Commit graph

3834 commits

Author SHA1 Message Date
Tianon Gravi
f537ef5746
Merge pull request #44963 from vvoland/c8d-push-upstream
c8d: Implement push
2023-03-30 14:43:41 -07:00
Paweł Gronowski
e7393d0fc5
images/push: Accept reference
Push the reference parsing from repo and tag names into the api and pass
a reference object to the ImageService.

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-03-30 18:08:40 +02:00
Laura Brehm
4c459ddabd
c8d: add support for docker diff
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2023-03-30 10:29:07 +01:00
Sebastiaan van Stijn
cb76638699
registry/search: pass User-Agent through headers
Commit 3991faf464 moved search into the registry
package, which also made the `dockerversion` package a dependency for registry,
which brings additional (indirect) dependencies, such as `pkg/parsers/kernel`,
and `golang.org/x/sys/windows/registry`.

Client code, such as used in docker/cli may depend on the `registry` package,
but should not depend on those additional dependencies.

This patch moves setting the userAgent to the API router, and instead of
passing it as a separate argument, includes it into the "headers".

As these headers now not only contain the `X-Meta-...` headers, the variables
were renamed accordingly.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-03-21 14:41:29 +01:00
Sebastiaan van Stijn
58504620c5
api/types/container: IpcMode: use common function for container-mode
Use the utility introduced in 1bd486666b to
share the same implementation as similar options. The IPCModeContainer const
is left for now, but we need to consider what to do with these.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-03-15 18:49:15 +01:00
Sebastiaan van Stijn
6f0e28d024
api/types/container: PidMode: fix validation for empty container name/ID
Commit e7d75c8db7 fixed validation of "host"
mode values, but also introduced a regression for validating "container:"
mode PID-modes.

PID-mode implemented a stricter validation than the other options and, unlike
the other options, did not accept an empty container name/ID. This feature was
originally implemented in fb43ef649b, added some
some integration tests (but no coverage for this case), and the related changes
in the API types did not have unit-tests.

While a later change (d4aec5f0a6) added a test
for the `--pid=container:` (empty name) case, that test was later migrated to
the CLI repository, as it covered parsing the flag (and validating the result).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-03-15 18:49:15 +01:00
Sebastiaan van Stijn
53c813961e
api/types/container: fix .Container() returning a name, when it shouldn't
commit 1bd486666b refactored this code, but
it looks like I removed some changes in this part of the code when extracting
these changes from a branch I was working on, and the behavior did not match
the function's description (name to be empty if there is no "container:" prefix
Unfortunately, there was no test coverage for this in this repository, so we
didn't catch this.

This patch:

- fixes containerID() to not return a name/ID if no container: prefix is present
- adds test-coverage for TestCgroupSpec
- adds test-coverage for NetworkMode.ConnectedContainer
- updates some test-tables to remove duplicates, defaults, and use similar cases

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-03-15 18:49:15 +01:00
Sebastiaan van Stijn
c76331e13f
api/types/container: put "valid" field as first check in tests
Make if more explicit which test-cases should be valid, and make it the
first field, because the "valid" field is shared among all test-cases in
the test-table, and making it the first field makes it slightly easier
to distinguish valid from invalid cases.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-03-15 18:49:14 +01:00
Bjorn Neergaard
1c84f63a40
Merge pull request #45086 from corhere/search-in-registry-service
Move filtered registry search out of the image service
2023-03-15 07:52:42 -06:00
Sebastiaan van Stijn
058a31e479
volumes: fix error-handling when removing volumes with swarm enabled
Commit 3246db3755 added handling for removing
cluster volumes, but in some conditions, this resulted in errors not being
returned if the volume was in use;

    docker swarm init
    docker volume create foo
    docker create -v foo:/foo busybox top
    docker volume rm foo

This patch changes the logic for ignoring "local" volume errors if swarm
is enabled (and cluster volumes supported).

While working on this fix, I also discovered that Cluster.RemoveVolume()
did not handle the "force" option correctly; while swarm correctly handled
these, the cluster backend performs a lookup of the volume first (to obtain
its ID), which would fail if the volume didn't exist.

Before this patch:

    make TEST_FILTER=TestVolumesRemoveSwarmEnabled DOCKER_GRAPHDRIVER=vfs test-integration
    ...
    Running /go/src/github.com/docker/docker/integration/volume (arm64.integration.volume) flags=-test.v -test.timeout=10m  -test.run TestVolumesRemoveSwarmEnabled
    ...
    === RUN   TestVolumesRemoveSwarmEnabled
    === PAUSE TestVolumesRemoveSwarmEnabled
    === CONT  TestVolumesRemoveSwarmEnabled
    === RUN   TestVolumesRemoveSwarmEnabled/volume_in_use
        volume_test.go:122: assertion failed: error is nil, not errdefs.IsConflict
        volume_test.go:123: assertion failed: expected an error, got nil
    === RUN   TestVolumesRemoveSwarmEnabled/volume_not_in_use
    === RUN   TestVolumesRemoveSwarmEnabled/non-existing_volume
    === RUN   TestVolumesRemoveSwarmEnabled/non-existing_volume_force
        volume_test.go:143: assertion failed: error is not nil: Error response from daemon: volume no_such_volume not found
    --- FAIL: TestVolumesRemoveSwarmEnabled (1.57s)
        --- FAIL: TestVolumesRemoveSwarmEnabled/volume_in_use (0.00s)
        --- PASS: TestVolumesRemoveSwarmEnabled/volume_not_in_use (0.01s)
        --- PASS: TestVolumesRemoveSwarmEnabled/non-existing_volume (0.00s)
        --- FAIL: TestVolumesRemoveSwarmEnabled/non-existing_volume_force (0.00s)
    FAIL

With this patch:

    make TEST_FILTER=TestVolumesRemoveSwarmEnabled DOCKER_GRAPHDRIVER=vfs test-integration
    ...
    Running /go/src/github.com/docker/docker/integration/volume (arm64.integration.volume) flags=-test.v -test.timeout=10m  -test.run TestVolumesRemoveSwarmEnabled
    ...
    make TEST_FILTER=TestVolumesRemoveSwarmEnabled DOCKER_GRAPHDRIVER=vfs test-integration
    ...
    Running /go/src/github.com/docker/docker/integration/volume (arm64.integration.volume) flags=-test.v -test.timeout=10m  -test.run TestVolumesRemoveSwarmEnabled
    ...
    === RUN   TestVolumesRemoveSwarmEnabled
    === PAUSE TestVolumesRemoveSwarmEnabled
    === CONT  TestVolumesRemoveSwarmEnabled
    === RUN   TestVolumesRemoveSwarmEnabled/volume_in_use
    === RUN   TestVolumesRemoveSwarmEnabled/volume_not_in_use
    === RUN   TestVolumesRemoveSwarmEnabled/non-existing_volume
    === RUN   TestVolumesRemoveSwarmEnabled/non-existing_volume_force
    --- PASS: TestVolumesRemoveSwarmEnabled (1.53s)
        --- PASS: TestVolumesRemoveSwarmEnabled/volume_in_use (0.00s)
        --- PASS: TestVolumesRemoveSwarmEnabled/volume_not_in_use (0.01s)
        --- PASS: TestVolumesRemoveSwarmEnabled/non-existing_volume (0.00s)
        --- PASS: TestVolumesRemoveSwarmEnabled/non-existing_volume_force (0.00s)
    PASS

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-03-13 19:17:35 +01:00
Cory Snider
3991faf464 Move filtered registry search out of image service
SearchRegistryForImages does not make sense as part of the image
service interface. The implementation just wraps the search API of the
registry service to filter the results client-side. It has nothing to do
with local image storage, and the implementation of search does not need
to change when changing which backend (graph driver vs. containerd
snapshotter) is used for local image storage.

Filtering of the search results is an implementation detail: the
consumer of the results does not care which actor does the filtering so
long as the results are filtered as requested. Move filtering into the
exported API of the registry service to hide the implementation details.
Only one thing---the registry service implementation---would need to
change in order to support server-side filtering of search results if
Docker Hub or other registry servers were to add support for it to their
APIs.

Use a fake registry server in the search unit tests to avoid having to
mock out the registry API client.

Signed-off-by: Cory Snider <csnider@mirantis.com>
2023-03-10 18:36:33 -05:00
Nicolas De Loof
06619763a2
remove GetLayerByID from ImageService interface
Co-authored-by: Nicolas De Loof <nicolas.deloof@gmail.com>
Co-authored-by: Paweł Gronowski <pawel.gronowski@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-03-10 17:54:55 +01:00
Laura Brehm
45ee4d7c78
c8d: Compute container's layer size
Co-authored-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2023-03-08 00:58:02 +01:00
Sebastiaan van Stijn
11261594d8
Merge pull request #45032 from corhere/shim-opts
daemon: allow shimv2 runtimes to be configured
2023-03-02 21:45:05 +01:00
Cory Snider
fb5df9722b
Merge pull request #45088 from corhere/make-apiserver-less-weird
api/server: delete Wait method
2023-03-01 10:14:09 -05:00
Cory Snider
7568bbc491
Merge pull request #45083 from corhere/unused-api-config-struct
api/server: drop unused Config struct
2023-03-01 09:38:18 -05:00
Cory Snider
be39be87f6 api/server: delete Wait method
It's surprising that the method to begin serving requests is named Wait.
And it is unidiomatic: it is a synchronous call, but it sends its return
value to the channel passed in as an argument instead of just returning
the value. And ultimately it is just a trivial wrapper around serveAPI.
Export the ServeAPI method instead so callers can decide how to call and
synchronize around it.

