This adds support for filtering by network ID, to be
consistent with other filter options.
Note that only *full* matches are returned; this is
consistent with other filters (e.g. volume), that
also return full matches only.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 7c46ba02e694ae540866b29ebf0dab76e556cc13
Component: engine
Change the test back to what it was before
e83dad090a1e890ac870808d776fa584276bf7ab
And added an extra test-case to check the
output if an incorrect number of arguments
is passed.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 085f41b6a5764cba33fb5bda387f8ebe165d5828
Component: engine
Any command that expects extra flags after positional args needs to set flags.SetInterspersed(false).
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
Upstream-commit: aa00520fc8bb4e04c37c2eb41f3bc3558deab533
Component: engine
This fix fixed a couple of typos in the docs of `docker attach`:
docs/reference/commandline/attach.md
man/docker-attach.1.md
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: 2e506039ff9f6502670d42570f835c0d51fcda20
Component: engine
If Windows updates are being applied via a RUN command in a docker build, the build will not stop if there was a failure in postRunProcessing. To enable this behavior, we explicitly set the exit code of the container to a failure if postRunProcessing fails during servicing container step. For completeness, also avoid running servicing operation if the original exit code of the container is non-zero so that original failure exit code does not get overwritten.
Signed-off-by: Stefan J. Wernli <swernli@microsoft.com>
Upstream-commit: 2266e7f2345c88a8e195fd959550d0d657bec843
Component: engine
This fix is part of the effort to convert commands to spf13/cobra #23211.
Thif fix coverted command `docker rename` to use spf13/cobra
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: 70f7ccb304f9246bc9c2bfe0e30d3a2bd8fd42f8
Component: engine
This fix is part of the effort to convert commands to spf13/cobra #23211.
Thif fix coverted command `docker pause` to use spf13/cobra
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: 91731706c2c7d7efba78045ff8080f2b38d07c4f
Component: engine
This fix is part of the effort to convert commands to spf13/cobra #23211.
Thif fix coverted command `docker history` to use spf13/cobra
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: a76d387cdaa0b44d7d2b7550c2eb4c0fc53e7a47
Component: engine
This fix is part of the effort to convert commands to spf13/cobra #23211.
Thif fix coverted command `docker top` to use spf13/cobra
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: 0f3866926763447c247bb24268923b5e50c006e1
Component: engine
This fix is part of the effort to convert commands to spf13/cobra #23211.
Thif fix coverted command `docker port` to use spf13/cobra
Note: As part of this fix, a new function `RequiresMinMaxArgs(min int, max int)`
has been added in cli/required.go. This function restrict the args
to be at least min and at most max.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: d5971c230dc91fa8764dd5e9bc4124346ad06e02
Component: engine
To implement seccomp for s390x the following changes are required:
1) seccomp_default: Add s390 compat mode
On s390x (64 bit) we can run s390 (32 bit) programs in 32 bit
compat mode. Therefore add this information to arches().
2) seccomp_default: Use correct flags parameter for sys_clone on s390x
On s390x the second parameter for the clone system call is the flags
parameter. On all other architectures it is the first one.
See kernel code kernel/fork.c:
#elif defined(CONFIG_CLONE_BACKWARDS2)
SYSCALL_DEFINE5(clone, unsigned long, newsp, unsigned long, clone_flags,
int __user *, parent_tidptr,
So fix the docker default seccomp rule and check for the second
parameter on s390/s390x.
3) seccomp_default: Add s390 specific syscalls
For s390 we currently have three additional system calls that should
be added to the seccomp whitelist:
- Other architectures can read/write unprivileged from/to PCI MMIO memory.
On s390 the instructions are privileged and therefore we need system
calls for that purpose:
* s390_pci_mmio_write()
* s390_pci_mmio_read()
- Runtime instrumentation:
* s390_runtime_instr()
4) test_integration: Do not run seccomp default profile test on s390x
The generated profile that we check in is for amd64 and i386
architectures and does not work correctly on s390x.
See also: 75385dc216e ("Do not run the seccomp tests that use
default.json on non x86 architectures")
5) Dockerfile.s390x: Add "seccomp" to DOCKER_BUILDTAGS
Signed-off-by: Michael Holzheu <holzheu@linux.vnet.ibm.com>
Upstream-commit: bf2a577c131d8998eb6ecac986d80e1289e6c801
Component: engine
This fix is part of the effort to convert commands to spf13/cobra #23211.
Thif fix coverted command `docker wait` to use spf13/cobra
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: 82f84a67d6d40d4a076927c618db475191f97da0
Component: engine
- Migrates network command and subcommands (connect, create, disconnect,
inspect, list and remove) to spf13/cobra
- Create a RequiredExactArgs helper function for command that require an
exact number of arguments.
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
Upstream-commit: 4bd202b00f7859ebeb4ba87511a0618ad08d0605
Component: engine
