diff --git a/.golangci.yml b/.golangci.yml index c494598d6cbe..b5f4d0be05a3 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -64,7 +64,7 @@ linters: alias: - pkg: "github.com/containerd/errdefs" alias: "cerrdefs" - - pkg: "github.com/docker/docker/client" + - pkg: "github.com/moby/moby/client" alias: "dockerclient" - pkg: "github.com/opencontainers/image-spec/specs-go/v1" alias: "ocispecs" diff --git a/build/build.go b/build/build.go index 0beb696c9c2e..d0d8291e4c97 100644 --- a/build/build.go +++ b/build/build.go @@ -29,8 +29,6 @@ import ( "github.com/docker/buildx/util/resolver" "github.com/docker/buildx/util/waitmap" "github.com/docker/cli/opts" - "github.com/docker/docker/api/types/image" - "github.com/docker/docker/pkg/jsonmessage" "github.com/moby/buildkit/client" "github.com/moby/buildkit/client/llb" "github.com/moby/buildkit/exporter/containerimage/exptypes" @@ -43,6 +41,8 @@ import ( spb "github.com/moby/buildkit/sourcepolicy/pb" "github.com/moby/buildkit/util/progress/progresswriter" "github.com/moby/buildkit/util/tracing" + "github.com/moby/moby/api/types/jsonstream" + dockerclient "github.com/moby/moby/client" "github.com/opencontainers/go-digest" ocispecs "github.com/opencontainers/image-spec/specs-go/v1" "github.com/pkg/errors" @@ -802,7 +802,7 @@ func pushWithMoby(ctx context.Context, d *driver.DriverHandle, name string, l pr return err } - rc, err := api.ImagePush(ctx, name, image.PushOptions{ + rc, err := api.ImagePush(ctx, name, dockerclient.ImagePushOptions{ RegistryAuth: creds, }) if err != nil { @@ -824,7 +824,7 @@ func pushWithMoby(ctx context.Context, d *driver.DriverHandle, name string, l pr dec := json.NewDecoder(rc) var parsedError error for { - var jm jsonmessage.JSONMessage + var jm jsonstream.Message if err := dec.Decode(&jm); err != nil { if parsedError != nil { return parsedError @@ -888,7 +888,9 @@ func remoteDigestWithMoby(ctx context.Context, d *driver.DriverHandle, name stri if len(img.RepoDigests) == 0 { return "", nil } - remoteImage, err := api.DistributionInspect(ctx, name, creds) + remoteImage, err := api.DistributionInspect(ctx, name, dockerclient.DistributionInspectOptions{ + EncodedRegistryAuth: creds, + }) if err != nil { return "", err } diff --git a/builder/builder.go b/builder/builder.go index 34ab026b85e2..9096a43b2685 100644 --- a/builder/builder.go +++ b/builder/builder.go @@ -25,6 +25,7 @@ import ( dopts "github.com/docker/cli/opts" "github.com/google/shlex" "github.com/moby/buildkit/util/progress/progressui" + dockerclient "github.com/moby/moby/client" "github.com/pkg/errors" "github.com/spf13/pflag" "github.com/tonistiigi/go-csvvalue" @@ -247,7 +248,7 @@ func (b *Builder) Factory(ctx context.Context, dialMeta map[string][]string) (_ } // check if endpoint is healthy is needed to determine the driver type. // if this fails then can't continue with driver selection. - if _, err = dockerapi.Ping(ctx); err != nil { + if _, err = dockerapi.Ping(ctx, dockerclient.PingOptions{}); err != nil { return } b.driverFactory.Factory, err = driver.GetDefaultFactory(ctx, ep, dockerapi, false, dialMeta) diff --git a/commands/build.go b/commands/build.go index 455a961ddb92..6a8cc52c1b14 100644 --- a/commands/build.go +++ b/commands/build.go @@ -36,7 +36,6 @@ import ( "github.com/docker/cli/cli" "github.com/docker/cli/cli/command" dockeropts "github.com/docker/cli/opts" - "github.com/docker/docker/api/types/versions" "github.com/moby/buildkit/client" "github.com/moby/buildkit/exporter/containerimage/exptypes" "github.com/moby/buildkit/frontend/subrequests" @@ -49,6 +48,7 @@ import ( sourcepolicy "github.com/moby/buildkit/sourcepolicy/pb" "github.com/moby/buildkit/util/grpcerrors" "github.com/moby/buildkit/util/progress/progressui" + "github.com/moby/moby/client/pkg/versions" "github.com/moby/sys/atomicwriter" "github.com/morikuni/aec" "github.com/pkg/errors" diff --git a/commands/diskusage.go b/commands/diskusage.go index 1d3d506dbc24..ce8c6752e31d 100644 --- a/commands/diskusage.go +++ b/commands/diskusage.go @@ -169,7 +169,7 @@ func runDiskUsage(ctx context.Context, dockerCli command.Cli, opts duOptions) er } defer func() { - if (fctx.Format != duDefaultTableFormat && fctx.Format != duDefaultPrettyTemplate) || fctx.Format.IsJSON() || opts.filter.Value().Len() > 0 { + if (fctx.Format != duDefaultTableFormat && fctx.Format != duDefaultPrettyTemplate) || fctx.Format.IsJSON() || len(opts.filter.Value()) > 0 { return } printSummary(dockerCli.Out(), out) diff --git a/commands/prune.go b/commands/prune.go index 556c981a0ce4..d18b9d914b9e 100644 --- a/commands/prune.go +++ b/commands/prune.go @@ -4,7 +4,9 @@ import ( "context" "fmt" "io" + "maps" "os" + "slices" "strings" "text/tabwriter" "time" @@ -14,12 +16,12 @@ import ( "github.com/docker/cli/cli" "github.com/docker/cli/cli/command" "github.com/docker/cli/opts" - "github.com/docker/docker/api/types/filters" "github.com/docker/go-units" "github.com/moby/buildkit/client" gateway "github.com/moby/buildkit/frontend/gateway/client" pb "github.com/moby/buildkit/solver/pb" "github.com/moby/buildkit/util/apicaps" + dclient "github.com/moby/moby/client" "github.com/pkg/errors" "github.com/spf13/cobra" "golang.org/x/sync/errgroup" @@ -42,9 +44,7 @@ const ( ) func runPrune(ctx context.Context, dockerCli command.Cli, opts pruneOptions) error { - pruneFilters := opts.filter.Value() - pruneFilters = command.PruneFilters(dockerCli, pruneFilters) - + pruneFilters := command.PruneFilters(dockerCli, opts.filter.Value()) pi, err := toBuildkitPruneInfo(pruneFilters) if err != nil { return err @@ -189,20 +189,22 @@ func pruneCmd(dockerCli command.Cli, rootOpts *rootOptions) *cobra.Command { return cmd } -func toBuildkitPruneInfo(f filters.Args) (*client.PruneInfo, error) { - var until time.Duration - untilValues := f.Get("until") // canonical - unusedForValues := f.Get("unused-for") // deprecated synonym for "until" filter +// getFilter returns the list of values associated with the key +func getFilter(f dclient.Filters, key string) []string { + return slices.Collect(maps.Keys(f[key])) +} - if len(untilValues) > 0 && len(unusedForValues) > 0 { - return nil, errors.Errorf("conflicting filters %q and %q", "until", "unused-for") +func toBuildkitPruneInfo(pruneFilters dclient.Filters) (*client.PruneInfo, error) { + var until time.Duration + if len(pruneFilters["until"]) > 0 && len(pruneFilters["unused-for"]) > 0 { + return nil, errors.New(`conflicting filters "until" and "unused-for"`) } untilKey := "until" - if len(unusedForValues) > 0 { - untilKey = "unused-for" + if len(pruneFilters["unused-for"]) > 0 { + untilKey = "unused-for" // deprecated synonym for "until" filter } - untilValues = append(untilValues, unusedForValues...) + untilValues := getFilter(pruneFilters, untilKey) switch len(untilValues) { case 0: // nothing to do @@ -213,16 +215,16 @@ func toBuildkitPruneInfo(f filters.Args) (*client.PruneInfo, error) { return nil, errors.Wrapf(err, "%q filter expects a duration (e.g., '24h')", untilKey) } default: - return nil, errors.Errorf("filters expect only one value") + return nil, errors.Errorf("%q filter expects only one value", untilKey) } - filters := make([]string, 0, f.Len()) - for _, filterKey := range f.Keys() { + filters := make([]string, 0, len(pruneFilters)) + for filterKey := range pruneFilters { if filterKey == untilKey { continue } - values := f.Get(filterKey) + values := getFilter(pruneFilters, filterKey) switch len(values) { case 0: filters = append(filters, filterKey) @@ -235,7 +237,7 @@ func toBuildkitPruneInfo(f filters.Args) (*client.PruneInfo, error) { filters = append(filters, filterKey+"=="+values[0]) } default: - return nil, errors.Errorf("filters expect only one value") + return nil, errors.Errorf("%q filter expects only one value", filterKey) } } return &client.PruneInfo{ diff --git a/driver/docker-container/driver.go b/driver/docker-container/driver.go index 4f26f17c85b8..8283672b307e 100644 --- a/driver/docker-container/driver.go +++ b/driver/docker-container/driver.go @@ -21,15 +21,14 @@ import ( "github.com/docker/buildx/util/progress" "github.com/docker/cli/cli/context/docker" "github.com/docker/cli/opts" - "github.com/docker/docker/api/types/container" - "github.com/docker/docker/api/types/image" - "github.com/docker/docker/api/types/mount" - "github.com/docker/docker/api/types/network" - "github.com/docker/docker/api/types/system" - "github.com/docker/docker/pkg/jsonmessage" - "github.com/docker/docker/pkg/stdcopy" "github.com/moby/buildkit/client" mobyarchive "github.com/moby/go-archive" + "github.com/moby/moby/api/pkg/stdcopy" + "github.com/moby/moby/api/types/container" + "github.com/moby/moby/api/types/mount" + dockerclient "github.com/moby/moby/client" + "github.com/moby/moby/client/pkg/jsonmessage" + "github.com/moby/moby/client/pkg/security" "github.com/pkg/errors" ) @@ -71,7 +70,7 @@ func (d *Driver) Config() driver.InitConfig { func (d *Driver) Bootstrap(ctx context.Context, l progress.Logger) error { return progress.Wrap("[internal] booting buildkit", l, func(sub progress.SubLogger) error { - _, err := d.DockerAPI.ContainerInspect(ctx, d.Name) + _, err := d.DockerAPI.ContainerInspect(ctx, d.Name, dockerclient.ContainerInspectOptions{}) if err != nil { if cerrdefs.IsNotFound(err) { return d.create(ctx, sub) @@ -98,7 +97,7 @@ func (d *Driver) create(ctx context.Context, l progress.SubLogger) error { if err != nil { return err } - resp, err := d.DockerAPI.ImageCreate(ctx, imageName, image.CreateOptions{ + resp, err := d.DockerAPI.ImagePull(ctx, imageName, dockerclient.ImagePullOptions{ RegistryAuth: ra, }) if err != nil { @@ -198,8 +197,8 @@ func (d *Driver) create(ctx context.Context, l progress.SubLogger) error { if len(d.gpus) > 0 && d.hasGPUCapability(ctx, cfg.Image, d.gpus) { hc.DeviceRequests = d.gpus } - if info, err := d.DockerAPI.Info(ctx); err == nil { - if info.CgroupDriver == "cgroupfs" { + if resp, err := d.DockerAPI.Info(ctx, dockerclient.InfoOptions{}); err == nil { + if resp.Info.CgroupDriver == "cgroupfs" { // Place all buildkit containers inside this cgroup by default so limits can be attached // to all build activity on the host. hc.CgroupParent = "/docker/buildx" @@ -208,18 +207,18 @@ func (d *Driver) create(ctx context.Context, l progress.SubLogger) error { } } - secOpts, err := system.DecodeSecurityOptions(info.SecurityOptions) - if err != nil { - return err - } - for _, f := range secOpts { + for _, f := range security.DecodeOptions(resp.Info.SecurityOptions) { if f.Name == "userns" { hc.UsernsMode = "host" break } } } - _, err := d.DockerAPI.ContainerCreate(ctx, cfg, hc, &network.NetworkingConfig{}, nil, d.Name) + _, err := d.DockerAPI.ContainerCreate(ctx, dockerclient.ContainerCreateOptions{ + Config: cfg, + HostConfig: hc, + Name: d.Name, + }) if err != nil && !cerrdefs.IsConflict(err) { return err } @@ -264,7 +263,7 @@ func (d *Driver) wait(ctx context.Context, l progress.SubLogger) error { } func (d *Driver) copyLogs(ctx context.Context, l progress.SubLogger) error { - rc, err := d.DockerAPI.ContainerLogs(ctx, d.Name, container.LogsOptions{ + rc, err := d.DockerAPI.ContainerLogs(ctx, d.Name, dockerclient.ContainerLogsOptions{ ShowStdout: true, ShowStderr: true, }) if err != nil { @@ -294,12 +293,15 @@ func (d *Driver) copyToContainer(ctx context.Context, files map[string][]byte) e } defer srcArchive.Close() - baseDir := path.Dir(confutil.DefaultBuildKitConfigDir) - return d.DockerAPI.CopyToContainer(ctx, d.Name, baseDir, srcArchive, container.CopyToContainerOptions{}) + _, err = d.DockerAPI.CopyToContainer(ctx, d.Name, dockerclient.CopyToContainerOptions{ + DestinationPath: path.Dir(confutil.DefaultBuildKitConfigDir), + Content: srcArchive, + }) + return err } func (d *Driver) exec(ctx context.Context, cmd []string) (string, net.Conn, error) { - response, err := d.DockerAPI.ContainerExecCreate(ctx, d.Name, container.ExecOptions{ + response, err := d.DockerAPI.ExecCreate(ctx, d.Name, dockerclient.ExecCreateOptions{ Cmd: cmd, AttachStdin: true, AttachStdout: true, @@ -314,7 +316,7 @@ func (d *Driver) exec(ctx context.Context, cmd []string) (string, net.Conn, erro return "", nil, errors.New("exec ID empty") } - resp, err := d.DockerAPI.ContainerExecAttach(ctx, execID, container.ExecStartOptions{}) + resp, err := d.DockerAPI.ExecAttach(ctx, execID, dockerclient.ExecAttachOptions{}) if err != nil { return "", nil, err } @@ -330,7 +332,7 @@ func (d *Driver) run(ctx context.Context, cmd []string, stdout, stderr io.Writer return err } conn.Close() - resp, err := d.DockerAPI.ContainerExecInspect(ctx, id) + resp, err := d.DockerAPI.ExecInspect(ctx, id, dockerclient.ExecInspectOptions{}) if err != nil { return err } @@ -341,11 +343,12 @@ func (d *Driver) run(ctx context.Context, cmd []string, stdout, stderr io.Writer } func (d *Driver) start(ctx context.Context) error { - return d.DockerAPI.ContainerStart(ctx, d.Name, container.StartOptions{}) + _, err := d.DockerAPI.ContainerStart(ctx, d.Name, dockerclient.ContainerStartOptions{}) + return err } func (d *Driver) Info(ctx context.Context) (*driver.Info, error) { - ctn, err := d.DockerAPI.ContainerInspect(ctx, d.Name) + res, err := d.DockerAPI.ContainerInspect(ctx, d.Name, dockerclient.ContainerInspectOptions{}) if err != nil { if cerrdefs.IsNotFound(err) { return &driver.Info{ @@ -355,7 +358,7 @@ func (d *Driver) Info(ctx context.Context) (*driver.Info, error) { return nil, err } - if ctn.State.Running { + if res.Container.State.Running { return &driver.Info{ Status: driver.Running, }, nil @@ -388,7 +391,8 @@ func (d *Driver) Stop(ctx context.Context, force bool) error { return err } if info.Status == driver.Running { - return d.DockerAPI.ContainerStop(ctx, d.Name, container.StopOptions{}) + _, err = d.DockerAPI.ContainerStop(ctx, d.Name, dockerclient.ContainerStopOptions{}) + return err } return nil } @@ -399,23 +403,23 @@ func (d *Driver) Rm(ctx context.Context, force, rmVolume, rmDaemon bool) error { return err } if info.Status != driver.Inactive { - ctr, err := d.DockerAPI.ContainerInspect(ctx, d.Name) + res, err := d.DockerAPI.ContainerInspect(ctx, d.Name, dockerclient.ContainerInspectOptions{}) if err != nil { return err } if rmDaemon { - if err := d.DockerAPI.ContainerRemove(ctx, d.Name, container.RemoveOptions{ + if _, err := d.DockerAPI.ContainerRemove(ctx, d.Name, dockerclient.ContainerRemoveOptions{ RemoveVolumes: true, Force: force, }); err != nil { return err } - for _, v := range ctr.Mounts { - if v.Name != d.Name+volumeStateSuffix { - continue - } - if rmVolume { - return d.DockerAPI.VolumeRemove(ctx, d.Name+volumeStateSuffix, false) + if rmVolume { + for _, v := range res.Container.Mounts { + if v.Name == d.Name+volumeStateSuffix { + _, err = d.DockerAPI.VolumeRemove(ctx, v.Name, dockerclient.VolumeRemoveOptions{}) + return err + } } } } @@ -473,22 +477,23 @@ func (d *Driver) HostGatewayIP(ctx context.Context) (net.IP, error) { // a dummy container with GPU device to check if the daemon has this capability // because there is no API to check it yet. func (d *Driver) hasGPUCapability(ctx context.Context, image string, gpus []container.DeviceRequest) bool { - cfg := &container.Config{ - Image: image, - Entrypoint: []string{"/bin/true"}, - } - hc := &container.HostConfig{ - NetworkMode: container.NetworkMode(container.IPCModeNone), - AutoRemove: true, - Resources: container.Resources{ - DeviceRequests: gpus, + resp, err := d.DockerAPI.ContainerCreate(ctx, dockerclient.ContainerCreateOptions{ + Config: &container.Config{ + Image: image, + Entrypoint: []string{"/bin/true"}, }, - } - resp, err := d.DockerAPI.ContainerCreate(ctx, cfg, hc, &network.NetworkingConfig{}, nil, "") + HostConfig: &container.HostConfig{ + NetworkMode: container.NetworkMode(container.IPCModeNone), + AutoRemove: true, + Resources: container.Resources{ + DeviceRequests: gpus, + }, + }, + }) if err != nil { return false } - if err := d.DockerAPI.ContainerStart(ctx, resp.ID, container.StartOptions{}); err != nil { + if _, err := d.DockerAPI.ContainerStart(ctx, resp.ID, dockerclient.ContainerStartOptions{}); err != nil { return false } return true diff --git a/driver/docker-container/factory.go b/driver/docker-container/factory.go index 06e9c503a847..ee95ae673205 100644 --- a/driver/docker-container/factory.go +++ b/driver/docker-container/factory.go @@ -8,7 +8,7 @@ import ( "github.com/docker/buildx/driver" dockeropts "github.com/docker/cli/opts" - dockerclient "github.com/docker/docker/client" + dockerclient "github.com/moby/moby/client" "github.com/pkg/errors" ) diff --git a/driver/docker/driver.go b/driver/docker/driver.go index 63682f9df2fe..787f323d5175 100644 --- a/driver/docker/driver.go +++ b/driver/docker/driver.go @@ -9,6 +9,7 @@ import ( "github.com/docker/buildx/driver" "github.com/docker/buildx/util/progress" "github.com/moby/buildkit/client" + dockerclient "github.com/moby/moby/client" "github.com/pkg/errors" ) @@ -27,7 +28,8 @@ func (d *Driver) Bootstrap(ctx context.Context, l progress.Logger) error { } func (d *Driver) Info(ctx context.Context) (*driver.Info, error) { - _, err := d.DockerAPI.ServerVersion(ctx) + // TODO(thaJeztah): is "ping" enough for this? + _, err := d.DockerAPI.ServerVersion(ctx, dockerclient.ServerVersionOptions{}) if err != nil { return nil, errors.Wrap(driver.ErrNotConnecting{}, err.Error()) } @@ -37,10 +39,11 @@ func (d *Driver) Info(ctx context.Context) (*driver.Info, error) { } func (d *Driver) Version(ctx context.Context) (string, error) { - v, err := d.DockerAPI.ServerVersion(ctx) + v, err := d.DockerAPI.ServerVersion(ctx, dockerclient.ServerVersionOptions{}) if err != nil { return "", errors.Wrap(driver.ErrNotConnecting{}, err.Error()) } + // TODO(thaJeztah): this code is only used for docker <= v23.0, which are deprecated. if bkversion, _ := resolveBuildKitVersion(v.Version); bkversion != "" { return bkversion, nil } diff --git a/driver/docker/factory.go b/driver/docker/factory.go index 9e9cab27d27b..717d1a8edd34 100644 --- a/driver/docker/factory.go +++ b/driver/docker/factory.go @@ -4,7 +4,7 @@ import ( "context" "github.com/docker/buildx/driver" - dockerclient "github.com/docker/docker/client" + dockerclient "github.com/moby/moby/client" "github.com/pkg/errors" ) diff --git a/driver/kubernetes/factory.go b/driver/kubernetes/factory.go index b67ac3a1ed71..8df3bbda139d 100644 --- a/driver/kubernetes/factory.go +++ b/driver/kubernetes/factory.go @@ -12,7 +12,7 @@ import ( ctxkube "github.com/docker/buildx/driver/kubernetes/context" "github.com/docker/buildx/driver/kubernetes/manifest" "github.com/docker/buildx/driver/kubernetes/podchooser" - dockerclient "github.com/docker/docker/client" + dockerclient "github.com/moby/moby/client" "github.com/pkg/errors" "github.com/sirupsen/logrus" corev1 "k8s.io/api/core/v1" diff --git a/driver/manager.go b/driver/manager.go index 5989daa79473..54bf860ecf76 100644 --- a/driver/manager.go +++ b/driver/manager.go @@ -6,9 +6,9 @@ import ( "sync" "github.com/docker/cli/cli/context/store" - dockerclient "github.com/docker/docker/client" "github.com/moby/buildkit/client" "github.com/moby/buildkit/util/tracing/delegated" + dockerclient "github.com/moby/moby/client" ocispecs "github.com/opencontainers/image-spec/specs-go/v1" "github.com/pkg/errors" ) diff --git a/driver/remote/factory.go b/driver/remote/factory.go index c07c08f2c7fa..99a5116537f7 100644 --- a/driver/remote/factory.go +++ b/driver/remote/factory.go @@ -9,7 +9,7 @@ import ( "github.com/docker/buildx/driver" util "github.com/docker/buildx/driver/remote/util" - dockerclient "github.com/docker/docker/client" + dockerclient "github.com/moby/moby/client" "github.com/pkg/errors" // import connhelpers for special url schemes diff --git a/go.mod b/go.mod index 84d39459f8ca..55be94640386 100644 --- a/go.mod +++ b/go.mod @@ -16,9 +16,9 @@ require ( github.com/creack/pty v1.1.24 github.com/davecgh/go-spew v1.1.1 github.com/distribution/reference v0.6.0 - github.com/docker/cli v28.5.1+incompatible + github.com/docker/cli v29.0.0+incompatible github.com/docker/cli-docs-tool v0.10.0 - github.com/docker/docker v28.5.1+incompatible + github.com/docker/docker v28.5.2+incompatible github.com/docker/go-units v0.5.0 github.com/gofrs/flock v0.13.0 github.com/google/go-dap v0.12.0 @@ -31,6 +31,8 @@ require ( github.com/mitchellh/hashstructure/v2 v2.0.2 github.com/moby/buildkit v0.26.0-rc2 github.com/moby/go-archive v0.1.0 + github.com/moby/moby/api v1.52.0 + github.com/moby/moby/client v0.1.0 github.com/moby/sys/atomicwriter v0.1.0 github.com/moby/sys/mountinfo v0.7.2 github.com/morikuni/aec v1.0.0 @@ -95,10 +97,10 @@ require ( github.com/cpuguy83/go-md2man/v2 