Merge pull request #287 from andrewhsu/v

[17.11] bump version to 17.11.0-ce-rc3

.gitignore

@@ -0,0 +1 @@
+.helpers/

CONTRIBUTING.md

@@ -2,6 +2,125 @@
 
 Want to contribute on Docker CE? Awesome!
 
+This page contains information about reporting issues as well as some tips and
+guidelines useful to experienced open source contributors. Finally, make sure
+you read our [community guidelines](#docker-community-guidelines) before you
+start participating.
+
+## Topics
+
+* [Reporting Security Issues](#reporting-security-issues)
+* [Reporting Issues](#reporting-other-issues)
+* [Submitting Pull Requests](#submitting-pull-requests)
+* [Community Guidelines](#docker-community-guidelines)
+
+## Reporting security issues
+
+The Docker maintainers take security seriously. If you discover a security
+issue, please bring it to their attention right away!
+
+Please **DO NOT** file a public issue, instead send your report privately to
+[security@docker.com](mailto:security@docker.com).
+
+Security reports are greatly appreciated and we will publicly thank you for it.
+We also like to send gifts—if you're into Docker schwag, make sure to let
+us know. We currently do not offer a paid security bounty program, but are not
+ruling it out in the future.
+
+## Reporting other issues
+
+There are separate issue-tracking repos for the end user Docker CE
+products specialized for a platform. Find your issue or file a new issue
+for the platform you are using:
+
+* https://github.com/docker/for-linux
+* https://github.com/docker/for-mac
+* https://github.com/docker/for-win
+* https://github.com/docker/for-aws
+* https://github.com/docker/for-azure
+
+When reporting issues, always include:
+
+* The output of `docker version`.
+* The output of `docker info`.
+
+If presented with a template when creating an issue, please follow its directions.
+
+Also include the steps required to reproduce the problem if possible and
+applicable. This information will help us review and fix your issue faster.
+When sending lengthy log-files, consider posting them as a gist (https://gist.github.com).
+Don't forget to remove sensitive data from your logfiles before posting (you can
+replace those parts with "REDACTED").
+
+## Submitting pull requests
+
+Please see the corresponding `CONTRIBUTING.md` file of each component for more information:
+
 * Changes to the `engine` should be directed upstream to https://github.com/moby/moby
 * Changes to the `cli` should be directed upstream to https://github.com/docker/cli
 * Changes to the `packaging` should be directed upstream to https://github.com/docker/docker-ce-packaging
+
+## Docker community guidelines
+
+We want to keep the Docker community awesome, growing and collaborative. We need
+your help to keep it that way. To help with this we've come up with some general
+guidelines for the community as a whole:
+
+* Be nice: Be courteous, respectful and polite to fellow community members.
+  Regional, racial, gender, or other abuse will not be tolerated. We like
+  nice people way better than mean ones!
+
+* Encourage diversity and participation: Make everyone in our community feel
+  welcome, regardless of their background and the extent of their
+  contributions, and do everything possible to encourage participation in
+  our community.
+
+* Keep it legal: Basically, don't get us in trouble. Share only content that
+  you own, do not share private or sensitive information, and don't break
+  the law.
+
+* Stay on topic: Make sure that you are posting to the correct channel and
+  avoid off-topic discussions. Remember when you update an issue or respond
+  to an email you are potentially sending to a large number of people. Please
+  consider this before you update. Also remember that nobody likes spam.
+
+* Don't send email to the maintainers: There's no need to send email to the
+  maintainers to ask them to investigate an issue or to take a look at a
+  pull request. Instead of sending an email, GitHub mentions should be
+  used to ping maintainers to review a pull request, a proposal or an
+  issue.
+
+### Guideline violations — 3 strikes method
+
+The point of this section is not to find opportunities to punish people, but we
+do need a fair way to deal with people who are making our community suck.
+
+1. First occurrence: We'll give you a friendly, but public reminder that the
+   behavior is inappropriate according to our guidelines.
+
+2. Second occurrence: We will send you a private message with a warning that
+   any additional violations will result in removal from the community.
+
+3. Third occurrence: Depending on the violation, we may need to delete or ban
+   your account.
+
+**Notes:**
+
+* Obvious spammers are banned on first occurrence. If we don't do this, we'll
+  have spam all over the place.
+
+* Violations are forgiven after 6 months of good behavior, and we won't hold a
+  grudge.
+
+* People who commit minor infractions will get some education, rather than
+  hammering them in the 3 strikes process.
+
+* The rules apply equally to everyone in the community, no matter how much
+        you've contributed.
+
+* Extreme violations of a threatening, abusive, destructive or illegal nature
+        will be addressed immediately and are not subject to 3 strikes or forgiveness.
+
+* Contact abuse@docker.com to report abuse or appeal violations. In the case of
+        appeals, we know that mistakes happen, and we'll work with you to come up with a
+        fair solution if there has been a misunderstanding.

Makefile

@@ -1,30 +1,56 @@
 CLI_DIR:=$(CURDIR)/components/cli
 ENGINE_DIR:=$(CURDIR)/components/engine
 PACKAGING_DIR:=$(CURDIR)/components/packaging
+MOBY_COMPONENTS_SHA=ab7c118272b02d8672dc0255561d0c4015979780
+MOBY_COMPONENTS_URL=https://raw.githubusercontent.com/shykes/moby-extras/$(MOBY_COMPONENTS_SHA)/cmd/moby-components
+MOBY_COMPONENTS=.helpers/moby-components-$(MOBY_COMPONENTS_SHA)
 VERSION=$(shell cat VERSION)
 
+.PHONY: help
 help: ## show make targets
 	@awk 'BEGIN {FS = ":.*?## "} /^[a-zA-Z_-]+:.*?## / {sub("\\\\n",sprintf("\n%22c"," "), $$2);printf " \033[36m%-20s\033[0m  %s\n", $$1, $$2}' $(MAKEFILE_LIST)
 
+.PHONY: test-integration-cli
 test-integration-cli: $(CLI_DIR)/build/docker ## test integration of cli and engine
 	$(MAKE) -C $(ENGINE_DIR) DOCKER_CLI_PATH=$< test-integration-cli
 
 $(CLI_DIR)/build/docker:
 	$(MAKE) -C $(CLI_DIR) -f docker.Makefile build
 
+.PHONY: deb
 deb: ## build deb packages
 	$(MAKE) VERSION=$(VERSION) CLI_DIR=$(CLI_DIR) ENGINE_DIR=$(ENGINE_DIR) -C $(PACKAGING_DIR) deb
 
+.PHONY: rpm
 rpm: ## build rpm packages
 	$(MAKE) VERSION=$(VERSION) CLI_DIR=$(CLI_DIR) ENGINE_DIR=$(ENGINE_DIR) -C $(PACKAGING_DIR) rpm
 
+.PHONY: static
 static: ## build static packages
 	$(MAKE) VERSION=$(VERSION) CLI_DIR=$(CLI_DIR) ENGINE_DIR=$(ENGINE_DIR) -C $(PACKAGING_DIR) static
 
+.PHONY: clean
 clean: ## clean the build artifacts
 	-$(MAKE) -C $(CLI_DIR) clean
 	-$(MAKE) -C $(ENGINE_DIR) clean
 	-$(MAKE) -C $(PACKAGING_DIR) clean
 
-vendor: $(CLI_DIR)/build/docker
-	docker run --rm -it -v $(CLI_DIR):/go/src/github.com/docker/cli -v $(ENGINE_DIR):/go/src/github.com/docker/docker docker-cli-dev sh -c 'cd /go/src/github.com/docker/docker && git init && git add . && git -c user.name=user -c user.email=email@example.com commit -m first && cd /go/src/github.com/docker/cli && vndr; rm -rf /go/src/github.com/docker/docker/.git'
+$(MOBY_COMPONENTS):
+	mkdir -p .helpers
+	curl -fsSL $(MOBY_COMPONENTS_URL) > $(MOBY_COMPONENTS)
+	chmod +x $(MOBY_COMPONENTS)
+
+.PHONY: update-components
+update-components: update-components-cli update-components-engine update-components-packaging ## udpate components using moby extra tool
+
+.PHONY: update-components-cli
+update-components-cli: $(MOBY_COMPONENTS)
+	$(MOBY_COMPONENTS) update cli
+
+.PHONY: update-components-engine
+update-components-engine: $(MOBY_COMPONENTS)
+	$(MOBY_COMPONENTS) update engine
+
+.PHONY: update-components-packaging
+update-components-packaging: $(MOBY_COMPONENTS)
+	$(MOBY_COMPONENTS) update packaging

VERSION

@@ -1 +1 @@
-17.07.0-ce-rc3
+17.11.0-ce-rc3

components/cli/.github/CODEOWNERS

@@ -1,6 +1,7 @@
-# Github code owners
+# GitHub code owners
 # See https://github.com/blog/2392-introducing-code-owners
 
+cli/command/stack/**        @dnephin @vdemeester
 cli/compose/**              @dnephin @vdemeester
 contrib/completion/bash/**  @albers
 contrib/completion/zsh/**   @sdurrheimer

components/cli/CONTRIBUTING.md

@@ -0,0 +1,365 @@
+# Contributing to Docker
+
+Want to hack on Docker? Awesome!  We have a contributor's guide that explains
+[setting up a Docker development environment and the contribution
+process](https://docs.docker.com/opensource/project/who-written-for/). 
+
+This page contains information about reporting issues as well as some tips and
+guidelines useful to experienced open source contributors. Finally, make sure
+you read our [community guidelines](#docker-community-guidelines) before you
+start participating.
+
+## Topics
+
+* [Reporting Security Issues](#reporting-security-issues)
+* [Design and Cleanup Proposals](#design-and-cleanup-proposals)
+* [Reporting Issues](#reporting-other-issues)
+* [Quick Contribution Tips and Guidelines](#quick-contribution-tips-and-guidelines)
+* [Community Guidelines](#docker-community-guidelines)
+
+## Reporting security issues
+
+The Docker maintainers take security seriously. If you discover a security
+issue, please bring it to their attention right away!
+
+Please **DO NOT** file a public issue, instead send your report privately to
+[security@docker.com](mailto:security@docker.com).
+
+Security reports are greatly appreciated and we will publicly thank you for it.
+We also like to send gifts—if you're into Docker schwag, make sure to let
+us know. We currently do not offer a paid security bounty program, but are not
+ruling it out in the future.
+
+
+## Reporting other issues
+
+A great way to contribute to the project is to send a detailed report when you
+encounter an issue. We always appreciate a well-written, thorough bug report,
+and will thank you for it!
+
+Check that [our issue database](https://github.com/docker/cli/issues)
+doesn't already include that problem or suggestion before submitting an issue.
+If you find a match, you can use the "subscribe" button to get notified on
+updates. Do *not* leave random "+1" or "I have this too" comments, as they
+only clutter the discussion, and don't help resolving it. However, if you
+have ways to reproduce the issue or have additional information that may help
+resolving the issue, please leave a comment.
+
+When reporting issues, always include:
+
+* The output of `docker version`.
+* The output of `docker info`.
+
+Also include the steps required to reproduce the problem if possible and
+applicable. This information will help us review and fix your issue faster.
+When sending lengthy log-files, consider posting them as a gist (https://gist.github.com).
+Don't forget to remove sensitive data from your logfiles before posting (you can
+replace those parts with "REDACTED").
+
+## Quick contribution tips and guidelines
+
+This section gives the experienced contributor some tips and guidelines.
+
+### Pull requests are always welcome
+
+Not sure if that typo is worth a pull request? Found a bug and know how to fix
+it? Do it! We will appreciate it. Any significant improvement should be
+documented as [a GitHub issue](https://github.com/docker/cli/issues) before
+anybody starts working on it.
+
+We are always thrilled to receive pull requests. We do our best to process them
+quickly. If your pull request is not accepted on the first try,
+don't get discouraged! Our contributor's guide explains [the review process we
+use for simple changes](https://docs.docker.com/opensource/workflow/make-a-contribution/).
+
+### Talking to other Docker users and contributors
+
+<table class="tg">
+  <col width="45%">
+  <col width="65%">
+  <tr>
+    <td>Forums</td>
+    <td>
+      A public forum for users to discuss questions and explore current design patterns and
+      best practices about Docker and related projects in the Docker Ecosystem. To participate,
+      just log in with your Docker Hub account on <a href="https://forums.docker.com" target="_blank">https://forums.docker.com</a>.
+    </td>
+  </tr>
+  <tr>
+    <td>Community Slack</td>
+    <td>
+      The Docker Community has a dedicated Slack chat to discuss features and issues.  You can sign-up <a href="https://community.docker.com/registrations/groups/4316" target="_blank">with this link</a>.
+    </td>
+  </tr>
+  <tr>
+    <td>Twitter</td>
+    <td>
+      You can follow <a href="https://twitter.com/docker/" target="_blank">Docker's Twitter feed</a>
+      to get updates on our products. You can also tweet us questions or just
+      share blogs or stories.
+    </td>
+  </tr>
+  <tr>
+    <td>Stack Overflow</td>
+    <td>
+      Stack Overflow has over 17000 Docker questions listed. We regularly
+      monitor <a href="https://stackoverflow.com/search?tab=newest&q=docker" target="_blank">Docker questions</a>
+      and so do many other knowledgeable Docker users.
+    </td>
+  </tr>
+</table>
+
+
+### Conventions
+
+Fork the repository and make changes on your fork in a feature branch:
+
+- If it's a bug fix branch, name it XXXX-something where XXXX is the number of
+    the issue. 
+- If it's a feature branch, create an enhancement issue to announce
+    your intentions, and name it XXXX-something where XXXX is the number of the
+    issue.
+
+Submit unit tests for your changes. Go has a great test framework built in; use
+it! Take a look at existing tests for inspiration. [Run the full test
+suite](README.md) on your branch before
+submitting a pull request.
+
+Update the documentation when creating or modifying features. Test your
+documentation changes for clarity, concision, and correctness, as well as a
+clean documentation build. See our contributors guide for [our style
+guide](https://docs.docker.com/opensource/doc-style) and instructions on [building
+the documentation](https://docs.docker.com/opensource/project/test-and-docs/#build-and-test-the-documentation).
+
+Write clean code. Universally formatted code promotes ease of writing, reading,
+and maintenance. Always run `gofmt -s -w file.go` on each changed file before
+committing your changes. Most editors have plug-ins that do this automatically.
+
+Pull request descriptions should be as clear as possible and include a reference
+to all the issues that they address.
+
+Commit messages must start with a capitalized and short summary (max. 50 chars)
+written in the imperative, followed by an optional, more detailed explanatory
+text which is separated from the summary by an empty line.
+
+Code review comments may be added to your pull request. Discuss, then make the
+suggested modifications and push additional commits to your feature branch. Post
+a comment after pushing. New commits show up in the pull request automatically,
+but the reviewers are notified only when you comment.
+
+Pull requests must be cleanly rebased on top of master without multiple branches
+mixed into the PR.
+
+**Git tip**: If your PR no longer merges cleanly, use `rebase master` in your
+feature branch to update your pull request rather than `merge master`.
+
+Before you make a pull request, squash your commits into logical units of work
+using `git rebase -i` and `git push -f`. A logical unit of work is a consistent
+set of patches that should be reviewed together: for example, upgrading the
+version of a vendored dependency and taking advantage of its now available new
+feature constitute two separate units of work. Implementing a new function and
+calling it in another file constitute a single logical unit of work. The very
+high majority of submissions should have a single commit, so if in doubt: squash
+down to one.
+
+After every commit, make sure the test suite passes. Include documentation
+changes in the same pull request so that a revert would remove all traces of
+the feature or fix.
+
+Include an issue reference like `Closes #XXXX` or `Fixes #XXXX` in the pull request
+description that close an issue. Including references automatically closes the issue
+on a merge.
+
+Please do not add yourself to the `AUTHORS` file, as it is regenerated regularly
+from the Git history.
+
+Please see the [Coding Style](#coding-style) for further guidelines.
+
+### Merge approval
+
+Docker maintainers use LGTM (Looks Good To Me) in comments on the code review to
+indicate acceptance.
+
+A change requires LGTMs from an absolute majority of the maintainers of each
+component affected. For example, if a change affects `docs/` and `registry/`, it
+needs an absolute majority from the maintainers of `docs/` AND, separately, an
+absolute majority of the maintainers of `registry/`.
+
+For more details, see the [MAINTAINERS](MAINTAINERS) page.
+
+### Sign your work
+
+The sign-off is a simple line at the end of the explanation for the patch. Your
+signature certifies that you wrote the patch or otherwise have the right to pass
+it on as an open-source patch. The rules are pretty simple: if you can certify
+the below (from [developercertificate.org](http://developercertificate.org/)):
+
+```
+Developer Certificate of Origin
+Version 1.1
+
+Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
+660 York Street, Suite 102,
+San Francisco, CA 94110 USA
+
+Everyone is permitted to copy and distribute verbatim copies of this
+license document, but changing it is not allowed.
+
+Developer's Certificate of Origin 1.1
+
+By making a contribution to this project, I certify that:
+
+(a) The contribution was created in whole or in part by me and I
+    have the right to submit it under the open source license
+    indicated in the file; or
+
+(b) The contribution is based upon previous work that, to the best
+    of my knowledge, is covered under an appropriate open source
+    license and I have the right under that license to submit that
+    work with modifications, whether created in whole or in part
+    by me, under the same open source license (unless I am
+    permitted to submit under a different license), as indicated
+    in the file; or
+
+(c) The contribution was provided directly to me by some other
+    person who certified (a), (b) or (c) and I have not modified
+    it.
+
+(d) I understand and agree that this project and the contribution
+    are public and that a record of the contribution (including all
+    personal information I submit with it, including my sign-off) is
+    maintained indefinitely and may be redistributed consistent with
+    this project or the open source license(s) involved.
+```
+
+Then you just add a line to every git commit message:
+
+    Signed-off-by: Joe Smith <joe.smith@email.com>
+
+Use your real name (sorry, no pseudonyms or anonymous contributions.)
+
+If you set your `user.name` and `user.email` git configs, you can sign your
+commit automatically with `git commit -s`.
+
+### How can I become a maintainer?
+
+The procedures for adding new maintainers are explained in the 
+global [MAINTAINERS](https://github.com/docker/opensource/blob/master/MAINTAINERS)
+file in the [https://github.com/docker/opensource/](https://github.com/docker/opensource/)
+repository.
+
+Don't forget: being a maintainer is a time investment. Make sure you
+will have time to make yourself available. You don't have to be a
+maintainer to make a difference on the project!
+
+## Docker community guidelines
+
+We want to keep the Docker community awesome, growing and collaborative. We need
+your help to keep it that way. To help with this we've come up with some general
+guidelines for the community as a whole:
+
+* Be nice: Be courteous, respectful and polite to fellow community members:
+  no regional, racial, gender, or other abuse will be tolerated. We like
+  nice people way better than mean ones!
+
+* Encourage diversity and participation: Make everyone in our community feel
+  welcome, regardless of their background and the extent of their
+  contributions, and do everything possible to encourage participation in
+  our community.
+
+* Keep it legal: Basically, don't get us in trouble. Share only content that
+  you own, do not share private or sensitive information, and don't break
+  the law.
+
+* Stay on topic: Make sure that you are posting to the correct channel and
+  avoid off-topic discussions. Remember when you update an issue or respond
+  to an email you are potentially sending to a large number of people. Please
+  consider this before you update. Also remember that nobody likes spam.
+
+* Don't send email to the maintainers: There's no need to send email to the
+  maintainers to ask them to investigate an issue or to take a look at a
+  pull request. Instead of sending an email, GitHub mentions should be
+  used to ping maintainers to review a pull request, a proposal or an
+  issue.
+
+### Guideline violations — 3 strikes method
+
+The point of this section is not to find opportunities to punish people, but we
+do need a fair way to deal with people who are making our community suck.
+
+1. First occurrence: We'll give you a friendly, but public reminder that the
+   behavior is inappropriate according to our guidelines.
+
+2. Second occurrence: We will send you a private message with a warning that
+   any additional violations will result in removal from the community.
+
+3. Third occurrence: Depending on the violation, we may need to delete or ban
+   your account.
+
+**Notes:**
+
+* Obvious spammers are banned on first occurrence. If we don't do this, we'll
+  have spam all over the place.
+
+* Violations are forgiven after 6 months of good behavior, and we won't hold a
+  grudge.
+
+* People who commit minor infractions will get some education, rather than
+  hammering them in the 3 strikes process.
+
+* The rules apply equally to everyone in the community, no matter how much
+    you've contributed.
+
+* Extreme violations of a threatening, abusive, destructive or illegal nature
+    will be addressed immediately and are not subject to 3 strikes or forgiveness.
+
+* Contact abuse@docker.com to report abuse or appeal violations. In the case of
+    appeals, we know that mistakes happen, and we'll work with you to come up with a
+    fair solution if there has been a misunderstanding.
+
+## Coding Style
+
+Unless explicitly stated, we follow all coding guidelines from the Go
+community. While some of these standards may seem arbitrary, they somehow seem
+to result in a solid, consistent codebase.
+
+It is possible that the code base does not currently comply with these
+guidelines. We are not looking for a massive PR that fixes this, since that
+goes against the spirit of the guidelines. All new contributions should make a
+best effort to clean up and make the code base better than they left it.
+Obviously, apply your best judgement. Remember, the goal here is to make the
+code base easier for humans to navigate and understand. Always keep that in
+mind when nudging others to comply.
+
+The rules:
+
+1. All code should be formatted with `gofmt -s`.
+2. All code should pass the default levels of
+   [`golint`](https://github.com/golang/lint).
+3. All code should follow the guidelines covered in [Effective
+   Go](http://golang.org/doc/effective_go.html) and [Go Code Review
+   Comments](https://github.com/golang/go/wiki/CodeReviewComments).
+4. Comment the code. Tell us the why, the history and the context.
+5. Document _all_ declarations and methods, even private ones. Declare
+   expectations, caveats and anything else that may be important. If a type
+   gets exported, having the comments already there will ensure it's ready.
+6. Variable name length should be proportional to its context and no longer.
+   `noCommaALongVariableNameLikeThisIsNotMoreClearWhenASimpleCommentWouldDo`.
+   In practice, short methods will have short variable names and globals will
+   have longer names.
+7. No underscores in package names. If you need a compound name, step back,
+   and re-examine why you need a compound name. If you still think you need a
+   compound name, lose the underscore.
+8. No utils or helpers packages. If a function is not general enough to
+   warrant its own package, it has not been written generally enough to be a
+   part of a util package. Just leave it unexported and well-documented.
+9. All tests should run with `go test` and outside tooling should not be
+   required. No, we don't need another unit testing framework. Assertion
+   packages are acceptable if they provide _real_ incremental value.
+10. Even though we call these "rules" above, they are actually just
+    guidelines. Since you've read all the rules, you now know that.
+
+If you are having trouble getting into the mood of idiomatic Go, we recommend
+reading through [Effective Go](https://golang.org/doc/effective_go.html). The
+[Go Blog](https://blog.golang.org) is also a great resource. Drinking the
+kool-aid is a lot easier than going thirsty.

components/cli/Jenkinsfile

@@ -0,0 +1,12 @@
+wrappedNode(label: 'linux && x86_64', cleanWorkspace: true) {
+  timeout(time: 60, unit: 'MINUTES') {
+    stage "Git Checkout"
+    checkout scm
+
+    stage "Run end-to-end test suite"
+    sh "docker version"
+    sh "E2E_UNIQUE_ID=clie2e${BUILD_NUMBER} \
+        IMAGE_TAG=clie2e${BUILD_NUMBER} \
+        make -f docker.Makefile test-e2e"
+  }
+}

components/cli/MAINTAINERS

@@ -27,6 +27,7 @@
 
 		people = [
 			"aaronlehmann",
+			"albers",
 			"aluzzardi",
 			"anusha",
 			"cpuguy83",
@@ -84,6 +85,11 @@
 	Email = "aaron.lehmann@docker.com"
 	GitHub = "aaronlehmann"
 
+	[people.albers]
+	Name = "Harald Albers"
+	Email = "github@albersweb.de"
+	GitHub = "albers"
+
 	[people.aluzzardi]
 	Name = "Andrea Luzzardi"
 	Email = "al@docker.com"
@@ -97,7 +103,7 @@
 	[people.cpuguy83]
 	Name = "Brian Goff"
 	Email = "cpuguy83@gmail.com"
-	Github = "cpuguy83"
+	GitHub = "cpuguy83"
 
 	[people.crosbymichael]
 	Name = "Michael Crosby"

components/cli/Makefile

@@ -3,64 +3,83 @@
 #
 all: binary
 
-# remove build artifacts
+
+_:=$(shell ./scripts/warn-outside-container $(MAKECMDGOALS))
+
 .PHONY: clean
-clean:
+clean: ## remove build artifacts
 	rm -rf ./build/* cli/winresources/rsrc_* ./man/man[1-9] docs/yaml/gen
 
-# run go test
-# the "-tags daemon" part is temporary
+.PHONY: test-unit
+test-unit: ## run unit test
+	./scripts/test/unit $(shell go list ./... | grep -vE '/vendor/|/e2e/')
+
 .PHONY: test
-test:
-	./scripts/test/unit $(shell go list ./... | grep -v '/vendor/')
+test: test-unit ## run tests
 
 .PHONY: test-coverage
-test-coverage:
-	./scripts/test/unit-with-coverage $(shell go list ./... | grep -v '/vendor/')
+test-coverage: ## run test coverage
+	./scripts/test/unit-with-coverage $(shell go list ./... | grep -vE '/vendor/|/e2e/')
 
 .PHONY: lint
-lint:
+lint: ## run all the lint tools
 	gometalinter --config gometalinter.json ./...
 
