38d914cc96
Move plugins to shared distribution stack with images.
Create immutable plugin config that matches schema2 requirements.
Ensure data being pushed is same as pulled/created.
Store distribution artifacts in a blobstore.
Run init layer setup for every plugin start.
Fix breakouts from unsafe file accesses.
Add support for `docker plugin install --alias`
Uses normalized references for default names to avoid collisions when using default hosts/tags.
Some refactoring of the plugin manager to support the change, like removing the singleton manager and adding manager config struct.
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
(cherry picked from commit 3d86b0c79b
)
378 lines
10 KiB
Go
378 lines
10 KiB
Go
package types
|
|
|
|
import (
|
|
"bufio"
|
|
"io"
|
|
"net"
|
|
"os"
|
|
|
|
"github.com/docker/docker/api/types/container"
|
|
"github.com/docker/docker/api/types/filters"
|
|
"github.com/docker/go-units"
|
|
)
|
|
|
|
// CheckpointCreateOptions holds parameters to create a checkpoint from a container
|
|
type CheckpointCreateOptions struct {
|
|
CheckpointID string
|
|
CheckpointDir string
|
|
Exit bool
|
|
}
|
|
|
|
// CheckpointListOptions holds parameters to list checkpoints for a container
|
|
type CheckpointListOptions struct {
|
|
CheckpointDir string
|
|
}
|
|
|
|
// CheckpointDeleteOptions holds parameters to delete a checkpoint from a container
|
|
type CheckpointDeleteOptions struct {
|
|
CheckpointID string
|
|
CheckpointDir string
|
|
}
|
|
|
|
// ContainerAttachOptions holds parameters to attach to a container.
|
|
type ContainerAttachOptions struct {
|
|
Stream bool
|
|
Stdin bool
|
|
Stdout bool
|
|
Stderr bool
|
|
DetachKeys string
|
|
Logs bool
|
|
}
|
|
|
|
// ContainerCommitOptions holds parameters to commit changes into a container.
|
|
type ContainerCommitOptions struct {
|
|
Reference string
|
|
Comment string
|
|
Author string
|
|
Changes []string
|
|
Pause bool
|
|
Config *container.Config
|
|
}
|
|
|
|
// ContainerExecInspect holds information returned by exec inspect.
|
|
type ContainerExecInspect struct {
|
|
ExecID string
|
|
ContainerID string
|
|
Running bool
|
|
ExitCode int
|
|
Pid int
|
|
}
|
|
|
|
// ContainerListOptions holds parameters to list containers with.
|
|
type ContainerListOptions struct {
|
|
Quiet bool
|
|
Size bool
|
|
All bool
|
|
Latest bool
|
|
Since string
|
|
Before string
|
|
Limit int
|
|
Filters filters.Args
|
|
}
|
|
|
|
// ContainerLogsOptions holds parameters to filter logs with.
|
|
type ContainerLogsOptions struct {
|
|
ShowStdout bool
|
|
ShowStderr bool
|
|
Since string
|
|
Timestamps bool
|
|
Follow bool
|
|
Tail string
|
|
Details bool
|
|
}
|
|
|
|
// ContainerRemoveOptions holds parameters to remove containers.
|
|
type ContainerRemoveOptions struct {
|
|
RemoveVolumes bool
|
|
RemoveLinks bool
|
|
Force bool
|
|
}
|
|
|
|
// ContainerStartOptions holds parameters to start containers.
|
|
type ContainerStartOptions struct {
|
|
CheckpointID string
|
|
CheckpointDir string
|
|
}
|
|
|
|
// CopyToContainerOptions holds information
|
|
// about files to copy into a container
|
|
type CopyToContainerOptions struct {
|
|
AllowOverwriteDirWithFile bool
|
|
}
|
|
|
|
// EventsOptions holds parameters to filter events with.
|
|
type EventsOptions struct {
|
|
Since string
|
|
Until string
|
|
Filters filters.Args
|
|
}
|
|
|
|
// NetworkListOptions holds parameters to filter the list of networks with.
|
|
type NetworkListOptions struct {
|
|
Filters filters.Args
|
|
}
|
|
|
|
// HijackedResponse holds connection information for a hijacked request.
|
|
type HijackedResponse struct {
|
|
Conn net.Conn
|
|
Reader *bufio.Reader
|
|
}
|
|
|
|
// Close closes the hijacked connection and reader.
|
|
func (h *HijackedResponse) Close() {
|
|
h.Conn.Close()
|
|
}
|
|
|
|
// CloseWriter is an interface that implements structs
|
|
// that close input streams to prevent from writing.
|
|
type CloseWriter interface {
|
|
CloseWrite() error
|
|
}
|
|
|
|
// CloseWrite closes a readWriter for writing.
