Closes#10191
Allow `docker build` to set --cpu-shares, --cpuset, --memory,
--memory-swap for all containers created by the build.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: e6ae89a45a699bd44f03517396777e34ec76018b
Component: engine
- command.Commands was missing "Label"
- used the correct error string in dispatcher when LABEL has no args, otherwise
the test TestBuildMissingArgs will not work
- removed the premature error msg in line_parser that was blocking the
label() func in dispatcher from showing the err msg in previous bullet
- since LABEL uses the env parser it needs to be added to the replaceEnvAllowed
list so that proper quote processing will be done. Especially once
PR #10431 is merged.
Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: 6784a772baaa20936f00b8adc00a4b4444356181
Component: engine
- Use `%v` verb to format errors.
- Give `param` constant in portallocator some better name.
Signed-off-by: Michal Minar <miminar@redhat.com>
Upstream-commit: 210ab030bc3dab7bcf8f7252f2f9facb5a26cb6b
Component: engine
Instead of just printing a warning and going on, this will generate
an error and stop processing.
This used to be part of #10561 but I decided it might need its own
independent discussion/PR as to not derail #10561.
Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: 8a5b50d65dae2d0607e046c57241dd6b46b65c6a
Component: engine
Save "LABEL" field in Dockerfile into image content.
This will allow a user to save user data into an image, which
can later be retrieved using:
docker inspect IMAGEID
I have copied this from the "Comment" handling in docker images.
We want to be able to add Name/Value data to an image to describe the image,
and then be able to use other tools to look at this data, to be able to do
security checks based on this data.
We are thinking about adding version names,
Perhaps listing the content of the dockerfile.
Descriptions of where the code came from etc.
This LABEL field should also be allowed to be specified in the
docker import --change LABEL:Name=Value
docker commit --change LABEL:Name=Value
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
Upstream-commit: cdfdfbfb6223fdd5b319942d412caac6bc09cdeb
Component: engine
FROM scratch
ADD echo /
RUN [ "echo" ]
will die with
exec: "/bin/sh": stat /bin/sh: no such file or directory
Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: 645f8a32df3b5b22e5e194664a9f0733709714c9
Component: engine
Added method in StreamFormatter to handle calls
from progressreader. Solves #10959
Signed-off-by: bobby abbott <ttobbaybbob@gmail.com>
Upstream-commit: 12b278d3540bc32699e8c2197b556188fd98b77b
Component: engine
parser_test only needed the directory-names for
the tests to run. This replaces f.Readdir() with
f.Readdirnames() to only return the names.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 9e63b0d0f9530a0a7d6445606062b8ca99793792
Component: engine
We could use EXPOSE ip:hostPort:containerPort,
but actually it did as EXPOSE ::containerPort
commit 2275c833 already warned user on daemon side.
This patch will print warning message on client side.
Signed-off-by: Chen Hanxiao <chenhanxiao@cn.fujitsu.com>
Upstream-commit: 26e85b0db1b896e98071f121fb14b2c6d905ed4f
Component: engine
Closes#10807
Adds support for `dockerfile` ONLY when `Dockerfile` can't be found.
If we're building from a Dockerfile via stdin/URL then always download
it a `Dockerfile` and ignore the -f flag.
Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: 15924f238503ffe44e5fcb99415ff753a36e5971
Component: engine
Instead of building the actual image, `build_config` will serialize a subset of
dockerfile ast into *runconfig.Config
Docker-DCO-1.1-Signed-off-by: Daniel, Dao Quang Minh <dqminh89@gmail.com> (github: dqminh)
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
Upstream-commit: 7f091eca704970a5cb8a4fdab295dae543c47a89
Component: engine
`docker build -q .` where Dockerfile contains a RUN cmd will hang on the
RUN. It waits for the output stream to close but because of -q we never
attached to the container and end up waiting forever.
