This patch allows to only release the packages that were built and are
present under the bundles/ directory instead of assuming packages exist
for all distros enumerated in the contrib/builder/ directory.
It also now adds support for armhf architecture for apt repositories.
Signed-off-by: Tibor Vass <tibor@docker.com>
Upstream-commit: 2ff2e9a73076b737948c68c26f26b7bda5ac7db8
Component: engine
Fixes an issue that showed up on gccgo.
Fix#25360
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Upstream-commit: e4402b285ba0a764ea1cffc1487c92b05b59a0ea
Component: engine
Interactive integration testing is useful when you're developing new tests, or
making changes to cli code.
Signed-off-by: Daniel Nephin <dnephin@docker.com>
Upstream-commit: 1d945a9743748373cd5c5bfface3209d241007d7
Component: engine
This adds the ability to have different profiles for individual distros
and versions of the distro because they all ship with and depend on
different versions of policy packages.
The `selinux` dir contains the unmodified policy that is being used
today. The `selinux-fedora` dir contains the new policy for fedora 24
with the changes for it to compile and work on the system.
The fedora policy is from commit
4a6ce94da5
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Upstream-commit: 32b1f26c5111b22fe4277879c4f5e4687a6a72fc
Component: engine
We don't need hidden files to be listed
in the indexes, so skip them if hidden
files exist.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 153c946b7923fda4d60ad735f2f9e02ffb150704
Component: engine
Add a test that the default seccomp profile allows execution of 32 bit binaries
Upstream-commit: 8a8a63aa32a60e12b3c4d8e9e3397a8bd3b96d54
Component: engine
join-tokens are not needed for this endpoint, and should not be as part
of /info
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
(cherry picked from commit d8f3b3f006629c5c1368eca96bcd5bda2a54acd7)
Upstream-commit: 96b2a6e548bc3abf0f0a505ee020d2fe1e8997de
Component: engine
While testing #24510 I noticed that 32 bit syscalls were incorrectly being
blocked and we did not have a test for this, so adding one.
This is only tested on amd64 as it is the only architecture that
reliably supports 32 bit code execution, others only do sometimes.
There is no 32 bit libc in the buildpack-deps so we cannot build
32 bit C code easily so use the simplest assembly program which
just calls the exit syscall.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Upstream-commit: 93bbc76ee53240e0862c6f1ff409e7a4ee0883dc
Component: engine
When using encrypted vxlan network, some of the xfrm states are left
stale. This fix also filters out self advertise-addr rules.
Signed-off-by: Madhu Venugopal <madhu@docker.com>
Upstream-commit: 6a754a4eef4463ed7c712a1ebe5bc38e2a957c42
Component: engine
Allow partial name match for service ls --filter, node ls --filter, node tasks --filter
Upstream-commit: 7d84c715005dd123b0a63f23b207c12cb998786f
Component: engine
This commit update swarmkit to 9ee5fc3b8db5de8c8593a57bc45fc178f74ceee1.
This is part of step to fix#24270.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: 467107cd401ce9d3678e4f7ec1abfb65a0e46018
Component: engine
Reverts https://github.com/docker/docker/pull/18197
This was a workaround before Go 1.6, not required any more.
cc @nalind @Govinda-Fichtner
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Upstream-commit: 4d7038208f612dc0dfb0ac816adafd21043acd2f
Component: engine
