Commit graph

1466 commits

Author SHA1 Message Date
Sebastiaan van Stijn
b85185e659
Merge pull request #46652 from laurazard/fix-test-import-custom-image-custom-plat
c8d integration: skip TestImportWithCustomPlatform
2023-10-17 13:56:57 +02:00
Laura Brehm
6f625ae65a
c8d integration: skip TestImportWithCustomPlatform
We support importing images for other platforms when
using the containerd image store, so we shouldn't validate
the image OS on import.

This commit also splits the test into two, so that we can
keep running the "success" import with a custom platform tests
running w/ c8d while skipping the "error/rejection" test cases.

Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2023-10-16 18:08:36 +01:00
Sebastiaan van Stijn
2df698025c
HealthCheck: add validation for minimum accepted start-interval
This is a follow-up to 2216d3ca8d, which
implemented the StartInterval for health-checks, but did not add validation
for the minimum accepted interval;

> The time to wait between checks in nanoseconds during the start period.
> It should be 0 or at least 1000000 (1 ms). 0 means inherit.

This patch adds validation for the minimum accepted interval (1ms).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-16 10:46:18 +02:00
Paweł Gronowski
42af8795a3
c8d/save: Implement exporting all tags
Implement a behavior from the graphdriver's export where `docker save
something` (untagged reference) would export all images matching the
specified repository.

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-10-13 11:52:07 +02:00
Sebastiaan van Stijn
ebef4efb88
api/types: move ContainerLogsOptions to api/types/container
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-12 11:30:12 +02:00
Sebastiaan van Stijn
9670d9364d
api/types: move ContainerListOptions to api/types/container
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-12 11:29:24 +02:00
Sebastiaan van Stijn
7bce33eb0f
api/types: move ContainerStartOptions to api/types/container
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-12 11:29:24 +02:00
Sebastiaan van Stijn
0f77875220
api/types: move ContainerRemoveOptions to api/types/container
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-12 11:29:23 +02:00
Sebastiaan van Stijn
9498d897ab
api/types: move ContainerCommitOptions to api/types/container
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-12 11:29:23 +02:00
Sebastiaan van Stijn
30f09b4a1a
api/types: move ContainerAttachOptions to api/types/container
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-12 11:29:23 +02:00
Sebastiaan van Stijn
95b92b1f97
api/types: move ResizeOptions to api/types/container
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-12 11:29:23 +02:00
Sebastiaan van Stijn
48cacbca24
api/types: move image-types to api/types/image
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-12 11:29:20 +02:00
Sebastiaan van Stijn
949f8c9f2a
Merge pull request #46602 from vvoland/integration-TestPullNonExistingImage
TestPullNonExistingImage: Simplify and move to integration
2023-10-11 19:18:16 +02:00
Paweł Gronowski
0cd02ab1b4
integration/c8d: Skip TestBuildSquashParent
`docker build --squash` is an experimental feature which is not
implemented for containerd image store.

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-10-11 15:45:43 +02:00
Paweł Gronowski
5f062032f7
TestPullNonExistingImage: Move to integration
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-10-10 13:36:29 +02:00
Bjorn Neergaard
c217e3c87a
vendor: github.com/moby/buildkit v0.12.2
The following changes were required:
* integration/build: progressui's signature changed in 6b8fbed01e
* builder-next: flightcontrol.Group has become a generic type in 8ffc03b8f0
* builder-next/executor: add github.com/moby/buildkit/executor/resources types, necessitated by 6e87e4b455
* builder-next: stub util/network/Namespace.Sample(), necessitated by 963f16179f

Co-authored-by: CrazyMax <crazy-max@users.noreply.github.com>
Co-authored-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Bjorn Neergaard <bjorn.neergaard@docker.com>
2023-09-21 14:18:45 -06:00
Sebastiaan van Stijn
4dbfe7e17e
Merge pull request #46502 from rumpl/c8d-fix-diff
c8d: Fix `docker diff`
2023-09-20 21:16:08 +02:00
Djordje Lukic
207c4d537c c8d: Fix docker diff
Diffing a container yielded some extra changes that come from the
files/directories that we mount inside the container (/etc/resolv.conf
for example). To avoid that we create an intermediate snapshot that has
these files, with this we can now diff the container fs with its parent
and only get the differences that were made inside the container.

Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>
2023-09-20 14:16:22 +02:00
Djordje Lukic
d5425f28ae
Don't run tests twice
It's useless

Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>
2023-09-19 11:37:55 +02:00
Djordje Lukic
28861e0c47
c8d: Skip TestRemoveImageGarbageCollector
This test checks how the layer store works, so we don't need it when we
use containerd as image store

Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>
2023-09-18 14:35:57 +02:00
Albin Kerouanton
5e15ed314b
api: Improve error on ContainerCreate with multiple endpoints
Signed-off-by: Albin Kerouanton <albinker@gmail.com>
2023-09-15 14:30:03 +02:00
Albin Kerouanton
bbcd662532
api: Allow ContainerCreate to take several EndpointsConfig for >= 1.44
The API endpoint `/containers/create` accepts several EndpointsConfig
since v1.22 but the daemon would error out in such case. This check is
moved from the daemon to the api and is now applied only for API < 1.44,
effectively allowing the daemon to create containers connected to
several networks.

Signed-off-by: Albin Kerouanton <albinker@gmail.com>
2023-09-15 10:07:29 +02:00
Sebastiaan van Stijn
39b2bf51ca
Merge pull request #46406 from akerouanton/issue-46404
daemon: fix under what conditions container's mac-address is applied
2023-09-13 23:35:07 +02:00
Albin Kerouanton
78479b1915
libnet: Make sure network names are unique
Fixes #18864, #20648, #33561, #40901.

[This GH comment][1] makes clear network name uniqueness has never been
enforced due to the eventually consistent nature of Classic Swarm
datastores:

> there is no guaranteed way to check for duplicates across a cluster of
> docker hosts.

And this is further confirmed by other comments made by @mrjana in that
same issue, eg. [this one][2]:

> we want to adopt a schema which can pave the way in the future for a
> completely decentralized cluster of docker hosts (if scalability is
> needed).

This decentralized model is what Classic Swarm was trying to be. It's
been superseded since then by Docker Swarm, which has a centralized
control plane.