The fact that no one noticed this tells me that people may not actually
use -q and if so I wonder if it would make sense to make -q work the may
it does for other commands (like `docker ps`) and make it so it only
shows the container ID at the end. A -q/quiet option that only hides the
container RUN output apparently isn't really that useful since no one is
using it. See: https://github.com/docker/docker/issues/4094
Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: 92c353582c210ebc351f7f5911273af76398a2a8
Component: engine
The most obvious use case is when one wants to make sure as fast
as possible that a command is a valid Dockerfile command.
Signed-off-by: kargakis <kargakis@users.noreply.github.com>
Upstream-commit: 6ecf23861ec7036aa4210fe6d3b7dbfaaedbd6d0
Component: engine
d1e9d07c introduces a dependency to libcontainer and other daemon
related packages through builder package. The only thing test needs
is set of the Dockerfile commands. Extracting them to a separate
package.
This was causing CI tests to not to compile on non-Linux platforms.
Signed-off-by: Ahmet Alp Balkan <ahmetalpbalkan@gmail.com>
Upstream-commit: ccde3a1f73bb4f64845e736d3173eb6f6935971f
Component: engine
If you have a Dockefile with just:
FROM scratch
An error is generated but its never shown to the CLI. This PR fixes that.
Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: 1654dfdf146df42a1271696c0290027460cce59a
Component: engine
We're hoping to add some new commands that don't have any args so this
PR will enable that by removing all of the hard-coded checks that require
commands to have at least one arg. It also adds some checks to each
command so we're consistent in the error message we get. Added a test
for this too.
We actually had this check in at least 3 different places (twice in the
parser and once in most cmds), this removes 2 of them (the parser ones).
Had to remove/modify some testcases because its now legal to have certain
commands w/o args - e.g. RUN. This was actually inconsistent because
we used to allow "RUN []" but not "RUN" even though they would generate
(almost) the same net result. Now we're consistent.
Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: e4f02abb51534e560311b0afcfb7b586d9587e67
Component: engine
Closes#9311 Handles container id/name collisions against daemon functionalities according to #8069
Upstream-commit: 34c804a139cc086e9fa6d3f99442f083b6d5e1e7
Component: engine
Per Erikh's suggestion at:
https://github.com/docker/docker/pull/9989#issuecomment-69832009
this PR will trim spaces in the parser to ensure that the user gets the same
results irrespetive of leading/trailing spaces.
Per @tiborvass's suggestion I added a test to make sure spaces in quotes
are not touched.
Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: 3859c485317a395de1e8eb48270d0e3b1207a204
Component: engine
This is sort of "revert" of #8415. There is some problems with using
logs:
* Non-live progressbars
* Races when you can try to get logs before it was written(there was
occasional errors in tests)
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
Upstream-commit: 1095d5e5e43654aa27952f131b71c55f18fedc4b
Component: engine
I noticed that while we have tests to make sure that people don't
specify a Dockerfile (via -f) that's outside of the build context
when using the docker cli, we don't check on the server side to make
sure that API users have the same check done. This would be a security
risk.
While in there I had to add a new util func for the tests to allow us to
send content to the server that isn't json encoded - in this case a tarball
Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: 198ff76de59a600ce900497fd4a6131ee4448c48
Component: engine
The build job will sometimes trigger a pull job when the base image
does not exist. Now that engine jobs properly close their output by default
the pull job would also close the build job's stdout in a cascading close
upon completion of the pull.
This patch corrects this by wrapping the `pull` job's stdout with a
nopCloseWriter which will not close the stdout of the `build` job.
Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
Upstream-commit: e662775ffb096fdb4a7f247bb25b8e3022006c1b
Component: engine
Make sure that as we build the CMD/ENTRYPOINT cache strings that we don't
treat ["echo","hi"] and ["echo hi"] as the same thing due to the fact that
we're just doing a strcat on the array.
Closes#10097
Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: 88905793add88c8d5ff93f0e9b1edca5f012da33
Component: engine
Adjust builder to validate that JSON in Dockerfiles are arrays of strings and nothing else to match how we describe them to people (and what all our existing tests already assumed)
Upstream-commit: 640e0fc578e5acdaa71216a300396dfa9af8054f
Component: engine
