When there's more than on json file in there we don't tell the user
which one was an issue.
Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: 76106b494b375cbbf274b10dd1dddfe39e6fcde9
Component: engine
Created date util function
Signed-off-by: Nathan McCauley <nathan.mccauley@docker.com>
Upstream-commit: 1406cb35fd814a987b91f92ed1a4b61a21205736
Component: engine
The Dockerfile is rewritten with images references on FROM
instructions resolved to trusted digests. The rewritten Dockerfile
is swapped with the original one during context upload.
Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
Upstream-commit: 578b1521df85eae8a6205118131751c631323ba5
Component: engine
Separated preparation of context and Dockerfile for
the various different methods of specifying them.
Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
Upstream-commit: 3021b7a4a0a920c26d87361b6cb8651c110bc4a1
Component: engine
Added notary server to docker base image.
Created trust suite which runs trust server for running trusted commands.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Upstream-commit: 58a1de9b59594948df152f0003e759b77bcaa56a
Component: engine
Add a trusted flag to force the cli to resolve a tag into a digest via the notary trust library and pull by digest.
On push the flag the trust flag will indicate the digest and size of a manifest should be signed and push to a notary server.
If a tag is given, the cli will resolve the tag into a digest and pull by digest.
After pulling, if a tag is given the cli makes a request to tag the image.
Use certificate directory for notary requests
Read certificates using same logic used by daemon for registry requests.
Catch JSON syntax errors from Notary client
When an uncaught error occurs in Notary it may show up in Docker as a JSON syntax error, causing a confusing error message to the user.
Provide a generic error when a JSON syntax error occurs.
Catch expiration errors and wrap in additional context.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Upstream-commit: ed13c3abfb242905ec012e8255dc6f26dcf122f6
Component: engine
* Add godoc documentation where it was missing
* Change identifier names that don't match Go style, such as INDEX_NAME
* Rename RegistryInfo to PingResult, which more accurately describes
what this structure is for. It also has the benefit of making the name
not stutter if used outside the package.
Updates #14756
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Upstream-commit: 4fcb9ac40ce33c4d6e08d5669af6be5e076e2574
Component: engine
This keeps reexec working properly even if the on-disk binary was replaced.
Signed-off-by: Tibor Vass <tibor@docker.com>
Upstream-commit: 5aee8807a67687941916fc85c6d4da6bc59e834b
Component: engine
There is no option validation for "journald" log-driver, so it makes no
sense to fail in that case.
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
Upstream-commit: d68c55bc72625bce226971ef6e760530e9a15ce3
Component: engine
* Clarify the list of supported instructions.
* Clarify behavior of ONBUILD, based on comments by @SvenDowideit, @theJeztah in PR #14735.
* Reorder list of instructions in alphabetical order.
Signed-off-by: Charles Chan <charleswhchan@users.noreply.github.com>
Upstream-commit: 42263dafcf05dc598fd98d1b9dd098acb09a4e72
Component: engine
Based on the list containers with filters options it would seem that filtering containers with label `test=docker-java` could be done with `{"test":["docker-java"]}` which doesn't work
The options that work are `{"label":["test"]}` and `{"label":["test=docker-java"]}`
As seen in https://github.com/docker-java/docker-java/pull/262
Signed-off-by: Carlos Sanchez <carlos@apache.org>
Upstream-commit: 1fb29e6c3c13127912d1de9233f2aaaf63ec0ee8
Component: engine
* Wording based on suggestions by @thaJeztah, @moxiegirl in PR #14700.
Signed-off-by: Charles Chan <charleswhchan@users.noreply.github.com>
Upstream-commit: c9ff01ffc74c04d07933118d6275674bdd514c71
Component: engine
A moratorium has been added to the road map to add a moratorium on adding
remote registry access to commands that don't already do so.
Signed-off-by: Stephen J Day <stephen.day@docker.com>
Upstream-commit: 24f7d0afc9b62da1684e5bf9998ad927aec37cb0
Component: engine