To circumvent this drawback, the `NetworkCreate` endpoint accepts a
`CheckDuplicate` flag. However it's not perfectly reliable as it won't
catch concurrent requests.

Due to this design decision, API clients like Compose have to implement
workarounds to make sure names are really unique (eg.
docker/compose#9585). And the daemon itself has seen a string of issues
due to that decision, including some that aren't fixed to this day (for
instance moby/moby#40901):

> The problem is, that if you specify a network for a container using
> the ID, it will add that network to the container but it will then
> change it to reference the network by using the name.

To summarize, this "feature" is broken, has no practical use and is a
source of pain for Docker users and API consumers. So let's just remove
it for _all_ API versions.

[1]: https://github.com/moby/moby/issues/18864#issuecomment-167201414
[2]: https://github.com/moby/moby/issues/18864#issuecomment-167202589

Signed-off-by: Albin Kerouanton <albinker@gmail.com>
2023-09-12 10:40:13 +02:00
Sebastiaan van Stijn
5e7eade1f7
integration: don't poll for containers to be running
container.Run() should be a synchronous operation in normal circumstances;
the container is created and started, so polling after that for the
container to be in the "running" state should not be needed.

This should also prevent issues when a container (for whatever reason)
exited immediately after starting; in that case we would continue
polling for it to be running (which likely would never happen).

Let's skip the polling; if the container is not in the expected state
(i.e. exited), tests should fail as well.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-09-08 23:05:43 +02:00
Albin Kerouanton
6cc6682f5f
daemon: fix under what conditions container's mac-address is applied
The daemon would pass an EndpointCreateOption to set the interface MAC
address if the network name and the provided network mode were matching.
Obviously, if the network mode is a network ID, it won't work. To make
things worse, the network mode is never normalized if it's a partial ID.

To fix that: 1. the condition under what the container's mac-address is
applied is updated to also match the full ID; 2. the network mode is
normalized to a full ID when it's only a partial one.

Signed-off-by: Albin Kerouanton <albinker@gmail.com>
2023-09-08 18:15:00 +02:00
Sebastiaan van Stijn
5f59f7bb49
integration/container: combine TestResize tests into subtests
Reduce some of the boiler-plating, and by combining the tests, we skip
the testenv.Clean() in between each of the tests. Performance gain isn't
really measurable, but every bit should help :)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-09-08 01:36:12 +02:00
Sebastiaan van Stijn
a4ceb0e4ac
integration/container: TestResize, TestResizeWithInvalidSize: rm poll.WaitOn
container.Run should be an synchronous operation; the container should
be running after the request was made (or produce an error). Simplify
these tests, and remove the redundant polling.

These were added as part of 8f800c9415,
but no such polls were in place before the refactor, and there's no
mention of these during review of the PR, so I assume these were just
added either as a "precaution", or a result of "copy/paste" from another
test.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-09-08 01:34:45 +02:00
Sebastiaan van Stijn
ee7ca6822a
integration/container: fix flaky TestResizeWhenContainerNotStarted
This test was failing frequently on Windows, where the test was waiting
for the container to exit before continuing;

    === FAIL: github.com/docker/docker/integration/container TestResizeWhenContainerNotStarted (18.69s)
    resize_test.go:58: timeout hit after 10s: waiting for container to be one of (exited), currently running

It looks like this test is merely validating that a container in any non-
running state should produce an error, so there's no need to run a container
(waiting for it to stop), and just "creating" a container (which would be
in `created` state) should work for this purpose.

Looking at 8f800c9415, I see `createSimpleContainer`
and `runSimpleContainer` utilities were added, so I'm even wondering if the
original intent was to use `createSimpleContainer` for  this test.

While updating, also check if we get the expected error-type, instead of
only checking for the error-message.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-09-08 01:33:22 +02:00
Brian Goff
9b7784781d Add test for buildkit history trace propagation
This test ensures that we are able to propagate traces into buildkit's
history API.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2023-09-07 18:38:22 +00:00
Brian Goff
e8dc902781 Wire up tests to support otel tracing
Integration tests will now configure clients to propagate traces as well
as create spans for all tests.

Some extra changes were needed (or desired for trace propagation) in the
test helpers to pass through tracing spans via context.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2023-09-07 18:38:22 +00:00
Brian Goff
642e9917ff Add otel support
This uses otel standard environment variables to configure tracing in
the daemon.
It also adds support for propagating trace contexts in the client and
reading those from the API server.

See
https://opentelemetry.io/docs/specs/otel/configuration/sdk-environment-variables/
for details on otel environment variables.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2023-09-07 18:38:19 +00:00
Sebastiaan van Stijn
791549508a
Merge pull request #46084 from rumpl/fix-test-arch
test: Remove DOCKER_ENGINE_GOARCH from the tests
2023-09-05 18:08:57 +02:00
Sebastiaan van Stijn
9c4e82435e
Merge pull request #46351 from thaJeztah/api_events_actions_enum
api/types/events: define "Action" type and consts
2023-09-05 11:11:42 +02:00
Djordje Lukic
84a4f37cf7
test: use info from the version endpoint for arch checks
Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>
2023-08-31 09:36:48 +02:00
Paweł Gronowski
aef703fa1b
integration/liveRestore: Check volume content
Make sure that the content in the live-restored volume mounted in a new
container is the same as the content in the old container.
This checks if volume's _data directory doesn't get unmounted on
startup.

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-08-29 11:46:29 +02:00
Sebastiaan van Stijn
0f871f8cb7
api/types/events: define "Action" type and consts
Define consts for the Actions we use for events, instead of "ad-hoc" strings.
Having these consts makes it easier to find where specific events are triggered,
makes the events less error-prone, and allows documenting each Action (if needed).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-29 00:38:08 +02:00
Sebastiaan van Stijn
a65c948e7e
Merge pull request #46335 from thaJeztah/api_move_checkpoint_types
api/types: move checkpoint-types to api/types/checkpoint
2023-08-28 19:02:19 +02:00
Sebastiaan van Stijn
8309206160
Merge pull request #46350 from thaJeztah/strongtype_eventstype
api/types/events: make events.Type an actual type
2023-08-28 16:44:26 +02:00
Sebastiaan van Stijn
fa79b5d59f
integration/container: TestPause: don't depend on deprecated fields
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-28 13:17:01 +02:00
Sebastiaan van Stijn
70ad5b818f
api/types/events: make events.Type an actual type
This type was added in 247f4796d2, and
at the time was added as an alias for string;

> api/types/events: add "Type" type for event-type enum
>
> Currently just an alias for string, but we can change it to be an
> actual type.

