[pull] master from docker:master #99
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
No code-changes, but updates the minimum go version to go1.23: > all: upgrade go directive to at least 1.23.0 [generated] > > By now Go 1.24.0 has been released, and Go 1.22 is no longer supported > per the Go Release Policy (https://go.dev/doc/devel/release#policy). > > For golang/go#69095. full diff: golang/crypto@v0.31.0...v0.34.0 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
We have tagged version v0.35.0 of golang.org/x/crypto in order to address a security issue. Version v0.35.0 of golang.org/x/crypto fixes a vulnerability in the golang.org/x/crypto/ssh package which could cause a denial of service. SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted. Thanks to Yuichi Watanabe for reporting this issue. This is CVE-2025-22869 and Go issue https://go.dev/issue/71931. full diff: golang/crypto@v0.31.0...v0.35.0 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
remove uses of cli.DefaultVersion()
vendor: golang.org/x/crypto v0.35.0
This error-group was added in 89583b9, but passed a context.TODO because the function didn't have a context as argument. However, it does get the root-command passed, which holds the context, so we can pass that. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Verify that listPluginCandidates returns an empty result if nothing was found. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Skip the other logic, which includes listing all commands provided; if there's no plugin-candidates, those steps won't be needed. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This function returned an error (if any) from [config.Path]. However, the only situation in which an error could be returned was if the given path to append to `config.Dir` was outside of the config directory. This can only happen if the path to append would try to traverse directories (e.g., passing `../../cli-plugins`). Given that we're passing a hard-coded value, that would not be the case, so we can simplify the code to join the path directly, and don't have to handle errors. [config.Path]: https://github.com/docker/cli/blob/2d74733942be353bc7730c8722ae2414f368b732/cli/config/config.go#L100-L107 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Swarm has size constraints on the size of secrets, but the client-side would
read content into memory, regardless its size. This could lead to either the
client reading too much into memory, or it sending data that's larger than
the size limit of gRPC, which resulted in the error not being handled by
SwarmKit and a generic gRPC error returned.
Reading a secret from a file was added in [moby@c6f0b7f], which used a
system.OpenSequential for reading ([FILE_FLAG_SEQUENTIAL_SCAN]). While
there could be a very marginal benefit to prevent polluting the system's
cache (Windows won’t aggressively keep it in the cache, freeing up system
memory for other tasks). These details were not documented in code, and
possibly may be too marginal, but adding a comment to outline won't hurt
so this patch also adds a comment.
This patch:
- Rewrites readSecretData to not return a nil-error if no file was
set, in stead only calling it when not using a driver.
- Implements reading the data with a limit-reader to prevent reading
large files into memory.
- The limit is based on SwarmKits limits ([MaxSecretSize]), but made
twice that size, just in case larger sizes are supported in future;
the main goal is to have some constraints, and to prevent hitting
the gRPC limit.
- Updates some error messages to include STDIN (when used), or the
filename (when used).
Before this patch:
ls -lh largefile
-rw------- 1 thajeztah staff 8.1M Mar 9 00:19 largefile
docker secret create nosuchfile ./nosuchfile
Error reading content from "./nosuchfile": open ./nosuchfile: no such file or directory
docker secret create toolarge ./largefile
Error response from daemon: rpc error: code = ResourceExhausted desc = grpc: received message larger than max (8462870 vs. 4194304)
docker secret create empty ./emptyfile
Error response from daemon: rpc error: code = InvalidArgument desc = secret data must be larger than 0 and less than 512000 bytes
cat ./largefile | docker secret create toolarge -
Error response from daemon: rpc error: code = ResourceExhausted desc = grpc: received message larger than max (8462870 vs. 4194304)
cat ./emptyfile | docker secret create empty -
Error response from daemon: rpc error: code = InvalidArgument desc = secret data must be larger than 0 and less than 512000 bytes
With this patch:
docker secret create nosuchfile ./nosuchfile
error reading from ./nosuchfile: open ./nosuchfile: no such file or directory
docker secret create empty ./emptyfile
error reading from ./emptyfile: data is empty
docker secret create toolarge ./largefile
Error response from daemon: rpc error: code = InvalidArgument desc = secret data must be larger than 0 and less than 512000 bytes
cat ./largefile | docker secret create toolarge -
Error response from daemon: rpc error: code = InvalidArgument desc = secret data must be larger than 0 and less than 512000 bytes
cat ./emptyfile | docker secret create empty -
error reading from STDIN: data is empty
[moby@c6f0b7f]: moby/moby@c6f0b7f
[FILE_FLAG_SEQUENTIAL_SCAN]: https://learn.microsoft.com/en-us/windows/win32/api/fileapi/nf-fileapi-createfilea#FILE_FLAG_SEQUENTIAL_SCAN
[MaxSecretSize]: https://pkg.go.dev/github.com/moby/swarmkit/v2@v2.0.0-20250103191802-8c1959736554/api/validation#MaxSecretSize
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Swarm has size constraints on the size of configs, but the client-side would
read content into memory, regardless its size. This could lead to either the
client reading too much into memory, or it sending data that's larger than
the size limit of gRPC, which resulted in the error not being handled by
SwarmKit and a generic gRPC error returned.
