From aef7840d1cdfc1d7d23f71eb23e3fd9877b6c546 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 31 Jan 2018 01:34:51 -0800 Subject: [PATCH 1/4] Bump VERSION to 18.03.0-dev Signed-off-by: Sebastiaan van Stijn Upstream-commit: beb0d08e483d522b883a84c1429d1c702dd050c0 Component: cli --- components/cli/VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/cli/VERSION b/components/cli/VERSION index 61a6904c4a..f3aa77b51e 100644 --- a/components/cli/VERSION +++ b/components/cli/VERSION @@ -1 +1 @@ -18.02.0-dev +18.03.0-dev From e5e113b93dddd10cce2f1fa5ea23a815ac6e7287 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 31 Jan 2018 01:38:06 -0800 Subject: [PATCH 2/4] bump docker/go-connections to 98e7d807e5d804e4e42a98d74d1dd695321224ef Signed-off-by: Sebastiaan van Stijn Upstream-commit: b7a9f027f39dc3431f453ae7ac69ededfdfba64c Component: cli --- components/cli/vendor.conf | 2 +- .../docker/go-connections/tlsconfig/config.go | 22 ++++++++++++++----- 2 files changed, 18 insertions(+), 6 deletions(-) diff --git a/components/cli/vendor.conf b/components/cli/vendor.conf index fcbc9c848d..736f09c92d 100755 --- a/components/cli/vendor.conf +++ b/components/cli/vendor.conf @@ -10,7 +10,7 @@ github.com/docker/docker-credential-helpers 3c90bd29a46b943b2a9842987b58fb91a7c1 # the docker/go package contains a customized version of canonical/json # and is used by Notary. The package is periodically rebased on current Go versions. github.com/docker/go d30aec9fd63c35133f8f79c3412ad91a3b08be06 -github.com/docker/go-connections 3ede32e2033de7505e6500d6c868c2b9ed9f169d +github.com/docker/go-connections 98e7d807e5d804e4e42a98d74d1dd695321224ef github.com/docker/go-events 9461782956ad83b30282bf90e31fa6a70c255ba9 github.com/docker/go-units 9e638d38cf6977a37a8ea0078f3ee75a7cdb2dd1 github.com/docker/swarmkit 713d79dc8799b33465c58ed120b870c52eb5eb4f diff --git a/components/cli/vendor/github.com/docker/go-connections/tlsconfig/config.go b/components/cli/vendor/github.com/docker/go-connections/tlsconfig/config.go index 1b31bbb8b1..f11f166a44 100644 --- a/components/cli/vendor/github.com/docker/go-connections/tlsconfig/config.go +++ b/components/cli/vendor/github.com/docker/go-connections/tlsconfig/config.go @@ -65,22 +65,34 @@ var allTLSVersions = map[uint16]struct{}{ } // ServerDefault returns a secure-enough TLS configuration for the server TLS configuration. -func ServerDefault() *tls.Config { - return &tls.Config{ - // Avoid fallback to SSL protocols < TLS1.0 +func ServerDefault(ops ...func(*tls.Config)) *tls.Config { + tlsconfig := &tls.Config{ + // Avoid fallback by default to SSL protocols < TLS1.0 MinVersion: tls.VersionTLS10, PreferServerCipherSuites: true, CipherSuites: DefaultServerAcceptedCiphers, } + + for _, op := range ops { + op(tlsconfig) + } + + return tlsconfig } // ClientDefault returns a secure-enough TLS configuration for the client TLS configuration. -func ClientDefault() *tls.Config { - return &tls.Config{ +func ClientDefault(ops ...func(*tls.Config)) *tls.Config { + tlsconfig := &tls.Config{ // Prefer TLS1.2 as the client minimum MinVersion: tls.VersionTLS12, CipherSuites: clientCipherSuites, } + + for _, op := range ops { + op(tlsconfig) + } + + return tlsconfig } // certPool returns an X.509 certificate pool from `caFile`, the certificate file. From 0a7bda1a7c5e0e10a6f3e34d8f641edbf9305b17 Mon Sep 17 00:00:00 2001 From: Misty Stanley-Jones Date: Wed, 31 Jan 2018 13:05:58 -0800 Subject: [PATCH 3/4] Fix doubled word in note Signed-off-by: Misty Stanley-Jones Upstream-commit: a2bb62683d1d142e8c0065f50edcfd1db90eaba3 Component: cli --- components/cli/docs/reference/builder.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/cli/docs/reference/builder.md b/components/cli/docs/reference/builder.md index 1462d5b861..fbf71cd4d8 100644 --- a/components/cli/docs/reference/builder.md +++ b/components/cli/docs/reference/builder.md @@ -1003,7 +1003,7 @@ whitespace) > and will not work on Windows containers. Since user and group ownership concepts do > not translate between Linux and Windows, the use of `/etc/passwd` and `/etc/group` for > translating user and group names to IDs restricts this feature to only be viable for -> for Linux OS-based containers. +> Linux OS-based containers. The `COPY` instruction copies new files or directories from `` and adds them to the filesystem of the container at the path ``. From 2daf468e57e42cb8b051c6d88761b6333930f1d6 Mon Sep 17 00:00:00 2001 From: Misty Stanley-Jones Date: Wed, 31 Jan 2018 16:51:43 -0800 Subject: [PATCH 4/4] Add quotes around format template Signed-off-by: Misty Stanley-Jones Upstream-commit: 0b6aeae00704a67a14a3186be1258713963c037a Component: cli --- components/cli/docs/reference/commandline/swarm_ca.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/cli/docs/reference/commandline/swarm_ca.md b/components/cli/docs/reference/commandline/swarm_ca.md index 0fe1b301ab..18c7ad2ebb 100644 --- a/components/cli/docs/reference/commandline/swarm_ca.md +++ b/components/cli/docs/reference/commandline/swarm_ca.md @@ -103,7 +103,7 @@ when viewing swarm any information via the CLI or API. The root CA rotation will not be completed until all registered nodes have rotated their TLS certificates. If the rotation is not completing within a reasonable amount of time, try running -`docker node ls --format {{.ID}} {{.Hostname}} {{.Status}} {{.TLSStatus}}` to +`docker node ls --format '{{.ID}} {{.Hostname}} {{.Status}} {{.TLSStatus}}'` to see if any nodes are down or otherwise unable to rotate TLS certificates.