Now that all code uses the defined types, we should be able to make
this an actual type.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-28 13:12:38 +02:00
Sebastiaan van Stijn
8569e8684f
Merge pull request #46338 from thaJeztah/daemon_events_cleanup
daemon: clean up event handling-code, and remove some dead code
2023-08-28 13:12:10 +02:00
Sebastiaan van Stijn
5a02ed5e84
integration: use events-consts in tests
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-27 23:44:25 +02:00
Sebastiaan van Stijn
fa13b0715f
integration/internal/swarm: rename max/min as it collides with go1.21 builtin
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-26 22:02:25 +02:00
Sebastiaan van Stijn
350223201e
integration/container: TestCheckpoint: remove intermediate vars
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-26 12:44:16 +02:00
Sebastiaan van Stijn
b688af2226
api/types: move checkpoint-types to api/types/checkpoint
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-26 12:37:41 +02:00
Sebastiaan van Stijn
f10e182ca7
Merge pull request #46317 from thaJeztah/gofumpt_all_the_things
Format code with gofumpt
2023-08-25 01:06:05 +02:00
Sebastiaan van Stijn
07e6b0ac70
integration: format code with gofumpt
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-24 17:55:14 +02:00
Sebastiaan van Stijn
bc7f341f29
daemon: WithNamespaces(): fix incorrect error for PID, IPC namespace
`Daemon.getPidContainer()` was wrapping the error-message with a message
("cannot join PID of a non running container") that did not reflect the
actual reason for the error; `Daemon.GetContainer()` could either return
an invalid parameter (invalid / empty identifier), or a "not found" error
if the specified container-ID could not be found.

In the latter case, we don't want to return a "not found" error through
the API, as this would indicate that the container we're _starting_ was
not found (which is not the case), so we need to convert the error into
an `errdefs.ErrInvalidParameter` (the container-ID specified for the PID
namespace is invalid if the container doesn't exist).

This logic is similar to what we do for IPC namespaces. which received
a similar fix in c3d7a0c603.

This patch updates the error-types, and moves them into the getIpcContainer
and getPidContainer container functions, both of which should return
an "invalid parameter" if the container was not found.

It's worth noting that, while `WithNamespaces()` may return an "invalid
parameter" error, the `start` endpoint itself may _not_ be. as outlined
in commit bf1fb97575, starting a container
that has an invalid configuration should be considered an internal server
error, and is not an invalid _request_. However, for uses other than
container "start", `WithNamespaces()` should return the correct error
to allow code to handle it accordingly.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-24 16:19:07 +02:00
Sebastiaan van Stijn
64f5d9b119
Merge pull request #46213 from thaJeztah/daemon_remove_errors
daemon: cleanupContainer: don't fail if container is already stopped
2023-08-24 13:34:43 +02:00
Sebastiaan van Stijn
4b0d38de06
TestDiskUsage: don't panic if results don't match
This test is currently failing with containerd-integration, which should
be looked into, but let's start with preventing it from panicking, to make
the test-failures less noisy;

        --- FAIL: TestDiskUsage/after_container.Run (0.26s)
    panic: runtime error: index out of range [0] with length 0 [recovered]
        panic: runtime error: index out of range [0] with length 0

    goroutine 280 [running]:
    testing.tRunner.func1.2({0xb07a00, 0x40002006a8})
        /usr/local/go/src/testing/testing.go:1526 +0x1c8
    testing.tRunner.func1()
        /usr/local/go/src/testing/testing.go:1529 +0x364
    panic({0xb07a00, 0x40002006a8})
        /usr/local/go/src/runtime/panic.go:884 +0x1f4
    github.com/docker/docker/integration/system.TestDiskUsage.func3(0x0?, {0x0, {0x14ea4a8, 0x0, 0x0}, {0x14ea4a8, 0x0, 0x0}, {0x14ea4a8, 0x0, ...}, ...})
        /go/src/github.com/docker/docker/integration/system/disk_usage_test.go:82 +0x7e4
    github.com/docker/docker/integration/system.TestDiskUsage.func4(0x4000235c80?)
        /go/src/github.com/docker/docker/integration/system/disk_usage_test.go:118 +0x8c

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-23 19:15:21 +02:00
Sebastiaan van Stijn
c0568a95d8
integration/container: check some error-types in tests
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-23 15:50:46 +02:00
Sebastiaan van Stijn
2b583c0923
daemon: cleanupContainer: slightly cleanup error messages
Also remove integration-cli: `DockerAPISuite.TestContainerAPIDeleteConflict`,
which was testing the same conditions as `TestRemoveContainerRunning` in
integration/container.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-23 15:50:43 +02:00
Djordje Lukic
6cbe06ff3f
test: Skip graph driver tests when using containerd snapshotters
Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>
2023-08-23 09:48:27 +02:00
Sebastiaan van Stijn
2be118379e
api/types/container: add RestartPolicyMode type and enum
Also move the validation function to live with the type definition,
which allows it to be used outside of the daemon as well.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-22 16:40:57 +02:00
Sebastiaan van Stijn
1c937c5816
Merge pull request #46189 from vvoland/c8d-more-mount-refcount
c8d integration: Use refcount mounter for diff and export
2023-08-18 15:29:13 +02:00
Sebastiaan van Stijn
17571ff199
integration/internal/container: add WithPIDMode option
Some files used aliases, others didn't, and they didn't appear to be
required.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-12 19:06:01 +02:00
Sebastiaan van Stijn
917dae58e1
integration/internal/container: remove import aliases
Some files used aliases, others didn't, and they didn't appear to be
required.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-12 19:06:01 +02:00
Paweł Gronowski
303e2b124e
integration: Add test for not breaking overlayfs
Check that operations that could potentially perform overlayfs mounts
that could cause undefined behaviors.

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-08-11 15:30:29 +02:00
Sebastiaan van Stijn
74feadacf8
integration/internal/container: refactor CreateExpectingErr
This utility was only used for a single test, and it was very limited
in functionality as it only allowed for a certain error-string to be
matched.