Call ServeAPI synchronously on the main goroutine in cmd/dockerd. The
goroutine and channel which the Wait() API demanded are superfluous
after all. The notifyReady() call was always concurrent and asynchronous
with respect to serving the API (its implementation spawns a goroutine)
so it makes no difference whether it is called before ServeAPI() or
after `go ServeAPI()`.

Signed-off-by: Cory Snider <csnider@mirantis.com>
2023-03-01 09:03:34 -05:00
Cory Snider
0a6a726d26 api/server: drop unused Config struct
The Server.cfg field is never referenced by any code in package
"./api/server". "./api/server".Config struct values are used by
DaemonCli code, but only to pass around configuration copied out of the
daemon config within the "./cmd/dockerd" package. Delete the
"./api/server".Config struct definition and refactor the "./cmd/dockerd"
package to pull configuration directly from cli.Config.

Signed-off-by: Cory Snider <csnider@mirantis.com>
2023-02-28 13:49:53 -05:00
Paweł Gronowski
248745004a
api: Remove <none> in Repo(Tags|Digests) for >= 1.43
Deprecate `<none>:<none>` and `<none>@<none>` magic strings included in
`RepoTags` and `RepoDigests`.
Produce an empty arrays instead and leave the presentation of
untagged/dangling images up to the client.

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-02-27 19:44:43 +01:00
Brian Goff
0021339b92
Merge pull request #45025 from corhere/oci-annotation-passthru 2023-02-24 16:27:11 +00:00
Cory Snider
0ffaa6c785 daemon: add annotations to container HostConfig
Allow clients to set annotations on a container which will applied to
the container's OCI spec.

Signed-off-by: Cory Snider <csnider@mirantis.com>
2023-02-23 18:59:00 -05:00
Bjorn Neergaard
a9f17a28db
Merge pull request #44840 from vvoland/c8d-list-dangling-upstream
c8d/list: Fix Repo(Digests|Tags) for untagged images
2023-02-23 14:25:03 -07:00
Brian Goff
73db49f8ef
Merge pull request #44003 from vvoland/invalidfilter 2023-02-22 16:24:47 +00:00
Paweł Gronowski
2f9e3cca3d
api: Move Repo(Digests|Tags) <none> fallback from daemon
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-02-22 17:08:45 +01:00
xin.li
a770153af0 chore: use http constants to replace numbers
Signed-off-by: xin.li <xin.li@daocloud.io>
2023-02-21 23:02:56 +08:00
Cory Snider
b0eed5ade6 daemon: allow shimv2 runtimes to be configured
Kubernetes only permits RuntimeClass values which are valid lowercase
RFC 1123 labels, which disallows the period character. This prevents
cri-dockerd from being able to support configuring alternative shimv2
runtimes for a pod as shimv2 runtime names must contain at least one
period character. Add support for configuring named shimv2 runtimes in
daemon.json so that runtime names can be aliased to
Kubernetes-compatible names.

Allow options to be set on shimv2 runtimes in daemon.json.

The names of the new daemon runtime config fields have been selected to
correspond with the equivalent field names in cri-containerd's
configuration so that users can more easily follow documentation from
the runtime vendor written for cri-containerd and apply it to
daemon.json.

Signed-off-by: Cory Snider <csnider@mirantis.com>
2023-02-17 18:08:06 -05:00
Cory Snider
a4e3c67e44 api/s/r/swarm: log backend errors at Debug level
The errors are already returned to the client in the API response, so
logging them to the daemon log is redundant. Log the errors at level
Debug so as not to pollute the end-users' daemon logs with noise.

Refactor the logs to use structured fields. Add the request context to
the log entry so that logrus hooks could annotate the log entries with
contextual information about the API request in the hypothetical future.

Fixes #44997

Signed-off-by: Cory Snider <csnider@mirantis.com>
2023-02-15 13:49:43 -05:00
Paweł Gronowski
62be425bcc
api: Extract parsing reference from repo and tag
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-02-07 15:43:58 +01:00
Paweł Gronowski
b3a8b6b198
api/tag: Reject digested target references
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-02-07 15:43:55 +01:00
Paweł Gronowski
1ca85e835c
daemon/imageService: Remove TagImageWithReference
TagImage is just a wrapper for TagImageWithReference which parses the
repo and tag into a reference. Change TagImageWithReference into
TagImage and move the responsibility of reference parsing to caller.

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-02-07 15:43:52 +01:00
Nicolas De Loof
7b6f71dced
daemon: Pass ctx to image tagging operations
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-02-07 15:43:48 +01:00
Paweł Gronowski
0d68591c8e
api/types/filters: Add GetBoolOrDefault
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-01-26 16:28:49 +01:00
Paweł Gronowski
a254dad2e5
api/import: Guard from Digested instead of Canonical reference
Import shouldn't accept any digested reference, instead of only strictly
canonical ones.

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-01-11 13:53:42 +01:00
Paweł Gronowski
28327f10a2
daemon/import: Extract common logic to api
Extract logic that would need to be duplicated in both implementations
of ImageService.

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-01-11 13:53:40 +01:00
Sebastiaan van Stijn
fb80e8a1c4
Merge pull request #44061 from fussybeaver/44059-swagger-create-image-info
api: swagger: add errorDetail to CreateImageInfo
2023-01-10 16:06:43 +01:00
Sebastiaan van Stijn
9275a771bf
Merge pull request #44599 from davidhsingyuchen/doc-auth
docs: add 401 to possible status codes of /auth
2023-01-10 15:39:04 +01:00
Sebastiaan van Stijn
937491288e
Merge pull request #43818 from thaJeztah/image_inspect
add support for image inspect with containerd-integration
2023-01-06 17:40:15 +01:00
Nicolas De Loof
1616a09b61 add support for image inspect with containerd-integration
This is a squashed version of various PRs (or related code-changes)
to implement image inspect with the containerd-integration;

- add support for image inspect
- introduce GetImageOpts to manage image inspect data in backend
- GetImage to return image tags with details
- list images matching digest to discover all tags
- Add ExposedPorts and Volumes to the image returned
- Refactor resolving/getting images
- Return the image ID on inspect
- consider digest and ignore tag when both are set
- docker run --platform

Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-01-05 16:20:41 +01:00
Cory Snider
8e69882c03
Merge pull request #44379 from thaJeztah/container_strings_cut
api/types/container: refactor to use strings.Cut, DRY, move tests and fix validation
2022-12-30 15:07:56 -05:00
Yamazaki Masashi
5fed968b1d
api: can marshal and unmarshal when args.fields is empty
Signed-off-by: Yamazaki Masashi <masi19bw@gmail.com>
Signed-off-by: Bjorn Neergaard <bneergaard@mirantis.com>
2022-12-29 12:49:01 -07:00
Sebastiaan van Stijn
e7d75c8db7
api/types/container: fix validation for UTSMode, UsernsMode, PidMode
The IPCMode type was added in 497fc8876e, and from
that patch, the intent was to allow `host` (without `:`), `""` (empty, default)
or `container:<container ID>`, but the `Valid()` function seems to be too relaxed
and accepting both `:`, as well as `host:<anything>`. No unit-tests were added
in that patch, and integration-tests only tested for valid values.

Later on, `PidMode`, and `UTSMode` were added in 23feaaa240
and f2e5207fc9, both of which were implemented as
a straight copy of the `IPCMode` implementation, copying the same bug.

Finally, commit d4aec5f0a6 implemented unit-tests
for these types, but testing for the wrong behavior of the implementation.

This patch updates the validation to correctly invalidate `host[:<anything>]`
and empty (`:`) types.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-29 18:49:27 +01:00
Sebastiaan van Stijn
1bd486666b
api/types/container: use strings.Cut() and DRY
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-27 22:31:37 +01:00
Sebastiaan van Stijn
ab5e69c442
api/types/container: rewrite tests to use subtests and asserts
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-27 22:31:37 +01:00
Sebastiaan van Stijn
e155cb4fee
hostconfig: move unit tests to api/types/container
These types were moved to api/types/container in 7ac4232e70,
but the unit-tests for them were not moved. This patch moves the unit-tests back together
with the types.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-27 22:31:37 +01:00
Sebastiaan van Stijn
380a2dfc3a
api/types: use strings.Cut()
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-21 11:09:00 +01:00
Sebastiaan van Stijn
7841ce781c
api/types/time: use strings.Cut()
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-21 11:09:00 +01:00
Sebastiaan van Stijn
ba9bcf92f6
api/types/filters: use strings.Cut()
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-21 11:08:59 +01:00
Nicolas De Loof
8fb71ce208
manage image inspect data in backend
This allows differentiating how the detailed data is collected between
the containerd-integration code and the existing implementation.

Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-09 19:02:12 +01:00
Sebastiaan van Stijn
a8eb15eafb
ImageService.ImageHistory(): pass context
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-09 19:00:49 +01:00
Hsing-Yu (David) Chen
18f85467e7 docs: add 401 to possible status codes of /auth
Signed-off-by: Hsing-Yu (David) Chen <davidhsingyuchen@gmail.com>
2022-12-06 17:56:26 -08:00
Sebastiaan van Stijn
4769809555
api/server/backend/build: sanitizeRepoAndTags() check for digest
The reference.ParseNormalizedNamed() utility already returns a Named
reference, but we're interested in wether the digest has a digest, so
check for that.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-24 10:08:08 +01:00
Nicolas De Loof
def549c8f6
imageservice: Add context to various methods
Co-authored-by: Paweł Gronowski <pawel.gronowski@docker.com>
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2022-11-03 12:22:40 +01:00
Sebastiaan van Stijn
5a01c1dad1
Merge pull request #44383 from thaJeztah/improve_example
api/types/filters: add output to example
2022-11-02 17:29:37 +01:00
Nicolas De Loof
8d0dc69027
implement docker system df
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
2022-11-02 09:35:18 +01:00
Sebastiaan van Stijn
3d73d32499
api/types/filters: add output to example
Make the example actually do something, and include the output, so that it
shows up in the documentation.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-01 18:16:22 +01:00
Brian Goff
7b1245dc7f
Merge pull request #44224 from dperny/cluster-volumes-update
Fix force-remove for cluster volumes
2022-10-25 11:13:43 -07:00
Drew Erny
3246db3755 fix force remove for cluster volumes
Signed-off-by: Drew Erny <derny@mirantis.com>
2022-10-12 11:31:00 -05:00
Brian Goff
618f26ccbc Volume prune: only prune anonymous volumes by default
This adds a new filter argument to the volume prune endpoint "all".
When this is not set, or it is a false-y value, then only anonymous
volumes are considered for pruning.

When `all` is set to a truth-y value, you get the old behavior.

This is an API change, but I think one that is what most people would
want.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-10-04 20:55:13 +00:00
Sebastiaan van Stijn
f71fe8476a
api/server: fix empty-lines (revive)
api/server/router/build/build_routes.go:239:32: empty-lines: extra empty line at the start of a block (revive)
    api/server/middleware/version.go:45:241: empty-lines: extra empty line at the end of a block (revive)
    api/server/router/swarm/helpers_test.go:11:44: empty-lines: extra empty line at the end of a block (revive)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-28 01:58:51 +02:00
Sebastiaan van Stijn
31441778fa
api/types: fix empty-lines (revive)
Also renamed variables that collided with import

     api/types/strslice/strslice_test.go:36:41: empty-lines: extra empty line at the end of a block (revive)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-28 01:58:49 +02:00
Sebastiaan van Stijn
db1663a1e5
Merge pull request #44205 from thaJeztah/remove_deprecated_stubs
Remove stubs for deprecated functions and consts
2022-09-28 01:51:04 +02:00
Sebastiaan van Stijn
4a8b3b8bc5
api/types: remove aliases for deprecated Volume and VolumeUsageData
These were moved, and deprecated in f19ef20a44 and
4caf68f4f6, which are part of the 22.x release, so
we can safely remove these from master.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-27 21:44:15 +02:00
Sebastiaan van Stijn
91f14e751f
Merge pull request #44111 from thaJeztah/remove_tagger
api/server/backend/build: remove Tagger and NewTagger
2022-09-27 21:04:16 +02:00
CrazyMax
7f3602f1c9
swagger: update links to logo
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-09-27 11:56:14 +02:00
Sebastiaan van Stijn
55fd77f724
set ReadHeaderTimeout to address G112: Potential Slowloris Attack (gosec)
After discussing in the maintainers meeting, we concluded that Slowloris attacks
are not a real risk other than potentially having some additional goroutines
lingering around, so setting a long timeout to satisfy the linter, and to at
least have "some" timeout.

    libnetwork/diagnostic/server.go:96:10: G112: Potential Slowloris Attack because ReadHeaderTimeout is not configured in the http.Server (gosec)
        srv := &http.Server{
            Addr:    net.JoinHostPort(ip, strconv.Itoa(port)),
            Handler: s,
        }
    api/server/server.go:60:10: G112: Potential Slowloris Attack because ReadHeaderTimeout is not configured in the http.Server (gosec)
                srv: &http.Server{
                    Addr: addr,
                },
    daemon/metrics_unix.go:34:13: G114: Use of net/http serve function that has no support for setting timeouts (gosec)
            if err := http.Serve(l, mux); err != nil && !strings.Contains(err.Error(), "use of closed network connection") {
                      ^
    cmd/dockerd/metrics.go:27:13: G114: Use of net/http serve function that has no support for setting timeouts (gosec)
            if err := http.Serve(l, mux); err != nil && !strings.Contains(err.Error(), "use of closed network connection") {
                      ^

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-22 12:13:28 +02:00
Sebastiaan van Stijn
ff81dc3544
api/server/backend/build: remove Tagger and NewTagger
The Tagger was introduced in 0296797f0f, as part
of a refactor, but was never used outside of the package itself. The commit
also didn't explain why this was changed into a Type with a constructor, as all
the constructor appears to be used for is to sanitize and validate the tags.

This patch removes the `Tagger` struct and its constructor, and instead just
uses a function to do the same.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-07 20:36:00 +02:00
Sebastiaan van Stijn
779a5b3029 ImageService.GetImage(): pass context
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>
2022-09-07 16:53:45 +02:00
Niel Drummond
1557892c37 api: swagger: add errorDetail to CreateImageInfo
Signed-off-by: Niel Drummond <niel@drummond.lu>
2022-08-30 18:36:01 +01:00
Cory Snider
57d2d6ef62 Update container OOMKilled flag immediately
The OOMKilled flag on a container's state has historically behaved
rather unintuitively: it is updated on container exit to reflect whether
or not any process within the container has been OOM-killed during the
preceding run of the container. The OOMKilled flag would be set to true
when the container exits if any process within the container---including
execs---was OOM-killed at any time while the container was running,
whether or not the OOM-kill was the cause of the container exiting. The
flag is "sticky," persisting through the next start of the container;
only being cleared once the container exits without any processes having
been OOM-killed that run.

Alter the behavior of the OOMKilled flag such that it signals whether
any process in the container had been OOM-killed since the most recent
start of the container. Set the flag immediately upon any process being
OOM-killed, and clear it when the container transitions to the "running"
state.

There is an ulterior motive for this change. It reduces the amount of
state the libcontainerd client needs to keep track of and clean up on
container exit. It's one less place the client could leak memory if a
container was to be deleted without going through libcontainerd.

Signed-off-by: Cory Snider <csnider@mirantis.com>
2022-08-24 14:59:07 -04:00
Sebastiaan van Stijn
ce550fa9c2
Merge pull request #43968 from thaJeztah/implement_GetImageOpts
introduce GetImageOpts to manage image inspect data in backend
2022-08-24 19:07:30 +02:00
Sebastiaan van Stijn
a4ac991d02
Merge pull request #43657 from thaJeztah/default_builder_version
api: set default "Builder-Version" to "2" (BuildKit) on Linux
2022-08-18 20:14:47 +02:00
Nicolas De Loof
9a849cc83a
introduce GetImageOpts to manage image inspect data in backend
Currently only provides the existing "platform" option, but more
options will be added in follow-ups.

Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-08-16 16:49:46 +02:00
Samuel Karp
af1edfd368
Merge pull request #43899 from thaJeztah/fix_build_api_errors 2022-08-13 16:21:38 -07:00
Tianon Gravi
4a14453d2d
Merge pull request #43883 from thaJeztah/image_router_warnings
api/server/router/image: address some linter warnings
2022-08-12 17:24:43 -07:00
Sebastiaan van Stijn
9861dd069b
vendor: github.com/moby/swarmkit/v2 v2.0.0-20220721174824-48dd89375d0a
full diff: 6068d1894d...48dd89375d

Finishes off the work to change references to cluster volumes in the API
from using "csi" as the magic word to "cluster". This reflects that the
volumes are "cluster volumes", not "csi volumes".

Notably, there is no change to the plugin definitions being "csinode"
and "csicontroller". This terminology is appropriate with regards to
plugins because it accurates reflects what the plugin is.

Signed-off-by: Drew Erny <derny@mirantis.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-08-09 14:03:50 +02:00
Sebastiaan van Stijn
acd0aa7d38
api/server/router/image: address some linter warnings
My IDE was complaining about some things;

- fix inconsistent receiver name (i vs s)
- fix some variables that collided with imports

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-08-08 13:07:50 +02:00
Sebastiaan van Stijn
2279803c8c
Merge pull request #43822 from thaJeztah/image_load_save
containerd integration: Implement load/save
2022-08-04 13:45:27 +02:00
Nicolas De Loof
50fb999bb1
add image load/save support
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
2022-08-04 09:41:19 +02:00
Sebastiaan van Stijn
e0db8207f3
api: add BuildCache.Parents for API >= v1.42
This field was added to replace the deprecated "Parent" field.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-08-04 09:30:06 +02:00
Sebastiaan van Stijn
ebf339628a
api: deprecate BuildCache.Parent in API >= v1.42
This field has been deprecated in BuildKit, so this follows the deprecation
in the Engine API.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-08-04 09:27:34 +02:00
Sebastiaan van Stijn
e0286d7f4e
api/types: add missing GoDoc for BuildCache fields.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-08-04 09:27:32 +02:00
Sebastiaan van Stijn
dc2b34af6a
api: swagger: document BuildCache fields.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-08-04 09:27:30 +02:00
Brian Goff
7e8df0e2c9
Merge pull request #43820 from thaJeztah/image_delete
containerd integration: Implement ImageDelete for containerd
2022-08-03 15:47:07 -07:00
Tianon Gravi
e60bddcc60
Merge pull request #43885 from thaJeztah/auth_header_refactor
Move AuthConfig to types/registry, and implement utilities for encoding/decoding
2022-08-03 11:31:26 -07:00
Sebastiaan van Stijn
0f5ac7761d
api: api/server/router/build: fix API errors
Some error conditions returned a non-typed error, which would be returned
as a 500 status by the API. This patch;

- Updates such errors to return an errdefs.InvalidParameter type
- Introduces a locally defined `invalidParam{}` type for convenience.
- Updates some error-strings to match Go conventions

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-08-02 17:17:49 +02:00
Milas Bowman
eb0edeafdd api: swagger: add missing "force" query arg on plugin disable
This has been around for a long time - since v17.04 (API v1.28)
but was never documented.

