
// CurrentVersion returns the API version currently negotiated, or the default
|
|
// version otherwise.
|
|
func (cli *DockerCli) CurrentVersion() string {
|
|
if cli.client == nil {
|
|
return api.DefaultVersion
|
|
}
|
|
return cli.client.ClientVersion()
|
|
}
|
|
|
|
// Client returns the APIClient
|
|
func (cli *DockerCli) Client() client.APIClient {
|
|
return cli.client
|
|
}
|
|
|
|
// Out returns the writer used for stdout
|
|
func (cli *DockerCli) Out() *streams.Out {
|
|
return cli.out
|
|
}
|
|
|
|
// Err returns the writer used for stderr
|
|
func (cli *DockerCli) Err() io.Writer {
|
|
return cli.err
|
|
}
|
|
|
|
// SetIn sets the reader used for stdin
|
|
func (cli *DockerCli) SetIn(in *streams.In) {
|
|
cli.in = in
|
|
}
|
|
|
|
// In returns the reader used for stdin
|
|
func (cli *DockerCli) In() *streams.In {
|
|
return cli.in
|
|
}
|
|
|
|
// ShowHelp shows the command help.
|
|
func ShowHelp(err io.Writer) func(*cobra.Command, []string) error {
|
|
return func(cmd *cobra.Command, args []string) error {
|
|
cmd.SetOut(err)
|
|
cmd.HelpFunc()(cmd, args)
|
|
return nil
|
|
}
|
|
}
|
|
|
|
// ConfigFile returns the ConfigFile
|
|
func (cli *DockerCli) ConfigFile() *configfile.ConfigFile {
|
|
// TODO(thaJeztah): when would this happen? Is this only in tests (where cli.Initialize() is not called first?)
|
|
if cli.configFile == nil {
|
|
cli.configFile = config.LoadDefaultConfigFile(cli.err)
|
|
}
|
|
return cli.configFile
|
|
}
|
|
|
|
// ServerInfo returns the server version details for the host this client is
|
|
// connected to
|
|
func (cli *DockerCli) ServerInfo() ServerInfo {
|
|
// TODO(thaJeztah) make ServerInfo() lazily load the info (ping only when needed)
|
|
return cli.serverInfo
|
|
}
|
|
|
|
// ContentTrustEnabled returns whether content trust has been enabled by an
|
|
// environment variable.
|
|
func (cli *DockerCli) ContentTrustEnabled() bool {
|
|
return cli.contentTrust
|
|
}
|
|
|
|
// BuildKitEnabled returns buildkit is enabled or not.
|
|
func (cli *DockerCli) BuildKitEnabled() (bool, error) {
|
|
// use DOCKER_BUILDKIT env var value if set
|
|
if v, ok := os.LookupEnv("DOCKER_BUILDKIT"); ok {
|
|
enabled, err := strconv.ParseBool(v)
|
|
if err != nil {
|
|
return false, errors.Wrap(err, "DOCKER_BUILDKIT environment variable expects boolean value")
|
|
}
|
|
return enabled, nil
|
|
}
|
|
// if a builder alias is defined, we are using BuildKit
|
|
aliasMap := cli.ConfigFile().Aliases
|
|
if _, ok := aliasMap["builder"]; ok {
|
|
return true, nil
|
|
}
|
|
// otherwise, assume BuildKit is enabled but
|
|
// not if wcow reported from server side
|
|
return cli.ServerInfo().OSType != "windows", nil
|
|
}
|
|
|
|
// ManifestStore returns a store for local manifests
|
|
func (cli *DockerCli) ManifestStore() manifeststore.Store {
|
|
// TODO: support override default location from config file
|
|
return manifeststore.NewStore(filepath.Join(config.Dir(), "manifests"))
|
|
}
|
|
|
|
// RegistryClient returns a client for communicating with a Docker distribution
|
|
// registry
|
|
func (cli *DockerCli) RegistryClient(allowInsecure bool) registryclient.RegistryClient {
|
|
resolver := func(ctx context.Context, index *registry.IndexInfo) types.AuthConfig {
|
|
return ResolveAuthConfig(ctx, cli, index)
|
|
}
|
|
return registryclient.NewRegistryClient(resolver, UserAgent(), allowInsecure)
|
|
}
|
|
|
|
// InitializeOpt is the type of the functional options passed to DockerCli.Initialize
|
|
type InitializeOpt func(dockerCli *DockerCli) error
|
|
|
|
// WithInitializeClient is passed to DockerCli.Initialize by callers who wish to set a particular API Client for use by the CLI.