 .PHONY: binary
-binary:
+binary: ## build executable for Linux
 	@echo "WARNING: binary creates a Linux executable. Use cross for macOS or Windows."
 	./scripts/build/binary
 
 .PHONY: cross
-cross:
+cross: ## build executable for macOS and Windows
 	./scripts/build/cross
 
+.PHONY: binary-windows
+binary-windows: ## build executable for Windows
+	./scripts/build/windows
+
+.PHONY: binary-osx
+binary-osx: ## build executable for macOS
+	./scripts/build/osx
+
 .PHONY: dynbinary
-dynbinary:
+dynbinary: ## build dynamically linked binary
 	./scripts/build/dynbinary
 
 .PHONY: watch
-watch:
+watch: ## monitor file changes and run go test
 	./scripts/test/watch
 
-# Check vendor matches vendor.conf
-vendor: vendor.conf
+vendor: vendor.conf ## check that vendor matches vendor.conf
 	vndr 2> /dev/null
 	scripts/validate/check-git-diff vendor
 
-## generate man pages from go source and markdown
 .PHONY: manpages
-manpages:
+manpages: ## generate man pages from go source and markdown
 	scripts/docs/generate-man.sh
 
-## generate documentation YAML files consumed by docs repo
 .PHONY: yamldocs
-yamldocs:
+yamldocs: ## generate documentation YAML files consumed by docs repo
 	scripts/docs/generate-yaml.sh
 
-## Shellcheck validation
 .PHONY: shellcheck
-shellcheck:
+shellcheck: ## run shellcheck validation
 	scripts/validate/shellcheck
 
+.PHONY: help
+help: ## print this help
+	@awk 'BEGIN {FS = ":.*?## "} /^[a-zA-Z_-]+:.*?## / {sub("\\\\n",sprintf("\n%22c"," "), $$2);printf "\033[36m%-20s\033[0m %s\n", $$1, $$2}' $(MAKEFILE_LIST)
+
+
 cli/compose/schema/bindata.go: cli/compose/schema/data/*.json
 	go generate github.com/docker/cli/cli/compose/schema
 
 compose-jsonschema: cli/compose/schema/bindata.go
 	scripts/validate/check-git-diff cli/compose/schema/bindata.go
+
+.PHONY: ci-validate
+ci-validate:
+	time make -B vendor
+	time make -B compose-jsonschema
+	time make manpages
+	time make yamldocs

components/cli/README.md

@@ -1,4 +1,4 @@
-[![build status](https://circleci.com/gh/docker/cli.svg?style=shield)](https://circleci.com/gh/docker/cli/tree/master)
+[![build status](https://circleci.com/gh/docker/cli.svg?style=shield)](https://circleci.com/gh/docker/cli/tree/master) [![Build Status](https://jenkins.dockerproject.org/job/docker/job/cli/job/master/badge/icon)](https://jenkins.dockerproject.org/job/docker/job/cli/job/master/)
 