It allows removing a plugin even if it's still in use.

Signed-off-by: Milas Bowman <milas.bowman@docker.com>
2022-08-01 16:06:08 -04:00
Sebastiaan van Stijn
3dae8e9fc2
api: swagger: add missing "platform" query-arg on create
Commit 7a9cb29fb9 added a new "platform" query-
parameter to the `POST /containers/create` endpoint, but did not update the
swagger file and documentation.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-07-29 23:19:51 +02:00
Sebastiaan van Stijn
7ca66e3cfc
api: add registry.EncodeAuthConfig
Based on EncodeAuthToBase64 in docker/cli;
1f4111d2bf/cli/command/registry.go (L30-L37)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-07-29 23:11:19 +02:00
Sebastiaan van Stijn
7819811835
api: add registry.DecodeAuthConfig, registry.DecodeAuthConfigBody
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-07-29 23:11:13 +02:00
Sebastiaan van Stijn
55d1a56826
plugin: use types/registry.AuthConfig
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-07-29 23:05:19 +02:00
Sebastiaan van Stijn
d8a43399a8
api/server/router: use types/registry.AuthConfig
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-07-29 23:05:14 +02:00
Sebastiaan van Stijn
818ee96219
api/types: move AuthConfig to registry types
Making the api types more focused per API type, and the general
api/types package somewhat smaller.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-07-29 23:05:12 +02:00
Sebastiaan van Stijn
857cb260c7
api: add const for 'X-Registry-Auth'
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-07-29 23:04:34 +02:00
Djordje Lukic
26c65447df
Implement ImageDelete for containerd
Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-07-28 22:56:34 +02:00
Akihiro Suda
11b03710ed
Merge pull request #43798 from thaJeztah/remove_deprecated
Remove various deprecated types and fields
2022-07-14 22:32:42 +09:00
Sebastiaan van Stijn
494dadb8a3
api/types: remove deprecated fields for cluster-advertise
This removes:

- Info.ClusterStore
- Info.ClusterAdvertise

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-07-12 15:10:05 +02:00
Sebastiaan van Stijn
f02cdb50be
api/types/volume: remove deprecated types
This removes;

- VolumeCreateBody (alias for CreateOptions)
- VolumeListOKBody (alias for ListResponse)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-07-12 15:01:30 +02:00
Sebastiaan van Stijn
efb1f141a4
api/types/container: remove deprecated types
This removes;

- ContainerCreateCreatedBody (alias for CreateResponse)
- ContainerWaitOKBody (alias for WaitResponse)
- ContainerWaitOKBodyError (alias for WaitExitError)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-07-12 15:00:16 +02:00
Sebastiaan van Stijn
1de20b2012
API: bump version to 1.43
The 22.06 branch was created, so changes in master/main should now be
targeting the next version of the API (1.43).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-07-12 10:40:30 +02:00
Samuel Karp
9cd67df5b2
timestamp: clarify doc for ParseTimestamp
Signed-off-by: Samuel Karp <me@samuelkarp.com>
2022-07-08 22:02:35 -07:00
Sebastiaan van Stijn
52c1a2fae8
gofmt GoDoc comments with go1.19
Older versions of Go don't format comments, so committing this as
a separate commit, so that we can already make these changes before
we upgrade to Go 1.19.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-07-08 19:56:23 +02:00
Sebastiaan van Stijn
6668801d40
gofmt files
result of:

    gofmt -s -w $(find . -type f -name '*.go' | grep -v "/vendor/")

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-07-08 18:37:30 +02:00
Sebastiaan van Stijn
717a503590
api: add Hosts to API Config
This makes the API configuration more self-contained.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-06-29 19:55:03 +02:00
Sebastiaan van Stijn
0bce64f08d
api: POST /containers/{id}/wait: fix validation for "condition" parameter
commit 737e8c6ab8 added validation for the wait
condition parameter, however, the default ("not-running") option was not part
of the list of valid options, resulting in a regression if the default value
was explicitly passed;

    docker scan --accept-license --version
    Error response from daemon: invalid condition: "not-running"

This patch adds the missing option, and adds a test to verify.

With this patch;

    make BIND_DIR=. DOCKER_GRAPHDRIVER=vfs TEST_FILTER=TestWaitConditions test-integration
    ...
    --- PASS: TestWaitConditions (0.04s)
    --- PASS: TestWaitConditions/removed (1.79s)
    --- PASS: TestWaitConditions/default (1.91s)
    --- PASS: TestWaitConditions/next-exit (1.97s)
    --- PASS: TestWaitConditions/not-running (1.99s)
    PASS

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-06-27 14:45:32 +02:00
Paweł Gronowski
56a20dbc19 container/exec: Support ConsoleSize
Now client have the possibility to set the console size of the executed
process immediately at the creation. This makes a difference for example
when executing commands that output some kind of text user interface
which is bounded by the console dimensions.

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2022-06-24 11:54:25 +02:00
Djordje Lukic
b4ffe3a9fb Move the inspect code away from the image service
The LoopkupImage method is only used by the inspect image route and
returns an api/type struct. The depenency to api/types of the
daemon/images package is wrong, the daemon doesn't need to know about
the api types.

Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>
2022-06-22 15:08:55 +02:00
Niel Drummond
152467d185 api: swagger: adjust ContainerWaitResponse error as optional
Signed-off-by: Niel Drummond <niel@drummond.lu>
2022-05-30 16:42:12 +01:00
Sebastiaan van Stijn
7b153b9e28
api: set default "Builder-Version" to "2" (BuildKit) on Linux
Starting with the 22.06 release, buildx is the default client for
docker build, which uses BuildKit as builder.

This patch changes the default builder version as advertised by
the daemon to "2" (BuildKit), so that pre-22.06 CLIs with BuildKit
support (but no buildx installed) also default to using BuildKit
when interacting with a 22.06 (or up) daemon.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-05-29 16:41:07 +02:00
Tobias Gesellchen
345346d7c6 Annotate some swagger documented types as int64
Using the swagger.yaml to generate api models will create incompatible field types. Some inconsistencies had already been mentioned at #39131. I've added more fixes from real life experience, some only occurring on Windows.

Closes #39131

Signed-off-by: Tobias Gesellchen <tobias@gesellix.de>
2022-05-23 21:10:07 +02:00
Nicolas De Loof
304fbf0804
introduce CreateMountpoint for parity between binds and mounts
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
2022-05-19 16:43:06 +02:00
Paweł Gronowski
85a7f5a09a daemon/linux: Set console size on creation
On Linux the daemon was not respecting the HostConfig.ConsoleSize
property and relied on cli initializing the tty size after the container
was created. This caused a delay between container creation and
the tty actually being resized.

This is also a small change to the api description, because
HostConfig.ConsoleSize is no longer Windows-only.

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2022-05-19 07:57:27 +02:00
Tianon Gravi
ca98aff5ee
Merge pull request #43578 from thaJeztah/swarm_version_stringer
api/types/swarm: Version: implement stringer interface
2022-05-18 09:35:04 -07:00
Sebastiaan van Stijn
4cac624fef
Merge pull request #43322 from ndeloof/websocket_streams
wsContainersAttach attach to stdin/out/err streams as requested
2022-05-18 10:50:39 +02:00
Nicolas De Loof
ea6760138c
wsContainersAttach attach to stdin/out/err streams as requested
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
2022-05-17 13:23:07 +02:00
Djordje Lukic
cc3848f2b7
Rename Reservation to Reservations in the open API
The correct name for this property is, and always was "Reservations"

Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>
2022-05-17 10:14:07 +02:00
Sebastiaan van Stijn
d9524d92a9
api/types/swarm: Version: implement stringer interface
makes the code a bit more DRY.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-05-13 02:40:14 +02:00
Drew Erny
240a9fcb83
Add Swarm cluster volume supports
Adds code to support Cluster Volumes in Swarm using CSI drivers.