v2.0.7 // indirect github.com/docker/distribution v2.8.3+incompatible // indirect github.com/docker/docker-credential-helpers v0.9.3 // indirect - github.com/docker/go-connections v0.5.0 // indirect + github.com/docker/go-connections v0.6.0 // indirect github.com/emicklei/go-restful/v3 v3.13.0 // indirect github.com/felixge/httpsnoop v1.0.4 // indirect - github.com/fvbommel/sortorder v1.0.1 // indirect + github.com/fvbommel/sortorder v1.1.0 // indirect github.com/fxamacker/cbor/v2 v2.9.0 // indirect github.com/go-logr/logr v1.4.3 // indirect github.com/go-logr/stdr v1.2.2 // indirect @@ -110,6 +112,7 @@ require ( github.com/golang/protobuf v1.5.4 // indirect github.com/google/gnostic-models v0.7.0 // indirect github.com/google/go-cmp v0.7.0 // indirect + github.com/gorilla/mux v1.7.0 // indirect github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674 // indirect github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.2 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect @@ -141,7 +144,6 @@ require ( github.com/santhosh-tekuri/jsonschema/v6 v6.0.1 // indirect github.com/secure-systems-lab/go-securesystemslib v0.9.1 // indirect github.com/shibumi/go-pathspec v1.3.0 // indirect - github.com/theupdateframework/notary v0.7.0 // indirect github.com/tonistiigi/dchapes-mode v0.0.0-20250318174251-73d941a28323 // indirect github.com/tonistiigi/units v0.0.0-20180711220420-6950e57a87ea // indirect github.com/tonistiigi/vt100 v0.0.0-20240514184818-90bafcd6abab // indirect diff --git a/go.sum b/go.sum index 95b44cac4206..b8450c640eb5 100644 --- a/go.sum +++ b/go.sum @@ -2,14 +2,12 @@ github.com/AdaLogics/go-fuzz-headers v0.0.0-20240806141605-e8a1dd7889d6 h1:He8af github.com/AdaLogics/go-fuzz-headers v0.0.0-20240806141605-e8a1dd7889d6/go.mod h1:8o94RPi1/7XTJvwPpRSzSUedZrtlirdB3r9Z20bi2f8= github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c h1:udKWzYgxTojEKWjV8V+WSxDXJ4NFATAsZjh8iIbsQIg= github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E= -github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/Masterminds/semver/v3 v3.4.0 h1:Zog+i5UMtVoCU8oKka5P7i9q9HgrJeGzI9SA1Xbatp0= github.com/Masterminds/semver/v3 v3.4.0/go.mod h1:4V+yj/TJE1HU9XfppCwVMZq3I84lprf4nC11bSS5beM= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU= github.com/Microsoft/hcsshim v0.14.0-rc.1 h1:qAPXKwGOkVn8LlqgBN8GS0bxZ83hOJpcjxzmlQKxKsQ= github.com/Microsoft/hcsshim v0.14.0-rc.1/go.mod h1:hTKFGbnDtQb1wHiOWv4v0eN+7boSWAHyK/tNAaYZL0c= -github.com/Shopify/logrus-bugsnag v0.0.0-20170309145241-6dbc35f2c30d/go.mod h1:HI8ITrYtUY+O+ZhtlqUnD8+KwNPOyugEhfP9fdUIaEQ= github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo= github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/anchore/go-struct-converter v0.0.0-20221118182256-c68fdcfa2092 h1:aM1rlcoLz8y5B2r4tTLMiVTrMtpfY0O8EScKJxaSaEc= @@ -46,20 +44,12 @@ github.com/aws/aws-sdk-go-v2/service/sts v1.38.0 h1:iV1Ko4Em/lkJIsoKyGfc0nQySi+v github.com/aws/aws-sdk-go-v2/service/sts v1.38.0/go.mod h1:bEPcjW7IbolPfK67G1nilqWyoxYMSPrDiIQ3RdIdKgo= github.com/aws/smithy-go v1.22.5 h1:P9ATCXPMb2mPjYBgueqJNCA5S9UfktsW0tTxi+a7eqw= github.com/aws/smithy-go v1.22.5/go.mod h1:t1ufH5HMublsJYulve2RKmHDC15xu1f26kHCp/HgceI= -github.com/beorn7/perks v0.0.0-20150223135152-b965b613227f/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= -github.com/bitly/go-hostpool v0.1.0/go.mod h1:4gOCgp6+NZnVqlKyZ/iBZFTAJKembaVENUpMkpg42fw= -github.com/bitly/go-simplejson v0.5.0/go.mod h1:cXHtHw4XUPsvGaxgjIAn8PhEWG9NfngEKAMDJEczWVA= -github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4= -github.com/bugsnag/bugsnag-go v1.0.5-0.20150529004307-13fd6b8acda0/go.mod h1:2oa8nejYd4cQ/b0hMIopN0lCRxU0bueqREvZLWFrtK8= -github.com/bugsnag/osext v0.0.0-20130617224835-0dd3f918b21b/go.mod h1:obH5gd0BsqsP2LwDJ9aOkm/6J86V6lyAXCoQWGw3K50= -github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0/go.mod h1:D/8v3kj0zr8ZAKg1AQ6crr+5VwKN5eIywRkfhyM/+dE= github.com/cenkalti/backoff/v5 v5.0.3 h1:ZN+IMa753KfX5hd8vVaMixjnqRZ3y8CuJKRKj1xcsSM= github.com/cenkalti/backoff/v5 v5.0.3/go.mod h1:rkhZdG3JZukswDf7f0cwqPNk4K0sa+F97BxZthm/crw= github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/cloudflare/cfssl v0.0.0-20180223231731-4e2dcbde5004/go.mod h1:yMWuSON2oQp+43nFtAV/uvKQIFpSPerB57DCt9t8sSA= github.com/codahale/rfc6979 v0.0.0-20141003034818-6a90f24967eb h1:EDmT6Q9Zs+SbUoc7Ik9EfrFqcylYqgPZ9ANSbTAntnE= github.com/codahale/rfc6979 v0.0.0-20141003034818-6a90f24967eb/go.mod h1:ZjrT6AXHbDs86ZSdt/osfBi5qfexBrKUdONk989Wnk4= github.com/compose-spec/compose-go/v2 v2.9.1 h1:8UwI+ujNU+9Ffkf/YgAm/qM9/eU7Jn8nHzWG721W4rs= @@ -104,42 +94,32 @@ github.com/creack/pty v1.1.24/go.mod h1:08sCNb52WyoAwi2QDyzUCTgcvVFhUzewun7wtTfv github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/denisenkom/go-mssqldb v0.0.0-20191128021309-1d7a30a10f73/go.mod h1:xbL0rPBG9cCiLr28tMa8zpbdarY27NDyej4t/EjAShU= github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5QvfrDyIgxBk= github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E= github.com/dlclark/regexp2 v1.11.0 h1:G/nrcoOa7ZXlpoa/91N3X7mM3r8eIlMBBJZvsz/mxKI= github.com/dlclark/regexp2 v1.11.0/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8= -github.com/docker/cli v28.5.1+incompatible h1:ESutzBALAD6qyCLqbQSEf1a/U8Ybms5agw59yGVc+yY= -github.com/docker/cli v28.5.1+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= +github.com/docker/cli v29.0.0+incompatible h1:KgsN2RUFMNM8wChxryicn4p46BdQWpXOA1XLGBGPGAw= +github.com/docker/cli v29.0.0+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/cli-docs-tool v0.10.0 h1:bOD6mKynPQgojQi3s2jgcUWGp/Ebqy1SeCr9VfKQLLU= github.com/docker/cli-docs-tool v0.10.0/go.mod h1:5EM5zPnT2E7yCLERZmrDA234Vwn09fzRHP4aX1qwp1U= -github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk= github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/docker v28.5.1+incompatible h1:Bm8DchhSD2J6PsFzxC35TZo4TLGR2PdW/E69rU45NhM= -github.com/docker/docker v28.5.1+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker v28.5.2+incompatible h1:DBX0Y0zAjZbSrm1uzOkdr1onVghKaftjlSWt4AFexzM= +github.com/docker/docker v28.5.2+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker-credential-helpers v0.9.3 h1:gAm/VtF9wgqJMoxzT3Gj5p4AqIjCBS4wrsOh9yRqcz8= github.com/docker/docker-credential-helpers v0.9.3/go.mod h1:x+4Gbw9aGmChi3qTLZj8Dfn0TD20M/fuWy0E5+WDeCo= -github.com/docker/go v1.5.1-1.0.20160303222718-d30aec9fd63c h1:lzqkGL9b3znc+ZUgi7FlLnqjQhcXxkNM/quxIjBVMD0= -github.com/docker/go v1.5.1-1.0.20160303222718-d30aec9fd63c/go.mod h1:CADgU4DSXK5QUlFslkQu2yW2TKzFZcXq/leZfM0UH5Q= -github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec= -github.com/docker/go-connections v0.5.0 h1:USnMq7hx7gwdVZq1L49hLXaFtUdTADjXGp+uj1Br63c= -github.com/docker/go-connections v0.5.0/go.mod h1:ov60Kzw0kKElRwhNs9UlUHAE/F9Fe6GLaXnqyDdmEXc= -github.com/docker/go-metrics v0.0.0-20180209012529-399ea8c73916/go.mod h1:/u0gXw0Gay3ceNrsHubL3BtdOL2fHf93USgMTe0W5dI= +github.com/docker/go-connections v0.6.0 h1:LlMG9azAe1TqfR7sO+NJttz1gy6KO7VJBh+pMmjSD94= +github.com/docker/go-connections v0.6.0/go.mod h1:AahvXYshr6JgfUJGdDCs2b5EZG/vmaMAntpSFH5BFKE= github.com/docker/go-metrics v0.0.1 h1:AgB/0SvBxihN0X8OR4SjsblXkbMvalQ8cjmtKQ2rQV8= github.com/docker/go-metrics v0.0.1/go.mod h1:cG1hvH2utMXtqgqqYE9plW6lDxS3/5ayHzueweSI3Vw= github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4= github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= -github.com/docker/libtrust v0.0.0-20160708172513-aabc10ec26b7/go.mod h1:cyGadeNEkKy96OOhEzfZl+yxihPEzKnqJwvfuSUqbZE= -github.com/dvsekhvalnov/jose2go v0.0.0-20170216131308-f21a8cedbbae/go.mod h1:7BvyPhdbLxMXIYTFPLsyJRFMsKmOZnQmzh6Gb+uquuM= github.com/emicklei/go-restful/v3 v3.13.0 h1:C4Bl2xDndpU6nJ4bc1jXd+uTmYPVUwkD6bFY/oTyCes= github.com/emicklei/go-restful/v3 v3.13.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= -github.com/erikstmartin/go-testdb v0.0.0-20160219214506-8d10e4a1bae5/go.mod h1:a2zkGnVExMxdzMo3M0Hi/3sEU+cWnZpSni0O6/Yb/P0= github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= -github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= -github.com/fvbommel/sortorder v1.0.1 h1:dSnXLt4mJYH25uDDGa3biZNQsozaUWDSWeKJ0qqFfzE= -github.com/fvbommel/sortorder v1.0.1/go.mod h1:uk88iVf1ovNn1iLfgUVU2F9o5eO30ui720w+kxuqRs0= +github.com/fvbommel/sortorder v1.1.0 h1:fUmoe+HLsBTctBDoaBwpQo5N+nrCp8g/BjKb/6ZQmYw= +github.com/fvbommel/sortorder v1.1.0/go.mod h1:uk88iVf1ovNn1iLfgUVU2F9o5eO30ui720w+kxuqRs0= github.com/fxamacker/cbor/v2 v2.9.0 h1:NpKPmjDBgUfBms6tr6JZkTHtfFGcMKsw3eGcmD/sapM= github.com/fxamacker/cbor/v2 v2.9.0/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= @@ -155,7 +135,6 @@ github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE= github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ= -github.com/go-sql-driver/mysql v1.3.0/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w= github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/go-test/deep v1.0.3 h1:ZrJSEWsXzPOxaZnFteGEfooLba+ju3FYIbOrS+rQd68= @@ -164,17 +143,12 @@ github.com/go-viper/mapstructure/v2 v2.4.0 h1:EBsztssimR/CONLSZZ04E8qAkxNYq4Qp9L github.com/go-viper/mapstructure/v2 v2.4.0/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM= github.com/gofrs/flock v0.13.0 h1:95JolYOvGMqeH31+FC7D2+uULf6mG61mEZ/A8dRYMzw= github.com/gofrs/flock v0.13.0/go.mod h1:jxeyy9R1auM5S6JYDBhDt+E2TCo7DkratH4Pgi8P+Z0= -github.com/gogo/protobuf v1.0.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0= github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 h1:f+oWsMOmNPc8JmEHVZIycC7hBoQxHH9pNKQORJNozsQ= github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8/go.mod h1:wcDNUvekVysuuOpQKo3191zZyTpiI6se1N1ULghS0sw= -github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= -github.com/google/certificate-transparency-go v1.0.10-0.20180222191210-5ab67e519c93/go.mod h1:QeJfpSbVSfYc7RgB3gJFj9cbuQMMchQxrWXz8Ruopmg= github.com/google/gnostic-models v0.7.0 h1:qwTtogB15McXDaNqTZdzPJRHvaVJlAl+HVQnLmJEJxo= github.com/google/gnostic-models v0.7.0/go.mod h1:whL5G0m6dmc5cPxKc5bdKdEN3UjI7OUGxBlw57miDrQ= github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= @@ -194,7 +168,6 @@ github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674 h1:JeSE6pjso5T github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674/go.mod h1:r4w70xmWCQKmi1ONH4KIaBptdivuRPyosB9RmPlGEwA= github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.2 h1:8Tjv8EJ+pM1xP8mK6egEbD1OgnVTyacbefKhmbLhIhU= github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.2/go.mod h1:pkJQ2tZHJ0aFOVEEot6oZmaVEZcRme73eIFmhiVuRWs= -github.com/hailocab/go-hostpool v0.0.0-20160125115350-e80d13ce29ed/go.mod h1:tMWxXQ9wFIaZeTI9F+hmhFiGpFmhOHzyShyFUhRm0H4= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= @@ -206,27 +179,18 @@ github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+l github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= github.com/hashicorp/hcl/v2 v2.24.0 h1:2QJdZ454DSsYGoaE6QheQZjtKZSUs9Nh2izTWiwQxvE= github.com/hashicorp/hcl/v2 v2.24.0/go.mod h1:oGoO1FIQYfn/AgyOhlg9qLC6/nOJPX3qGbkZpYAcqfM= -github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= github.com/in-toto/in-toto-golang v0.9.0 h1:tHny7ac4KgtsfrG6ybU8gVOZux2H8jN05AXJ9EBM1XU= github.com/in-toto/in-toto-golang v0.9.0/go.mod h1:xsBVrVsHNsB61++S6Dy2vWosKhuA3lUTQd+eF9HdeMo= -github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= -github.com/jinzhu/gorm v0.0.0-20170222002820-5409931a1bb8/go.mod h1:Vla75njaFJ8clLU1W44h34PjIkijhjHIYnZxMqCdxqo= -github.com/jinzhu/inflection v0.0.0-20170102125226-1c35d901db3d/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc= -github.com/jinzhu/now v1.1.1/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= -github.com/juju/loggo v0.0.0-20190526231331-6e530bcce5d8/go.mod h1:vgyd7OREkbtVEN/8IXZe5Ooef3LQePvuBm9UWj6ZL8U= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/klauspost/compress v1.18.1 h1:bcSGx7UbpBqMChDtsF28Lw6v/G94LPrrbMbdC3JH2co= github.com/klauspost/compress v1.18.1/go.mod h1:ZQFFVG+MdnR0P+l6wpXgIL4NTtwiKIdBnrBd8Nrxr+0= -github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= @@ -234,24 +198,16 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/lib/pq v0.0.0-20150723085316-0dad96c0b94f/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= -github.com/magiconair/properties v1.5.3/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/mattn/go-runewidth v0.0.16 h1:E5ScNMtiwvlvB5paMFdw9p4kSQzbXFikJ5SQO6TULQc= github.com/mattn/go-runewidth v0.0.16/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= github.com/mattn/go-shellwords v1.0.12 h1:M2zGm7EW6UQJvDeQxo4T51eKPurbeFbe8WtebGE2xrk= github.com/mattn/go-shellwords v1.0.12/go.mod h1:EZzvwXDESEeg03EKmM+RmDnNOPKG4lLtQsUlTZDWQ8Y= -github.com/mattn/go-sqlite3 v1.6.0/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc= -github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= -github.com/miekg/pkcs11 v1.0.2/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= -github.com/miekg/pkcs11 v1.1.1 h1:Ugu9pdy6vAYku5DEpVWVFPYnzV+bxB+iRdbuFSu7TvU= -github.com/miekg/pkcs11 v1.1.1/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0= github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTSsCt+hzestvNj0= github.com/mitchellh/hashstructure/v2 v2.0.2 h1:vGKWl0YJqUNxE8d+h8f6NJLcCJrgbhC4NcD46KavDd4= github.com/mitchellh/hashstructure/v2 v2.0.2/go.mod h1:MG3aRVU/N29oo/V/IhBX8GR/zz4kQkprJgF2EVszyDE= -github.com/mitchellh/mapstructure v0.0.0-20150613213606-2caf8efc9366/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= github.com/moby/buildkit v0.26.0-rc2 h1:HLS1HtBlxdaz8NjHI5YAaN4c8NOPtUrIJ5jIq/b6tpI= github.com/moby/buildkit v0.26.0-rc2/go.mod h1:ylDa7IqzVJgLdi/wO7H1qLREFQpmhFbw2fbn4yoTw40= github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0= @@ -260,6 +216,10 @@ github.com/moby/go-archive v0.1.0 h1:Kk/5rdW/g+H8NHdJW2gsXyZ7UnzvJNOy6VKJqueWdcQ github.com/moby/go-archive v0.1.0/go.mod h1:G9B+YoujNohJmrIYFBpSd54GTUB4lt9S+xVQvsJyFuo= github.com/moby/locker v1.0.1 h1:fOXqR41zeveg4fFODix+1Ch4mj/gT0NE1XJbp/epuBg= github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc= +github.com/moby/moby/api v1.52.0 h1:00BtlJY4MXkkt84WhUZPRqt5TvPbgig2FZvTbe3igYg= +github.com/moby/moby/api v1.52.0/go.mod h1:8mb+ReTlisw4pS6BRzCMts5M49W5M7bKt1cJy/YbAqc= +github.com/moby/moby/client v0.1.0 h1:nt+hn6O9cyJQqq5UWnFGqsZRTS/JirUqzPjEl0Bdc/8= +github.com/moby/moby/client v0.1.0/go.mod h1:O+/tw5d4a1Ha/ZA/tPxIZJapJRUS6LNZ1wiVRxYHyUE= github.com/moby/patternmatcher v0.6.0 h1:GmP9lR19aU5GqSSFko+5pRqHi+Ohk1O69aFiKkVGiPk= github.com/moby/patternmatcher v0.6.0/go.mod h1:hDPoyOpDY7OrrMDLaYoY3hf52gNCR/YOUYxkhApJIxc= github.com/moby/spdystream v0.5.0 h1:7r0J1Si3QO/kjRitvSLVVFUjxMEb/YLj6S9FF62JBCU= @@ -290,48 +250,34 @@ github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f h1:y5//uYreIhSUg3J1GEMiLbxo1LJaP8RfCpH6pymGZus= github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= -github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= -github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.12.0 h1:Iw5WCbBcaAAd0fpRb1c9r5YCylv4XDoCSigm1zLevwU= -github.com/onsi/ginkgo v1.12.0/go.mod h1:oUhWkIvk5aDxtKvDDuw8gItl8pKl42LzjC9KZE0HfGg= github.com/onsi/ginkgo/v2 v2.21.0 h1:7rg/4f3rB88pb5obDgNZrNHrQ4e6WpjonchcpuBRnZM= github.com/onsi/ginkgo/v2 v2.21.0/go.mod h1:7Du3c42kxCUegi0IImZ1wUQzMBVecgIHjR1C+NkhLQo= -github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= -github.com/onsi/gomega v1.9.0/go.mod h1:Ho0h+IUsWyvy1OpqCwxlQ/21gkhVunqlU8fDGcoTdcA= github.com/onsi/gomega v1.35.1 h1:Cwbd75ZBPxFSuZ6T+rN/WCb/gOc6YgFBXLlZLhC7Ds4= github.com/onsi/gomega v1.35.1/go.mod h1:PvZbdDc8J6XJEpDK4HCuRBm8a6Fzp9/DmhC9C7yFlog= -github.com/opencontainers/go-digest v0.0.0-20170106003457-a6d0ee40d420/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= -github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/opencontainers/image-spec v1.1.1 h1:y0fUlFfIZhPF1W537XOLg0/fcx6zcHCJwooC2xJA040= github.com/opencontainers/image-spec v1.1.1/go.mod h1:qpqAh3Dmcf36wStyyWU+kCeDgrGnAve2nCC8+7h8Q0M= github.com/opencontainers/runtime-spec v1.2.1 h1:S4k4ryNgEpxW1dzyqffOmhI1BHYcjzU8lpJfSlR0xww= github.com/opencontainers/runtime-spec v1.2.1/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/selinux v1.12.0 h1:6n5JV4Cf+4y0KNXW48TLj5DwfXpvWlxXplUkdTrmPb8= github.com/opencontainers/selinux v1.12.0/go.mod h1:BTPX+bjVbWGXw7ZZWUbdENt8w0htPSrlgOOysQaU62U= -github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= github.com/pelletier/go-toml v1.9.5 h1:4yBQzkHv+7BHq2PQUZF3Mx0IYxG7LsP222s7Agd3ve8= github.com/pelletier/go-toml v1.9.5/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c h1:+mdjkGKdHQG3305AYmdv1U2eRNDiU2ErMBj1gwrq8eQ= github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c/go.mod h1:7rwL4CYBLnjLxUqIJNnCWiEdr3bn6IUYi15bNlnbCCU= -github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 h1:GFCKgmp0tecUJ0sJuv4pzYCqS9+RGSn52M3FUwPs+uo= github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10/go.mod h1:t/avpk3KcrXxUnYOhZhMXJlSEyie6gQbtLq5NM3loB8= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v0.9.0-pre1.0.20180209125602-c332b6f63c06/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v1.23.2 h1:Je96obch5RDVy3FDMndoUsjAhG5Edi49h0RJWRi/o0o= github.com/prometheus/client_golang v1.23.2/go.mod h1:Tb1a6LWHB3/SPIzCoaDXI4I8UHKeFTEQ1YCr+0Gyqmg= -github.com/prometheus/client_model v0.0.0-20171117100541-99fa1f4be8e5/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.6.2 h1:oBsgwpGs7iVziMvrGhE53c/GrLUsZdHnqNwqPLxwZyk= github.com/prometheus/client_model v0.6.2/go.mod h1:y3m2F6Gdpfy6Ut/GBsUqTWZqCUvMVzSfMLjcu6wAwpE= -github.com/prometheus/common v0.0.0-20180110214958-89604d197083/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= github.com/prometheus/common v0.66.1 h1:h5E0h5/Y8niHc5DlaLlWLArTQI7tMrsfQjHV+d9ZoGs= github.com/prometheus/common v0.66.1/go.mod h1:gcaUsgf3KfRSwHY4dIMXLPV0K/Wg1oZ8+SbZk/HH/dA= -github.com/prometheus/procfs v0.0.0-20180125133057-cb4147076ac7/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/prometheus/procfs v0.16.1 h1:hZ15bTNuirocR6u0JZ6BAHHmwS1p8B4P6MRqxtzMyRg= github.com/prometheus/procfs v0.16.1/go.mod h1:teAbpZRB1iIAJYREa1LsoWUXykVXA1KlTmWl8x/U+Is= github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY= @@ -348,41 +294,27 @@ github.com/serialx/hashring v0.0.0-20200727003509-22c0c7ab6b1b h1:h+3JX2VoWTFuyQ github.com/serialx/hashring v0.0.0-20200727003509-22c0c7ab6b1b/go.mod h1:/yeG0My1xr/u+HZrFQ1tOQQQQrOawfyMUH13ai5brBc= github.com/shibumi/go-pathspec v1.3.0 h1:QUyMZhFo0Md5B8zV8x2tesohbb5kfbpTi9rBnKh5dkI= github.com/shibumi/go-pathspec v1.3.0/go.mod h1:Xutfslp817l2I1cZvgcfeMQJG5QnU2lh5tVaaMCl3jE= -github.com/sirupsen/logrus v1.0.6/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= -github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/spdx/tools-golang v0.5.5 h1:61c0KLfAcNqAjlg6UNMdkwpMernhw3zVRwDZ2x9XOmk= github.com/spdx/tools-golang v0.5.5/go.mod h1:MVIsXx8ZZzaRWNQpUDhC4Dud34edUYJYecciXgrw5vE= -github.com/spf13/cast v0.0.0-20150508191742-4d07383ffe94/go.mod h1:r2rcYCSwa1IExKTDiTfzaxqT2FNHs8hODu4LnUfgKEg= -github.com/spf13/cobra v0.0.1/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= github.com/spf13/cobra v1.10.1 h1:lJeBwCfmrnXthfAupyUTzJ/J4Nc1RsHC/mSRU2dll/s= github.com/spf13/cobra v1.10.1/go.mod h1:7SmJGaTHFVBY0jW4NXGluQoLvhqFQM+6XSKD+P4XaB0= -github.com/spf13/jwalterweatherman v0.0.0-20141219030609-3d60171a6431/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= -github.com/spf13/pflag v1.0.0/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.9/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/spf13/pflag v1.0.10 h1:4EBh2KAYBwaONj6b2Ye1GiHfwjqyROoF4RwYO+vPwFk= github.com/spf13/pflag v1.0.10/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -github.com/spf13/viper v0.0.0-20150530192845-be5ff3e4840c/go.mod h1:A8kyI5cUJhb8N+3pkfONlcEcZbueH6nhAm0Fq7SrnBM= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= -github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= -github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= -github.com/theupdateframework/notary v0.7.0 h1:QyagRZ7wlSpjT5N2qQAh/pN+DVqgekv4DzbAiAiEL3c= -github.com/theupdateframework/notary v0.7.0/go.mod h1:c9DRxcmhHmVLDay4/2fUYdISnHqbFDGRSlXPO0AhYWw= github.com/tonistiigi/dchapes-mode v0.0.0-20250318174251-73d941a28323 h1:r0p7fK56l8WPequOaR3i9LBqfPtEdXIQbUTzT55iqT4= github.com/tonistiigi/dchapes-mode v0.0.0-20250318174251-73d941a28323/go.mod h1:3Iuxbr0P7D3zUzBMAZB+ois3h/et0shEz0qApgHYGpY= github.com/tonistiigi/fsutil v0.0.0-20250605211040-586307ad452f h1:MoxeMfHAe5Qj/ySSBfL8A7l1V+hxuluj8owsIEEZipI= @@ -448,18 +380,14 @@ go.yaml.in/yaml/v2 v2.4.2/go.mod h1:081UH+NErpNdqlCXm3TtEran0rJZGxAYx9hb/ELlsPU= go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc= go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190325154230-a5d413f7728c/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20201117144127-c1f2f97bffc9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/crypto v0.42.0 h1:chiH31gIWm57EkTXpwnqf8qeuMUi0yekh6mT2AvFlqI= golang.org/x/crypto v0.42.0/go.mod h1:4+rDnOTJhQCx2q7/j6rAN5XDw8kPjeaXEUR2eL94ix8= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.29.0 h1:HV8lRxZC4l2cr3Zq1LvtOsi/ThTgWnUk/y64QSs8GwA= golang.org/x/mod v0.29.0/go.mod h1:NyhrlYXJ2H4eJiRy/WDBO6HMqZQ6q9nk4JzS3NuCK+w= -golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= @@ -468,25 +396,19 @@ golang.org/x/net v0.44.0 h1:evd8IRDyfNBMBTTY5XRF1vaZlD+EmWx6x8PkhR04H/I= golang.org/x/net v0.44.0/go.mod h1:ECOoLqd5U3Lhyeyo/QDCEVQ4sNgYsqvCZ722XogGieY= golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI= golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU= -golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.17.0 h1:l60nONMj9l5drqw6jlhIELNv9I0A4OFgRsG9k2oT9Ug= golang.org/x/sync v0.17.