Also fix bad reference to ServiceSpec.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
(cherry picked from commit ea1d14a189d62df34427b037a6d043ae3028760b)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The swagger.yml defined these endpoints to return
a "ServiceSpec" instead of a "SecretSpec".
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit f6954bea9f28c62c50b88c895968045cf801aa81)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This documents the Service privileges
API changes, that were added in:
091b5e68ea735bf4e8ece708bbc8c413a32eab73
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit d0a8e73e7b60f61db0c3799643aaccbbf33f3601)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The case where we are trying to do a remount with changed filesystem specific options was missing,
we need to call `mount` as well here to change those options.
See #33844 for where we need this, as we change `tmpfs` options.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
(cherry picked from commit 3a1ab5b479ce843648cf676fbaaf2bec9e040dce)
Signed-off-by: Ying <ying.li@docker.com>
In some cases a server may return an error on the ping response but
still provide version details. The client should use these values when
available.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
(cherry picked from commit 27ef09a46ffeb8ba42548de937b68351009f30ea)
Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
Signed-off-by: John Stephens <johnstep@docker.com>
(cherry picked from commit b9255e4a531d2ad0239481eba2a635f7d48718fb)
Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
This vendors from the docker org:
- containerd to 6e23458c129b551d5c9871e5174f6b1b7f6d1170
- runc to 810190ceaa507aa2727d7ae6f4790c76ec150bd2
- runtime-spec to a45ba0989fc26c695fe166a49c45bb8b7618ab36
This fixes two issues:
- if the container is paused, it now responds properly to SIGKILL
- on buggy kernels such as RHEL7.2, a int64->uint64 conversion bug
prevented containers to start when memory cgroup was specified.
Signed-off-by: Tibor Vass <tibor@docker.com>
This is no longer needed here. It was required for compiling the CLI
which we no longer do here.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
(cherry picked from commit 57f0e0c61982269093eb6d9934656ea70b573938)
Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
(cherry picked from commit ebfdfc5768b74e0a52875cf76a0576bfcd66445c)
Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
`docker build` accepts remote repositories
using either the `git://` notation, or `git@`.
Docker attempted to parse both as an URL, however,
`git@` is not an URL, but an argument to `git clone`.
Go 1.7 silently ignored this, and managed to
extract the needed information from these
remotes, however, Go 1.8 does a more strict
validation, and invalidated these.
This patch adds a different path for `git@` remotes,
to prevent them from being handled as URL (and
invalidated).
A test is also added, because there were no
tests for handling of `git@` remotes.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 913eb99fdcd26a4106250bd40dfe8b9c18564b23)
Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
With debug logging turned on, we currently log the base64-encoded secret
payload.
Change the middleware code to redact this. Since the field is called
"Data", it requires some context-sensitivity. The URI path is examined
to see which route is being invoked.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
(cherry picked from commit 3fbc352cbbce06cd3001d6b14b2b1ebcb4d42cd5)
Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
logger.PutMessage, added in #28762 (v17.04.0-ce), clears msg.Source. So journald
and syslog were treating stderr messages as if they were stdout.
Signed-off-by: David Glasser <glasser@davidglasser.net>
(cherry picked from commit 917050c5728f2fb9958ccb3ab66a23766f741adc)
Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
(cherry picked from commit 4bf263c19873718394f8161dbc020bf4be30f9d6)
Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
Before this patch, if the plugin's `config.json` is successfully removed
but the main plugin state dir could not be removed for some reason (e.g.
leaked mount), it will prevent the daemon from being able to be
restarted.
This patches changes this to atomically remove the plugin such that on
daemon restart we can detect that there was an error and re-try. It also
changes the logic so that it only logs errors on restore rather than
erroring out the daemon.
This also removes some code which is now duplicated elsewhere.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
(cherry picked from commit 11cf394e5ea964636294a219872b188fe5bdf4dd)
Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
Commit c79c16910c0f3d6e88f2dc6ef609ecc3b02ccef9
inadvertently put these API changes under API 1.31,
but they were added in API 1.30.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit dd5e818fabc7edf7fa4d952e62b949b224909d2a)
Conflicts:
components/engine/docs/api/version-history.md
Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
COmmit 0307fe1a0bcdc02583a24add41eb783c117bad8c added
a new `DataPathAddr` property to the swarm/init and swarm/join
endpoints. This property was not yet added to the
documentation.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit c79c16910c0f3d6e88f2dc6ef609ecc3b02ccef9)
Conflicts:
components/engine/docs/api/version-history.md
Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
Before this patch, a log reader is able to block all log writes
indefinitely (and other operations) by simply opening the log stream and
not consuming all the messages.
The reason for this is we protect the read stream from corruption by
ensuring there are no new writes while the log stream is consumed (and
caught up with the live entries).
We can get around this issue because log files are append only, so we
can limit reads to only the section of the file that was written to when
the log stream was first requested.
Now logs are only blocked until all files are opened, rather than
streamed to the client.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
(cherry picked from commit e2209185ed1c959131d4068ec7fc93e194dc0802)
Conflicts:
components/engine/daemon/logger/jsonfilelog/read.go
Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
They have been moved to github.com/docker/cli.
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit b5579a4ce33af4c1f67118e11b5a01008a36d26a)
Conflicts:
components/engine/docs/extend/legacy_plugins.md
components/engine/docs/reference/builder.md
components/engine/docs/reference/commandline/node_ls.md
components/engine/docs/reference/commandline/run.md
components/engine/docs/reference/run.md
Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