Signed-off-by: Drew Erny <derny@mirantis.com>
2022-05-13 00:55:44 +02:00
Nicolas De Loof
af5d83a641
Make it explicit raw|multiplexed stream implementation being used
fix #35761

Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
2022-05-12 11:36:31 +02:00
Sebastiaan van Stijn
f0d1911ddf
api/server: fix stray import in container_routes.go
This import was left behind due to some PR's being merged, both
affecting the imports that were used.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-05-06 19:09:13 +02:00
Sebastiaan van Stijn
7b08faa089
Merge pull request #43552 from thaJeztah/remove_redundant_validation
api:  postContainersStop, postContainersRestart  remove redundant validation
2022-05-06 17:47:33 +02:00
Sebastiaan van Stijn
d733481399
daemon: daemon.ContainerKill() accept stop-signal as string
This allows the postContainersKill() handler to pass values as-is. As part of
the rewrite, I also moved the daemon.GetContainer(name) call later in the
function, so that we can fail early if an invalid signal is passed, before
doing the (heavier) fetching of the container.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-05-05 11:27:47 +02:00
Sebastiaan van Stijn
789223f2dc
api: postContainersStop, postContainersRestart remove redundant validation
Both of these pass the signal to daemon.containerStop(), which already validates
the signal; 2ed904cad7/daemon/stop.go (L48-L52)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-05-02 14:12:14 +02:00
Sebastiaan van Stijn
41b96bff55
update uses of container.ContainerCreateCreatedBody to CreateResponse
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-28 22:39:20 +02:00
Sebastiaan van Stijn
3bb2d0026b
api: rename container.ContainerCreateCreatedBody to container.CreateResponse
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-28 22:39:18 +02:00
Sebastiaan van Stijn
ff197417fa
api: swagger: move ContainerCreateResponse to definitions
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-28 22:39:16 +02:00
Sebastiaan van Stijn
64e96932bd
api: rename volume.VolumeCreateBody to volume.CreateOptions
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-28 22:39:14 +02:00
Sebastiaan van Stijn
18281c92fa
api: rename volume.VolumeListOKBody to volume.ListResponse
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-28 22:39:12 +02:00
Sebastiaan van Stijn
4caf68f4f6
api/types: rename volume.VolumeUsageData to volume.UsageData
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-28 22:39:10 +02:00
Sebastiaan van Stijn
3cae9fef16
imports: remove "volumetypes" aliases for api/types/volume
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-28 22:39:04 +02:00
Sebastiaan van Stijn
7293857456
api: rename ContainerWaitOKBody to container.WaitResponse
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-28 22:38:20 +02:00
Sebastiaan van Stijn
787257f767
Merge pull request #43332 from thaJeztah/api_swagger_move_definitions
api: swagger: use explicit definitions for some response types, and move examples per-field
2022-04-26 23:46:49 +02:00
Sebastiaan van Stijn
cd054983ff
api/server: remove "Logging" from config
The Logging boolean was unconditionally set to true and ignored in all locations,
except for enabling the debugging middleware, which was also gated by the active
logrus logging level.

While it could make sense to have a Loglevel option configured on the API server,
we don't have this currently, and to make that actually useful, that config would
need to be tollerated by all locations that produce logs (which isn't the case
either).

Looking at the history of this option; a boolean to disable logging was originally
added in commit c423a790d6, which hard-coded it to
"disabled" in a test, and "enabled" for the API server outside of tests (before
that commit, logging was always enabled).

02ddaad5d9 and 5c42b2b512
changed the hard-coded values to be configurable through a `Logging` env-var (env-
vars were used _internally_ at the time to pass on options), which later became
a configuration struct in a0bf80fe03.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-23 23:38:30 +02:00
Sebastiaan van Stijn
176f66df9c
api/types: replace uses of deprecated types.Volume with volume.Volume
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-21 19:50:59 +02:00
Sebastiaan van Stijn
cd635e465d
api: swagger: move VolumeListResponse to definitions
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-21 19:49:53 +02:00
Sebastiaan van Stijn
f19ef20a44
api: move types.Volume to volume.Volume
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-21 19:49:50 +02:00
Sebastiaan van Stijn
1a0c15abbb
Merge pull request #43206 from thaJeztah/having_such_a_good_time_im_having_a_ball
API: add "signal" parameter to container stop and restart endpoints
2022-04-21 16:08:43 +02:00
Sebastiaan van Stijn
603c64fff0
Merge pull request #43461 from thaJeztah/api_document_ContainerConfig
api: improve documentation of ContainerConfig type
2022-04-20 21:50:19 +02:00
Sebastiaan van Stijn
90647e22b2
api/types/time: remove DurationToSecondsString() utility as it's no longer used
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-20 21:29:36 +02:00
Sebastiaan van Stijn
83a185897d
API: add "signal" parameter to container stop and restart endpoints
Containers can have a default stop-signal (`--stop-signal` / `STOPSIGNAL`) and
timeout (`--stop-timeout`). It is currently not possible to update either of
these after the container is created (`docker update` does not allow updating
them), and while either of these can be overridden through some commands, we
currently do not have a command that can override *both*:

command         | stop-signal | stop-timeout | notes
----------------|-------------|--------------|----------------------------
docker kill     | yes         | DNA          | only sends a single signal
docker restart  | no          | yes          |
docker stop     | no          | yes          |

As a result, if a user wants to stop a container with a custom signal and
timeout, the only option is to do this manually:

    docker kill -s <custom signal> mycontainer
    # wait <desired timeout>
    # press ^C to cancel the graceful stop
    # forcibly kill the container
    docker kill mycontainer

This patch adds a new `signal` query parameter to the container "stop" and
"restart" endpoints. This parameter can be added as a new flag on the CLI,
which would allow stopping and restarting with a custom timeout and signal,
for example:

    docker stop --signal=SIGWINCH --time=120 mycontainer

    docker restart --signal=SIGWINCH --time=120 mycontainer

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-20 21:29:31 +02:00
Sebastiaan van Stijn
90de570cfa
backend: add StopOptions to ContainerRestart and ContainerStop
While we're modifying the interface, also add a context to both.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-20 21:29:30 +02:00
Brian Goff
9b4c516864
Merge pull request #43471 from thaJeztah/grpc_nit
api/server/router/grpc: fix some nits in NewRouter()
2022-04-20 09:59:58 -07:00
Sebastiaan van Stijn
f8a1d6b50a
api: swagger: document ImageSummary fields
Also fixes a typo in ImageInspect :)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-20 12:09:08 +02:00
Sebastiaan van Stijn
cb62919d28
api: improve documentation of ContainerConfig type
ContainerConfig is used in multiple locations (for example, both for
Image.Config and Image.ContainerConfig). Unfortunately, swagger does
not allow documenting individual uses if a type is used; for this type,
the content is _optional_ when used as Image.ContainerConfig (which is
set by the classic builder, which does a "commit" of a container, but
not used when building an image with BuildKit).

This patch attempts to address this confusion by documenting that
"it may be empty (or fields not propagated) if it's used for the
Image.ContainerConfig field".

Perhaps alternatives are possible (aliasing the type?) but we can
look at those in a follow-up.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-19 16:19:57 +02:00
Sebastiaan van Stijn
ff5f70e55f
api/server/httputils: move WriteJSON() together with ReadJSON()
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-11 21:37:57 +02:00
Sebastiaan van Stijn
0c9ff0b45a
api/server/httputils: add ReadJSON() utility
Implement a ReadJSON() utility to help reduce some code-duplication,
and to make sure we handle JSON requests consistently (e.g. always
check for the content-type).

Differences compared to current handling:

- prevent possible panic if request.Body is nil ("should never happen")
- always require Content-Type to be "application/json"
- be stricter about additional content after JSON (previously ignored)
- but, allow the body to be empty (an empty body is not invalid);
  update TestContainerInvalidJSON accordingly, which was testing the
  wrong expectation.
- close body after reading (some code did this)

We should consider to add a "max body size" on this function, similar to
7b9275c0da/api/server/middleware/debug.go (L27-L40)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-11 21:37:51 +02:00
Sebastiaan van Stijn
ef490cae45
api/server/httputils: matchesContentType(): return error instead of logging
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-11 21:37:00 +02:00
Sebastiaan van Stijn
758714ed6d
api/server/router/grpc: fix some nits in NewRouter()
These were changes I drafted when reviewing 7c731e02a9,
and had these stashed in my local git;

- rename receiver to prevent "unconsistent receiver name" warnings
- make NewRouter() slightly more idiomatic, and wrap the options,
  to make them easier to read.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-07 16:06:15 +02:00
Sebastiaan van Stijn
1e645fb70f
client: Ping(): add handling for swarm status headers
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-25 23:57:58 +01:00
Sebastiaan van Stijn
adf4bf772d
API: add "Swarm" header to _ping endpoint
This adds an additional "Swarm" header to the _ping endpoint response,
which allows a client to detect if Swarm is enabled on the daemon, without
having to call additional endpoints.

This change is not versioned in the API, and will be returned irregardless
of the API version that is used. Clients should fall back to using other
endpoints to get this information if the header is not present.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-25 23:54:14 +01:00
Sebastiaan van Stijn
4a26fdda76
Merge pull request #43334 from thaJeztah/api_swagger_inline_examples
api: swagger: use explicit definitions, use inline examples, and fix indentation.
2022-03-25 09:51:13 +01:00
Sebastiaan van Stijn
e82b7b2fa0
errdefs: move GetHTTPErrorStatusCode to api/server/httpstatus
This reverts the changes made in 2a9c987e5a, which
moved the GetHTTPErrorStatusCode() utility to the errdefs package.

While it seemed to make sense at the time to have the errdefs package provide
conversion both from HTTP status codes errdefs and the reverse, a side-effect
of the move was that the errdefs package now had a dependency on various external
modules, to handle conversio of errors coming from those sub-systems, such as;

- github.com/containerd/containerd
- github.com/docker/distribution
- google.golang.org/grpc

This patch moves the conversion from (errdef-) errors to HTTP status-codes to a
 api/server/httpstatus package, which is only used by the API server, and should
not be needed by client-code using the errdefs package.

