9568 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
Sebastiaan van Stijn	5fcbbde4b9	vendor: golang.org/x/net v0.23.0 ... full diff: https://github.com/golang/net/compare/v0.22.0...v0.23.0 Includes a fix for CVE-2023-45288, which is also addressed in go1.22.2 and go1.21.9; > http2: close connections when receiving too many headers > > Maintaining HPACK state requires that we parse and process > all HEADERS and CONTINUATION frames on a connection. > When a request's headers exceed MaxHeaderBytes, we don't > allocate memory to store the excess headers but we do > parse them. This permits an attacker to cause an HTTP/2 > endpoint to read arbitrary amounts of data, all associated > with a request which is going to be rejected. > > Set a limit on the amount of excess header frames we > will process before closing a connection. > > Thanks to Bartek Nowotarski for reporting this issue. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2024-04-09 14:52:51 +02:00
Sebastiaan van Stijn	4745b957d2	vendor: golang.org/x/net v0.22.0, golang.org/x/crypto v0.21.0 ... full diffs changes relevant to vendored code: - https://github.com/golang/net/compare/v0.19.0...v0.22.0 - http2: remove suspicious uint32->v conversion in frame code - http2: send an error of FLOW_CONTROL_ERROR when exceed the maximum octets - https://github.com/golang/crypto/compare/v0.17.0...v0.21.0 - (no changes in vendored code) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2024-04-09 14:50:53 +02:00
Sebastiaan van Stijn	c7a50ebb9f	vendor: golang.org/x/term v0.18.0 ... no changes in vendored code full diff: https://github.com/golang/term/compare/v0.15.0...v0.18.0 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2024-04-09 14:47:48 +02:00
Sebastiaan van Stijn	9a2133f2d4	vendor: golang.org/x/sys v0.18.0 ... full diff: https://github.com/golang/sys/compare/v0.16.0...v0.18.0 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2024-04-09 14:46:54 +02:00
Laura Brehm	c23a404698	Merge pull request #4986 from vvoland/update-go ... update to go1.21.9	2024-04-05 15:35:47 +01:00
Paweł Gronowski	0a5bd6c75b	update to go1.21.9 ... go1.21.9 (released 2024-04-03) includes a security fix to the net/http package, as well as bug fixes to the linker, and the go/types and net/http packages. See the Go 1.21.9 milestone on our issue tracker for details. - https://github.com/golang/go/issues?q=milestone%3AGo1.21.9+label%3ACherryPickApproved - full diff: https://github.com/golang/go/compare/go1.21.8...go1.21.9 **- Description for the changelog** ```markdown changelog Update Go runtime to 1.21.9 ``` Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>	2024-04-05 12:43:24 +02:00
Laura Brehm	b2fe82a23e	Merge pull request #4985 from laurazard/otel-exit-code-int ... otel: capture exit code as int64	2024-04-05 10:21:52 +01:00
Laura Brehm	cefcba9871	otel: capture exit code as int64 ... Signed-off-by: Laura Brehm <laurabrehm@hey.com>	2024-04-04 19:11:56 +01:00
Bjorn Neergaard	10b9810989	Merge pull request #4978 from laurazard/otel-add-tty ... otel: capture whether process was invoked from a terminal	2024-04-04 06:09:48 -06:00
Laura Brehm	204b324291	Merge pull request #4975 from jsternberg/otel-error-handler ... command: include default otel error handler for the cli	2024-04-04 03:56:41 +01:00
Laura Brehm	ee1b2836af	otel: capture whether process was invoked from a terminal ... This commit adds a "terminal" attribute to `BaseMetricAttributes` that allows us to discern whether an invocation was from an interactive terminal or not. Signed-off-by: Laura Brehm <laurabrehm@hey.com>	2024-04-04 03:28:17 +01:00
Jonathan A. Sternberg	8f45f1495c	command: include default otel error handler for the cli ... This adds a default otel error handler for the cli in the debug package. It uses logrus to log the error on the debug level and should work out of the box with the `--debug` flag and `DEBUG` environment variable. Signed-off-by: Jonathan A. Sternberg <jonathan.sternberg@docker.com>	2024-04-03 12:01:28 -05:00
Sebastiaan van Stijn	9ca30bd2ac	Merge pull request #4939 from Benehiko/prompt-termination ... feat: standardize error for prompt	2024-04-02 19:09:12 +02:00
Alano Terblanche	910d5d0247	chore: remove backticks and resolve linting issues ... Signed-off-by: Alano Terblanche <18033717+Benehiko@users.noreply.github.com>	2024-04-02 15:54:29 +02:00
