beenull/moby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
moby/hack/make
History
Sebastiaan van Stijn 62b33a2604
disable pulling legacy image formats by default 
This patch disables pulling legacy (schema1 and schema 2, version 1) images by
default.

A `DOCKER_ENABLE_DEPRECATED_PULL_SCHEMA_1_IMAGE` environment-variable is
introduced to allow re-enabling this feature, aligning with the environment
variable used in containerd 2.0 (`CONTAINERD_ENABLE_DEPRECATED_PULL_SCHEMA_1_IMAGE`).

With this patch, attempts to pull a legacy image produces an error:

With graphdrivers:

    docker pull docker:1.0
    1.0: Pulling from library/docker
    [DEPRECATION NOTICE] Docker Image Format v1, and Docker Image manifest version 2, schema 1 support will be removed in an upcoming release. Suggest the author of docker.io/library/docker:1.0 to upgrade the image to the OCI Format, or Docker Image manifest v2, schema 2. More information at https://docs.docker.com/go/deprecated-image-specs/

With the containerd image store enabled, output is slightly different
as it returns the error before printing the `1.0: pulling ...`:

    docker pull docker:1.0
    Error response from daemon: [DEPRECATION NOTICE] Docker Image Format v1 and Docker Image manifest version 2, schema 1 support is disabled by default and will be removed in an upcoming release. Suggest the author of docker.io/library/docker:1.0 to upgrade the image to the OCI Format or Docker Image manifest v2, schema 2. More information at https://docs.docker.com/go/deprecated-image-specs/

Using the "distribution" endpoint to resolve the digest for an image also
produces an error:

    curl -v --unix-socket /var/run/docker.sock http://foo/distribution/docker.io/library/docker:1.0/json
    *   Trying /var/run/docker.sock:0...
    * Connected to foo (/var/run/docker.sock) port 80 (#0)
    > GET /distribution/docker.io/library/docker:1.0/json HTTP/1.1
    > Host: foo
    > User-Agent: curl/7.88.1
    > Accept: */*
    >
    < HTTP/1.1 400 Bad Request
    < Api-Version: 1.45
    < Content-Type: application/json
    < Docker-Experimental: false
    < Ostype: linux
    < Server: Docker/dev (linux)
    < Date: Tue, 27 Feb 2024 16:09:42 GMT
    < Content-Length: 354
    <
    {"message":"[DEPRECATION NOTICE] Docker Image Format v1, and Docker Image manifest version 2, schema 1 support will be removed in an upcoming release. Suggest the author of docker.io/library/docker:1.0 to upgrade the image to the OCI Format, or Docker Image manifest v2, schema 2. More information at https://docs.docker.com/go/deprecated-image-specs/"}
    * Connection #0 to host foo left intact

Starting the daemon with the `DOCKER_ENABLE_DEPRECATED_PULL_SCHEMA_1_IMAGE`
env-var set to a non-empty value allows pulling the image;

    docker pull docker:1.0
    [DEPRECATION NOTICE] Docker Image Format v1 and Docker Image manifest version 2, schema 1 support is disabled by default and will be removed in an upcoming release. Suggest the author of docker.io/library/docker:1.0 to upgrade the image to the OCI Format or Docker Image manifest v2, schema 2. More information at https://docs.docker.com/go/deprecated-image-specs/
    b0a0e6710d13: Already exists
    d193ad713811: Already exists
    ba7268c3149b: Already exists
    c862d82a67a2: Already exists
    Digest: sha256:5e7081837926c7a40e58881bbebc52044a95a62a2ea52fb240db3fc539212fe5
    Status: Image is up to date for docker:1.0
    docker.io/library/docker:1.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-02-28 13:57:43 +01:00
..
.binary hack: compile w/o optimizations & inlining when debugging 2023-09-08 17:16:58 +02:00
.go-autogen hack: display build cmd when DOCKER_DEBUG set 2023-01-19 21:33:39 +01:00
.go-autogen.ps1 use go-winres for windows build and cleanup autogen and winresources 2022-04-14 19:52:36 +02:00
.install Fixup libnetwork lint errors 2021-06-01 23:48:32 +00:00
.integration-daemon-start disable pulling legacy image formats by default 2024-02-28 13:57:43 +01:00
.integration-daemon-stop run shfmt 2020-03-03 12:27:49 +09:00
.integration-test-helpers hack: Run integration tests through Delve 2023-09-26 15:42:11 +02:00
.mkwinres hack: remove version from binaries, and remove symlinks 2022-07-02 16:57:51 +02:00
binary Move proxy build into hack/make 2021-06-01 22:14:06 +00:00
binary-daemon hack: restore copy_binaries func 2023-01-05 13:21:28 +01:00
binary-proxy hack: do not set buildmode pie for statically linked binary 2023-01-01 18:03:02 +01:00
dynbinary Move proxy build into hack/make 2021-06-01 22:14:06 +00:00
dynbinary-daemon hack: remove unnecessary vars in make.sh script 2023-01-19 21:33:38 +01:00
dynbinary-proxy hack: remove unnecessary vars in make.sh script 2023-01-19 21:33:38 +01:00
install-binary hack: stop installing containerd-shim (io.containerd.runtime.v1.linux) 2022-06-05 18:41:44 +09:00
install-proxy Fixup libnetwork lint errors 2021-06-01 23:48:32 +00:00
README.md Remove test-unit from hack/make 2017-07-17 11:39:33 -04:00
run Disable tls when launching dockerd through hack/make.sh 2023-07-09 22:26:07 +02:00
test-docker-py docker-py: unskip some tests 2024-01-17 16:44:06 +01:00
test-integration Use process substitution to redirect to tee 2023-09-08 10:56:21 +02:00
test-integration-flaky run shfmt 2020-03-03 12:27:49 +09:00
test-integration-shell remove Dockerfile.e2e 2023-05-29 11:03:48 +02:00

README.md

This directory holds scripts called by make.sh in the parent directory.

Each script is named after the bundle it creates. They should not be called directly - instead, pass it as argument to make.sh, for example:

./hack/make.sh binary ubuntu

# Or to run all default bundles:
./hack/make.sh

To add a bundle:

  • Create a shell-compatible file here
  • Add it to $DEFAULT_BUNDLES in make.sh