 docker/cli
 ==========
@@ -29,6 +29,12 @@ Run all linting:
 $ make -f docker.Makefile lint
 ```
 
+List all the available targets:
+
+```
+$ make help
+```
+
 ### In-container development environment
 
 Start an interactive development environment:

components/cli/TESTING.md

@@ -0,0 +1,87 @@
+# Testing
+
+The following guidelines summarize the testing policy for docker/cli.
+
+## Unit Test Suite
+
+All code changes should have unit test coverage.
+
+Error cases should be tested with unit tests.
+
+Bug fixes should be covered by new unit tests or additional assertions in
+existing unit tests.
+
+### Details
+
+The unit test suite follows the standard Go testing convention. Tests are
+located in the package directory in `_test.go` files.
+
+Unit tests should be named using the convention:
+
+```
+Test<Function Name><Test Case Name>
+```
+
+[Table tests](https://github.com/golang/go/wiki/TableDrivenTests) should be used
+where appropriate, but may not be appropriate in all cases.
+
+Assertions should be made using
+[testify/assert](https://godoc.org/github.com/stretchr/testify/assert) and test
+requirements should be verified using
+[testify/require](https://godoc.org/github.com/stretchr/testify/require).
+
+Fakes, and testing utilities can be found in
+[internal/test](https://godoc.org/github.com/docker/cli/internal/test) and
+[gotestyourself](https://godoc.org/github.com/gotestyourself/gotestyourself).
+
+## End-to-End Test Suite
+
+The end-to-end test suite tests a cli binary against a real API backend.
+
+### Guidelines
+
+Each feature (subcommand) should have a single end-to-end test for 
+the success case. The test should include all (or most) flags/options supported
+by that feature.
+
+In some rare cases a couple additional end-to-end tests may be written for a
+sufficiently complex and critical feature (ex: `container run`, `service 
+create`, `service update`, and `docker build` may have ~3-5 cases each).
+
+In some rare cases a sufficiently critical error paths may have a single
+end-to-end test case.
+
+In all other cases the behaviour should be covered by unit tests.
+
+If a code change adds a new flag, that flag should be added to the existing 
+"success case" end-to-end test.
+
+If a code change fixes a bug, that bug fix should be covered either by adding 
+assertions to the existing end-to-end test, or with one or more unit test.
+
+### Details
+
+The end-to-end test suite is located in
+[./e2e](https://github.com/docker/cli/tree/master/e2e). Each directory in `e2e`
+corresponds to a directory in `cli/command` and contains the tests for that
+subcommand. Files in each directory should be named `<command>_test.go` where
+command is the basename of the command (ex: the test for `docker stack deploy`
+is found in `e2e/stack/deploy_test.go`).
+
+Tests should be named using the convention:
+
+```
+Test<Command Basename>[<Test Case Name>]
+```
+
+where the test case name is only required when there are multiple test cases for
+a single command.
+
+End-to-end test should run the `docker` binary using
+[gotestyourself/icmd](https://godoc.org/github.com/gotestyourself/gotestyourself/icmd)
+and make assertions about the exit code, stdout, stderr, and local file system.
+
+Any Docker image or registry operations should use `registry:5000/<image name>`
+to communicate with the local instance of the Docker registry. To load 
+additional fixture images to the registry see
+[scripts/test/e2e/run](https://github.com/docker/cli/blob/master/scripts/test/e2e/run).

components/cli/VERSION

@@ -1 +1 @@
-17.07.0-ce-rc3
+17.11.0-ce-rc3

components/cli/circle.yml

@@ -71,7 +71,8 @@ jobs:
                 test-$CIRCLE_BUILD_NUM:/go/src/github.com/docker/cli/coverage.txt \
                 coverage.txt
             apk add -U bash curl
-            curl -s https://codecov.io/bash | bash
+            curl -s https://codecov.io/bash | bash || \
+                echo 'Codecov failed to upload'
 
   validate:
     working_directory: /work
@@ -89,7 +90,7 @@ jobs:
             rm -f .dockerignore # include .git
             docker build -f $dockerfile --tag cli-builder-with-git:$CIRCLE_BUILD_NUM .
             docker run --rm cli-builder-with-git:$CIRCLE_BUILD_NUM \
-                make -B vendor compose-jsonschema manpages yamldocs
+                make ci-validate
   shellcheck:
     working_directory: /work
     docker: [{image: 'docker:17.06-git'}]
@@ -103,7 +104,7 @@ jobs:
             echo "COPY . ." >> $dockerfile
             docker build -f $dockerfile --tag cli-validator:$CIRCLE_BUILD_NUM .
             docker run --rm cli-validator:$CIRCLE_BUILD_NUM \
-                make -B shellcheck
+                make shellcheck
 workflows:
   version: 2
   ci:

components/cli/cli/cobra.go

@@ -17,6 +17,7 @@ func SetupRootCommand(rootCmd *cobra.Command) {
 	cobra.AddTemplateFunc("operationSubCommands", operationSubCommands)
 	cobra.AddTemplateFunc("managementSubCommands", managementSubCommands)
 	cobra.AddTemplateFunc("wrappedFlagUsages", wrappedFlagUsages)
+	cobra.AddTemplateFunc("useLine", UseLine)
 
 	rootCmd.SetUsageTemplate(usageTemplate)
 	rootCmd.SetHelpTemplate(helpTemplate)
@@ -25,6 +26,7 @@ func SetupRootCommand(rootCmd *cobra.Command) {
 
 	rootCmd.PersistentFlags().BoolP("help", "h", false, "Print usage")
 	rootCmd.PersistentFlags().MarkShorthandDeprecated("help", "please use --help")
+	rootCmd.PersistentFlags().Lookup("help").Hidden = true
 }
 
 // FlagErrorFunc prints an error message which matches the format of the
@@ -97,9 +99,19 @@ func managementSubCommands(cmd *cobra.Command) []*cobra.Command {
 	return cmds
 }
 
+// UseLine returns the usage line for a command. This implementation is different
+// from the default Command.UseLine in that it does not add a `[flags]` to the
+// end of the line.
+func UseLine(cmd *cobra.Command) string {
+	if cmd.HasParent() {
+		return cmd.Parent().CommandPath() + " " + cmd.Use
+	}
+	return cmd.Use
+}
+
 var usageTemplate = `Usage:
 
-{{- if not .HasSubCommands}}	{{.UseLine}}{{end}}
+{{- if not .HasSubCommands}}	{{ useLine . }}{{end}}
 {{- if .HasSubCommands}}	{{ .CommandPath}} COMMAND{{end}}
 
 {{ .Short | trim }}

components/cli/cli/command/checkpoint/cmd.go

@@ -9,11 +9,11 @@ import (
 // NewCheckpointCommand returns the `checkpoint` subcommand (only in experimental)
 func NewCheckpointCommand(dockerCli command.Cli) *cobra.Command {
 	cmd := &cobra.Command{
-		Use:   "checkpoint",
-		Short: "Manage checkpoints",
-		Args:  cli.NoArgs,
-		RunE:  command.ShowHelp(dockerCli.Err()),
-		Tags:  map[string]string{"experimental": "", "version": "1.25"},
+		Use:         "checkpoint",
+		Short:       "Manage checkpoints",
+		Args:        cli.NoArgs,
+		RunE:        command.ShowHelp(dockerCli.Err()),
+		Annotations: map[string]string{"experimental": "", "version": "1.25"},
 	}
 	cmd.AddCommand(
 		newCreateCommand(dockerCli),

components/cli/cli/command/checkpoint/create_test.go

@@ -5,9 +5,9 @@ import (
 	"strings"
 	"testing"
 
-	"github.com/docker/cli/cli/internal/test"
+	"github.com/docker/cli/internal/test"
+	"github.com/docker/cli/internal/test/testutil"
 	"github.com/docker/docker/api/types"
-	"github.com/docker/docker/pkg/testutil"
 	"github.com/pkg/errors"
 	"github.com/stretchr/testify/assert"
 )
@@ -20,11 +20,11 @@ func TestCheckpointCreateErrors(t *testing.T) {
 	}{
 		{
 			args:          []string{"too-few-arguments"},
-			expectedError: "requires exactly 2 argument(s)",
+			expectedError: "requires exactly 2 arguments",
 		},
 		{
 			args:          []string{"too", "many", "arguments"},
-			expectedError: "requires exactly 2 argument(s)",
+			expectedError: "requires exactly 2 arguments",
 		},
 		{
 			args: []string{"foo", "bar"},

components/cli/cli/command/checkpoint/list_test.go

@@ -1,14 +1,13 @@
 package checkpoint
 
 import (
-	"bytes"
 	"io/ioutil"
 	"testing"
 
-	"github.com/docker/cli/cli/internal/test"
+	"github.com/docker/cli/internal/test"
+	"github.com/docker/cli/internal/test/testutil"
 	"github.com/docker/docker/api/types"
-	"github.com/docker/docker/pkg/testutil"
-	"github.com/docker/docker/pkg/testutil/golden"
+	"github.com/gotestyourself/gotestyourself/golden"
 	"github.com/pkg/errors"
 	"github.com/stretchr/testify/assert"
 )
@@ -37,9 +36,9 @@ func TestCheckpointListErrors(t *testing.T) {
 	}
 
 	for _, tc := range testCases {
-		cli := test.NewFakeCliWithOutput(&fakeClient{
+		cli := test.NewFakeCli(&fakeClient{
 			checkpointListFunc: tc.checkpointListFunc,
-		}, &bytes.Buffer{})
+		})
 		cmd := newListCommand(cli)
 		cmd.SetArgs(tc.args)
 		cmd.SetOutput(ioutil.Discard)
@@ -49,8 +48,7 @@ func TestCheckpointListErrors(t *testing.T) {
 
 func TestCheckpointListWithOptions(t *testing.T) {
 	var containerID, checkpointDir string
-	buf := new(bytes.Buffer)
-	cli := test.NewFakeCliWithOutput(&fakeClient{
+	cli := test.NewFakeCli(&fakeClient{
 		checkpointListFunc: func(container string, options types.CheckpointListOptions) ([]types.Checkpoint, error) {
 			containerID = container
 			checkpointDir = options.CheckpointDir
@@ -58,14 +56,12 @@ func TestCheckpointListWithOptions(t *testing.T) {
 				{Name: "checkpoint-foo"},
 			}, nil
 		},
-	}, buf)
+	})
 	cmd := newListCommand(cli)
 	cmd.SetArgs([]string{"container-foo"})
 	cmd.Flags().Set("checkpoint-dir", "/dir/foo")
 	assert.NoError(t, cmd.Execute())
 	assert.Equal(t, "container-foo", containerID)
 	assert.Equal(t, "/dir/foo", checkpointDir)
-	actual := buf.String()
-	expected := golden.Get(t, []byte(actual), "checkpoint-list-with-options.golden")
-	testutil.EqualNormalizedString(t, testutil.RemoveSpace, actual, string(expected))
+	golden.Assert(t, cli.OutBuffer().String(), "checkpoint-list-with-options.golden")
 }

components/cli/cli/command/checkpoint/remove_test.go

@@ -1,13 +1,12 @@
 package checkpoint
 
 import (
-	"bytes"
 	"io/ioutil"
 	"testing"
 
-	"github.com/docker/cli/cli/internal/test"
+	"github.com/docker/cli/internal/test"
+	"github.com/docker/cli/internal/test/testutil"
 	"github.com/docker/docker/api/types"
-	"github.com/docker/docker/pkg/testutil"
 	"github.com/pkg/errors"
 	"github.com/stretchr/testify/assert"
 )
@@ -20,11 +19,11 @@ func TestCheckpointRemoveErrors(t *testing.T) {
 	}{
 		{
 			args:          []string{"too-few-arguments"},
-			expectedError: "requires exactly 2 argument(s)",
+			expectedError: "requires exactly 2 arguments",
 		},
 		{
 			args:          []string{"too", "many", "arguments"},
-			expectedError: "requires exactly 2 argument(s)",
+			expectedError: "requires exactly 2 arguments",
 		},
 		{
 			args: []string{"foo", "bar"},
@@ -36,9 +35,9 @@ func TestCheckpointRemoveErrors(t *testing.T) {
 	}
 
 	for _, tc := range testCases {
-		cli := test.NewFakeCliWithOutput(&fakeClient{
+		cli := test.NewFakeCli(&fakeClient{
 			checkpointDeleteFunc: tc.checkpointDeleteFunc,
-		}, &bytes.Buffer{})
+		})
 		cmd := newRemoveCommand(cli)
 		cmd.SetArgs(tc.args)
 		cmd.SetOutput(ioutil.Discard)
@@ -48,14 +47,14 @@ func TestCheckpointRemoveErrors(t *testing.T) {
 
 func TestCheckpointRemoveWithOptions(t *testing.T) {
 	var containerID, checkpointID, checkpointDir string
-	cli := test.NewFakeCliWithOutput(&fakeClient{
+	cli := test.NewFakeCli(&fakeClient{
 		checkpointDeleteFunc: func(container string, options types.CheckpointDeleteOptions) error {
 			containerID = container
 			checkpointID = options.CheckpointID
 			checkpointDir = options.CheckpointDir
 			return nil
 		},
-	}, &bytes.Buffer{})
+	})
 	cmd := newRemoveCommand(cli)
 	cmd.SetArgs([]string{"container-foo", "checkpoint-bar"})
 	cmd.Flags().Set("checkpoint-dir", "/dir/foo")

components/cli/cli/command/cli.go

@@ -12,14 +12,17 @@ import (
 	cliconfig "github.com/docker/cli/cli/config"
 	"github.com/docker/cli/cli/config/configfile"
 	cliflags "github.com/docker/cli/cli/flags"
+	"github.com/docker/cli/cli/trust"
 	dopts "github.com/docker/cli/opts"
 	"github.com/docker/docker/api"
 	"github.com/docker/docker/client"
 	"github.com/docker/go-connections/sockets"
 	"github.com/docker/go-connections/tlsconfig"
-	"github.com/docker/notary/passphrase"
 	"github.com/pkg/errors"
 	"github.com/spf13/cobra"
+	"github.com/theupdateframework/notary"
+	notaryclient "github.com/theupdateframework/notary/client"
+	"github.com/theupdateframework/notary/passphrase"
 	"golang.org/x/net/context"
 )
 
@@ -39,6 +42,7 @@ type Cli interface {
 	SetIn(in *InStream)
 	ConfigFile() *configfile.ConfigFile
 	ServerInfo() ServerInfo
+	NotaryClient(imgRefAndAuth trust.ImageRefAndAuth, actions []string) (notaryclient.Repository, error)
 }
 
 // DockerCli is an instance the docker command line client.
@@ -111,44 +115,58 @@ func (cli *DockerCli) Initialize(opts *cliflags.ClientOptions) error {
 	var err error
 	cli.client, err = NewAPIClientFromFlags(opts.Common, cli.configFile)
 	if tlsconfig.IsErrEncryptedKey(err) {
-		var (
-			passwd string
-			giveup bool
-		)
 		passRetriever := passphrase.PromptRetrieverWithInOut(cli.In(), cli.Out(), nil)
-
-		for attempts := 0; tlsconfig.IsErrEncryptedKey(err); attempts++ {
-			// some code and comments borrowed from notary/trustmanager/keystore.go
-			passwd, giveup, err = passRetriever("private", "encrypted TLS private", false, attempts)
-			// Check if the passphrase retriever got an error or if it is telling us to give up
-			if giveup || err != nil {
-				return errors.Wrap(err, "private key is encrypted, but could not get passphrase")
-			}
-
-			opts.Common.TLSOptions.Passphrase = passwd
-			cli.client, err = NewAPIClientFromFlags(opts.Common, cli.configFile)
+		newClient := func(password string) (client.APIClient, error) {
+			opts.Common.TLSOptions.Passphrase = password
+			return NewAPIClientFromFlags(opts.Common, cli.configFile)
 		}
+		cli.client, err = getClientWithPassword(passRetriever, newClient)
 	}
-
 	if err != nil {
 		return err
 	}
+	cli.initializeFromClient()
+	return nil
+}
 
+func (cli *DockerCli) initializeFromClient() {
 	cli.defaultVersion = cli.client.ClientVersion()
 
-	if ping, err := cli.client.Ping(context.Background()); err == nil {
-		cli.server = ServerInfo{
-			HasExperimental: ping.Experimental,
-			OSType:          ping.OSType,
-		}
-
-		cli.client.NegotiateAPIVersionPing(ping)
-	} else {
+	ping, err := cli.client.Ping(context.Background())
+	if err != nil {
 		// Default to true if we fail to connect to daemon
 		cli.server = ServerInfo{HasExperimental: true}
+
+		if ping.APIVersion != "" {
+			cli.client.NegotiateAPIVersionPing(ping)
+		}
+		return
 	}
 
-	return nil
+	cli.server = ServerInfo{
+		HasExperimental: ping.Experimental,
+		OSType:          ping.OSType,
+	}
+	cli.client.NegotiateAPIVersionPing(ping)
+}
+
+func getClientWithPassword(passRetriever notary.PassRetriever, newClient func(password string) (client.APIClient, error)) (client.APIClient, error) {
+	for attempts := 0; ; attempts++ {
+		passwd, giveup, err := passRetriever("private", "encrypted TLS private", false, attempts)
+		if giveup || err != nil {
+			return nil, errors.Wrap(err, "private key is encrypted, but could not get passphrase")
+		}
+
+		apiclient, err := newClient(passwd)
+		if !tlsconfig.IsErrEncryptedKey(err) {
+			return apiclient, err
+		}
+	}
+}
+
+// NotaryClient provides a Notary Repository to interact with signed metadata for an image
+func (cli *DockerCli) NotaryClient(imgRefAndAuth trust.ImageRefAndAuth, actions []string) (notaryclient.Repository, error) {
+	return trust.GetNotaryRepository(cli.In(), cli.Out(), UserAgent(), imgRefAndAuth.RepoInfo(), imgRefAndAuth.AuthConfig(), actions...)
 }
 
 // ServerInfo stores details about the supported features and platform of the
@@ -189,7 +207,8 @@ func NewAPIClientFromFlags(opts *cliflags.CommonOptions, configFile *configfile.
 	return client.NewClient(host, verStr, httpClient, customHeaders)
 }
 
-func getServerHost(hosts []string, tlsOptions *tlsconfig.Options) (host string, err error) {
+func getServerHost(hosts []string, tlsOptions *tlsconfig.Options) (string, error) {
+	var host string
 	switch len(hosts) {
 	case 0:
 		host = os.Getenv("DOCKER_HOST")
@@ -199,8 +218,7 @@ func getServerHost(hosts []string, tlsOptions *tlsconfig.Options) (host string,
 		return "", errors.New("Please specify only one -H")
 	}
 
-	host, err = dopts.ParseHost(tlsOptions != nil, host)
-	return
+	return dopts.ParseHost(tlsOptions != nil, host)
 }
 
 func newHTTPClient(host string, tlsOptions *tlsconfig.Options) (*http.Client, error) {

components/cli/cli/command/cli_test.go

@@ -0,0 +1,198 @@
+package command
+
+import (
+	"os"
+	"testing"
+
+	"crypto/x509"
+
+	"github.com/docker/cli/cli/config/configfile"
+	"github.com/docker/cli/cli/flags"
+	"github.com/docker/cli/internal/test/testutil"
+	"github.com/docker/docker/api"
+	"github.com/docker/docker/api/types"
+	"github.com/docker/docker/client"
+	"github.com/pkg/errors"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+	"golang.org/x/net/context"
+)
+
+func TestNewAPIClientFromFlags(t *testing.T) {
+	host := "unix://path"
+	opts := &flags.CommonOptions{Hosts: []string{host}}
+	configFile := &configfile.ConfigFile{
+		HTTPHeaders: map[string]string{
+			"My-Header": "Custom-Value",
+		},
+	}
+	apiclient, err := NewAPIClientFromFlags(opts, configFile)
+	require.NoError(t, err)
+	assert.Equal(t, host, apiclient.DaemonHost())
+
+	expectedHeaders := map[string]string{
+		"My-Header":  "Custom-Value",
+		"User-Agent": UserAgent(),
+	}
+	assert.Equal(t, expectedHeaders, apiclient.(*client.Client).CustomHTTPHeaders())
+	assert.Equal(t, api.DefaultVersion, apiclient.ClientVersion())
+}
+
+func TestNewAPIClientFromFlagsWithAPIVersionFromEnv(t *testing.T) {
+	customVersion := "v3.3.3"
+	defer patchEnvVariable(t, "DOCKER_API_VERSION", customVersion)()
+
+	opts := &flags.CommonOptions{}
+	configFile := &configfile.ConfigFile{}
+	apiclient, err := NewAPIClientFromFlags(opts, configFile)
+	require.NoError(t, err)
+	assert.Equal(t, customVersion, apiclient.ClientVersion())
+}
+
+// TODO: use gotestyourself/env.Patch
+func patchEnvVariable(t *testing.T, key, value string) func() {
+	oldValue, ok := os.LookupEnv(key)
+	require.NoError(t, os.Setenv(key, value))
+	return func() {
+		if !ok {
+			require.NoError(t, os.Unsetenv(key))
+			return
+		}
+		require.NoError(t, os.Setenv(key, oldValue))
+	}
+}
+
+type fakeClient struct {
+	client.Client
+	pingFunc   func() (types.Ping, error)
+	version    string
+	negotiated bool
+}
+
+func (c *fakeClient) Ping(_ context.Context) (types.Ping, error) {
+	return c.pingFunc()
+}
+
+func (c *fakeClient) ClientVersion() string {
+	return c.version
+}
+
+func (c *fakeClient) NegotiateAPIVersionPing(types.Ping) {
+	c.negotiated = true
+}
+
+func TestInitializeFromClient(t *testing.T) {
+	defaultVersion := "v1.55"
+
+	var testcases = []struct {
+		doc            string
+		pingFunc       func() (types.Ping, error)
+		expectedServer ServerInfo
+		negotiated     bool
+	}{
+		{
+			doc: "successful ping",
+			pingFunc: func() (types.Ping, error) {
+				return types.Ping{Experimental: true, OSType: "linux", APIVersion: "v1.30"}, nil
+			},
+			expectedServer: ServerInfo{HasExperimental: true, OSType: "linux"},
+			negotiated:     true,
+		},
+		{
+			doc: "failed ping, no API version",
+			pingFunc: func() (types.Ping, error) {
+				return types.Ping{}, errors.New("failed")
+			},
+			expectedServer: ServerInfo{HasExperimental: true},
+		},
+		{
+			doc: "failed ping, with API version",
+			pingFunc: func() (types.Ping, error) {
+				return types.Ping{APIVersion: "v1.33"}, errors.New("failed")
+			},
+			expectedServer: ServerInfo{HasExperimental: true},
+			negotiated:     true,
+		},
+	}
+
+	for _, testcase := range testcases {
+		t.Run(testcase.doc, func(t *testing.T) {
+			apiclient := &fakeClient{
+				pingFunc: testcase.pingFunc,
+				version:  defaultVersion,
+			}
+
+			cli := &DockerCli{client: apiclient}
+			cli.initializeFromClient()
+			assert.Equal(t, defaultVersion, cli.defaultVersion)
+			assert.Equal(t, testcase.expectedServer, cli.server)
+			assert.Equal(t, testcase.negotiated, apiclient.negotiated)
+		})
+	}
+}
+
+func TestGetClientWithPassword(t *testing.T) {
+	expected := "password"
+
+	var testcases = []struct {
+		doc             string
+		password        string
+		retrieverErr    error
+		retrieverGiveup bool
+		newClientErr    error
+		expectedErr     string
+	}{
+		{
+			doc:      "successful connect",
+			password: expected,
+		},
+		{
+			doc:             "password retriever exhausted",
+			retrieverGiveup: true,
+			retrieverErr:    errors.New("failed"),
+			expectedErr:     "private key is encrypted, but could not get passphrase",
+		},
+		{
+			doc:          "password retriever error",
+			retrieverErr: errors.New("failed"),
+			expectedErr:  "failed",
+		},
+		{
+			doc:          "newClient error",
+			newClientErr: errors.New("failed to connect"),
+			expectedErr:  "failed to connect",
+		},
+	}
+
+	for _, testcase := range testcases {
+		t.Run(testcase.doc, func(t *testing.T) {
+			passRetriever := func(_, _ string, _ bool, attempts int) (passphrase string, giveup bool, err error) {
+				// Always return an invalid pass first to test iteration
+				switch attempts {
+				case 0:
+					return "something else", false, nil
+				default:
+					return testcase.password, testcase.retrieverGiveup, testcase.retrieverErr
+				}
+			}
+
+			newClient := func(currentPassword string) (client.APIClient, error) {
+				if testcase.newClientErr != nil {
+					return nil, testcase.newClientErr
+				}
+				if currentPassword == expected {
+					return &client.Client{}, nil
+				}
+				return &client.Client{}, x509.IncorrectPasswordError
+			}
+
+			_, err := getClientWithPassword(passRetriever, newClient)
+			if testcase.expectedErr != "" {
+				testutil.ErrorContains(t, err, testcase.expectedErr)
+				return
+			}
+
+			assert.NoError(t, err)
+		})
+	}
+}

components/cli/cli/command/commands/commands.go

@@ -17,6 +17,7 @@ import (
 	"github.com/docker/cli/cli/command/stack"
 	"github.com/docker/cli/cli/command/swarm"
 	"github.com/docker/cli/cli/command/system"
+	"github.com/docker/cli/cli/command/trust"
 	"github.com/docker/cli/cli/command/volume"
 	"github.com/spf13/cobra"
 )
@@ -69,6 +70,9 @@ func AddCommands(cmd *cobra.Command, dockerCli *command.DockerCli) {
 		// swarm
 		swarm.NewSwarmCommand(dockerCli),
 
+		// trust
+		trust.NewTrustCommand(dockerCli),
+
 		// volume
 		volume.NewVolumeCommand(dockerCli),
 

components/cli/cli/command/config/cmd.go

@@ -8,14 +8,13 @@ import (
 )
 
 // NewConfigCommand returns a cobra command for `config` subcommands
-// nolint: interfacer
-func NewConfigCommand(dockerCli *command.DockerCli) *cobra.Command {
+func NewConfigCommand(dockerCli command.Cli) *cobra.Command {
 	cmd := &cobra.Command{
-		Use:   "config",
-		Short: "Manage Docker configs",
-		Args:  cli.NoArgs,
-		RunE:  command.ShowHelp(dockerCli.Err()),
-		Tags:  map[string]string{"version": "1.30"},
+		Use:         "config",
+		Short:       "Manage Docker configs",
+		Args:        cli.NoArgs,
+		RunE:        command.ShowHelp(dockerCli.Err()),
+		Annotations: map[string]string{"version": "1.30"},
 	}
 	cmd.AddCommand(
 		newConfigListCommand(dockerCli),

components/cli/cli/command/config/create_test.go

@@ -7,11 +7,11 @@ import (
 	"strings"
 	"testing"
 
-	"github.com/docker/cli/cli/internal/test"
+	"github.com/docker/cli/internal/test"
+	"github.com/docker/cli/internal/test/testutil"
 	"github.com/docker/docker/api/types"
 	"github.com/docker/docker/api/types/swarm"
-	"github.com/docker/docker/pkg/testutil"
-	"github.com/docker/docker/pkg/testutil/golden"
+	"github.com/gotestyourself/gotestyourself/golden"
 	"github.com/pkg/errors"
 	"github.com/stretchr/testify/assert"
 )
@@ -26,10 +26,10 @@ func TestConfigCreateErrors(t *testing.T) {
 	}{
 		{
 			args:          []string{"too_few"},
-			expectedError: "requires exactly 2 argument(s)",
+			expectedError: "requires exactly 2 arguments",
 		},
 		{args: []string{"too", "many", "arguments"},
-			expectedError: "requires exactly 2 argument(s)",
+			expectedError: "requires exactly 2 arguments",
 		},
 		{
 			args: []string{"name", filepath.Join("testdata", configDataFile)},
@@ -71,8 +71,7 @@ func TestConfigCreateWithName(t *testing.T) {
 	cmd := newConfigCreateCommand(cli)
 	cmd.SetArgs([]string{name, filepath.Join("testdata", configDataFile)})
 	assert.NoError(t, cmd.Execute())
-	expected := golden.Get(t, actual, configDataFile)
-	assert.Equal(t, string(expected), string(actual))
+	golden.Assert(t, string(actual), configDataFile)
 	assert.Equal(t, "ID-"+name, strings.TrimSpace(cli.OutBuffer().String()))
 }
 

components/cli/cli/command/config/inspect_test.go

@@ -1,19 +1,18 @@
 package config
 
 import (
-	"bytes"
 	"fmt"
 	"io/ioutil"
 	"testing"
 	"time"
 
-	"github.com/docker/cli/cli/internal/test"
+	"github.com/docker/cli/internal/test"
 	"github.com/docker/docker/api/types/swarm"
 	"github.com/pkg/errors"
 	// Import builders to get the builder function as package function
-	. "github.com/docker/cli/cli/internal/test/builders"
-	"github.com/docker/docker/pkg/testutil"
-	"github.com/docker/docker/pkg/testutil/golden"
+	. "github.com/docker/cli/internal/test/builders"
+	"github.com/docker/cli/internal/test/testutil"
+	"github.com/gotestyourself/gotestyourself/golden"
 	"github.com/stretchr/testify/assert"
 )
 
@@ -53,11 +52,10 @@ func TestConfigInspectErrors(t *testing.T) {
 		},
 	}
 	for _, tc := range testCases {