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= -golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.37.0 h1:fdNQudmxPjkdUTPnLn5mdQv7Zwvbvpaxqs831goi9kQ= golang.org/x/sys v0.37.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= -golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.35.0 h1:bZBVKBudEyhRcajGcNc3jIfWPqV4y/Kt2XcoigOWtDQ= golang.org/x/term v0.35.0/go.mod h1:TPGtkTLesOwf2DE8CgVYiZinHAOuy5AYUYT1lENIZnA= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -511,30 +433,19 @@ google.golang.org/genproto/googleapis/api v0.0.0-20250825161204-c5933d9347a5 h1: google.golang.org/genproto/googleapis/api v0.0.0-20250825161204-c5933d9347a5/go.mod h1:j3QtIyytwqGr1JUDtYXwtMXWPKsEa5LtzIFN1Wn5WvE= google.golang.org/genproto/googleapis/rpc v0.0.0-20250825161204-c5933d9347a5 h1:eaY8u2EuxbRv7c3NiGK0/NedzVsCcV6hDuU5qPX5EGE= google.golang.org/genproto/googleapis/rpc v0.0.0-20250825161204-c5933d9347a5/go.mod h1:M4/wBTSeyLxupu3W3tJtOgB14jILAS/XWPSSa3TAlJc= -google.golang.org/grpc v1.0.5/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.76.0 h1:UnVkv1+uMLYXoIz6o7chp59WfQUYA2ex/BXQ9rHZu7A= google.golang.org/grpc v1.76.0/go.mod h1:Ju12QI8M6iQJtbcsV+awF5a4hfJMLi4X0JLo94ULZ6c= google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.5.1 h1:F29+wU6Ee6qgu9TddPgooOdaqsxTMunOoj8KA5yuS5A= google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.5.1/go.mod h1:5KF+wpkbTSbGcR9zteSqZV6fqFOWBl4Yde8En8MryZA= google.golang.org/protobuf v1.36.10 h1:AYd7cD/uASjIL6Q9LiTjz8JLcrh/88q5UObnmY3aOOE= google.golang.org/protobuf v1.36.10/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco= -gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U= -gopkg.in/cenkalti/backoff.v2 v2.2.1/go.mod h1:S0QdOvT2AlerfSBkp0O+dk+bbIMaNbEmVk876gPCthU= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSPG+6V4= gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= -gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= -gopkg.in/gemnasium/logrus-airbrake-hook.v2 v2.1.2/go.mod h1:Xk6kEKp8OKb+X14hQBKWaSkCsqBpgog8nAV2xsGOxlo= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= -gopkg.in/rethinkdb/rethinkdb-go.v6 v6.2.1/go.mod h1:WbjuEoo1oadwzQ4apSDU+JTvmllEHtsNHS6y7vFc7iw= -gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= -gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= @@ -552,6 +463,8 @@ k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b h1:MloQ9/bdJyIu9lb1PzujOP k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b/go.mod h1:UZ2yyWbFTpuhSbFhv24aGNOdoRdJZgsIObGBUaYVsts= k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 h1:hwvWFiBzdWw1FhfY1FooPn3kzWuJ8tmbZBHi4zVsl1Y= k8s.io/utils v0.0.0-20250604170112-4c0f3b243397/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +pgregory.net/rapid v1.2.0 h1:keKAYRcjm+e1F0oAuU5F5+YPAWcyxNNRK2wud503Gnk= +pgregory.net/rapid v1.2.0/go.mod h1:PY5XlDGj0+V1FCq0o192FdRhpKHGTRIWBgqjDBTrq04= sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 h1:gBQPwqORJ8d8/YNZWEjoZs7npUVDpVXUUOFfW6CgAqE= sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU= diff --git a/util/dockerutil/api.go b/util/dockerutil/api.go index 941b8739b6df..80cfb6f42d2d 100644 --- a/util/dockerutil/api.go +++ b/util/dockerutil/api.go @@ -3,7 +3,7 @@ package dockerutil import ( "github.com/docker/cli/cli/command" "github.com/docker/cli/cli/context/docker" - dockerclient "github.com/docker/docker/client" + dockerclient "github.com/moby/moby/client" "go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp" "go.opentelemetry.io/otel/propagation" ) @@ -42,7 +42,7 @@ func NewClientAPI(cli command.Cli, ep string) (*ClientAPI, error) { propagation.NewCompositeTextMapPropagator(propagation.TraceContext{}, propagation.Baggage{}), ))) - ca.APIClient, err = dockerclient.NewClientWithOpts(clientOpts...) + ca.APIClient, err = dockerclient.New(clientOpts...) if err != nil { return nil, err } diff --git a/util/dockerutil/client.go b/util/dockerutil/client.go index d69d3c6823a8..b3b15e2ed429 100644 --- a/util/dockerutil/client.go +++ b/util/dockerutil/client.go @@ -7,7 +7,7 @@ import ( "github.com/docker/buildx/util/progress" "github.com/docker/cli/cli/command" - dockerclient "github.com/docker/docker/client" + dockerclient "github.com/moby/moby/client" ) // Client represents an active docker object. @@ -61,7 +61,7 @@ func (c *Client) LoadImage(ctx context.Context, name string, status progress.Wri status = progress.ResetTime(status) if err := progress.Wrap("importing to docker", status.Write, func(l progress.SubLogger) error { - return fromReader(l, resp.Body) + return fromReader(l, resp) }); err != nil { handleErr(err) } @@ -83,8 +83,8 @@ func (c *Client) Features(ctx context.Context, name string) map[Feature]bool { func (c *Client) features(ctx context.Context, name string) map[Feature]bool { features := make(map[Feature]bool) if dapi, err := c.API(name); err == nil { - if info, err := dapi.Info(ctx); err == nil { - for _, v := range info.DriverStatus { + if res, err := dapi.Info(ctx, dockerclient.InfoOptions{}); err == nil { + for _, v := range res.Info.DriverStatus { switch v[0] { case "driver-type": if v[1] == "io.containerd.snapshotter.v1" { diff --git a/util/dockerutil/progress.go b/util/dockerutil/progress.go index 10f20f7c9f18..a8c0d03d812f 100644 --- a/util/dockerutil/progress.go +++ b/util/dockerutil/progress.go @@ -6,8 +6,8 @@ import ( "time" "github.com/docker/buildx/util/progress" - "github.com/docker/docker/pkg/jsonmessage" "github.com/moby/buildkit/client" + "github.com/moby/moby/api/types/jsonstream" ) const minTimeDelta = 2 * time.Second @@ -27,7 +27,7 @@ func fromReader(l progress.SubLogger, rc io.ReadCloser) error { dec := json.NewDecoder(rc) var parsedErr error - var jm jsonmessage.JSONMessage + var jm jsonstream.Message for { if err := dec.Decode(&jm); err != nil { if parsedErr != nil { diff --git a/vendor/github.com/docker/cli/AUTHORS b/vendor/github.com/docker/cli/AUTHORS index c5a480b5e5d2..57af08b20444 100644 --- a/vendor/github.com/docker/cli/AUTHORS +++ b/vendor/github.com/docker/cli/AUTHORS @@ -63,6 +63,7 @@ Andreas Köhler Andres G. Aragoneses Andres Leon Rangel Andrew France +Andrew He Andrew Hsu Andrew Macpherson Andrew McDonnell @@ -86,11 +87,12 @@ Archimedes Trajano Arko Dasgupta Arnaud Porterie Arnaud Rebillout +Arthur Flageul Arthur Peka Ashly Mathew Ashwini Oruganti Aslam Ahemad -Austin Vazquez +Austin Vazquez Azat Khuyiyakhmetov Bardia Keyoumarsi Barnaby Gray @@ -135,10 +137,12 @@ Cao Weiwei Carlo Mion Carlos Alexandro Becker Carlos de Paula +carsontham Carston Schilds Casey Korver Ce Gao Cedric Davies +Cesar Talledo Cezar Sa Espinola Chad Faragher Chao Wang @@ -220,7 +224,7 @@ David Alvarez David Beitey David Calavera David Cramer -David Dooling +David Dooling David Gageot David Karlsson David le Blanc @@ -265,6 +269,7 @@ Eli Uriegas Eli Uriegas Elias Faxö Elliot Luo <956941328@qq.com> +Eng Zer Jun Eric Bode Eric Curtin Eric Engestrom @@ -345,6 +350,7 @@ Henning Sprang Henry N Hernan Garcia Hongbin Lu +Hossein Abbasi <16090309+hsnabszhdn@users.noreply.github.com> Hu Keping Huayi Zhang Hugo Chastel @@ -595,6 +601,7 @@ Michael Prokop Michael Scharf Michael Spetsiotis Michael Steinert +Michael Tews Michael West Michal Minář Michał Czeraszkiewicz @@ -896,6 +903,7 @@ Wenlong Zhang Wenzhi Liang Wes Morgan Wewang Xiaorenfine +Will Wang William Henry Xianglin Gao Xiaodong Liu diff --git a/vendor/github.com/docker/cli/cli-plugins/metadata/metadata.go b/vendor/github.com/docker/cli/cli-plugins/metadata/metadata.go index 9d408c00b3dd..7061486a7056 100644 --- a/vendor/github.com/docker/cli/cli-plugins/metadata/metadata.go +++ b/vendor/github.com/docker/cli/cli-plugins/metadata/metadata.go @@ -33,4 +33,6 @@ type Metadata struct { ShortDescription string `json:",omitempty"` // URL is a pointer to the plugin's homepage. URL string `json:",omitempty"` + // Hidden hides the plugin in completion and help message output. + Hidden bool `json:",omitempty"` } diff --git a/vendor/github.com/docker/cli/cli-plugins/plugin/plugin.go b/vendor/github.com/docker/cli/cli-plugins/plugin/plugin.go index 6dca555a85bf..58ee3b876287 100644 --- a/vendor/github.com/docker/cli/cli-plugins/plugin/plugin.go +++ b/vendor/github.com/docker/cli/cli-plugins/plugin/plugin.go @@ -14,7 +14,7 @@ import ( "github.com/docker/cli/cli/command" "github.com/docker/cli/cli/connhelper" "github.com/docker/cli/cli/debug" - "github.com/docker/docker/client" + "github.com/moby/moby/client" "github.com/spf13/cobra" "go.opentelemetry.io/otel" ) @@ -139,7 +139,7 @@ func withPluginClientConn(name string) command.CLIOption { if err != nil { return err } - apiClient, err := client.NewClientWithOpts(client.WithDialContext(helper.Dialer)) + apiClient, err := client.New(client.WithDialContext(helper.Dialer)) if err != nil { return err } @@ -168,6 +168,11 @@ func newPluginCommand(dockerCli *command.DockerCli, plugin *cobra.Command, meta DisableDescriptions: os.Getenv("DOCKER_CLI_DISABLE_COMPLETION_DESCRIPTION") != "", }, } + + // Disable file-completion by default. Most commands and flags should not + // complete with filenames. + cmd.CompletionOptions.SetDefaultShellCompDirective(cobra.ShellCompDirectiveNoFileComp) + opts, _ := cli.SetupPluginRootCommand(cmd) cmd.SetIn(dockerCli.In()) diff --git a/vendor/github.com/docker/cli/cli/cobra.go b/vendor/github.com/docker/cli/cli/cobra.go index a75a66e66039..4ec721f88772 100644 --- a/vendor/github.com/docker/cli/cli/cobra.go +++ b/vendor/github.com/docker/cli/cli/cobra.go @@ -12,7 +12,6 @@ import ( "github.com/fvbommel/sortorder" "github.com/moby/term" "github.com/morikuni/aec" - "github.com/pkg/errors" "github.com/spf13/cobra" "github.com/spf13/pflag" ) @@ -167,31 +166,6 @@ func (tcmd *TopLevelCommand) Initialize(ops ...command.CLIOption) error { return tcmd.dockerCli.Initialize(tcmd.opts, ops...) } -// VisitAll will traverse all commands from the root. -// -// Deprecated: this utility was only used internally and will be removed in the next release. -func VisitAll(root *cobra.Command, fn func(*cobra.Command)) { - visitAll(root, fn) -} - -func visitAll(root *cobra.Command, fn func(*cobra.Command)) { - for _, cmd := range root.Commands() { - visitAll(cmd, fn) - } - fn(root) -} - -// DisableFlagsInUseLine sets the DisableFlagsInUseLine flag on all -// commands within the tree rooted at cmd. -// -// Deprecated: this utility was only used internally and will be removed in the next release. -func DisableFlagsInUseLine(cmd *cobra.Command) { - visitAll(cmd, func(ccmd *cobra.Command) { - // do not add a `[flags]` to the end of the usage line. - ccmd.DisableFlagsInUseLine = true - }) -} - var helpCommand = &cobra.Command{ Use: "help [command]", Short: "Help about the command", @@ -200,7 +174,7 @@ var helpCommand = &cobra.Command{ RunE: func(c *cobra.Command, args []string) error { cmd, args, e := c.Root().Find(args) if cmd == nil || e != nil || len(args) > 0 { - return errors.Errorf("unknown help topic: %v", strings.Join(args, " ")) + return fmt.Errorf("unknown help topic: %v", strings.Join(args, " ")) } helpFunc := cmd.HelpFunc() helpFunc(cmd, args) @@ -276,11 +250,12 @@ func commandAliases(cmd *cobra.Command) string { if cmd.HasParent() { parentPath = cmd.Parent().CommandPath() + " " } - aliases := cmd.CommandPath() + var aliases strings.Builder + aliases.WriteString(cmd.CommandPath()) for _, alias := range cmd.Aliases { - aliases += ", " + parentPath + alias + aliases.WriteString(", " + parentPath + alias) } - return aliases + return aliases.String() } func topCommands(cmd *cobra.Command) []*cobra.Command { @@ -376,13 +351,10 @@ func orchestratorSubCommands(cmd *cobra.Command) []*cobra.Command { func allManagementSubCommands(cmd *cobra.Command) []*cobra.Command { cmds := []*cobra.Command{} for _, sub := range cmd.Commands() { - if isPlugin(sub) { - if invalidPluginReason(sub) == "" { - cmds = append(cmds, sub) - } + if invalidPluginReason(sub) != "" { continue } - if sub.IsAvailableCommand() && sub.HasSubCommands() { + if sub.IsAvailableCommand() && (isPlugin(sub) || sub.HasSubCommands()) { cmds = append(cmds, sub) } } diff --git a/vendor/github.com/docker/cli/cli/command/cli.go b/vendor/github.com/docker/cli/cli/command/cli.go index e0f8cc28c313..b1e9453343a1 100644 --- a/vendor/github.com/docker/cli/cli/command/cli.go +++ b/vendor/github.com/docker/cli/cli/command/cli.go @@ -1,10 +1,11 @@ // FIXME(thaJeztah): remove once we are a module; the go:build directive prevents go from downgrading language version to go1.16: -//go:build go1.23 +//go:build go1.24 package command import ( "context" + "errors" "fmt" "io" "os" @@ -23,11 +24,8 @@ import ( "github.com/docker/cli/cli/streams" "github.com/docker/cli/cli/version" dopts "github.com/docker/cli/opts" - "github.com/docker/docker/api" - "github.com/docker/docker/api/types/build" - "github.com/docker/docker/api/types/swarm" - "github.com/docker/docker/client" - "github.com/pkg/errors" + "github.com/moby/moby/api/types/build" + "github.com/moby/moby/client" "github.com/spf13/cobra" ) @@ -45,7 +43,6 @@ type Cli interface { Client() client.APIClient Streams SetIn(in *streams.In) - Apply(ops ...CLIOption) error config.Provider ServerInfo() ServerInfo CurrentVersion() string @@ -68,7 +65,6 @@ type DockerCli struct { err *streams.Out client client.APIClient serverInfo ServerInfo - contentTrust bool contextStore store.Store currentContext string init sync.Once @@ -87,19 +83,12 @@ type DockerCli struct { enableGlobalMeter, enableGlobalTracer bool } -// DefaultVersion returns [api.DefaultVersion]. -// -// Deprecated: this function is no longer used and will be removed in the next release. -func (*DockerCli) DefaultVersion() string { - return api.DefaultVersion -} - // CurrentVersion returns the API version currently negotiated, or the default // version otherwise. func (cli *DockerCli) CurrentVersion() string { _ = cli.initialize() if cli.client == nil { - return api.DefaultVersion + return client.MaxAPIVersion } return cli.client.ClientVersion() } @@ -158,21 +147,13 @@ func (cli *DockerCli) ServerInfo() ServerInfo { return cli.serverInfo } -// ContentTrustEnabled returns whether content trust has been enabled by an -// environment variable. -// -// Deprecated: check the value of the DOCKER_CONTENT_TRUST environment variable to detect whether content-trust is enabled. -func (cli *DockerCli) ContentTrustEnabled() bool { - return cli.contentTrust -} - // BuildKitEnabled returns buildkit is enabled or not. func (cli *DockerCli) BuildKitEnabled() (bool, error) { // use DOCKER_BUILDKIT env var value if set and not empty if v := os.Getenv("DOCKER_BUILDKIT"); v != "" { enabled, err := strconv.ParseBool(v) if err != nil { - return false, errors.Wrap(err, "DOCKER_BUILDKIT environment variable expects boolean value") + return false, fmt.Errorf("DOCKER_BUILDKIT environment variable expects boolean value: %w", err) } return enabled, nil } @@ -314,7 +295,7 @@ func NewAPIClientFromFlags(opts *cliflags.ClientOptions, configFile *configfile. } endpoint, err := resolveDockerEndpoint(contextStore, resolveContextName(opts, configFile)) if err != nil { - return nil, errors.Wrap(err, "unable to resolve docker endpoint") + return nil, fmt.Errorf("unable to resolve docker endpoint: %w", err) } return newAPIClientFromEndpoint(endpoint, configFile, client.WithUserAgent(UserAgent())) } @@ -335,7 +316,7 @@ func newAPIClientFromEndpoint(ep docker.Endpoint, configFile *configfile.ConfigF opts = append(opts, withCustomHeaders) } opts = append(opts, extraOpts...) - return client.NewClientWithOpts(opts...) + return client.New(opts...) } func resolveDockerEndpoint(s store.Reader, contextName string) (docker.Endpoint, error) { @@ -396,24 +377,21 @@ func (cli *DockerCli) initializeFromClient() { ctx, cancel := context.WithTimeout(cli.baseCtx, cli.getInitTimeout()) defer cancel() - ping, err := cli.client.Ping(ctx) + ping, err := cli.client.Ping(ctx, client.PingOptions{ + NegotiateAPIVersion: true, + ForceNegotiate: true, + }) if err != nil { // Default to true if we fail to connect to daemon cli.serverInfo = ServerInfo{HasExperimental: true} - - if ping.APIVersion != "" { - cli.client.NegotiateAPIVersionPing(ping) - } return } - cli.serverInfo = ServerInfo{ HasExperimental: ping.Experimental, OSType: ping.OSType, BuildkitVersion: ping.BuilderVersion, SwarmStatus: ping.SwarmStatus, } - cli.client.NegotiateAPIVersionPing(ping) } // ContextStore returns the ContextStore @@ -551,7 +529,7 @@ func (cli *DockerCli) initialize() error { cli.init.Do(func() { cli.dockerEndpoint, cli.initErr = cli.getDockerEndPoint() if cli.initErr != nil { - cli.initErr = errors.Wrap(cli.initErr, "unable to resolve docker endpoint") + cli.initErr = fmt.Errorf("unable to resolve docker endpoint: %w", cli.initErr) return } if cli.client == nil { @@ -568,18 +546,6 @@ func (cli *DockerCli) initialize() error { return cli.initErr } -// Apply all the operation on the cli -// -// Deprecated: this method is no longer used and will be removed in the next release if there are no remaining users. -func (cli *DockerCli) Apply(ops ...CLIOption) error { - for _, op := range ops { - if err := op(cli); err != nil { - return err - } - } - return nil -} - // ServerInfo stores details about the supported features and platform of the // server type ServerInfo struct { @@ -594,7 +560,7 @@ type ServerInfo struct { // in the ping response, or if an error occurred, in which case the client // should use other ways to get the current swarm status, such as the /swarm // endpoint. - SwarmStatus *swarm.Status + SwarmStatus *client.SwarmStatus } // NewDockerCli returns a DockerCli instance with all operators applied on it. @@ -602,7 +568,6 @@ type ServerInfo struct { // environment. func NewDockerCli(ops ...CLIOption) (*DockerCli, error) { defaultOps := []CLIOption{ - withContentTrustFromEnv(), WithDefaultContextStoreConfig(), WithStandardStreams(), WithUserAgent(UserAgent()), @@ -625,7 +590,7 @@ func getServerHost(hosts []string, defaultToTLS bool) (string, error) { case 1: return dopts.ParseHost(defaultToTLS, hosts[0]) default: - return "", errors.New("Specify only one -H") + return "", errors.New("specify only one -H") } } diff --git a/vendor/github.com/docker/cli/cli/command/cli_options.go b/vendor/github.com/docker/cli/cli/command/cli_options.go index 6af65e98e376..f787956c5b7e 100644 --- a/vendor/github.com/docker/cli/cli/command/cli_options.go +++ b/vendor/github.com/docker/cli/cli/command/cli_options.go @@ -3,16 +3,16 @@ package command import ( "context" "encoding/csv" + "errors" + "fmt" "io" "net/http" "os" - "strconv" "strings" "github.com/docker/cli/cli/streams" - "github.com/docker/docker/client" + "github.com/moby/moby/client" "github.com/moby/term" - "github.com/pkg/errors" ) // CLIOption is a functional argument to apply options to a [DockerCli]. These @@ -75,37 +75,6 @@ func WithErrorStream(err io.Writer) CLIOption { } } -// withContentTrustFromEnv enables content trust on a cli from environment variable DOCKER_CONTENT_TRUST value. -func withContentTrustFromEnv() CLIOption { - return func(cli *DockerCli) error { - cli.contentTrust = false - if e := os.Getenv("DOCKER_CONTENT_TRUST"); e != "" { - if t, err := strconv.ParseBool(e); t || err != nil { - // treat any other value as true - cli.contentTrust = true - } - } - return nil - } -} - -// WithContentTrustFromEnv enables content trust on a cli from environment variable DOCKER_CONTENT_TRUST value. -// -// Deprecated: this option is no longer used, and will be removed in the next release. -func WithContentTrustFromEnv() CLIOption { - return withContentTrustFromEnv() -} - -// WithContentTrust enables content trust on a cli. -// -// Deprecated: this option is no longer used, and will be removed in the next release. -func WithContentTrust(enabled bool) CLIOption { - return func(cli *DockerCli) error { - cli.contentTrust = enabled - return nil - } -} - // WithDefaultContextStoreConfig configures the cli to use the default context store configuration. func WithDefaultContextStoreConfig() CLIOption { return func(cli *DockerCli) error { @@ -197,7 +166,7 @@ func withCustomHeadersFromEnv() (client.Opt, error) { csvReader := csv.NewReader(strings.NewReader(value)) fields, err := csvReader.Read() if err != nil { - return nil, invalidParameter(errors.Errorf( + return nil, invalidParameter(fmt.Errorf( "failed to parse custom headers from %s environment variable: value must be formatted as comma-separated key=value pairs", envOverrideHTTPHeaders, )) @@ -214,7 +183,7 @@ func withCustomHeadersFromEnv() (client.Opt, error) { k = strings.TrimSpace(k) if k == "" { - return nil, invalidParameter(errors.Errorf( + return nil, invalidParameter(fmt.Errorf( `failed to set custom headers from %s environment variable: value contains a key=value pair with an empty key: '%s'`, envOverrideHTTPHeaders, kv, )) @@ -225,7 +194,7 @@ func withCustomHeadersFromEnv() (client.Opt, error) { // from an environment variable with the same name). In the meantime, // produce an error to prevent users from depending on this. if !hasValue { - return nil, invalidParameter(errors.Errorf( + return nil, invalidParameter(fmt.Errorf( `failed to set custom headers from %s environment variable: missing "=" in key=value pair: '%s'`, envOverrideHTTPHeaders, kv, )) diff --git a/vendor/github.com/docker/cli/cli/command/context.go b/vendor/github.com/docker/cli/cli/command/context.go index 64e88e449c4b..2ca82a5a88f3 100644 --- a/vendor/github.com/docker/cli/cli/command/context.go +++ b/vendor/github.com/docker/cli/cli/command/context.go @@ -1,5 +1,5 @@ // FIXME(thaJeztah): remove once we are a module; the go:build directive prevents go from downgrading language version to go1.16: -//go:build go1.23 +//go:build go1.24 package command diff --git a/vendor/github.com/docker/cli/cli/command/defaultcontextstore.go b/vendor/github.com/docker/cli/cli/command/defaultcontextstore.go index 6a01a3c68fc8..e6315b8e89a4 100644 --- a/vendor/github.com/docker/cli/cli/command/defaultcontextstore.go +++ b/vendor/github.com/docker/cli/cli/command/defaultcontextstore.go @@ -1,13 +1,15 @@ // FIXME(thaJeztah): remove once we are a module; the go:build directive prevents go from downgrading language version to go1.16: -//go:build go1.23 +//go:build go1.24 package command import ( + "errors" + "fmt" + "github.com/docker/cli/cli/context/docker" "github.com/docker/cli/cli/context/store" cliflags "github.com/docker/cli/cli/flags" - "github.com/pkg/errors" ) const ( @@ -51,13 +53,6 @@ type EndpointDefaultResolver interface { ResolveDefault() (any, *store.EndpointTLSData, error) } -// ResolveDefaultContext creates a Metadata for the current CLI invocation parameters -// -// Deprecated: this function is exported for testing and meant for internal use. It will be removed in the next release. -func ResolveDefaultContext(opts *cliflags.ClientOptions, config store.Config) (*DefaultContext, error) { - return resolveDefaultContext(opts, config) -} - // resolveDefaultContext creates a Metadata for the current CLI invocation parameters func resolveDefaultContext(opts *cliflags.ClientOptions, config store.Config) (*DefaultContext, error) { contextTLSData := store.ContextTLSData{ @@ -192,7 +187,7 @@ func (s *ContextStoreWithDefault) GetTLSData(contextName, endpointName, fileName return nil, err } if defaultContext.TLS.Endpoints[endpointName].Files[fileName] == nil { - return nil, notFound(errors.Errorf("TLS data for %s/%s/%s does not exist", DefaultContextName, endpointName, fileName)) + return nil, notFound(fmt.Errorf("TLS data for %s/%s/%s does not exist", DefaultContextName, endpointName, fileName)) } return defaultContext.TLS.Endpoints[endpointName].Files[fileName], nil } diff --git a/vendor/github.com/docker/cli/cli/command/formatter/buildcache.go b/vendor/github.com/docker/cli/cli/command/formatter/buildcache.go index ade5de73f4fc..3a3c349988ef 100644 --- a/vendor/github.com/docker/cli/cli/command/formatter/buildcache.go +++ b/vendor/github.com/docker/cli/cli/command/formatter/buildcache.go @@ -6,8 +6,8 @@ import ( "strings" "time" - "github.com/docker/docker/api/types/build" "github.com/docker/go-units" + "github.com/moby/moby/api/types/build" ) const ( @@ -51,7 +51,7 @@ shared: {{.Shared}} return Format(source) } -func buildCacheSort(buildCache []*build.CacheRecord) { +func buildCacheSort(buildCache []build.CacheRecord) { sort.Slice(buildCache, func(i, j int) bool { lui, luj := buildCache[i].LastUsedAt, buildCache[j].LastUsedAt switch { @@ -70,7 +70,7 @@ func buildCacheSort(buildCache []*build.CacheRecord) { } // BuildCacheWrite renders the context for a list of containers -func BuildCacheWrite(ctx Context, buildCaches []*build.CacheRecord) error { +func BuildCacheWrite(ctx Context, buildCaches []build.CacheRecord) error { render := func(format func(subContext SubContext) error) error { buildCacheSort(buildCaches) for _, bc := range buildCaches { @@ -87,7 +87,7 @@ func BuildCacheWrite(ctx Context, buildCaches []*build.CacheRecord) error { type buildCacheContext struct { HeaderContext trunc bool - v *build.CacheRecord + v build.CacheRecord } func newBuildCacheContext() *buildCacheContext { @@ -126,8 +126,6 @@ func (c *buildCacheContext) Parent() string { var parent string if len(c.v.Parents) > 0 { parent = strings.Join(c.v.Parents, ", ") - } else { - parent = c.v.Parent //nolint:staticcheck // Ignore SA1019: Field was deprecated in API v1.42, but kept for backward compatibility } if c.trunc { return TruncateID(parent) diff --git a/vendor/github.com/docker/cli/cli/command/formatter/container.go b/vendor/github.com/docker/cli/cli/command/formatter/container.go index 0a5c587afe23..979d3eb82d60 100644 --- a/vendor/github.com/docker/cli/cli/command/formatter/container.go +++ b/vendor/github.com/docker/cli/cli/command/formatter/container.go @@ -1,5 +1,5 @@ // FIXME(thaJeztah): remove once we are a module; the go:build directive prevents go from downgrading language version to go1.16: -//go:build go1.23 +//go:build go1.24 package formatter @@ -13,8 +13,8 @@ import ( "github.com/containerd/platforms" "github.com/distribution/reference" - "github.com/docker/docker/api/types/container" "github.com/docker/go-units" + "github.com/moby/moby/api/types/container" ocispec "github.com/opencontainers/image-spec/specs-go/v1" ) @@ -170,27 +170,33 @@ func (c *ContainerContext) Image() string { if c.c.Image == "" { return "" } - if c.trunc { - if trunc := TruncateID(c.c.ImageID); trunc == TruncateID(c.c.Image) { - return trunc + if !c.trunc { + return c.c.Image + } + if trunc := TruncateID(c.c.ImageID); trunc == TruncateID(c.c.Image) { + return trunc + } + ref, err := reference.ParseNormalizedNamed(c.c.Image) + if err != nil { + return c.c.Image + } + + if _, ok := ref.(reference.Digested); ok { + // strip the digest, but preserve the tag (if any) + var tag string + if t, ok := ref.(reference.Tagged); ok { + tag = t.Tag() } - // truncate digest if no-trunc option was not selected - ref, err := reference.ParseNormalizedNamed(c.c.Image) - if err == nil { - if nt, ok := ref.(reference.NamedTagged); ok { - // case for when a tag is provided - if namedTagged, err := reference.WithTag(reference.TrimNamed(nt), nt.Tag()); err == nil { - return reference.FamiliarString(namedTagged) - } - } else { - // case for when a tag is not provided - named := reference.TrimNamed(ref) - return reference.FamiliarString(named) + ref = reference.TrimNamed(ref) + if tag != "" { + if out, err := reference.WithTag(ref, tag); err == nil { + ref = out } } } - return c.c.Image + // Format as "familiar" name with "docker.io[/library]" trimmed. + return reference.FamiliarString(ref) } // Command returns's the container's command. If the trunc option is set, the @@ -241,7 +247,7 @@ func (c *ContainerContext) Ports() string { // State returns the container's current state (e.g. "running" or "paused"). // Refer to [container.ContainerState] for possible states. func (c *ContainerContext) State() string { - return c.c.State + return string(c.c.State) } // Status returns the container's status in a human readable form (for example, @@ -338,7 +344,7 @@ func (c *ContainerContext) Networks() string { // DisplayablePorts returns formatted string representing open ports of container // e.g. "0.0.0.0:80->9090/tcp, 9988/tcp" // it's used by command 'docker ps' -func DisplayablePorts(ports []container.Port) string { +func DisplayablePorts(ports []container.PortSummary) string { type portGroup struct { first uint16 last uint16 @@ -354,13 +360,13 @@ func DisplayablePorts(ports []container.Port) string { for _, port := range ports { current := port.PrivatePort portKey := port.Type - if port.IP != "" { + if port.IP.IsValid() { if port.PublicPort != current { - hAddrPort := net.JoinHostPort(port.IP, strconv.Itoa(int(port.PublicPort))) + hAddrPort := net.JoinHostPort(port.IP.String(), strconv.Itoa(int(port.PublicPort))) hostMappings = append(hostMappings, fmt.Sprintf("%s->%d/%s", hAddrPort, port.PrivatePort, port.Type)) continue } - portKey = port.IP + "/" + port.Type + portKey = port.IP.String() + "/" + port.Type } group := groupMap[portKey] @@ -404,13 +410,13 @@ func formGroup(key string, start, last uint16) string { return group + "/" + groupType } -func comparePorts(i, j container.Port) bool { +func comparePorts(i, j container.PortSummary) bool { if i.PrivatePort != j.PrivatePort { return i.PrivatePort < j.PrivatePort } if i.IP != j.IP { - return i.IP < j.IP + return i.IP.String() < j.IP.String() } if i.PublicPort != j.PublicPort { diff --git a/vendor/github.com/docker/cli/cli/command/formatter/custom.go b/vendor/github.com/docker/cli/cli/command/formatter/custom.go index c2b9cb2c56a3..27931af76eed 100644 --- a/vendor/github.com/docker/cli/cli/command/formatter/custom.go +++ b/vendor/github.com/docker/cli/cli/command/formatter/custom.go @@ -1,5 +1,5 @@ // FIXME(thaJeztah): remove once we are a module; the go:build directive prevents go from downgrading language version to go1.16: -//go:build go1.23 +//go:build go1.24 package formatter diff --git a/vendor/github.com/docker/cli/cli/command/formatter/disk_usage.go b/vendor/github.com/docker/cli/cli/command/formatter/disk_usage.go index b663c59b20b7..b14afc1a06c3 100644 --- a/vendor/github.com/docker/cli/cli/command/formatter/disk_usage.go +++ b/vendor/github.com/docker/cli/cli/command/formatter/disk_usage.go @@ -7,19 +7,20 @@ import ( "text/template" "github.com/distribution/reference" - "github.com/docker/docker/api/types/build" - "github.com/docker/docker/api/types/container" - "github.com/docker/docker/api/types/image" - "github.com/docker/docker/api/types/volume" "github.com/docker/go-units" + "github.com/moby/moby/api/types/build" + "github.com/moby/moby/api/types/container" + "github.com/moby/moby/api/types/image" + "github.com/moby/moby/api/types/volume" + "github.com/moby/moby/client" ) const ( - defaultDiskUsageImageTableFormat = "table {{.Repository}}\t{{.Tag}}\t{{.ID}}\t{{.CreatedSince}}\t{{.Size}}\t{{.SharedSize}}\t{{.UniqueSize}}\t{{.Containers}}" - defaultDiskUsageContainerTableFormat = "table {{.ID}}\t{{.Image}}\t{{.Command}}\t{{.LocalVolumes}}\t{{.Size}}\t{{.RunningFor}}\t{{.Status}}\t{{.Names}}" - defaultDiskUsageVolumeTableFormat = "table {{.Name}}\t{{.Links}}\t{{.Size}}" - defaultDiskUsageBuildCacheTableFormat = "table {{.ID}}\t{{.CacheType}}\t{{.Size}}\t{{.CreatedSince}}\t{{.LastUsedSince}}\t{{.UsageCount}}\t{{.Shared}}" - defaultDiskUsageTableFormat = "table {{.Type}}\t{{.TotalCount}}\t{{.Active}}\t{{.Size}}\t{{.Reclaimable}}" + defaultDiskUsageImageTableFormat Format = "table {{.Repository}}\t{{.Tag}}\t{{.ID}}\t{{.CreatedSince}}\t{{.Size}}\t{{.SharedSize}}\t{{.UniqueSize}}\t{{.Containers}}" + defaultDiskUsageContainerTableFormat Format = "table {{.ID}}\t{{.Image}}\t{{.Command}}\t{{.LocalVolumes}}\t{{.Size}}\t{{.RunningFor}}\t{{.Status}}\t{{.Names}}" + defaultDiskUsageVolumeTableFormat Format = "table {{.Name}}\t{{.Links}}\t{{.Size}}" + defaultDiskUsageBuildCacheTableFormat Format = "table {{.ID}}\t{{.CacheType}}\t{{.Size}}\t{{.CreatedSince}}\t{{.LastUsedSince}}\t{{.UsageCount}}\t{{.Shared}}" + defaultDiskUsageTableFormat Format = "table {{.Type}}\t{{.TotalCount}}\t{{.Active}}\t{{.Size}}\t{{.Reclaimable}}" typeHeader = "TYPE" totalHeader = "TOTAL" @@ -33,19 +34,18 @@ const ( // DiskUsageContext contains disk usage specific information required by the formatter, encapsulate a Context struct. type DiskUsageContext struct { Context - Verbose bool - LayersSize int64 - Images []*image.Summary - Containers []*container.Summary - Volumes []*volume.Volume - BuildCache []*build.CacheRecord - BuilderSize int64 + Verbose bool + + ImageDiskUsage client.ImagesDiskUsage + BuildCacheDiskUsage client.BuildCacheDiskUsage + ContainerDiskUsage client.ContainersDiskUsage + VolumeDiskUsage client.VolumesDiskUsage } -func (ctx *DiskUsageContext) startSubsection(format string) (*template.Template, error) { +func (ctx *DiskUsageContext) startSubsection(format Format) (*template.Template, error) { ctx.buffer = &bytes.Buffer{} ctx.header = "" - ctx.Format = Format(format) + ctx.Format = format ctx.preFormat() return ctx.parseFormat() @@ -69,7 +69,7 @@ func NewDiskUsageFormat(source string, verbose bool) Format { {{end -}}` return format case !verbose && source == TableFormatKey: - return Format(defaultDiskUsageTableFormat) + return defaultDiskUsageTableFormat case !verbose && source == RawFormatKey: format := `type: {{.Type}} total: {{.TotalCount}} @@ -96,35 +96,49 @@ func (ctx *DiskUsageContext) Write() (err error) { } err = ctx.contextFormat(tmpl, &diskUsageImagesContext{ - totalSize: ctx.LayersSize, - images: ctx.Images, + totalCount: ctx.ImageDiskUsage.TotalCount, + activeCount: ctx.ImageDiskUsage.ActiveCount, + totalSize: ctx.ImageDiskUsage.TotalSize, + reclaimable: ctx.ImageDiskUsage.Reclaimable, + images: ctx.ImageDiskUsage.Items, }) if err != nil { return err } err = ctx.contextFormat(tmpl, &diskUsageContainersContext{ - containers: ctx.Containers, + totalCount: ctx.ContainerDiskUsage.TotalCount, + activeCount: ctx.ContainerDiskUsage.ActiveCount, + totalSize: ctx.ContainerDiskUsage.TotalSize, + reclaimable: ctx.ContainerDiskUsage.Reclaimable, + containers: ctx.ContainerDiskUsage.Items, }) if err != nil { return err } err = ctx.contextFormat(tmpl, &diskUsageVolumesContext{ - volumes: ctx.Volumes, + totalCount: ctx.VolumeDiskUsage.TotalCount, + activeCount: ctx.VolumeDiskUsage.ActiveCount, + totalSize: ctx.VolumeDiskUsage.TotalSize, + reclaimable: ctx.VolumeDiskUsage.Reclaimable, + volumes: ctx.VolumeDiskUsage.Items, }) if err != nil { return err } err = ctx.contextFormat(tmpl, &diskUsageBuilderContext{ - builderSize: ctx.BuilderSize, - buildCache: ctx.BuildCache, + totalCount: ctx.BuildCacheDiskUsage.TotalCount, + activeCount: ctx.BuildCacheDiskUsage.ActiveCount, + builderSize: ctx.BuildCacheDiskUsage.TotalSize, + reclaimable: ctx.BuildCacheDiskUsage.Reclaimable, + buildCache: ctx.BuildCacheDiskUsage.Items, }) if err != nil { return err } - diskUsageContainersCtx := diskUsageContainersContext{containers: []*container.Summary{}} + diskUsageContainersCtx := diskUsageContainersContext{containers: []container.Summary{}} diskUsageContainersCtx.Header = SubHeaderContext{ "Type": typeHeader, "TotalCount": totalHeader, @@ -146,18 +160,18 @@ type diskUsageContext struct { func (ctx *DiskUsageContext) verboseWrite() error { duc := &diskUsageContext{ - Images: make([]*imageContext, 0, len(ctx.Images)), - Containers: make([]*ContainerContext, 0, len(ctx.Containers)), - Volumes: make([]*volumeContext, 0, len(ctx.Volumes)), - BuildCache: make([]*buildCacheContext, 0, len(ctx.BuildCache)), + Images: make([]*imageContext, 0, len(ctx.ImageDiskUsage.Items)), + Containers: make([]*ContainerContext, 0, len(ctx.ContainerDiskUsage.Items)), + Volumes: make([]*volumeContext, 0, len(ctx.VolumeDiskUsage.Items)), + BuildCache: make([]*buildCacheContext, 0, len(ctx.BuildCacheDiskUsage.Items)), } trunc := ctx.Format.IsTable() // First images - for _, i := range ctx.Images { + for _, i := range ctx.ImageDiskUsage.Items { repo := "" tag := "" - if len(i.RepoTags) > 0 && !isDangling(*i) { + if len(i.RepoTags) > 0 && !isDangling(i) { // Only show the first tag ref, err := reference.ParseNormalizedNamed(i.RepoTags[0]) if err != nil { @@ -173,25 +187,25 @@ func (ctx *DiskUsageContext) verboseWrite() error { repo: repo, tag: tag, trunc: trunc, - i: *i, + i: i, }) } // Now containers - for _, c := range ctx.Containers { + for _, c := range ctx.ContainerDiskUsage.Items { // Don't display the virtual size c.SizeRootFs = 0 - duc.Containers = append(duc.Containers, &ContainerContext{trunc: trunc, c: *c}) + duc.Containers = append(duc.Containers, &ContainerContext{trunc: trunc, c: c}) } // And volumes - for _, v := range ctx.Volumes { - duc.Volumes = append(duc.Volumes, &volumeContext{v: *v}) + for _, v := range ctx.VolumeDiskUsage.Items { + duc.Volumes = append(duc.Volumes, &volumeContext{v: v}) } // And build cache - buildCacheSort(ctx.BuildCache) - for _, v := range ctx.BuildCache { + buildCacheSort(ctx.BuildCacheDiskUsage.Items) + for _, v := range ctx.BuildCacheDiskUsage.Items { duc.BuildCache = append(duc.BuildCache, &buildCacheContext{v: v, trunc: trunc}) } @@ -212,7 +226,7 @@ func (ctx *DiskUsageContext) verboseWriteTable(duc *diskUsageContext) error { if err != nil { return err } - ctx.Output.Write([]byte("Images space usage:\n\n")) + _, _ = ctx.Output.Write([]byte("Images space usage:\n\n")) for _, img := range duc.Images { if err := ctx.contextFormat(tmpl, img); err != nil { return err @@ -224,7 +238,7 @@ func (ctx *DiskUsageContext) verboseWriteTable(duc *diskUsageContext) error { if err != nil { return err } - ctx.Output.Write([]byte("\nContainers space usage:\n\n")) + _, _ = ctx.Output.Write([]byte("\nContainers space usage:\n\n")) for _, c := range duc.Containers { if err := ctx.contextFormat(tmpl, c); err != nil { return err @@ -248,7 +262,7 @@ func (ctx *DiskUsageContext) verboseWriteTable(duc *diskUsageContext) error { if err != nil { return err } - _, _ = fmt.Fprintf(ctx.Output, "\nBuild cache usage: %s\n\n", units.HumanSize(float64(ctx.BuilderSize))) + _, _ = fmt.Fprintf(ctx.Output, "\nBuild cache usage: %s\n\n", units.HumanSize(float64(ctx.BuildCacheDiskUsage.TotalSize))) for _, v := range duc.BuildCache { if err := ctx.contextFormat(tmpl, v); err != nil { return err @@ -261,8 +275,11 @@ func (ctx *DiskUsageContext) verboseWriteTable(duc *diskUsageContext) error { type diskUsageImagesContext struct { HeaderContext - totalSize int64 - images []*image.Summary + totalSize int64 + reclaimable int64 + totalCount int64 + activeCount int64 + images []image.Summary } func (c *diskUsageImagesContext) MarshalJSON() ([]byte, error) { @@ -274,18 +291,11 @@ func (*diskUsageImagesContext) Type() string { } func (c *diskUsageImagesContext) TotalCount() string { - return strconv.Itoa(len(c.images)) + return strconv.FormatInt(c.totalCount, 10) } func (c *diskUsageImagesContext) Active() string { - used := 0 - for _, i := range c.images { - if i.Containers > 0 { - used++ - } - } - - return strconv.Itoa(used) + return strconv.FormatInt(c.activeCount, 10) } func (c *diskUsageImagesContext) Size() string { @@ -293,27 +303,19 @@ func (c *diskUsageImagesContext) Size() string { } func (c *diskUsageImagesContext) Reclaimable() string { - var used int64 - - for _, i := range c.images { - if i.Containers != 0 { - if i.Size == -1 || i.SharedSize == -1 { - continue - } - used += i.Size - i.SharedSize - } - } - - reclaimable := c.totalSize - used if c.totalSize > 0 { - return fmt.Sprintf("%s (%v%%)", units.HumanSize(float64(reclaimable)), (reclaimable*100)/c.totalSize) + return fmt.Sprintf("%s (%v%%)", units.HumanSize(float64(c.reclaimable)), (c.reclaimable*100)/c.totalSize) } - return units.HumanSize(float64(reclaimable)) + return units.HumanSize(float64(c.reclaimable)) } type diskUsageContainersContext struct { HeaderContext - containers []*container.Summary + totalCount int64 + activeCount int64 + totalSize int64 + reclaimable int64 + containers []container.Summary } func (c *diskUsageContainersContext) MarshalJSON() ([]byte, error) { @@ -325,62 +327,32 @@ func (*diskUsageContainersContext) Type() string { } func (c *diskUsageContainersContext) TotalCount() string { - return strconv.Itoa(len(c.containers)) -} - -func (*diskUsageContainersContext) isActive(ctr container.Summary) bool { - switch ctr.State { - case container.StateRunning, container.StatePaused, container.StateRestarting: - return true - case container.StateCreated, container.StateRemoving, container.StateExited, container.StateDead: - return false - default: - // Unknown state (should never happen). - return false - } + return strconv.FormatInt(c.totalCount, 10) } func (c *diskUsageContainersContext) Active() string { - used := 0 - for _, ctr := range c.containers { - if c.isActive(*ctr) { - used++ - } - } - - return strconv.Itoa(used) + return strconv.FormatInt(c.activeCount, 10) } func (c *diskUsageContainersContext) Size() string { - var size int64 - - for _, ctr := range c.containers { - size += ctr.SizeRw - } - - return units.HumanSize(float64(size)) + return units.HumanSize(float64(c.totalSize)) } func (c *diskUsageContainersContext) Reclaimable() string { - var reclaimable, totalSize int64 - - for _, ctr := range c.containers { - if !c.isActive(*ctr) { - reclaimable += ctr.SizeRw - } - totalSize += ctr.SizeRw - } - - if totalSize > 0 { - return fmt.Sprintf("%s (%v%%)", units.HumanSize(float64(reclaimable)), (reclaimable*100)/totalSize) + if c.totalSize > 0 { + return fmt.Sprintf("%s (%v%%)", units.HumanSize(float64(c.reclaimable)), (c.reclaimable*100)/c.totalSize) } - return units.HumanSize(float64(reclaimable)) + return units.HumanSize(float64(c.reclaimable)) } type diskUsageVolumesContext struct { HeaderContext - volumes []*volume.Volume + totalCount int64 + activeCount int64 + totalSize int64 + reclaimable int64 + volumes []volume.Volume } func (c *diskUsageVolumesContext) MarshalJSON() ([]byte, error) { @@ -392,56 +364,32 @@ func (*diskUsageVolumesContext) Type() string { } func (c *diskUsageVolumesContext) TotalCount() string { - return strconv.Itoa(len(c.volumes)) + return strconv.FormatInt(c.totalCount, 10) } func (c *diskUsageVolumesContext) Active() string { - used := 0 - for _, v := range c.volumes { - if v.UsageData.RefCount > 0 { - used++ - } - } - - return strconv.Itoa(used) + return strconv.FormatInt(c.activeCount, 10) } func (c *diskUsageVolumesContext) Size() string { - var size int64 - - for _, v := range c.volumes { - if v.UsageData.Size != -1 { - size += v.UsageData.Size - } - } - - return units.HumanSize(float64(size)) + return units.HumanSize(float64(c.totalSize)) } func (c *diskUsageVolumesContext) Reclaimable() string { - var reclaimable int64 - var totalSize int64 - - for _, v := range c.volumes { - if v.UsageData.Size != -1 { - if v.UsageData.RefCount == 0 { - reclaimable += v.UsageData.Size - } - totalSize += v.UsageData.Size - } - } - - if totalSize > 0 { - return fmt.Sprintf("%s (%v%%)", units.HumanSize(float64(reclaimable)), (reclaimable*100)/totalSize) + if c.totalSize > 0 { + return fmt.Sprintf("%s (%v%%)", units.HumanSize(float64(c.reclaimable)), (c.reclaimable*100)/c.totalSize) } - return units.HumanSize(float64(reclaimable)) + return units.HumanSize(float64(c.reclaimable)) } type diskUsageBuilderContext struct { HeaderContext + totalCount int64 + activeCount int64 builderSize int64 - buildCache []*build.CacheRecord + reclaimable int64 + buildCache []build.CacheRecord } func (c *diskUsageBuilderContext) MarshalJSON() ([]byte, error) { @@ -453,17 +401,11 @@ func (*diskUsageBuilderContext) Type() string { } func (c *diskUsageBuilderContext) TotalCount() string { - return strconv.Itoa(len(c.buildCache)) + return strconv.FormatInt(c.totalCount, 10) } func (c *diskUsageBuilderContext) Active() string { - numActive := 0 - for _, bc := range c.buildCache { - if bc.InUse { - numActive++ - } - } - return strconv.Itoa(numActive) + return strconv.FormatInt(c.activeCount, 10) } func (c *diskUsageBuilderContext) Size() string { @@ -471,12 +413,5 @@ func (c *diskUsageBuilderContext) Size() string { } func (c *diskUsageBuilderContext) Reclaimable() string { - var inUseBytes int64 - for _, bc := range c.buildCache { - if bc.InUse && !bc.Shared { - inUseBytes += bc.Size - } - } - - return units.HumanSize(float64(c.builderSize - inUseBytes)) + return units.HumanSize(float64(c.reclaimable)) } diff --git a/vendor/github.com/docker/cli/cli/command/formatter/displayutils.go b/vendor/github.com/docker/cli/cli/command/formatter/displayutils.go index b062c3391bcb..7b0bd687ff59 100644 --- a/vendor/github.com/docker/cli/cli/command/formatter/displayutils.go +++ b/vendor/github.com/docker/cli/cli/command/formatter/displayutils.go @@ -1,5 +1,5 @@ // FIXME(thaJeztah): remove once we are a module; the go:build directive prevents go from downgrading language version to go1.16: -//go:build go1.23 +//go:build go1.24 package formatter @@ -8,6 +8,7 @@ import ( "strings" "unicode/utf8" + "github.com/moby/moby/client/pkg/stringid" "golang.org/x/text/width" ) @@ -27,23 +28,12 @@ func charWidth(r rune) int { } } -const shortLen = 12 - // TruncateID returns a shorthand version of a string identifier for presentation, // after trimming digest algorithm prefix (if any). // -// This function is a copy of [stringid.TruncateID] for presentation / formatting -// purposes. -// -// [stringid.TruncateID]: https://github.com/moby/moby/blob/v28.3.2/pkg/stringid/stringid.go#L19 +// This function is a wrapper for [stringid.TruncateID] for convenience. func TruncateID(id string) string { - if i := strings.IndexRune(id, ':'); i >= 0 { - id = id[i+1:] - } - if len(id) > shortLen { - id = id[:shortLen] - } - return id + return stringid.TruncateID(id) } // Ellipsis truncates a string to fit within maxDisplayWidth, and appends ellipsis (…). diff --git a/vendor/github.com/docker/cli/cli/command/formatter/formatter.go b/vendor/github.com/docker/cli/cli/command/formatter/formatter.go index 7803cabe45d8..88905cd1be5c 100644 --- a/vendor/github.com/docker/cli/cli/command/formatter/formatter.go +++ b/vendor/github.com/docker/cli/cli/command/formatter/formatter.go @@ -1,17 +1,17 @@ // FIXME(thaJeztah): remove once we are a module; the go:build directive prevents go from downgrading language version to go1.16: -//go:build go1.23 +//go:build go1.24 package formatter import ( "bytes" + "fmt" "io" "strings" "text/template" "github.com/docker/cli/cli/command/formatter/tabwriter" "github.com/docker/cli/templates" - "github.com/pkg/errors" ) // Format keys used to specify certain kinds of output formats @@ -76,7 +76,7 @@ func (c *Context) preFormat() { func (c *Context) parseFormat() (*template.Template, error) { tmpl, err := templates.Parse(c.finalFormat) if err != nil { - return nil, errors.Wrap(err, "template parsing error") + return nil, fmt.Errorf("template parsing error: %w", err) } return tmpl, nil } @@ -100,7 +100,7 @@ func (c *Context) postFormat(tmpl *template.Template, subContext SubContext) { func (c *Context) contextFormat(tmpl *template.Template, subContext SubContext) error { if err := tmpl.Execute(c.buffer, subContext); err != nil { - return errors.Wrap(err, "template parsing error") + return fmt.Errorf("template parsing error: %w", err) } if c.Format.IsTable() && c.header != nil { c.header = subContext.FullHeader() diff --git a/vendor/github.com/docker/cli/cli/command/formatter/image.go b/vendor/github.com/docker/cli/cli/command/formatter/image.go index 74c2fe758f84..d24bf50947ce 100644 --- a/vendor/github.com/docker/cli/cli/command/formatter/image.go +++ b/vendor/github.com/docker/cli/cli/command/formatter/image.go @@ -5,8 +5,8 @@ import ( "time" "github.com/distribution/reference" - "github.com/docker/docker/api/types/image" "github.com/docker/go-units" + "github.com/moby/moby/api/types/image" ) const ( @@ -202,7 +202,6 @@ func newImageContext() *imageContext { "CreatedAt": CreatedAtHeader, "Size": SizeHeader, "Containers": containersHeader, - "VirtualSize": SizeHeader, // Deprecated: VirtualSize is deprecated, and equivalent to Size. "SharedSize": sharedSizeHeader, "UniqueSize": uniqueSizeHeader, } @@ -257,15 +256,6 @@ func (c *imageContext) Containers() string { return strconv.FormatInt(c.i.Containers, 10) } -// VirtualSize shows the virtual size of the image and all of its parent -// images. Starting with docker 1.10, images are self-contained, and -// the VirtualSize is identical to Size. -// -// Deprecated: VirtualSize is deprecated, and equivalent to [imageContext.Size]. -func (c *imageContext) VirtualSize() string { - return units.HumanSize(float64(c.i.Size)) -} - func (c *imageContext) SharedSize() string { if c.i.SharedSize == -1 { return "N/A" diff --git a/vendor/github.com/docker/cli/cli/command/formatter/reflect.go b/vendor/github.com/docker/cli/cli/command/formatter/reflect.go index 316583376153..89da07b8a392 100644 --- a/vendor/github.com/docker/cli/cli/command/formatter/reflect.go +++ b/vendor/github.com/docker/cli/cli/command/formatter/reflect.go @@ -1,14 +1,14 @@ // FIXME(thaJeztah): remove once we are a module; the go:build directive prevents go from downgrading language version to go1.16: -//go:build go1.23 +//go:build go1.24 package formatter import ( "encoding/json" + "errors" + "fmt" "reflect" "unicode" - - "github.com/pkg/errors" ) // MarshalJSON marshals x into json @@ -25,14 +25,14 @@ func MarshalJSON(x any) ([]byte, error) { func marshalMap(x any) (map[string]any, error) { val := reflect.ValueOf(x) if val.Kind() != reflect.Ptr { - return nil, errors.Errorf("expected a pointer to a struct, got %v", val.Kind()) + return nil, fmt.Errorf("expected a pointer to a struct, got %v", val.Kind()) } if val.IsNil() { - return nil, errors.Errorf("expected a pointer to a struct, got nil pointer") + return nil, errors.New("expected a pointer to a struct, got nil pointer") } valElem := val.Elem() if valElem.Kind() != reflect.Struct { - return nil, errors.Errorf("expected a pointer to a struct, got a pointer to %v", valElem.Kind()) + return nil, fmt.Errorf("expected a pointer to a struct, got a pointer to %v", valElem.Kind()) } typ := val.Type() m := make(map[string]any) @@ -54,7 +54,7 @@ var unmarshallableNames = map[string]struct{}{"FullHeader": {}} // It returns ("", nil, nil) for valid but non-marshallable parameter. (e.g. "unexportedFunc()") func marshalForMethod(typ reflect.Method, val reflect.Value) (string, any, error) { if val.Kind() != reflect.Func { - return "", nil, errors.Errorf("expected func, got %v", val.Kind()) + return "", nil, fmt.Errorf("expected func, got %v", val.Kind()) } name, numIn, numOut := typ.Name, val.Type().NumIn(), val.Type().NumOut() _, blackListed := unmarshallableNames[name] diff --git a/vendor/github.com/docker/cli/cli/command/formatter/volume.go b/vendor/github.com/docker/cli/cli/command/formatter/volume.go index bf9ea5d44e5d..e3d4b1922dae 100644 --- a/vendor/github.com/docker/cli/cli/command/formatter/volume.go +++ b/vendor/github.com/docker/cli/cli/command/formatter/volume.go @@ -5,8 +5,8 @@ import ( "strconv" "strings" - "github.com/docker/docker/api/types/volume" "github.com/docker/go-units" + "github.com/moby/moby/api/types/volume" ) const ( @@ -40,10 +40,10 @@ func NewVolumeFormat(source string, quiet bool) Format { } // VolumeWrite writes formatted volumes using the Context -func VolumeWrite(ctx Context, volumes []*volume.Volume) error { +func VolumeWrite(ctx Context, volumes []volume.Volume) error { render := func(format func(subContext SubContext) error) error { for _, vol := range volumes { - if err := format(&volumeContext{v: *vol}); err != nil { + if err := format(&volumeContext{v: vol}); err != nil { return err } } diff --git a/vendor/github.com/docker/cli/cli/command/registry.go b/vendor/github.com/docker/cli/cli/command/registry.go index 0deb74cd9170..87c81c6da5da 100644 --- a/vendor/github.com/docker/cli/cli/command/registry.go +++ b/vendor/github.com/docker/cli/cli/command/registry.go @@ -2,6 +2,7 @@ package command import ( "context" + "errors" "fmt" "os" "runtime" @@ -15,9 +16,9 @@ import ( "github.com/docker/cli/cli/streams" "github.com/docker/cli/internal/prompt" "github.com/docker/cli/internal/tui" - registrytypes "github.com/docker/docker/api/types/registry" + "github.com/moby/moby/api/pkg/authconfig" + registrytypes "github.com/moby/moby/api/types/registry" "github.com/morikuni/aec" - "github.com/pkg/errors" ) const ( @@ -34,42 +35,11 @@ const ( // [registry.IndexServer]: https://pkg.go.dev/github.com/docker/docker@v28.3.3+incompatible/registry#IndexServer const authConfigKey = "https://index.docker.io/v1/" -// RegistryAuthenticationPrivilegedFunc returns a RequestPrivilegeFunc from the specified registry index info -// for the given command to prompt the user for username and password. -// -// Deprecated: this function is no longer used and will be removed in the next release. -func RegistryAuthenticationPrivilegedFunc(cli Cli, index *registrytypes.IndexInfo, cmdName string) registrytypes.RequestAuthConfig { - configKey := getAuthConfigKey(index.Name) - isDefaultRegistry := configKey == authConfigKey || index.Official - return func(ctx context.Context) (string, error) { - _, _ = fmt.Fprintf(cli.Out(), "\nLogin prior to %s:\n", cmdName) - authConfig, err := GetDefaultAuthConfig(cli.ConfigFile(), true, configKey, isDefaultRegistry) - if err != nil { - _, _ = fmt.Fprintf(cli.Err(), "Unable to retrieve stored credentials for %s, error: %s.\n", configKey, err) - } - - select { - case <-ctx.Done(): - return "", ctx.Err() - default: - } - - authConfig, err = PromptUserForCredentials(ctx, cli, "", "", authConfig.Username, configKey) - if err != nil { - return "", err - } - return registrytypes.EncodeAuthConfig(authConfig) - } -} - // ResolveAuthConfig returns auth-config for the given registry from the // credential-store. It returns an empty AuthConfig if no credentials were // found. // -// It is similar to [registry.ResolveAuthConfig], but uses the credentials- -// store, instead of looking up credentials from a map. -// -// [registry.ResolveAuthConfig]: https://pkg.go.dev/github.com/docker/docker@v28.3.3+incompatible/registry#ResolveAuthConfig +// Deprecated: this function is no longer used, and will be removed in the next release. func ResolveAuthConfig(cfg *configfile.ConfigFile, index *registrytypes.IndexInfo) registrytypes.AuthConfig { configKey := index.Name if index.Official { @@ -170,7 +140,7 @@ func PromptUserForCredentials(ctx context.Context, cli Cli, argUser, argPassword argUser = defaultUsername } if argUser == "" { - return registrytypes.AuthConfig{}, errors.Errorf("Error: Non-null Username Required") + return registrytypes.AuthConfig{}, errors.New("error: username is required") } } @@ -202,7 +172,7 @@ func PromptUserForCredentials(ctx context.Context, cli Cli, argUser, argPassword } _, _ = fmt.Fprintln(cli.Out()) if argPassword == "" { - return registrytypes.AuthConfig{}, errors.Errorf("Error: Password Required") + return registrytypes.AuthConfig{}, errors.New("error: password is required") } } @@ -230,7 +200,7 @@ func RetrieveAuthTokenFromImage(cfg *configfile.ConfigFile, image string) (strin return "", err } - encodedAuth, err := registrytypes.EncodeAuthConfig(registrytypes.AuthConfig{ + encodedAuth, err := authconfig.Encode(registrytypes.AuthConfig{ Username: authConfig.Username, Password: authConfig.Password, ServerAddress: authConfig.ServerAddress, diff --git a/vendor/github.com/docker/cli/cli/command/telemetry.go b/vendor/github.com/docker/cli/cli/command/telemetry.go index e8e6296b5a92..93f0ed27a230 100644 --- a/vendor/github.com/docker/cli/cli/command/telemetry.go +++ b/vendor/github.com/docker/cli/cli/command/telemetry.go @@ -11,11 +11,12 @@ import ( "github.com/google/uuid" "go.opentelemetry.io/otel" "go.opentelemetry.io/otel/metric" + otelsdk "go.opentelemetry.io/otel/sdk" sdkmetric "go.opentelemetry.io/otel/sdk/metric" "go.opentelemetry.io/otel/sdk/metric/metricdata" "go.opentelemetry.io/otel/sdk/resource" sdktrace "go.opentelemetry.io/otel/sdk/trace" - semconv "go.opentelemetry.io/otel/semconv/v1.26.0" + semconv "go.opentelemetry.io/otel/semconv/v1.37.0" "go.opentelemetry.io/otel/trace" ) @@ -146,7 +147,7 @@ func defaultResourceOptions() []resource.Option { semconv.ServiceInstanceID(uuid.NewString()), ), resource.WithFromEnv(), - resource.WithTelemetrySDK(), + resource.WithDetectors(telemetrySDK{}), } } @@ -157,7 +158,10 @@ func (r *telemetryResource) AppendOptions(opts ...resource.Option) { r.opts = append(r.opts, opts...) } -type serviceNameDetector struct{} +type ( + serviceNameDetector struct{} + telemetrySDK struct{} +) func (serviceNameDetector) Detect(ctx context.Context) (*resource.Resource, error) { return resource.StringDetector( @@ -169,6 +173,16 @@ func (serviceNameDetector) Detect(ctx context.Context) (*resource.Resource, erro ).Detect(ctx) } +// Detect returns a *Resource that describes the OpenTelemetry SDK used. +func (telemetrySDK) Detect(context.Context) (*resource.Resource, error) { + return resource.NewWithAttributes( + semconv.SchemaURL, + semconv.TelemetrySDKName("opentelemetry"), + semconv.TelemetrySDKLanguageGo, + semconv.TelemetrySDKVersion(otelsdk.Version()), + ), nil +} + // cliReader is an implementation of Reader that will automatically // report to a designated Exporter when Shutdown is called. type cliReader struct { diff --git a/vendor/github.com/docker/cli/cli/command/telemetry_docker.go b/vendor/github.com/docker/cli/cli/command/telemetry_docker.go index 6598997d6817..f0a43a4259b2 100644 --- a/vendor/github.com/docker/cli/cli/command/telemetry_docker.go +++ b/vendor/github.com/docker/cli/cli/command/telemetry_docker.go @@ -1,5 +1,5 @@ // FIXME(thaJeztah): remove once we are a module; the go:build directive prevents go from downgrading language version to go1.16: -//go:build go1.23 +//go:build go1.24 package command @@ -14,7 +14,6 @@ import ( "strings" "unicode" - "github.com/pkg/errors" "go.opentelemetry.io/otel" "go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc" "go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc" @@ -48,7 +47,7 @@ func dockerExporterOTLPEndpoint(cli Cli) (endpoint string, secure bool) { if otelCfg != nil { otelMap, ok := otelCfg.(map[string]any) if !ok { - otel.Handle(errors.Errorf( + otel.Handle(fmt.Errorf( "unexpected type for field %q: %T (expected: %T)", otelContextFieldName, otelCfg, @@ -76,7 +75,7 @@ func dockerExporterOTLPEndpoint(cli Cli) (endpoint string, secure bool) { // We pretend we're the same as the environment reader. u, err := url.Parse(endpoint) if err != nil { - otel.Handle(errors.Errorf("docker otel endpoint is invalid: %s", err)) + otel.Handle(fmt.Errorf("docker otel endpoint is invalid: %s", err)) return "", false } diff --git a/vendor/github.com/docker/cli/cli/command/telemetry_utils.go b/vendor/github.com/docker/cli/cli/command/telemetry_utils.go index 680415b63770..dadbd13fd72c 100644 --- a/vendor/github.com/docker/cli/cli/command/telemetry_utils.go +++ b/vendor/github.com/docker/cli/cli/command/telemetry_utils.go @@ -2,12 +2,12 @@ package command import ( "context" + "errors" "fmt" "strings" "time" "github.com/docker/cli/cli/version" - "github.com/pkg/errors" "github.com/spf13/cobra" "go.opentelemetry.io/otel" "go.opentelemetry.io/otel/attribute" diff --git a/vendor/github.com/docker/cli/cli/command/utils.go b/vendor/github.com/docker/cli/cli/command/utils.go index fdedc2a14fb9..dcbeed2f7191 100644 --- a/vendor/github.com/docker/cli/cli/command/utils.go +++ b/vendor/github.com/docker/cli/cli/command/utils.go @@ -1,74 +1,30 @@ // FIXME(thaJeztah): remove once we are a module; the go:build directive prevents go from downgrading language version to go1.16: -//go:build go1.23 +//go:build go1.24 package command import ( - "context" - "io" + "errors" + "fmt" "os" "path/filepath" "strings" "github.com/docker/cli/cli/config" - "github.com/docker/cli/cli/streams" - "github.com/docker/cli/internal/prompt" - "github.com/docker/docker/api/types/filters" - "github.com/pkg/errors" + "github.com/moby/moby/client" ) -// ErrPromptTerminated is returned if the user terminated the prompt. -// -// Deprecated: this error is for internal use and will be removed in the next release. -const ErrPromptTerminated = prompt.ErrTerminated - -// DisableInputEcho disables input echo on the provided streams.In. -// This is useful when the user provides sensitive information like passwords. -// The function returns a restore function that should be called to restore the -// terminal state. -// -// Deprecated: this function is for internal use and will be removed in the next release. -func DisableInputEcho(ins *streams.In) (restore func() error, err error) { - return prompt.DisableInputEcho(ins) -} - -// PromptForInput requests input from the user. -// -// If the user terminates the CLI with SIGINT or SIGTERM while the prompt is -// active, the prompt will return an empty string ("") with an ErrPromptTerminated error. -// When the prompt returns an error, the caller should propagate the error up -// the stack and close the io.Reader used for the prompt which will prevent the -// background goroutine from blocking indefinitely. -// -// Deprecated: this function is for internal use and will be removed in the next release. -func PromptForInput(ctx context.Context, in io.Reader, out io.Writer, message string) (string, error) { - return prompt.ReadInput(ctx, in, out, message) -} - -// PromptForConfirmation requests and checks confirmation from the user. -// This will display the provided message followed by ' [y/N] '. If the user -// input 'y' or 'Y' it returns true otherwise false. If no message is provided, -// "Are you sure you want to proceed? [y/N] " will be used instead. -// -// If the user terminates the CLI with SIGINT or SIGTERM while the prompt is -// active, the prompt will return false with an ErrPromptTerminated error. -// When the prompt returns an error, the caller should propagate the error up -// the stack and close the io.Reader used for the prompt which will prevent the -// background goroutine from blocking indefinitely. -// -// Deprecated: this function is for internal use and will be removed in the next release. -func PromptForConfirmation(ctx context.Context, ins io.Reader, outs io.Writer, message string) (bool, error) { - return prompt.Confirm(ctx, ins, outs, message) -} - // PruneFilters merges prune filters specified in config.json with those specified -// as command-line flags. +// as command-line flags. It returns a deep copy of filters to prevent mutating +// the original. // // CLI label filters have precedence over those specified in config.json. If a // label filter specified as flag conflicts with a label defined in config.json // (i.e., "label=some-value" conflicts with "label!