Commit graph

1388 commits

Author SHA1 Message Date
Derek McGowan
9f1a11056c Use notary library for trusted image fetch and signing
Add a trusted flag to force the cli to resolve a tag into a digest via the notary trust library and pull by digest.
On push the flag the trust flag will indicate the digest and size of a manifest should be signed and push to a notary server.
If a tag is given, the cli will resolve the tag into a digest and pull by digest.
After pulling, if a tag is given the cli makes a request to tag the image.

Use certificate directory for notary requests

Read certificates using same logic used by daemon for registry requests.

Catch JSON syntax errors from Notary client

When an uncaught error occurs in Notary it may show up in Docker as a JSON syntax error, causing a confusing error message to the user.
Provide a generic error when a JSON syntax error occurs.

Catch expiration errors and wrap in additional context.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2015-07-24 14:08:20 -07:00
Tibor Vass
264e16318f reexec: Use in-memory binary on linux instead of os.Args[0]
This keeps reexec working properly even if the on-disk binary was replaced.

Signed-off-by: Tibor Vass <tibor@docker.com>
2015-07-24 14:15:50 -04:00
Tibor Vass
0cec613de9 cli: new daemon command and new cli package
This patch creates a new cli package that allows to combine both client
and daemon commands (there is only one daemon command: docker daemon).

The `-d` and `--daemon` top-level flags are deprecated and a special
message is added to prompt the user to use `docker daemon`.

Providing top-level daemon-specific flags for client commands result
in an error message prompting the user to use `docker daemon`.

This patch does not break any old but correct usages.

This also makes `-d` and `--daemon` flags, as well as the `daemon`
command illegal in client-only binaries.

Signed-off-by: Tibor Vass <tibor@docker.com>
2015-07-23 19:44:46 -04:00
Arnaud Porterie
879067d69e Enable validate-lint as part of CI
Signed-off-by: Arnaud Porterie <arnaud.porterie@docker.com>
2015-07-22 15:23:34 -07:00
David Calavera
ebb4e279e8 Merge pull request #14442 from cpuguy83/refactor_logdrvier_reader
Refactor log driver reader
2015-07-22 11:54:35 -07:00
Antonio Murdaca
056158ea4c pkg: mount: golint
Fix the following warnings:

pkg/mount/mountinfo.go:5:6: type name will be used as mount.MountInfo by other packages, and that stutters; consider calling this Info
pkg/mount/mountinfo.go:7:2: struct field Id should be ID

Signed-off-by: Antonio Murdaca <runcom@linux.com>
2015-07-22 10:26:10 +02:00
Jessie Frazelle
64ddf3420c Merge pull request #14804 from dave-tucker/golint_nat
golint: Fix issues in pkg/nat
2015-07-21 20:38:40 -07:00
Jessie Frazelle
4b0f56e20b Merge pull request #14822 from runcom/host-config-links-on-start
Allow starting a container with an existing hostConfig which contains links
2015-07-21 20:06:26 -07:00
Brian Goff
b16ccd9856 remove dead code after decoupling from jsonlog
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2015-07-21 20:47:35 -04:00
Brian Goff
7d99b19364 Split reader interface from logger interface
Implement new reader interface on jsonfile.
Moves jsonlog decoding from daemon to jsonfile logger.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2015-07-21 20:47:31 -04:00
Arnaud Porterie
e546b22ece Merge pull request #13171 from jlhawn/archive_copy
docker cp to and from containers
2015-07-21 16:59:44 -07:00
Dave Tucker
3c362c6d56 golint: Fix issues in pkg/nat
Updates #14756

Signed-off-by: Dave Tucker <dt@docker.com>
2015-07-22 00:47:41 +01:00
David Calavera
e6e9fbe4f7 Merge pull request #14682 from duglin/Issue14621
Remove panic in nat package on invalid hostport
2015-07-21 15:48:51 -07:00
Arnaud Porterie
6618614367 Merge pull request #14805 from dave-tucker/golint_namesgen
golint: Lint pkg/namesgenerator
2015-07-21 13:45:31 -07:00
Antonio Murdaca
b93e4f669a Allow starting a container with an existing hostConfig which contains links
Signed-off-by: Antonio Murdaca <runcom@linux.com>
2015-07-21 22:10:00 +02:00
Josh Hawn
33cd39caf0 pkg/archive: new utilities for copying resources
Adds TarResource and CopyTo functions to be used for creating
archives for use with the new `docker cp` behavior.

