Commit graph

1674 commits

Author SHA1 Message Date
Tibor Vass
b49fc92969 Merge pull request #15123 from ewindisch/seed-pkgrand-cryptorand
Prefer crypto rand seed for pkg/rand
2015-07-30 22:41:17 -04:00
Tibor Vass
352f58a5e2 Merge pull request #15146 from kolyshkin/mkdirall
Simplify and fix MkdirAll usage
2015-07-30 22:40:57 -04:00
Alexander Morozov
fca8ba94b3 Merge pull request #14950 from ottok/master
Multiple fixes to 'docker stats' output
2015-07-30 14:02:35 -07:00
David Calavera
877d55447f Merge pull request #14885 from jlhawn/fix_cp_symlink
Fix copying of symlinks in containers
2015-07-30 13:42:40 -07:00
Alexander Morozov
ec634329dc Merge pull request #15169 from Microsoft/10662-tidydiff
Tidy platform common bits in diff
2015-07-30 13:42:27 -07:00
John Howard
786c3fafa0 Tidy platform common bits in diff
Signed-off-by: John Howard <jhoward@microsoft.com>
2015-07-30 13:04:49 -07:00
Josh Hawn
bd8af5b419 Fix docker cp Behavior With Symlinks
[pkg/archive] Update archive/copy path handling

  - Remove unused TarOptions.Name field.
  - Add new TarOptions.RebaseNames field.
  - Update some of the logic around path dir/base splitting.
  - Update some of the logic behind archive entry name rebasing.

[api/types] Add LinkTarget field to PathStat

[daemon] Fix stat, archive, extract of symlinks

  These operations *should* resolve symlinks that are in the path but if the
  resource itself is a symlink then it *should not* be resolved. This patch
  puts this logic into a common function `resolvePath` which resolves symlinks
  of the path's dir in scope of the container rootfs but does not resolve the
  final element of the path. Now archive, extract, and stat operations will
  return symlinks if the path is indeed a symlink.

[api/client] Update cp path hanling

[docs/reference/api] Update description of stat

  Add the linkTarget field to the header of the archive endpoint.
  Remove path field.

[integration-cli] Fix/Add cp symlink test cases

  Copying a symlink should do just that: copy the symlink NOT
  copy the target of the symlink. Also, the resulting file from
  the copy should have the name of the symlink NOT the name of
  the target file.

  Copying to a symlink should copy to the symlink target and not
  modify the symlink itself.

Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
2015-07-30 12:14:28 -07:00
Brian Goff
2b27285a0d Merge pull request #15156 from duglin/AddErrTruncIndex
Add missing typed error in truncindex
2015-07-30 14:55:40 -04:00
Kir Kolyshkin
fe45bb6d4d Simplify and fix os.MkdirAll() usage
TL;DR: check for IsExist(err) after a failed MkdirAll() is both
redundant and wrong -- so two reasons to remove it.

Quoting MkdirAll documentation:

> MkdirAll creates a directory named path, along with any necessary
> parents, and returns nil, or else returns an error. If path
> is already a directory, MkdirAll does nothing and returns nil.

This means two things:

1. If a directory to be created already exists, no error is returned.

2. If the error returned is IsExist (EEXIST), it means there exists
a non-directory with the same name as MkdirAll need to use for
directory. Example: we want to MkdirAll("a/b"), but file "a"
(or "a/b") already exists, so MkdirAll fails.

The above is a theory, based on quoted documentation and my UNIX
knowledge.

3. In practice, though, current MkdirAll implementation [1] returns
ENOTDIR in most of cases described in #2, with the exception when
there is a race between MkdirAll and someone else creating the
last component of MkdirAll argument as a file. In this very case
MkdirAll() will indeed return EEXIST.

Because of #1, IsExist check after MkdirAll is not needed.

Because of #2 and #3, ignoring IsExist error is just plain wrong,
as directory we require is not created. It's cleaner to report
the error now.

Note this error is all over the tree, I guess due to copy-paste,
or trying to follow the same usage pattern as for Mkdir(),
or some not quite correct examples on the Internet.

[v2: a separate aufs commit is merged into this one]

[1] https://github.com/golang/go/blob/f9ed2f75/src/os/path.go

Signed-off-by: Kir Kolyshkin <kir@openvz.org>
2015-07-30 11:48:08 -07:00
Tibor Vass
1c73db81af tlsconfig: better format for error message in tlsconfig
Signed-off-by: Tibor Vass <tibor@docker.com>
2015-07-30 14:15:41 -04:00
Tibor Vass
9f198e9313 Merge pull request #15100 from calavera/fix_reader_timeout
Fix reset timeout for buffer readers.
2015-07-30 13:18:06 -04:00
Doug Davis
a8465f999b Add missing typed error in truncindex
Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-07-30 07:52:34 -07:00
Otto Kekäläinen
de0d8cfd0f Multiple fixes to 'docker stats' output:
* Add space between values in docker stats output for easier parsing

  Old output could not be parsed easily because there were columns
  that did not have any separator. Also values that are together
  without any space is difficult to read even for humans.