=some-value", and vice versa), // then the filter defined in config.json is omitted. -func PruneFilters(dockerCLI config.Provider, pruneFilters filters.Args) filters.Args { +func PruneFilters(dockerCLI config.Provider, filters client.Filters) client.Filters { + pruneFilters := filters.Clone() + cfg := dockerCLI.ConfigFile() if cfg == nil { return pruneFilters @@ -84,13 +40,13 @@ func PruneFilters(dockerCLI config.Provider, pruneFilters filters.Args) filters. switch k { case "label": // "label != some-value" conflicts with "label = some-value" - if pruneFilters.ExactMatch("label!", v) { + if pruneFilters["label!"][v] { continue } pruneFilters.Add(k, v) case "label!": // "label != some-value" conflicts with "label = some-value" - if pruneFilters.ExactMatch("label", v) { + if pruneFilters["label"][v] { continue } pruneFilters.Add(k, v) @@ -107,7 +63,7 @@ func ValidateOutputPath(path string) error { dir := filepath.Dir(filepath.Clean(path)) if dir != "" && dir != "." { if _, err := os.Stat(dir); os.IsNotExist(err) { - return errors.Errorf("invalid output path: directory %q does not exist", dir) + return fmt.Errorf("invalid output path: directory %q does not exist", dir) } } // check whether `path` points to a regular file @@ -122,7 +78,7 @@ func ValidateOutputPath(path string) error { } if err := ValidateOutputPathFileMode(fileInfo.Mode()); err != nil { - return errors.Wrapf(err, "invalid output path: %q must be a directory or a regular file", path) + return fmt.Errorf("invalid output path: %q must be a directory or a regular file: %w", path, err) } } return nil diff --git a/vendor/github.com/docker/cli/cli/config/config.go b/vendor/github.com/docker/cli/cli/config/config.go index cbb34486a6c8..5a637805091c 100644 --- a/vendor/github.com/docker/cli/cli/config/config.go +++ b/vendor/github.com/docker/cli/cli/config/config.go @@ -13,7 +13,6 @@ import ( "github.com/docker/cli/cli/config/configfile" "github.com/docker/cli/cli/config/credentials" "github.com/docker/cli/cli/config/types" - "github.com/pkg/errors" ) const ( @@ -101,7 +100,7 @@ func SetDir(dir string) { func Path(p ...string) (string, error) { path := filepath.Join(append([]string{Dir()}, p...)...) if !strings.HasPrefix(path, Dir()+string(filepath.Separator)) { - return "", errors.Errorf("path %q is outside of root config directory %q", path, Dir()) + return "", fmt.Errorf("path %q is outside of root config directory %q", path, Dir()) } return path, nil } @@ -143,12 +142,12 @@ func load(configDir string) (*configfile.ConfigFile, error) { return configFile, nil } // Any other error happening when failing to read the file must be returned. - return configFile, errors.Wrap(err, "loading config file") + return configFile, fmt.Errorf("loading config file: %w", err) } - defer file.Close() + defer func() { _ = file.Close() }() err = configFile.LoadFromReader(file) if err != nil { - err = errors.Wrapf(err, "parsing config file (%s)", filename) + err = fmt.Errorf("parsing config file (%s): %w", filename, err) } return configFile, err } diff --git a/vendor/github.com/docker/cli/cli/config/configfile/file.go b/vendor/github.com/docker/cli/cli/config/configfile/file.go index 530c5228561f..fab3ed4cba13 100644 --- a/vendor/github.com/docker/cli/cli/config/configfile/file.go +++ b/vendor/github.com/docker/cli/cli/config/configfile/file.go @@ -3,6 +3,7 @@ package configfile import ( "encoding/base64" "encoding/json" + "errors" "fmt" "io" "os" @@ -12,7 +13,6 @@ import ( "github.com/docker/cli/cli/config/credentials" "github.com/docker/cli/cli/config/memorystore" "github.com/docker/cli/cli/config/types" - "github.com/pkg/errors" "github.com/sirupsen/logrus" ) @@ -43,9 +43,6 @@ type ConfigFile struct { Plugins map[string]map[string]string `json:"plugins,omitempty"` Aliases map[string]string `json:"aliases,omitempty"` Features map[string]string `json:"features,omitempty"` - - // Deprecated: experimental CLI features are always enabled and this field is no longer used. Use [Features] instead for optional features. This field will be removed in a future release. - Experimental string `json:"experimental,omitempty"` } type configEnvAuth struct { @@ -167,7 +164,7 @@ func (configFile *ConfigFile) SaveToWriter(writer io.Writer) error { // Save encodes and writes out all the authorization information func (configFile *ConfigFile) Save() (retErr error) { if configFile.Filename == "" { - return errors.Errorf("Can't save config with empty filename") + return errors.New("can't save config with empty filename") } dir := filepath.Dir(configFile.Filename) @@ -194,7 +191,7 @@ func (configFile *ConfigFile) Save() (retErr error) { } if err := temp.Close(); err != nil { - return errors.Wrap(err, "error closing temp file") + return fmt.Errorf("error closing temp file: %w", err) } // Handle situation where the configfile is a symlink, and allow for dangling symlinks @@ -278,11 +275,11 @@ func decodeAuth(authStr string) (string, string, error) { return "", "", err } if n > decLen { - return "", "", errors.Errorf("Something went wrong decoding auth config") + return "", "", errors.New("something went wrong decoding auth config") } userName, password, ok := strings.Cut(string(decoded), ":") if !ok || userName == "" { - return "", "", errors.Errorf("Invalid auth configuration file") + return "", "", errors.New("invalid auth configuration file") } return userName, strings.Trim(password, "\x00"), nil } diff --git a/vendor/github.com/docker/cli/cli/config/memorystore/store.go b/vendor/github.com/docker/cli/cli/config/memorystore/store.go index 267e1e3437bd..f8ec62b95a8e 100644 --- a/vendor/github.com/docker/cli/cli/config/memorystore/store.go +++ b/vendor/github.com/docker/cli/cli/config/memorystore/store.go @@ -1,4 +1,5 @@ -//go:build go1.23 +// FIXME(thaJeztah): remove once we are a module; the go:build directive prevents go from downgrading language version to go1.16: +//go:build go1.24 package memorystore diff --git a/vendor/github.com/docker/cli/cli/config/types/authconfig.go b/vendor/github.com/docker/cli/cli/config/types/authconfig.go index 95eb27c868bf..9fe90003b138 100644 --- a/vendor/github.com/docker/cli/cli/config/types/authconfig.go +++ b/vendor/github.com/docker/cli/cli/config/types/authconfig.go @@ -6,11 +6,6 @@ type AuthConfig struct { Password string `json:"password,omitempty"` Auth string `json:"auth,omitempty"` - // Email is an optional value associated with the username. - // - // Deprecated: This field is deprecated since docker 1.11 (API v1.23) and will be removed in the next release. - Email string `json:"email,omitempty"` - ServerAddress string `json:"serveraddress,omitempty"` // IdentityToken is used to authenticate the user and get diff --git a/vendor/github.com/docker/cli/cli/connhelper/commandconn/commandconn.go b/vendor/github.com/docker/cli/cli/connhelper/commandconn/commandconn.go index 4b04f8b39fb3..8084a65328b1 100644 --- a/vendor/github.com/docker/cli/cli/connhelper/commandconn/commandconn.go +++ b/vendor/github.com/docker/cli/cli/connhelper/commandconn/commandconn.go @@ -233,11 +233,9 @@ func (c *commandConn) Close() error { defer c.closing.Store(false) if err := c.CloseRead(); err != nil { - logrus.Warnf("commandConn.Close: CloseRead: %v", err) return err } if err := c.CloseWrite(); err != nil { - logrus.Warnf("commandConn.Close: CloseWrite: %v", err) return err } diff --git a/vendor/github.com/docker/cli/cli/connhelper/ssh/ssh.go b/vendor/github.com/docker/cli/cli/connhelper/ssh/ssh.go index 2fcb54a98f68..34ae267e20e4 100644 --- a/vendor/github.com/docker/cli/cli/connhelper/ssh/ssh.go +++ b/vendor/github.com/docker/cli/cli/connhelper/ssh/ssh.go @@ -175,7 +175,7 @@ func quoteCommand(commandAndArgs ...string) (string, error) { quotedCmd = a continue } - quotedCmd += " " + a + quotedCmd += " " + a //nolint:perfsprint // ignore "concat-loop"; no need to use a string-builder for this. } // each part is quoted appropriately, so now we'll have a full // shell command to pass off to "ssh" diff --git a/vendor/github.com/docker/cli/cli/context/docker/load.go b/vendor/github.com/docker/cli/cli/context/docker/load.go index e37ee4646db6..906647e0c41b 100644 --- a/vendor/github.com/docker/cli/cli/context/docker/load.go +++ b/vendor/github.com/docker/cli/cli/context/docker/load.go @@ -4,6 +4,8 @@ import ( "crypto/tls" "crypto/x509" "encoding/pem" + "errors" + "fmt" "net" "net/http" "strings" @@ -12,9 +14,8 @@ import ( "github.com/docker/cli/cli/connhelper" "github.com/docker/cli/cli/context" "github.com/docker/cli/cli/context/store" - "github.com/docker/docker/client" "github.com/docker/go-connections/tlsconfig" - "github.com/pkg/errors" + "github.com/moby/moby/client" ) // EndpointMeta is a typed wrapper around a context-store generic endpoint describing @@ -68,7 +69,7 @@ func (ep *Endpoint) tlsConfig() (*tls.Config, error) { x509cert, err := tls.X509KeyPair(ep.TLSData.Cert, keyBytes) if err != nil { - return nil, errors.Wrap(err, "failed to retrieve context tls info") + return nil, fmt.Errorf("failed to retrieve context tls info: %w", err) } tlsOpts = append(tlsOpts, func(cfg *tls.Config) { cfg.Certificates = []tls.Certificate{x509cert} @@ -156,7 +157,7 @@ func EndpointFromContext(metadata store.Metadata) (EndpointMeta, error) { } typed, ok := ep.(EndpointMeta) if !ok { - return EndpointMeta{}, errors.Errorf("endpoint %q is not of type EndpointMeta", DockerEndpoint) + return EndpointMeta{}, fmt.Errorf("endpoint %q is not of type EndpointMeta", DockerEndpoint) } return typed, nil } diff --git a/vendor/github.com/docker/cli/cli/context/store/metadatastore.go b/vendor/github.com/docker/cli/cli/context/store/metadatastore.go index deec5cc9d7b5..ecef656d89ac 100644 --- a/vendor/github.com/docker/cli/cli/context/store/metadatastore.go +++ b/vendor/github.com/docker/cli/cli/context/store/metadatastore.go @@ -1,5 +1,5 @@ // FIXME(thaJeztah): remove once we are a module; the go:build directive prevents go from downgrading language version to go1.16: -//go:build go1.23 +//go:build go1.24 package store diff --git a/vendor/github.com/docker/cli/cli/context/store/store.go b/vendor/github.com/docker/cli/cli/context/store/store.go index 91d9c19c6be8..f73b710c50cc 100644 --- a/vendor/github.com/docker/cli/cli/context/store/store.go +++ b/vendor/github.com/docker/cli/cli/context/store/store.go @@ -1,5 +1,5 @@ // FIXME(thaJeztah): remove once we are a module; the go:build directive prevents go from downgrading language version to go1.16: -//go:build go1.23 +//go:build go1.24 package store @@ -18,14 +18,9 @@ import ( "path/filepath" "strings" - "github.com/docker/cli/internal/lazyregexp" "github.com/opencontainers/go-digest" ) -const restrictedNamePattern = "^[a-zA-Z0-9][a-zA-Z0-9_.+-]+$" - -var restrictedNameRegEx = lazyregexp.New(restrictedNamePattern) - // Store provides a context store for easily remembering endpoints configuration type Store interface { Reader @@ -225,12 +220,43 @@ func ValidateContextName(name string) error { if name == "default" { return errors.New(`"default" is a reserved context name`) } - if !restrictedNameRegEx.MatchString(name) { - return fmt.Errorf("context name %q is invalid, names are validated against regexp %q", name, restrictedNamePattern) + if !isValidName(name) { + return fmt.Errorf("context name %q is invalid, names are validated against regexp %q", name, validNameFormat) } return nil } +// validNameFormat is used as part of errors for invalid context-names. +// We should consider making this less technical ("must start with "a-z", +// and only consist of alphanumeric characters and separators"). +const validNameFormat = `^[a-zA-Z0-9][a-zA-Z0-9_.+-]+$` + +// isValidName checks if the context-name is valid ("^[a-zA-Z0-9][a-zA-Z0-9_.+-]+$"). +// +// Names must start with an alphanumeric character (a-zA-Z0-9), followed by +// alphanumeric or separators ("_", ".", "+", "-"). +func isValidName(s string) bool { + if len(s) < 2 || !isAlphaNum(s[0]) { + return false + } + + for i := 1; i < len(s); i++ { + c := s[i] + if isAlphaNum(c) || c == '_' || c == '.' || c == '+' || c == '-' { + continue + } + return false + } + + return true +} + +func isAlphaNum(c byte) bool { + return (c >= 'a' && c <= 'z') || + (c >= 'A' && c <= 'Z') || + (c >= '0' && c <= '9') +} + // Export exports an existing namespace into an opaque data stream // This stream is actually a tarball containing context metadata and TLS materials, but it does // not map 1:1 the layout of the context store (don't try to restore it manually without calling store.Import) diff --git a/vendor/github.com/docker/cli/cli/context/store/storeconfig.go b/vendor/github.com/docker/cli/cli/context/store/storeconfig.go index fccbf1d1f495..1b7f33106dae 100644 --- a/vendor/github.com/docker/cli/cli/context/store/storeconfig.go +++ b/vendor/github.com/docker/cli/cli/context/store/storeconfig.go @@ -1,5 +1,5 @@ // FIXME(thaJeztah): remove once we are a module; the go:build directive prevents go from downgrading language version to go1.16: -//go:build go1.23 +//go:build go1.24 package store diff --git a/vendor/github.com/docker/cli/cli/context/tlsdata.go b/vendor/github.com/docker/cli/cli/context/tlsdata.go index c758612a1dc0..9a53d2fd0108 100644 --- a/vendor/github.com/docker/cli/cli/context/tlsdata.go +++ b/vendor/github.com/docker/cli/cli/context/tlsdata.go @@ -1,10 +1,10 @@ package context import ( + "fmt" "os" "github.com/docker/cli/cli/context/store" - "github.com/pkg/errors" "github.com/sirupsen/logrus" ) @@ -45,14 +45,14 @@ func (data *TLSData) ToStoreTLSData() *store.EndpointTLSData { func LoadTLSData(s store.Reader, contextName, endpointName string) (*TLSData, error) { tlsFiles, err := s.ListTLSFiles(contextName) if err != nil { - return nil, errors.Wrapf(err, "failed to retrieve TLS files for context %q", contextName) + return nil, fmt.Errorf("failed to retrieve TLS files for context %q: %w", contextName, err) } if epTLSFiles, ok := tlsFiles[endpointName]; ok { var tlsData TLSData for _, f := range epTLSFiles { data, err := s.GetTLSData(contextName, endpointName, f) if err != nil { - return nil, errors.Wrapf(err, "failed to retrieve TLS data (%s) for context %q", f, contextName) + return nil, fmt.Errorf("failed to retrieve TLS data (%s) for context %q: %w", f, contextName, err) } switch f { case caKey: diff --git a/vendor/github.com/docker/cli/cli/flags/options.go b/vendor/github.com/docker/cli/cli/flags/options.go index 309cb4616fa3..8c31a0f17216 100644 --- a/vendor/github.com/docker/cli/cli/flags/options.go +++ b/vendor/github.com/docker/cli/cli/flags/options.go @@ -7,8 +7,8 @@ import ( "path/filepath" "github.com/docker/cli/cli/config" - "github.com/docker/docker/client" "github.com/docker/go-connections/tlsconfig" + "github.com/moby/moby/client" "github.com/sirupsen/logrus" "github.com/spf13/pflag" ) @@ -110,22 +110,20 @@ func (o *ClientOptions) InstallFlags(flags *pflag.FlagSet) { if dockerCertPath == "" { dockerCertPath = configDir } + o.TLSOptions = &tlsconfig.Options{ + CAFile: filepath.Join(dockerCertPath, DefaultCaFile), + CertFile: filepath.Join(dockerCertPath, DefaultCertFile), + KeyFile: filepath.Join(dockerCertPath, DefaultKeyFile), + } flags.StringVar(&o.ConfigDir, "config", configDir, "Location of client config files") flags.BoolVarP(&o.Debug, "debug", "D", false, "Enable debug mode") flags.StringVarP(&o.LogLevel, "log-level", "l", "info", `Set the logging level ("debug", "info", "warn", "error", "fatal")`) flags.BoolVar(&o.TLS, "tls", dockerTLS, "Use TLS; implied by --tlsverify") flags.BoolVar(&o.TLSVerify, FlagTLSVerify, dockerTLSVerify, "Use TLS and verify the remote") - - o.TLSOptions = &tlsconfig.Options{ - CAFile: filepath.Join(dockerCertPath, DefaultCaFile), - CertFile: filepath.Join(dockerCertPath, DefaultCertFile), - KeyFile: filepath.Join(dockerCertPath, DefaultKeyFile), - } - tlsOptions := o.TLSOptions - flags.Var("edString{&tlsOptions.CAFile}, "tlscacert", "Trust certs signed only by this CA") - flags.Var("edString{&tlsOptions.CertFile}, "tlscert", "Path to TLS certificate file") - flags.Var("edString{&tlsOptions.KeyFile}, "tlskey", "Path to TLS key file") + flags.StringVar(&o.TLSOptions.CAFile, "tlscacert", o.TLSOptions.CAFile, "Trust certs signed only by this CA") + flags.StringVar(&o.TLSOptions.CertFile, "tlscert", o.TLSOptions.CertFile, "Path to TLS certificate file") + flags.StringVar(&o.TLSOptions.KeyFile, "tlskey", o.TLSOptions.KeyFile, "Path to TLS key file") // TODO(thaJeztah): show the default host. // TODO(thaJeztah): this should be a string, not an "array" as we only allow a single host. @@ -179,33 +177,3 @@ func SetLogLevel(logLevel string) { logrus.SetLevel(logrus.InfoLevel) } } - -type quotedString struct { - value *string -} - -func (s *quotedString) Set(val string) error { - *s.value = trimQuotes(val) - return nil -} - -func (*quotedString) Type() string { - return "string" -} - -func (s *quotedString) String() string { - return *s.value -} - -func trimQuotes(value string) string { - if len(value) < 2 { - return value - } - lastIndex := len(value) - 1 - for _, char := range []byte{'\'', '"'} { - if value[0] == char && value[lastIndex] == char { - return value[1:lastIndex] - } - } - return value -} diff --git a/vendor/github.com/docker/cli/cli/required.go b/vendor/github.com/docker/cli/cli/required.go index 6455e8867e0e..b6c3b1f9ca70 100644 --- a/vendor/github.com/docker/cli/cli/required.go +++ b/vendor/github.com/docker/cli/cli/required.go @@ -1,7 +1,8 @@ package cli import ( - "github.com/pkg/errors" + "fmt" + "github.com/spf13/cobra" ) @@ -12,7 +13,7 @@ func NoArgs(cmd *cobra.Command, args []string) error { } if cmd.HasSubCommands() { - return errors.Errorf( + return fmt.Errorf( "%[1]s: unknown command: %[2]s %[3]s\n\nUsage: %[4]s\n\nRun '%[2]s --help' for more information", binName(cmd), cmd.CommandPath(), @@ -21,7 +22,7 @@ func NoArgs(cmd *cobra.Command, args []string) error { ) } - return errors.Errorf( + return fmt.Errorf( "%[1]s: '%[2]s' accepts no arguments\n\nUsage: %[3]s\n\nRun '%[2]s --help' for more information", binName(cmd), cmd.CommandPath(), @@ -35,7 +36,7 @@ func RequiresMinArgs(minArgs int) cobra.PositionalArgs { if len(args) >= minArgs { return nil } - return errors.Errorf( + return fmt.Errorf( "%[1]s: '%[2]s' requires at least %[3]d %[4]s\n\nUsage: %[5]s\n\nSee '%[2]s --help' for more information", binName(cmd), cmd.CommandPath(), @@ -52,8 +53,8 @@ func RequiresMaxArgs(maxArgs int) cobra.PositionalArgs { if len(args) <= maxArgs { return nil } - return errors.Errorf( - "%[1]s: '%[2]s' requires at most %[3]d %[4]s\n\nUsage: %[5]s\n\nSRun '%[2]s --help' for