These will create the apt & yum repos for the deb/rpms generated by build-deb
and build-rpm.
Adds sign-repo script which signs the repo metadata with a gpg key.
Signed-off-by: Jessica Frazelle <princess@docker.com>
These have both been updated to no longer include the empty "scratch" layer, and `hello-world` has a fix for http->https.
Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
We already vendor distribution under ./vendor, but
because the GOPATH is /go:/go/src/github.com/.../vendor
Go will always compile the source code at /go not in ./vendor.
Apart from the fact that it is very inconvenient during
development, it was also a time-bomb: someone vendors a fix
from upstream distribution, but forgets to update
REGISTRY_COMMIT in the Dockerfile, and the binary doesn't get
the fix.
Signed-off-by: Tibor Vass <tibor@docker.com>
When ever something vendor/ changes the go dependencies have to downloaded again,
which requires internet access and there for is potential slow. COPY and go install is much faster, while the git urls does not change not this often.
Signed-off-by: Jörg Thalheim <joerg@higgsboson.tk>
Installs and configures bash completion for Docker.
Note that bash completion still has to be initialized by a custom
.bashrc file.
Signed-off-by: Harald Albers <github@albersweb.de>
This addresses a subtle deadlock where an error during a copy prevented pipe
closure to propagate correctly. By closing down the read end of the pipe rather
than the write end, the waiting writer is properly signaled. A nice side-effect
of this change is that errors encountered by io.Copy are now propagated to the
verifier's Write method.
A test to ensure validation errors for unsupported digest types has been added,
as well.
Signed-off-by: Stephen J Day <stephen.day@docker.com>
Add ability to refer to an image by repository name and digest using the
format repository@digest. Works for pull, push, run, build, and rmi.
Signed-off-by: Andy Goldstein <agoldste@redhat.com>
Update pull code to consider any layer download or new tag as an update.
Update hello-world frozen image to be explicitly tagged as frozen, to not interfere with pull tests. The hello-world is used by pull tests because of its small size and there is no other official image with such a size.
fixes#11383
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
FROM scratch
ADD echo /
RUN [ "echo" ]
will die with
exec: "/bin/sh": stat /bin/sh: no such file or directory
Signed-off-by: Doug Davis <dug@us.ibm.com>
This makes it much simpler to add new "frozen" images -- simply add them to the `Dockerfile` and in `hack/make/.ensure-frozen-images` and you're off to the races.
Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
This downloads a specific image ID of `busybox:latest` from the Hub directly (within the `Dockerfile`, ready for `docker load`) instead of grabbing the source from GitHub and doing a `docker build` at daemon start time. This ensures the test suite runs more consistently.
Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
If `.bashrc` exists at the root of the source tree, it will be used as the `~/.bashrc` inside the container.
Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
Since `cirros.tar.gz` only existed to test `docker import`'s display and
presence in `docker events`, we can instead just use `docker export`
piped directly to `docker import` to achieve the same goal without
another external dependency besides `busybox` (which we already have).
While I was at it, I updated `TestImportDisplay` to also test that the
imported image actually runs successfully as well (so we're testing the
full import round-trip).
Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
Use `env -i` to very explicitly control exactly which environment variables leak into our tests. This enforces a clean separation of "build environment knobs" versus "test suite knobs".
This also includes a minor tweak to how we handle starting our integration daemon, especially to catch failure to start sooner than failing tests.
Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
Update fixes some rendering issues, including improperly escaping '$' in
blocks, and actual parsing of blockcode.
`ID=$(sudo docker run -d fedora /usr/bin/top -b)` was being converted to
`ID=do docker run -d fedora/usr/bin/top -b)`
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Since it can still be tested natively without this, this won't cause any harm while we fix the tests to actually work on Windows.
Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
Update our "registry" install to use the included Godeps libraries so that it
doesn't require anything from our current source (hence moving it up for
better caching too)
Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
v2 ping now checks for a Docker-Distribution-API-Version
header that identifies the endpoint as "registry/2.0"
Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
Since "go test" doesn't seem to support "-installsuffix" as quite the same perfect solution that "go build" is happy to let it be, let's just switch those crappy old "integration/" tests to use our separate static dockerinit binary so we don't have to worry about compiling the entire test harness statically. 👍
Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
This refactors version number usage for several of our "download/install this exact version" bits so we have an easier time replacing the version numbers in Jenkins.
Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
- move docker/docker-py clone to the Dockerfile
- put "integration test daemon startup" code in a separate file for both scripts to source
- add new test-docker-py Makefile target
- include "python-websocket" package in Dockerfile for running the tests
Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
This clones and run the integration tests for docker-py master as part
of the integration tests created on master. docker-py hits the api
directly and should be a good way to identify regressions in the api.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Since the build uses ubuntu 14.04, which has an old btrfs, include the
buildtags needed for this old version to not break the build.
Signed-off-by: Vincent Batts <vbatts@redhat.com>
So far, it looks like the declarations are not used, and so its safer not to
confuse people into thinking they do something.
Docker-DCO-1.1-Signed-off-by: Sven Dowideit <SvenDowideit@docker.com> (github: SvenDowideit)
Because of the base image change, $HOME is not always / and we need to
write to the proper $HOME within the container to complete the release
process.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
This changes the test TestBuildWithInaccessibleFilesInContext to not
add the user 'unprivilegeduser' and add it via the Dockerfile instead.
Docker-DCO-1.1-Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> (github: unclejack)
This patch just revs the Ubuntu release used for builds from 13.10
to 14.04.
Docker-DCO-1.1-Signed-off-by: Aleksa Sarai <cyphar@cyphar.com> (github: cyphar)
This also removes all the old man pages, .gitignores their directory, and updates the md2man-all.sh script to be easier to read and more friendly to being called within hack/make/ubuntu.
Docker-DCO-1.1-Signed-off-by: Andrew Page <admwiggin@gmail.com> (github: tianon)
docker will run the process(es) within the container with an SELinux label and will label
all of the content within the container with mount label. Any temporary file systems
created within the container need to be mounted with the same mount label.
The user can override the process label by specifying
-Z With a string of space separated options.
-Z "user=unconfined_u role=unconfined_r type=unconfined_t level=s0"
Would cause the process label to run with unconfined_u:unconfined_r:unconfined_t:s0"
By default the processes will run execute within the container as svirt_lxc_net_t.
All of the content in the container as svirt_sandbox_file_t.
The process mcs level is based of the PID of the docker process that is creating the container.
If you run the container in --priv mode, the labeling will be disabled.
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
These were found using `git grep -nE '[^-a-zA-Z0-9<>]-[a-zA-Z0-9]{2}'` (fair warning: _many_ false positives there).
Docker-DCO-1.1-Signed-off-by: Andrew Page <admwiggin@gmail.com> (github: tianon)
Everyone probably wants to run `docker pull ubuntu` before building with this change.
Docker-DCO-1.1-Signed-off-by: Andrew Page <admwiggin@gmail.com> (github: tianon)
This fixes compilation issues when btrfs.h isn't available (because we just need the relevant structs, which for userspace programs are supposed to come from btrfs-progs instead of the kernel headers).
Docker-DCO-1.1-Signed-off-by: Andrew Page <admwiggin@gmail.com> (github: tianon)
In addition, we've now hard-coded LXC version 0.8 compiled from source so that we can have the most stable dev environment possible.
Docker-DCO-1.1-Signed-off-by: Andrew Page <admwiggin@gmail.com> (github: tianon)