This fix tries to address the issue raised in 29972 where
it was not possible to specify `--read-only` for `docker service create`
and `docker service update`, in order to have the container's root file
system to be read only.
This fix adds `--read-only` and update the `ReadonlyRootfs` in `HostConfig`
through `service create` and `service update`.
Related docs has been updated.
Integration test has been added.
This fix fixes 29972.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: 499a0dd43e50c6f253f8890f5c54ae99675b1e7e
Component: engine
This fix is a follow up for comment:
https://github.com/docker/docker/pull/28896#issuecomment-265392703
Currently secret name or ID prefix resolving is done at the client
side, which means different behavior of API and CMD.
This fix moves the resolving from client to daemon, with exactly the
same rule:
- Full ID
- Full Name
- Partial ID (prefix)
All existing tests should pass.
This fix is related to #288896, #28884 and may be related to #29125.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: fa358a87571f9212f91d8fde6696926d76ecca64
Component: engine
Docker special-cases build-contexts starting with `github.com`, and
treats them as remote URLs.
Because of this special treatment, local build contexts in a directory
named "github.com" are ignored by `docker build`.
This patch changes the way the build-context is detected and first
checks if a local path with the given name exists before considering
it to be a remote URL.
Before this change;
$ mkdir -p github.com/foo/bar && echo -e "FROM scratch\nLABEL iam=local" > github.com/foo/bar/Dockerfile
$ docker build -t dont-ignore-me github.com/foo/bar
Username for 'https://github.com':
After this change;
$ mkdir -p github.com/foo/bar && echo -e "FROM scratch\nLABEL iam=local" > github.com/foo/bar/Dockerfile
$ docker build -t dont-ignore-me github.com/foo/bar
Sending build context to Docker daemon 2.048 kB
Step 1/2 : FROM scratch
--->
Step 2/2 : LABEL iam local
---> Using cache
---> ae2c603fe970
Successfully built ae2c603fe970
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 37a1a84d913a64cec7bc05d44a7e4c5c3445a8ae
Component: engine
When Size was reverted to be equal to VirtualSize, the df command
formatter was not correctly updated to account for the change.
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
Upstream-commit: dcc1b4baf6d0eb068010d071bc44daf72b12cd4a
Component: engine
This fix tries to fix the issue in 30279 where `docker ps --format`
fails if `.Label` has args. For example:
```
docker ps --format '{{.ID}}\t{{.Names}}\t{{.Label "some.label"}}'
```
The reason for the failure is that during the preprocessing phase
to detect the existance of `.Size`, the `listOptionsProcessor`
does not has a method of `Label(name string) string`.
This results in the failure of
```
template: :1:24: executing "" at <.Label>: Label is not a method but has arguments
```
This fix fixes the issue by adding needed method of `Label(name string) string`.
This fix fixes 30279.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: 2cd4ba1e56222a938b2edaa7ad7981c9a2bc248f
Component: engine
Commit ed13c3abfb242905ec012e8255dc6f26dcf122f6 added flags
for Docker Content Trust. Depending on the `verify` boolean,
the message is "Skip image verification", or "Skip image signing".
"Signing" is intended for `docker push` / `docker plugin push`.
During the migration to Cobra, this boolean got flipped for
`docker push` (9640e3a4514f96a890310757a09fd77a3c70e931),
causing `docker push` to show the incorrect flag description.
This patch changes the flags to use the correct description
for `docker push`, and `docker plugin push`.
To prevent this confusion in future, the boolean argument
is removed, and a `AddTrustSigningFlags()` function is added.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: bb3c0b246617aecb8ecf9120f07efcf45b94ae09
Component: engine
This fix tries to address the enhancement discussed in 28735 to add
`--format` for the output of `docker plugin ls`.
This fix
1. Add `--format` and `--quiet` flags to `docker plugin ls`
2. Convert the current implementation to use `formatter`, consistent with
other docker list commands.
3. Add `pluginsFormat` for config.json.
Related docs has been updated.
Several unit tests have been added to cover the changes.
This fix is related to 28708 and 28735.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: 1c0d37fa7f04ade13e65aff74ea0495bb846d782
Component: engine
Use resolving to repo info as the split point between the
legitimate reference package and forked reference package.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Upstream-commit: 0421f5173dbdcb4e4eade5267f274302bb6ab97c
Component: engine
How to test (it should not print `{}`, and just returns JSON with the actual data):
$ docker images --format '{{json .}}'
$ docker container stats --format '{{json .}}'
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
Upstream-commit: 26013fcdd64221c858022392a1430a6c43eaaa26
Component: engine
Docker 1.13 moves the `--rm` flag to the daemon,
through an AutoRemove option in HostConfig.
When using API 1.24 and under, AutoRemove should not be
used, even if the daemon is version 1.13 or above and
"supports" this feature.
This patch fixes a situation where an 1.13 client,
talking to an 1.13 daemon, but using the 1.24 API
version, still set the AutoRemove property.
As a result, both the client _and_ the daemon
were attempting to remove the container, resulting
in an error:
ERRO[0000] error removing container: Error response from daemon:
removal of container ce0976ad22495c7cbe9487752ea32721a282164862db036b2f3377bd07461c3a
is already in progress
In addition, the validation of conflicting options
is moved from `docker run` to `opts.parse()`, so
that conflicting options are also detected when
running `docker create` and `docker start` separately.
To resolve the issue, the `AutoRemove` option is now
always set to `false` both by the client and the
daemon, if API version 1.24 or under is used.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 0ea7b143b0a8366799c83a955be676aaf1345214
Component: engine
This patch fixed below 4 types of code line
1. Remove unnecessary variable assignment
2. Use variables declaration instead of explicit initial zero value
3. Change variable name to underbar when variable not used
4. Add erro check and return for ignored error
Signed-off-by: Daehyeok Mun <daehyeok@gmail.com>
Upstream-commit: 6306019d0bad9c4e60ee437e93f2450dfb0b68c0
Component: engine
The prune PR changed the meaning of the file to mean "space on disk
only unique to this image", this PR revert this change.
Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
Upstream-commit: be20dc15af0cb281bd6d11586cfcc96bd50d12ca
Component: engine
This fix adds a new flag `--availability` to `swarm join`.
Related documentation has been updated.
An integration test has been added.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: 0f30c644441b3b4150252af1b41db99d4b6e697a
Component: engine
This fix tries to address the issue raised in 24596 where it was not
possible to join as manager only (`--availability=drain`).
This fix adds a new flag `--availability` to `swarm join`.
Related documentation has been updated.
An integration test has been added.
NOTE: Additional pull request for swarmkit and engine-api will
be created separately.
This fix fixes 24596.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: a8e7e37aa82d1adac67b05836ea97a06fbdfdbf0
Component: engine
- Make sure we use the correct network name for external ones.
- Make the default network overridable and only creates networks that
are used by services — so that default network is only created if a
service doesn't declare a network.
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
Upstream-commit: 3191f5809bc1233bbf2103d2432b75cac93567bb
Component: engine
Start work on adding unit tests to our cli code in order to have to
write less costly integration test.
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
Upstream-commit: f151c297eb268e22dc1eb36ded0e356885f40739
Component: engine