more information", + return fmt.Errorf( + "%[1]s: '%[2]s' requires at most %[3]d %[4]s\n\nUsage: %[5]s\n\nRun '%[2]s --help' for more information", binName(cmd), cmd.CommandPath(), maxArgs, @@ -69,7 +70,7 @@ func RequiresRangeArgs(minArgs int, maxArgs int) cobra.PositionalArgs { if len(args) >= minArgs && len(args) <= maxArgs { return nil } - return errors.Errorf( + return fmt.Errorf( "%[1]s: '%[2]s' requires at least %[3]d and at most %[4]d %[5]s\n\nUsage: %[6]s\n\nRun '%[2]s --help' for more information", binName(cmd), cmd.CommandPath(), @@ -87,7 +88,7 @@ func ExactArgs(number int) cobra.PositionalArgs { if len(args) == number { return nil } - return errors.Errorf( + return fmt.Errorf( "%[1]s: '%[2]s' requires %[3]d %[4]s\n\nUsage: %[5]s\n\nRun '%[2]s --help' for more information", binName(cmd), cmd.CommandPath(), diff --git a/vendor/github.com/docker/cli/internal/tui/chip.go b/vendor/github.com/docker/cli/internal/tui/chip.go index 02a9b8b8bb65..c48158e75d07 100644 --- a/vendor/github.com/docker/cli/internal/tui/chip.go +++ b/vendor/github.com/docker/cli/internal/tui/chip.go @@ -1,5 +1,5 @@ // FIXME(thaJeztah): remove once we are a module; the go:build directive prevents go from downgrading language version to go1.16: -//go:build go1.23 +//go:build go1.24 package tui diff --git a/vendor/github.com/docker/cli/internal/tui/colors.go b/vendor/github.com/docker/cli/internal/tui/colors.go index d82d61dd74b1..6f1d8e6b797f 100644 --- a/vendor/github.com/docker/cli/internal/tui/colors.go +++ b/vendor/github.com/docker/cli/internal/tui/colors.go @@ -1,5 +1,5 @@ // FIXME(thaJeztah): remove once we are a module; the go:build directive prevents go from downgrading language version to go1.16: -//go:build go1.23 +//go:build go1.24 package tui diff --git a/vendor/github.com/docker/cli/internal/tui/count.go b/vendor/github.com/docker/cli/internal/tui/count.go index 5d7ebd9444c4..a626b24f83dd 100644 --- a/vendor/github.com/docker/cli/internal/tui/count.go +++ b/vendor/github.com/docker/cli/internal/tui/count.go @@ -1,5 +1,5 @@ // FIXME(thaJeztah): remove once we are a module; the go:build directive prevents go from downgrading language version to go1.16: -//go:build go1.23 +//go:build go1.24 package tui diff --git a/vendor/github.com/docker/cli/internal/tui/note.go b/vendor/github.com/docker/cli/internal/tui/note.go index d2bc0b9af85c..0d375c7aef1d 100644 --- a/vendor/github.com/docker/cli/internal/tui/note.go +++ b/vendor/github.com/docker/cli/internal/tui/note.go @@ -1,5 +1,5 @@ // FIXME(thaJeztah): remove once we are a module; the go:build directive prevents go from downgrading language version to go1.16: -//go:build go1.23 +//go:build go1.24 package tui diff --git a/vendor/github.com/docker/cli/internal/tui/output.go b/vendor/github.com/docker/cli/internal/tui/output.go index 1f526d3fbacf..2d29bda42425 100644 --- a/vendor/github.com/docker/cli/internal/tui/output.go +++ b/vendor/github.com/docker/cli/internal/tui/output.go @@ -1,5 +1,5 @@ // FIXME(thaJeztah): remove once we are a module; the go:build directive prevents go from downgrading language version to go1.16: -//go:build go1.23 +//go:build go1.24 package tui diff --git a/vendor/github.com/docker/cli/internal/tui/str.go b/vendor/github.com/docker/cli/internal/tui/str.go index c1ea9c95d3f9..82fc59f1caec 100644 --- a/vendor/github.com/docker/cli/internal/tui/str.go +++ b/vendor/github.com/docker/cli/internal/tui/str.go @@ -1,5 +1,5 @@ // FIXME(thaJeztah): remove once we are a module; the go:build directive prevents go from downgrading language version to go1.16: -//go:build go1.23 +//go:build go1.24 package tui diff --git a/vendor/github.com/docker/cli/opts/envfile_deprecated.go b/vendor/github.com/docker/cli/opts/envfile_deprecated.go deleted file mode 100644 index f2f10b1816fe..000000000000 --- a/vendor/github.com/docker/cli/opts/envfile_deprecated.go +++ /dev/null @@ -1,14 +0,0 @@ -package opts - -import ( - "os" - - "github.com/docker/cli/pkg/kvfile" -) - -// ParseEnvFile reads a file with environment variables enumerated by lines -// -// Deprecated: use [kvfile.Parse] and pass [os.LookupEnv] to lookup env-vars from the current environment. -func ParseEnvFile(filename string) ([]string, error) { - return kvfile.Parse(filename, os.LookupEnv) -} diff --git a/vendor/github.com/docker/cli/opts/gpus.go b/vendor/github.com/docker/cli/opts/gpus.go index 6a56c49c4a81..b39a3f14e727 100644 --- a/vendor/github.com/docker/cli/opts/gpus.go +++ b/vendor/github.com/docker/cli/opts/gpus.go @@ -7,7 +7,7 @@ import ( "strconv" "strings" - "github.com/docker/docker/api/types/container" + "github.com/moby/moby/api/types/container" ) // GpuOpts is a Value type for parsing mounts diff --git a/vendor/github.com/docker/cli/opts/hosts.go b/vendor/github.com/docker/cli/opts/hosts.go index 87e1a1da755b..dcbbb7e78166 100644 --- a/vendor/github.com/docker/cli/opts/hosts.go +++ b/vendor/github.com/docker/cli/opts/hosts.go @@ -32,23 +32,6 @@ const ( hostGatewayName = "host-gateway" ) -// ValidateHost validates that the specified string is a valid host and returns it. -// -// Deprecated: this function is no longer used, and will be removed in the next release. -func ValidateHost(val string) (string, error) { - host := strings.TrimSpace(val) - // The empty string means default and is not handled by parseDockerDaemonHost - if host != "" { - _, err := parseDockerDaemonHost(host) - if err != nil { - return val, err - } - } - // Note: unlike most flag validators, we don't return the mutated value here - // we need to know what the user entered later (using ParseHost) to adjust for TLS - return val, nil -} - // ParseHost and set defaults for a Daemon host string func ParseHost(defaultToTLS bool, val string) (string, error) { host := strings.TrimSpace(val) diff --git a/vendor/github.com/docker/cli/opts/mount.go b/vendor/github.com/docker/cli/opts/mount.go index 05c1cd0b03bd..0ac252f31187 100644 --- a/vendor/github.com/docker/cli/opts/mount.go +++ b/vendor/github.com/docker/cli/opts/mount.go @@ -9,9 +9,8 @@ import ( "strconv" "strings" - mounttypes "github.com/docker/docker/api/types/mount" "github.com/docker/go-units" - "github.com/sirupsen/logrus" + mounttypes "github.com/moby/moby/api/types/mount" ) // MountOpt is a Value type for parsing mounts @@ -88,8 +87,7 @@ func (m *MountOpt) Set(value string) error { volumeOptions().NoCopy = true continue case "bind-nonrecursive": - bindOptions().NonRecursive = true - continue + return errors.New("bind-nonrecursive is deprecated, use bind-recursive=disabled instead") default: return fmt.Errorf("invalid field '%s' must be a key=value pair", field) } @@ -117,16 +115,12 @@ func (m *MountOpt) Set(value string) error { case "bind-propagation": bindOptions().Propagation = mounttypes.Propagation(strings.ToLower(val)) case "bind-nonrecursive": - bindOptions().NonRecursive, err = strconv.ParseBool(val) - if err != nil { - return fmt.Errorf("invalid value for %s: %s", key, val) - } - logrus.Warn("bind-nonrecursive is deprecated, use bind-recursive=disabled instead") + return errors.New("bind-nonrecursive is deprecated, use bind-recursive=disabled instead") case "bind-recursive": switch val { case "enabled": // read-only mounts are recursively read-only if Engine >= v25 && kernel >= v5.12, otherwise writable // NOP - case "disabled": // alias of bind-nonrecursive=true + case "disabled": // previously "bind-nonrecursive=true" bindOptions().NonRecursive = true case "writable": // conforms to the default read-only bind-mount of Docker v24; read-only mounts are recursively mounted but not recursively read-only bindOptions().ReadOnlyNonRecursive = true diff --git a/vendor/github.com/docker/cli/opts/network.go b/vendor/github.com/docker/cli/opts/network.go index 43b3a09d4151..489ef8be3971 100644 --- a/vendor/github.com/docker/cli/opts/network.go +++ b/vendor/github.com/docker/cli/opts/network.go @@ -4,6 +4,7 @@ import ( "encoding/csv" "errors" "fmt" + "net/netip" "regexp" "strconv" "strings" @@ -26,9 +27,9 @@ type NetworkAttachmentOpts struct { Aliases []string DriverOpts map[string]string Links []string // TODO add support for links in the csv notation of `--network` - IPv4Address string - IPv6Address string - LinkLocalIPs []string + IPv4Address netip.Addr + IPv6Address netip.Addr + LinkLocalIPs []netip.Addr MacAddress string GwPriority int } @@ -70,13 +71,23 @@ func (n *NetworkOpt) Set(value string) error { //nolint:gocyclo case networkOptAlias: netOpt.Aliases = append(netOpt.Aliases, val) case networkOptIPv4Address: - netOpt.IPv4Address = val + netOpt.IPv4Address, err = netip.ParseAddr(val) + if err != nil { + return err + } case networkOptIPv6Address: - netOpt.IPv6Address = val + netOpt.IPv6Address, err = netip.ParseAddr(val) + if err != nil { + return err + } case networkOptMacAddress: netOpt.MacAddress = val case networkOptLinkLocalIP: - netOpt.LinkLocalIPs = append(netOpt.LinkLocalIPs, val) + a, err := netip.ParseAddr(val) + if err != nil { + return err + } + netOpt.LinkLocalIPs = append(netOpt.LinkLocalIPs, a) case driverOpt: key, val, err = parseDriverOpt(val) if err != nil { diff --git a/vendor/github.com/docker/cli/opts/opts.go b/vendor/github.com/docker/cli/opts/opts.go index 94eda0560a17..0b8979b6b6c6 100644 --- a/vendor/github.com/docker/cli/opts/opts.go +++ b/vendor/github.com/docker/cli/opts/opts.go @@ -1,6 +1,7 @@ package opts import ( + "encoding/json" "errors" "fmt" "math/big" @@ -9,8 +10,8 @@ import ( "strings" "github.com/docker/cli/internal/lazyregexp" - "github.com/docker/docker/api/types/filters" "github.com/docker/go-units" + "github.com/moby/moby/client" ) var ( @@ -60,6 +61,8 @@ func (opts *ListOpts) Set(value string) error { } // Delete removes the specified element from the slice. +// +// Deprecated: this method is no longer used and will be removed in the next release. func (opts *ListOpts) Delete(key string) { for i, k := range *opts.values { if k == key { @@ -79,13 +82,6 @@ func (opts *ListOpts) GetMap() map[string]struct{} { return ret } -// GetAll returns the values of slice. -// -// Deprecated: use [ListOpts.GetSlice] instead. This method will be removed in a future release. -func (opts *ListOpts) GetAll() []string { - return *opts.values -} - // GetSlice returns the values of slice. // // It implements [cobra.SliceValue] to allow shell completion to be provided @@ -132,43 +128,6 @@ func (opts *ListOpts) WithValidator(validator ValidatorFctType) *ListOpts { return opts } -// NamedOption is an interface that list and map options -// with names implement. -// -// Deprecated: NamedOption is no longer used and will be removed in the next release. -type NamedOption interface { - Name() string -} - -// NamedListOpts is a ListOpts with a configuration name. -// This struct is useful to keep reference to the assigned -// field name in the internal configuration struct. -// -// Deprecated: NamedListOpts is no longer used and will be removed in the next release. -type NamedListOpts struct { - name string - ListOpts -} - -var _ NamedOption = &NamedListOpts{} - -// NewNamedListOptsRef creates a reference to a new NamedListOpts struct. -// -// Deprecated: NewNamedListOptsRef is no longer used and will be removed in the next release. -func NewNamedListOptsRef(name string, values *[]string, validator ValidatorFctType) *NamedListOpts { - return &NamedListOpts{ - name: name, - ListOpts: *NewListOptsRef(values, validator), - } -} - -// Name returns the name of the NamedListOpts in the configuration. -// -// Deprecated: NamedListOpts is no longer used and will be removed in the next release. -func (o *NamedListOpts) Name() string { - return o.name -} - // MapOpts holds a map of values and a validation function. type MapOpts struct { values map[string]string @@ -215,35 +174,6 @@ func NewMapOpts(values map[string]string, validator ValidatorFctType) *MapOpts { } } -// NamedMapOpts is a MapOpts struct with a configuration name. -// This struct is useful to keep reference to the assigned -// field name in the internal configuration struct. -// -// Deprecated: NamedMapOpts is no longer used and will be removed in the next release. -type NamedMapOpts struct { - name string - MapOpts -} - -var _ NamedOption = &NamedMapOpts{} - -// NewNamedMapOpts creates a reference to a new NamedMapOpts struct. -// -// Deprecated: NamedMapOpts is no longer used and will be removed in the next release. -func NewNamedMapOpts(name string, values map[string]string, validator ValidatorFctType) *NamedMapOpts { - return &NamedMapOpts{ - name: name, - MapOpts: *NewMapOpts(values, validator), - } -} - -// Name returns the name of the NamedMapOpts in the configuration. -// -// Deprecated: NamedMapOpts is no longer used and will be removed in the next release. -func (o *NamedMapOpts) Name() string { - return o.name -} - // ValidatorFctType defines a validator function that returns a validated string and/or an error. type ValidatorFctType func(val string) (string, error) @@ -264,6 +194,8 @@ func ValidateIPAddress(val string) (string, error) { } // ValidateMACAddress validates a MAC address. +// +// Deprecated: use [net.ParseMAC]. This function will be removed in the next release. func ValidateMACAddress(val string) (string, error) { _, err := net.ParseMAC(strings.TrimSpace(val)) if err != nil { @@ -350,20 +282,23 @@ func ValidateSysctl(val string) (string, error) { // FilterOpt is a flag type for validating filters type FilterOpt struct { - filter filters.Args + filter client.Filters } // NewFilterOpt returns a new FilterOpt func NewFilterOpt() FilterOpt { - return FilterOpt{filter: filters.NewArgs()} + return FilterOpt{filter: make(client.Filters)} } func (o *FilterOpt) String() string { - repr, err := filters.ToJSON(o.filter) + if o == nil || len(o.filter) == 0 { + return "" + } + repr, err := json.Marshal(o.filter) if err != nil { return "invalid filters" } - return repr + return string(repr) } // Set sets the value of the opt by parsing the command line value @@ -389,7 +324,7 @@ func (*FilterOpt) Type() string { } // Value returns the value of this option -func (o *FilterOpt) Value() filters.Args { +func (o *FilterOpt) Value() client.Filters { return o.filter } diff --git a/vendor/github.com/docker/cli/opts/parse.go b/vendor/github.com/docker/cli/opts/parse.go index 996d4d7e7a2d..c04fc7d4b8bb 100644 --- a/vendor/github.com/docker/cli/opts/parse.go +++ b/vendor/github.com/docker/cli/opts/parse.go @@ -7,7 +7,7 @@ import ( "strings" "github.com/docker/cli/pkg/kvfile" - "github.com/docker/docker/api/types/container" + "github.com/moby/moby/api/types/container" ) // ReadKVStrings reads a file of line terminated key=value pairs, and overrides any keys diff --git a/vendor/github.com/docker/cli/opts/quotedstring.go b/vendor/github.com/docker/cli/opts/quotedstring.go deleted file mode 100644 index d1d8b09a1fec..000000000000 --- a/vendor/github.com/docker/cli/opts/quotedstring.go +++ /dev/null @@ -1,44 +0,0 @@ -package opts - -// QuotedString is a string that may have extra quotes around the value. The -// quotes are stripped from the value. -// -// Deprecated: This option type is no longer used and will be removed in the next release. -type QuotedString struct { - value *string -} - -// Set sets a new value -func (s *QuotedString) Set(val string) error { - *s.value = trimQuotes(val) - return nil -} - -// Type returns the type of the value -func (*QuotedString) Type() string { - return "string" -} - -func (s *QuotedString) String() string { - return *s.value -} - -func trimQuotes(value string) string { - if len(value) < 2 { - return value - } - lastIndex := len(value) - 1 - for _, char := range []byte{'\'', '"'} { - if value[0] == char && value[lastIndex] == char { - return value[1:lastIndex] - } - } - return value -} - -// NewQuotedString returns a new quoted string option -// -// Deprecated: This option type is no longer used and will be removed in the next release. -func NewQuotedString(value *string) *QuotedString { - return &QuotedString{value: value} -} diff --git a/vendor/github.com/docker/cli/opts/throttledevice.go b/vendor/github.com/docker/cli/opts/throttledevice.go index 46b09185c72a..bc759820e02d 100644 --- a/vendor/github.com/docker/cli/opts/throttledevice.go +++ b/vendor/github.com/docker/cli/opts/throttledevice.go @@ -5,8 +5,8 @@ import ( "strconv" "strings" - "github.com/docker/docker/api/types/blkiodev" "github.com/docker/go-units" + "github.com/moby/moby/api/types/blkiodev" ) // ValidatorThrottleFctType defines a validator function that returns a validated struct and/or an error. diff --git a/vendor/github.com/docker/cli/opts/ulimit.go b/vendor/github.com/docker/cli/opts/ulimit.go index 48052c887c21..aa88bce71a24 100644 --- a/vendor/github.com/docker/cli/opts/ulimit.go +++ b/vendor/github.com/docker/cli/opts/ulimit.go @@ -4,8 +4,8 @@ import ( "fmt" "sort" - "github.com/docker/docker/api/types/container" "github.com/docker/go-units" + "github.com/moby/moby/api/types/container" ) // UlimitOpt defines a map of Ulimits diff --git a/vendor/github.com/docker/cli/opts/weightdevice.go b/vendor/github.com/docker/cli/opts/weightdevice.go index 036c7c8c50c8..4476548fd36e 100644 --- a/vendor/github.com/docker/cli/opts/weightdevice.go +++ b/vendor/github.com/docker/cli/opts/weightdevice.go @@ -5,7 +5,7 @@ import ( "strconv" "strings" - "github.com/docker/docker/api/types/blkiodev" + "github.com/moby/moby/api/types/blkiodev" ) // ValidatorWeightFctType defines a validator function that returns a validated struct and/or an error. diff --git a/vendor/github.com/docker/cli/templates/templates.go b/vendor/github.com/docker/cli/templates/templates.go index 4af4496d19a1..e339050abb3f 100644 --- a/vendor/github.com/docker/cli/templates/templates.go +++ b/vendor/github.com/docker/cli/templates/templates.go @@ -1,5 +1,5 @@ // FIXME(thaJeztah): remove once we are a module; the go:build directive prevents go from downgrading language version to go1.16: -//go:build go1.23 +//go:build go1.24 package templates @@ -13,18 +13,7 @@ import ( // basicFunctions are the set of initial // functions provided to every template. var basicFunctions = template.FuncMap{ - "json": func(v any) string { - buf := &bytes.Buffer{} - enc := json.NewEncoder(buf) - enc.SetEscapeHTML(false) - err := enc.Encode(v) - if err != nil { - panic(err) - } - - // Remove the trailing new line added by the encoder - return strings.TrimSpace(buf.String()) - }, + "json": formatJSON, "split": strings.Split, "join": strings.Join, "title": strings.Title, //nolint:nolintlint,staticcheck // strings.Title is deprecated, but we only use it for ASCII, so replacing with golang.org/x/text is out of scope @@ -80,14 +69,6 @@ func New(tag string) *template.Template { return template.New(tag).Funcs(basicFunctions) } -// NewParse creates a new tagged template with the basic functions -// and parses the given format. -// -// Deprecated: this function is unused and will be removed in the next release. Use [New] if you need to set a tag, or [Parse] instead. -func NewParse(tag, format string) (*template.Template, error) { - return template.New(tag).Funcs(basicFunctions).Parse(format) -} - // padWithSpace adds whitespace to the input if the input is non-empty func padWithSpace(source string, prefix, suffix int) string { if source == "" { @@ -103,3 +84,16 @@ func truncateWithLength(source string, length int) string { } return source[:length] } + +func formatJSON(v any) string { + buf := &bytes.Buffer{} + enc := json.NewEncoder(buf) + enc.SetEscapeHTML(false) + err := enc.Encode(v) + if err != nil { + panic(err) + } + + // Remove the trailing new line added by the encoder + return strings.TrimSpace(buf.String()) +} diff --git a/vendor/github.com/docker/docker/api/README.md b/vendor/github.com/docker/docker/api/README.md deleted file mode 100644 index 381f19881fad..000000000000 --- a/vendor/github.com/docker/docker/api/README.md +++ /dev/null @@ -1,42 +0,0 @@ -# Working on the Engine API - -The Engine API is an HTTP API used by the command-line client to communicate with the daemon. It can also be used by third-party software to control the daemon. - -It consists of various components in this repository: - -- `api/swagger.yaml` A Swagger definition of the API. -- `api/types/` Types shared by both the client and server, representing various objects, options, responses, etc. Most are written manually, but some are automatically generated from the Swagger definition. See [#27919](https://github.com/docker/docker/issues/27919) for progress on this. -- `cli/` The command-line client. -- `client/` The Go client used by the command-line client. It can also be used by third-party