The MakeErrorHandler() utility was moved to the API server itself, as that's the
only place it's used. While the same applies to the GetHTTPErrorStatusCode func,
I opted for keeping that in its own package for a slightly cleaner interface.

Why not move it into the api/server/httputils package?

The api/server/httputils package is also imported in the client package, which
uses the httputils.ParseForm() and httputils.HijackConnection() functions as
part of the TestTLSCloseWriter() test. While this is only used in tests, I
wanted to avoid introducing the indirect depdencencies outside of the api/server
code.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-21 12:22:39 +01:00
Sebastiaan van Stijn
64e50ce86a
search: remove parsing JSON filters out of the backend
All other endpoints handle this in the API; given that the JSON format for
filters is part of the API, it makes sense to handle it there, and not have
that concept leak into further down the code.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-18 09:44:55 +01:00
Sebastiaan van Stijn
2d45b5ddbc
api: filters: return correct status on invalid filters
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-18 09:44:50 +01:00
Sebastiaan van Stijn
a5be5801e9
search: un-export registry.DefaultSearchLimit, and fix API status codes
Move the default to the service itself, and produce the correct status code
if an invalid limit was specified. The default is currently set both on the
cli and on the daemon side, and it should be only set on one of them.

There is a slight change in behavior; previously, searching with `--limit=0`
would produce an error, but with this change, it's considered the equivalent
of "no limit set" (and using the default).

We could keep the old behavior by passing a pointer (`nil` means "not set"),
but I left that for a follow-up exercise (we may want to pass an actual
config instead of separate arguments, as well as some other things that need
cleaning up).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-18 09:41:56 +01:00
Sebastiaan van Stijn
427b0cd636
api/types: fix KernelMemory deprecation comment, and omitempty
This fixes the "deprecated" comment to have the correct format to be picked
up by editors, and adds `omitempty` labels for KernelMemory and KernelMemoryTCP.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-17 09:56:48 +01:00
Sebastiaan van Stijn
5d10c6ec67
Update handling of deprecated kernel (tcp) memory options
- Omit `KernelMemory` and `KernelMemoryTCP` fields in `/info` response if they're
  not supported, or when using API v1.42 or up.
- Re-enable detection of `KernelMemory` (as it's still needed for older API versions)
- Remove warning about kernel memory TCP in daemon logs (a warning is still returned
  by the `/info` endpoint, but we can consider removing that).
- Prevent incorrect "Minimum kernel memory limit allowed" error if the value was
  reset because it's not supported by the host.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-17 09:56:39 +01:00
aiordache
af6307fbda
Remove KernelMemory option from /containers/create and /update endpoints
- remove KernelMemory option from `v1.42` api docs
 - remove KernelMemory warning on `/info`
 - update changes for `v1.42`
 - remove `KernelMemory` field from endpoints docs

Signed-off-by: aiordache <anca.iordache@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-17 09:55:36 +01:00
Sebastiaan van Stijn
efde293231
Merge pull request #43372 from fussybeaver/43292-swagger-add-ipamconfig
api: swagger: add IPAMConfig on IPAM
2022-03-16 12:26:05 +01:00
Niel Drummond
98f027813f api: swagger: add IPAMConfig on IPAM
Signed-off-by: Niel Drummond <niel@drummond.lu>
2022-03-16 06:45:43 +00:00
Sebastiaan van Stijn
5e330ad4da
Merge pull request #43344 from ndeloof/issue_43341
cleanup swagger multi-examples
2022-03-15 15:52:01 +01:00
Nicolas De Loof
3671cb90a3
cleanup swagger API with multiple examples
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
2022-03-15 14:07:41 +01:00
Sebastiaan van Stijn
14cb9d22df
api/types: add godoc on MountPoint
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-08 23:52:41 +01:00
Sebastiaan van Stijn
69ba3713d5
api: swagger: document MountPoint fields
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-08 23:51:37 +01:00
Tianon Gravi
1d7e4111d6
Merge pull request #43301 from thaJeztah/remove_deprecated_RootFS_BaseLayer
api: remove deprecated RootFS.BaseLayer from type and docs
2022-03-08 12:25:32 -08:00
Michael Weidmann
ed843fe42f
Correct type of Mounts in ContainerSummary
Changed the type of ContainerSummary.Mounts from Mount to MountPoint in the Swagger Spec.
Signed-off-by: Michael Weidmann <michaelweidmann@web.de>
2022-03-06 18:13:32 +01:00
Sebastiaan van Stijn
a4567903a8
api: swagger: fix indentation of HostConfig.SecurityOpt
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-05 22:22:00 +01:00
Sebastiaan van Stijn
e4c6ca36ae
api: swagger: move ContainerWaitResponse to definitions
This should help with CI being unstable when generating the types (due
to Go randomizing order). Unfortunately, the (file) names are a bit ugly,
but addressing that in a follow-up.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-05 22:21:56 +01:00
Sebastiaan van Stijn
0119f7973b
api: swagger: move VolumeCreateOptions to definitions
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-05 22:20:25 +01:00
Sebastiaan van Stijn
e444ac3470
api: swagger: move Volume examples inline
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-05 21:39:00 +01:00
Sebastiaan van Stijn
fd1f34cacd
api: docs: remove deprecated RootFS.BaseLayer (current API version)
This field was used when Windows did not yet support regular images, and required
the base-image to pre-exist on the Windows machine (as those layers were not yet
allowed to be distributed).

Commit f342b27145 (docker 1.13.0, API v1.25) removed
usage of the field. The field was not documented in the API, but because it was not
removed from the Golang structs in the API, ended up in the API documentation when
we switched to using Swagger instead of plain MarkDown for the API docs.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-05 17:59:42 +01:00
Sebastiaan van Stijn
25c896fcc2
api: remove unused RootFS.BaseLayer
This field was used when Windows did not yet support regular images, and required
the base-image to pre-exist on the Windows machine (as those layers were not yet
allowed to be distributed).

Commit f342b27145 (docker 1.13.0, API v1.25) removed
usage of the field.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-05 17:59:39 +01:00
Sebastiaan van Stijn
3c6c9fa180
Merge pull request #43300 from thaJeztah/api_update_imageinspect_docs
API: improve swagger and go-doc for ImageInspect structs
2022-03-05 17:54:37 +01:00
Sebastiaan van Stijn
34c2c14775
api: improve godoc for ImageInspect struct
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-03 22:55:34 +01:00
Sebastiaan van Stijn
697f42582a
api: docs: fix warning about comment indentation (current API version)
5428:7    warning  comment not indented like content  (comments-indentation)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-03 22:50:17 +01:00
Sebastiaan van Stijn
3193d7e101
api: docs: update docs for /images/{name}/json (current API version)
- rename definition in swagger from `Image` to `ImageInspect` to match the go type
- improve (or add) documentation for various fields
- move example values in-line in the "definitions" section
- remove the `required` fields from `ImageInspect`, as the type is only used as
  response type (not to make requests).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-03 22:50:10 +01:00
Cory Snider
90c54320c8 daemon/logger: fix data race in LogFile
The log message's timestamp was being read after it was returned to the
pool. By coincidence the timestamp field happened to not be zeroed on
reset so much of the time things would work as expected. But if the
message value was to be taken back out of the pool before WriteLogEntry
returned, the timestamp recorded in the gzip header of compressed
rotated log files would be incorrect.

Make future use-after-put bugs fail fast by zeroing all fields of the
Message value, including the timestamp, when it is put into the pool.

Signed-off-by: Cory Snider <csnider@mirantis.com>
2022-03-03 14:56:25 -05:00
Sebastiaan van Stijn
36ec581e5c
Merge pull request #43277 from thaJeztah/fix_kernelmem_docs_and_error
api: add missing docs for KernelMemoryTCP, and fix error message
2022-03-03 19:33:49 +01:00
Sebastiaan van Stijn
203d97df59
api/swagger.yml: add KernelMemoryTCP to /info endpoint
While this feature is deprecated / unsupported on cgroups v2, it's
part of the API, so let's at least document it.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-22 10:25:43 +01:00
Sebastiaan van Stijn
737e8c6ab8
api: POST /containers/{id}/wait: validate "condition" parameter
The endpoint was silently ignoring invalid values for the "condition" parameter.
This patch now returns a 400 status if an unknown, non-empty "condition" is passed.

With this patch:

    curl --unix-socket /var/run/docker.sock -XPOST 'http://localhost/v1.41/containers/foo/wait?condition=foobar'
    {"message":"invalid condition: \"foobar\""}

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-14 21:47:55 +01:00
Sebastiaan van Stijn
0e5929f99d
api/swagger: add missing 400 response for POST /containers/{id}/wait
The /containers/{id}/wait can return a 400 (invalid argument) error if
httputils.ParseForm() fails.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-14 21:46:44 +01:00
Sebastiaan van Stijn
0ac746fabb
api/swagger: update /containers/{id}/wait "condition" parameter to match code
This patch updates the swagger, and:

- adds an enum definition to document valid values (instead of describing them)
- updates the description to mention both "omitted" and "empty" values (although
  the former is already implicitly covered by the field being "optional" and
  having a default value).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-02-14 21:45:58 +01:00
Sebastiaan van Stijn
01ae9525dd
Add support for platform (os and architecture) on image import
Commit 0380fbff37 added the ability to pass a
--platform flag on `docker import` when importing an archive. The intent
of that commit was to allow importing a Linux rootfs on a Windows daemon
(as part of the experimental LCOW feature).

