Fixes#9375
Signed-off-by: Alexandr Morozov <lk4d4@docker.com>
Conflicts:
integration-cli/docker_cli_cp_test.go
removed extra test
Upstream-commit: 994e4a1c69c5f48eeba679437fdd7b7ed7ab0fc5
Component: engine
Properly CloseWrite() the client socket once done with stdin when using
TLS connection (this used to rely on an erroneous type assertion).
Fixes#8658.
Fixes#8642.
Signed-off-by: Arnaud Porterie <arnaud.porterie@docker.com>
Signed-off-by: Michael Crosby <crosby.michael@gmail.com>
Upstream-commit: 0de96a81636e27a6b7cf3a34a62419545d030234
Component: engine
This makes sure that we don't buffer in memory and that we also flush
stdin from diff as well as untar.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Conflicts:
pkg/chrootarchive/diff.go
Upstream-commit: c8fc8768b672b06bd0cf38d65da8ba03016b85b2
Component: engine
Since V2 registry does not yet implement mirrors, when mirrors are given automatically fallback to V1 without checking V2 first.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Upstream-commit: 87f59e3802a44aecdb8febfd34a9661e136ffcf4
Component: engine
Signed-off-by: Tibor Vass <teabee89@gmail.com>
Conflicts:
pkg/archive/archive.go
fixed conflict which git couldn't fix with the added BreakoutError
Upstream-commit: ea361c0476d03f44051289d8e3c128d699c76acc
Component: engine
Running parseVolumesFromSpec on all VolumesFrom specs before initialize
any mounts endures that we don't leave container.Volumes in an
inconsistent (partially initialized) if one of out mount groups is not
available (e.g. the container we're trying to mount from does not
exist).
Keeping container.Volumes in a consistent state ensures that next time
we Start() the container, it'll run prepareVolumes() again.
The attached test demonstrates that when a container fails to start due
to a missing container specified in VolumesFrom, it "remembers" a Volume
that worked.
Fixes: #8726
Signed-off-by: Thomas Orozco <thomas@orozco.fr>
Conflicts:
integration-cli/docker_cli_start_test.go
cli integration test
Upstream-commit: 967f80f3cceb96f85a4795d42eeb7b84ae0ce24a
Component: engine
The vfs storage driver currently shells out to the `cp` binary on the host
system to perform an 'archive' copy of the base image to a new directory.
The archive option preserves the modified time of the files which are created
but there was an issue where it was unable to preserve the modified time of
copied symbolic links on some host systems with an outdated version of `cp`.
This change no longer relies on the host system implementation and instead
utilizes the `CopyWithTar` function found in `pkg/archive` which is used
to copy from source to destination directory using a Tar archive, which
should correctly preserve file attributes.
Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
Upstream-commit: 3ab5251f5620e7b8b052ee331f9ac1fbdbb725b1
Component: engine
These settings need to be in the HostConfig so that they are not
committed to an image and cannot introduce a security issue.
We can safely move this field from the Config to the HostConfig
without any regressions because these settings are consumed at container
created and used to populate fields on the Container struct. Because of
this, existing settings will be honored for containers already created
on a daemon with custom security settings and prevent values being
consumed via an Image.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Upstream-commit: c9379eb3fbbc484c056f5a5e49d8d0b755a29c45
Component: engine