Adds multiple test cases for the CopyFrom and CopyTo
functions in the pkg/archive package.

Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
2015-07-21 11:03:25 -07:00
Arnaud Porterie
9511b53907 Merge pull request #13617 from Microsoft/10662-sql
Windows: Statically linkable SQLite3
2015-07-21 10:12:40 -07:00
John Howard
9998a8cb38 Windows: Statically linkable SQLite3
Signed-off-by: John Howard <jhoward@microsoft.com>
2015-07-21 09:33:46 -07:00
Dave Tucker
4ddc4a1cdf golint: Lint pkg/namesgenerator
Also addded a couple more tests

Updates #14756

Signed-off-by: Dave Tucker <dt@docker.com>
2015-07-21 16:33:34 +01:00
Doug Davis
49691393a9 Merge pull request #14762 from LK4D4/lint_reexec
Add docstring to reexec.Command
2015-07-20 20:37:27 -04:00
Alexander Morozov
0340c8548a Add docstring to reexec.Command
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2015-07-20 17:00:18 -07:00
Antonio Murdaca
e9bcd25a76 move nat tests from container's unit test to nat's ones
Signed-off-by: Antonio Murdaca <runcom@linux.com>
2015-07-21 00:29:24 +02:00
Doug Davis
a4a878dfdb Remove panic in nat package on invalid hostport
Closes #14621

This one grew to be much more than I expected so here's the story... :-)
- when a bad port string (e.g. xxx80) is passed into container.create()
  via the API it wasn't being checked until we tried to start the container.
- While starting the container we trid to parse 'xxx80' in nat.Int()
  and would panic on the strconv.ParseUint().  We should (almost) never panic.
- In trying to remove the panic I decided to make it so that we, instead,
  checked the string during the NewPort() constructor.  This means that
  I had to change all casts from 'string' to 'Port' to use NewPort() instead.
  Which is a good thing anyway, people shouldn't assume they know the
  internal format of types like that, in general.
- This meant I had to go and add error checks on all calls to NewPort().
  To avoid changing the testcases too much I create newPortNoError() **JUST**
  for the testcase uses where we know the port string is ok.
- After all of that I then went back and added a check during container.create()
  to check the port string so we'll report the error as soon as we get the
  data.
- If, somehow, the bad string does get into the metadata we will generate
  an error during container.start() but I can't test for that because
  the container.create() catches it now.  But I did add a testcase for that.

Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-07-17 13:02:54 -07:00
Arnaud Porterie
ab8d2da487 Merge pull request #14693 from LK4D4/update_libcontainer
Update libcontainer
2015-07-17 13:02:04 -07:00
Sebastiaan van Stijn
8e5b6040fa Merge pull request #13951 from calavera/plugins_path
Separate plugin sockets and specs.
2015-07-17 21:11:31 +02:00
David Calavera
13a2948dc8 Merge pull request #14605 from brahmaroutu/gccgo_scheduler
Go Scheduler issue with sync.Mutex
2015-07-17 08:16:32 -07:00
root
b0e927fed5 Go Scheduler issue with sync.Mutex using gccgo
Signed-off-by: Srini Brahmaroutu <srbrahma@us.ibm.com>
2015-07-17 01:33:58 +00:00
Alexander Morozov
b069f4c9c2 Update libcontainer
Replaced github.com/docker/libcontainer with
github.com/opencontainers/runc/libcontaier.
Also I moved AppArmor profile generation to docker.

Main idea of this update is to fix mounting cgroups inside containers.
After updating docker on CI we can even remove dind.

Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2015-07-16 16:02:26 -07:00
David Calavera
bee3972856 Separate plugin sockets and specs.
Check if there is a plugin socket first under `/run/docker/plugins/NAME.sock`.
If there is no socket for a plugin, check `/etc/docker/plugins/NAME.spec` and
`/usr/lib/docker/plugins/NAME.spec` for spec files.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2015-07-16 14:20:07 -07:00
Tibor Vass
1601bba9a5 remove pkg/transport and use the one from distribution
Signed-off-by: Tibor Vass <tibor@docker.com>
2015-07-16 13:13:46 -04:00
David Calavera
4832a3dc2d Merge pull request #14661 from LK4D4/vet_warns
Fix some formatting calls
2015-07-15 16:41:18 -07:00
Alexander Morozov
a3941cab07 Fix some formatting calls
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2015-07-15 12:25:50 -07:00
Victor Vieux
3314761f62 add support for base path in docker cli -H
Signed-off-by: Victor Vieux <victorvieux@gmail.com>
2015-07-08 15:42:40 -07:00
Alexander Morozov
d5b7b9fa88 Don't use time.After if there is no timeout
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2015-07-14 09:14:51 -07:00
Alexander Morozov
879a1a6842 Add docstring to pubsub.Publisher
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2015-07-14 09:10:14 -07:00
Brian Goff
5d7acae1cb Merge pull request #14595 from LK4D4/pubsub_bench
Benchmark and race test for pkg/pubsub
2015-07-13 23:04:44 -04:00
5780ccaafa Merge pull request #14021 from rhvgoyal/detect-pool-loopback-devices
devicemapper: Check loop devices of existing pool
2015-07-13 21:15:23 -04:00
Alexander Morozov
8bf98d0fc3 Merge pull request #14599 from brahmaroutu/gccgo_timeduration
time duration should be nano seconds, gccgo treats it as zero
2015-07-13 16:44:45 -06:00
Jessie Frazelle
b0d08a43dc Merge pull request #14205 from YanFeng-Adam/patch
update testcase mount/sharedsubtree_linux_test.go
2015-07-13 14:28:30 -07:00
root
b220cdfe3b time duration should be nano seconds, gccgo treats it as zero
Signed-off-by: Srini Brahmaroutu <srbrahma@us.ibm.com>
2015-07-13 18:01:43 +00:00
Alexander Morozov
965e905b41 Merge pull request #14583 from sagarhani/patch-1
Added entry for Sir M.Visvesvaraya
2015-07-13 10:47:08 -06:00
Arnaud Porterie
2da58e432b Merge pull request #14569 from vdemeester/pkg-fileutils-tests
Add missing tests and docs for pkg/fileutils
2015-07-13 09:29:30 -07:00
Alexander Morozov
e1418b1ff7 Race test for pkg/pubsub package
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2015-07-13 09:05:47 -07:00
Arnaud Porterie
c87c6398f3 Merge pull request #14554 from Ajeey/added-notable-indian-scientists
Added notable indian scientists to names-generator.go
2015-07-13 09:05:47 -07:00
Alexander Morozov
247035f2b7 Benchmark for pkg/pubsub package
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
2015-07-13 09:02:16 -07:00
Sagar Hani
aa2b8c2b50 Added entry for Sir M.Visvesvaraya
Signed-off-by: Sagar Hani <sagarhani33@gmail.com>
2015-07-13 17:20:45 +05:30
Vincent Demeester
95d6468e72 Add missing tests and docs for pkg/fileutils
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2015-07-12 22:43:42 +02:00
Raghavendra K T
8539f493fa Add the memory swappiness tuning option to docker.
Memory swappiness option takes 0-100, and helps to tune swappiness
behavior per container.
For example, When a lower value of swappiness is chosen
the container will see minimum major faults. When no value is
specified for memory-swappiness in docker UI, it is inherited from
parent cgroup. (generally 60 unless it is changed).

Signed-off-by: Raghavendra K T <raghavendra.kt@linux.vnet.ibm.com>
2015-07-12 13:16:33 +05:30
Ajey Charantimath
df2f916c1f Added notable indian scientists to names-generator.go
Signed-off-by: Ajey Charantimath <ajey.charantimath@gmail.com>
2015-07-11 20:11:22 +05:30
Lei Jitang
853b7e8274 Fix copy from a "created" container. Fixes #14420
Signed-off-by: Lei Jitang <leijitang@huawei.com>
2015-07-08 11:15:09 +08:00