|
|
func WithInitializeClient(makeClient func(dockerCli *DockerCli) (client.APIClient, error)) InitializeOpt {
|
|
return func(dockerCli *DockerCli) error {
|
|
var err error
|
|
dockerCli.client, err = makeClient(dockerCli)
|
|
return err
|
|
}
|
|
}
|
|
|
|
// Initialize the dockerCli runs initialization that must happen after command
|
|
// line flags are parsed.
|
|
func (cli *DockerCli) Initialize(opts *cliflags.ClientOptions, ops ...InitializeOpt) error {
|
|
var err error
|
|
|
|
for _, o := range ops {
|
|
if err := o(cli); err != nil {
|
|
return err
|
|
}
|
|
}
|
|
cliflags.SetLogLevel(opts.LogLevel)
|
|
|
|
if opts.ConfigDir != "" {
|
|
config.SetDir(opts.ConfigDir)
|
|
}
|
|
|
|
if opts.Debug {
|
|
debug.Enable()
|
|
}
|
|
if opts.Context != "" && len(opts.Hosts) > 0 {
|
|
return errors.New("conflicting options: either specify --host or --context, not both")
|
|
}
|
|
|
|
cli.configFile = config.LoadDefaultConfigFile(cli.err)
|
|
|
|
baseContextStore := store.New(config.ContextStoreDir(), cli.contextStoreConfig)
|
|
cli.contextStore = &ContextStoreWithDefault{
|
|
Store: baseContextStore,
|
|
Resolver: func() (*DefaultContext, error) {
|
|
return ResolveDefaultContext(opts, cli.contextStoreConfig)
|
|
},
|
|
}
|
|
cli.currentContext = resolveContextName(opts, cli.configFile)
|
|
cli.dockerEndpoint, err = resolveDockerEndpoint(cli.contextStore, cli.currentContext)
|
|
if err != nil {
|
|
return errors.Wrap(err, "unable to resolve docker endpoint")
|
|
}
|
|
|
|
if cli.client == nil {
|
|
cli.client, err = newAPIClientFromEndpoint(cli.dockerEndpoint, cli.configFile)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
}
|
|
cli.initializeFromClient()
|
|
return nil
|
|
}
|
|
|
|
// NewAPIClientFromFlags creates a new APIClient from command line flags
|
|
func NewAPIClientFromFlags(opts *cliflags.ClientOptions, configFile *configfile.ConfigFile) (client.APIClient, error) {
|
|
if opts.Context != "" && len(opts.Hosts) > 0 {
|
|
return nil, errors.New("conflicting options: either specify --host or --context, not both")
|
|
}
|
|
|
|
storeConfig := DefaultContextStoreConfig()
|
|
contextStore := &ContextStoreWithDefault{
|
|
Store: store.New(config.ContextStoreDir(), storeConfig),
|
|
Resolver: func() (*DefaultContext, error) {
|
|
return ResolveDefaultContext(opts, storeConfig)
|
|
},
|
|
}
|
|
endpoint, err := resolveDockerEndpoint(contextStore, resolveContextName(opts, configFile))
|
|
if err != nil {
|
|
return nil, errors.Wrap(err, "unable to resolve docker endpoint")
|
|
}
|
|
return newAPIClientFromEndpoint(endpoint, configFile)
|
|
}
|
|
|
|
func newAPIClientFromEndpoint(ep docker.Endpoint, configFile *configfile.ConfigFile) (client.APIClient, error) {
|
|
clientOpts, err := ep.ClientOpts()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
customHeaders := make(map[string]string, len(configFile.HTTPHeaders))
|
|
for k, v := range configFile.HTTPHeaders {
|
|
customHeaders[k] = v
|
|
}
|
|
customHeaders["User-Agent"] = UserAgent()
|
|
clientOpts = append(clientOpts, client.WithHTTPHeaders(customHeaders))
|
|
return client.NewClientWithOpts(clientOpts...)
