Instead of having to create a bunch of custom error types that are doing
nothing but wrapping another error in sub-packages, use a common helper
to create errors of the requested type.
e.g. instead of re-implementing this over and over:
```go
type notFoundError struct {
cause error
}
func(e notFoundError) Error() string {
return e.cause.Error()
}
func(e notFoundError) NotFound() {}
func(e notFoundError) Cause() error {
return e.cause
}
```
Packages can instead just do:
```
errdefs.NotFound(err)
```
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: 87a12421a94faac294079bebc97c8abb4180dde5
Component: engine
For obvious reasons that it is not really supported now.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Upstream-commit: 5a9b5f10cf967f31f0856871ad08f9a0286b4a46
Component: engine
Settings flags is the responsibility of the application (cmd/) not a library
Signed-off-by: Daniel Nephin <dnephin@docker.com>
Upstream-commit: 73ec0ff86b06925e63016c0948be3a49cf8915b4
Component: engine
Use strongly typed errors to set HTTP status codes.
Error interfaces are defined in the api/errors package and errors
returned from controllers are checked against these interfaces.
Errors can be wraeped in a pkg/errors.Causer, as long as somewhere in the
line of causes one of the interfaces is implemented. The special error
interfaces take precedence over Causer, meaning if both Causer and one
of the new error interfaces are implemented, the Causer is not
traversed.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: ebcb7d6b406fe50ea9a237c73004d75884184c33
Component: engine
Deprecation of interacting with v1 registries was
started in docker 1.8.3, which added a `--disable-legacy-registry`
flag.
This option was anounced to be the default starting
with docker 17.06, and v1 registries completely
removed in docker 17.12.
This patch updates the default, and disables
interaction with v1 registres by default.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 128280013f2ad90520c97b47a787be0db883e870
Component: engine
The --allow-nondistributable-artifacts daemon option specifies
registries to which foreign layers should be pushed. (By default,
foreign layers are not pushed to registries.)
Additionally, to make this option effective, foreign layers are now
pulled from the registry if possible, falling back to the URLs in the
image manifest otherwise.
This option is useful when pushing images containing foreign layers to a
registry on an air-gapped network so hosts on that network can pull the
images without connecting to another server.
Signed-off-by: Noah Treuhaft <noah.treuhaft@docker.com>
Upstream-commit: 67fdf574d5acd6ddccb6ece0ffe0ace1c1608712
Component: engine
This fix is based on:
https://github.com/docker/docker/issues/29936#issuecomment-277494885
Currently the insecure registry is only checked to see if it contains
scheme (`http(s)://`) or not. No fully validation is done and this
caused many confusions like in #29936.
This fix tries to address the issue.
This fix adds additional validation so that an insecure registry
is validated to make sure it is in `host:port` format where host
could be IPv4/IPv6 or a host name, and port could be an integer
between 0-65535.
Additional unit tests have been added.
This fix is related to #29936.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: e49589505a9c543006f9a54a85917c3349b6ec5a
Component: engine
Remove forked reference package. Use normalized named values
everywhere and familiar functions to convert back to familiar
strings for UX and storage compatibility.
Enforce that the source repository in the distribution metadata
is always a normalized string, ignore invalid values which are not.
Update distribution tests to use normalized values.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Upstream-commit: 3a1279393faf78632bf169619d407e584da84b66
Component: engine
Use resolving to repo info as the split point between the
legitimate reference package and forked reference package.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Upstream-commit: 0421f5173dbdcb4e4eade5267f274302bb6ab97c
Component: engine
While investigating 29936 I noticed one potential issue
in `LoadInsecureRegistries`.
The implementation of the func assumes that the format
of insecure registry should be `host:port` if not CIDR.
However, it is very common that user may incorrectly
provide a registry with a scheme (e.g, `http://myregistry.com:5000`)
Such a registry format with a scheme will cause docker pull to
always try https endpoint.
The reason is that the func of `isSecureIndex()` actually will
check for the map of the index server for `myregistry.com:5000`
while the insecure registry only has a record of `http://myregistry.com:5000`.
As a consequence, docker assumes that `myregistry.com:5000` is not
a insecure registry and will go ahead with https endpoint.
This fix addresses the issue by error out insecure registries with scheme.
A unit test has been added.
This fix is related to 29936.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: 8dadeaf8ea4d3a3f06ab3283e353887039675ff2
Component: engine
This patch fixed below 4 types of code line
1. Remove unnecessary variable assignment
2. Use variables declaration instead of explicit initial zero value
3. Change variable name to underbar when variable not used
4. Add erro check and return for ignored error
Signed-off-by: Daehyeok Mun <daehyeok@gmail.com>
Upstream-commit: 6306019d0bad9c4e60ee437e93f2450dfb0b68c0
Component: engine
This removes some very old vestigial code that really should have been
removed during the content addressability transition. It implements
something called "reference" but it behaves differently from the actual
reference package. This was only used by client-side content trust code,
and is relatively easy to extricate.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Upstream-commit: d91ed88365317cd86555e2f54bffa30ec6590dfe
Component: engine
All images in the default registry (AKA docker.io, index.docker.io, and
registry-1.docker.io) are available via the v2 protocol, so there's no
reason to use the v1 protocol. Disabling it prevents useless fallbacks.
Signed-off-by: Noah Treuhaft <noah.treuhaft@docker.com>
Upstream-commit: 7ffb4ad81ab8e4400b0a588552ffb99dc55d13aa
Component: engine
This does not appear to be used.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Upstream-commit: 19858ff1b1c9a6e2e0a57c1e0f972934822306b6
Component: engine
This moves the types for the `engine-api` repo to the existing types
package.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Upstream-commit: 91e197d614547f0202e6ae9b8a24d88ee131d950
Component: engine
Also consolidate the leftover packages under cli.
Remove pkg/mflag.
Make manpage generation work with new cobra layout.
Remove remaining mflag and fix tests after rebase with master.
Signed-off-by: Daniel Nephin <dnephin@docker.com>
Upstream-commit: 14712f9ff0d20a3b64a60103608b8cc998909242
Component: engine
This fixes the hard coded restriction for non-linux platforms to v2 registries. Previously, the check was above the flag parsing, which would overwrite the hard coded value and prevent correct operation. This change also removes the related daemon flag from Windows to avoid confusion, as it has no meaning when the value is going to always be hard coded to true.
Signed-off-by: Stefan J. Wernli <swernli@microsoft.com>
Upstream-commit: adee28458c23581ac9afb163b7cce8c6bb1d2dee
Component: engine
This adds the `--live-restore` option to the documentation.
Also synched usage description in the documentation
with the actual description, and re-phrased some
flag descriptions to be a bit more consistent.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 64a8317a5a306dffd0ec080d9ec5b4ceb2479a01
Component: engine
Updates the v1 search endpoint to also support v2 auth when an identity token is given.
Only search v1 endpoint is supported since there is not v2 search currently defined to replace it.
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
Upstream-commit: 19d48f0b8ba59eea9f2cac4ad1c7977712a6b7ac
Component: engine