Let's change it into a more generic function; a helper that allows a
container to be created from a `TestContainerConfig` (which can be
constructed using `NewTestConfig`) and that returns the response from
client.ContainerCreate(), so that any result from that can be tested,
leaving it up to the test to check the results.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-11 14:03:08 +02:00
Sebastiaan van Stijn
0899ba4a3f
integration/internal/container: add NewTestConfig utility
Introduce a NewTestConfig utility, to allow using the available utilities
for constructing a config, and use them with the regular API client.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-11 14:03:08 +02:00
Sebastiaan van Stijn
3cb52a6359
integration/internal/container: use consistent name for api-client
The `client` variable was colliding with the `client` import. In some cases
the confusing `cli` name (it's not the "cli") was used. Given that such names
can easily start spreading (through copy/paste, or "code by example"), let's
make a one-time pass through all of them in this package to use the same name.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-11 14:02:17 +02:00
Sebastiaan van Stijn
26be2bc6b9
integration/container: use consistent name for api-client
The `client` variable was colliding with the `client` import in various
files. While it didn't conflict in all files, there was inconsistency
in the naming, sometimes using the confusing `cli` name (it's not the
"cli"), and such names can easily start spreading (through copy/paste,
or "code by example").

Let's make a one-time pass through all of them in this package to use
the same name.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-11 13:51:57 +02:00
Sebastiaan van Stijn
3d3ce9812f
integration/tag: Move to client unit test
This test was testing the client-side validation, so might as well
move it there, and validate that the client invalidates before
trying to make an API call.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-08-10 10:37:04 +02:00
Paweł Gronowski
71da8c13e1
integration/tag: Use subtests and make parallel
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-08-09 14:11:18 +02:00
Sebastiaan van Stijn
481dde8b70
libnetwork: use plugin Content-Type headers v1.2
The MediaType was changed twice in;

- b3b7eb2723 ("application/vnd.docker.plugins.v1+json"   -> "application/vnd.docker.plugins.v1.1+json")
- 54587d861d ("application/vnd.docker.plugins.v1.1+json" -> "application/vnd.docker.plugins.v1.2+json")

But the (integration) tests were still using the old version, so let's
use the VersionMimeType const that's defined, and use the updated version.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-07 20:38:54 +02:00
Sebastiaan van Stijn
4b19b2f4ba
Merge pull request #46004 from elezar/add-cdi-spec-dirs-to-info
Add CDISpecDirs to Info output
2023-08-07 20:14:06 +02:00
Evan Lezar
7a59913b1a Add CDISpecDirs to Info output
This change adds the configured CDI spec directories to the
system info output.

Signed-off-by: Evan Lezar <elezar@nvidia.com>
2023-08-04 11:46:34 +02:00
Sebastiaan van Stijn
9bd2b7e7af
Merge pull request #46138 from akerouanton/integration-run-attach
integration: Add RunAttach helper
2023-08-02 13:45:28 +02:00
Albin Kerouanton
5bd8aa5246
integration: Add RunAttach helper
Signed-off-by: Albin Kerouanton <albinker@gmail.com>
2023-08-02 10:23:32 +02:00
Albin Kerouanton
d7fb4dd170
integration: Extract stream demultiplexing from container.Exec
The original code in container.Exec was potentially leaking the copy
goroutine when the context was cancelled or timed out. The new
`demultiplexStreams()` function won't return until the goroutine has
finished its work, and to ensure that it takes care of closing the
hijacked connection.

Signed-off-by: Albin Kerouanton <albinker@gmail.com>
2023-08-02 10:23:31 +02:00
Brian Goff
1a51898d2e
TestDaemonProxy: use new scanners to check logs
Also fixes up some cleanup issues.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-01 00:13:50 +02:00
Brian Goff
476e788090
Fix daemon proxy test for "reload sanitized"
I noticed this was always being skipped because of race conditions
checking the logs.

This change adds a log scanner which will look through the logs line by
line rather than allocating a big buffer.
Additionally it adds a `poll.Check` which we can use to actually wait
for the desired log entry.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-01 00:11:28 +02:00
Brian Goff
8197752d68
TestDaemonProxy: check proxy settings early
Allows tests to report their proxy settings for easier troubleshooting
on failures.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2023-07-31 13:33:32 +02:00
Sebastiaan van Stijn
0e0c725224
Merge pull request #45511 from xpivarc/capabilites
Do not drop effective&permitted set
2023-07-28 01:17:43 +02:00
Sebastiaan van Stijn
10aff57b26
Merge pull request #46037 from AkihiroSuda/rro-remove-short
volume: remove the short RRO forms in favor of the long forms
2023-07-27 14:11:30 +02:00
Djordje Lukic
e5cffc07b3
c8d: Fix TestImagesFilterMultiReference
Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>
2023-07-26 14:34:42 +02:00
Djordje Lukic
ad2760ec80
integration: Move image filter tests to integration
- use assert.Check to continue the test even if a check fails
- assert the total number of images returned, not only their RepoTags
- use subtests

Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>
2023-07-26 14:33:16 +02:00
Luboslav Pivarc
42fa7a1951 Integration test for capabilities
Verify non-root containers are able to use file
capabilities.

Signed-off-by: Luboslav Pivarc <lpivarc@redhat.com>
Co-authored-by: Cory Snider <csnider@mirantis.com>
Signed-off-by: Cory Snider <csnider@mirantis.com>
2023-07-24 17:10:50 -04:00
Sebastiaan van Stijn
afd4805278
Merge pull request #45399 from vvoland/winddows-unskip-kill-tests
integration/windows: Unskip some kill tests
2023-07-23 16:29:19 +02:00
Akihiro Suda
483a1933a2
volume: remove the short RRO forms in favor of the long forms
"ro-non-recursive", "ro-force-recursive", and "rro" are
now removed from the legacy mount API.

CLI may still support them via the new mount API (if we want).

Follow-up to PR 45278

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2023-07-20 22:34:09 +09:00
Sebastiaan van Stijn
51fad48097
Merge pull request #45937 from thaJeztah/testattach_table
integration/container: use subtests for TestAttach
2023-07-19 19:24:33 +02:00
Paweł Gronowski
eaf141c86a
c8d/resolveImage: Fix Digested and Named reference
When resolving a reference that is both a Named and Digested, it could
be resolved to an image that has the same digest, but completely
different repository name.

