This vendors in new spec/runc that supports
setting readonly and masked paths in the
configuration. Using this allows us to make an
exception for `—-privileged`.
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Upstream-commit: 3f81b4935292d5daedea9de4e2db0895986115da
Component: engine
Also modify an integration test that hardcoded the error string so it
uses the exported error variable from libcontainer/user.
Signed-off-by: Aleksa Sarai <asarai@suse.de>
Upstream-commit: da38ac6c79fe902ed0687afc73d731c95c6d491a
Component: engine
Currently the directory inside of the tgz files is /usr/local/bin
and this is causing some confusion, and problems with people who already
have stuff in those directories. This commit changes the directory
to /docker to help remove the confusion.
Signed-off-by: Ken Cochrane <kencochrane@gmail.com>
Upstream-commit: 7df5b32834237eac4c338f0ce1cba65b86bbe642
Component: engine
This PR updates vendored engine-api to e37a82dfcea64559ca6a581776253c01d83357d9
in order to support `SecurityOptions` in `Info`.
See #20909, #21172 for details related to `SecurityOptions`.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: 270562f439684a8fca84617ab7ceb494b7afd301
Component: engine
`TEST_REPEAT=n` runs the test suite again n times or
until the first failure without doing building and
daemon setup. Useful for debugging flaky tests.
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Upstream-commit: 477fe4846ac72a77d7b045d1b5619bc7cfdbb9aa
Component: engine
Add some missing dependencies in the Dockerfile:
- apt-utils for apt-ftparchive.conf
- bsdmainutils for our use of the column command in
hack/make/generate-index-listing
We also ensure that the docker daemon is started before calling
release-deb or release-rpm, since .detect-daemon-osarch, which is sourced
in each of them, requires the daemon to be running.
This commit also gets completely rid of s3cmd and fixes references to
AWS_* environment variables (changing from AWS_ACCESS_KEY to
AWS_ACCESS_KEY_ID and AWS_SECRET_KEY to AWS_SECRET_ACCESS_KEY) in order
to please awscli. Also AWS_DEFAULT_REGION is now important to specify,
the default has been set to the region used by get.docker.com and
test.docker.com.
Signed-off-by: Tibor Vass <tibor@docker.com>
Upstream-commit: 996138bf8e6acde9a937755ef81459f7d7566fc9
Component: engine
These are the changes required due to the new binaries that containerd introduced.
The rpm, and deb packages now include 5 binaries.
docker, containerd, containerd-shim, ctr, and runc
The tar files also include all 5 binaries.
Signed-off-by: Ken Cochrane <KenCochrane@gmail.com>
Upstream-commit: bb66d7144f7d0a617f5985486ae36bbbaa5461ba
Component: engine
Use aws instead of s3cmd.
Make sure the release script works with the docker-prepended binary
names.
Signed-off-by: Tibor Vass <tibor@docker.com>
Upstream-commit: dd51e85c050076be09fc7414bda1f261b61e60ad
Component: engine
I tagged the current commit so we have a better reference
of what's in this release.
Signed-off-by: David Calavera <david.calavera@gmail.com>
Upstream-commit: 9e9c73a52893e658e391dfc44d4cea38fa6af980
Component: engine
This adds a function for copying containerd and other binaries as well
as adding a hash for those files.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Upstream-commit: 78568f2eb54a6455dad566923f3c6f03ac300405
Component: engine
Not sure if this is the right setup given the containerd change but I need
to have the built version of the nested exes (containerd, runc...) available
to me after the build is completed so I'm always testing using the latest
versions. This PR will copy them into the same bundles dir so people can
them use them if they wish w/o having to build each separately.
Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: 1bf5eb20e53b7e242792fcbe399cb997b6a2ba4b
Component: engine