* Update unit.HumanSize comment to match what the does actually does

Signed-off-by: Otto Kekäläinen <otto@seravo.fi>
2015-07-30 10:14:57 +03:00
John Howard
95594939be Windows: Daemon build is broken
Signed-off-by: John Howard <jhoward@microsoft.com>
2015-07-29 20:08:51 -07:00
Arnaud Porterie
4991aad4df Merge pull request #15126 from LK4D4/global_rand
Use global random *rand.Rand instance in pkg
2015-07-29 17:36:25 -07:00
Arnaud Porterie
c16f6bc021 Merge pull request #15040 from vbatts/vbatts-double-decompress-fix
archive, graphdriver: double decompress fix
2015-07-29 16:48:02 -07:00
Jessie Frazelle
698b089d9e Merge pull request #13542 from kvasdopil/freebsd-work
Make docker build on FreeBSD
2015-07-29 15:15:37 -07:00
Tibor Vass
3589475dc0 Merge pull request #15111 from Microsoft/fix-archive-copy-log
Fix log to logrus
2015-07-29 14:48:19 -04:00
Alexey Guskov
4e30080c64 make docker compile on freebsd
Signed-off-by: Alexey Guskov <lexag@mail.ru>
2015-07-29 21:25:56 +03:00
John Howard
cc00685f72 Fix log to logrus
Signed-off-by: John Howard <jhoward@microsoft.com>
2015-07-29 09:58:07 -07:00
Eric Windisch
8a44179788 Prefer crypto rand seed for pkg/rand
Crypto rand is a much better seed for math/rand than
time. In the event we use math/rand where we should not,
this will make it a safer source of random numbers.

Although potentially dangerous, this will still fallback
to time should crypto/rand for any reason fail.

Signed-off-by: Eric Windisch <eric@windisch.us>
2015-07-29 12:55:57 -04:00
Alexander Morozov
5ffc6a6fae Use global random *rand.Rand instance in pkg
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2015-07-29 09:30:48 -07:00
Alexander Morozov
0dc55c7057 Replace GenerateRandomID with GenerateNonCryptoID
This allow us to avoid entropy usage in non-crypto critical places.

Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2015-07-28 22:31:01 -07:00
Alexander Morozov
f8502c82ee Add GenerateNonCryptoID function to avoid entropy exhaustion
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2015-07-28 22:31:01 -07:00
Alexander Morozov
fb13942b1e Add global instance of *(math/rand).Rand and Reader
You can read random bytes from Reader without exhausting entropy.

Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2015-07-28 22:30:57 -07:00
David Calavera
62ccc23024 Fix reset timeout for buffer readers.
Use our goroutine-safe random source.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-07-28 14:30:18 -07:00
Vincent Batts
f0512440f7 archive, chrootarchive: split out decompression
In `ApplyLayer` and `Untar`, the stream is magically decompressed. Since
this is not able to be toggled, rather than break this ./pkg/ API, add
an `ApplyUncompressedLayer` and `UntarUncompressed` that does not
magically decompress the layer stream.

Signed-off-by: Vincent Batts <vbatts@redhat.com>
2015-07-28 16:36:38 -04:00
Félix Cantournet
26a545e3bc Fix golint for pkg/mflag
Signed-off-by: Félix Cantournet <felix.cantournet@cloudwatt.com>
2015-07-28 15:32:42 +02:00
Aaron Lehmann
0715aa3a13 Fix golint nit in term_windows.go
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-07-27 17:40:49 -07:00
Jessie Frazelle
809a231314 Merge pull request #14838 from Microsoft/10662-ansirewrite
Windows: CLI Improvement (TP3)
2015-07-27 17:30:14 -07:00
Vincent Demeester
9bcb3cba83 Lint on pkg/* packages
- pkg/useragent
- pkg/units
- pkg/ulimit
- pkg/truncindex
- pkg/timeoutconn
- pkg/term
- pkg/tarsum
- pkg/tailfile
- pkg/systemd
- pkg/stringutils
- pkg/stringid
- pkg/streamformatter
- pkg/sockets
- pkg/signal
- pkg/proxy
- pkg/progressreader
- pkg/pools
- pkg/plugins
- pkg/pidfile
- pkg/parsers
- pkg/parsers/filters
- pkg/parsers/kernel
- pkg/parsers/operatingsystem

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2015-07-27 21:26:21 +02:00
Jessie Frazelle
a922d62168 Merge pull request #14959 from runcom/remove-pkg-systemd-booted-go
Remove pkg/systemd/booted.go
2015-07-27 10:22:58 -07:00
Vincent Batts
efe2e75d81 *: s/direcotry/directory/g typo
Signed-off-by: Vincent Batts <vbatts@redhat.com>
2015-07-27 11:29:28 -04:00
Chris Seto
65b22e7a78 Fix go vet errors
Signed-off-by: Chris Seto <chriskseto@gmail.com>
2015-07-25 17:00:10 -04:00
Derek McGowan
9f1a11056c Use notary library for trusted image fetch and signing
Add a trusted flag to force the cli to resolve a tag into a digest via the notary trust library and pull by digest.
On push the flag the trust flag will indicate the digest and size of a manifest should be signed and push to a notary server.
If a tag is given, the cli will resolve the tag into a digest and pull by digest.
After pulling, if a tag is given the cli makes a request to tag the image.