Reading a config from a file used a system.OpenSequential for reading
([FILE_FLAG_SEQUENTIAL_SCAN]). While there could be a very marginal benefit
to prevent polluting the system's cache (Windows won’t aggressively keep it
in the cache, freeing up system memory for other tasks). These details were
not documented in code, and possibly may be too marginal, but adding a comment
to outline won't hurt so this patch also adds a comment.
This patch:
- Factors out the reading code to a readConfigData, analogous to the
equivalent in secret create.
- Implements reading the data with a limit-reader to prevent reading
large files into memory.
- The limit is based on SwarmKits limits ([MaxConfigSize]), but made
twice that size, just in case larger sizes are supported in future;
the main goal is to have some constraints, and to prevent hitting
the gRPC limit.
- Updates some error messages to include STDIN (when used), or the
filename (when used).
Before this patch:
ls -lh largefile
-rw------- 1 thajeztah staff 8.1M Mar 9 00:19 largefile
docker config create nosuchfile ./nosuchfile
Error reading content from "./nosuchfile": open ./nosuchfile: no such file or directory
docker config create toolarge ./largefile
Error response from daemon: rpc error: code = ResourceExhausted desc = grpc: received message larger than max (8462870 vs. 4194304)
docker config create empty ./emptyfile
Error response from daemon: rpc error: code = InvalidArgument desc = config data must be larger than 0 and less than 1024000 bytes
cat ./largefile | docker config create toolarge -
Error response from daemon: rpc error: code = ResourceExhausted desc = grpc: received message larger than max (8462870 vs. 4194304)
cat ./emptyfile | docker config create empty -
Error response from daemon: rpc error: code = InvalidArgument desc = config data must be larger than 0 and less than 1024000 bytes
With this patch:
docker config create nosuchfile ./nosuchfile
error reading from ./nosuchfile: open ./nosuchfile: no such file or directory
docker config create empty ./emptyfile
error reading from ./emptyfile: data is empty
docker config create toolarge ./largefile
Error response from daemon: rpc error: code = InvalidArgument desc = config data must be larger than 0 and less than 1024000 bytes
cat ./largefile | docker config create toolarge -
Error response from daemon: rpc error: code = InvalidArgument desc = secret data must be larger than 0 and less than 1024000 bytes
cat ./emptyfile | docker config create empty -
error reading from STDIN: data is empty
[FILE_FLAG_SEQUENTIAL_SCAN]: https://learn.microsoft.com/en-us/windows/win32/api/fileapi/nf-fileapi-createfilea#FILE_FLAG_SEQUENTIAL_SCAN
[MaxConfigSize]: https://pkg.go.dev/github.com/moby/swarmkit/v2@v2.0.0-20250103191802-8c1959736554/manager/controlapi#MaxConfigSize
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
secret create, config create: refactor, use limit reader, and touch up errors
This patch fixes the `TestRunAttachTermination` flaky runs. It seems like we weren't halting on the `waitFunc` so if the process was fast enough to setup the signal handler and execute `waitExitOrRemoved`. We now instead wait for the `killCh` channel to close inside the mocked `waitFunc`. Signed-off-by: Alano Terblanche <18033717+Benehiko@users.noreply.github.com>
…uld propagate error This patch propagates the error up the stack when running `docker info` and a connection error to the server occurs. Signed-off-by: Alano Terblanche <18033717+Benehiko@users.noreply.github.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
While there may be reasons to keep pkg/errors in production code, we don't need them for this generator code. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
- Add runtime.Gosched() calls to encourage goroutine scheduling - Increase the timeout from 10ms to 500ms - Use poll.WaitOn with appropriate delays to ensure the goroutine has spawned before checking - Lock the test goroutines to its own thread Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
man: fix minor linting issues
docs/generate: remove uses of pkg/errors
Starting with [moby@b633c4c], the registry package handles this internally and there's no longer a need to set the path manually for rootlessKit [moby@b633c4c]: moby/moby@b633c4c Signed-off-by: Sebastiaan van Stijn <github@gone.nl> Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
test/cli-plugins: Attempt to make TestConnectAndWait less flaky
full diff: moby/moby@v28.0.1...bea4de2 Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
This validation is now handled by the API-client since [moby@5d6b566], so no longer needed to be done in the cli. This function was only used internally and has no external consumers, so removing it without deprecating first. [moby@5d6b566]: moby/moby@5d6b566 Signed-off-by: Sebastiaan van Stijn <github@gone.nl> Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
Since [moby@c2c3d59], [registry.ParseRepositoryInfo] now always returns a nil error, so we can remove the error handling. [registry.ParseRepositoryInfo]: https://github.com/moby/moby/blob/5f0d6731eb015c8e46b2ae9bb1803d005f2513be/registry/config.go#L414-L443 [moby@c2c3d59]: moby/moby@c2c3d59 Signed-off-by: Sebastiaan van Stijn <github@gone.nl> Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This package is not imported externally, and we don't need the added functionality of pkg/errors here, so use stdlib errors. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
