while wokring on another PR, I noticed that hack/vendor.sh was picking
up unrelated files. Maybe a previous update to the hack/vendor.sh failed
to run the script and push the vendor changes ?
Signed-off-by: Madhu Venugopal <madhu@docker.com>
Upstream-commit: dcc4a14ba31ab195f97dcf264835339a1a00e8d5
Component: engine
This PR brings the vendored libnetwork code to
3be488927db8d719568917203deddd630a194564, which pulls in quite a few
fixes to support kvstore, windows daemon compilation fixes,
multi-network support for Bridge driver, etc...
Signed-off-by: Madhu Venugopal <madhu@docker.com>
Upstream-commit: 083300168fb0f42e022e9fa2ce47a7b2aac9967a
Component: engine
allows to send container logs to Graylog or Logstash.
Signed-off-by: Marius Sturm <marius@graylog.com>
Upstream-commit: 96d06e106fb9e35e5a526054d3aa0152152a9cc4
Component: engine
It includes fix for mounting / as volume on SELinux.
docker/libcontainer#619
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
Upstream-commit: 38acd31e8a99ef043f9a5cf84f968ebebc31614e
Component: engine
When the daemon is going down trigger immediate
garbage collection of libnetwork resources deleted
like namespace path since there will be no way to
remove them when the daemon restarts.
Signed-off-by: Jana Radhakrishnan <mrjana@docker.com>
Upstream-commit: c68e7f96f9636a9b2ab0c2c0dbf753161fa73fc2
Component: engine
To ensure manifest integrity when pulling by digest, this changeset ensures
that not only the remote digest provided by the registry is verified but also
that the digest provided on the command line is checked, as well. If this check
fails, the pull is cancelled as with an error. Inspection also should that
while layers were being verified against their digests, the error was being
treated as tech preview image signing verification error. This, in fact, is not
a tech preview and opens up the docker daemon to man in the middle attacks that
can be avoided with the v2 registry protocol.
As a matter of cleanliness, the digest package from the distribution project
has been updated to latest version. There were some recent improvements in the
digest package.
Signed-off-by: Stephen J Day <stephen.day@docker.com>
Upstream-commit: 06612cc0fee103bf6f46429e3cd572725ef72948
Component: engine
This version brings in upto-date important bug-fixes from libnetwork
Signed-off-by: Madhu Venugopal <madhu@docker.com>
Upstream-commit: a3d22c764cfc3e175cdfb992f3b2314f23540236
Component: engine
If a container was started with a non-root user the container
may not be able to resolve DNS names because of too restrictive
permission in the /etc/resolv.conf container file. This problem
is in how this file gets created in libnetwork and ths PR
attempts to fix the issue by vendoring in the libnetwork code
with the fix.
Signed-off-by: Jana Radhakrishnan <mrjana@docker.com>
Upstream-commit: afd901e408d8d4ed00707c545ae985bc637a1979
Component: engine
It adds List function for listing all supported caps
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
Upstream-commit: 5a2d592c27e93cf7f3d01216cf6e22656330fe84
Component: engine
Previously, we've taken advantage of the fact that libcontainer's `update-vendor.sh` is the same syntax as Docker's `vendor.sh` with some shell magic. This changes that to copy libcontainer's dependencies into this file explicitly so that we can scale to more projects with varying methods of vendoring (assuming they don't use import re-writing, which screws up everyone).
We'll need to stay diligent in making sure this list matches what's in libcontainer's `update-vendor.sh` (minus the not-required codegangsta/cli dep), but that's a fair trade-off for being able to scale our dependency model better (and track new discrete dependencies more directly).
Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
Upstream-commit: b919dee8347a47763d576136254bcbc922ef4c57
Component: engine
To help avoid version mismatches between libcontainer and Docker, this updates libcontainer to be the source of truth for which version of logrus the project is using. This should help avoid potential incompatibilities in the future, too. 👍
Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
Upstream-commit: 80a895142e7101b44ff71910bb2da994b1cc4f5f
Component: engine
This includes a fix for the minor v2 API change introduced by 341a37095f. 👍
Signed-off-by: Andrew "Tianon" Page <admwiggin@gmail.com>
Upstream-commit: b447fef7ecb740bc0f9ece75e10926fc5f121b5c
Component: engine
Changes relevant for Docker since 0.6.6 are (most other changes are hooks and
options for formatters):
* Debugging color output changed to gray.
* Don't quote the number 9 when it's by it self (i.e. `omg=9` instead of
`omg="8"`, this was the case for all other numbers)
* Performance is better when running a high logging level with lots of low-level
logging.
* Minor internal refactoring and more tests.
Signed-off-by: Simon Eskildsen <sirup@sirupsen.com>
Upstream-commit: 3a33bff7fdd96705e761bb1f1750cfa6f4df4070
Component: engine
This addresses a subtle deadlock where an error during a copy prevented pipe
closure to propagate correctly. By closing down the read end of the pipe rather
than the write end, the waiting writer is properly signaled. A nice side-effect
of this change is that errors encountered by io.Copy are now propagated to the
verifier's Write method.
A test to ensure validation errors for unsupported digest types has been added,
as well.
Signed-off-by: Stephen J Day <stephen.day@docker.com>
Upstream-commit: 0306a41909175b467d08ebc97d4c5136ca9e7ebd
Component: engine