-		buf := new(bytes.Buffer)
 		cmd := newConfigInspectCommand(
-			test.NewFakeCliWithOutput(&fakeClient{
+			test.NewFakeCli(&fakeClient{
 				configInspectFunc: tc.configInspectFunc,
-			}, buf),
+			}),
 		)
 		cmd.SetArgs(tc.args)
 		for key, value := range tc.flags {
@@ -95,17 +93,11 @@ func TestConfigInspectWithoutFormat(t *testing.T) {
 		},
 	}
 	for _, tc := range testCases {
-		buf := new(bytes.Buffer)
-		cmd := newConfigInspectCommand(
-			test.NewFakeCliWithOutput(&fakeClient{
-				configInspectFunc: tc.configInspectFunc,
-			}, buf),
-		)
+		cli := test.NewFakeCli(&fakeClient{configInspectFunc: tc.configInspectFunc})
+		cmd := newConfigInspectCommand(cli)
 		cmd.SetArgs(tc.args)
 		assert.NoError(t, cmd.Execute())
-		actual := buf.String()
-		expected := golden.Get(t, []byte(actual), fmt.Sprintf("config-inspect-without-format.%s.golden", tc.name))
-		testutil.EqualNormalizedString(t, testutil.RemoveSpace, actual, string(expected))
+		golden.Assert(t, cli.OutBuffer().String(), fmt.Sprintf("config-inspect-without-format.%s.golden", tc.name))
 	}
 }
 
@@ -135,18 +127,14 @@ func TestConfigInspectWithFormat(t *testing.T) {
 		},
 	}
 	for _, tc := range testCases {
-		buf := new(bytes.Buffer)
-		cmd := newConfigInspectCommand(
-			test.NewFakeCliWithOutput(&fakeClient{
-				configInspectFunc: tc.configInspectFunc,
-			}, buf),
-		)
+		cli := test.NewFakeCli(&fakeClient{
+			configInspectFunc: tc.configInspectFunc,
+		})
+		cmd := newConfigInspectCommand(cli)
 		cmd.SetArgs(tc.args)
 		cmd.Flags().Set("format", tc.format)
 		assert.NoError(t, cmd.Execute())
-		actual := buf.String()
-		expected := golden.Get(t, []byte(actual), fmt.Sprintf("config-inspect-with-format.%s.golden", tc.name))
-		testutil.EqualNormalizedString(t, testutil.RemoveSpace, actual, string(expected))
+		golden.Assert(t, cli.OutBuffer().String(), fmt.Sprintf("config-inspect-with-format.%s.golden", tc.name))
 	}
 }
 
@@ -172,16 +160,14 @@ func TestConfigInspectPretty(t *testing.T) {
 		},
 	}
 	for _, tc := range testCases {
-		buf := new(bytes.Buffer)
-		cmd := newConfigInspectCommand(
-			test.NewFakeCliWithOutput(&fakeClient{
-				configInspectFunc: tc.configInspectFunc,
-			}, buf))
+		cli := test.NewFakeCli(&fakeClient{
+			configInspectFunc: tc.configInspectFunc,
+		})
+		cmd := newConfigInspectCommand(cli)
+
 		cmd.SetArgs([]string{"configID"})
 		cmd.Flags().Set("pretty", "true")
 		assert.NoError(t, cmd.Execute())
-		actual := buf.String()
-		expected := golden.Get(t, []byte(actual), fmt.Sprintf("config-inspect-pretty.%s.golden", tc.name))
-		testutil.EqualNormalizedString(t, testutil.RemoveSpace, actual, string(expected))
+		golden.Assert(t, cli.OutBuffer().String(), fmt.Sprintf("config-inspect-pretty.%s.golden", tc.name))
 	}
 }

components/cli/cli/command/config/ls.go

@@ -1,15 +1,27 @@
 package config
 
 import (
+	"sort"
+
 	"github.com/docker/cli/cli"
 	"github.com/docker/cli/cli/command"
 	"github.com/docker/cli/cli/command/formatter"
 	"github.com/docker/cli/opts"
 	"github.com/docker/docker/api/types"
+	"github.com/docker/docker/api/types/swarm"
 	"github.com/spf13/cobra"
 	"golang.org/x/net/context"
+	"vbom.ml/util/sortorder"
 )
 
+type byConfigName []swarm.Config
+
+func (r byConfigName) Len() int      { return len(r) }
+func (r byConfigName) Swap(i, j int) { r[i], r[j] = r[j], r[i] }
+func (r byConfigName) Less(i, j int) bool {
+	return sortorder.NaturalLess(r[i].Spec.Name, r[j].Spec.Name)
+}
+
 type listOptions struct {
 	quiet  bool
 	format string
@@ -55,6 +67,8 @@ func runConfigList(dockerCli command.Cli, options listOptions) error {
 		}
 	}
 
+	sort.Sort(byConfigName(configs))
+
 	configCtx := formatter.Context{
 		Output: dockerCli.Out(),
 		Format: formatter.NewConfigFormat(format, options.quiet),

components/cli/cli/command/config/ls_test.go

@@ -6,14 +6,14 @@ import (
 	"time"
 
 	"github.com/docker/cli/cli/config/configfile"
-	"github.com/docker/cli/cli/internal/test"
+	"github.com/docker/cli/internal/test"
 	"github.com/docker/docker/api/types"
 	"github.com/docker/docker/api/types/swarm"
 	"github.com/pkg/errors"
 	// Import builders to get the builder function as package function
-	. "github.com/docker/cli/cli/internal/test/builders"
-	"github.com/docker/docker/pkg/testutil"
-	"github.com/docker/docker/pkg/testutil/golden"
+	. "github.com/docker/cli/internal/test/builders"
+	"github.com/docker/cli/internal/test/testutil"
+	"github.com/gotestyourself/gotestyourself/golden"
 	"github.com/stretchr/testify/assert"
 )
 
@@ -50,14 +50,20 @@ func TestConfigList(t *testing.T) {
 	cli := test.NewFakeCli(&fakeClient{
 		configListFunc: func(options types.ConfigListOptions) ([]swarm.Config, error) {
 			return []swarm.Config{
-				*Config(ConfigID("ID-foo"),
-					ConfigName("foo"),
+				*Config(ConfigID("ID-1-foo"),
+					ConfigName("1-foo"),
 					ConfigVersion(swarm.Version{Index: 10}),
 					ConfigCreatedAt(time.Now().Add(-2*time.Hour)),
 					ConfigUpdatedAt(time.Now().Add(-1*time.Hour)),
 				),
-				*Config(ConfigID("ID-bar"),
-					ConfigName("bar"),
+				*Config(ConfigID("ID-10-foo"),
+					ConfigName("10-foo"),
+					ConfigVersion(swarm.Version{Index: 11}),
+					ConfigCreatedAt(time.Now().Add(-2*time.Hour)),
+					ConfigUpdatedAt(time.Now().Add(-1*time.Hour)),
+				),
+				*Config(ConfigID("ID-2-foo"),
+					ConfigName("2-foo"),
 					ConfigVersion(swarm.Version{Index: 11}),
 					ConfigCreatedAt(time.Now().Add(-2*time.Hour)),
 					ConfigUpdatedAt(time.Now().Add(-1*time.Hour)),
@@ -66,11 +72,8 @@ func TestConfigList(t *testing.T) {
 		},
 	})
 	cmd := newConfigListCommand(cli)
-	cmd.SetOutput(cli.OutBuffer())
 	assert.NoError(t, cmd.Execute())
-	actual := cli.OutBuffer().String()
-	expected := golden.Get(t, []byte(actual), "config-list.golden")
-	testutil.EqualNormalizedString(t, testutil.RemoveSpace, actual, string(expected))
+	golden.Assert(t, cli.OutBuffer().String(), "config-list-sort.golden")
 }
 
 func TestConfigListWithQuietOption(t *testing.T) {
@@ -87,9 +90,7 @@ func TestConfigListWithQuietOption(t *testing.T) {
 	cmd := newConfigListCommand(cli)
 	cmd.Flags().Set("quiet", "true")
 	assert.NoError(t, cmd.Execute())
-	actual := cli.OutBuffer().String()
-	expected := golden.Get(t, []byte(actual), "config-list-with-quiet-option.golden")
-	testutil.EqualNormalizedString(t, testutil.RemoveSpace, actual, string(expected))
+	golden.Assert(t, cli.OutBuffer().String(), "config-list-with-quiet-option.golden")
 }
 
 func TestConfigListWithConfigFormat(t *testing.T) {
@@ -108,9 +109,7 @@ func TestConfigListWithConfigFormat(t *testing.T) {
 	})
 	cmd := newConfigListCommand(cli)
 	assert.NoError(t, cmd.Execute())
-	actual := cli.OutBuffer().String()
-	expected := golden.Get(t, []byte(actual), "config-list-with-config-format.golden")
-	testutil.EqualNormalizedString(t, testutil.RemoveSpace, actual, string(expected))
+	golden.Assert(t, cli.OutBuffer().String(), "config-list-with-config-format.golden")
 }
 
 func TestConfigListWithFormat(t *testing.T) {
@@ -127,9 +126,7 @@ func TestConfigListWithFormat(t *testing.T) {
 	cmd := newConfigListCommand(cli)
 	cmd.Flags().Set("format", "{{ .Name }} {{ .Labels }}")
 	assert.NoError(t, cmd.Execute())
-	actual := cli.OutBuffer().String()
-	expected := golden.Get(t, []byte(actual), "config-list-with-format.golden")
-	testutil.EqualNormalizedString(t, testutil.RemoveSpace, actual, string(expected))
+	golden.Assert(t, cli.OutBuffer().String(), "config-list-with-format.golden")
 }
 
 func TestConfigListWithFilter(t *testing.T) {
@@ -157,7 +154,5 @@ func TestConfigListWithFilter(t *testing.T) {
 	cmd.Flags().Set("filter", "name=foo")
 	cmd.Flags().Set("filter", "label=lbl1=Label-bar")
 	assert.NoError(t, cmd.Execute())
-	actual := cli.OutBuffer().String()
-	expected := golden.Get(t, []byte(actual), "config-list-with-filter.golden")
-	testutil.EqualNormalizedString(t, testutil.RemoveSpace, actual, string(expected))
+	golden.Assert(t, cli.OutBuffer().String(), "config-list-with-filter.golden")
 }

components/cli/cli/command/config/remove_test.go

@@ -1,13 +1,12 @@
 package config
 
 import (
-	"bytes"
 	"io/ioutil"
 	"strings"
 	"testing"
 
-	"github.com/docker/cli/cli/internal/test"
-	"github.com/docker/docker/pkg/testutil"
+	"github.com/docker/cli/internal/test"
+	"github.com/docker/cli/internal/test/testutil"
 	"github.com/pkg/errors"
 	"github.com/stretchr/testify/assert"
 )
@@ -20,7 +19,7 @@ func TestConfigRemoveErrors(t *testing.T) {
 	}{
 		{
 			args:          []string{},
-			expectedError: "requires at least 1 argument(s).",
+			expectedError: "requires at least 1 argument.",
 		},
 		{
 			args: []string{"foo"},
@@ -31,11 +30,10 @@ func TestConfigRemoveErrors(t *testing.T) {
 		},
 	}
 	for _, tc := range testCases {
-		buf := new(bytes.Buffer)
 		cmd := newConfigRemoveCommand(
-			test.NewFakeCliWithOutput(&fakeClient{
+			test.NewFakeCli(&fakeClient{
 				configRemoveFunc: tc.configRemoveFunc,
-			}, buf),
+			}),
 		)
 		cmd.SetArgs(tc.args)
 		cmd.SetOutput(ioutil.Discard)
@@ -45,27 +43,25 @@ func TestConfigRemoveErrors(t *testing.T) {
 
 func TestConfigRemoveWithName(t *testing.T) {
 	names := []string{"foo", "bar"}
-	buf := new(bytes.Buffer)
 	var removedConfigs []string
-	cli := test.NewFakeCliWithOutput(&fakeClient{
+	cli := test.NewFakeCli(&fakeClient{
 		configRemoveFunc: func(name string) error {
 			removedConfigs = append(removedConfigs, name)
 			return nil
 		},
-	}, buf)
+	})
 	cmd := newConfigRemoveCommand(cli)
 	cmd.SetArgs(names)
 	assert.NoError(t, cmd.Execute())
-	assert.Equal(t, names, strings.Split(strings.TrimSpace(buf.String()), "\n"))
+	assert.Equal(t, names, strings.Split(strings.TrimSpace(cli.OutBuffer().String()), "\n"))
 	assert.Equal(t, names, removedConfigs)
 }
 
 func TestConfigRemoveContinueAfterError(t *testing.T) {
 	names := []string{"foo", "bar"}
-	buf := new(bytes.Buffer)
 	var removedConfigs []string
 
-	cli := test.NewFakeCliWithOutput(&fakeClient{
+	cli := test.NewFakeCli(&fakeClient{
 		configRemoveFunc: func(name string) error {
 			removedConfigs = append(removedConfigs, name)
 			if name == "foo" {
@@ -73,7 +69,7 @@ func TestConfigRemoveContinueAfterError(t *testing.T) {
 			}
 			return nil
 		},
-	}, buf)
+	})
 
 	cmd := newConfigRemoveCommand(cli)
 	cmd.SetArgs(names)

components/cli/cli/command/config/testdata/config-inspect-pretty.simple.golden

@@ -1,8 +1,8 @@
-ID: configID
-Name: configName
+ID:			configID
+Name:			configName
 Labels:
-	- lbl1=value1
-Created at: 0001-01-01 00:00:00+0000 utc
-Updated at: 0001-01-01 00:00:00+0000 utc
+ - lbl1=value1
+Created at:            	0001-01-01 00:00:00 +0000 utc
+Updated at:            	0001-01-01 00:00:00 +0000 utc
 Data:
 payload here

components/cli/cli/command/config/testdata/config-inspect-without-format.multiple-configs-with-labels.golden

@@ -1,7 +1,7 @@
 [
     {
         "ID": "ID-foo",
-	"Version": {},
+        "Version": {},
         "CreatedAt": "0001-01-01T00:00:00Z",
         "UpdatedAt": "0001-01-01T00:00:00Z",
         "Spec": {
@@ -13,7 +13,7 @@
     },
     {
         "ID": "ID-bar",
-	"Version": {},
+        "Version": {},
         "CreatedAt": "0001-01-01T00:00:00Z",
         "UpdatedAt": "0001-01-01T00:00:00Z",
         "Spec": {

components/cli/cli/command/config/testdata/config-inspect-without-format.single-config.golden

@@ -1,9 +1,9 @@
 [
     {
         "ID": "ID-foo",
-	"Version": {},
-	"CreatedAt": "0001-01-01T00:00:00Z",
-	"UpdatedAt": "0001-01-01T00:00:00Z",
+        "Version": {},
+        "CreatedAt": "0001-01-01T00:00:00Z",
+        "UpdatedAt": "0001-01-01T00:00:00Z",
         "Spec": {
             "Name": "foo",
             "Labels": null

components/cli/cli/command/config/testdata/config-list-sort.golden

@@ -0,0 +1,4 @@
+ID                  NAME                CREATED             UPDATED
+ID-1-foo            1-foo               2 hours ago         About an hour ago
+ID-2-foo            2-foo               2 hours ago         About an hour ago
+ID-10-foo           10-foo              2 hours ago         About an hour ago

components/cli/cli/command/config/testdata/config-list-with-config-format.golden

@@ -1,2 +1,2 @@
-foo
 bar label=label-bar
+foo 

components/cli/cli/command/config/testdata/config-list-with-filter.golden

@@ -1,3 +1,3 @@
 ID                  NAME                CREATED             UPDATED
-ID-foo              foo                 2 hours ago         About an hour ago
 ID-bar              bar                 2 hours ago         About an hour ago
+ID-foo              foo                 2 hours ago         About an hour ago

components/cli/cli/command/config/testdata/config-list-with-format.golden

@@ -1,2 +1,2 @@
-foo
 bar label=label-bar
+foo 

components/cli/cli/command/config/testdata/config-list-with-quiet-option.golden

@@ -1,2 +1,2 @@
-ID-foo
 ID-bar
+ID-foo

components/cli/cli/command/config/testdata/config-list.golden

@@ -1,3 +0,0 @@
-ID                  NAME                CREATED             UPDATED
-ID-foo              foo                 2 hours ago         About an hour ago
-ID-bar              bar                 2 hours ago         About an hour ago

components/cli/cli/command/container/attach.go

@@ -4,13 +4,13 @@ import (
 	"io"
 	"net/http/httputil"
 
-	"github.com/Sirupsen/logrus"
 	"github.com/docker/cli/cli"
 	"github.com/docker/cli/cli/command"
 	"github.com/docker/docker/api/types"
 	"github.com/docker/docker/client"
 	"github.com/docker/docker/pkg/signal"
 	"github.com/pkg/errors"
+	"github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
 	"golang.org/x/net/context"
 )
@@ -120,18 +120,7 @@ func runAttach(dockerCli command.Cli, opts *attachOptions) error {
 	}
 
 	if c.Config.Tty && dockerCli.Out().IsTerminal() {
-		height, width := dockerCli.Out().GetTtySize()
-		// To handle the case where a user repeatedly attaches/detaches without resizing their
-		// terminal, the only way to get the shell prompt to display for attaches 2+ is to artificially
-		// resize it, then go back to normal. Without this, every attach after the first will
-		// require the user to manually resize or hit enter.
-		resizeTtyTo(ctx, client, opts.container, height+1, width+1, false)
-
-		// After the above resizing occurs, the call to MonitorTtySize below will handle resetting back
-		// to the actual size.
-		if err := MonitorTtySize(ctx, dockerCli, opts.container, false); err != nil {
-			logrus.Debugf("Error monitoring TTY size: %s", err)
-		}
+		resizeTTY(ctx, dockerCli, opts.container)
 	}
 
 	streamer := hijackedIOStreamer{
@@ -151,14 +140,36 @@ func runAttach(dockerCli command.Cli, opts *attachOptions) error {
 	if errAttach != nil {
 		return errAttach
 	}
+	return getExitStatus(ctx, dockerCli.Client(), opts.container)
+}
 
-	_, status, err := getExitCode(ctx, dockerCli, opts.container)
-	if err != nil {
-		return err
+func resizeTTY(ctx context.Context, dockerCli command.Cli, containerID string) {
+	height, width := dockerCli.Out().GetTtySize()
+	// To handle the case where a user repeatedly attaches/detaches without resizing their
+	// terminal, the only way to get the shell prompt to display for attaches 2+ is to artificially
+	// resize it, then go back to normal. Without this, every attach after the first will
+	// require the user to manually resize or hit enter.
+	resizeTtyTo(ctx, dockerCli.Client(), containerID, height+1, width+1, false)
+
+	// After the above resizing occurs, the call to MonitorTtySize below will handle resetting back
+	// to the actual size.
+	if err := MonitorTtySize(ctx, dockerCli, containerID, false); err != nil {
+		logrus.Debugf("Error monitoring TTY size: %s", err)
 	}
+}
+
+func getExitStatus(ctx context.Context, apiclient client.ContainerAPIClient, containerID string) error {
+	container, err := apiclient.ContainerInspect(ctx, containerID)
+	if err != nil {
+		// If we can't connect, then the daemon probably died.
+		if !client.IsErrConnectionFailed(err) {
+			return err
+		}
+		return cli.StatusError{StatusCode: -1}
+	}
+	status := container.State.ExitCode
 	if status != 0 {
 		return cli.StatusError{StatusCode: status}
 	}
-
 	return nil
 }

components/cli/cli/command/container/attach_test.go

@@ -4,10 +4,13 @@ import (
 	"io/ioutil"
 	"testing"
 
-	"github.com/docker/cli/cli/internal/test"
+	"github.com/docker/cli/cli"
+	"github.com/docker/cli/internal/test"
+	"github.com/docker/cli/internal/test/testutil"
 	"github.com/docker/docker/api/types"
-	"github.com/docker/docker/pkg/testutil"
 	"github.com/pkg/errors"
+	"github.com/stretchr/testify/assert"
+	"golang.org/x/net/context"
 )
 
 func TestNewAttachCommandErrors(t *testing.T) {
@@ -67,9 +70,48 @@ func TestNewAttachCommandErrors(t *testing.T) {
 		},
 	}
 	for _, tc := range testCases {
-		cmd := NewAttachCommand(test.NewFakeCli(&fakeClient{containerInspectFunc: tc.containerInspectFunc}))
+		cmd := NewAttachCommand(test.NewFakeCli(&fakeClient{inspectFunc: tc.containerInspectFunc}))
 		cmd.SetOutput(ioutil.Discard)
 		cmd.SetArgs(tc.args)
 		testutil.ErrorContains(t, cmd.Execute(), tc.expectedError)
 	}
 }
+
+func TestGetExitStatus(t *testing.T) {
+	containerID := "the exec id"
+	expecatedErr := errors.New("unexpected error")
+
+	testcases := []struct {
+		inspectError  error
+		exitCode      int
+		expectedError error
+	}{
+		{
+			inspectError: nil,
+			exitCode:     0,
+		},
+		{
+			inspectError:  expecatedErr,
+			expectedError: expecatedErr,
+		},
+		{
+			exitCode:      15,
+			expectedError: cli.StatusError{StatusCode: 15},
+		},
+	}
+
+	for _, testcase := range testcases {
+		client := &fakeClient{
+			inspectFunc: func(id string) (types.ContainerJSON, error) {
+				assert.Equal(t, containerID, id)
+				return types.ContainerJSON{
+					ContainerJSONBase: &types.ContainerJSONBase{
+						State: &types.ContainerState{ExitCode: testcase.exitCode},
+					},
+				}, testcase.inspectError
+			},
+		}
+		err := getExitStatus(context.Background(), client, containerID)
+		assert.Equal(t, testcase.expectedError, err)
+	}
+}

components/cli/cli/command/container/client_test.go

@@ -1,19 +1,73 @@
 package container
 
 import (
+	"io"
+
 	"github.com/docker/docker/api/types"
+	"github.com/docker/docker/api/types/container"
+	"github.com/docker/docker/api/types/network"
 	"github.com/docker/docker/client"
 	"golang.org/x/net/context"
 )
 
 type fakeClient struct {
 	client.Client
-	containerInspectFunc func(string) (types.ContainerJSON, error)
+	inspectFunc         func(string) (types.ContainerJSON, error)
+	execInspectFunc     func(execID string) (types.ContainerExecInspect, error)
+	execCreateFunc      func(container string, config types.ExecConfig) (types.IDResponse, error)
+	createContainerFunc func(config *container.Config, hostConfig *container.HostConfig, networkingConfig *network.NetworkingConfig, containerName string) (container.ContainerCreateCreatedBody, error)
+	imageCreateFunc     func(parentReference string, options types.ImageCreateOptions) (io.ReadCloser, error)
+	infoFunc            func() (types.Info, error)
 }
 
-func (cli *fakeClient) ContainerInspect(_ context.Context, containerID string) (types.ContainerJSON, error) {
-	if cli.containerInspectFunc != nil {
-		return cli.containerInspectFunc(containerID)
+func (f *fakeClient) ContainerInspect(_ context.Context, containerID string) (types.ContainerJSON, error) {
+	if f.inspectFunc != nil {
+		return f.inspectFunc(containerID)
 	}
 	return types.ContainerJSON{}, nil
 }
+
+func (f *fakeClient) ContainerExecCreate(_ context.Context, container string, config types.ExecConfig) (types.IDResponse, error) {
+	if f.execCreateFunc != nil {
+		return f.execCreateFunc(container, config)
+	}
+	return types.IDResponse{}, nil
+}
+
+func (f *fakeClient) ContainerExecInspect(_ context.Context, execID string) (types.ContainerExecInspect, error) {
+	if f.execInspectFunc != nil {
+		return f.execInspectFunc(execID)
+	}
+	return types.ContainerExecInspect{}, nil
+}
+
+func (f *fakeClient) ContainerExecStart(ctx context.Context, execID string, config types.ExecStartCheck) error {
+	return nil
+}
+
+func (f *fakeClient) ContainerCreate(
+	_ context.Context,
+	config *container.Config,
+	hostConfig *container.HostConfig,
+	networkingConfig *network.NetworkingConfig,
+	containerName string,
+) (container.ContainerCreateCreatedBody, error) {
+	if f.createContainerFunc != nil {
+		return f.createContainerFunc(config, hostConfig, networkingConfig, containerName)
+	}
+	return container.ContainerCreateCreatedBody{}, nil
+}
+
+func (f *fakeClient) ImageCreate(ctx context.Context, parentReference string, options types.ImageCreateOptions) (io.ReadCloser, error) {
+	if f.imageCreateFunc != nil {
+		return f.imageCreateFunc(parentReference, options)
+	}
+	return nil, nil
+}
+
+func (f *fakeClient) Info(_ context.Context) (types.Info, error) {
+	if f.infoFunc != nil {
+		return f.infoFunc()
+	}
+	return types.Info{}, nil
+}

components/cli/cli/command/container/cmd.go

@@ -7,8 +7,7 @@ import (
 )
 
 // NewContainerCommand returns a cobra command for `container` subcommands
-// nolint: interfacer
-func NewContainerCommand(dockerCli *command.DockerCli) *cobra.Command {
+func NewContainerCommand(dockerCli command.Cli) *cobra.Command {
 	cmd := &cobra.Command{
 		Use:   "container",
 		Short: "Manage containers",

components/cli/cli/command/container/commit.go

@@ -22,7 +22,7 @@ type commitOptions struct {
 }
 
 // NewCommitCommand creates a new cobra.Command for `docker commit`
-func NewCommitCommand(dockerCli *command.DockerCli) *cobra.Command {
+func NewCommitCommand(dockerCli command.Cli) *cobra.Command {
 	var options commitOptions
 
 	cmd := &cobra.Command{
@@ -51,7 +51,7 @@ func NewCommitCommand(dockerCli *command.DockerCli) *cobra.Command {
 	return cmd
 }
 
-func runCommit(dockerCli *command.DockerCli, options *commitOptions) error {
+func runCommit(dockerCli command.Cli, options *commitOptions) error {
 	ctx := context.Background()
 
 	name := options.container

components/cli/cli/command/container/cp.go

@@ -36,7 +36,7 @@ type cpConfig struct {
 }
 
 // NewCopyCommand creates a new `docker cp` command
-func NewCopyCommand(dockerCli *command.DockerCli) *cobra.Command {
+func NewCopyCommand(dockerCli command.Cli) *cobra.Command {
 	var opts copyOptions
 
 	cmd := &cobra.Command{
@@ -72,7 +72,7 @@ func NewCopyCommand(dockerCli *command.DockerCli) *cobra.Command {
 	return cmd
 }
 
-func runCopy(dockerCli *command.DockerCli, opts copyOptions) error {
+func runCopy(dockerCli command.Cli, opts copyOptions) error {
 	srcContainer, srcPath := splitCpArg(opts.source)
 	dstContainer, dstPath := splitCpArg(opts.destination)
 
@@ -104,7 +104,7 @@ func runCopy(dockerCli *command.DockerCli, opts copyOptions) error {
 	}
 }
 
-func statContainerPath(ctx context.Context, dockerCli *command.DockerCli, containerName, path string) (types.ContainerPathStat, error) {
+func statContainerPath(ctx context.Context, dockerCli command.Cli, containerName, path string) (types.ContainerPathStat, error) {
 	return dockerCli.Client().ContainerStatPath(ctx, containerName, path)
 }
 
@@ -113,10 +113,10 @@ func resolveLocalPath(localPath string) (absPath string, err error) {
 		return
 	}
 
-	return archive.PreserveTrailingDotOrSeparator(absPath, localPath), nil
+	return archive.PreserveTrailingDotOrSeparator(absPath, localPath, filepath.Separator), nil
 }
 
-func copyFromContainer(ctx context.Context, dockerCli *command.DockerCli, srcContainer, srcPath, dstPath string, cpParam *cpConfig) (err error) {
+func copyFromContainer(ctx context.Context, dockerCli command.Cli, srcContainer, srcPath, dstPath string, cpParam *cpConfig) (err error) {
 	if dstPath != "-" {
 		// Get an absolute destination path.
 		dstPath, err = resolveLocalPath(dstPath)
@@ -177,7 +177,7 @@ func copyFromContainer(ctx context.Context, dockerCli *command.DockerCli, srcCon
 	return archive.CopyTo(preArchive, srcInfo, dstPath)
 }
 
-func copyToContainer(ctx context.Context, dockerCli *command.DockerCli, srcPath, dstContainer, dstPath string, cpParam *cpConfig, copyUIDGID bool) (err error) {
+func copyToContainer(ctx context.Context, dockerCli command.Cli, srcPath, dstContainer, dstPath string, cpParam *cpConfig, copyUIDGID bool) (err error) {
 	if srcPath != "-" {
 		// Get an absolute source path.
 		srcPath, err = resolveLocalPath(srcPath)

components/cli/cli/command/container/create.go

@@ -113,6 +113,9 @@ type cidFile struct {
 }
 
 func (cid *cidFile) Close() error {
+	if cid.file == nil {
+		return nil
+	}
 	cid.file.Close()
 
 	if cid.written {
@@ -126,6 +129,9 @@ func (cid *cidFile) Close() error {
 }
 
 func (cid *cidFile) Write(id string) error {
+	if cid.file == nil {
+		return nil
+	}
 	if _, err := cid.file.Write([]byte(id)); err != nil {
 		return errors.Errorf("Failed to write the container ID to the file: %s", err)
 	}
@@ -134,6 +140,9 @@ func (cid *cidFile) Write(id string) error {
 }
 
 func newCIDFile(path string) (*cidFile, error) {
+	if path == "" {
+		return &cidFile{}, nil
+	}
 	if _, err := os.Stat(path); err == nil {
 		return nil, errors.Errorf("Container ID file found, make sure the other container isn't running or delete %s", path)
 	}
@@ -153,19 +162,15 @@ func createContainer(ctx context.Context, dockerCli command.Cli, containerConfig
 	stderr := dockerCli.Err()
 
 	var (
-		containerIDFile *cidFile
-		trustedRef      reference.Canonical
-		namedRef        reference.Named
+		trustedRef reference.Canonical
+		namedRef   reference.Named
