diff --git a/Makefile b/Makefile
index f35265311a..a3dc91bcae 100644
--- a/Makefile
+++ b/Makefile
@@ -75,7 +75,7 @@ DOCKER_RUN_DOCKER := $(DOCKER_FLAGS) "$(DOCKER_IMAGE)"
 default: binary
 
 all: build ## validate all checks, build linux binaries, run all tests\ncross build non-linux binaries and generate archives
-	$(DOCKER_RUN_DOCKER) hack/make.sh
+	$(DOCKER_RUN_DOCKER) bash -c 'hack/validate/default && hack/make.sh'
 
 binary: build ## build the linux binaries
 	$(DOCKER_RUN_DOCKER) hack/make.sh binary
@@ -133,7 +133,7 @@ tgz: build ## build the archives (.zip on windows and .tgz\notherwise) containin
 	$(DOCKER_RUN_DOCKER) hack/make.sh dynbinary binary cross tgz
 
 validate: build ## validate DCO, Seccomp profile generation, gofmt,\n./pkg/ isolation, golint, tests, tomls, go vet and vendor
-	$(DOCKER_RUN_DOCKER) hack/make.sh validate-dco validate-default-seccomp validate-gofmt validate-pkg validate-lint validate-test validate-toml validate-vet validate-vendor
+	$(DOCKER_RUN_DOCKER) hack/validate/all
 
 win: build ## cross build the binary for windows
 	$(DOCKER_RUN_DOCKER) hack/make.sh win
diff --git a/hack/make.sh b/hack/make.sh
index ee93b8ee3d..b88582de69 100755
--- a/hack/make.sh
+++ b/hack/make.sh
@@ -56,15 +56,6 @@ echo
 