Bjorn Neergaard	155dc5e4e4	Merge pull request #4973 from jsternberg/otel-1.16-compat ... cli: add go:build tag to the docker telemetry	2024-04-01 09:08:16 -06:00
Bjorn Neergaard	e3f45bf68f	Merge pull request #4972 from vvoland/community-slack ... CONTRIBUTING.md: update Slack link	2024-03-28 14:25:54 -06:00
Jonathan A. Sternberg	2a3b6c03f7	cli: add go:build tag to the docker telemetry ... This is needed because the project does not have a `go.mod` file and gets sent to go 1.16 semantics whenever it's imported by another project and `any` doesn't exist in go 1.16, but the linter requires us to use `any` here. Setting the `go:build` tag forces the per-file language to the go version specified. Signed-off-by: Jonathan A. Sternberg <jonathan.sternberg@docker.com>	2024-03-28 14:09:34 -05:00
Laura Brehm	400a8bb4a2	Merge pull request #4940 from krissetto/otel-init ... Initial otel implementation	2024-03-28 17:21:00 +00:00
Christopher Petito	efd82e1e31	Initial otel impl using our utils ... Signed-off-by: Christopher Petito <chrisjpetito@gmail.com>	2024-03-28 16:23:01 +00:00
Christopher Petito	b6e2eca4b8	Enable overriding of the otel exporter otlp endpoint via env var for testing purposes ... Signed-off-by: Christopher Petito <chrisjpetito@gmail.com>	2024-03-28 16:22:53 +00:00
Christopher Petito	160f65d9db	Added some telemetry utils ... Signed-off-by: Christopher Petito <chrisjpetito@gmail.com>	2024-03-28 16:22:43 +00:00
Paweł Gronowski	9a1b0f8bb3	CONTRIBUTING.md: update Slack link ... Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>	2024-03-28 09:38:11 +01:00
Alano Terblanche	7c722c08d0	feat: standardize error for prompt ... Signed-off-by: Alano Terblanche <18033717+Benehiko@users.noreply.github.com>	2024-03-26 14:11:55 +01:00
Laura Brehm	b8d5454963	Merge pull request #4957 from Benehiko/prompt-test-flakiness ... fix: flaky prompt termination on reader close test	2024-03-26 13:03:02 +00:00
Alano Terblanche	7ea10d5ced	refactor: prompt tests ... Signed-off-by: Alano Terblanche <18033717+Benehiko@users.noreply.github.com>	2024-03-26 10:07:01 +01:00
Bjorn Neergaard	b39bbb4e3b	Merge pull request #4889 from jsternberg/universal-telemetry-client ... cli: add otel sdk tracing and metric providers to the core cli	2024-03-25 10:47:06 -06:00
Jonathan A. Sternberg	89db01ef97	cli: add otel sdk tracing and metric providers to the core cli ... This adds the code used by buildx and compose into the default CLI program to help normalize the usage of these APIs and allow code reuse between projects. It also allows these projects to benefit from improvements or changes that may be made by another team. At the moment, these APIs are a pretty thin layer on the OTEL SDK. It configures an additional exporter to a docker endpoint that's used for usage collection and is only active if the option is configured in docker desktop. This also upgrades the OTEL version to v1.19 which is the one being used by buildkit, buildx, compose, etc. Signed-off-by: Jonathan A. Sternberg <jonathan.sternberg@docker.com>	2024-03-25 11:11:34 -05:00
Sebastiaan van Stijn	b4d03289a7	Merge pull request #4933 from Xeonacid/riscv-CGO_ENABLED ... Set CGO_ENABLED=1 on riscv64	2024-03-25 12:04:11 +01:00
Bjorn Neergaard	799bf52680	Merge pull request #4376 from laurazard/plugin-hooks ... Introduce support for CLI plugin hooks	2024-03-22 14:34:14 -06:00
Laura Brehm	c5016c6d5b	cli-plugins: Introduce support for hooks ... Signed-off-by: Laura Brehm <laurabrehm@hey.com>	2024-03-22 17:30:18 +00:00
Bjorn Neergaard	ac5421665f	Merge pull request #4963 from neersighted/plugin_comments ... plugin: drop explicit unlink	2024-03-22 10:19:25 -06:00
Paweł Gronowski	3a8f292a3f	Merge pull request #4961 from vvoland/vendor-master-docker-v26.0.0 ... vendor: github.com/docker/docker v26.0.0	2024-03-22 17:15:02 +01:00
Bjorn Neergaard	509123f935	plugin: drop explicit unlink ... Go's `net` package [will unlink][1] for us, as long as we used Listen & friends to create the Unix socket. Go will even skip the unlink when the socket appears to be abstract (starts with a NUL, represented by an @), though we must be cautious to only create sockets with an abstract address on platforms that actually support it -- this caused [several][2] [bugs][3] before. [1]: https://pkg.go.dev/net#UnixListener.SetUnlinkOnClose [2]: https://github.com/docker/cli/pull/4783 [3]: https://github.com/docker/cli/pull/4863 Signed-off-by: Bjorn Neergaard <bjorn.neergaard@docker.com>	2024-03-22 10:12:40 -06:00