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-07-18 17:55:46 +02:00
Sebastiaan van Stijn
79c72390b9
integration/container: use subtests for TestAttach
- Combine TestAttachWithTTY and TestAttachWithoutTTy to a single test using sub-tests
- Set up and tear-down the test-environment once
- Remove redundant client.ContainerRemove, as it's taken care of by testEnv.Clean()
- Run both tests in parallel

      make TEST_FILTER=TestAttach DOCKER_GRAPHDRIVER=overlay2 TESTDEBUG=1 test-integration
      Loaded image: busybox:latest
      Loaded image: busybox:glibc
      Loaded image: debian:bullseye-slim
      Loaded image: hello-world:latest
      Loaded image: arm32v7/hello-world:latest
      INFO: Testing against a local daemon
      === RUN   TestAttach
      === RUN   TestAttach/without_TTY
      === PAUSE TestAttach/without_TTY
      === RUN   TestAttach/with_TTY
      === PAUSE TestAttach/with_TTY
      === CONT  TestAttach/without_TTY
      === CONT  TestAttach/with_TTY
      --- PASS: TestAttach (0.00s)
          --- PASS: TestAttach/without_TTY (0.03s)
          --- PASS: TestAttach/with_TTY (0.03s)
      PASS

      DONE 3 tests in 1.347s

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-13 18:24:14 +02:00
Paweł Gronowski
f9e2eed55d
integration: Don't env cleanup before parallel subtests
Calling function returned from setupTest (which calls testEnv.Clean) in
a defer block inside a test that spawns parallel subtests caused the
cleanup function to be called before any of the subtest did anything.

Change the defer expressions to use `t.Cleanup` instead to call it only
after all subtests have also finished.
This only changes tests which have parallel subtests.

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-07-13 13:41:00 +02:00
Sebastiaan van Stijn
462d6ef826
Merge pull request #45901 from thaJeztah/api_move_system_info
api/types: move system info types to api/types/system
2023-07-10 17:45:13 +02:00
Sebastiaan van Stijn
a490248f4d
daemon: daemon.prepareMountPoints(): fix panic if mount is not a volume
The daemon.lazyInitializeVolume() function only handles restoring Volumes
if a Driver is specified. The Container's MountPoints field may also
contain other kind of mounts (e.g., bind-mounts). Those were ignored, and
don't return an error; 1d9c8619cd/daemon/volumes.go (L243-L252C2)

However, the prepareMountPoints() assumed each MountPoint was a volume,
and logged an informational message about the volume being restored;
1d9c8619cd/daemon/mounts.go (L18-L25)

This would panic if the MountPoint was not a volume;

    github.com/docker/docker/daemon.(*Daemon).prepareMountPoints(0xc00054b7b8?, 0xc0007c2500)
            /root/rpmbuild/BUILD/src/engine/.gopath/src/github.com/docker/docker/daemon/mounts.go:24 +0x1c0
    github.com/docker/docker/daemon.(*Daemon).restore.func5(0xc0007c2500, 0x0?)
            /root/rpmbuild/BUILD/src/engine/.gopath/src/github.com/docker/docker/daemon/daemon.go:552 +0x271
    created by github.com/docker/docker/daemon.(*Daemon).restore
            /root/rpmbuild/BUILD/src/engine/.gopath/src/github.com/docker/docker/daemon/daemon.go:530 +0x8d8
    panic: runtime error: invalid memory address or nil pointer dereference
    [signal SIGSEGV: segmentation violation code=0x1 addr=0x30 pc=0x564e9be4c7c0]

This issue was introduced in 647c2a6cdd

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-07 15:31:00 +02:00
Sebastiaan van Stijn
c90229ed9a
api/types: move system info types to api/types/system
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-07 13:01:36 +02:00
Brian Goff
2216d3ca8d Add health start interval
This adds an additional interval to be used by healthchecks during the
start period.
Typically when a container is just starting you want to check if it is
ready more quickly than a typical healthcheck might run. Without this
users have to balance between running healthchecks to frequently vs
taking a very long time to mark a container as healthy for the first
time.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-05 23:44:17 +00:00
Cory Snider
cdcb7c28c5 integration: disable iptables in parallel tests
Multiple daemons starting/running concurrently can collide with each
other when editing iptables rules. Most integration tests which opt into
parallelism and start daemons work around this problem by starting the
daemon with the --iptables=false option. However, some of the tests
neglect to pass the option when starting or restarting the daemon,
resulting in those tests being flaky.

Audit the integration tests which call t.Parallel() and (*Daemon).Stop()
and add --iptables=false arguments where needed.

Signed-off-by: Cory Snider <csnider@mirantis.com>
2023-07-05 13:49:53 -04:00
Sebastiaan van Stijn
ddec605aef
integration: use string-literals for easier grep'ing
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-05 12:27:01 +02:00
Sebastiaan van Stijn
6b6fed06b1
integration: don't use pkg/system MkNod/mkDev
These tests are Linux-only, so we don't need the wrapper.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-03 18:48:32 +02:00
Paweł Gronowski
a93298d4db
c8d/prune: Exclude dangling tag of the images used by containers
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-06-30 18:18:56 +02:00
Paweł Gronowski
a96e6044cc
testutil/environment: Add GetTestDanglingImageId
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-06-30 18:18:45 +02:00
Sebastiaan van Stijn
c0edf0861b
integration/system: format code with gofumpt
Formatting the code with https://github.com/mvdan/gofumpt

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-29 00:31:11 +02:00
Sebastiaan van Stijn
5cc1c6eca0
integration/service: format code with gofumpt
Formatting the code with https://github.com/mvdan/gofumpt

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-29 00:31:11 +02:00
Sebastiaan van Stijn
bb5ace2efb
integration/plugin: format code with gofumpt
Formatting the code with https://github.com/mvdan/gofumpt

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-29 00:31:11 +02:00
Sebastiaan van Stijn
9bd3e011e1
integration/internal: format code with gofumpt
Formatting the code with https://github.com/mvdan/gofumpt

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-29 00:31:11 +02:00
Sebastiaan van Stijn
89a4e6b889
integration/container: format code with gofumpt
Formatting the code with https://github.com/mvdan/gofumpt

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-29 00:31:10 +02:00
Brian Goff
647c2a6cdd Restore active mount counts on live-restore
When live-restoring a container the volume driver needs be notified that
there is an active mount for the volume.
Before this change the count is zero until the container stops and the
uint64 overflows pretty much making it so the volume can never be
removed until another daemon restart.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2023-06-27 16:33:23 +00:00
Paweł Gronowski
dd1c95edcd
integration/windows: Unskip some kill tests
Unskip:
- TestKillWithStopSignalAndRestartPolicies
- TestKillStoppedContainer

integration tests on Windows.

