remove unnescessary import aliases, brackets, and so on.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: f23c00d8701e4bd0f2372a586dacbf66a26f9a51
Component: engine
to make goreportcard a bit happier
https://goreportcard.com/report/github.com/docker/docker
also found that `TestCpToErrDstParentNotExists()` was
partially broken, because a `runDockerCp()` was inadvertently
removed in f26a31e80cfcc77daba0872ddb14bf03f4398311
`TestDaemonRestartSaveContainerExitCode()` didn't verify
the actual _Error_ message, so added that to the test,
and updated the test to take into account that the
"experimental" CI enables `--init` on containers.
`TestVolumeCLICreateOptionConflict()` only checked
for an error to occur, but didn't validate if the
error was due to conflicting options.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: ba0afd70e89562aa3c668c87fb9191ed9edb7260
Component: engine
- Remove deprecated buildImage* functions
- Rename buildImageNew to buildImage
- Use *check.C in fakeContext* setup and in getIdByName
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
Upstream-commit: c10f6ef43f884306eb3ef60b2d19fdc931cf34cc
Component: engine
The `digest` data type, used throughout docker for image verification
and identity, has been broken out into `opencontainers/go-digest`. This
PR updates the dependencies and moves uses over to the new type.
Signed-off-by: Stephen J Day <stephen.day@docker.com>
Upstream-commit: 7a855799175b6b984886ef1cfa337d6df1d4c668
Component: engine
There is still ways to go
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
Upstream-commit: 87e3fcfe1e059780c4ee57abb097296fd29e09af
Component: engine
This extract what was in registry_test.go and
registry_mock_test.go. This also move `RegistryHosting`
requirement to `registry.Hosting`
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
Upstream-commit: 4300e5e8818571a55e00d9987bec3ad6ca92dc6f
Component: engine
Using hub only works for amd64 platforms.
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Upstream-commit: 641c1808e187ed86d8b614e49e8e6da5146201e3
Component: engine
- cherry-pick from 1.10.3 branch: 0186f4d4223a094a050d06f456355da3ae431468
- add token service test suite
- add integration test (missing in 1.10.3 branch)
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
Upstream-commit: 1b5c2e1d722757a55364fb45cf3fcec7f2c75fb4
Component: engine
The download manager assumed there was at least one layer involved in
all images. This can be false if the image is essentially a copy of
`scratch`.
Fix a nil pointer dereference that happened in this case. Add
integration tests that involve schema1 and schema2 manifests.
Fixes#21213
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Upstream-commit: 7cf894ce1013e5843d5c151f24520b51d34515d0
Component: engine
docker build is broken because it sends to the daemon the full
cliconfig file which has only Email(s). This patch retrieves all auth
configs from the credentials store.
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
Upstream-commit: 44152144ca766221e97fdaa5200fec3557a64f58
Component: engine
This removes the email prompt when you use docker login, and also removes the ability to register via the docker cli. Docker login, will strictly be used for logging into a registry server.
Signed-off-by: Ken Cochrane <kencochrane@gmail.com>
Upstream-commit: aee260d4eb3aa0fc86ee5038010b7bbc24512ae5
Component: engine
This change implements communication with an external credentials store,
ala git-credential-helper. The client falls back the plain text store,
what we're currently using, if there is no remote store configured.
It shells out to helper program when a credential store is
configured. Those programs can be implemented with any language as long as they
follow the convention to pass arguments and information.
There is an implementation for the OS X keychain in https://github.com/calavera/docker-credential-helpers.
That package also provides basic structure to create other helpers.
Signed-off-by: David Calavera <david.calavera@gmail.com>
Upstream-commit: cf721c23e715e545eccf8484e145c2d18d6a6a23
Component: engine
Revert the portions of #17617 that report all errors when a pull
falls back, and go back to just reporting the last error. This was nice
to have, but causes some UX issues because nonexistent images show
additional "unauthorized" errors.
Keep the part of the PR that handled ENOSPC, as this appears to work
even without tracking multiple errors.
Fixes#19419
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Upstream-commit: 87338bf0fa97c905d2d707393c95f73aea398cad
Component: engine
The test injects a synthetic manifest list into the registry blob store,
since there isn't a tool for pushing them yet.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Upstream-commit: ad6c1b76497c4b39953b5af28f83a21a2eb36bf7
Component: engine
Add DockerSchema1RegistrySuite which uses this registry, and make
applicable integration tests run as part of this suite.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Upstream-commit: 1fa2e3115105f6b2334f452bd08415e8f00633d7
Component: engine
PR #18590 caused compatibility issues with registries such as gcr.io
which support both the v1 and v2 protocols, but do not provide the same
set of images over both protocols. After #18590, pulls from these
registries would never use the v1 protocol, because of the
Docker-Distribution-Api-Version header indicating that v2 was supported.
Fix the problem by making an exception for the case where a manifest is
not found. This should allow fallback to v1 in case that image is
exposed over the v1 protocol but not the v2 protocol.
This avoids the overly aggressive fallback behavior before #18590 which
would allow protocol fallback after almost any error, but restores
interoperability with mixed v1/v2 registry setups.
Fixes#18832
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Upstream-commit: 9d6acbee92016c47796ee8751dce9c59056f850d
Component: engine
Add distribution package for managing pulls and pushes. This is based on
the old code in the graph package, with major changes to work with the
new image/layer model.
Add v1 migration code.
Update registry, api/*, and daemon packages to use the reference
package's types where applicable.
Update daemon package to use image/layer/tag stores instead of the graph
package
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Upstream-commit: 4352da7803d182a6013a5238ce20a7c749db979a
Component: engine
Before, this only waited for the download to complete. There was no
guarantee that the layer had been registered in the graph and was ready
use. This is especially problematic with v2 pulls, which wait for all
downloads before extracting layers.
Change Broadcaster to allow an error value to be propagated from Close
to the waiters.
Make the wait stop when the extraction is finished, rather than just the
download.
This also fixes v2 layer downloads to prefix the pool key with "layer:"
instead of "img:". "img:" is the wrong prefix, because this is what v1
uses for entire images. A v1 pull waiting for one of these operations to
finish would only wait for that particular layer, not all its
dependencies.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Upstream-commit: 23e68679f080fee7ceb25cf791832f523a3a024a
Component: engine
Update and migrate existing tests to the `DockerHubPullSuite`. Most
tests were preserved, but refactored and made more exhaustive. One test
was deliberately removed (`TestPullVerified`) as it is unreliable and
that the feature was obsoleted by content trust.
Move all trust related tests to `docker_cli_pull_trusted_test.go`.
Move tests depending on a local registry to `docker_cli_pull_local_test.go`.
Signed-off-by: Arnaud Porterie <arnaud.porterie@docker.com>
Upstream-commit: f324f4851f28edfd8dab82cd624a4ec1f01cd207
Component: engine
