Signed-off-by: John Howard <jhoward@microsoft.com>
This PR has the API changes described in https://github.com/moby/moby/issues/34617.
Specifically, it adds an HTTP header "X-Requested-Platform" which is a JSON-encoded
OCI Image-spec `Platform` structure.
In addition, it renames (almost all) uses of a string variable platform (and associated)
methods/functions to os. This makes it much clearer to disambiguate with the swarm
"platform" which is really os/arch. This is a stepping stone to getting the daemon towards
fully multi-platform/arch-aware, and makes it clear when "operating system" is being
referred to rather than "platform" which is misleadingly used - sometimes in the swarm
meaning, but more often as just the operating system.
Upstream-commit: 0380fbff37922cadf294851b1546f4c212c7f364
Component: engine
Commit 8d1ae76dcbbb73d8e20c6a14a7d3fe2410b95f55 added
deprecation warnings for empty continuation lines,
but also treated comment-only lines as empty.
This patch distinguishes empty continuation lines
from comment-only lines, and only outputs warnings
for the former.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: 2fd736ac10c1c46d1001373d887cb99b3d8ee824
Component: engine
This fix is related to 29005 and 24693. Currently in `Dockerfile`
empty lines will continue as long as there is line escape before.
This may cause some issues. The issue in 24693 is an example.
A non-empty line after an empty line might be considered to be a
separate instruction by many users. However, it is actually part
of the last instruction under the current `Dockerfile` parsing
rule.
This fix is an effort to reduce the confusion around the parsing
of `Dockerfile`. Even though this fix does not change the behavior
of the `Dockerfile` parsing, it tries to deprecate the empty line
continuation and present a warning for the user. In this case,
at least it prompt users to check for the Dockerfile and avoid
the confusion if possible.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: 7815c8f8754d5473eda7cd80277a4ea3c59e3c29
Component: engine
I noticed that we're using a homegrown package for assertions. The
functions are extremely similar to testify, but with enough slight
differences to be confusing (for example, Equal takes its arguments in a
different order). We already vendor testify, and it's used in a few
places by tests.
I also found some problems with pkg/testutil/assert. For example, the
NotNil function seems to be broken. It checks the argument against
"nil", which only works for an interface. If you pass in a nil map or
slice, the equality check will fail.
In the interest of avoiding NIH, I'm proposing replacing
pkg/testutil/assert with testify. The test code looks almost the same,
but we avoid the confusion of having two similar but slightly different
assertion packages, and having to maintain our own package instead of
using a commonly-used one.
In the process, I found a few places where the tests should halt if an
assertion fails, so I've made those cases (that I noticed) use "require"
instead of "assert", and I've vendored the "require" package from
testify alongside the already-present "assert" package.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Upstream-commit: 6052f2b3969feadb01662d8e2f30337d9c7f61af
Component: engine
text does not appear to contain a placeholder
Signed-off-by: Helen Xie <chenjg@harmonycloud.cn>
Upstream-commit: 2a8d6368d4a930203b93f75914173ab65bf3b0bc
Component: engine
This drops support for migrations from pre-1.10 Docker versions, which
should be done via an external tool or an intermediate upgrade.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Upstream-commit: f8119bb7a76b5c42defb6e0a2dc67bd77ad29a5e
Component: engine
This reverts commit 105bc63295a7126798d3722a0e205c5ead4e2b1c,
which (although correct), resulted in a backward incompatible
change.
We can re-implement this in future, after this changes goes
through a deprecation cycle
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: c67550414b762ab32ea3e9645ebcafb79cb9059d
Component: engine
Came from looking at issue #27545
Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: eaf0b5708fc91ab0c78eeee1a2c9c1251439d4a8
Component: engine
This fix tries to fix the bug reported by #24693 where an empty
line after escape will not be stopped by the parser.
This fix addresses this issue by stop the parser from continue
with an empty line after escape.
An additional integration test has been added.
This fix fixes#24693.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: 3e1b539e8d0ed4abf695b0a8c42346fba6d5a6b0
Component: engine
While look at #27039 I noticed that we allow for whitespace after
the continuation char (\\) which is wrong. It needs to be the very
last char in the line.
Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: 105bc63295a7126798d3722a0e205c5ead4e2b1c
Component: engine
We attached the JSON flag to the wrong AST node, causing Docker to treat
the exec form ["binary", "arg"] as if the shell form "binary arg" had
been used. This failed if "ls" was not present.
Added a test to detect this.