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-06-26 15:20:36 +02:00
Sebastiaan van Stijn
76d8bfdff4
testutil/environment: remove Execution.OSType field
This field was added in f0e5b3d7d8 to
account for older versions of the engine (Docker EE LTS versions), which
did not yet provide the OSType field in Docker info, and had to be manually
set using the TEST_OSTYPE env-var.

This patch removes the field in favor of the equivalent in DaemonInfo. It's
more verbose, but also less ambiguous what information we're using (i.e.,
the platform the daemon is running on, not the local platform).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-26 11:18:09 +02:00
Cory Snider
165dfd6c3e daemon: fix restoring container with missing task
Before 4bafaa00aa, if the daemon was
killed while a container was running and the container shim is killed
before the daemon is restarted, such as if the host system is
hard-rebooted, the daemon would restore the container to the stopped
state and set the exit code to 255. The aforementioned commit introduced
a regression where the container's exit code would instead be set to 0.
Fix the regression so that the exit code is once against set to 255 on
restore.

Signed-off-by: Cory Snider <csnider@mirantis.com>
2023-06-23 11:28:45 -04:00
Sebastiaan van Stijn
fc94ed0a86
don't cancel container stop when cancelling context
Commit 90de570cfa passed through the request
context to daemon.ContainerStop(). As a result, cancelling the context would
cancel the "graceful" stop of the container, and would proceed with forcefully
killing the container.

This patch partially reverts the changes from 90de570cfa
and breaks the context to prevent cancelling the context from cancelling the stop.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-20 11:53:23 +02:00
Sebastiaan van Stijn
a9788886e6
Merge pull request #45720 from ndeloof/copy_uidgid
fix `docker cp -a` failing to access `/` in container
2023-06-14 01:11:36 +02:00
Nicolas De Loof
3cc5d62f8a
run getent with a noop stdin
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
2023-06-12 09:35:40 +02:00
Sebastiaan van Stijn
f139017bd0
Merge pull request #44598 from cpuguy83/save_tar_oci
image save: make output tarball OCI compliant
2023-06-09 14:50:51 +02:00
Brian Goff
1e55ace875 Add oci index and layout files to exported tars
This makes the output of `docker save` fully OCI compliant.

When using the containerd image store, this code is not used. That
exporter will just use containerd's export method and should give us the
output we want for multi-arch images.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2023-05-28 20:35:14 +00:00
Sebastiaan van Stijn
b42e367045
vendor: github.com/opencontainers/image-spec v1.1.0-rc3
full diff: https://github.com/opencontainers/image-spec/compare/3a7f492d3f1b...v1.1.0-rc3

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-26 02:34:50 +02:00
Akihiro Suda
5045a2de24
Support recursively read-only (RRO) mounts
`docker run -v /foo:/foo:ro` is now recursively read-only on kernel >= 5.12.

Automatically falls back to the legacy non-recursively read-only mount mode on kernel < 5.12.

Use `ro-non-recursive` to disable RRO.
Use `ro-force-recursive` or `rro` to explicitly enable RRO. (Fails on kernel < 5.12)

Fix issue 44978
Fix docker/for-linux issue 788

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2023-05-26 01:58:24 +09:00
Cory Snider
1b28b0ed5a
Merge pull request #45134 from elezar/add-cdi-support
Add support for CDI devices under Linux
2023-05-25 18:06:31 +02:00
Paweł Gronowski
6506579e18
integration: Add TestImageInspectEmptyTagsAndDigests
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-05-23 15:50:36 +02:00
Sebastiaan van Stijn
ab35df454d
remove pre-go1.17 build-tags
Removed pre-go1.17 build-tags with go fix;

    go mod init
    go fix -mod=readonly ./...
    rm go.mod

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-19 20:38:51 +02:00
Sebastiaan van Stijn
50d2c94bd6
Merge pull request #43637 from thaJeztah/remove_deprecated_storage_drivers
Remove deprecated devicemapper storage driver
2023-05-18 21:23:41 +02:00
Evan Lezar
dedf5747cc Remove need to set Capabilities for cdi driver
Signed-off-by: Evan Lezar <elezar@nvidia.com>
2023-05-16 17:07:58 +02:00
Evan Lezar
7ec9561a77 Add support for CDI devices to docker daemon under linux
These changes add basic CDI integration to the docker daemon.

A cdi driver is added to handle cdi device requests. This
is gated by an experimental feature flag and is only supported on linux

This change also adds a CDISpecDirs (cdi-spec-dirs) option to the config.
This allows the default values of `/etc/cdi`, /var/run/cdi` to be overridden
which is useful for testing.

Signed-off-by: Evan Lezar <elezar@nvidia.com>
2023-05-16 17:07:57 +02:00
Akihiro Suda
1371aee3cc
Merge pull request #45469 from thaJeztah/deprecate_virtualsize_STEP2
API: omit deprecated VirtualSize field for API v1.44 and up
2023-05-16 15:10:07 +09:00
Sebastiaan van Stijn
56fb56ccf0
integration: update error-assertions in tests
- use is.ErrorType
- replace uses of client.IsErrNotFound for errdefs.IsNotFound, as
  the client no longer returns the old error-type.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-10 22:13:50 +02:00
Sebastiaan van Stijn
3f7fde76c2
Merge pull request #45507 from corhere/cleanup-reexec-inits
[chore] clean up reexec.Init() calls
2023-05-10 11:49:11 +02:00
Cory Snider
4e0319c878 [chore] clean up reexec.Init() calls
Now that most uses of reexec have been replaced with non-reexec
solutions, most of the reexec.Init() calls peppered throughout the test
suites are unnecessary. Furthermore, most of the reexec.Init() calls in
test code neglects to check the return value to determine whether to
exit, which would result in the reexec'ed subprocesses proceeding to run
the tests, which would reexec another subprocess which would proceed to
run the tests, recursively. (That would explain why every reexec
callback used to unconditionally call os.Exit() instead of returning...)