Use certificate directory for notary requests

Read certificates using same logic used by daemon for registry requests.

Catch JSON syntax errors from Notary client

When an uncaught error occurs in Notary it may show up in Docker as a JSON syntax error, causing a confusing error message to the user.
Provide a generic error when a JSON syntax error occurs.

Catch expiration errors and wrap in additional context.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2015-07-24 14:08:20 -07:00
Tibor Vass
264e16318f reexec: Use in-memory binary on linux instead of os.Args[0]
This keeps reexec working properly even if the on-disk binary was replaced.

Signed-off-by: Tibor Vass <tibor@docker.com>
2015-07-24 14:15:50 -04:00
Antonio Murdaca
bd749bf0b7 Remove pkg/systemd/booted.go
Signed-off-by: Antonio Murdaca <runcom@linux.com>
2015-07-24 18:09:27 +02:00
Tibor Vass
0cec613de9 cli: new daemon command and new cli package
This patch creates a new cli package that allows to combine both client
and daemon commands (there is only one daemon command: docker daemon).

The `-d` and `--daemon` top-level flags are deprecated and a special
message is added to prompt the user to use `docker daemon`.

Providing top-level daemon-specific flags for client commands result
in an error message prompting the user to use `docker daemon`.

This patch does not break any old but correct usages.

This also makes `-d` and `--daemon` flags, as well as the `daemon`
command illegal in client-only binaries.

Signed-off-by: Tibor Vass <tibor@docker.com>
2015-07-23 19:44:46 -04:00
Arnaud Porterie
879067d69e Enable validate-lint as part of CI
Signed-off-by: Arnaud Porterie <arnaud.porterie@docker.com>
2015-07-22 15:23:34 -07:00
David Calavera
ebb4e279e8 Merge pull request #14442 from cpuguy83/refactor_logdrvier_reader
Refactor log driver reader
2015-07-22 11:54:35 -07:00
Antonio Murdaca
056158ea4c pkg: mount: golint
Fix the following warnings:

pkg/mount/mountinfo.go:5:6: type name will be used as mount.MountInfo by other packages, and that stutters; consider calling this Info
pkg/mount/mountinfo.go:7:2: struct field Id should be ID

Signed-off-by: Antonio Murdaca <runcom@linux.com>
2015-07-22 10:26:10 +02:00
Jessie Frazelle
64ddf3420c Merge pull request #14804 from dave-tucker/golint_nat
golint: Fix issues in pkg/nat
2015-07-21 20:38:40 -07:00
Jessie Frazelle
4b0f56e20b Merge pull request #14822 from runcom/host-config-links-on-start
Allow starting a container with an existing hostConfig which contains links
2015-07-21 20:06:26 -07:00
Brian Goff
b16ccd9856 remove dead code after decoupling from jsonlog
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2015-07-21 20:47:35 -04:00
Brian Goff
7d99b19364 Split reader interface from logger interface
Implement new reader interface on jsonfile.
Moves jsonlog decoding from daemon to jsonfile logger.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2015-07-21 20:47:31 -04:00
Arnaud Porterie
e546b22ece Merge pull request #13171 from jlhawn/archive_copy
docker cp to and from containers
2015-07-21 16:59:44 -07:00
Dave Tucker
3c362c6d56 golint: Fix issues in pkg/nat
Updates #14756

Signed-off-by: Dave Tucker <dt@docker.com>
2015-07-22 00:47:41 +01:00
John Howard
9a30d8cf9f Windows: CLI Improvement
The Ansi parser and their associated actions have been decoupled. Now
parsing results in call backs to an interface which performs the
appropriate actions depending on the environment.

This improvement provides a functional Vi experience and the vttest no
longer panics.

This PR replaces docker/docker #13224 with the latest console updates.

Signed-off-by: John Howard <jhoward@microsoft.com>
2015-07-21 16:38:44 -07:00
David Calavera
e6e9fbe4f7 Merge pull request #14682 from duglin/Issue14621
Remove panic in nat package on invalid hostport
2015-07-21 15:48:51 -07:00
Arnaud Porterie
6618614367 Merge pull request #14805 from dave-tucker/golint_namesgen
golint: Lint pkg/namesgenerator
2015-07-21 13:45:31 -07:00