|
|
}
|
|
|
|
func resolveDockerEndpoint(s store.Reader, contextName string) (docker.Endpoint, error) {
|
|
ctxMeta, err := s.GetMetadata(contextName)
|
|
if err != nil {
|
|
return docker.Endpoint{}, err
|
|
}
|
|
epMeta, err := docker.EndpointFromContext(ctxMeta)
|
|
if err != nil {
|
|
return docker.Endpoint{}, err
|
|
}
|
|
return docker.WithTLSData(s, contextName, epMeta)
|
|
}
|
|
|
|
// Resolve the Docker endpoint for the default context (based on config, env vars and CLI flags)
|
|
func resolveDefaultDockerEndpoint(opts *cliflags.ClientOptions) (docker.Endpoint, error) {
|
|
host, err := getServerHost(opts.Hosts, opts.TLSOptions)
|
|
if err != nil {
|
|
return docker.Endpoint{}, err
|
|
}
|
|
|
|
var (
|
|
skipTLSVerify bool
|
|
tlsData *dcontext.TLSData
|
|
)
|
|
|
|
if opts.TLSOptions != nil {
|
|
skipTLSVerify = opts.TLSOptions.InsecureSkipVerify
|
|
tlsData, err = dcontext.TLSDataFromFiles(opts.TLSOptions.CAFile, opts.TLSOptions.CertFile, opts.TLSOptions.KeyFile)
|
|
if err != nil {
|
|
return docker.Endpoint{}, err
|
|
}
|
|
}
|
|
|
|
return docker.Endpoint{
|
|
EndpointMeta: docker.EndpointMeta{
|
|
Host: host,
|
|
SkipTLSVerify: skipTLSVerify,
|
|
},
|
|
TLSData: tlsData,
|
|
}, nil
|
|
}
|
|
|
|
func (cli *DockerCli) getInitTimeout() time.Duration {
|
|
if cli.initTimeout != 0 {
|
|
return cli.initTimeout
|
|
}
|
|
return defaultInitTimeout
|
|
}
|
|
|
|
func (cli *DockerCli) initializeFromClient() {
|
|
ctx := context.Background()
|
|
if !strings.HasPrefix(cli.DockerEndpoint().Host, "ssh://") {
|
|
// @FIXME context.WithTimeout doesn't work with connhelper / ssh connections
|
|
// time="2020-04-10T10:16:26Z" level=warning msg="commandConn.CloseWrite: commandconn: failed to wait: signal: killed"
|
|
var cancel func()
|
|
ctx, cancel = context.WithTimeout(ctx, cli.getInitTimeout())
|
|
defer cancel()
|
|
}
|
|
|
|
ping, err := cli.client.Ping(ctx)
|
|
if err != nil {
|
|
// Default to true if we fail to connect to daemon
|
|
cli.serverInfo = ServerInfo{HasExperimental: true}
|
|
|
|
if ping.APIVersion != "" {
|
|
cli.client.NegotiateAPIVersionPing(ping)
|
|
}
|
|
return
|
|
}
|
|
|
|
cli.serverInfo = ServerInfo{
|
|
HasExperimental: ping.Experimental,
|
|
OSType: ping.OSType,
|
|
BuildkitVersion: ping.BuilderVersion,
|
|
SwarmStatus: ping.SwarmStatus,
|
|
}
|
|
cli.client.NegotiateAPIVersionPing(ping)
|
|
}
|
|
|
|
// NotaryClient provides a Notary Repository to interact with signed metadata for an image
|
|
func (cli *DockerCli) NotaryClient(imgRefAndAuth trust.ImageRefAndAuth, actions []string) (notaryclient.Repository, error) {
|
|
return trust.GetNotaryRepository(cli.In(), cli.Out(), UserAgent(), imgRefAndAuth.RepoInfo(), imgRefAndAuth.AuthConfig(), actions...)
|
|
}
|
|
|
|
// ContextStore returns the ContextStore
|
|
func (cli *DockerCli) ContextStore() store.Store {
|
|
return cli.contextStore
|
|
}
|
|
|
|
// CurrentContext returns the current context name, based on flags,
|
|
// environment variables and the cli configuration file, in the following
|
|
// order of preference:
|
|
//
|
|
// 1. The "--context" command-line option.
|
|
// 2. The "DOCKER_CONTEXT" environment variable.
|
|
// 3. The current context as configured through the in "currentContext"
|
|
// field in the CLI configuration file ("~/.docker/config.json").
|
|
// 4. If no context is configured, use the "default" context.
|
|
//
|
|
// # Fallbacks for backward-compatibility
|
|
//
|
|
// To preserve backward-compatibility with the "pre-contexts" behavior,
|
|
// the "default" context is used if:
|
|
//
|
|
// - The "--host" option is set
|
|
// - The "DOCKER_HOST" ([DefaultContextName]) environment variable is set
|
|
// to a non-empty value.
|
|
//
|
|
// In these cases, the default context is used, which uses the host as
|
|
// specified in "DOCKER_HOST", and TLS config from flags/env vars.
|
|
//
|
|
// Setting both the "--context" and "--host" flags is ambiguous and results
|
|
// in an error when the cli is started.
|
|
//
|
|
// CurrentContext does not validate if the given context exists or if it's
|
|
// valid; errors may occur when trying to use it.