Remove unneeded reexec.Init() calls from test and example code which no
longer needs it, and fix the reexec.Init() calls which are not inert to
exit after a reexec callback is invoked.

Signed-off-by: Cory Snider <csnider@mirantis.com>
2023-05-09 19:13:17 -04:00
Jeyanthinath Muthuram
307b09e7eb
fixing consistent aliases for OCI spec imports
Signed-off-by: Jeyanthinath Muthuram <jeyanthinath10@gmail.com>
2023-05-08 15:27:52 +05:30
Sebastiaan van Stijn
913b0f51ca
API: omit deprecated VirtualSize field for API v1.44 and up
This field is deprecated since 1261fe69a3,
and will now be omitted on API v1.44 and up for the `GET /images/json`,
`GET /images/{id}/json`, and `GET /system/df`  endpoints.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-06 16:35:00 +02:00
Sebastiaan van Stijn
8a4b095a94
Merge pull request #45353 from thaJeztah/api_container_change_type
api/types/container: create type for changes endpoint
2023-05-04 19:48:40 +02:00
Sebastiaan van Stijn
dbb48e4b29
api/types/container: create type for changes endpoint
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-03 21:23:42 +02:00
Tianon Gravi
4597f50deb
Merge pull request #45392 from thaJeztah/filters_inline_and_simplify
inline filters.Args where possible, and use filters.Arg() when constructing
2023-04-27 23:31:59 +00:00
Sebastiaan van Stijn
489543cd25
Merge pull request #45391 from vvoland/windows-flaky-testkillcontainer
integration/TestKillContainer: Bigger timeout on Windows
2023-04-26 17:02:31 +02:00
Brian Goff
0970cb054c
Merge pull request #45366 from akerouanton/fix-docker0-PreferredPool
daemon: set docker0 subpool as the IPAM pool
2023-04-25 11:07:57 -07:00
Albin Kerouanton
2d31697d82
daemon: set docker0 subpool as the IPAM pool
Since cc19eba (backported to v23.0.4), the PreferredPool for docker0 is
set only when the user provides the bip config parameter or when the
default bridge already exist. That means, if a user provides the
fixed-cidr parameter on a fresh install or reboot their computer/server
without bip set, dockerd throw the following error when it starts:

> failed to start daemon: Error initializing network controller: Error
> creating default "bridge" network: failed to parse pool request for
> address space "LocalDefault" pool "" subpool "100.64.0.0/26": Invalid
> Address SubPool

See #45356.

Signed-off-by: Albin Kerouanton <albinker@gmail.com>
2023-04-25 15:32:46 +02:00
Sebastiaan van Stijn
b6154189e8
integration: inline filters in tests
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-25 15:15:50 +02:00
Paweł Gronowski
aca8dde362
integration/TestKillContainer: Bigger timeout on Windows
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-04-25 11:59:54 +02:00
cui fliter
f66684fdeb fix some comments
Signed-off-by: cui fliter <imcusg@gmail.com>
2023-04-25 13:39:28 +08:00
Sebastiaan van Stijn
dc11d2a2d8
remove deprecated devicemapper storage-driver
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-20 23:51:54 +02:00
Sebastiaan van Stijn
1261fe69a3
API: deprecate VirtualSize field for /images/json and /images/{id}/json
In versions of Docker before v1.10, this field was calculated from
the image itself and all of its parent images. Images are now stored
self-contained, and no longer use a parent-chain, making this field
an equivalent of the Size field.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-18 14:46:11 +02:00
Sebastiaan van Stijn
81e62af94a
use consistent alias for containerd's errdefs package
The signatures of functions in containerd's errdefs packages are very
similar to those in our own, and it's easy to accidentally use the wrong
package.

This patch uses a consistent alias for all occurrences of this import.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-08 19:30:33 +02:00
Paweł Gronowski
fed1c96e10
TestDaemonRestartKillContainers: Fix loop capture
TestDaemonRestartKillContainers test was always executing the last case
(`container created should not be restarted`) because the iterated
variables were not copied correctly.
Capture iterated values by value correctly and rename c to tc.

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-03-20 16:16:42 +01:00
Sebastiaan van Stijn
127cd9def1
integration/plugin: fix duplicate import
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-03-14 16:23:09 +01:00
Sebastiaan van Stijn
2987393768
integration/volume: fix duplicate import
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-03-14 16:22:00 +01:00
Brian Goff
146df5fbd3
Fix pruning anon volume created from image config
Volumes created from the image config were not being pruned because the
volume service did not think they were anonymous since the code to
create passes along a generated name instead of letting the volume
service generate it.

This changes the code path to have the volume service generate the name
instead of doing it ahead of time.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2023-03-14 11:06:26 +01:00
Sebastiaan van Stijn
058a31e479
volumes: fix error-handling when removing volumes with swarm enabled
Commit 3246db3755 added handling for removing
cluster volumes, but in some conditions, this resulted in errors not being
returned if the volume was in use;

    docker swarm init
    docker volume create foo
    docker create -v foo:/foo busybox top
    docker volume rm foo

This patch changes the logic for ignoring "local" volume errors if swarm
is enabled (and cluster volumes supported).

While working on this fix, I also discovered that Cluster.RemoveVolume()
did not handle the "force" option correctly; while swarm correctly handled
these, the cluster backend performs a lookup of the volume first (to obtain
its ID), which would fail if the volume didn't exist.

Before this patch:

    make TEST_FILTER=TestVolumesRemoveSwarmEnabled DOCKER_GRAPHDRIVER=vfs test-integration
    ...
    Running /go/src/github.com/docker/docker/integration/volume (arm64.integration.volume) flags=-test.v -test.timeout=10m  -test.run TestVolumesRemoveSwarmEnabled
    ...
    === RUN   TestVolumesRemoveSwarmEnabled
    === PAUSE TestVolumesRemoveSwarmEnabled
    === CONT  TestVolumesRemoveSwarmEnabled
    === RUN   TestVolumesRemoveSwarmEnabled/volume_in_use
        volume_test.go:122: assertion failed: error is nil, not errdefs.IsConflict
        volume_test.go:123: assertion failed: expected an error, got nil
    === RUN   TestVolumesRemoveSwarmEnabled/volume_not_in_use
    === RUN   TestVolumesRemoveSwarmEnabled/non-existing_volume
    === RUN   TestVolumesRemoveSwarmEnabled/non-existing_volume_force
        volume_test.go:143: assertion failed: error is not nil: Error response from daemon: volume no_such_volume not found
    --- FAIL: TestVolumesRemoveSwarmEnabled (1.57s)
        --- FAIL: TestVolumesRemoveSwarmEnabled/volume_in_use (0.00s)
        --- PASS: TestVolumesRemoveSwarmEnabled/volume_not_in_use (0.01s)
        --- PASS: TestVolumesRemoveSwarmEnabled/non-existing_volume (0.00s)
        --- FAIL: TestVolumesRemoveSwarmEnabled/non-existing_volume_force (0.00s)
    FAIL