 	)
 
-	cidfile := hostConfig.ContainerIDFile
-	if cidfile != "" {
-		var err error
-		if containerIDFile, err = newCIDFile(cidfile); err != nil {
-			return nil, err
-		}
-		defer containerIDFile.Close()
+	containerIDFile, err := newCIDFile(hostConfig.ContainerIDFile)
+	if err != nil {
+		return nil, err
 	}
+	defer containerIDFile.Close()
 
 	ref, err := reference.ParseAnyReference(config.Image)
 	if err != nil {
@@ -189,11 +194,11 @@ func createContainer(ctx context.Context, dockerCli command.Cli, containerConfig
 
 	//if image not found try to pull it
 	if err != nil {
-		if apiclient.IsErrImageNotFound(err) && namedRef != nil {
+		if apiclient.IsErrNotFound(err) && namedRef != nil {
 			fmt.Fprintf(stderr, "Unable to find image '%s' locally\n", reference.FamiliarString(namedRef))
 
 			// we don't want to write to stdout anything apart from container.ID
-			if err = pullImage(ctx, dockerCli, config.Image, stderr); err != nil {
+			if err := pullImage(ctx, dockerCli, config.Image, stderr); err != nil {
 				return nil, err
 			}
 			if taggedRef, ok := namedRef.(reference.NamedTagged); ok && trustedRef != nil {
@@ -215,10 +220,6 @@ func createContainer(ctx context.Context, dockerCli command.Cli, containerConfig
 	for _, warning := range response.Warnings {
 		fmt.Fprintf(stderr, "WARNING: %s\n", warning)
 	}
-	if containerIDFile != nil {
-		if err = containerIDFile.Write(response.ID); err != nil {
-			return nil, err
-		}
-	}
-	return &response, nil
+	err = containerIDFile.Write(response.ID)
+	return &response, err
 }

components/cli/cli/command/container/create_test.go

@@ -0,0 +1,120 @@
+package container
+
+import (
+	"context"
+	"io"
+	"io/ioutil"
+	"os"
+	"strings"
+	"testing"
+
+	"github.com/docker/cli/internal/test"
+	"github.com/docker/cli/internal/test/testutil"
+	"github.com/docker/docker/api/types"
+	"github.com/docker/docker/api/types/container"
+	"github.com/docker/docker/api/types/network"
+	"github.com/gotestyourself/gotestyourself/fs"
+	"github.com/pkg/errors"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func TestCIDFileNoOPWithNoFilename(t *testing.T) {
+	file, err := newCIDFile("")
+	require.NoError(t, err)
+	assert.Equal(t, &cidFile{}, file)
+
+	assert.NoError(t, file.Write("id"))
+	assert.NoError(t, file.Close())
+}
+
+func TestNewCIDFileWhenFileAlreadyExists(t *testing.T) {
+	tempfile := fs.NewFile(t, "test-cid-file")
+	defer tempfile.Remove()
+
+	_, err := newCIDFile(tempfile.Path())
+	testutil.ErrorContains(t, err, "Container ID file found")
+}
+
+func TestCIDFileCloseWithNoWrite(t *testing.T) {
+	tempdir := fs.NewDir(t, "test-cid-file")
+	defer tempdir.Remove()
+
+	path := tempdir.Join("cidfile")
+	file, err := newCIDFile(path)
+	require.NoError(t, err)
+	assert.Equal(t, file.path, path)
+
+	assert.NoError(t, file.Close())
+	_, err = os.Stat(path)
+	assert.True(t, os.IsNotExist(err))
+}
+
+func TestCIDFileCloseWithWrite(t *testing.T) {
+	tempdir := fs.NewDir(t, "test-cid-file")
+	defer tempdir.Remove()
+
+	path := tempdir.Join("cidfile")
+	file, err := newCIDFile(path)
+	require.NoError(t, err)
+
+	content := "id"
+	assert.NoError(t, file.Write(content))
+
+	actual, err := ioutil.ReadFile(path)
+	require.NoError(t, err)
+	assert.Equal(t, content, string(actual))
+
+	assert.NoError(t, file.Close())
+	_, err = os.Stat(path)
+	require.NoError(t, err)
+}
+
+func TestCreateContainerPullsImageIfMissing(t *testing.T) {
+	imageName := "does-not-exist-locally"
+	responseCounter := 0
+	containerID := "abcdef"
+
+	client := &fakeClient{
+		createContainerFunc: func(
+			config *container.Config,
+			hostConfig *container.HostConfig,
+			networkingConfig *network.NetworkingConfig,
+			containerName string,
+		) (container.ContainerCreateCreatedBody, error) {
+			defer func() { responseCounter++ }()
+			switch responseCounter {
+			case 0:
+				return container.ContainerCreateCreatedBody{}, fakeNotFound{}
+			case 1:
+				return container.ContainerCreateCreatedBody{ID: containerID}, nil
+			default:
+				return container.ContainerCreateCreatedBody{}, errors.New("unexpected")
+			}
+		},
+		imageCreateFunc: func(parentReference string, options types.ImageCreateOptions) (io.ReadCloser, error) {
+			return ioutil.NopCloser(strings.NewReader("")), nil
+		},
+		infoFunc: func() (types.Info, error) {
+			return types.Info{IndexServerAddress: "http://indexserver"}, nil
+		},
+	}
+	cli := test.NewFakeCli(client)
+	config := &containerConfig{
+		Config: &container.Config{
+			Image: imageName,
+		},
+		HostConfig: &container.HostConfig{},
+	}
+	body, err := createContainer(context.Background(), cli, config, "name")
+	require.NoError(t, err)
+	expected := container.ContainerCreateCreatedBody{ID: containerID}
+	assert.Equal(t, expected, *body)
+	stderr := cli.ErrBuffer().String()
+	assert.Contains(t, stderr, "Unable to find image 'does-not-exist-locally:latest' locally")
+}
+
+type fakeNotFound struct{}
+
+func (f fakeNotFound) NotFound() bool { return true }
+func (f fakeNotFound) Error() string  { return "error fake not found" }

components/cli/cli/command/container/diff.go

@@ -14,7 +14,7 @@ type diffOptions struct {
 }
 
 // NewDiffCommand creates a new cobra.Command for `docker diff`
-func NewDiffCommand(dockerCli *command.DockerCli) *cobra.Command {
+func NewDiffCommand(dockerCli command.Cli) *cobra.Command {
 	var opts diffOptions
 
 	return &cobra.Command{
@@ -28,7 +28,7 @@ func NewDiffCommand(dockerCli *command.DockerCli) *cobra.Command {
 	}
 }
 
-func runDiff(dockerCli *command.DockerCli, opts *diffOptions) error {
+func runDiff(dockerCli command.Cli, opts *diffOptions) error {
 	if opts.container == "" {
 		return errors.New("Container name cannot be empty")
 	}

components/cli/cli/command/container/exec.go

@@ -4,13 +4,14 @@ import (
 	"fmt"
 	"io"
 
-	"github.com/Sirupsen/logrus"
 	"github.com/docker/cli/cli"
 	"github.com/docker/cli/cli/command"
+	"github.com/docker/cli/cli/config/configfile"
 	"github.com/docker/cli/opts"
 	"github.com/docker/docker/api/types"
 	apiclient "github.com/docker/docker/client"
-	"github.com/docker/docker/pkg/promise"
+	"github.com/pkg/errors"
+	"github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
 	"golang.org/x/net/context"
 )
@@ -22,14 +23,13 @@ type execOptions struct {
 	detach      bool
 	user        string
 	privileged  bool
-	env         *opts.ListOpts
+	env         opts.ListOpts
+	container   string
+	command     []string
 }
 
-func newExecOptions() *execOptions {
-	var values []string
-	return &execOptions{
-		env: opts.NewListOptsRef(&values, opts.ValidateEnv),
-	}
+func newExecOptions() execOptions {
+	return execOptions{env: opts.NewListOpts(opts.ValidateEnv)}
 }
 
 // NewExecCommand creates a new cobra.Command for `docker exec`
@@ -41,9 +41,9 @@ func NewExecCommand(dockerCli command.Cli) *cobra.Command {
 		Short: "Run a command in a running container",
 		Args:  cli.RequiresMinArgs(2),
 		RunE: func(cmd *cobra.Command, args []string) error {
-			container := args[0]
-			execCmd := args[1:]
-			return runExec(dockerCli, options, container, execCmd)
+			options.container = args[0]
+			options.command = args[1:]
+			return runExec(dockerCli, options)
 		},
 	}
 
@@ -56,27 +56,14 @@ func NewExecCommand(dockerCli command.Cli) *cobra.Command {
 	flags.BoolVarP(&options.detach, "detach", "d", false, "Detached mode: run command in the background")
 	flags.StringVarP(&options.user, "user", "u", "", "Username or UID (format: <name|uid>[:<group|gid>])")
 	flags.BoolVarP(&options.privileged, "privileged", "", false, "Give extended privileges to the command")
-	flags.VarP(options.env, "env", "e", "Set environment variables")
+	flags.VarP(&options.env, "env", "e", "Set environment variables")
 	flags.SetAnnotation("env", "version", []string{"1.25"})
 
 	return cmd
 }
 
-// nolint: gocyclo
-func runExec(dockerCli command.Cli, options *execOptions, container string, execCmd []string) error {
-	execConfig, err := parseExec(options, execCmd)
-	// just in case the ParseExec does not exit
-	if container == "" || err != nil {
-		return cli.StatusError{StatusCode: 1}
-	}
-
-	if options.detachKeys != "" {
-		dockerCli.ConfigFile().DetachKeys = options.detachKeys
-	}
-
-	// Send client escape keys
-	execConfig.DetachKeys = dockerCli.ConfigFile().DetachKeys
-
+func runExec(dockerCli command.Cli, options execOptions) error {
+	execConfig := parseExec(options, dockerCli.ConfigFile())
 	ctx := context.Background()
 	client := dockerCli.Client()
 
@@ -84,7 +71,7 @@ func runExec(dockerCli command.Cli, options *execOptions, container string, exec
 	// otherwise if we error out we will leak execIDs on the server (and
 	// there's no easy way to clean those up). But also in order to make "not
 	// exist" errors take precedence we do a dummy inspect first.
-	if _, err := client.ContainerInspect(ctx, container); err != nil {
+	if _, err := client.ContainerInspect(ctx, options.container); err != nil {
 		return err
 	}
 	if !execConfig.Detach {
@@ -93,32 +80,31 @@ func runExec(dockerCli command.Cli, options *execOptions, container string, exec
 		}
 	}
 
-	response, err := client.ContainerExecCreate(ctx, container, *execConfig)
+	response, err := client.ContainerExecCreate(ctx, options.container, *execConfig)
 	if err != nil {
 		return err
 	}
 
 	execID := response.ID
 	if execID == "" {
-		fmt.Fprintln(dockerCli.Out(), "exec ID empty")
-		return nil
+		return errors.New("exec ID empty")
 	}
 
-	// Temp struct for execStart so that we don't need to transfer all the execConfig.
 	if execConfig.Detach {
 		execStartCheck := types.ExecStartCheck{
 			Detach: execConfig.Detach,
 			Tty:    execConfig.Tty,
 		}
-
 		return client.ContainerExecStart(ctx, execID, execStartCheck)
 	}
+	return interactiveExec(ctx, dockerCli, execConfig, execID)
+}
 
+func interactiveExec(ctx context.Context, dockerCli command.Cli, execConfig *types.ExecConfig, execID string) error {
 	// Interactive exec requested.
 	var (
 		out, stderr io.Writer
 		in          io.ReadCloser
-		errCh       chan error
 	)
 
 	if execConfig.AttachStdin {
@@ -135,24 +121,34 @@ func runExec(dockerCli command.Cli, options *execOptions, container string, exec
 		}
 	}
 
-	resp, err := client.ContainerExecAttach(ctx, execID, *execConfig)
+	client := dockerCli.Client()
+	execStartCheck := types.ExecStartCheck{
+		Tty: execConfig.Tty,
+	}
+	resp, err := client.ContainerExecAttach(ctx, execID, execStartCheck)
 	if err != nil {
 		return err
 	}
 	defer resp.Close()
-	errCh = promise.Go(func() error {
-		streamer := hijackedIOStreamer{
-			streams:      dockerCli,
-			inputStream:  in,
-			outputStream: out,
-			errorStream:  stderr,
-			resp:         resp,
-			tty:          execConfig.Tty,
-			detachKeys:   execConfig.DetachKeys,
-		}
 
-		return streamer.stream(ctx)
-	})
+	errCh := make(chan error, 1)
+
+	go func() {
+		defer close(errCh)
+		errCh <- func() error {
+			streamer := hijackedIOStreamer{
+				streams:      dockerCli,
+				inputStream:  in,
+				outputStream: out,
+				errorStream:  stderr,
+				resp:         resp,
+				tty:          execConfig.Tty,
+				detachKeys:   execConfig.DetachKeys,
+			}
+
+			return streamer.stream(ctx)
+		}()
+	}()
 
 	if execConfig.Tty && dockerCli.In().IsTerminal() {
 		if err := MonitorTtySize(ctx, dockerCli, execID, true); err != nil {
@@ -165,42 +161,35 @@ func runExec(dockerCli command.Cli, options *execOptions, container string, exec
 		return err
 	}
 
-	var status int
-	if _, status, err = getExecExitCode(ctx, client, execID); err != nil {
-		return err
-	}
-
-	if status != 0 {
-		return cli.StatusError{StatusCode: status}
-	}
-
-	return nil
+	return getExecExitStatus(ctx, client, execID)
 }
 
-// getExecExitCode perform an inspect on the exec command. It returns
-// the running state and the exit code.
-func getExecExitCode(ctx context.Context, client apiclient.ContainerAPIClient, execID string) (bool, int, error) {
+func getExecExitStatus(ctx context.Context, client apiclient.ContainerAPIClient, execID string) error {
 	resp, err := client.ContainerExecInspect(ctx, execID)
 	if err != nil {
 		// If we can't connect, then the daemon probably died.
 		if !apiclient.IsErrConnectionFailed(err) {
-			return false, -1, err
+			return err
 		}
-		return false, -1, nil
+		return cli.StatusError{StatusCode: -1}
 	}
-
-	return resp.Running, resp.ExitCode, nil
+	status := resp.ExitCode
+	if status != 0 {
+		return cli.StatusError{StatusCode: status}
+	}
+	return nil
 }
 
 // parseExec parses the specified args for the specified command and generates
 // an ExecConfig from it.
-func parseExec(opts *execOptions, execCmd []string) (*types.ExecConfig, error) {
+func parseExec(opts execOptions, configFile *configfile.ConfigFile) *types.ExecConfig {
 	execConfig := &types.ExecConfig{
 		User:       opts.user,
 		Privileged: opts.privileged,
 		Tty:        opts.tty,
-		Cmd:        execCmd,
+		Cmd:        opts.command,
 		Detach:     opts.detach,
+		Env:        opts.env.GetAll(),
 	}
 
 	// If -d is not set, attach to everything by default
@@ -212,9 +201,10 @@ func parseExec(opts *execOptions, execCmd []string) (*types.ExecConfig, error) {
 		}
 	}
 
-	if opts.env != nil {
-		execConfig.Env = opts.env.GetAll()
+	if opts.detachKeys != "" {
+		execConfig.DetachKeys = opts.detachKeys
+	} else {
+		execConfig.DetachKeys = configFile.DetachKeys
 	}
-
-	return execConfig, nil
+	return execConfig
 }

components/cli/cli/command/container/exec_test.go

@@ -4,118 +4,201 @@ import (
 	"io/ioutil"
 	"testing"
 
-	"github.com/docker/cli/cli/internal/test"
+	"github.com/docker/cli/cli"
+	"github.com/docker/cli/cli/config/configfile"
+	"github.com/docker/cli/internal/test"
+	"github.com/docker/cli/internal/test/testutil"
+	"github.com/docker/cli/opts"
 	"github.com/docker/docker/api/types"
-	"github.com/docker/docker/pkg/testutil"
 	"github.com/pkg/errors"
-	"github.com/stretchr/testify/require"
+	"github.com/stretchr/testify/assert"
+	"golang.org/x/net/context"
 )
 
-type arguments struct {
-	options execOptions
-	execCmd []string
+func withDefaultOpts(options execOptions) execOptions {
+	options.env = opts.NewListOpts(opts.ValidateEnv)
+	if len(options.command) == 0 {
+		options.command = []string{"command"}
+	}
+	return options
 }
 
 func TestParseExec(t *testing.T) {
-	valids := map[*arguments]*types.ExecConfig{
+	testcases := []struct {
+		options    execOptions
+		configFile configfile.ConfigFile
+		expected   types.ExecConfig
+	}{
 		{
-			execCmd: []string{"command"},
-		}: {
-			Cmd:          []string{"command"},
-			AttachStdout: true,
-			AttachStderr: true,
+			expected: types.ExecConfig{
+				Cmd:          []string{"command"},
+				AttachStdout: true,
+				AttachStderr: true,
+			},
+			options: withDefaultOpts(execOptions{}),
 		},
 		{
-			execCmd: []string{"command1", "command2"},
-		}: {
-			Cmd:          []string{"command1", "command2"},
-			AttachStdout: true,
-			AttachStderr: true,
+			expected: types.ExecConfig{
+				Cmd:          []string{"command1", "command2"},
+				AttachStdout: true,
+				AttachStderr: true,
+			},
+			options: withDefaultOpts(execOptions{
+				command: []string{"command1", "command2"},
+			}),
 		},
 		{
-			options: execOptions{
+			options: withDefaultOpts(execOptions{
 				interactive: true,
 				tty:         true,
 				user:        "uid",
+			}),
+			expected: types.ExecConfig{
+				User:         "uid",
+				AttachStdin:  true,
+				AttachStdout: true,
+				AttachStderr: true,
+				Tty:          true,
+				Cmd:          []string{"command"},
 			},
-			execCmd: []string{"command"},
-		}: {
-			User:         "uid",
-			AttachStdin:  true,
-			AttachStdout: true,
-			AttachStderr: true,
-			Tty:          true,
-			Cmd:          []string{"command"},
 		},
 		{
-			options: execOptions{
-				detach: true,
+			options: withDefaultOpts(execOptions{detach: true}),
+			expected: types.ExecConfig{
+				Detach: true,
+				Cmd:    []string{"command"},
 			},
-			execCmd: []string{"command"},
-		}: {
-			AttachStdin:  false,
-			AttachStdout: false,
-			AttachStderr: false,
-			Detach:       true,
-			Cmd:          []string{"command"},
 		},
 		{
-			options: execOptions{
+			options: withDefaultOpts(execOptions{
 				tty:         true,
 				interactive: true,
 				detach:      true,
+			}),
+			expected: types.ExecConfig{
+				Detach: true,
+				Tty:    true,
+				Cmd:    []string{"command"},
+			},
+		},
+		{
+			options:    withDefaultOpts(execOptions{detach: true}),
+			configFile: configfile.ConfigFile{DetachKeys: "de"},
+			expected: types.ExecConfig{
+				Cmd:        []string{"command"},
+				DetachKeys: "de",
+				Detach:     true,
+			},
+		},
+		{
+			options: withDefaultOpts(execOptions{
+				detach:     true,
+				detachKeys: "ab",
+			}),
+			configFile: configfile.ConfigFile{DetachKeys: "de"},
+			expected: types.ExecConfig{
+				Cmd:        []string{"command"},
+				DetachKeys: "ab",
+				Detach:     true,
 			},
-			execCmd: []string{"command"},
-		}: {
-			AttachStdin:  false,
-			AttachStdout: false,
-			AttachStderr: false,
-			Detach:       true,
-			Tty:          true,
-			Cmd:          []string{"command"},
 		},
 	}
 
-	for valid, expectedExecConfig := range valids {
-		execConfig, err := parseExec(&valid.options, valid.execCmd)
-		require.NoError(t, err)
-		if !compareExecConfig(expectedExecConfig, execConfig) {
-			t.Fatalf("Expected [%v] for %v, got [%v]", expectedExecConfig, valid, execConfig)
-		}
+	for _, testcase := range testcases {
+		execConfig := parseExec(testcase.options, &testcase.configFile)
+		assert.Equal(t, testcase.expected, *execConfig)
 	}
 }
 
-func compareExecConfig(config1 *types.ExecConfig, config2 *types.ExecConfig) bool {
-	if config1.AttachStderr != config2.AttachStderr {
-		return false
+func TestRunExec(t *testing.T) {
+	var testcases = []struct {
+		doc           string
+		options       execOptions
+		client        fakeClient
+		expectedError string
+		expectedOut   string
+		expectedErr   string
+	}{
+		{
+			doc: "successful detach",
+			options: withDefaultOpts(execOptions{
+				container: "thecontainer",
+				detach:    true,
+			}),
+			client: fakeClient{execCreateFunc: execCreateWithID},
+		},
+		{
+			doc:     "inspect error",
+			options: newExecOptions(),
+			client: fakeClient{
+				inspectFunc: func(string) (types.ContainerJSON, error) {
+					return types.ContainerJSON{}, errors.New("failed inspect")
+				},
+			},
+			expectedError: "failed inspect",
+		},
+		{
+			doc:           "missing exec ID",
+			options:       newExecOptions(),
+			expectedError: "exec ID empty",
+		},
 	}
-	if config1.AttachStdin != config2.AttachStdin {
-		return false
+
+	for _, testcase := range testcases {
+		t.Run(testcase.doc, func(t *testing.T) {
+			cli := test.NewFakeCli(&testcase.client)
+
+			err := runExec(cli, testcase.options)
+			if testcase.expectedError != "" {
+				testutil.ErrorContains(t, err, testcase.expectedError)
+			} else {
+				if !assert.NoError(t, err) {
+					return
+				}
+			}
+			assert.Equal(t, testcase.expectedOut, cli.OutBuffer().String())
+			assert.Equal(t, testcase.expectedErr, cli.ErrBuffer().String())
+		})
 	}
-	if config1.AttachStdout != config2.AttachStdout {
-		return false
+}
+
+func execCreateWithID(_ string, _ types.ExecConfig) (types.IDResponse, error) {
+	return types.IDResponse{ID: "execid"}, nil
+}
+
+func TestGetExecExitStatus(t *testing.T) {
+	execID := "the exec id"
+	expecatedErr := errors.New("unexpected error")
+
+	testcases := []struct {
+		inspectError  error
+		exitCode      int
+		expectedError error
+	}{
+		{
+			inspectError: nil,
+			exitCode:     0,
+		},
+		{
+			inspectError:  expecatedErr,
+			expectedError: expecatedErr,
+		},
+		{
+			exitCode:      15,
+			expectedError: cli.StatusError{StatusCode: 15},
+		},
 	}
-	if config1.Detach != config2.Detach {
-		return false
-	}
-	if config1.Privileged != config2.Privileged {
-		return false
-	}
-	if config1.Tty != config2.Tty {
-		return false
-	}
-	if config1.User != config2.User {
-		return false
-	}
-	if len(config1.Cmd) != len(config2.Cmd) {
-		return false
-	}
-	for index, value := range config1.Cmd {
-		if value != config2.Cmd[index] {
-			return false
+
+	for _, testcase := range testcases {
+		client := &fakeClient{
+			execInspectFunc: func(id string) (types.ContainerExecInspect, error) {
+				assert.Equal(t, execID, id)
+				return types.ContainerExecInspect{ExitCode: testcase.exitCode}, testcase.inspectError
+			},
 		}
+		err := getExecExitStatus(context.Background(), client, execID)
+		assert.Equal(t, testcase.expectedError, err)
 	}
-	return true
 }
 
 func TestNewExecCommandErrors(t *testing.T) {
@@ -135,7 +218,7 @@ func TestNewExecCommandErrors(t *testing.T) {
 		},
 	}
 	for _, tc := range testCases {
-		cli := test.NewFakeCli(&fakeClient{containerInspectFunc: tc.containerInspectFunc})
+		cli := test.NewFakeCli(&fakeClient{inspectFunc: tc.containerInspectFunc})
 		cmd := NewExecCommand(cli)
 		cmd.SetOutput(ioutil.Discard)
 		cmd.SetArgs(tc.args)

components/cli/cli/command/container/export.go

@@ -16,7 +16,7 @@ type exportOptions struct {
 }
 
 // NewExportCommand creates a new `docker export` command
-func NewExportCommand(dockerCli *command.DockerCli) *cobra.Command {
+func NewExportCommand(dockerCli command.Cli) *cobra.Command {
 	var opts exportOptions
 
 	cmd := &cobra.Command{
@@ -36,7 +36,7 @@ func NewExportCommand(dockerCli *command.DockerCli) *cobra.Command {
 	return cmd
 }
 
-func runExport(dockerCli *command.DockerCli, opts exportOptions) error {
+func runExport(dockerCli command.Cli, opts exportOptions) error {
 	if opts.output == "" && dockerCli.Out().IsTerminal() {
 		return errors.New("cowardly refusing to save to a terminal. Use the -o flag or redirect")
 	}

components/cli/cli/command/container/hijack.go

@@ -6,12 +6,12 @@ import (
 	"runtime"
 	"sync"
 
-	"github.com/Sirupsen/logrus"
 	"github.com/docker/cli/cli/command"
 	"github.com/docker/docker/api/types"
 	"github.com/docker/docker/pkg/ioutils"
 	"github.com/docker/docker/pkg/stdcopy"
 	"github.com/docker/docker/pkg/term"
+	"github.com/sirupsen/logrus"
 	"golang.org/x/net/context"
 )
 
@@ -185,6 +185,7 @@ func setRawTerminal(streams command.Streams) error {
 	return streams.Out().SetRawTerminal()
 }
 
+// nolint: unparam
 func restoreTerminal(streams command.Streams, in io.Closer) error {
 	streams.In().RestoreTerminal()
 	streams.Out().RestoreTerminal()

components/cli/cli/command/container/inspect.go

@@ -15,7 +15,7 @@ type inspectOptions struct {
 }
 
 // newInspectCommand creates a new cobra.Command for `docker container inspect`
-func newInspectCommand(dockerCli *command.DockerCli) *cobra.Command {
+func newInspectCommand(dockerCli command.Cli) *cobra.Command {
 	var opts inspectOptions
 
 	cmd := &cobra.Command{
@@ -35,7 +35,7 @@ func newInspectCommand(dockerCli *command.DockerCli) *cobra.Command {
 	return cmd
 }
 
-func runInspect(dockerCli *command.DockerCli, opts inspectOptions) error {
+func runInspect(dockerCli command.Cli, opts inspectOptions) error {
 	client := dockerCli.Client()
 	ctx := context.Background()
 

components/cli/cli/command/container/kill.go

@@ -18,7 +18,7 @@ type killOptions struct {
 }
 
 // NewKillCommand creates a new cobra.Command for `docker kill`
-func NewKillCommand(dockerCli *command.DockerCli) *cobra.Command {
+func NewKillCommand(dockerCli command.Cli) *cobra.Command {
 	var opts killOptions
 
 	cmd := &cobra.Command{
@@ -36,7 +36,7 @@ func NewKillCommand(dockerCli *command.DockerCli) *cobra.Command {
 	return cmd
 }
 
-func runKill(dockerCli *command.DockerCli, opts *killOptions) error {
+func runKill(dockerCli command.Cli, opts *killOptions) error {
 	var errs []string
 	ctx := context.Background()
 	errChan := parallelOperation(ctx, opts.containers, func(ctx context.Context, container string) error {

components/cli/cli/command/container/list.go

@@ -7,8 +7,8 @@ import (
 	"github.com/docker/cli/cli/command"
 	"github.com/docker/cli/cli/command/formatter"
 	"github.com/docker/cli/opts"
+	"github.com/docker/cli/templates"
 	"github.com/docker/docker/api/types"
-	"github.com/docker/docker/pkg/templates"
 	"github.com/spf13/cobra"
 	"golang.org/x/net/context"
 )
@@ -25,7 +25,7 @@ type psOptions struct {
 }
 
 // NewPsCommand creates a new cobra.Command for `docker ps`
-func NewPsCommand(dockerCli *command.DockerCli) *cobra.Command {
+func NewPsCommand(dockerCli command.Cli) *cobra.Command {
 	options := psOptions{filter: opts.NewFilterOpt()}
 
 	cmd := &cobra.Command{
@@ -51,7 +51,7 @@ func NewPsCommand(dockerCli *command.DockerCli) *cobra.Command {
 	return cmd
 }
 
-func newListCommand(dockerCli *command.DockerCli) *cobra.Command {
+func newListCommand(dockerCli command.Cli) *cobra.Command {
 	cmd := *NewPsCommand(dockerCli)
 	cmd.Aliases = []string{"ps", "list"}
 	cmd.Use = "ls [OPTIONS]"
@@ -109,7 +109,7 @@ func buildContainerListOptions(opts *psOptions) (*types.ContainerListOptions, er
 	return options, nil
 }
 
-func runPs(dockerCli *command.DockerCli, options *psOptions) error {
+func runPs(dockerCli command.Cli, options *psOptions) error {
 	ctx := context.Background()
 
 	listOptions, err := buildContainerListOptions(options)

components/cli/cli/command/container/logs.go

@@ -22,7 +22,7 @@ type logsOptions struct {
 }
 
 // NewLogsCommand creates a new cobra.Command for `docker logs`
-func NewLogsCommand(dockerCli *command.DockerCli) *cobra.Command {
