Signed-off-by: John Howard <jhoward@microsoft.com>
When building a Dockerfile from a Windows client on a Linux daemon, a
"security warning" is printed
on stderr. Having this warning printed on stderr makes it difficult to
distinguish a failed build from one that's succeeding, and the only way to
suppress the warning is through the -q option, which also suppresses every
output. This change prints the warning on stdout, instead of stderr, to
resolve this situation.
The goal is to remove function from `docker_utils.go` and setup
simple, one-responsability package that can be well tested ; and to
ease writing request.
This moves all the calls to `sockRequest` (and similar methods) to
their counterpart in the `request` package.
This introduce `request.Do` to write easier request (with functional
argument to easily augment the request) with some pre-defined function
for the most used http method (i.e. `request.Get`, `request.Post` and
`request.Delete`).
Few of the `sockRequest` call have been moved to `request.Do` (and
`Get`, etc.) to showcase the usage of the package. There is still a
whole lot to do.
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
If the container is not found when removing, it means it's already not
there anymore, so it's safe to ignore. This should reduce a bit some
`TearDown` flakyness..
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
- `TestRunMountReadOnlyDevShm` and `TestRunHostnameInHostMode` needs
`NotUserNamespace` requirement as these are known limitation of
userns.
- `TestBuildWorkdirCmd` should use a preload image (`busybox`) instead
of one that require network access.
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
This extract what was in registry_test.go and
registry_mock_test.go. This also move `RegistryHosting`
requirement to `registry.Hosting`
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
When using both `--secret-rm` and `--secret-add` on `docker service update`,
`--secret-rm` was always performed last. This made it impossible to update
a secret that was already in use on a service (for example, to change
it's permissions, or mount-location inside the container).
This patch changes the order in which `rm` and `add` are performed,
allowing updating a secret in a single `docker service update`.
Before this change, the `rm` was always performed "last", so the secret
was always removed:
$ echo "foo" | docker secret create foo -f -
foo
$ docker service create --name myservice --secret foo nginx:alpine
62xjcr9sr0c2hvepdzqrn3ssn
$ docker service update --secret-rm foo --secret-add source=foo,target=foo2 myservice
myservice
$ docker service inspect --format '{{ json .Spec.TaskTemplate.ContainerSpec.Secrets }}' myservice | jq .
null
After this change, the `rm` is performed _first_, allowing users to
update a secret without updating the service _twice_;
$ echo "foo" | docker secret create foo -f -
1bllmvw3a1yaq3eixqw3f7bjl
$ docker service create --name myservice --secret foo nginx:alpine
lr6s3uoggli1x0hab78glpcxo
$ docker service update --secret-rm foo --secret-add source=foo,target=foo2 myservice
myservice
$ docker service inspect --format '{{ json .Spec.TaskTemplate.ContainerSpec.Secrets }}' myservice | jq .
[
{
"File": {
"Name": "foo2",
"UID": "0",
"GID": "0",
"Mode": 292
},
"SecretID": "tn9qiblgnuuut11eufquw5dev",
"SecretName": "foo"
}
]
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The `DOCKER_HIDE_LEGACY_COMMANDS` environment
variable was added in a7c8bcac2b
but not documented.
This adds the variable to the documentation.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