|
|
func (cli *DockerCli) CurrentContext() string {
|
|
return cli.currentContext
|
|
}
|
|
|
|
// CurrentContext returns the current context name, based on flags,
|
|
// environment variables and the cli configuration file. It does not
|
|
// validate if the given context exists or if it's valid; errors may
|
|
// occur when trying to use it.
|
|
//
|
|
// Refer to [DockerCli.CurrentContext] above for further details.
|
|
func resolveContextName(opts *cliflags.ClientOptions, config *configfile.ConfigFile) string {
|
|
if opts != nil && opts.Context != "" {
|
|
return opts.Context
|
|
}
|
|
if opts != nil && len(opts.Hosts) > 0 {
|
|
return DefaultContextName
|
|
}
|
|
if os.Getenv(client.EnvOverrideHost) != "" {
|
|
return DefaultContextName
|
|
}
|
|
if ctxName := os.Getenv("DOCKER_CONTEXT"); ctxName != "" {
|
|
return ctxName
|
|
}
|
|
if config != nil && config.CurrentContext != "" {
|
|
// We don't validate if this context exists: errors may occur when trying to use it.
|
|
return config.CurrentContext
|
|
}
|
|
return DefaultContextName
|
|
}
|
|
|
|
// DockerEndpoint returns the current docker endpoint
|
|
func (cli *DockerCli) DockerEndpoint() docker.Endpoint {
|
|
return cli.dockerEndpoint
|
|
}
|
|
|
|
// Apply all the operation on the cli
|
|
func (cli *DockerCli) Apply(ops ...DockerCliOption) error {
|
|
for _, op := range ops {
|
|
if err := op(cli); err != nil {
|
|
return err
|
|
}
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// ServerInfo stores details about the supported features and platform of the
|
|
// server
|
|
type ServerInfo struct {
|
|
HasExperimental bool
|
|
OSType string
|
|
BuildkitVersion types.BuilderVersion
|
|
|
|
// SwarmStatus provides information about the current swarm status of the
|
|
// engine, obtained from the "Swarm" header in the API response.
|
|
//
|
|
// It can be a nil struct if the API version does not provide this header
|
|
// in the ping response, or if an error occurred, in which case the client
|
|
// should use other ways to get the current swarm status, such as the /swarm
|
|
// endpoint.
|
|
SwarmStatus *swarm.Status
|
|
}
|
|
|
|
// NewDockerCli returns a DockerCli instance with all operators applied on it.
|
|
// It applies by default the standard streams, and the content trust from
|
|
// environment.
|
|
func NewDockerCli(ops ...DockerCliOption) (*DockerCli, error) {
|
|
defaultOps := []DockerCliOption{
|
|
WithContentTrustFromEnv(),
|
|
WithDefaultContextStoreConfig(),
|
|
WithStandardStreams(),
|
|
}
|
|
ops = append(defaultOps, ops...)
|
|
|
|
cli := &DockerCli{}
|
|
if err := cli.Apply(ops...); err != nil {
|
|
return nil, err
|
|
}
|
|
return cli, nil
|
|
}
|
|
|
|
func getServerHost(hosts []string, tlsOptions *tlsconfig.Options) (string, error) {
|
|
var host string
|
|
switch len(hosts) {
|
|
case 0:
|
|
host = os.Getenv(client.EnvOverrideHost)
|
|
case 1:
|
|
host = hosts[0]
|
|
default:
|
|
return "", errors.New("Please specify only one -H")
|
|
}
|
|
|
|
return dopts.ParseHost(tlsOptions != nil, host)
|
|
}
|
|
|
|
// UserAgent returns the user agent string used for making API requests
|
|
func UserAgent() string {
|
|
return "Docker-Client/" + version.Version + " (" + runtime.GOOS + ")"
|
|
}
|
|
|
|
var defaultStoreEndpoints = []store.NamedTypeGetter{
|
|
store.EndpointTypeGetter(docker.DockerEndpoint, func() interface{} { return &docker.EndpointMeta{} }),
|
|
}
|
|
|
|
// RegisterDefaultStoreEndpoints registers a new named endpoint
|
|
// metadata type with the default context store config, so that
|
|
// endpoint will be supported by stores using the config returned by
|
|
// DefaultContextStoreConfig.
|
|
func RegisterDefaultStoreEndpoints(ep ...store.NamedTypeGetter) {
|
|
defaultStoreEndpoints = append(defaultStoreEndpoints, ep...)
|
|
}
|
|
|
|
// DefaultContextStoreConfig returns a new store.Config with the default set of endpoints configured.
|
|
func DefaultContextStoreConfig() store.Config {
|
|
return store.NewConfig(
|
|
func() interface{} { return &DockerContext{} },
|
|
defaultStoreEndpoints...,
|
|
)
|
|
}
|