A later commit (337ba71fc1) changed some
of this code to take both OS and Architecture into account (for `docker build`
and `docker pull`), but did not yet update the `docker image import`.

This patch updates the import endpoitn to allow passing both OS and
Architecture. Note that currently only matching OSes are accepted,
and an error will be produced when (e.g.) specifying `linux` on Windows
and vice-versa.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-01-24 18:24:51 +01:00
Sebastiaan van Stijn
9839ddd800
api: postImagesCreate(): use local variable for platform
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-01-24 17:00:55 +01:00
Sebastiaan van Stijn
81ac487d71
api: postImagesCreate(): rename ambiguous err variable
This error is meant to be used in the output stream, and some comments
were added to prevent accidentally using local variables.

Renaming the variable instead to make it less ambiguous.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-01-24 17:00:53 +01:00
Sebastiaan van Stijn
75a1ad0c9f
api: remove HostConfig.LxcConf field
Commit 3b5fac462d  / docker 1.10 removed support
for the LXC runtime, and removed the corresponding fields from the API (v1.22).

This patch removes the `HostConfig.LxcConf` field from the swagger definition.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-01-20 17:23:51 +01:00
Thomas LEDOS
834272f978
Added error codes for exec resize in API docs
Signed-off-by: Thomas LEDOS <thomas.ledos92@gmail.com>
2022-01-05 10:11:29 +01:00
Thomas LEDOS
1a933e113d
Fixed exec resize success code in API docs
Signed-off-by: Thomas LEDOS <thomas.ledos92@gmail.com>
2022-01-05 10:10:37 +01:00
Sebastiaan van Stijn
25381123d3
Makefile: update bfirsh/redoc to 1.14.0, and fix swagger warnings
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-09-24 17:23:55 +02:00
Sebastiaan van Stijn
1de1d26eda
api/swagger: move DistributionInspect to definitions
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-09-02 21:13:22 +02:00
Sebastiaan van Stijn
9c0ca67e95
api/swagger: rename PluginPrivilegeItem to PluginPrivilege
To match the name in Go

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-09-02 21:06:47 +02:00
Sebastiaan van Stijn
a207eea6a4
api/swagger: fix up event-types and move to definitions
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-09-02 21:06:44 +02:00
Akihiro Suda
0cd1bd42b4
Merge pull request #42770 from thaJeztah/eventtype_enums
api/types/events: add "Type" type for event-type enum
2021-08-28 00:23:56 +09:00
Akihiro Suda
9e7bbdb9ba
Merge pull request #40084 from thaJeztah/hostconfig_const_cleanup
api/types: hostconfig: add some constants/enums and minor code cleanup
2021-08-28 00:21:31 +09:00
Sebastiaan van Stijn
686be57d0a
Update to Go 1.17.0, and gofmt with Go 1.17
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-08-24 23:33:27 +02:00
Sebastiaan van Stijn
247f4796d2
api/types/events: add "Type" type for event-type enum
Currently just an alias for string, but we can change it to be  an
actual type.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-08-23 21:14:55 +02:00
Sebastiaan van Stijn
2740726ce1
Merge pull request #42773 from thaJeztah/simplify_version_compare
api/types/versions: simplify compare if versions are equal
2021-08-23 19:37:29 +02:00
Sebastiaan van Stijn
96e4adfdc2
api/types/versions: simplify compare if versions are equal
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-08-22 11:05:22 +02:00
Tobias Gesellchen
8f75d8d4d5 Fix swagger docs to match the opencontainers image-spec
Signed-off-by: Tobias Gesellchen <tobias@gesellix.de>
2021-08-19 21:10:12 +02:00
Tobias Gesellchen
ef44b22085 Extract PluginPrivilegeItem as explicit type definition
Signed-off-by: Tobias Gesellchen <tobias@gesellix.de>
2021-08-19 21:10:12 +02:00
Tobias Gesellchen
52a9f1689a Use explicit object names for improved swagger based code generation
Signed-off-by: Tobias Gesellchen <tobias@gesellix.de>
2021-08-19 21:10:12 +02:00
Tobias Gesellchen
9275268110 Fix ContainerSummary swagger docs
Signed-off-by: Tobias Gesellchen <tobias@gesellix.de>
2021-08-19 21:10:12 +02:00
Tobias Gesellchen
6b53f2c5a2 Add "changes" query parameter for /image/create to swagger docs
Signed-off-by: Tobias Gesellchen <tobias@gesellix.de>
2021-08-19 21:10:12 +02:00
Tobias Gesellchen
d741c14f1f Add RestartPolicy "no" to swagger docs
Signed-off-by: Tobias Gesellchen <tobias@gesellix.de>
2021-08-19 20:33:04 +02:00
Roman Volosatovs
0fdd23b7fe
API: discard /system/df type parameter pre-1.42
The parameter is introduced in API version 1.42

Signed-off-by: Roman Volosatovs <roman.volosatovs@docker.com>
2021-08-06 19:33:16 +02:00
Sebastiaan van Stijn
6948ab4fa1
api/types: hostconfig: fix LogMode enum
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-08-06 19:05:58 +02:00
Sebastiaan van Stijn
5ae1c1f4cf
api/types: hostconfig: clean up enum for Isolation
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-08-06 19:05:56 +02:00
Sebastiaan van Stijn
09cf117b31
api/types: hostconfig: create enum for CgroupnsMode
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-08-06 19:05:54 +02:00
Sebastiaan van Stijn
98f0f0dd87
api/types: hostconfig: define consts for IpcMode
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-08-06 19:05:51 +02:00
Roman Volosatovs
47ad2f3dd6
API,daemon: support type URL parameter to /system/df
Let clients choose object types to compute disk usage of.

Signed-off-by: Roman Volosatovs <roman.volosatovs@docker.com>
Co-authored-by: Sebastiaan van Stijn <github@gone.nl>
2021-07-27 12:17:45 +02:00
Sebastiaan van Stijn
28409ca6c7
replace pkg/signal with moby/sys/signal v0.5.0
This code was moved to the moby/sys repository

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-07-23 09:32:54 +02:00
Justin Cormack
b337c70bdc
Merge pull request #42639 from thaJeztah/system_info_clean
pkg/sysinfo: assorted cleanup/refactoring for handling warnings and logging
2021-07-19 15:17:07 +01:00
Sebastiaan van Stijn
7d63cbfd38
api/types: add GoDoc to Info.Warnings field
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-07-14 23:10:16 +02:00
Roman Volosatovs
2af9bd3b26
API: add shared-size parameter to image queries
The reasoning for this change is to be able to query image shared size without having to rely on the more heavyweight `/system/df` endpoint.

Signed-off-by: Roman Volosatovs <roman.volosatovs@docker.com>
2021-07-13 13:46:07 +02:00
Roman Volosatovs
bf9c76f0a8
API, daemon/images: add ImageListOptions and pass context
This makes it easier to add more options to the backend without having to change
the signature.

While we're changing the signature, also adding a context.Context, which is not
currently used, but probably should be at some point.

Signed-off-by: Roman Volosatovs <roman.volosatovs@docker.com>
2021-07-13 13:45:24 +02:00
Roman Volosatovs
31348afa19
API: deprecate BuilderSize in API versions >= 1.42
Co-authored-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Roman Volosatovs <roman.volosatovs@docker.com>
2021-07-12 10:03:49 +02:00
Roman Volosatovs
83e3dd68ca
swagger: add BuildCache example to /system/df
Co-authored-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Roman Volosatovs <roman.volosatovs@docker.com>
2021-07-09 09:57:13 +02:00
Roman Volosatovs
f2225933bb
API: ensure empty build cache is represented as empty JSON array
Ensure empty `BuildCache` field is represented as empty JSON array(`[]`)
instead of `null` to be consistent with `Images`, `Containers` etc.

Signed-off-by: Roman Volosatovs <roman.volosatovs@docker.com>
2021-07-08 13:13:46 +02:00
Sebastiaan van Stijn
c858e496f6
Merge pull request #42596 from thaJeztah/sync_swagger_fix
API: fix 404 status description on container create
2021-07-07 11:49:10 +02:00
Sebastiaan van Stijn
68b095d4df
API: fix 404 status description on container create
This updates the current swagger file, and all docs versions
with the same fix as ff1d9a3ec5

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-07-03 21:30:47 +02:00
Sebastiaan van Stijn
477244cca5
API: update API version to v1.42
Docker 20.10 was released with API v1.41, so any change in the API
should now target v1.42.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-07-03 18:12:46 +02:00
Sebastiaan van Stijn
e047d984dc
Remove LCOW code (step 1)
The LCOW implementation in dockerd has been deprecated in favor of re-implementation
in containerd (in progress). Microsoft started removing the LCOW V1 code from the
build dependencies we use in Microsoft/opengcs (soon to be part of Microsoft/hcshhim),
which means that we need to start removing this code.

This first step removes the lcow graphdriver, the LCOW initialization code, and
some LCOW-related utilities.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-06-03 21:16:21 +02:00
Brian Goff
a77317882d
Merge pull request #42262 from cpuguy83/move_libnetwork
Move libnetwork
2021-06-03 12:06:31 -07:00
Tianon Gravi
e58ca15d48
Merge pull request #42098 from thaJeztah/deprecate_quiet
API-client: remove unused ContainerListOptions.Quiet field
2021-06-02 10:41:47 -07:00
Brian Goff
a0a473125b Fix libnetwork imports
After moving libnetwork to this repo, we need to update all the import
paths for libnetwork to point to docker/docker/libnetwork instead of
docker/libnetwork.
This change implements that.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2021-06-01 21:51:23 +00:00
Sebastiaan van Stijn
4d3f64da63
API-client: remove unused ContainerListOptions.Quiet field
This option was originally added in d05aa418b0,
and moved in 8b15839ee8 (after which it temporarily
went to the docker/engine-api repository, and was brought back in this repository
in 91e197d614).