|
|
func (h *HijackedResponse) CloseWrite() error {
|
|
if conn, ok := h.Conn.(CloseWriter); ok {
|
|
return conn.CloseWrite()
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// ImageBuildOptions holds the information
|
|
// necessary to build images.
|
|
type ImageBuildOptions struct {
|
|
Tags []string
|
|
SuppressOutput bool
|
|
RemoteContext string
|
|
NoCache bool
|
|
Remove bool
|
|
ForceRemove bool
|
|
PullParent bool
|
|
Isolation container.Isolation
|
|
CPUSetCPUs string
|
|
CPUSetMems string
|
|
CPUShares int64
|
|
CPUQuota int64
|
|
CPUPeriod int64
|
|
Memory int64
|
|
MemorySwap int64
|
|
CgroupParent string
|
|
NetworkMode string
|
|
ShmSize int64
|
|
Dockerfile string
|
|
Ulimits []*units.Ulimit
|
|
// See the parsing of buildArgs in api/server/router/build/build_routes.go
|
|
// for an explaination of why BuildArgs needs to use *string instead of
|
|
// just a string
|
|
BuildArgs map[string]*string
|
|
AuthConfigs map[string]AuthConfig
|
|
Context io.Reader
|
|
Labels map[string]string
|
|
// squash the resulting image's layers to the parent
|
|
// preserves the original image and creates a new one from the parent with all
|
|
// the changes applied to a single layer
|
|
Squash bool
|
|
// CacheFrom specifies images that are used for matching cache. Images
|
|
// specified here do not need to have a valid parent chain to match cache.
|
|
CacheFrom []string
|
|
SecurityOpt []string
|
|
}
|
|
|
|
// ImageBuildResponse holds information
|
|
// returned by a server after building
|
|
// an image.
|
|
type ImageBuildResponse struct {
|
|
Body io.ReadCloser
|
|
OSType string
|
|
}
|
|
|
|
// ImageCreateOptions holds information to create images.
|
|
type ImageCreateOptions struct {
|
|
RegistryAuth string // RegistryAuth is the base64 encoded credentials for the registry
|
|
}
|
|
|
|
// ImageImportSource holds source information for ImageImport
|
|
type ImageImportSource struct {
|
|
Source io.Reader // Source is the data to send to the server to create this image from (mutually exclusive with SourceName)
|
|
SourceName string // SourceName is the name of the image to pull (mutually exclusive with Source)
|
|
}
|
|
|
|
// ImageImportOptions holds information to import images from the client host.
|
|
type ImageImportOptions struct {
|
|
Tag string // Tag is the name to tag this image with. This attribute is deprecated.
|
|
Message string // Message is the message to tag the image with
|
|
Changes []string // Changes are the raw changes to apply to this image
|
|
}
|
|
|
|
// ImageListOptions holds parameters to filter the list of images with.
|
|
type ImageListOptions struct {
|
|
All bool
|
|
Filters filters.Args
|
|
}
|
|
|
|
// ImageLoadResponse returns information to the client about a load process.
|
|
type ImageLoadResponse struct {
|
|
// Body must be closed to avoid a resource leak
|
|
Body io.ReadCloser
|
|
JSON bool
|
|
}
|
|
|
|
// ImagePullOptions holds information to pull images.
|
|
type ImagePullOptions struct {
|
|
All bool
|
|
RegistryAuth string // RegistryAuth is the base64 encoded credentials for the registry
|
|
PrivilegeFunc RequestPrivilegeFunc
|
|
}
|
|
|
|
// RequestPrivilegeFunc is a function interface that
|
|
// clients can supply to retry operations after
|
|
// getting an authorization error.
|
|
// This function returns the registry authentication
|
|
// header value in base 64 format, or an error
|
|
// if the privilege request fails.
|
|
type RequestPrivilegeFunc func() (string, error)
|
|
|
|
//ImagePushOptions holds information to push images.
|
|
type ImagePushOptions ImagePullOptions
|
|
|
|
// ImageRemoveOptions holds parameters to remove images.
|
|
type ImageRemoveOptions struct {
|
|
Force bool
|
|
PruneChildren bool
|
|
}
|
|
|
|
// ImageSearchOptions holds parameters to search images with.
|
|
type ImageSearchOptions struct {
|
|
RegistryAuth string
|
|
PrivilegeFunc RequestPrivilegeFunc
|
|
Filters filters.Args
|
|
Limit int
|
|
}
|
|
|
|
// ResizeOptions holds parameters to resize a tty.
|
|
// It can be used to resize container ttys and
|
|
// exec process ttys too.