Fixes#26174
Signed-off-by: Thomas Leonard <thomas.leonard@docker.com>
Upstream-commit: e95b6b51daed868094c7b66113381d5088e831b4
Component: engine
Signed-off-by: John Howard <jhoward@microsoft.com>
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Upstream-commit: 755be795b4e48b3eadcdf1427bf9731b0e97bed1
Component: engine
`TestParseWords` needs to use the `tokenEscape` for one of the test
cases, but `tokenEscape` was not being set unless tests ran in a
specific order.
This sets a default value for `tokenEscape`... `\`... so that tests that
rely on this global are not affected by test ordering.
This is the simplest fix for these cases. Ideally the token should not
be set as a global but rather passed down, which is a much larger
change.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: df167d3ff04cdc90012c8ca39647662ad69e6715
Component: engine
This fix tries to address issues in #23221 where Dockerfile
may consists of UTF-8 BOM. This likely happens when Notepad
tries to save a file as UTF-8 in Windows.
This fix skips the UTF-8 BOM bytes from the beginning of the
Dockerfile if exists.
Additional tests has been added to cover the changes in this
fix.
This fix fixes#23221.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: 678c80f9256021ce74184fdd6b612d9dea377fba
Component: engine
This PR adds support for user-defined health-check probes for Docker
containers. It adds a `HEALTHCHECK` instruction to the Dockerfile syntax plus
some corresponding "docker run" options. It can be used with a restart policy
to automatically restart a container if the check fails.
The `HEALTHCHECK` instruction has two forms:
* `HEALTHCHECK [OPTIONS] CMD command` (check container health by running a command inside the container)
* `HEALTHCHECK NONE` (disable any healthcheck inherited from the base image)
The `HEALTHCHECK` instruction tells Docker how to test a container to check that
it is still working. This can detect cases such as a web server that is stuck in
an infinite loop and unable to handle new connections, even though the server
process is still running.
When a container has a healthcheck specified, it has a _health status_ in
addition to its normal status. This status is initially `starting`. Whenever a
health check passes, it becomes `healthy` (whatever state it was previously in).
After a certain number of consecutive failures, it becomes `unhealthy`.
The options that can appear before `CMD` are:
* `--interval=DURATION` (default: `30s`)
* `--timeout=DURATION` (default: `30s`)
* `--retries=N` (default: `1`)
The health check will first run **interval** seconds after the container is
started, and then again **interval** seconds after each previous check completes.
If a single run of the check takes longer than **timeout** seconds then the check
is considered to have failed.
It takes **retries** consecutive failures of the health check for the container
to be considered `unhealthy`.
There can only be one `HEALTHCHECK` instruction in a Dockerfile. If you list
more than one then only the last `HEALTHCHECK` will take effect.
The command after the `CMD` keyword can be either a shell command (e.g. `HEALTHCHECK
CMD /bin/check-running`) or an _exec_ array (as with other Dockerfile commands;
see e.g. `ENTRYPOINT` for details).
The command's exit status indicates the health status of the container.
The possible values are:
- 0: success - the container is healthy and ready for use
- 1: unhealthy - the container is not working correctly
- 2: starting - the container is not ready for use yet, but is working correctly
If the probe returns 2 ("starting") when the container has already moved out of the
"starting" state then it is treated as "unhealthy" instead.
For example, to check every five minutes or so that a web-server is able to
serve the site's main page within three seconds:
HEALTHCHECK --interval=5m --timeout=3s \
CMD curl -f http://localhost/ || exit 1
To help debug failing probes, any output text (UTF-8 encoded) that the command writes
on stdout or stderr will be stored in the health status and can be queried with
`docker inspect`. Such output should be kept short (only the first 4096 bytes
are stored currently).
When the health status of a container changes, a `health_status` event is
generated with the new status. The health status is also displayed in the
`docker ps` output.
Signed-off-by: Thomas Leonard <thomas.leonard@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Upstream-commit: b6c7becbfe1d76b1250f6d8e991e645e13808a9c
Component: engine
This fix tries to address the inconsistency in #22036 where labels
set on the command line will not override labels specified in
Dockerfile, but will override labels inherited from `FROM` images.
The fix add a LABEL with command line options at the end of the
processed Dockerfile so that command line options labels always
override the LABEL in Dockerfiles (or through `FROM`).
An integration test has been added for test cases specified in #22036.
This fix fixes#22036.
NOTE: Some changes are from #22266 (@tiborvass).
Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
Upstream-commit: 5844736c14b29860ea03b040e9a052e59ad75bfc
Component: engine