 # List of bundles to create when no argument is passed
 DEFAULT_BUNDLES=(
-	validate-dco
-	validate-default-seccomp
-	validate-gofmt
-	validate-lint
-	validate-pkg
-	validate-test
-	validate-toml
-	validate-vet
-
 	binary-client
 	binary-daemon
 	dynbinary
diff --git a/hack/make/validate-dco b/hack/make/validate-dco
old mode 100644
new mode 100755
index 5ac98728f3..bc6371da90
--- a/hack/make/validate-dco
+++ b/hack/make/validate-dco
@@ -1,54 +1,7 @@
 #!/bin/bash
-
-source "${MAKEDIR}/.validate"
-
-adds=$(validate_diff --numstat | awk '{ s += $1 } END { print s }')
-dels=$(validate_diff --numstat | awk '{ s += $2 } END { print s }')
-#notDocs="$(validate_diff --numstat | awk '$3 !~ /^docs\// { print $3 }')"
-
-: ${adds:=0}
-: ${dels:=0}
-
-# "Username may only contain alphanumeric characters or dashes and cannot begin with a dash"
-githubUsernameRegex='[a-zA-Z0-9][a-zA-Z0-9-]+'
-
-# https://github.com/docker/docker/blob/master/CONTRIBUTING.md#sign-your-work
-dcoPrefix='Signed-off-by:'
-dcoRegex="^(Docker-DCO-1.1-)?$dcoPrefix ([^<]+) <([^<>@]+@[^<>]+)>( \\(github: ($githubUsernameRegex)\\))?$"
-
-check_dco() {
-	grep -qE "$dcoRegex"
-}
-
-if [ $adds -eq 0 -a $dels -eq 0 ]; then
-	echo '0 adds, 0 deletions; nothing to validate! :)'
-else
-	commits=( $(validate_log --format='format:%H%n') )
-	badCommits=()
-	for commit in "${commits[@]}"; do
-		if [ -z "$(git log -1 --format='format:' --name-status "$commit")" ]; then
-			# no content (ie, Merge commit, etc)
-			continue
-		fi
-		if ! git log -1 --format='format:%B' "$commit" | check_dco; then
-			badCommits+=( "$commit" )
-		fi
-	done
-	if [ ${#badCommits[@]} -eq 0 ]; then
-		echo "Congratulations!  All commits are properly signed with the DCO!"
-	else
-		{
-			echo "These commits do not have a proper '$dcoPrefix' marker:"
-			for commit in "${badCommits[@]}"; do
-				echo " - $commit"
-			done
-			echo
-			echo 'Please amend each commit to include a properly formatted DCO marker.'
-			echo
-			echo 'Visit the following URL for information about the Docker DCO:'
-			echo ' https://github.com/docker/docker/blob/master/CONTRIBUTING.md#sign-your-work'
-			echo
-		} >&2
-		false
-	fi
-fi
+#
+# This file is a stub. It exists because windowsRS1 calls this script directly 
+# instead of using a proper interface. It should be removed once windows CI is 
+# fixed.
+#
+$SCRIPTDIR/validate/dco
diff --git a/hack/make/validate-gofmt b/hack/make/validate-gofmt
old mode 100644
new mode 100755
index 7ad9e85576..ecdc074c60
--- a/hack/make/validate-gofmt
+++ b/hack/make/validate-gofmt
@@ -1,30 +1,7 @@
 #!/bin/bash
-
-source "${MAKEDIR}/.validate"
-
-IFS=$'\n'
-files=( $(validate_diff --diff-filter=ACMR --name-only -- '*.go' | grep -v '^vendor/' || true) )
-unset IFS
-
-badFiles=()
-for f in "${files[@]}"; do
-	# we use "git show" here to validate that what's committed is formatted
-	if [ "$(git show "$VALIDATE_HEAD:$f" | gofmt -s -l)" ]; then
-		badFiles+=( "$f" )
-	fi
-done
-
-if [ ${#badFiles[@]} -eq 0 ]; then
-	echo 'Congratulations!  All Go source files are properly formatted.'
-else
-	{
-		echo "These files are not properly gofmt'd:"
-		for f in "${badFiles[@]}"; do
-			echo " - $f"
-		done
-		echo
-		echo 'Please reformat the above files using "gofmt -s -w" and commit the result.'
-		echo
-	} >&2
-	false
-fi
+#
+# This file is a stub. It exists because windowsRS1 calls this script directly 
+# instead of using a proper interface. It should be removed once windows CI is 
+# fixed.
+#
+$SCRIPTDIR/validate/gofmt
diff --git a/hack/make/validate-pkg b/hack/make/validate-pkg
old mode 100644
new mode 100755
index d5843417e0..773e03bdd6
--- a/hack/make/validate-pkg
+++ b/hack/make/validate-pkg
@@ -1,32 +1,7 @@
 #!/bin/bash
-set -e
-
-source "${MAKEDIR}/.validate"
-
-IFS=$'\n'
-files=( $(validate_diff --diff-filter=ACMR --name-only -- 'pkg/*.go' || true) )
-unset IFS
-
-badFiles=()
-for f in "${files[@]}"; do
-	IFS=$'\n'
-	badImports=( $(go list -e -f '{{ join .Deps "\n" }}' "$f" | sort -u | grep -vE '^github.com/docker/docker/pkg/' | grep -E '^github.com/docker/docker' || true) )
-	unset IFS
-
-	for import in "${badImports[@]}"; do
-		badFiles+=( "$f imports $import" )
-	done
-done
-
-if [ ${#badFiles[@]} -eq 0 ]; then
-	echo 'Congratulations! "./pkg/..." is safely isolated from internal code.'
-else
-	{
-		echo 'These files import internal code: (either directly or indirectly)'
-		for f in "${badFiles[@]}"; do
-			echo " - $f"
-		done
-		echo
-	} >&2
-	false
-fi
+#
+# This file is a stub. It exists because windowsRS1 calls this script directly 
+# instead of using a proper interface. It should be removed once windows CI is 
+# fixed.
+#
+$SCRIPTDIR/validate/pkg-imports
diff --git a/hack/make/.validate b/hack/validate/.validate
similarity index 82%
rename from hack/make/.validate
rename to hack/validate/.validate
index 7397d0fa11..defa981865 100644
--- a/hack/make/.validate
+++ b/hack/validate/.validate
@@ -1,5 +1,7 @@
 #!/bin/bash
 