|
|
type ResizeOptions struct {
|
|
Height uint
|
|
Width uint
|
|
}
|
|
|
|
// VersionResponse holds version information for the client and the server
|
|
type VersionResponse struct {
|
|
Client *Version
|
|
Server *Version
|
|
}
|
|
|
|
// ServerOK returns true when the client could connect to the docker server
|
|
// and parse the information received. It returns false otherwise.
|
|
func (v VersionResponse) ServerOK() bool {
|
|
return v.Server != nil
|
|
}
|
|
|
|
// NodeListOptions holds parameters to list nodes with.
|
|
type NodeListOptions struct {
|
|
Filters filters.Args
|
|
}
|
|
|
|
// NodeRemoveOptions holds parameters to remove nodes with.
|
|
type NodeRemoveOptions struct {
|
|
Force bool
|
|
}
|
|
|
|
// ServiceCreateOptions contains the options to use when creating a service.
|
|
type ServiceCreateOptions struct {
|
|
// EncodedRegistryAuth is the encoded registry authorization credentials to
|
|
// use when updating the service.
|
|
//
|
|
// This field follows the format of the X-Registry-Auth header.
|
|
EncodedRegistryAuth string
|
|
}
|
|
|
|
// ServiceCreateResponse contains the information returned to a client
|
|
// on the creation of a new service.
|
|
type ServiceCreateResponse struct {
|
|
// ID is the ID of the created service.
|
|
ID string
|
|
// Warnings is a set of non-fatal warning messages to pass on to the user.
|
|
Warnings []string `json:",omitempty"`
|
|
}
|
|
|
|
// Values for RegistryAuthFrom in ServiceUpdateOptions
|
|
const (
|
|
RegistryAuthFromSpec = "spec"
|
|
RegistryAuthFromPreviousSpec = "previous-spec"
|
|
)
|
|
|
|
// ServiceUpdateOptions contains the options to be used for updating services.
|
|
type ServiceUpdateOptions struct {
|
|
// EncodedRegistryAuth is the encoded registry authorization credentials to
|
|
// use when updating the service.
|
|
//
|
|
// This field follows the format of the X-Registry-Auth header.
|
|
EncodedRegistryAuth string
|
|
|
|
// TODO(stevvooe): Consider moving the version parameter of ServiceUpdate
|
|
// into this field. While it does open API users up to racy writes, most
|
|
// users may not need that level of consistency in practice.
|
|
|
|
// RegistryAuthFrom specifies where to find the registry authorization
|
|
// credentials if they are not given in EncodedRegistryAuth. Valid
|
|
// values are "spec" and "previous-spec".
|
|
RegistryAuthFrom string
|
|
}
|
|
|
|
// ServiceListOptions holds parameters to list services with.
|
|
type ServiceListOptions struct {
|
|
Filters filters.Args
|
|
}
|
|
|
|
// TaskListOptions holds parameters to list tasks with.
|
|
type TaskListOptions struct {
|
|
Filters filters.Args
|
|
}
|
|
|
|
// PluginRemoveOptions holds parameters to remove plugins.
|
|
type PluginRemoveOptions struct {
|
|
Force bool
|
|
}
|
|
|
|
// PluginEnableOptions holds parameters to enable plugins.
|
|
type PluginEnableOptions struct {
|
|
Timeout int
|
|
}
|
|
|
|
// PluginDisableOptions holds parameters to disable plugins.
|
|
type PluginDisableOptions struct {
|
|
Force bool
|
|
}
|
|
|
|
// PluginInstallOptions holds parameters to install a plugin.
|
|
type PluginInstallOptions struct {
|
|
Disabled bool
|
|
AcceptAllPermissions bool
|
|
RegistryAuth string // RegistryAuth is the base64 encoded credentials for the registry
|
|
RemoteRef string // RemoteRef is the plugin name on the registry
|
|
PrivilegeFunc RequestPrivilegeFunc
|
|
AcceptPermissionsFunc func(PluginPrivileges) (bool, error)
|
|
Args []string
|
|
}
|
|
|
|
// SecretRequestOption is a type for requesting secrets
|
|
type SecretRequestOption struct {
|
|
Source string
|
|
Target string
|
|
UID string
|
|
GID string
|
|
Mode os.FileMode
|
|
}
|
|
|
|
// SwarmUnlockKeyResponse contains the response for Engine API:
|
|
// GET /swarm/unlockkey
|
|
type SwarmUnlockKeyResponse struct {
|
|
// UnlockKey is the unlock key in ASCII-armored format.
|
|
UnlockKey string
|
|
}
|
|
|
|
// PluginCreateOptions hold all options to plugin create.
|
|
type PluginCreateOptions struct {
|
|
RepoName string
|
|
}
|