With this patch:

    make TEST_FILTER=TestVolumesRemoveSwarmEnabled DOCKER_GRAPHDRIVER=vfs test-integration
    ...
    Running /go/src/github.com/docker/docker/integration/volume (arm64.integration.volume) flags=-test.v -test.timeout=10m  -test.run TestVolumesRemoveSwarmEnabled
    ...
    make TEST_FILTER=TestVolumesRemoveSwarmEnabled DOCKER_GRAPHDRIVER=vfs test-integration
    ...
    Running /go/src/github.com/docker/docker/integration/volume (arm64.integration.volume) flags=-test.v -test.timeout=10m  -test.run TestVolumesRemoveSwarmEnabled
    ...
    === RUN   TestVolumesRemoveSwarmEnabled
    === PAUSE TestVolumesRemoveSwarmEnabled
    === CONT  TestVolumesRemoveSwarmEnabled
    === RUN   TestVolumesRemoveSwarmEnabled/volume_in_use
    === RUN   TestVolumesRemoveSwarmEnabled/volume_not_in_use
    === RUN   TestVolumesRemoveSwarmEnabled/non-existing_volume
    === RUN   TestVolumesRemoveSwarmEnabled/non-existing_volume_force
    --- PASS: TestVolumesRemoveSwarmEnabled (1.53s)
        --- PASS: TestVolumesRemoveSwarmEnabled/volume_in_use (0.00s)
        --- PASS: TestVolumesRemoveSwarmEnabled/volume_not_in_use (0.01s)
        --- PASS: TestVolumesRemoveSwarmEnabled/non-existing_volume (0.00s)
        --- PASS: TestVolumesRemoveSwarmEnabled/non-existing_volume_force (0.00s)
    PASS

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-03-13 19:17:35 +01:00
Sebastiaan van Stijn
7531f05c7c
integration/volumes: TestVolumesRemove: add coverage for force/no-force
Add additional test-cases for deleting non-existing volumes (with/without force).

With this patch:

    make TEST_FILTER=TestVolumesRemove DOCKER_GRAPHDRIVER=vfs test-integration

    Running /go/src/github.com/docker/docker/integration/volume (arm64.integration.volume) flags=-test.v -test.timeout=10m  -test.run TestVolumesRemove
    ...
    === RUN   TestVolumesRemove
    === RUN   TestVolumesRemove/volume_in_use
    === RUN   TestVolumesRemove/volume_not_in_use
    === RUN   TestVolumesRemove/non-existing_volume
    === RUN   TestVolumesRemove/non-existing_volume_force
    --- PASS: TestVolumesRemove (0.04s)
        --- PASS: TestVolumesRemove/volume_in_use (0.00s)
        --- PASS: TestVolumesRemove/volume_not_in_use (0.01s)
        --- PASS: TestVolumesRemove/non-existing_volume (0.00s)
        --- PASS: TestVolumesRemove/non-existing_volume_force (0.00s)
    PASS

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-03-12 14:50:55 +01:00
Paweł Gronowski
608a122aef
integration: Extract StopContainerWindowsPollTimeout const
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-03-06 16:21:55 +01:00
Paweł Gronowski
74dbb721aa
TestLogs: Increase stop check poll timeout on Windows
Stopping container on Windows can sometimes take longer than 10s which
caused this test to be flaky.
Increase the timeout to 75s when running this test on Windows.

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-03-06 16:14:38 +01:00
Alex Stockinger
91c2b12205 Make default options for newly created networks configurable
Signed-off-by: Alex Stockinger <alex@atomicjar.com>
Co-authored-by: Sergei Egorov <bsideup@gmail.com>
Co-authored-by: Cory Snider <corhere@gmail.com>
2023-03-01 07:58:26 +01:00
Brian Goff
0021339b92
Merge pull request #45025 from corhere/oci-annotation-passthru 2023-02-24 16:27:11 +00:00
Cory Snider
0ffaa6c785 daemon: add annotations to container HostConfig
Allow clients to set annotations on a container which will applied to
the container's OCI spec.

Signed-off-by: Cory Snider <csnider@mirantis.com>
2023-02-23 18:59:00 -05:00
Cory Snider
0c68b655f6 Fix loop-closure bugs in tests
...which were flagged by golangci-lint v1.51.

Signed-off-by: Cory Snider <csnider@mirantis.com>
2023-02-15 12:44:52 -05:00
Tonis Tiigi
666334bd48
vendor: update buildkit to v0.11.2
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2023-02-01 23:29:10 -08:00
Cory Snider
d634ae9b60 Wait longer for exit events on Windows
The latest version of containerd-shim-runhcs-v1 (v0.10.0-rc.4) pulled in
with the bump to ContainerD v1.7.0-rc.3 had several changes to make it
more robust, which had the side effect of increasing the worst-case
amount of time it takes for a container to exit in the worst case.
Notably, the total timeout for shutting down a task increased from 30
seconds to 60! Increase the timeouts hardcoded in the daemon and
integration tests so that they don't give up too soon.

Signed-off-by: Cory Snider <csnider@mirantis.com>
2023-01-31 15:19:08 -05:00
Akihiro Suda
b3c5352386
rootless: support --ipc=host
Fix issue 44294

Co-authored-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2023-01-21 01:00:27 +09:00
Sebastiaan van Stijn
01fd23b625
Fix volume CreatedAt being altered on initialization
The CreatedAt date was determined from the volume's `_data`
directory (`/var/lib/docker/volumes/<volumename>/_data`).
However, when initializing a volume, this directory is updated,
causing the date to change.

Instead of using the `_data` directory, use its parent directory,
which is not updated afterwards, and should reflect the time that
the volume was created.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2023-01-03 16:57:04 +01:00