Bjorn Neergaard	9aae5e4f6b	Merge pull request #4960 from neersighted/plugin_comments ... plugin: update/improve process lifecycle documentation	2024-03-22 08:54:26 -06:00
Paweł Gronowski	fdb48a0664	vendor: github.com/docker/docker v26.0.0 ... no changes in vendored files full diff: https://github.com/docker/docker/compare/8b79278316b5...v26.0.0 Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>	2024-03-22 11:41:42 +01:00
Bjorn Neergaard	542e82caeb	plugin: update/improve process lifecycle documentation ... Signed-off-by: Bjorn Neergaard <bjorn.neergaard@docker.com>	2024-03-22 01:07:05 -06:00
Bjorn Neergaard	318911b404	Merge pull request #4905 from cpuguy83/plugin_notify_conn_cleanup ... plugin: closer-based plugin notification socket	2024-03-21 21:52:30 -06:00
Brian Goff	d68cc0e8d0	plugin: closer-based plugin notification socket ... This changes things to rely on a plugin server that manages all connections made to the server. An optional handler can be passed into the server when the caller wants to do extra things with the connection. It is the caller's responsibility to close the server. When the server is closed, first all existing connections are closed (and new connections are prevented). Now the signal loop only needs to close the server and not deal with `net.Conn`'s directly (or double-indirects as the case was before this change). The socket, when present in the filesystem, is no longer unlinked eagerly, as reconnections require it to be present for the lifecycle of the plugin server. Co-authored-by: Bjorn Neergaard <bjorn.neergaard@docker.com> Signed-off-by: Brian Goff <cpuguy83@gmail.com> Signed-off-by: Bjorn Neergaard <bjorn.neergaard@docker.com>	2024-03-21 15:08:19 -06:00
Alano Terblanche	4468148f37	Merge pull request #4891 from Lussebullen/test-coverage ... Add tests for increased coverage.	2024-03-21 16:05:27 +01:00
Alano Terblanche	d2ea5adfe4	fix: flaky prompt termination on reader close test ... Signed-off-by: Alano Terblanche <18033717+Benehiko@users.noreply.github.com>	2024-03-21 10:53:30 +01:00
Mathias Duedahl	ccfd0b2cc2	test/ Improve test coverage in volume.go ... Co-authored-by: Adam Siraj <40822894+asirago@users.noreply.github.com> Co-authored-by: Emil Sjölander <72094310+emilsjol@users.noreply.github.com> Co-authored-by: Omar Askar Vergara <71982892+Omar-AV@users.noreply.github.com> Co-authored-by: Emir Catir <emir.catir@gmail.com> Signed-off-by: Mathias Duedahl <64321057+Lussebullen@users.noreply.github.com>	2024-03-20 19:53:33 +01:00
Bjorn Neergaard	2ae903e86c	Merge pull request #4929 from dvdksn/privileged-flag ... docs: clarify what the --privileged flag does v26.0.0	2024-03-20 09:10:03 -06:00
Bjorn Neergaard	5931a2f592	Merge pull request #4956 from vvoland/vendor-docker-26.0.0-dev ... vendor: github.com/docker/docker 8b79278316b5 (master)	2024-03-20 09:08:50 -06:00
Paweł Gronowski	ed9dd75575	Merge pull request #4949 from akerouanton/remove-short-cid-alias ... docs/deprecated: update status of short cid alias deprecation	2024-03-20 16:05:01 +01:00
Paweł Gronowski	69575f6175	vendor: github.com/docker/docker 8b79278316b5 (master) ... no changes in vendored files Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>	2024-03-20 15:45:19 +01:00
Paweł Gronowski	fa84cfd802	Merge pull request #4950 from vvoland/vendor-docker-26.0.0-rc3-dev ... vendor: github.com/docker/docker 330d777c53fb (v26.0.0-rc3-dev) v26.0.0-rc3	2024-03-19 14:40:12 +01:00
Paweł Gronowski	b70a26deaf	vendor: github.com/docker/docker 330d777c53fb (v26.0.0-rc3-dev) ... full diff: 70e46f2c7c...330d777c53 Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>	2024-03-19 14:31:41 +01:00
Paweł Gronowski	23563728bc	Merge pull request #4944 from thaJeztah/update_engine ... vendor: github.com/docker/docker 70e46f2c7c2d (v26.0.0-rc3-dev)	2024-03-19 11:00:31 +01:00
Sebastiaan van Stijn	ea3201c575	Merge pull request #4945 from thaJeztah/remove_gocompat ... scripts/vendor: remove -compat=1.19	2024-03-18 12:29:42 +01:00
Sebastiaan van Stijn	c050bf0909	Merge pull request #4946 from thaJeztah/bump_gofumpt ... Dockerfile: update mvdan/gofumpt to v0.6.0	2024-03-18 12:24:26 +01:00