+func NewLogsCommand(dockerCli command.Cli) *cobra.Command {
 	var opts logsOptions
 
 	cmd := &cobra.Command{
@@ -44,7 +44,7 @@ func NewLogsCommand(dockerCli *command.DockerCli) *cobra.Command {
 	return cmd
 }
 
-func runLogs(dockerCli *command.DockerCli, opts *logsOptions) error {
+func runLogs(dockerCli command.Cli, opts *logsOptions) error {
 	ctx := context.Background()
 
 	options := types.ContainerLogsOptions{

components/cli/cli/command/container/opts.go

@@ -11,7 +11,6 @@ import (
 	"strings"
 	"time"
 
-	"github.com/Sirupsen/logrus"
 	"github.com/docker/cli/cli/compose/loader"
 	"github.com/docker/cli/opts"
 	"github.com/docker/docker/api/types/container"
@@ -20,6 +19,7 @@ import (
 	"github.com/docker/docker/pkg/signal"
 	"github.com/docker/go-connections/nat"
 	"github.com/pkg/errors"
+	"github.com/sirupsen/logrus"
 	"github.com/spf13/pflag"
 )
 
@@ -274,7 +274,7 @@ func addFlags(flags *pflag.FlagSet) *containerOptions {
 
 	// Low-level execution (cgroups, namespaces, ...)
 	flags.StringVar(&copts.cgroupParent, "cgroup-parent", "", "Optional parent cgroup for the container")
-	flags.StringVar(&copts.ipcMode, "ipc", "", "IPC namespace to use")
+	flags.StringVar(&copts.ipcMode, "ipc", "", "IPC mode to use")
 	flags.StringVar(&copts.isolation, "isolation", "", "Container isolation technology")
 	flags.StringVar(&copts.pidMode, "pid", "", "PID namespace to use")
 	flags.Var(&copts.shmSize, "shm-size", "Size of /dev/shm")
@@ -421,11 +421,6 @@ func parse(flags *pflag.FlagSet, copts *containerOptions) (*containerConfig, err
 		return nil, err
 	}
 
-	ipcMode := container.IpcMode(copts.ipcMode)
-	if !ipcMode.Valid() {
-		return nil, errors.Errorf("--ipc: invalid IPC mode")
-	}
-
 	pidMode := container.PidMode(copts.pidMode)
 	if !pidMode.Valid() {
 		return nil, errors.Errorf("--pid: invalid PID mode")
@@ -584,7 +579,7 @@ func parse(flags *pflag.FlagSet, copts *containerOptions) (*containerConfig, err
 		ExtraHosts:     copts.extraHosts.GetAll(),
 		VolumesFrom:    copts.volumesFrom.GetAll(),
 		NetworkMode:    container.NetworkMode(copts.netMode),
-		IpcMode:        ipcMode,
+		IpcMode:        container.IpcMode(copts.ipcMode),
 		PidMode:        pidMode,
 		UTSMode:        utsMode,
 		UsernsMode:     usernsMode,

components/cli/cli/command/container/opts_test.go

@@ -1,8 +1,6 @@
 package container
 
 import (
-	"bytes"
-	"encoding/json"
 	"fmt"
 	"io/ioutil"
 	"os"
@@ -11,10 +9,9 @@ import (
 	"testing"
 	"time"
 
+	"github.com/docker/cli/internal/test/testutil"
 	"github.com/docker/docker/api/types/container"
 	networktypes "github.com/docker/docker/api/types/network"
-	"github.com/docker/docker/pkg/testutil"
-	"github.com/docker/docker/runconfig"
 	"github.com/docker/go-connections/nat"
 	"github.com/pkg/errors"
 	"github.com/spf13/pflag"
@@ -46,11 +43,9 @@ func TestValidateAttach(t *testing.T) {
 	}
 }
 
+// nolint: unparam
 func parseRun(args []string) (*container.Config, *container.HostConfig, *networktypes.NetworkingConfig, error) {
-	flags := pflag.NewFlagSet("run", pflag.ContinueOnError)
-	flags.SetOutput(ioutil.Discard)
-	flags.Usage = nil
-	copts := addFlags(flags)
+	flags, copts := setupRunFlags()
 	if err := flags.Parse(args); err != nil {
 		return nil, nil, nil, err
 	}
@@ -62,6 +57,14 @@ func parseRun(args []string) (*container.Config, *container.HostConfig, *network
 	return containerConfig.Config, containerConfig.HostConfig, containerConfig.NetworkingConfig, err
 }
 
+func setupRunFlags() (*pflag.FlagSet, *containerOptions) {
+	flags := pflag.NewFlagSet("run", pflag.ContinueOnError)
+	flags.SetOutput(ioutil.Discard)
+	flags.Usage = nil
+	copts := addFlags(flags)
+	return flags, copts
+}
+
 func parseMustError(t *testing.T, args string) {
 	_, _, _, err := parseRun(strings.Split(args+" ubuntu bash", " "))
 	assert.Error(t, err, args)
@@ -115,7 +118,7 @@ func TestParseRunWithInvalidArgs(t *testing.T) {
 }
 
 // nolint: gocyclo
-func TestParseRunVolumes(t *testing.T) {
+func TestParseWithVolumes(t *testing.T) {
 
 	// A single volume
 	arr, tryit := setupPlatformVolume([]string{`/tmp`}, []string{`c:\tmp`})
@@ -135,19 +138,19 @@ func TestParseRunVolumes(t *testing.T) {
 		t.Fatalf("Error parsing volume flags, %s is missing from volumes. Received %v", arr[1], config.Volumes)
 	}
 
-	// A single bind-mount
+	// A single bind mount
 	arr, tryit = setupPlatformVolume([]string{`/hostTmp:/containerTmp`}, []string{os.Getenv("TEMP") + `:c:\containerTmp`})
 	if config, hostConfig := mustParse(t, tryit); hostConfig.Binds == nil || hostConfig.Binds[0] != arr[0] {
 		t.Fatalf("Error parsing volume flags, %q should mount-bind the path before the colon into the path after the colon. Received %v %v", arr[0], hostConfig.Binds, config.Volumes)
 	}
 
-	// Two bind-mounts.
+	// Two bind mounts.
 	arr, tryit = setupPlatformVolume([]string{`/hostTmp:/containerTmp`, `/hostVar:/containerVar`}, []string{os.Getenv("ProgramData") + `:c:\ContainerPD`, os.Getenv("TEMP") + `:c:\containerTmp`})
 	if _, hostConfig := mustParse(t, tryit); hostConfig.Binds == nil || compareRandomizedStrings(hostConfig.Binds[0], hostConfig.Binds[1], arr[0], arr[1]) != nil {
 		t.Fatalf("Error parsing volume flags, `%s and %s` did not mount-bind correctly. Received %v", arr[0], arr[1], hostConfig.Binds)
 	}
 
-	// Two bind-mounts, first read-only, second read-write.
+	// Two bind mounts, first read-only, second read-write.
 	// TODO Windows: The Windows version uses read-write as that's the only mode it supports. Can change this post TP4
 	arr, tryit = setupPlatformVolume(
 		[]string{`/hostTmp:/containerTmp:ro`, `/hostVar:/containerVar:rw`},
@@ -229,20 +232,21 @@ func TestParseWithMacAddress(t *testing.T) {
 	}
 }
 
-func TestParseWithMemory(t *testing.T) {
-	invalidMemory := "--memory=invalid"
-	_, _, _, err := parseRun([]string{invalidMemory, "img", "cmd"})
-	testutil.ErrorContains(t, err, invalidMemory)
+func TestRunFlagsParseWithMemory(t *testing.T) {
+	flags, _ := setupRunFlags()
+	args := []string{"--memory=invalid", "img", "cmd"}
+	err := flags.Parse(args)
+	testutil.ErrorContains(t, err, `invalid argument "invalid" for "-m, --memory" flag`)
 
 	_, hostconfig := mustParse(t, "--memory=1G")
 	assert.Equal(t, int64(1073741824), hostconfig.Memory)
 }
 
 func TestParseWithMemorySwap(t *testing.T) {
-	invalidMemory := "--memory-swap=invalid"
-
-	_, _, _, err := parseRun([]string{invalidMemory, "img", "cmd"})
-	testutil.ErrorContains(t, err, invalidMemory)
+	flags, _ := setupRunFlags()
+	args := []string{"--memory-swap=invalid", "img", "cmd"}
+	err := flags.Parse(args)
+	testutil.ErrorContains(t, err, `invalid argument "invalid" for "--memory-swap" flag`)
 
 	_, hostconfig := mustParse(t, "--memory-swap=1G")
 	assert.Equal(t, int64(1073741824), hostconfig.MemorySwap)
@@ -366,23 +370,15 @@ func TestParseDevice(t *testing.T) {
 }
 
 func TestParseModes(t *testing.T) {
-	// ipc ko
-	_, _, _, err := parseRun([]string{"--ipc=container:", "img", "cmd"})
-	testutil.ErrorContains(t, err, "--ipc: invalid IPC mode")
-
-	// ipc ok
-	_, hostconfig, _, err := parseRun([]string{"--ipc=host", "img", "cmd"})
-	require.NoError(t, err)
-	if !hostconfig.IpcMode.Valid() {
-		t.Fatalf("Expected a valid IpcMode, got %v", hostconfig.IpcMode)
-	}
-
 	// pid ko
-	_, _, _, err = parseRun([]string{"--pid=container:", "img", "cmd"})
+	flags, copts := setupRunFlags()
+	args := []string{"--pid=container:", "img", "cmd"}
+	require.NoError(t, flags.Parse(args))
+	_, err := parse(flags, copts)
 	testutil.ErrorContains(t, err, "--pid: invalid PID mode")
 
 	// pid ok
-	_, hostconfig, _, err = parseRun([]string{"--pid=host", "img", "cmd"})
+	_, hostconfig, _, err := parseRun([]string{"--pid=host", "img", "cmd"})
 	require.NoError(t, err)
 	if !hostconfig.PidMode.Valid() {
 		t.Fatalf("Expected a valid PidMode, got %v", hostconfig.PidMode)
@@ -398,14 +394,18 @@ func TestParseModes(t *testing.T) {
 	if !hostconfig.UTSMode.Valid() {
 		t.Fatalf("Expected a valid UTSMode, got %v", hostconfig.UTSMode)
 	}
+}
 
+func TestRunFlagsParseShmSize(t *testing.T) {
 	// shm-size ko
-	expectedErr := `invalid argument "a128m" for --shm-size=a128m: invalid size: 'a128m'`
-	_, _, _, err = parseRun([]string{"--shm-size=a128m", "img", "cmd"})
+	flags, _ := setupRunFlags()
+	args := []string{"--shm-size=a128m", "img", "cmd"}
+	expectedErr := `invalid argument "a128m" for "--shm-size" flag: invalid size: 'a128m'`
+	err := flags.Parse(args)
 	testutil.ErrorContains(t, err, expectedErr)
 
 	// shm-size ok
-	_, hostconfig, _, err = parseRun([]string{"--shm-size=128m", "img", "cmd"})
+	_, hostconfig, _, err := parseRun([]string{"--shm-size=128m", "img", "cmd"})
 	require.NoError(t, err)
 	if hostconfig.ShmSize != 134217728 {
 		t.Fatalf("Expected a valid ShmSize, got %d", hostconfig.ShmSize)
@@ -595,161 +595,6 @@ func TestParseEntryPoint(t *testing.T) {
 	}
 }
 
-// This tests the cases for binds which are generated through
-// DecodeContainerConfig rather than Parse()
-// nolint: gocyclo
-func TestDecodeContainerConfigVolumes(t *testing.T) {
-
-	// Root to root
-	bindsOrVols, _ := setupPlatformVolume([]string{`/:/`}, []string{os.Getenv("SystemDrive") + `\:c:\`})
-	if _, _, err := callDecodeContainerConfig(nil, bindsOrVols); err == nil {
-		t.Fatalf("binds %v should have failed", bindsOrVols)
-	}
-	if _, _, err := callDecodeContainerConfig(bindsOrVols, nil); err == nil {
-		t.Fatalf("volume %v should have failed", bindsOrVols)
-	}
-
-	// No destination path
-	bindsOrVols, _ = setupPlatformVolume([]string{`/tmp:`}, []string{os.Getenv("TEMP") + `\:`})
-	if _, _, err := callDecodeContainerConfig(nil, bindsOrVols); err == nil {
-		t.Fatalf("binds %v should have failed", bindsOrVols)
-	}
-	if _, _, err := callDecodeContainerConfig(bindsOrVols, nil); err == nil {
-		t.Fatalf("volume %v should have failed", bindsOrVols)
-	}
-
-	//	// No destination path or mode
-	bindsOrVols, _ = setupPlatformVolume([]string{`/tmp::`}, []string{os.Getenv("TEMP") + `\::`})
-	if _, _, err := callDecodeContainerConfig(nil, bindsOrVols); err == nil {
-		t.Fatalf("binds %v should have failed", bindsOrVols)
-	}
-	if _, _, err := callDecodeContainerConfig(bindsOrVols, nil); err == nil {
-		t.Fatalf("volume %v should have failed", bindsOrVols)
-	}
-
-	// A whole lot of nothing
-	bindsOrVols = []string{`:`}
-	if _, _, err := callDecodeContainerConfig(nil, bindsOrVols); err == nil {
-		t.Fatalf("binds %v should have failed", bindsOrVols)
-	}
-	if _, _, err := callDecodeContainerConfig(bindsOrVols, nil); err == nil {
-		t.Fatalf("volume %v should have failed", bindsOrVols)
-	}
-
-	// A whole lot of nothing with no mode
-	bindsOrVols = []string{`::`}
-	if _, _, err := callDecodeContainerConfig(nil, bindsOrVols); err == nil {
-		t.Fatalf("binds %v should have failed", bindsOrVols)
-	}
-	if _, _, err := callDecodeContainerConfig(bindsOrVols, nil); err == nil {
-		t.Fatalf("volume %v should have failed", bindsOrVols)
-	}
-
-	// Too much including an invalid mode
-	wTmp := os.Getenv("TEMP")
-	bindsOrVols, _ = setupPlatformVolume([]string{`/tmp:/tmp:/tmp:/tmp`}, []string{wTmp + ":" + wTmp + ":" + wTmp + ":" + wTmp})
-	if _, _, err := callDecodeContainerConfig(nil, bindsOrVols); err == nil {
-		t.Fatalf("binds %v should have failed", bindsOrVols)
-	}
-	if _, _, err := callDecodeContainerConfig(bindsOrVols, nil); err == nil {
-		t.Fatalf("volume %v should have failed", bindsOrVols)
-	}
-
-	// Windows specific error tests
-	if runtime.GOOS == "windows" {
-		// Volume which does not include a drive letter
-		bindsOrVols = []string{`\tmp`}
-		if _, _, err := callDecodeContainerConfig(nil, bindsOrVols); err == nil {
-			t.Fatalf("binds %v should have failed", bindsOrVols)
-		}
-		if _, _, err := callDecodeContainerConfig(bindsOrVols, nil); err == nil {
-			t.Fatalf("volume %v should have failed", bindsOrVols)
-		}
-
-		// Root to C-Drive
-		bindsOrVols = []string{os.Getenv("SystemDrive") + `\:c:`}
-		if _, _, err := callDecodeContainerConfig(nil, bindsOrVols); err == nil {
-			t.Fatalf("binds %v should have failed", bindsOrVols)
-		}
-		if _, _, err := callDecodeContainerConfig(bindsOrVols, nil); err == nil {
-			t.Fatalf("volume %v should have failed", bindsOrVols)
-		}
-
-		// Container path that does not include a drive letter
-		bindsOrVols = []string{`c:\windows:\somewhere`}
-		if _, _, err := callDecodeContainerConfig(nil, bindsOrVols); err == nil {
-			t.Fatalf("binds %v should have failed", bindsOrVols)
-		}
-		if _, _, err := callDecodeContainerConfig(bindsOrVols, nil); err == nil {
-			t.Fatalf("volume %v should have failed", bindsOrVols)
-		}
-	}
-
-	// Linux-specific error tests
-	if runtime.GOOS != "windows" {
-		// Just root
-		bindsOrVols = []string{`/`}
-		if _, _, err := callDecodeContainerConfig(nil, bindsOrVols); err == nil {
-			t.Fatalf("binds %v should have failed", bindsOrVols)
-		}
-		if _, _, err := callDecodeContainerConfig(bindsOrVols, nil); err == nil {
-			t.Fatalf("volume %v should have failed", bindsOrVols)
-		}
-
-		// A single volume that looks like a bind mount passed in Volumes.
-		// This should be handled as a bind mount, not a volume.
-		vols := []string{`/foo:/bar`}
-		if config, hostConfig, err := callDecodeContainerConfig(vols, nil); err != nil {
-			t.Fatal("Volume /foo:/bar should have succeeded as a volume name")
-		} else if hostConfig.Binds != nil {
-			t.Fatalf("Error parsing volume flags, /foo:/bar should not mount-bind anything. Received %v", hostConfig.Binds)
-		} else if _, exists := config.Volumes[vols[0]]; !exists {
-			t.Fatalf("Error parsing volume flags, /foo:/bar is missing from volumes. Received %v", config.Volumes)
-		}
-
-	}
-}
-
-// callDecodeContainerConfig is a utility function used by TestDecodeContainerConfigVolumes
-// to call DecodeContainerConfig. It effectively does what a client would
-// do when calling the daemon by constructing a JSON stream of a
-// ContainerConfigWrapper which is populated by the set of volume specs
-// passed into it. It returns a config and a hostconfig which can be
-// validated to ensure DecodeContainerConfig has manipulated the structures
-// correctly.
-func callDecodeContainerConfig(volumes []string, binds []string) (*container.Config, *container.HostConfig, error) {
-	var (
-		b   []byte
-		err error
-		c   *container.Config
-		h   *container.HostConfig
-	)
-	w := runconfig.ContainerConfigWrapper{
-		Config: &container.Config{
-			Volumes: map[string]struct{}{},
-		},
-		HostConfig: &container.HostConfig{
-			NetworkMode: "none",
-			Binds:       binds,
-		},
-	}
-	for _, v := range volumes {
-		w.Config.Volumes[v] = struct{}{}
-	}
-	if b, err = json.Marshal(w); err != nil {
-		return nil, nil, errors.Errorf("Error on marshal %s", err.Error())
-	}
-	c, h, _, err = runconfig.DecodeContainerConfig(bytes.NewReader(b))
-	if err != nil {
-		return nil, nil, errors.Errorf("Error parsing %s: %v", string(b), err)
-	}
-	if c == nil || h == nil {
-		return nil, nil, errors.Errorf("Empty config or hostconfig")
-	}
-
-	return c, h, err
-}
-
 func TestValidateDevice(t *testing.T) {
 	valid := []string{
 		"/home",

components/cli/cli/command/container/pause.go

@@ -16,7 +16,7 @@ type pauseOptions struct {
 }
 
 // NewPauseCommand creates a new cobra.Command for `docker pause`
-func NewPauseCommand(dockerCli *command.DockerCli) *cobra.Command {
+func NewPauseCommand(dockerCli command.Cli) *cobra.Command {
 	var opts pauseOptions
 
 	return &cobra.Command{
@@ -30,7 +30,7 @@ func NewPauseCommand(dockerCli *command.DockerCli) *cobra.Command {
 	}
 }
 
-func runPause(dockerCli *command.DockerCli, opts *pauseOptions) error {
+func runPause(dockerCli command.Cli, opts *pauseOptions) error {
 	ctx := context.Background()
 
 	var errs []string

components/cli/cli/command/container/port.go

@@ -19,7 +19,7 @@ type portOptions struct {
 }
 
 // NewPortCommand creates a new cobra.Command for `docker port`
-func NewPortCommand(dockerCli *command.DockerCli) *cobra.Command {
+func NewPortCommand(dockerCli command.Cli) *cobra.Command {
 	var opts portOptions
 
 	cmd := &cobra.Command{
@@ -37,7 +37,7 @@ func NewPortCommand(dockerCli *command.DockerCli) *cobra.Command {
 	return cmd
 }
 
-func runPort(dockerCli *command.DockerCli, opts *portOptions) error {
+func runPort(dockerCli command.Cli, opts *portOptions) error {
 	ctx := context.Background()
 
 	c, err := dockerCli.Client().ContainerInspect(ctx, opts.container)

components/cli/cli/command/container/prune.go

@@ -35,7 +35,7 @@ func NewPruneCommand(dockerCli command.Cli) *cobra.Command {
 			fmt.Fprintln(dockerCli.Out(), "Total reclaimed space:", units.HumanSize(float64(spaceReclaimed)))
 			return nil
 		},
-		Tags: map[string]string{"version": "1.25"},
+		Annotations: map[string]string{"version": "1.25"},
 	}
 
 	flags := cmd.Flags()
@@ -52,12 +52,12 @@ func runPrune(dockerCli command.Cli, options pruneOptions) (spaceReclaimed uint6
 	pruneFilters := command.PruneFilters(dockerCli, options.filter.Value())
 
 	if !options.force && !command.PromptForConfirmation(dockerCli.In(), dockerCli.Out(), warning) {
-		return
+		return 0, "", nil
 	}
 
 	report, err := dockerCli.Client().ContainersPrune(context.Background(), pruneFilters)
 	if err != nil {
-		return
+		return 0, "", err
 	}
 
 	if len(report.ContainersDeleted) > 0 {
@@ -68,7 +68,7 @@ func runPrune(dockerCli command.Cli, options pruneOptions) (spaceReclaimed uint6
 		spaceReclaimed = report.SpaceReclaimed
 	}
 
-	return
+	return spaceReclaimed, output, nil
 }
 
 // RunPrune calls the Container Prune API

components/cli/cli/command/container/rename.go

@@ -17,7 +17,7 @@ type renameOptions struct {
 }
 
 // NewRenameCommand creates a new cobra.Command for `docker rename`
-func NewRenameCommand(dockerCli *command.DockerCli) *cobra.Command {
+func NewRenameCommand(dockerCli command.Cli) *cobra.Command {
 	var opts renameOptions
 
 	cmd := &cobra.Command{
@@ -33,7 +33,7 @@ func NewRenameCommand(dockerCli *command.DockerCli) *cobra.Command {
 	return cmd
 }
 
-func runRename(dockerCli *command.DockerCli, opts *renameOptions) error {
+func runRename(dockerCli command.Cli, opts *renameOptions) error {
 	ctx := context.Background()
 
 	oldName := strings.TrimSpace(opts.oldName)

components/cli/cli/command/container/restart.go

@@ -20,7 +20,7 @@ type restartOptions struct {
 }
 
 // NewRestartCommand creates a new cobra.Command for `docker restart`
-func NewRestartCommand(dockerCli *command.DockerCli) *cobra.Command {
+func NewRestartCommand(dockerCli command.Cli) *cobra.Command {
 	var opts restartOptions
 
 	cmd := &cobra.Command{
@@ -39,7 +39,7 @@ func NewRestartCommand(dockerCli *command.DockerCli) *cobra.Command {
 	return cmd
 }
 
-func runRestart(dockerCli *command.DockerCli, opts *restartOptions) error {
+func runRestart(dockerCli command.Cli, opts *restartOptions) error {
 	ctx := context.Background()
 	var errs []string
 	var timeout *time.Duration

components/cli/cli/command/container/rm.go

@@ -21,7 +21,7 @@ type rmOptions struct {
 }
 
 // NewRmCommand creates a new cobra.Command for `docker rm`
-func NewRmCommand(dockerCli *command.DockerCli) *cobra.Command {
+func NewRmCommand(dockerCli command.Cli) *cobra.Command {
 	var opts rmOptions
 
 	cmd := &cobra.Command{
@@ -41,7 +41,7 @@ func NewRmCommand(dockerCli *command.DockerCli) *cobra.Command {
 	return cmd
 }
 
-func runRm(dockerCli *command.DockerCli, opts *rmOptions) error {
+func runRm(dockerCli command.Cli, opts *rmOptions) error {
 	ctx := context.Background()
 
 	var errs []string

components/cli/cli/command/container/run.go

@@ -10,16 +10,15 @@ import (
 	"strings"
 	"syscall"
 
-	"github.com/Sirupsen/logrus"
 	"github.com/docker/cli/cli"
 	"github.com/docker/cli/cli/command"
 	"github.com/docker/cli/opts"
 	"github.com/docker/docker/api/types"
 	"github.com/docker/docker/api/types/container"
-	"github.com/docker/docker/pkg/promise"
 	"github.com/docker/docker/pkg/signal"
 	"github.com/docker/docker/pkg/term"
 	"github.com/pkg/errors"
+	"github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
 	"github.com/spf13/pflag"
 	"golang.org/x/net/context"
@@ -33,7 +32,7 @@ type runOptions struct {
 }
 
 // NewRunCommand create a new `docker run` command
-func NewRunCommand(dockerCli *command.DockerCli) *cobra.Command {
+func NewRunCommand(dockerCli command.Cli) *cobra.Command {
 	var opts runOptions
 	var copts *containerOptions
 
@@ -97,7 +96,7 @@ func isLocalhost(ip string) bool {
 	return localhostIPRegexp.MatchString(ip)
 }
 
-func runRun(dockerCli *command.DockerCli, flags *pflag.FlagSet, ropts *runOptions, copts *containerOptions) error {
+func runRun(dockerCli command.Cli, flags *pflag.FlagSet, ropts *runOptions, copts *containerOptions) error {
 	proxyConfig := dockerCli.ConfigFile().ParseProxyConfig(dockerCli.Client().DaemonHost(), copts.env.GetAll())
 	newEnv := []string{}
 	for k, v := range proxyConfig {
@@ -118,7 +117,7 @@ func runRun(dockerCli *command.DockerCli, flags *pflag.FlagSet, ropts *runOption
 }
 
 // nolint: gocyclo
-func runContainer(dockerCli *command.DockerCli, opts *runOptions, copts *containerOptions, containerConfig *containerConfig) error {
+func runContainer(dockerCli command.Cli, opts *runOptions, copts *containerOptions, containerConfig *containerConfig) error {
 	config := containerConfig.Config
 	hostConfig := containerConfig.HostConfig
 	stdout, stderr := dockerCli.Out(), dockerCli.Err()
@@ -291,22 +290,27 @@ func attachContainer(
 		return nil, errAttach
 	}
 
-	*errCh = promise.Go(func() error {
-		streamer := hijackedIOStreamer{
-			streams:      dockerCli,
-			inputStream:  in,
-			outputStream: out,
-			errorStream:  cerr,
-			resp:         resp,
-			tty:          config.Tty,
-			detachKeys:   options.DetachKeys,
-		}
+	ch := make(chan error, 1)
+	*errCh = ch
 
-		if errHijack := streamer.stream(ctx); errHijack != nil {
-			return errHijack
-		}
-		return errAttach
-	})
+	go func() {
+		ch <- func() error {
+			streamer := hijackedIOStreamer{
+				streams:      dockerCli,
+				inputStream:  in,
+				outputStream: out,
+				errorStream:  cerr,
+				resp:         resp,
+				tty:          config.Tty,
+				detachKeys:   options.DetachKeys,
+			}
+
+			if errHijack := streamer.stream(ctx); errHijack != nil {
+				return errHijack
+			}
+			return errAttach
+		}()
+	}()
 	return resp.Close, nil
 }
 

components/cli/cli/command/container/start.go

@@ -9,7 +9,6 @@ import (
 	"github.com/docker/cli/cli"
 	"github.com/docker/cli/cli/command"
 	"github.com/docker/docker/api/types"
-	"github.com/docker/docker/pkg/promise"
 	"github.com/docker/docker/pkg/signal"
 	"github.com/docker/docker/pkg/term"
 	"github.com/pkg/errors"
@@ -28,7 +27,7 @@ type startOptions struct {
 }
 
 // NewStartCommand creates a new cobra.Command for `docker start`
-func NewStartCommand(dockerCli *command.DockerCli) *cobra.Command {
+func NewStartCommand(dockerCli command.Cli) *cobra.Command {
 	var opts startOptions
 
 	cmd := &cobra.Command{
@@ -54,7 +53,7 @@ func NewStartCommand(dockerCli *command.DockerCli) *cobra.Command {
 }
 
 // nolint: gocyclo
-func runStart(dockerCli *command.DockerCli, opts *startOptions) error {
+func runStart(dockerCli command.Cli, opts *startOptions) error {
 	ctx, cancelFun := context.WithCancel(context.Background())
 
 	if opts.attach || opts.openStdin {
@@ -103,23 +102,28 @@ func runStart(dockerCli *command.DockerCli, opts *startOptions) error {
 			return errAttach
 		}
 		defer resp.Close()
-		cErr := promise.Go(func() error {
-			streamer := hijackedIOStreamer{
-				streams:      dockerCli,
-				inputStream:  in,
-				outputStream: dockerCli.Out(),
-				errorStream:  dockerCli.Err(),
-				resp:         resp,
-				tty:          c.Config.Tty,
-				detachKeys:   options.DetachKeys,
-			}
 
-			errHijack := streamer.stream(ctx)
-			if errHijack == nil {
-				return errAttach
-			}
-			return errHijack
-		})
+		cErr := make(chan error, 1)
+
+		go func() {
+			cErr <- func() error {
+				streamer := hijackedIOStreamer{
+					streams:      dockerCli,
+					inputStream:  in,
+					outputStream: dockerCli.Out(),
+					errorStream:  dockerCli.Err(),
+					resp:         resp,
+					tty:          c.Config.Tty,
+					detachKeys:   options.DetachKeys,
+				}
+
+				errHijack := streamer.stream(ctx)
+				if errHijack == nil {
+					return errAttach
+				}
+				return errHijack
+			}()
+		}()
 
 		// 3. We should open a channel for receiving status code of the container
 		// no matter it's detached, removed on daemon side(--rm) or exit normally.
@@ -177,7 +181,7 @@ func runStart(dockerCli *command.DockerCli, opts *startOptions) error {
 	return nil
 }
 
-func startContainersWithoutAttachments(ctx context.Context, dockerCli *command.DockerCli, containers []string) error {
+func startContainersWithoutAttachments(ctx context.Context, dockerCli command.Cli, containers []string) error {
 	var failedContainers []string
 	for _, container := range containers {
 		if err := dockerCli.Client().ContainerStart(ctx, container, types.ContainerStartOptions{}); err != nil {

components/cli/cli/command/container/stats.go

@@ -21,12 +21,13 @@ import (
 type statsOptions struct {
 	all        bool
 	noStream   bool
+	noTrunc    bool
 	format     string
 	containers []string
 }
 
 // NewStatsCommand creates a new cobra.Command for `docker stats`
-func NewStatsCommand(dockerCli *command.DockerCli) *cobra.Command {
+func NewStatsCommand(dockerCli command.Cli) *cobra.Command {
 	var opts statsOptions
 
 	cmd := &cobra.Command{