vendor: github.com/docker/docker v28.0.2-dev (bea4de25004d)
opts: ListOpts: implement cobra.SliceValue to fix shell completion
The `GetSlice()` function is part of cobra's [cobra.SliceValue] interface, and duplicates the older `GetAll()` method. This patch changes our use of the `GetAll()` method with the intent to deprecated it in future. [cobra.SliceValue]: https://pkg.go.dev/github.com/spf13/cobra@v1.9.1#SliceValue Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This allows creating a spec from an existing url.URL Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This function was parsing the same URL twice; first to detect the scheme, then again (through ssh.ParseURL) to construct a ssh.Spec. Change the function to use the URL that's parsed, and use ssh.NewSpec instead. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
cli/command: change uses of ListOpts.GetAll for GetSlice
The `GetSlice()` function is part of cobra's [cobra.SliceValue] interface, and duplicates the older `GetAll()` method. This patch deprecates the `GetAll()` method in favor of `GetSlice()`. [cobra.SliceValue]: https://pkg.go.dev/github.com/spf13/cobra@v1.9.1#SliceValue Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
opts: deprecate ListOpts.GetAll in favor of ListOpts.GetSlice
cli/connhelper/ssh: add NewSpec utility to prevent parsing URL twice
chore: bump golangci-lint to v2
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Before this change, some errors could be ambiguous as they did not
distinguish a flag to be omitted, or set, but with an empty value.
For example, if a user would try to loging but with an empty username,
the error would suggest that the `--username` flag was not set (which
it was);
I don't have `MY_USERNAME` set in this shell;
printenv MY_USERNAME || echo 'variable not set'
variable not set
Now, attempting to do a non-interactive login would result in an
ambiguous error;
echo "supersecret" | docker login --password-stdin --username "$MY_USERNAME"
Must provide --username with --password-stdin
With this patch applied, the error indicates that the username was empty,
or not set;
echo "supersecret" | docker login --password-stdin --username "$MY_USERNAME"
username is empty
echo "supersecret" | docker login --password-stdin
the --password-stdin option requires --username to be set
echo "supersecret" | docker login --password-stdin --password "supersecret"
conflicting options: cannot specify both --password and --password-stdin
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
full diff: cpuguy83/go-md2man@v2.0.6...v2.0.7 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
no changes in vendored code full diff: docker/docker-credential-helpers@v0.9.2...v0.9.3 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
fix(QF1003): Convert if/else-if chain to tagged switch
vendor github.com/cpuguy83/go-md2man/v2 v2.0.7
vendor: github.com/docker/docker-credential-helpers v0.9.3
cli/command/registry: login: improve flag validation
The `-i` and `-t` options are not needed, as the `pwd` command does not require a TTY nor an interactive session. Drop them to simplify the example and avoid causing unnecessary confusion to the reader. Signed-off-by: 林博仁(Buo-ren Lin) <buo.ren.lin@gmail.com>
When generating our docs, flag-descriptions are currently expected to be under the "examples" section for them to be linked correctly. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
docs: run: Drop unnecessary command options of the --workdir example
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Before this patch, flags and arguments would complete using filenames
from the current directory;
docker inspect --type <TAB>
AUTHORS CONTRIBUTING.md docs/ Makefile SECURITY.md
...
docker inspect <TAB>
With this patch, no completion is provided;
docker inspect --type <TAB>
# no results
docker inspect <TAB>
# no results
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
With this patch:
docker inspect --type <TAB>
config image node secret task
container network plugin service volume
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Before this patch:
docker inspect --help | grep '\-\-type'
--type string Return JSON for specified type
With this patch:
docker inspect --help | grep '\-\-type'
--type string Only inspect objects of the given type
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Produce an error if the `--type` flag was set, but an empty value
was passed.
Before this patch:
docker inspect --type "" foo
# json output
docker inspect --type unknown foo
"unknown" is not a valid value for --type
With this patch:
docker inspect --type "" foo
type is empty: must be one of "config", "container", "image", "network", "node", "plugin", "secret", "service", "task", "volume"
docker inspect --type unknown foo
unknown type: "unknown": must be one of "config", "container", "image", "network", "node", "plugin", "secret", "service", "task", "volume"
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
docs: move flag examples to right section
inspect: add shell completion, improve flag-description for `--type` and improve validation
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )