etcd uses standard vendoring now
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
Upstream-commit: 6623a5342c7b982ebc630974490eac06792d0605
Component: engine
This brings in a much newer version of etcd/raft.
An unrelated change in swarmkit should fix some problems with
integration tests on ARM.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Upstream-commit: be48cfc8eb2f517563991b007c261fed58301fd1
Component: engine
During image pulls on docker service create, logs will only show status
updates and updates every 1 second on long-running actions like
downloading and extracting. Adds golang.org/x/time/rate as dependency.
Ports docker/swarmkit#1352 to docker/docker.
Signed-off-by: Drew Erny <drew.erny@docker.com>
Upstream-commit: fa0054a3eb0363526d34fb4ac912cab30044f3d7
Component: engine
This patch allows to only release the packages that were built and are
present under the bundles/ directory instead of assuming packages exist
for all distros enumerated in the contrib/builder/ directory.
It also now adds support for armhf architecture for apt repositories.
Signed-off-by: Tibor Vass <tibor@docker.com>
Upstream-commit: 2ff2e9a73076b737948c68c26f26b7bda5ac7db8
Component: engine
Fixes an issue that showed up on gccgo.
Fix#25360
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Upstream-commit: e4402b285ba0a764ea1cffc1487c92b05b59a0ea
Component: engine
Interactive integration testing is useful when you're developing new tests, or
making changes to cli code.
Signed-off-by: Daniel Nephin <dnephin@docker.com>
Upstream-commit: 1d945a9743748373cd5c5bfface3209d241007d7
Component: engine
This adds the ability to have different profiles for individual distros
and versions of the distro because they all ship with and depend on
different versions of policy packages.
The `selinux` dir contains the unmodified policy that is being used
today. The `selinux-fedora` dir contains the new policy for fedora 24
with the changes for it to compile and work on the system.
The fedora policy is from commit
4a6ce94da5
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Upstream-commit: 32b1f26c5111b22fe4277879c4f5e4687a6a72fc
Component: engine
We don't need hidden files to be listed
in the indexes, so skip them if hidden
files exist.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 153c946b7923fda4d60ad735f2f9e02ffb150704
Component: engine
Add a test that the default seccomp profile allows execution of 32 bit binaries
Upstream-commit: 8a8a63aa32a60e12b3c4d8e9e3397a8bd3b96d54
Component: engine
join-tokens are not needed for this endpoint, and should not be as part
of /info
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
(cherry picked from commit d8f3b3f006629c5c1368eca96bcd5bda2a54acd7)
Upstream-commit: 96b2a6e548bc3abf0f0a505ee020d2fe1e8997de
Component: engine
While testing #24510 I noticed that 32 bit syscalls were incorrectly being
blocked and we did not have a test for this, so adding one.
This is only tested on amd64 as it is the only architecture that
reliably supports 32 bit code execution, others only do sometimes.
There is no 32 bit libc in the buildpack-deps so we cannot build
32 bit C code easily so use the simplest assembly program which
just calls the exit syscall.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Upstream-commit: 93bbc76ee53240e0862c6f1ff409e7a4ee0883dc
Component: engine
When using encrypted vxlan network, some of the xfrm states are left
stale. This fix also filters out self advertise-addr rules.
Signed-off-by: Madhu Venugopal <madhu@docker.com>
Upstream-commit: 6a754a4eef4463ed7c712a1ebe5bc38e2a957c42
Component: engine