However, it looks like this field was never used; the API always returns the standard
information, and the "--quiet" option for `docker ps` is implemented on the CLI
side, which uses different formatting when setting this option;
2ec468e284/api/client/ps.go (L73-L79)

This patch removes the unused field,

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-05-04 16:01:22 +02:00
Tonis Tiigi
7c731e02a9 grpc: make sure typed errors handler is installed
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2021-04-26 22:38:59 -07:00
Tibor Vass
7a50fe8a52
Remove more of registry v1 code.
Signed-off-by: Tibor Vass <tibor@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-02-23 09:49:46 +01:00
Sebastiaan van Stijn
2bd46ed7e5
api: fix NanoCPUs casing in swagger
While the field in the Go struct is named `NanoCPUs`, it has a JSON label to
use `NanoCpus`, which was added in the original pull request (not clear what
the reason was); 846baf1fd3

Some notes:

- Golang processes field names case-insensitive, so when *using* the API,
  both cases should work, but when inspecting a container, the field is
  returned as `NanoCpus`.
- This only affects Containers.Resources. The `Limits` and `Reservation`
  for SwarmKit services and SwarmKit "nodes" do not override the name
  for JSON, so have the canonical (`NanoCPUs`) casing.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-02-10 12:52:09 +01:00
Frederico F. de Oliveira
2db5676c6e swagger.yaml: Remove extra 'the' wrapped by newline
This PR was originally proposed by @phillc here: https://github.com/docker/engine/pull/456

Signed-off-by: FreddieOliveira <fredf_oliveira@ufu.br>
2021-01-23 02:19:25 -03:00
Sebastiaan van Stijn
f47b27e590
API: fix typos in swagger
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-01-04 13:16:06 +01:00
Sebastiaan van Stijn
6d243cdf27
testutil: remove remaining use of deprecated pkg/mount
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-11-10 14:46:59 +01:00
Tonis Tiigi
8cc0fd811e docs: fix builder-version swagger
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-10-26 20:17:50 -07:00
Brian Goff
88c0271605 Don't set default platform on container create
This fixes a regression based on expectations of the runtime:

```
docker pull arm32v7/alpine
docker run arm32v7/alpine
```

Without this change, the `docker run` will fail due to platform
matching on non-arm32v7 systems, even though the image could run
(assuming the system is setup correctly).

This also emits a warning to make sure that the user is aware that a
platform that does not match the default platform of the system is being
run, for the cases like:

```
docker pull --platform armhf busybox
docker run busybox
```

Not typically an issue if the requests are done together like that, but
if the image was already there and someone did `docker run` without an
explicit `--platform`, they may very well be expecting to run a native
version of the image instead of the armhf one.

This warning does add some extra noise in the case of platform specific
images being run, such as `arm32v7/alpine`, but this can be supressed by
explicitly setting the platform.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2020-10-20 20:17:23 +00:00
Brian Goff
816fbcd306
Merge pull request #41072 from AkihiroSuda/fix-41071
cgroup2: unshare cgroupns by default regardless to API version
2020-10-01 11:56:00 -07:00
Sebastiaan van Stijn
2b7824b3a5
Merge pull request #41471 from thaJeztah/seccomp_rewrite
seccomp: refactor to use runtime-spec types where possible
2020-09-25 10:56:44 +02:00
Nikolay Edigaryev
7afef854ed api: clarify "v" option behavior in the container remove endpoint
Current description of the "v" option doesn't explain what happens to
the volumes that are still in use by other containers. Turns out that
the only volumes that are removed are unnamed ones[1].

Perhaps a good way of clarifying this behavior would be adapting the
description from "docker rm --help".

As for the docs/api/v1.*.yaml changes — they seem to be applicable,
since the origin of this behavior dates way back to the 2016 or v1.11[2].

[1]: a24a71c50f/daemon/mounts.go (L34-L38)
[2]: dd7d1c8a02

Signed-off-by: Nikolay Edigaryev <edigaryev@gmail.com>
2020-09-23 12:34:52 +03:00
Sebastiaan van Stijn
0efee50b95
seccomp: move seccomp types from api into seccomp profile
These types were not used in the API, so could not come up with
a reason why they were in that package.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-18 18:14:16 +02:00
Nikolay Edigaryev
13e0ba700a swagger: fix MemTotal units in SystemInfo endpoint
MemTotal represents bytes, not kilobytes. See Linux[1] and Windows[2]
implementations.

[1]: f50a40e889/pkg/system/meminfo_linux.go (L49)
[2]: f50a40e889/pkg/system/meminfo_windows.go (L40)

Signed-off-by: Nikolay Edigaryev <edigaryev@gmail.com>
2020-09-10 22:15:45 +03:00
Sebastiaan van Stijn
47b7c888ee
Merge pull request #41284 from akerouanton/service-ulimits
Support ulimits on Swarm services.
2020-07-30 20:08:41 +02:00
Albin Kerouanton
c76f380bea
Add ulimits support to services
Add Ulimits field to the ContainerSpec API type and wire it to Swarmkit.

This is related to #40639.

Signed-off-by: Albin Kerouanton <albin@akerouanton.name>
2020-07-29 02:09:06 +02:00
Sebastiaan van Stijn
51c7992928
API: add "prune" events
This patch adds a new "prune" event type to indicate that pruning of a resource
type completed.

This event-type can be used on systems that want to perform actions after
resources have been cleaned up. For example, Docker Desktop performs an fstrim
after resources are deleted (https://github.com/linuxkit/linuxkit/tree/v0.7/pkg/trim-after-delete).

While the current (remove, destroy) events can provide information on _most_
resources, there is currently no event triggered after the BuildKit build-cache
is cleaned.

Prune events have a `reclaimed` attribute, indicating the amount of space that
was reclaimed (in bytes). The attribute can be used, for example, to use as a
threshold for performing fstrim actions. Reclaimed space for `network` events
will always be 0, but the field is added to be consistent with prune events for
other resources.

To test this patch:

Create some resources:

    for i in foo bar baz; do \
        docker network create network_$i \
        && docker volume create volume_$i \
        && docker run -d --name container_$i -v volume_$i:/volume busybox sh -c 'truncate -s 5M somefile; truncate -s 5M /volume/file' \
        && docker tag busybox:latest image_$i; \
    done;

    docker pull alpine
    docker pull nginx:alpine

    echo -e "FROM busybox\nRUN truncate -s 50M bigfile" | DOCKER_BUILDKIT=1 docker build -

Start listening for "prune" events in another shell:

    docker events --filter event=prune

Prune containers, networks, volumes, and build-cache:

    docker system prune -af --volumes

See the events that are returned:

    docker events --filter event=prune
    2020-07-25T12:12:09.268491000Z container prune  (reclaimed=15728640)
    2020-07-25T12:12:09.447890400Z network prune  (reclaimed=0)
    2020-07-25T12:12:09.452323000Z volume prune  (reclaimed=15728640)
    2020-07-25T12:12:09.517236200Z image prune  (reclaimed=21568540)
    2020-07-25T12:12:09.566662600Z builder prune  (reclaimed=52428841)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-07-28 12:41:14 +02:00
Tibor Vass
846b7e24ba
Merge pull request #41254 from AkihiroSuda/deprecate-kernel-memory
Deprecate KernelMemory
2020-07-28 10:43:29 +02:00
Sebastiaan van Stijn
4750c28eea
Merge pull request #41236 from thaJeztah/move_version_to_definitions
Swagger: move system version response to definitions
2020-07-28 09:35:20 +02:00
Sebastiaan van Stijn
b36e87af03
Merge pull request #41249 from cpuguy83/swarm_caps
Replace swarm Capabilites API with cap add/drop API
2020-07-28 01:07:49 +02:00
Sebastiaan van Stijn
d4c4323e54
swagger: move system version response to definitions
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-07-27 21:03:35 +02:00
Brian Goff
24f173a003 Replace service "Capabilities" w/ add/drop API
After dicussing with maintainers, it was decided putting the burden of
providing the full cap list on the client is not a good design.
Instead we decided to follow along with the container API and use cap
add/drop.

This brings in the changes already merged into swarmkit.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2020-07-27 10:09:42 -07:00
Sebastiaan van Stijn
61b770a63d
swagger: fix type for BuildCache CreatedAt and LastUsedAt
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-07-27 12:10:44 +02:00
Akihiro Suda
b8ca7de823
Deprecate KernelMemory
Kernel memory limit is not supported on cgroup v2.
Even on cgroup v1, kernel memory limit (`kmem.limit_in_bytes`) has been deprecated since kernel 5.4.
0158115f70

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-07-24 20:44:29 +09:00
Velko Ivanov
441211986c docs: add example calculations to container stats API
Signed-off-by: Velko Ivanov <vivanov@deeperplane.com>
2020-07-21 18:01:17 +03:00
Sebastiaan van Stijn
c161d6564d
api/types: omit empty DefaultAddressPools
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-07-20 15:11:08 +02:00