+set -e -o pipefail
+
 if [ -z "$VALIDATE_UPSTREAM" ]; then
 	# this is kind of an expensive check, so let's not do this twice if we
 	# are running more than one validate bundlescript
@@ -7,11 +9,6 @@ if [ -z "$VALIDATE_UPSTREAM" ]; then
 	VALIDATE_REPO='https://github.com/docker/docker.git'
 	VALIDATE_BRANCH='master'
 
-	if [ "$TRAVIS" = 'true' -a "$TRAVIS_PULL_REQUEST" != 'false' ]; then
-		VALIDATE_REPO="https://github.com/${TRAVIS_REPO_SLUG}.git"
-		VALIDATE_BRANCH="${TRAVIS_BRANCH}"
-	fi
-
 	VALIDATE_HEAD="$(git rev-parse --verify HEAD)"
 
 	git fetch -q "$VALIDATE_REPO" "refs/heads/$VALIDATE_BRANCH"
diff --git a/hack/validate/all b/hack/validate/all
new file mode 100755
index 0000000000..308af47263
--- /dev/null
+++ b/hack/validate/all
@@ -0,0 +1,8 @@
+#!/bin/bash
+#
+# Run all validation
+
+export SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+
+. $SCRIPTDIR/default
+. $SCRIPTDIR/vendor
diff --git a/hack/validate/dco b/hack/validate/dco
new file mode 100755
index 0000000000..754ce8faec
--- /dev/null
+++ b/hack/validate/dco
@@ -0,0 +1,55 @@
+#!/bin/bash
+
+export SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+source "${SCRIPTDIR}/.validate"
+
+adds=$(validate_diff --numstat | awk '{ s += $1 } END { print s }')
+dels=$(validate_diff --numstat | awk '{ s += $2 } END { print s }')
+#notDocs="$(validate_diff --numstat | awk '$3 !~ /^docs\// { print $3 }')"
+
+: ${adds:=0}
+: ${dels:=0}
+
+# "Username may only contain alphanumeric characters or dashes and cannot begin with a dash"
+githubUsernameRegex='[a-zA-Z0-9][a-zA-Z0-9-]+'
+
+# https://github.com/docker/docker/blob/master/CONTRIBUTING.md#sign-your-work
+dcoPrefix='Signed-off-by:'
+dcoRegex="^(Docker-DCO-1.1-)?$dcoPrefix ([^<]+) <([^<>@]+@[^<>]+)>( \\(github: ($githubUsernameRegex)\\))?$"
+
+check_dco() {
+	grep -qE "$dcoRegex"
+}
+
+if [ $adds -eq 0 -a $dels -eq 0 ]; then
+	echo '0 adds, 0 deletions; nothing to validate! :)'
+else
+	commits=( $(validate_log --format='format:%H%n') )
+	badCommits=()
+	for commit in "${commits[@]}"; do
+		if [ -z "$(git log -1 --format='format:' --name-status "$commit")" ]; then
+			# no content (ie, Merge commit, etc)
+			continue
+		fi
+		if ! git log -1 --format='format:%B' "$commit" | check_dco; then
+			badCommits+=( "$commit" )
+		fi
+	done
+	if [ ${#badCommits[@]} -eq 0 ]; then
+		echo "Congratulations!  All commits are properly signed with the DCO!"
+	else
+		{
+			echo "These commits do not have a proper '$dcoPrefix' marker:"
+			for commit in "${badCommits[@]}"; do
+				echo " - $commit"
+			done
+			echo
+			echo 'Please amend each commit to include a properly formatted DCO marker.'
+			echo
+			echo 'Visit the following URL for information about the Docker DCO:'
+			echo ' https://github.com/docker/docker/blob/master/CONTRIBUTING.md#sign-your-work'
+			echo
+		} >&2
+		false
+	fi
+fi
diff --git a/hack/validate/default b/hack/validate/default
new file mode 100755
index 0000000000..3ae5f5c03b
--- /dev/null
+++ b/hack/validate/default
@@ -0,0 +1,14 @@
+#!/bin/bash
+#
+# Run default validation, exclude vendor because it's slow
+
+export SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+
+. $SCRIPTDIR/dco
+. $SCRIPTDIR/default-seccomp
+. $SCRIPTDIR/gofmt
+. $SCRIPTDIR/lint
+. $SCRIPTDIR/pkg-imports
+. $SCRIPTDIR/test-imports
+. $SCRIPTDIR/toml
+. $SCRIPTDIR/vet
diff --git a/hack/make/validate-default-seccomp b/hack/validate/default-seccomp
old mode 100644
new mode 100755
similarity index 78%
rename from hack/make/validate-default-seccomp
rename to hack/validate/default-seccomp
index 4facec743d..8fe8435618
--- a/hack/make/validate-default-seccomp
+++ b/hack/validate/default-seccomp
@@ -1,13 +1,14 @@
 #!/bin/bash
 
-source "${MAKEDIR}/.validate"
+export SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+source "${SCRIPTDIR}/.validate"
 
 IFS=$'\n'
 files=( $(validate_diff --diff-filter=ACMR --name-only -- 'profiles/seccomp' || true) )
 unset IFS
 
 if [ ${#files[@]} -gt 0 ]; then
-	# We run vendor.sh to and see if we have a diff afterwards
+	# We run 'go generate' and see if we have a diff afterwards
 	go generate ./profiles/seccomp/ >/dev/null
 	# Let see if the working directory is clean
 	diffs="$(git status --porcelain -- profiles/seccomp 2>/dev/null)"
diff --git a/hack/validate/gofmt b/hack/validate/gofmt
new file mode 100755
index 0000000000..f3c6a848de
--- /dev/null
+++ b/hack/validate/gofmt
@@ -0,0 +1,31 @@
+#!/bin/bash
+
+export SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+source "${SCRIPTDIR}/.validate"
+
+IFS=$'\n'
+files=( $(validate_diff --diff-filter=ACMR --name-only -- '*.go' | grep -v '^vendor/' || true) )
+unset IFS
+
+badFiles=()
+for f in "${files[@]}"; do
+	# we use "git show" here to validate that what's committed is formatted
+	if [ "$(git show "$VALIDATE_HEAD:$f" | gofmt -s -l)" ]; then
+		badFiles+=( "$f" )
+	fi
+done
+
+if [ ${#badFiles[@]} -eq 0 ]; then
+	echo 'Congratulations!  All Go source files are properly formatted.'
+else
+	{
+		echo "These files are not properly gofmt'd:"
+		for f in "${badFiles[@]}"; do
+			echo " - $f"
+		done
+		echo
+		echo 'Please reformat the above files using "gofmt -s -w" and commit the result.'
+		echo
+	} >&2
+	false
+fi
diff --git a/hack/make/validate-lint b/hack/validate/lint
old mode 100644
new mode 100755
similarity index 85%
rename from hack/make/validate-lint
rename to hack/validate/lint
index 09b6599f52..41517e2127
--- a/hack/make/validate-lint
+++ b/hack/validate/lint
@@ -1,6 +1,7 @@
 #!/bin/bash
 
-source "${MAKEDIR}/.validate"
+export SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+source "${SCRIPTDIR}/.validate"
 
