"set -e" is already inherited here from make.sh, but explicit is always better than implicit (hence the "set -e" in the first place!)
Docker-DCO-1.1-Signed-off-by: Andrew Page <admwiggin@gmail.com> (github: tianon)
Upstream-commit: b298960aed8155e7dbedb6602cdbb42eacee83f7
Component: engine
Previously, running just "hack/release.sh" only ran the unit tests. This updates that to run the unit tests, then the integration tests, then build the binaries, then run the cli integration tests (so we're literally testing the binary we're about to release, which is super freaking cool IMO <3).
Docker-DCO-1.1-Signed-off-by: Andrew Page <admwiggin@gmail.com> (github: tianon)
Upstream-commit: 886eb85dec7f4e9e193151befa7e6b4213ea67a0
Component: engine
The install script (on https://get.docker.io/) installs an APT sources.list
entry referencing an HTTPS repository, and takes care of installing the
apt-transport-https package. However, the Debian/Ubuntu specific installation
script (on https://get.docker.io/ubuntu) used an HTTPS repository but without
installing that package, causing the installation to fail on some platforms.
This will use HTTPS everywhere, and updates the documentation accordingly.
Docker-DCO-1.1-Signed-off-by: Jérôme Petazzoni <jerome@docker.com> (github: jpetazzo)
Docker-DCO-1.1-Signed-off-by: Jérôme Petazzoni <jerome@docker.com> (github: jpetazzo)
Upstream-commit: dc7fefc16bfcc4e6d0ccb30233e50b0ab3d172f1
Component: engine
The wait at the end of cli integration script could end up failing if
the process had already exited. This was making it look like the tests
have failed.
This change fixes the problem.
Docker-DCO-1.1-Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> (github: unclejack)
Upstream-commit: 22152ccc47e641050da85b80cebf2912b42fd122
Component: engine
This makes it possible to choose the graphdriver and the execdriver
which is going to be used for the cli integration tests.
Docker-DCO-1.1-Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> (github: unclejack)
Upstream-commit: 62b08f557db91cc5cd12ea9ceb0a4d8cf3d6e0f1
Component: engine
Make sure the busybox image is ready to be used when running the cli
integration tests.
Docker-DCO-1.1-Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> (github: unclejack)
Upstream-commit: f7ae3a1381fdc53042bebec085bb3f108bc05da3
Component: engine
Please do with this as you please (including rebasing and/or squashing it), especially under clause (c) of the DCO.
Docker-DCO-1.1-Signed-off-by: Andrew Page <admwiggin@gmail.com> (github: tianon)
Upstream-commit: 3fb1fc0b7b225295b3059cb9a2f5fd9af7a73f36
Component: engine
We need this to do systemd API calls.
We also add the static_build tag to make godbus not use
os/user which is problematic for static builds.
Docker-DCO-1.1-Signed-off-by: Alexander Larsson <alexl@redhat.com> (github: alexlarsson)
Upstream-commit: d4725801b3401d04b3f35b5783bdc0fc362f7f00
Component: engine
docker will run the process(es) within the container with an SELinux label and will label
all of the content within the container with mount label. Any temporary file systems
created within the container need to be mounted with the same mount label.
The user can override the process label by specifying
-Z With a string of space separated options.
-Z "user=unconfined_u role=unconfined_r type=unconfined_t level=s0"
Would cause the process label to run with unconfined_u:unconfined_r:unconfined_t:s0"
By default the processes will run execute within the container as svirt_lxc_net_t.
All of the content in the container as svirt_sandbox_file_t.
The process mcs level is based of the PID of the docker process that is creating the container.
If you run the container in --priv mode, the labeling will be disabled.
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
Upstream-commit: 4c4356692580afb3971094e322aea64abe0e2500
Component: engine
devicemapper has landed, but the TODO hasn't been actioned presumably
because aufs is still preferred over devicemapper when available[1].
Comment updated accordingly.
Citation [1]: 267ca39921/runtime/graphdriver/driver.go (L40-L46)
Docker-DCO-1.1-Signed-off-by: Paul Annesley <paul@annesley.cc> (github: pda)
Upstream-commit: 576278102e0fa9166711f8cf23ec972fcccc085e
Component: engine
In #4740, the apt-key call in docs is changed to use the keyserver port 80 instead of
port 11371, as the previous call would fail with a restrictive firewall or proxy.
This commit extends the change to all apt-key calls in the repository.
Docker-DCO-1.1-Signed-off-by: Viktor Vojnovski <vojnovski@gmail.com> (github: vojnovski)
Upstream-commit: 4fd82db4beba03a126dfc557c86d5d52e9066dae
Component: engine
Enable build tags for all the graphdrivers to be excludable.
As an example:
```
$ go build
$ ls -l docker
-rwxr-xr-x 1 vbatts vbatts 18400158 Mar 14 14:22 docker*
$ go build -tags "exclude_graphdriver_aufs exclude_graphdriver_vfs exclude_graphdriver_devicemapper"
$ ls -l docker
-rwxr-xr-x 1 vbatts vbatts 17467068 Mar 14 14:22 docker*
```
Docker-DCO-1.1-Signed-off-by: Vincent Batts <vbatts@redhat.com> (github: vbatts)
Upstream-commit: 670ce98c60dbac1d46a59bd69bd20b569f4794f1
Component: engine
Docker-DCO-1.1-Signed-off-by: Charlie Lewis <charliel@lab41.org> (github: cglewis)
Upstream-commit: 6fc83eefd9e8d78044a51250d2ad185513fddd27
Component: engine
These were found using `git grep -nE '[^-a-zA-Z0-9<>]-[a-zA-Z0-9]{2}'` (fair warning: _many_ false positives there).
Docker-DCO-1.1-Signed-off-by: Andrew Page <admwiggin@gmail.com> (github: tianon)
Upstream-commit: 44fe8cbbd174b5d85d4a063ed270f6b9d2279b70
Component: engine
Clarify how to update the docs branch in the RELEASE-CHECKLIST with concrete instructions
Upstream-commit: ce091717809d05a00b37c2fe8a20dff0f2d9a5ad
Component: engine