@@ -42,6 +43,7 @@ func NewStatsCommand(dockerCli *command.DockerCli) *cobra.Command {
 	flags := cmd.Flags()
 	flags.BoolVarP(&opts.all, "all", "a", false, "Show all containers (default shows just running)")
 	flags.BoolVar(&opts.noStream, "no-stream", false, "Disable streaming stats and only pull the first result")
+	flags.BoolVar(&opts.noTrunc, "no-trunc", false, "Do not truncate output")
 	flags.StringVar(&opts.format, "format", "", "Pretty-print images using a Go template")
 	return cmd
 }
@@ -49,7 +51,7 @@ func NewStatsCommand(dockerCli *command.DockerCli) *cobra.Command {
 // runStats displays a live stream of resource usage statistics for one or more containers.
 // This shows real-time information on CPU usage, memory usage, and network I/O.
 // nolint: gocyclo
-func runStats(dockerCli *command.DockerCli, opts *statsOptions) error {
+func runStats(dockerCli command.Cli, opts *statsOptions) error {
 	showAll := len(opts.containers) == 0
 	closeChan := make(chan error)
 
@@ -214,7 +216,7 @@ func runStats(dockerCli *command.DockerCli, opts *statsOptions) error {
 			ccstats = append(ccstats, c.GetStatistics())
 		}
 		cStats.mu.Unlock()
-		if err = formatter.ContainerStatsWrite(statsCtx, ccstats, daemonOSType); err != nil {
+		if err = formatter.ContainerStatsWrite(statsCtx, ccstats, daemonOSType, !opts.noTrunc); err != nil {
 			break
 		}
 		if len(cStats.cs) == 0 && !showAll {

components/cli/cli/command/container/stats_helpers.go

@@ -7,11 +7,11 @@ import (
 	"sync"
 	"time"
 
-	"github.com/Sirupsen/logrus"
 	"github.com/docker/cli/cli/command/formatter"
 	"github.com/docker/docker/api/types"
 	"github.com/docker/docker/client"
 	"github.com/pkg/errors"
+	"github.com/sirupsen/logrus"
 	"golang.org/x/net/context"
 )
 
@@ -200,7 +200,8 @@ func calculateCPUPercentWindows(v *types.StatsJSON) float64 {
 	return 0.00
 }
 
-func calculateBlockIO(blkio types.BlkioStats) (blkRead uint64, blkWrite uint64) {
+func calculateBlockIO(blkio types.BlkioStats) (uint64, uint64) {
+	var blkRead, blkWrite uint64
 	for _, bioEntry := range blkio.IoServiceBytesRecursive {
 		switch strings.ToLower(bioEntry.Op) {
 		case "read":
@@ -209,7 +210,7 @@ func calculateBlockIO(blkio types.BlkioStats) (blkRead uint64, blkWrite uint64)
 			blkWrite = blkWrite + bioEntry.Value
 		}
 	}
-	return
+	return blkRead, blkWrite
 }
 
 func calculateNetwork(network map[string]types.NetworkStats) (float64, float64) {

components/cli/cli/command/container/stop.go

@@ -20,7 +20,7 @@ type stopOptions struct {
 }
 
 // NewStopCommand creates a new cobra.Command for `docker stop`
-func NewStopCommand(dockerCli *command.DockerCli) *cobra.Command {
+func NewStopCommand(dockerCli command.Cli) *cobra.Command {
 	var opts stopOptions
 
 	cmd := &cobra.Command{
@@ -39,7 +39,7 @@ func NewStopCommand(dockerCli *command.DockerCli) *cobra.Command {
 	return cmd
 }
 
-func runStop(dockerCli *command.DockerCli, opts *stopOptions) error {
+func runStop(dockerCli command.Cli, opts *stopOptions) error {
 	ctx := context.Background()
 
 	var timeout *time.Duration

components/cli/cli/command/container/top.go

@@ -18,7 +18,7 @@ type topOptions struct {
 }
 
 // NewTopCommand creates a new cobra.Command for `docker top`
-func NewTopCommand(dockerCli *command.DockerCli) *cobra.Command {
+func NewTopCommand(dockerCli command.Cli) *cobra.Command {
 	var opts topOptions
 
 	cmd := &cobra.Command{
@@ -38,7 +38,7 @@ func NewTopCommand(dockerCli *command.DockerCli) *cobra.Command {
 	return cmd
 }
 
-func runTop(dockerCli *command.DockerCli, opts *topOptions) error {
+func runTop(dockerCli command.Cli, opts *topOptions) error {
 	ctx := context.Background()
 
 	procList, err := dockerCli.Client().ContainerTop(ctx, opts.container, opts.args)

components/cli/cli/command/container/tty.go

@@ -7,11 +7,11 @@ import (
 	"runtime"
 	"time"
 
-	"github.com/Sirupsen/logrus"
 	"github.com/docker/cli/cli/command"
 	"github.com/docker/docker/api/types"
 	"github.com/docker/docker/client"
 	"github.com/docker/docker/pkg/signal"
+	"github.com/sirupsen/logrus"
 	"golang.org/x/net/context"
 )
 

components/cli/cli/command/container/unpause.go

@@ -16,7 +16,7 @@ type unpauseOptions struct {
 }
 
 // NewUnpauseCommand creates a new cobra.Command for `docker unpause`
-func NewUnpauseCommand(dockerCli *command.DockerCli) *cobra.Command {
+func NewUnpauseCommand(dockerCli command.Cli) *cobra.Command {
 	var opts unpauseOptions
 
 	cmd := &cobra.Command{
@@ -31,7 +31,7 @@ func NewUnpauseCommand(dockerCli *command.DockerCli) *cobra.Command {
 	return cmd
 }
 
-func runUnpause(dockerCli *command.DockerCli, opts *unpauseOptions) error {
+func runUnpause(dockerCli command.Cli, opts *unpauseOptions) error {
 	ctx := context.Background()
 
 	var errs []string

components/cli/cli/command/container/update.go

@@ -35,7 +35,7 @@ type updateOptions struct {
 }
 
 // NewUpdateCommand creates a new cobra.Command for `docker update`
-func NewUpdateCommand(dockerCli *command.DockerCli) *cobra.Command {
+func NewUpdateCommand(dockerCli command.Cli) *cobra.Command {
 	var options updateOptions
 
 	cmd := &cobra.Command{
@@ -72,7 +72,7 @@ func NewUpdateCommand(dockerCli *command.DockerCli) *cobra.Command {
 	return cmd
 }
 
-func runUpdate(dockerCli *command.DockerCli, options *updateOptions) error {
+func runUpdate(dockerCli command.Cli, options *updateOptions) error {
 	var err error
 
 	if options.nFlag == 0 {

components/cli/cli/command/container/utils.go

@@ -3,18 +3,17 @@ package container
 import (
 	"strconv"
 
-	"github.com/Sirupsen/logrus"
 	"github.com/docker/cli/cli/command"
 	"github.com/docker/docker/api/types"
 	"github.com/docker/docker/api/types/container"
 	"github.com/docker/docker/api/types/events"
 	"github.com/docker/docker/api/types/filters"
 	"github.com/docker/docker/api/types/versions"
-	clientapi "github.com/docker/docker/client"
+	"github.com/sirupsen/logrus"
 	"golang.org/x/net/context"
 )
 
-func waitExitOrRemoved(ctx context.Context, dockerCli *command.DockerCli, containerID string, waitRemove bool) <-chan int {
+func waitExitOrRemoved(ctx context.Context, dockerCli command.Cli, containerID string, waitRemove bool) <-chan int {
 	if len(containerID) == 0 {
 		// containerID can never be empty
 		panic("Internal Error: waitExitOrRemoved needs a containerID as parameter")
@@ -48,7 +47,7 @@ func waitExitOrRemoved(ctx context.Context, dockerCli *command.DockerCli, contai
 	return statusC
 }
 
-func legacyWaitExitOrRemoved(ctx context.Context, dockerCli *command.DockerCli, containerID string, waitRemove bool) <-chan int {
+func legacyWaitExitOrRemoved(ctx context.Context, dockerCli command.Cli, containerID string, waitRemove bool) <-chan int {
 	var removeErr error
 	statusChan := make(chan int)
 	exitCode := 125
@@ -125,20 +124,6 @@ func legacyWaitExitOrRemoved(ctx context.Context, dockerCli *command.DockerCli,
 	return statusChan
 }
 
-// getExitCode performs an inspect on the container. It returns
-// the running state and the exit code.
-func getExitCode(ctx context.Context, dockerCli command.Cli, containerID string) (bool, int, error) {
-	c, err := dockerCli.Client().ContainerInspect(ctx, containerID)
-	if err != nil {
-		// If we can't connect, then the daemon probably died.
-		if !clientapi.IsErrConnectionFailed(err) {
-			return false, -1, err
-		}
-		return false, -1, nil
-	}
-	return c.State.Running, c.State.ExitCode, nil
-}
-
 func parallelOperation(ctx context.Context, containers []string, op func(ctx context.Context, container string) error) chan error {
 	if len(containers) == 0 {
 		return nil

components/cli/cli/command/container/wait.go

@@ -16,7 +16,7 @@ type waitOptions struct {
 }
 
 // NewWaitCommand creates a new cobra.Command for `docker wait`
-func NewWaitCommand(dockerCli *command.DockerCli) *cobra.Command {
+func NewWaitCommand(dockerCli command.Cli) *cobra.Command {
 	var opts waitOptions
 
 	cmd := &cobra.Command{
@@ -32,7 +32,7 @@ func NewWaitCommand(dockerCli *command.DockerCli) *cobra.Command {
 	return cmd
 }
 
-func runWait(dockerCli *command.DockerCli, opts *waitOptions) error {
+func runWait(dockerCli command.Cli, opts *waitOptions) error {
 	ctx := context.Background()
 
 	var errs []string

components/cli/cli/command/events_utils.go

@@ -3,8 +3,8 @@ package command
 import (
 	"sync"
 
-	"github.com/Sirupsen/logrus"
 	eventtypes "github.com/docker/docker/api/types/events"
+	"github.com/sirupsen/logrus"
 )
 
 // EventHandler is abstract interface for user to customize

components/cli/cli/command/formatter/container.go

@@ -10,7 +10,6 @@ import (
 	"github.com/docker/distribution/reference"
 	"github.com/docker/docker/api/types"
 	"github.com/docker/docker/pkg/stringid"
-	"github.com/docker/docker/pkg/stringutils"
 	"github.com/docker/go-units"
 )
 
@@ -165,7 +164,7 @@ func (c *containerContext) Image() string {
 func (c *containerContext) Command() string {
 	command := c.c.Command
 	if c.trunc {
-		command = stringutils.Ellipsis(command, 20)
+		command = Ellipsis(command, 20)
 	}
 	return strconv.Quote(command)
 }
@@ -227,7 +226,7 @@ func (c *containerContext) Mounts() string {
 			name = m.Name
 		}
 		if c.trunc {
-			name = stringutils.Ellipsis(name, 15)
+			name = Ellipsis(name, 15)
 		}
 		mounts = append(mounts, name)
 	}

components/cli/cli/command/formatter/container_test.go

@@ -10,6 +10,7 @@ import (
 
 	"github.com/docker/docker/api/types"
 	"github.com/docker/docker/pkg/stringid"
+	"github.com/gotestyourself/gotestyourself/golden"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
@@ -65,7 +66,7 @@ func TestContainerPsContext(t *testing.T) {
 					Source: "/a/path",
 				},
 			},
-		}, true, "this-is-a-lo...", ctx.Mounts},
+		}, true, "this-is-a-long…", ctx.Mounts},
 		{types.Container{
 			Mounts: []types.MountPoint{
 				{
@@ -230,10 +231,7 @@ size: 0B
 		// Special headers for customized table format
 		{
 			Context{Format: NewContainerFormat(`table {{truncate .ID 5}}\t{{json .Image}} {{.RunningFor}}/{{title .Status}}/{{pad .Ports 2 2}}.{{upper .Names}} {{lower .Status}}`, false, true)},
-			`CONTAINER ID        IMAGE CREATED/STATUS/  PORTS  .NAMES STATUS
-conta               "ubuntu" 24 hours ago//.FOOBAR_BAZ 
-conta               "ubuntu" 24 hours ago//.FOOBAR_BAR 
-`,
+			string(golden.Get(t, "container-context-write-special-headers.golden")),
 		},
 	}
 

components/cli/cli/command/formatter/custom_test.go

@@ -1,9 +1,10 @@
 package formatter
 
 import (
-	"reflect"
 	"strings"
 	"testing"
+
+	"github.com/stretchr/testify/assert"
 )
 
 func compareMultipleValues(t *testing.T, value, expected string) {
@@ -22,7 +23,5 @@ func compareMultipleValues(t *testing.T, value, expected string) {
 		keyval := strings.Split(expected, "=")
 		expMap[keyval[0]] = keyval[1]
 	}
-	if !reflect.DeepEqual(expMap, entriesMap) {
-		t.Fatalf("Expected entries: %v, got: %v", expected, value)
-	}
+	assert.Equal(t, expMap, entriesMap)
 }

components/cli/cli/command/formatter/disk_usage.go

@@ -118,11 +118,11 @@ func (ctx *DiskUsageContext) Write() (err error) {
 	return err
 }
 
-func (ctx *DiskUsageContext) verboseWrite() (err error) {
+func (ctx *DiskUsageContext) verboseWrite() error {
 	// First images
 	tmpl, err := ctx.startSubsection(defaultDiskUsageImageTableFormat)
 	if err != nil {
-		return
+		return err
 	}
 
 	ctx.Output.Write([]byte("Images space usage:\n\n"))
@@ -141,14 +141,14 @@ func (ctx *DiskUsageContext) verboseWrite() (err error) {
 			}
 		}
 
-		err = ctx.contextFormat(tmpl, &imageContext{
+		err := ctx.contextFormat(tmpl, &imageContext{
 			repo:  repo,
 			tag:   tag,
 			trunc: true,
 			i:     *i,
 		})
 		if err != nil {
-			return
+			return err
 		}
 	}
 	ctx.postFormat(tmpl, newImageContext())
@@ -157,17 +157,14 @@ func (ctx *DiskUsageContext) verboseWrite() (err error) {
 	ctx.Output.Write([]byte("\nContainers space usage:\n\n"))
 	tmpl, err = ctx.startSubsection(defaultDiskUsageContainerTableFormat)
 	if err != nil {
-		return
+		return err
 	}
 	for _, c := range ctx.Containers {
 		// Don't display the virtual size
 		c.SizeRootFs = 0
-		err = ctx.contextFormat(tmpl, &containerContext{
-			trunc: true,
-			c:     *c,
-		})
+		err := ctx.contextFormat(tmpl, &containerContext{trunc: true, c: *c})
 		if err != nil {
-			return
+			return err
 		}
 	}
 	ctx.postFormat(tmpl, newContainerContext())
@@ -176,21 +173,18 @@ func (ctx *DiskUsageContext) verboseWrite() (err error) {
 	ctx.Output.Write([]byte("\nLocal Volumes space usage:\n\n"))
 	tmpl, err = ctx.startSubsection(defaultDiskUsageVolumeTableFormat)
 	if err != nil {
-		return
+		return err
 	}
 	for _, v := range ctx.Volumes {
-		err = ctx.contextFormat(tmpl, &volumeContext{
-			v: *v,
-		})
-		if err != nil {
-			return
+		if err := ctx.contextFormat(tmpl, &volumeContext{v: *v}); err != nil {
+			return err
 		}
 	}
 	ctx.postFormat(tmpl, newVolumeContext())
 
 	// And build cache
 	fmt.Fprintf(ctx.Output, "\nBuild cache usage: %s\n\n", units.HumanSize(float64(ctx.BuilderSize)))
-	return
+	return nil
 }
 
 type diskUsageImagesContext struct {

components/cli/cli/command/formatter/disk_usage_test.go

@@ -4,6 +4,7 @@ import (
 	"bytes"
 	"testing"
 
+	"github.com/gotestyourself/gotestyourself/golden"
 	"github.com/stretchr/testify/assert"
 )
 
@@ -83,12 +84,7 @@ Build Cache                                                 0B
 					Format: NewDiskUsageFormat("table {{.Type}}\t{{.Active}}"),
 				},
 			},
-			`TYPE                ACTIVE
-Images              0
-Containers          0
-Local Volumes       0
-Build Cache         
-`,
+			string(golden.Get(t, "disk-usage-context-write-custom.golden")),
 		},
 		// Raw Format
 		{
@@ -97,31 +93,7 @@ Build Cache
 					Format: NewDiskUsageFormat("raw"),
 				},
 			},
-			`type: Images
-total: 0
-active: 0
-size: 0B
-reclaimable: 0B
-
-type: Containers
-total: 0
-active: 0
-size: 0B
-reclaimable: 0B
-
-type: Local Volumes
-total: 0
-active: 0
-size: 0B
-reclaimable: 0B
-
-type: Build Cache
-total: 
-active: 
-size: 0B
-reclaimable: 0B
-
-`,
+			string(golden.Get(t, "disk-usage-raw-format.golden")),
 		},
 	}
 

components/cli/cli/command/formatter/displayutils.go

@@ -0,0 +1,61 @@
+package formatter
+
+import (
+	"unicode/utf8"
+
+	"golang.org/x/text/width"
+)
+
+// charWidth returns the number of horizontal positions a character occupies,
+// and is used to account for wide characters when displaying strings.
+//
+// In a broad sense, wide characters include East Asian Wide, East Asian Full-width,
+// (when not in East Asian context) see http://unicode.org/reports/tr11/.
+func charWidth(r rune) int {
+	switch width.LookupRune(r).Kind() {
+	case width.EastAsianWide, width.EastAsianFullwidth:
+		return 2
+	default:
+		return 1
+	}
+}
+
+// Ellipsis truncates a string to fit within maxDisplayWidth, and appends ellipsis (…).
+// For maxDisplayWidth of 1 and lower, no ellipsis is appended.
+// For maxDisplayWidth of 1, first char of string will return even if its width > 1.
+func Ellipsis(s string, maxDisplayWidth int) string {
+	if maxDisplayWidth <= 0 {
+		return ""
+	}
+	rs := []rune(s)
+	if maxDisplayWidth == 1 {
+		return string(rs[0])
+	}
+
+	byteLen := len(s)
+	if byteLen == utf8.RuneCountInString(s) {
+		if byteLen <= maxDisplayWidth {
+			return s
+		}
+		return string(rs[:maxDisplayWidth-1]) + "…"
+	}
+
+	var (
+		display      []int
+		displayWidth int
+	)
+	for _, r := range rs {
+		cw := charWidth(r)
+		displayWidth += cw
+		display = append(display, displayWidth)
+	}
+	if displayWidth <= maxDisplayWidth {
+		return s
+	}
+	for i := range display {
+		if display[i] <= maxDisplayWidth-1 && display[i+1] > maxDisplayWidth-1 {
+			return string(rs[:i+1]) + "…"
+		}
+	}
+	return s
+}

components/cli/cli/command/formatter/displayutils_test.go

@@ -0,0 +1,30 @@
+package formatter
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestEllipsis(t *testing.T) {
+	var testcases = []struct {
+		source   string
+		width    int
+		expected string
+	}{
+		{source: "t🐳ststring", width: 0, expected: ""},
+		{source: "t🐳ststring", width: 1, expected: "t"},
+		{source: "t🐳ststring", width: 2, expected: "t…"},
+		{source: "t🐳ststring", width: 6, expected: "t🐳st…"},
+		{source: "t🐳ststring", width: 20, expected: "t🐳ststring"},
+		{source: "你好世界teststring", width: 0, expected: ""},
+		{source: "你好世界teststring", width: 1, expected: "你"},
+		{source: "你好世界teststring", width: 3, expected: "你…"},
+		{source: "你好世界teststring", width: 6, expected: "你好…"},
+		{source: "你好世界teststring", width: 20, expected: "你好世界teststring"},
+	}
+
+	for _, testcase := range testcases {
+		assert.Equal(t, testcase.expected, Ellipsis(testcase.source, testcase.width))
+	}
+}

components/cli/cli/command/formatter/formatter.go

@@ -7,7 +7,7 @@ import (
 	"text/tabwriter"
 	"text/template"
 
-	"github.com/docker/docker/pkg/templates"
+	"github.com/docker/cli/templates"
 	"github.com/pkg/errors"
 )
 

components/cli/cli/command/formatter/history.go

@@ -7,7 +7,6 @@ import (
 
 	"github.com/docker/docker/api/types/image"
 	"github.com/docker/docker/pkg/stringid"
-	"github.com/docker/docker/pkg/stringutils"
 	units "github.com/docker/go-units"
 )
 
@@ -79,10 +78,13 @@ func (c *historyContext) ID() string {
 }
 
 func (c *historyContext) CreatedAt() string {
-	return units.HumanDuration(time.Now().UTC().Sub(time.Unix(c.h.Created, 0)))
+	return time.Unix(c.h.Created, 0).Format(time.RFC3339)
 }
 
 func (c *historyContext) CreatedSince() string {
+	if !c.human {
+		return c.CreatedAt()
+	}
 	created := units.HumanDuration(time.Now().UTC().Sub(time.Unix(c.h.Created, 0)))
 	return created + " ago"
 }
@@ -90,7 +92,7 @@ func (c *historyContext) CreatedSince() string {
 func (c *historyContext) CreatedBy() string {
 	createdBy := strings.Replace(c.h.CreatedBy, "\t", " ", -1)
 	if c.trunc {
-		return stringutils.Ellipsis(createdBy, 45)
+		return Ellipsis(createdBy, 45)
 	}
 	return createdBy
 }

components/cli/cli/command/formatter/history_test.go

@@ -10,7 +10,6 @@ import (
 
 	"github.com/docker/docker/api/types/image"
 	"github.com/docker/docker/pkg/stringid"
-	"github.com/docker/docker/pkg/stringutils"
 	"github.com/stretchr/testify/assert"
 )
 
@@ -51,17 +50,21 @@ func TestHistoryContext_ID(t *testing.T) {
 }
 
 func TestHistoryContext_CreatedSince(t *testing.T) {
-	unixTime := time.Now().AddDate(0, 0, -7).Unix()
-	expected := "7 days ago"
-
 	var ctx historyContext
 	cases := []historyCase{
 		{
 			historyContext{
-				h:     image.HistoryResponseItem{Created: unixTime},
+				h:     image.HistoryResponseItem{Created: time.Now().AddDate(0, 0, -7).Unix()},
 				trunc: false,
 				human: true,
-			}, expected, ctx.CreatedSince,
+			}, "7 days ago", ctx.CreatedSince,
+		},
+		{
+			historyContext{
+				h:     image.HistoryResponseItem{Created: time.Date(2009, time.November, 10, 23, 0, 0, 0, time.UTC).Unix()},
+				trunc: false,
+				human: false,
+			}, "2009-11-10T23:00:00Z", ctx.CreatedSince,
 		},
 	}
 
@@ -92,7 +95,7 @@ func TestHistoryContext_CreatedBy(t *testing.T) {
 			historyContext{
 				h:     image.HistoryResponseItem{CreatedBy: withTabs},
 				trunc: true,
-			}, stringutils.Ellipsis(expected, 45), ctx.CreatedBy,
+			}, Ellipsis(expected, 45), ctx.CreatedBy,
 		},
 	}
 
@@ -187,7 +190,7 @@ imageID3            24 hours ago        /bin/bash ls
 imageID4            24 hours ago        /bin/bash grep                                                                                                                 183MB               Hi
 `
 	expectedTrunc := `IMAGE               CREATED             CREATED BY                                      SIZE                COMMENT
-imageID1            24 hours ago        /bin/bash ls && npm i && npm run test && k...   183MB               Hi
+imageID1            24 hours ago        /bin/bash ls && npm i && npm run test && kar…   183MB               Hi
 imageID2            24 hours ago        /bin/bash echo                                  183MB               Hi
 imageID3            24 hours ago        /bin/bash ls                                    183MB               Hi
 imageID4            24 hours ago        /bin/bash grep                                  183MB               Hi

components/cli/cli/command/formatter/image.go

@@ -79,11 +79,16 @@ func ImageWrite(ctx ImageContext, images []types.ImageSummary) error {
 	return ctx.Write(newImageContext(), render)
 }
 
+// needDigest determines whether the image digest should be ignored or not when writing image context
+func needDigest(ctx ImageContext) bool {
+	return ctx.Digest || ctx.Format.Contains("{{.Digest}}")
+}
+
 func imageFormat(ctx ImageContext, images []types.ImageSummary, format func(subContext subContext) error) error {
 	for _, image := range images {
-		images := []*imageContext{}
+		formatted := []*imageContext{}
 		if isDangling(image) {
-			images = append(images, &imageContext{
+			formatted = append(formatted, &imageContext{
 				trunc:  ctx.Trunc,
 				i:      image,
 				repo:   "<none>",
@@ -91,90 +96,9 @@ func imageFormat(ctx ImageContext, images []types.ImageSummary, format func(subC
 				digest: "<none>",
 			})
 		} else {
-			repoTags := map[string][]string{}
-			repoDigests := map[string][]string{}
-
-			for _, refString := range image.RepoTags {
-				ref, err := reference.ParseNormalizedNamed(refString)
-				if err != nil {
-					continue
-				}
-				if nt, ok := ref.(reference.NamedTagged); ok {
-					familiarRef := reference.FamiliarName(ref)
-					repoTags[familiarRef] = append(repoTags[familiarRef], nt.Tag())
-				}
-			}
-			for _, refString := range image.RepoDigests {
-				ref, err := reference.ParseNormalizedNamed(refString)
-				if err != nil {
-					continue
-				}
-				if c, ok := ref.(reference.Canonical); ok {
-					familiarRef := reference.FamiliarName(ref)
-					repoDigests[familiarRef] = append(repoDigests[familiarRef], c.Digest().String())
-				}
-			}
-
-			for repo, tags := range repoTags {
-				digests := repoDigests[repo]
-
-				// Do not display digests as their own row
-				delete(repoDigests, repo)
-
-				if !ctx.Digest {
-					// Ignore digest references, just show tag once
-					digests = nil
-				}
-
-				for _, tag := range tags {
-					if len(digests) == 0 {
-						images = append(images, &imageContext{
-							trunc:  ctx.Trunc,
-							i:      image,
-							repo:   repo,
-							tag:    tag,
-							digest: "<none>",
-						})
-						continue
-					}
-					// Display the digests for each tag
-					for _, dgst := range digests {
-						images = append(images, &imageContext{
-							trunc:  ctx.Trunc,
-							i:      image,
-							repo:   repo,
-							tag:    tag,
-							digest: dgst,
-						})
-					}
-
-				}
-			}
-
-			// Show rows for remaining digest only references
-			for repo, digests := range repoDigests {
-				// If digests are displayed, show row per digest
-				if ctx.Digest {
-					for _, dgst := range digests {
-						images = append(images, &imageContext{
-							trunc:  ctx.Trunc,
-							i:      image,
-							repo:   repo,
-							tag:    "<none>",
-							digest: dgst,
-						})
-					}
-				} else {
-					images = append(images, &imageContext{
-						trunc: ctx.Trunc,
-						i:     image,
-						repo:  repo,
-						tag:   "<none>",
-					})
-				}
-			}
+			formatted = imageFormatTaggedAndDigest(ctx, image)
 		}
-		for _, imageCtx := range images {
+		for _, imageCtx := range formatted {
 			if err := format(imageCtx); err != nil {
 				return err
 			}
@@ -183,6 +107,82 @@ func imageFormat(ctx ImageContext, images []types.ImageSummary, format func(subC
 	return nil
 }
 
+func imageFormatTaggedAndDigest(ctx ImageContext, image types.ImageSummary) []*imageContext {
+	repoTags := map[string][]string{}
+	repoDigests := map[string][]string{}
+	images := []*imageContext{}
+
+	for _, refString := range image.RepoTags {
+		ref, err := reference.ParseNormalizedNamed(refString)
+		if err != nil {
+			continue
+		}
+		if nt, ok := ref.(reference.NamedTagged); ok {
+			familiarRef := reference.FamiliarName(ref)
+			repoTags[familiarRef] = append(repoTags[familiarRef], nt.Tag())
+		}
+	}
+	for _, refString := range image.RepoDigests {
+		ref, err := reference.ParseNormalizedNamed(refString)
+		if err != nil {
+			continue
+		}
+		if c, ok := ref.(reference.Canonical); ok {
+			familiarRef := reference.FamiliarName(ref)
+			repoDigests[familiarRef] = append(repoDigests[familiarRef], c.Digest().String())
+		}
+	}
+
+	addImage := func(repo, tag, digest string) {
+		image := &imageContext{
+			trunc:  ctx.Trunc,
+			i:      image,
+			repo:   repo,
+			tag:    tag,
+			digest: digest,
+		}
+		images = append(images, image)
+	}
+
+	for repo, tags := range repoTags {
+		digests := repoDigests[repo]
+
+		// Do not display digests as their own row
+		delete(repoDigests, repo)
+
+		if !needDigest(ctx) {
+			// Ignore digest references, just show tag once
+			digests = nil
+		}
+
+		for _, tag := range tags {
+			if len(digests) == 0 {
+				addImage(repo, tag, "<none>")
+				continue
+			}
+			// Display the digests for each tag
+			for _, dgst := range digests {
+				addImage(repo, tag, dgst)
+			}
+
+		}
+	}
+
+	// Show rows for remaining digest only references
+	for repo, digests := range repoDigests {
+		// If digests are displayed, show row per digest
+		if ctx.Digest {
+			for _, dgst := range digests {
+				addImage(repo, "<none>", dgst)
+			}
+		} else {
+			addImage(repo, "<none>", "")
+
+		}
+	}
+	return images
+}
+
 type imageContext struct {