 IFS=$'\n'
 files=( $(validate_diff --diff-filter=ACMR --name-only -- '*.go' | grep -v '^vendor/' | grep -v '^api/types/' || true) )
diff --git a/hack/validate/pkg-imports b/hack/validate/pkg-imports
new file mode 100755
index 0000000000..1da3403b86
--- /dev/null
+++ b/hack/validate/pkg-imports
@@ -0,0 +1,33 @@
+#!/bin/bash
+set -e
+
+export SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+source "${SCRIPTDIR}/.validate"
+
+IFS=$'\n'
+files=( $(validate_diff --diff-filter=ACMR --name-only -- 'pkg/*.go' || true) )
+unset IFS
+
+badFiles=()
+for f in "${files[@]}"; do
+	IFS=$'\n'
+	badImports=( $(go list -e -f '{{ join .Deps "\n" }}' "$f" | sort -u | grep -vE '^github.com/docker/docker/pkg/' | grep -E '^github.com/docker/docker' || true) )
+	unset IFS
+
+	for import in "${badImports[@]}"; do
+		badFiles+=( "$f imports $import" )
+	done
+done
+
+if [ ${#badFiles[@]} -eq 0 ]; then
+	echo 'Congratulations!  "./pkg/..." is safely isolated from internal code.'
+else
+	{
+		echo 'These files import internal code: (either directly or indirectly)'
+		for f in "${badFiles[@]}"; do
+			echo " - $f"
+		done
+		echo
+	} >&2
+	false
+fi
diff --git a/hack/make/validate-test b/hack/validate/test-imports
old mode 100644
new mode 100755
similarity index 85%
rename from hack/make/validate-test
rename to hack/validate/test-imports
index 84c5e26ba9..373caa2f29
--- a/hack/make/validate-test
+++ b/hack/validate/test-imports
@@ -1,8 +1,8 @@
 #!/bin/bash
-
 # Make sure we're not using gos' Testing package any more in integration-cli
 
-source "${MAKEDIR}/.validate"
+export SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+source "${SCRIPTDIR}/.validate"
 
 IFS=$'\n'
 files=( $(validate_diff --diff-filter=ACMR --name-only -- 'integration-cli/*.go' || true) )
@@ -25,7 +25,7 @@ for f in "${files[@]}"; do
 done
 
 if [ ${#badFiles[@]} -eq 0 ]; then
-	echo 'Congratulations! No testing.T found.'
+	echo 'Congratulations!  No testing.T found.'
 else
 	{
 		echo "These files use the wrong testing infrastructure:"
diff --git a/hack/make/validate-toml b/hack/validate/toml
old mode 100644
new mode 100755
similarity index 86%
rename from hack/make/validate-toml
rename to hack/validate/toml
index f6393c854d..a0cb158dbd
--- a/hack/make/validate-toml
+++ b/hack/validate/toml
@@ -1,6 +1,7 @@
 #!/bin/bash
 
-source "${MAKEDIR}/.validate"
+export SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+source "${SCRIPTDIR}/.validate"
 
 IFS=$'\n'
 files=( $(validate_diff --diff-filter=ACMR --name-only -- 'MAINTAINERS' || true) )
diff --git a/hack/make/validate-vendor b/hack/validate/vendor
old mode 100644
new mode 100755
similarity index 82%
rename from hack/make/validate-vendor
rename to hack/validate/vendor
index 7c2cf33c66..076a8e07a1
--- a/hack/make/validate-vendor
+++ b/hack/validate/vendor
@@ -1,6 +1,7 @@
 #!/bin/bash
 
-source "${MAKEDIR}/.validate"
+export SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+source "${SCRIPTDIR}/.validate"
 
 IFS=$'\n'
 files=( $(validate_diff --diff-filter=ACMR --name-only -- 'hack/vendor.sh' 'hack/.vendor-helpers.sh' 'vendor/' || true) ) 
@@ -24,4 +25,6 @@ if [ ${#files[@]} -gt 0 ]; then
 	else
 		echo 'Congratulations! All vendoring changes are done the right way.'
 	fi
+else
+    echo 'No vendor changes in diff.'
 fi
diff --git a/hack/make/validate-vet b/hack/validate/vet
old mode 100644
new mode 100755
similarity index 84%
rename from hack/make/validate-vet
rename to hack/validate/vet
index d543509a53..7ab25fee86
--- a/hack/make/validate-vet
+++ b/hack/validate/vet
@@ -1,6 +1,7 @@
 #!/bin/bash
 
-source "${MAKEDIR}/.validate"
+export SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+source "${SCRIPTDIR}/.validate"
 
 IFS=$'\n'
 files=( $(validate_diff --diff-filter=ACMR --name-only -- '*.go' | grep -v '^vendor/' || true) )