 	HeaderContext
 	trunc  bool

components/cli/cli/command/formatter/image_test.go

@@ -55,6 +55,26 @@ func TestImageContext(t *testing.T) {
 			i:      types.ImageSummary{},
 			digest: "sha256:d149ab53f8718e987c3a3024bb8aa0e2caadf6c0328f1d9d850b2a2a67f2819a",
 		}, "sha256:d149ab53f8718e987c3a3024bb8aa0e2caadf6c0328f1d9d850b2a2a67f2819a", ctx.Digest},
+		{
+			imageContext{
+				i: types.ImageSummary{Containers: 10},
+			}, "10", ctx.Containers,
+		},
+		{
+			imageContext{
+				i: types.ImageSummary{VirtualSize: 10000},
+			}, "10kB", ctx.VirtualSize,
+		},
+		{
+			imageContext{
+				i: types.ImageSummary{SharedSize: 10000},
+			}, "10kB", ctx.SharedSize,
+		},
+		{
+			imageContext{
+				i: types.ImageSummary{SharedSize: 5000, VirtualSize: 20000},
+			}, "15kB", ctx.UniqueSize,
+		},
 	}
 
 	for _, c := range cases {
@@ -62,8 +82,8 @@ func TestImageContext(t *testing.T) {
 		v := c.call()
 		if strings.Contains(v, ",") {
 			compareMultipleValues(t, v, c.expValue)
-		} else if v != c.expValue {
-			t.Fatalf("Expected %s, was %s\n", c.expValue, v)
+		} else {
+			assert.Equal(t, c.expValue, v)
 		}
 	}
 }
@@ -137,6 +157,14 @@ image               <none>
 			},
 			"REPOSITORY\nimage\nimage\n<none>\n",
 		},
+		{
+			ImageContext{
+				Context: Context{
+					Format: NewImageFormat("table {{.Digest}}", true, false),
+				},
+			},
+			"DIGEST\nsha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf\n<none>\n<none>\n",
+		},
 		{
 			ImageContext{
 				Context: Context{

components/cli/cli/command/formatter/plugin.go

@@ -5,7 +5,6 @@ import (
 
 	"github.com/docker/docker/api/types"
 	"github.com/docker/docker/pkg/stringid"
-	"github.com/docker/docker/pkg/stringutils"
 )
 
 const (
@@ -80,7 +79,7 @@ func (c *pluginContext) Description() string {
 	desc := strings.Replace(c.p.Config.Description, "\n", "", -1)
 	desc = strings.Replace(desc, "\r", "", -1)
 	if c.trunc {
-		desc = stringutils.Ellipsis(desc, 45)
+		desc = Ellipsis(desc, 45)
 	}
 
 	return desc

components/cli/cli/command/formatter/search.go

@@ -0,0 +1,103 @@
+package formatter
+
+import (
+	"strconv"
+	"strings"
+
+	registry "github.com/docker/docker/api/types/registry"
+)
+
+const (
+	defaultSearchTableFormat = "table {{.Name}}\t{{.Description}}\t{{.StarCount}}\t{{.IsOfficial}}\t{{.IsAutomated}}"
+
+	starsHeader     = "STARS"
+	officialHeader  = "OFFICIAL"
+	automatedHeader = "AUTOMATED"
+)
+
+// NewSearchFormat returns a Format for rendering using a network Context
+func NewSearchFormat(source string) Format {
+	switch source {
+	case "":
+		return defaultSearchTableFormat
+	case TableFormatKey:
+		return defaultSearchTableFormat
+	}
+	return Format(source)
+}
+
+// SearchWrite writes the context
+func SearchWrite(ctx Context, results []registry.SearchResult, auto bool, stars int) error {
+	render := func(format func(subContext subContext) error) error {
+		for _, result := range results {
+			// --automated and -s, --stars are deprecated since Docker 1.12
+			if (auto && !result.IsAutomated) || (stars > result.StarCount) {
+				continue
+			}
+			searchCtx := &searchContext{trunc: ctx.Trunc, s: result}
+			if err := format(searchCtx); err != nil {
+				return err
+			}
+		}
+		return nil
+	}
+	searchCtx := searchContext{}
+	searchCtx.header = map[string]string{
+		"Name":        nameHeader,
+		"Description": descriptionHeader,
+		"StarCount":   starsHeader,
+		"IsOfficial":  officialHeader,
+		"IsAutomated": automatedHeader,
+	}
+	return ctx.Write(&searchCtx, render)
+}
+
+type searchContext struct {
+	HeaderContext
+	trunc bool
+	json  bool
+	s     registry.SearchResult
+}
+
+func (c *searchContext) MarshalJSON() ([]byte, error) {
+	c.json = true
+	return marshalJSON(c)
+}
+
+func (c *searchContext) Name() string {
+	return c.s.Name
+}
+
+func (c *searchContext) Description() string {
+	desc := strings.Replace(c.s.Description, "\n", " ", -1)
+	desc = strings.Replace(desc, "\r", " ", -1)
+	if c.trunc {
+		desc = Ellipsis(desc, 45)
+	}
+	return desc
+}
+
+func (c *searchContext) StarCount() string {
+	return strconv.Itoa(c.s.StarCount)
+}
+
+func (c *searchContext) formatBool(value bool) string {
+	switch {
+	case value && c.json:
+		return "true"
+	case value:
+		return "[OK]"
+	case c.json:
+		return "false"
+	default:
+		return ""
+	}
+}
+
+func (c *searchContext) IsOfficial() string {
+	return c.formatBool(c.s.IsOfficial)
+}
+
+func (c *searchContext) IsAutomated() string {
+	return c.formatBool(c.s.IsAutomated)
+}

components/cli/cli/command/formatter/search_test.go

@@ -0,0 +1,279 @@
+package formatter
+
+import (
+	"bytes"
+	"encoding/json"
+	"strings"
+	"testing"
+
+	registrytypes "github.com/docker/docker/api/types/registry"
+	"github.com/gotestyourself/gotestyourself/golden"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestSearchContext(t *testing.T) {
+	name := "nginx"
+	starCount := 5000
+
+	var ctx searchContext
+	cases := []struct {
+		searchCtx searchContext
+		expValue  string
+		call      func() string
+	}{
+		{searchContext{
+			s: registrytypes.SearchResult{Name: name},
+		}, name, ctx.Name},
+		{searchContext{
+			s: registrytypes.SearchResult{StarCount: starCount},
+		}, "5000", ctx.StarCount},
+		{searchContext{
+			s: registrytypes.SearchResult{IsOfficial: true},
+		}, "[OK]", ctx.IsOfficial},
+		{searchContext{
+			s: registrytypes.SearchResult{IsOfficial: false},
+		}, "", ctx.IsOfficial},
+		{searchContext{
+			s: registrytypes.SearchResult{IsAutomated: true},
+		}, "[OK]", ctx.IsAutomated},
+		{searchContext{
+			s: registrytypes.SearchResult{IsAutomated: false},
+		}, "", ctx.IsAutomated},
+	}
+
+	for _, c := range cases {
+		ctx = c.searchCtx
+		v := c.call()
+		if strings.Contains(v, ",") {
+			compareMultipleValues(t, v, c.expValue)
+		} else if v != c.expValue {
+			t.Fatalf("Expected %s, was %s\n", c.expValue, v)
+		}
+	}
+}
+
+func TestSearchContextDescription(t *testing.T) {
+	shortDescription := "Official build of Nginx."
+	longDescription := "Automated Nginx reverse proxy for docker containers"
+	descriptionWReturns := "Automated\nNginx reverse\rproxy\rfor docker\ncontainers"
+
+	var ctx searchContext
+	cases := []struct {
+		searchCtx searchContext
+		expValue  string
+		call      func() string
+	}{
+		{searchContext{
+			s:     registrytypes.SearchResult{Description: shortDescription},
+			trunc: true,
+		}, shortDescription, ctx.Description},
+		{searchContext{
+			s:     registrytypes.SearchResult{Description: shortDescription},
+			trunc: false,
+		}, shortDescription, ctx.Description},
+		{searchContext{
+			s:     registrytypes.SearchResult{Description: longDescription},
+			trunc: false,
+		}, longDescription, ctx.Description},
+		{searchContext{
+			s:     registrytypes.SearchResult{Description: longDescription},
+			trunc: true,
+		}, Ellipsis(longDescription, 45), ctx.Description},
+		{searchContext{
+			s:     registrytypes.SearchResult{Description: descriptionWReturns},
+			trunc: false,
+		}, longDescription, ctx.Description},
+		{searchContext{
+			s:     registrytypes.SearchResult{Description: descriptionWReturns},
+			trunc: true,
+		}, Ellipsis(longDescription, 45), ctx.Description},
+	}
+
+	for _, c := range cases {
+		ctx = c.searchCtx
+		v := c.call()
+		if strings.Contains(v, ",") {
+			compareMultipleValues(t, v, c.expValue)
+		} else if v != c.expValue {
+			t.Fatalf("Expected %s, was %s\n", c.expValue, v)
+		}
+	}
+}
+
+func TestSearchContextWrite(t *testing.T) {
+	cases := []struct {
+		context  Context
+		expected string
+	}{
+
+		// Errors
+		{
+			Context{Format: "{{InvalidFunction}}"},
+			`Template parsing error: template: :1: function "InvalidFunction" not defined
+`,
+		},
+		{
+			Context{Format: "{{nil}}"},
+			`Template parsing error: template: :1:2: executing "" at <nil>: nil is not a command
+`,
+		},
+		// Table format
+		{
+			Context{Format: NewSearchFormat("table")},
+			string(golden.Get(t, "search-context-write-table.golden")),
+		},
+		{
+			Context{Format: NewSearchFormat("table {{.Name}}")},
+			`NAME
+result1
+result2
+`,
+		},
+		// Custom Format
+		{
+			Context{Format: NewSearchFormat("{{.Name}}")},
+			`result1
+result2
+`,
+		},
+		// Custom Format with CreatedAt
+		{
+			Context{Format: NewSearchFormat("{{.Name}} {{.StarCount}}")},
+			`result1 5000
+result2 5
+`,
+		},
+	}
+
+	for _, testcase := range cases {
+		results := []registrytypes.SearchResult{
+			{Name: "result1", Description: "Official build", StarCount: 5000, IsOfficial: true, IsAutomated: false},
+			{Name: "result2", Description: "Not official", StarCount: 5, IsOfficial: false, IsAutomated: true},
+		}
+		out := bytes.NewBufferString("")
+		testcase.context.Output = out
+		err := SearchWrite(testcase.context, results, false, 0)
+		if err != nil {
+			assert.Error(t, err, testcase.expected)
+		} else {
+			assert.Equal(t, out.String(), testcase.expected)
+		}
+	}
+}
+
+func TestSearchContextWriteAutomated(t *testing.T) {
+	cases := []struct {
+		context  Context
+		expected string
+	}{
+
+		// Table format
+		{
+			Context{Format: NewSearchFormat("table")},
+			`NAME                DESCRIPTION         STARS               OFFICIAL            AUTOMATED
+result2             Not official        5                                       [OK]
+`,
+		},
+		{
+			Context{Format: NewSearchFormat("table {{.Name}}")},
+			`NAME
+result2
+`,
+		},
+	}
+
+	for _, testcase := range cases {
+		results := []registrytypes.SearchResult{
+			{Name: "result1", Description: "Official build", StarCount: 5000, IsOfficial: true, IsAutomated: false},
+			{Name: "result2", Description: "Not official", StarCount: 5, IsOfficial: false, IsAutomated: true},
+		}
+		out := bytes.NewBufferString("")
+		testcase.context.Output = out
+		err := SearchWrite(testcase.context, results, true, 0)
+		if err != nil {
+			assert.Error(t, err, testcase.expected)
+		} else {
+			assert.Equal(t, out.String(), testcase.expected)
+		}
+	}
+}
+
+func TestSearchContextWriteStars(t *testing.T) {
+	cases := []struct {
+		context  Context
+		expected string
+	}{
+
+		// Table format
+		{
+			Context{Format: NewSearchFormat("table")},
+			string(golden.Get(t, "search-context-write-stars-table.golden")),
+		},
+		{
+			Context{Format: NewSearchFormat("table {{.Name}}")},
+			`NAME
+result1
+`,
+		},
+	}
+
+	for _, testcase := range cases {
+		results := []registrytypes.SearchResult{
+			{Name: "result1", Description: "Official build", StarCount: 5000, IsOfficial: true, IsAutomated: false},
+			{Name: "result2", Description: "Not official", StarCount: 5, IsOfficial: false, IsAutomated: true},
+		}
+		out := bytes.NewBufferString("")
+		testcase.context.Output = out
+		err := SearchWrite(testcase.context, results, false, 6)
+		if err != nil {
+			assert.Error(t, err, testcase.expected)
+		} else {
+			assert.Equal(t, out.String(), testcase.expected)
+		}
+	}
+}
+
+func TestSearchContextWriteJSON(t *testing.T) {
+	results := []registrytypes.SearchResult{
+		{Name: "result1", Description: "Official build", StarCount: 5000, IsOfficial: true, IsAutomated: false},
+		{Name: "result2", Description: "Not official", StarCount: 5, IsOfficial: false, IsAutomated: true},
+	}
+	expectedJSONs := []map[string]interface{}{
+		{"Name": "result1", "Description": "Official build", "StarCount": "5000", "IsOfficial": "true", "IsAutomated": "false"},
+		{"Name": "result2", "Description": "Not official", "StarCount": "5", "IsOfficial": "false", "IsAutomated": "true"},
+	}
+
+	out := bytes.NewBufferString("")
+	err := SearchWrite(Context{Format: "{{json .}}", Output: out}, results, false, 0)
+	if err != nil {
+		t.Fatal(err)
+	}
+	for i, line := range strings.Split(strings.TrimSpace(out.String()), "\n") {
+		t.Logf("Output: line %d: %s", i, line)
+		var m map[string]interface{}
+		if err := json.Unmarshal([]byte(line), &m); err != nil {
+			t.Fatal(err)
+		}
+		assert.Equal(t, m, expectedJSONs[i])
+	}
+}
+
+func TestSearchContextWriteJSONField(t *testing.T) {
+	results := []registrytypes.SearchResult{
+		{Name: "result1", Description: "Official build", StarCount: 5000, IsOfficial: true, IsAutomated: false},
+		{Name: "result2", Description: "Not official", StarCount: 5, IsOfficial: false, IsAutomated: true},
+	}
+	out := bytes.NewBufferString("")
+	err := SearchWrite(Context{Format: "{{json .Name}}", Output: out}, results, false, 0)
+	if err != nil {
+		t.Fatal(err)
+	}
+	for i, line := range strings.Split(strings.TrimSpace(out.String()), "\n") {
+		t.Logf("Output: line %d: %s", i, line)
+		var s string
+		if err := json.Unmarshal([]byte(line), &s); err != nil {
+			t.Fatal(err)
+		}
+		assert.Equal(t, s, results[i].Name)
+	}
+}

components/cli/cli/command/formatter/secret.go

@@ -12,19 +12,20 @@ import (
 )
 
 const (
-	defaultSecretTableFormat           = "table {{.ID}}\t{{.Name}}\t{{.CreatedAt}}\t{{.UpdatedAt}}"
+	defaultSecretTableFormat           = "table {{.ID}}\t{{.Name}}\t{{.Driver}}\t{{.CreatedAt}}\t{{.UpdatedAt}}"
 	secretIDHeader                     = "ID"
 	secretCreatedHeader                = "CREATED"
 	secretUpdatedHeader                = "UPDATED"
-	secretInspectPrettyTemplate Format = `ID:			{{.ID}}
-Name:			{{.Name}}
+	secretInspectPrettyTemplate Format = `ID:              {{.ID}}
+Name:              {{.Name}}
 {{- if .Labels }}
 Labels:
 {{- range $k, $v := .Labels }}
  - {{ $k }}{{if $v }}={{ $v }}{{ end }}
 {{- end }}{{ end }}
-Created at:            	{{.CreatedAt}}
-Updated at:            	{{.UpdatedAt}}`
+Driver:            {{.Driver}}
+Created at:        {{.CreatedAt}}
+Updated at:        {{.UpdatedAt}}`
 )
 
 // NewSecretFormat returns a Format for rendering using a secret Context
@@ -61,6 +62,7 @@ func newSecretContext() *secretContext {
 	sCtx.header = map[string]string{
 		"ID":        secretIDHeader,
 		"Name":      nameHeader,
+		"Driver":    driverHeader,
 		"CreatedAt": secretCreatedHeader,
 		"UpdatedAt": secretUpdatedHeader,
 		"Labels":    labelsHeader,
@@ -89,6 +91,13 @@ func (c *secretContext) CreatedAt() string {
 	return units.HumanDuration(time.Now().UTC().Sub(c.s.Meta.CreatedAt)) + " ago"
 }
 
+func (c *secretContext) Driver() string {
+	if c.s.Spec.Driver == nil {
+		return ""
+	}
+	return c.s.Spec.Driver.Name
+}
+
 func (c *secretContext) UpdatedAt() string {
 	return units.HumanDuration(time.Now().UTC().Sub(c.s.Meta.UpdatedAt)) + " ago"
 }
@@ -153,6 +162,13 @@ func (ctx *secretInspectContext) Labels() map[string]string {
 	return ctx.Secret.Spec.Labels
 }
 
+func (ctx *secretInspectContext) Driver() string {
+	if ctx.Secret.Spec.Driver == nil {
+		return ""
+	}
+	return ctx.Secret.Spec.Driver.Name
+}
+
 func (ctx *secretInspectContext) CreatedAt() string {
 	return command.PrettyPrint(ctx.Secret.CreatedAt)
 }

components/cli/cli/command/formatter/secret_test.go

@@ -28,9 +28,9 @@ func TestSecretContextFormatWrite(t *testing.T) {
 		},
 		// Table format
 		{Context{Format: NewSecretFormat("table", false)},
-			`ID                  NAME                CREATED                  UPDATED
-1                   passwords           Less than a second ago   Less than a second ago
-2                   id_rsa              Less than a second ago   Less than a second ago
+			`ID                  NAME                DRIVER              CREATED                  UPDATED
+1                   passwords                               Less than a second ago   Less than a second ago
+2                   id_rsa                                  Less than a second ago   Less than a second ago
 `},
 		{Context{Format: NewSecretFormat("table {{.Name}}", true)},
 			`NAME

components/cli/cli/command/formatter/service.go

@@ -504,7 +504,10 @@ func (c *serviceContext) Replicas() string {
 }
 
 func (c *serviceContext) Image() string {
-	image := c.service.Spec.TaskTemplate.ContainerSpec.Image
+	var image string
+	if c.service.Spec.TaskTemplate.ContainerSpec != nil {
+		image = c.service.Spec.TaskTemplate.ContainerSpec.Image
+	}
 	if ref, err := reference.ParseNormalizedNamed(image); err == nil {
 		// update image string for display, (strips any digest)
 		if nt, ok := ref.(reference.NamedTagged); ok {
@@ -518,11 +521,11 @@ func (c *serviceContext) Image() string {
 }
 
 func (c *serviceContext) Ports() string {
-	if c.service.Spec.EndpointSpec == nil || c.service.Spec.EndpointSpec.Ports == nil {
+	if c.service.Endpoint.Ports == nil {
 		return ""
 	}
 	ports := []string{}
-	for _, pConfig := range c.service.Spec.EndpointSpec.Ports {
+	for _, pConfig := range c.service.Endpoint.Ports {
 		if pConfig.PublishMode == swarm.PortConfigPublishModeIngress {
 			ports = append(ports, fmt.Sprintf("*:%d->%d/%s",
 				pConfig.PublishedPort,

components/cli/cli/command/formatter/service_test.go

@@ -8,6 +8,7 @@ import (
 	"testing"
 
 	"github.com/docker/docker/api/types/swarm"
+	"github.com/gotestyourself/gotestyourself/golden"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
@@ -59,21 +60,7 @@ bar
 		// Raw Format
 		{
 			Context{Format: NewServiceListFormat("raw", false)},
-			`id: id_baz
-name: baz
-mode: global
-replicas: 2/4
-image: 
-ports: *:80->8080/tcp
-
-id: id_bar
-name: bar
-mode: replicated
-replicas: 2/4
-image: 
-ports: *:80->8080/tcp
-
-`,
+			string(golden.Get(t, "service-context-write-raw.golden")),
 		},
 		{
 			Context{Format: NewServiceListFormat("raw", true)},
@@ -96,14 +83,14 @@ bar
 				ID: "id_baz",
 				Spec: swarm.ServiceSpec{
 					Annotations: swarm.Annotations{Name: "baz"},
-					EndpointSpec: &swarm.EndpointSpec{
-						Ports: []swarm.PortConfig{
-							{
-								PublishMode:   "ingress",
-								PublishedPort: 80,
-								TargetPort:    8080,
-								Protocol:      "tcp",
-							},
+				},
+				Endpoint: swarm.Endpoint{
+					Ports: []swarm.PortConfig{
+						{
+							PublishMode:   "ingress",
+							PublishedPort: 80,
+							TargetPort:    8080,
+							Protocol:      "tcp",
 						},
 					},
 				},
@@ -112,14 +99,14 @@ bar
 				ID: "id_bar",
 				Spec: swarm.ServiceSpec{
 					Annotations: swarm.Annotations{Name: "bar"},
-					EndpointSpec: &swarm.EndpointSpec{
-						Ports: []swarm.PortConfig{
-							{
-								PublishMode:   "ingress",
-								PublishedPort: 80,
-								TargetPort:    8080,
-								Protocol:      "tcp",
-							},
+				},
+				Endpoint: swarm.Endpoint{
+					Ports: []swarm.PortConfig{
+						{
+							PublishMode:   "ingress",
+							PublishedPort: 80,
+							TargetPort:    8080,
+							Protocol:      "tcp",
 						},
 					},
 				},
@@ -152,14 +139,14 @@ func TestServiceContextWriteJSON(t *testing.T) {
 			ID: "id_baz",
 			Spec: swarm.ServiceSpec{
 				Annotations: swarm.Annotations{Name: "baz"},
-				EndpointSpec: &swarm.EndpointSpec{
-					Ports: []swarm.PortConfig{
-						{
-							PublishMode:   "ingress",
-							PublishedPort: 80,
-							TargetPort:    8080,
-							Protocol:      "tcp",
-						},
+			},
+			Endpoint: swarm.Endpoint{
+				Ports: []swarm.PortConfig{
+					{
+						PublishMode:   "ingress",
+						PublishedPort: 80,
+						TargetPort:    8080,
+						Protocol:      "tcp",
 					},
 				},
 			},
@@ -168,14 +155,14 @@ func TestServiceContextWriteJSON(t *testing.T) {
 			ID: "id_bar",
 			Spec: swarm.ServiceSpec{
 				Annotations: swarm.Annotations{Name: "bar"},
-				EndpointSpec: &swarm.EndpointSpec{
-					Ports: []swarm.PortConfig{
-						{
-							PublishMode:   "ingress",
-							PublishedPort: 80,
-							TargetPort:    8080,
-							Protocol:      "tcp",
-						},
+			},
+			Endpoint: swarm.Endpoint{
+				Ports: []swarm.PortConfig{
+					{
+						PublishMode:   "ingress",
+						PublishedPort: 80,
+						TargetPort:    8080,
+						Protocol:      "tcp",
 					},
 				},
 			},

components/cli/cli/command/formatter/stats.go

@@ -4,13 +4,14 @@ import (
 	"fmt"
 	"sync"
 
+	"github.com/docker/docker/pkg/stringid"
 	units "github.com/docker/go-units"
 )
 
 const (
 	winOSType                  = "windows"
-	defaultStatsTableFormat    = "table {{.Container}}\t{{.CPUPerc}}\t{{.MemUsage}}\t{{.MemPerc}}\t{{.NetIO}}\t{{.BlockIO}}\t{{.PIDs}}"
-	winDefaultStatsTableFormat = "table {{.Container}}\t{{.CPUPerc}}\t{{.MemUsage}}\t{{.NetIO}}\t{{.BlockIO}}"
+	defaultStatsTableFormat    = "table {{.ID}}\t{{.Name}}\t{{.CPUPerc}}\t{{.MemUsage}}\t{{.MemPerc}}\t{{.NetIO}}\t{{.BlockIO}}\t{{.PIDs}}"
+	winDefaultStatsTableFormat = "table {{.ID}}\t{{.Name}}\t{{.CPUPerc}}\t{{.MemUsage}}\t{{.NetIO}}\t{{.BlockIO}}"
 
 	containerHeader = "CONTAINER"
 	cpuPercHeader   = "CPU %"
@@ -114,12 +115,13 @@ func NewContainerStats(container string) *ContainerStats {
 }
 
 // ContainerStatsWrite renders the context for a list of containers statistics
-func ContainerStatsWrite(ctx Context, containerStats []StatsEntry, osType string) error {
+func ContainerStatsWrite(ctx Context, containerStats []StatsEntry, osType string, trunc bool) error {
 	render := func(format func(subContext subContext) error) error {
 		for _, cstats := range containerStats {
 			containerStatsCtx := &containerStatsContext{
-				s:  cstats,
-				os: osType,
+				s:     cstats,
+				os:    osType,
+				trunc: trunc,
 			}
 			if err := format(containerStatsCtx); err != nil {
 				return err
@@ -149,8 +151,9 @@ func ContainerStatsWrite(ctx Context, containerStats []StatsEntry, osType string
 
 type containerStatsContext struct {
 	HeaderContext
-	s  StatsEntry
-	os string
+	s     StatsEntry
+	os    string
+	trunc bool
 }
 
 func (c *containerStatsContext) MarshalJSON() ([]byte, error) {
@@ -169,6 +172,9 @@ func (c *containerStatsContext) Name() string {
 }
 
 func (c *containerStatsContext) ID() string {
+	if c.trunc {
+		return stringid.TruncateID(c.s.ID)
+	}
 	return c.s.ID
 }
 

components/cli/cli/command/formatter/stats_test.go

@@ -114,7 +114,7 @@ container2  --
 		}
 		var out bytes.Buffer
 		te.context.Output = &out
-		err := ContainerStatsWrite(te.context, stats, "linux")
+		err := ContainerStatsWrite(te.context, stats, "linux", false)
 		if err != nil {
 			assert.EqualError(t, err, te.expected)
 		} else {
@@ -180,7 +180,7 @@ container2  --  --
 		}
 		var out bytes.Buffer
 		te.context.Output = &out
-		err := ContainerStatsWrite(te.context, stats, "windows")
+		err := ContainerStatsWrite(te.context, stats, "windows", false)
 		if err != nil {
 			assert.EqualError(t, err, te.expected)
 		} else {
@@ -220,7 +220,7 @@ func TestContainerStatsContextWriteWithNoStats(t *testing.T) {
 	}
 
 	for _, context := range contexts {
-		ContainerStatsWrite(context.context, []StatsEntry{}, "linux")
+		ContainerStatsWrite(context.context, []StatsEntry{}, "linux", false)
 		assert.Equal(t, context.expected, out.String())
 		// Clean buffer
 		out.Reset()
@@ -258,7 +258,41 @@ func TestContainerStatsContextWriteWithNoStatsWindows(t *testing.T) {
 	}
 
 	for _, context := range contexts {
-		ContainerStatsWrite(context.context, []StatsEntry{}, "windows")
+		ContainerStatsWrite(context.context, []StatsEntry{}, "windows", false)
+		assert.Equal(t, context.expected, out.String())
+		// Clean buffer
+		out.Reset()
+	}
+}
+
+func TestContainerStatsContextWriteTrunc(t *testing.T) {
+	var out bytes.Buffer
+
+	contexts := []struct {
+		context  Context
+		trunc    bool
+		expected string
+	}{
+		{
+			Context{
+				Format: "{{.ID}}",
+				Output: &out,
+			},
+			false,
+			"b95a83497c9161c9b444e3d70e1a9dfba0c1840d41720e146a95a08ebf938afc\n",
+		},
+		{
+			Context{
+				Format: "{{.ID}}",
+				Output: &out,
+			},
+			true,
+			"b95a83497c91\n",
+		},
+	}
+
+	for _, context := range contexts {
+		ContainerStatsWrite(context.context, []StatsEntry{{ID: "b95a83497c9161c9b444e3d70e1a9dfba0c1840d41720e146a95a08ebf938afc"}}, "linux", context.trunc)
 		assert.Equal(t, context.expected, out.String())
 		// Clean buffer
 		out.Reset()

components/cli/cli/command/formatter/task_test.go

@@ -7,6 +7,7 @@ import (
 	"testing"
 
 	"github.com/docker/docker/api/types/swarm"
+	"github.com/gotestyourself/gotestyourself/golden"
 	"github.com/stretchr/testify/assert"
 )
 
@@ -33,10 +34,7 @@ taskID2
 		},
 		{
 			Context{Format: NewTaskFormat("table {{.Name}}\t{{.Node}}\t{{.Ports}}", false)},
-			`NAME                NODE                PORTS
-foobar_baz          foo1                
-foobar_bar          foo2                
-`,
+			string(golden.Get(t, "task-context-write-table-custom.golden")),
 		},
 		{
 			Context{Format: NewTaskFormat("table {{.Name}}", true)},

components/cli/cli/command/formatter/testdata/container-context-write-special-headers.golden

@@ -0,0 +1,3 @@
+CONTAINER ID        IMAGE CREATED/STATUS/  PORTS  .NAMES STATUS
+conta               "ubuntu" 24 hours ago//.FOOBAR_BAZ 
+conta               "ubuntu" 24 hours ago//.FOOBAR_BAR 

components/cli/cli/command/formatter/testdata/disk-usage-context-write-custom.golden

@@ -0,0 +1,5 @@
+TYPE                ACTIVE
+Images              0
+Containers          0
+Local Volumes       0
+Build Cache         

components/cli/cli/command/formatter/testdata/disk-usage-raw-format.golden

@@ -0,0 +1,24 @@
+type: Images
+total: 0
+active: 0
+size: 0B
+reclaimable: 0B
+
+type: Containers
+total: 0
+active: 0
+size: 0B
+reclaimable: 0B
+
+type: Local Volumes
+total: 0
+active: 0
+size: 0B
+reclaimable: 0B
+
+type: Build Cache
+total: 
+active: 
+size: 0B
+reclaimable: 0B
+

components/cli/cli/command/formatter/testdata/search-context-write-stars-table.golden

@@ -0,0 +1,2 @@
+NAME                DESCRIPTION         STARS               OFFICIAL            AUTOMATED
+result1             Official build      5000                [OK]