Go programs. -- `daemon/` The daemon, which serves the API. - -## Swagger definition - -The API is defined by the [Swagger](http://swagger.io/specification/) definition in `api/swagger.yaml`. This definition can be used to: - -1. Automatically generate documentation. -2. Automatically generate the Go server and client. (A work-in-progress.) -3. Provide a machine readable version of the API for introspecting what it can do, automatically generating clients for other languages, etc. - -## Updating the API documentation - -The API documentation is generated entirely from `api/swagger.yaml`. If you make updates to the API, edit this file to represent the change in the documentation. - -The file is split into two main sections: - -- `definitions`, which defines re-usable objects used in requests and responses -- `paths`, which defines the API endpoints (and some inline objects which don't need to be reusable) - -To make an edit, first look for the endpoint you want to edit under `paths`, then make the required edits. Endpoints may reference reusable objects with `$ref`, which can be found in the `definitions` section. - -There is hopefully enough example material in the file for you to copy a similar pattern from elsewhere in the file (e.g. adding new fields or endpoints), but for the full reference, see the [Swagger specification](https://github.com/docker/docker/issues/27919). - -`swagger.yaml` is validated by `hack/validate/swagger` to ensure it is a valid Swagger definition. This is useful when making edits to ensure you are doing the right thing. - -## Viewing the API documentation - -When you make edits to `swagger.yaml`, you may want to check the generated API documentation to ensure it renders correctly. - -Run `make swagger-docs` and a preview will be running at `http://localhost:9000`. Some of the styling may be incorrect, but you'll be able to ensure that it is generating the correct documentation. - -The production documentation is generated by vendoring `swagger.yaml` into [docker/docker.github.io](https://github.com/docker/docker.github.io). diff --git a/vendor/github.com/docker/docker/api/common.go b/vendor/github.com/docker/docker/api/common.go deleted file mode 100644 index 702d3dcae4f9..000000000000 --- a/vendor/github.com/docker/docker/api/common.go +++ /dev/null @@ -1,20 +0,0 @@ -package api - -// Common constants for daemon and client. -const ( - // DefaultVersion of the current REST API. - DefaultVersion = "1.51" - - // MinSupportedAPIVersion is the minimum API version that can be supported - // by the API server, specified as "major.minor". Note that the daemon - // may be configured with a different minimum API version, as returned - // in [github.com/docker/docker/api/types.Version.MinAPIVersion]. - // - // API requests for API versions lower than the configured version produce - // an error. - MinSupportedAPIVersion = "1.24" - - // NoBaseImageSpecifier is the symbol used by the FROM - // command to specify that no base image is to be used. - NoBaseImageSpecifier = "scratch" -) diff --git a/vendor/github.com/docker/docker/api/swagger-gen.yaml b/vendor/github.com/docker/docker/api/swagger-gen.yaml deleted file mode 100644 index f07a02737f73..000000000000 --- a/vendor/github.com/docker/docker/api/swagger-gen.yaml +++ /dev/null @@ -1,12 +0,0 @@ - -layout: - models: - - name: definition - source: asset:model - target: "{{ joinFilePath .Target .ModelPackage }}" - file_name: "{{ (snakize (pascalize .Name)) }}.go" - operations: - - name: handler - source: asset:serverOperation - target: "{{ joinFilePath .Target .APIPackage .Package }}" - file_name: "{{ (snakize (pascalize .Name)) }}.go" diff --git a/vendor/github.com/docker/docker/api/swagger.yaml b/vendor/github.com/docker/docker/api/swagger.yaml deleted file mode 100644 index 6ca2c2b0863f..000000000000 --- a/vendor/github.com/docker/docker/api/swagger.yaml +++ /dev/null @@ -1,13387 +0,0 @@ -# A Swagger 2.0 (a.k.a. OpenAPI) definition of the Engine API. -# -# This is used for generating API documentation and the types used by the -# client/server. See api/README.md for more information. -# -# Some style notes: -# - This file is used by ReDoc, which allows GitHub Flavored Markdown in -# descriptions. -# - There is no maximum line length, for ease of editing and pretty diffs. -# - operationIds are in the format "NounVerb", with a singular noun. - -swagger: "2.0" -schemes: - - "http" - - "https" -produces: - - "application/json" - - "text/plain" -consumes: - - "application/json" - - "text/plain" -basePath: "/v1.51" -info: - title: "Docker Engine API" - version: "1.51" - x-logo: - url: "https://docs.docker.com/assets/images/logo-docker-main.png" - description: | - The Engine API is an HTTP API served by Docker Engine. It is the API the - Docker client uses to communicate with the Engine, so everything the Docker - client can do can be done with the API. - - Most of the client's commands map directly to API endpoints (e.g. `docker ps` - is `GET /containers/json`). The notable exception is running containers, - which consists of several API calls. - - # Errors - - The API uses standard HTTP status codes to indicate the success or failure - of the API call. The body of the response will be JSON in the following - format: - - ``` - { - "message": "page not found" - } - ``` - - # Versioning - - The API is usually changed in each release, so API calls are versioned to - ensure that clients don't break. To lock to a specific version of the API, - you prefix the URL with its version, for example, call `/v1.30/info` to use - the v1.30 version of the `/info` endpoint. If the API version specified in - the URL is not supported by the daemon, a HTTP `400 Bad Request` error message - is returned. - - If you omit the version-prefix, the current version of the API (v1.50) is used. - For example, calling `/info` is the same as calling `/v1.51/info`. Using the - API without a version-prefix is deprecated and will be removed in a future release. - - Engine releases in the near future should support this version of the API, - so your client will continue to work even if it is talking to a newer Engine. - - The API uses an open schema model, which means the server may add extra properties - to responses. Likewise, the server will ignore any extra query parameters and - request body properties. When you write clients, you need to ignore additional - properties in responses to ensure they do not break when talking to newer - daemons. - - - # Authentication - - Authentication for registries is handled client side. The client has to send - authentication details to various endpoints that need to communicate with - registries, such as `POST /images/(name)/push`. These are sent as - `X-Registry-Auth` header as a [base64url encoded](https://tools.ietf.org/html/rfc4648#section-5) - (JSON) string with the following structure: - - ``` - { - "username": "string", - "password": "string", - "serveraddress": "string" - } - ``` - - The `serveraddress` is a domain/IP without a protocol. Throughout this - structure, double quotes are required. - - If you have already got an identity token from the [`/auth` endpoint](#operation/SystemAuth), - you can just pass this instead of credentials: - - ``` - { - "identitytoken": "9cbaf023786cd7..." - } - ``` - -# The tags on paths define the menu sections in the ReDoc documentation, so -# the usage of tags must make sense for that: -# - They should be singular, not plural. -# - There should not be too many tags, or the menu becomes unwieldy. For -# example, it is preferable to add a path to the "System" tag instead of -# creating a tag with a single path in it. -# - The order of tags in this list defines the order in the menu. -tags: - # Primary objects - - name: "Container" - x-displayName: "Containers" - description: | - Create and manage containers. - - name: "Image" - x-displayName: "Images" - - name: "Network" - x-displayName: "Networks" - description: | - Networks are user-defined networks that containers can be attached to. - See the [networking documentation](https://docs.docker.com/network/) - for more information. - - name: "Volume" - x-displayName: "Volumes" - description: | - Create and manage persistent storage that can be attached to containers. - - name: "Exec" - x-displayName: "Exec" - description: | - Run new commands inside running containers. Refer to the - [command-line reference](https://docs.docker.com/engine/reference/commandline/exec/) - for more information. - - To exec a command in a container, you first need to create an exec instance, - then start it. These two API endpoints are wrapped up in a single command-line - command, `docker exec`. - - # Swarm things - - name: "Swarm" - x-displayName: "Swarm" - description: | - Engines can be clustered together in a swarm. Refer to the - [swarm mode documentation](https://docs.docker.com/engine/swarm/) - for more information. - - name: "Node" - x-displayName: "Nodes" - description: | - Nodes are instances of the Engine participating in a swarm. Swarm mode - must be enabled for these endpoints to work. - - name: "Service" - x-displayName: "Services" - description: | - Services are the definitions of tasks to run on a swarm. Swarm mode must - be enabled for these endpoints to work. - - name: "Task" - x-displayName: "Tasks" - description: | - A task is a container running on a swarm. It is the atomic scheduling unit - of swarm. Swarm mode must be enabled for these endpoints to work. - - name: "Secret" - x-displayName: "Secrets" - description: | - Secrets are sensitive data that can be used by services. Swarm mode must - be enabled for these endpoints to work. - - name: "Config" - x-displayName: "Configs" - description: | - Configs are application configurations that can be used by services. Swarm - mode must be enabled for these endpoints to work. - # System things - - name: "Plugin" - x-displayName: "Plugins" - - name: "System" - x-displayName: "System" - -definitions: - Port: - type: "object" - description: "An open port on a container" - required: [PrivatePort, Type] - properties: - IP: - type: "string" - format: "ip-address" - description: "Host IP address that the container's port is mapped to" - PrivatePort: - type: "integer" - format: "uint16" - x-nullable: false - description: "Port on the container" - PublicPort: - type: "integer" - format: "uint16" - description: "Port exposed on the host" - Type: - type: "string" - x-nullable: false - enum: ["tcp", "udp", "sctp"] - example: - PrivatePort: 8080 - PublicPort: 80 - Type: "tcp" - - MountPoint: - type: "object" - description: | - MountPoint represents a mount point configuration inside the container. - This is used for reporting the mountpoints in use by a container. - properties: - Type: - description: | - The mount type: - - - `bind` a mount of a file or directory from the host into the container. - - `volume` a docker volume with the given `Name`. - - `image` a docker image - - `tmpfs` a `tmpfs`. - - `npipe` a named pipe from the host into the container. - - `cluster` a Swarm cluster volume - type: "string" - enum: - - "bind" - - "volume" - - "image" - - "tmpfs" - - "npipe" - - "cluster" - example: "volume" - Name: - description: | - Name is the name reference to the underlying data defined by `Source` - e.g., the volume name. - type: "string" - example: "myvolume" - Source: - description: | - Source location of the mount. - - For volumes, this contains the storage location of the volume (within - `/var/lib/docker/volumes/`). For bind-mounts, and `npipe`, this contains - the source (host) part of the bind-mount. For `tmpfs` mount points, this - field is empty. - type: "string" - example: "/var/lib/docker/volumes/myvolume/_data" - Destination: - description: | - Destination is the path relative to the container root (`/`) where - the `Source` is mounted inside the container. - type: "string" - example: "/usr/share/nginx/html/" - Driver: - description: | - Driver is the volume driver used to create the volume (if it is a volume). - type: "string" - example: "local" - Mode: - description: | - Mode is a comma separated list of options supplied by the user when - creating the bind/volume mount. - - The default is platform-specific (`"z"` on Linux, empty on Windows). - type: "string" - example: "z" - RW: - description: | - Whether the mount is mounted writable (read-write). - type: "boolean" - example: true - Propagation: - description: | - Propagation describes how mounts are propagated from the host into the - mount point, and vice-versa. Refer to the [Linux kernel documentation](https://www.kernel.org/doc/Documentation/filesystems/sharedsubtree.txt) - for details. This field is not used on Windows. - type: "string" - example: "" - - DeviceMapping: - type: "object" - description: "A device mapping between the host and container" - properties: - PathOnHost: - type: "string" - PathInContainer: - type: "string" - CgroupPermissions: - type: "string" - example: - PathOnHost: "/dev/deviceName" - PathInContainer: "/dev/deviceName" - CgroupPermissions: "mrw" - - DeviceRequest: - type: "object" - description: "A request for devices to be sent to device drivers" - properties: - Driver: - type: "string" - example: "nvidia" - Count: - type: "integer" - example: -1 - DeviceIDs: - type: "array" - items: - type: "string" - example: - - "0" - - "1" - - "GPU-fef8089b-4820-abfc-e83e-94318197576e" - Capabilities: - description: | - A list of capabilities; an OR list of AND lists of capabilities. - type: "array" - items: - type: "array" - items: - type: "string" - example: - # gpu AND nvidia AND compute - - ["gpu", "nvidia", "compute"] - Options: - description: | - Driver-specific options, specified as a key/value pairs. These options - are passed directly to the driver. - type: "object" - additionalProperties: - type: "string" - - ThrottleDevice: - type: "object" - properties: - Path: - description: "Device path" - type: "string" - Rate: - description: "Rate" - type: "integer" - format: "int64" - minimum: 0 - - Mount: - type: "object" - properties: - Target: - description: "Container path." - type: "string" - Source: - description: "Mount source (e.g. a volume name, a host path)." - type: "string" - Type: - description: | - The mount type. Available types: - - - `bind` Mounts a file or directory from the host into the container. Must exist prior to creating the container. - - `volume` Creates a volume with the given name and options (or uses a pre-existing volume with the same name and options). These are **not** removed when the container is removed. - - `image` Mounts an image. - - `tmpfs` Create a tmpfs with the given options. The mount source cannot be specified for tmpfs. - - `npipe` Mounts a named pipe from the host into the container. Must exist prior to creating the container. - - `cluster` a Swarm cluster volume - type: "string" - enum: - - "bind" - - "volume" - - "image" - - "tmpfs" - - "npipe" - - "cluster" - ReadOnly: - description: "Whether the mount should be read-only." - type: "boolean" - Consistency: - description: "The consistency requirement for the mount: `default`, `consistent`, `cached`, or `delegated`." - type: "string" - BindOptions: - description: "Optional configuration for the `bind` type." - type: "object" - properties: - Propagation: - description: "A propagation mode with the value `[r]private`, `[r]shared`, or `[r]slave`." - type: "string" - enum: - - "private" - - "rprivate" - - "shared" - - "rshared" - - "slave" - - "rslave" - NonRecursive: - description: "Disable recursive bind mount." - type: "boolean" - default: false - CreateMountpoint: - description: "Create mount point on host if missing" - type: "boolean" - default: false - ReadOnlyNonRecursive: - description: | - Make the mount non-recursively read-only, but still leave the mount recursive - (unless NonRecursive is set to `true` in conjunction). - - Added in v1.44, before that version all read-only mounts were - non-recursive by default. To match the previous behaviour this - will default to `true` for clients on versions prior to v1.44. - type: "boolean" - default: false - ReadOnlyForceRecursive: - description: "Raise an error if the mount cannot be made recursively read-only." - type: "boolean" - default: false - VolumeOptions: - description: "Optional configuration for the `volume` type." - type: "object" - properties: - NoCopy: - description: "Populate volume with data from the target." - type: "boolean" - default: false - Labels: - description: "User-defined key/value metadata." - type: "object" - additionalProperties: - type: "string" - DriverConfig: - description: "Map of driver specific options" - type: "object" - properties: - Name: - description: "Name of the driver to use to create the volume." - type: "string" - Options: - description: "key/value map of driver specific options." - type: "object" - additionalProperties: - type: "string" - Subpath: - description: "Source path inside the volume. Must be relative without any back traversals." - type: "string" - example: "dir-inside-volume/subdirectory" - ImageOptions: - description: "Optional configuration for the `image` type." - type: "object" - properties: - Subpath: - description: "Source path inside the image. Must be relative without any back traversals." - type: "string" - example: "dir-inside-image/subdirectory" - TmpfsOptions: - description: "Optional configuration for the `tmpfs` type." - type: "object" - properties: - SizeBytes: - description: "The size for the tmpfs mount in bytes." - type: "integer" - format: "int64" - Mode: - description: "The permission mode for the tmpfs mount in an integer." - type: "integer" - Options: - description: | - The options to be passed to the tmpfs mount. An array of arrays. - Flag options should be provided as 1-length arrays. Other types - should be provided as as 2-length arrays, where the first item is - the key and the second the value. - type: "array" - items: - type: "array" - minItems: 1 - maxItems: 2 - items: - type: "string" - example: - [["noexec"]] - - RestartPolicy: - description: | - The behavior to apply when the container exits. The default is not to - restart. - - An ever increasing delay (double the previous delay, starting at 100ms) is - added before each restart to prevent flooding the server. - type: "object" - properties: - Name: - type: "string" - description: | - - Empty string means not to restart - - `no` Do not automatically restart - - `always` Always restart - - `unless-stopped` Restart always except when the user has manually stopped the container - - `on-failure` Restart only when the container exit code is non-zero - enum: - - "" - - "no" - - "always" - - "unless-stopped" - - "on-failure" - MaximumRetryCount: - type: "integer" - description: | - If `on-failure` is used, the number of times to retry before giving up. - - Resources: - description: "A container's resources (cgroups config, ulimits, etc)" - type: "object" - properties: - # Applicable to all platforms - CpuShares: - description: | - An integer value representing this container's relative CPU weight - versus other containers. - type: "integer" - Memory: - description: "Memory limit in bytes." - type: "integer" - format: "int64" - default: 0 - # Applicable to UNIX platforms - CgroupParent: - description: | - Path to `cgroups` under which the container's `cgroup` is created. If - the path is not absolute, the path is considered to be relative to the - `cgroups` path of the init process. Cgroups are created if they do not - already exist. - type: "string" - BlkioWeight: - description: "Block IO weight (relative weight)." - type: "integer" - minimum: 0 - maximum: 1000 - BlkioWeightDevice: - description: | - Block IO weight (relative device weight) in the form: - - ``` - [{"Path": "device_path", "Weight": weight}] - ``` - type: "array" - items: - type: "object" - properties: - Path: - type: "string" - Weight: - type: "integer" - minimum: 0 - BlkioDeviceReadBps: - description: | - Limit read rate (bytes per second) from a device, in the form: - - ``` - [{"Path": "device_path", "Rate": rate}] - ``` - type: "array" - items: - $ref: "#/definitions/ThrottleDevice" - BlkioDeviceWriteBps: - description: | - Limit write rate (bytes per second) to a device, in the form: - - ``` - [{"Path": "device_path", "Rate": rate}] - ``` - type: "array" - items: - $ref: "#/definitions/ThrottleDevice" - BlkioDeviceReadIOps: - description: | - Limit read rate (IO per second) from a device, in the form: - - ``` - [{"Path": "device_path", "Rate": rate}] - ``` - type: "array" - items: - $ref: "#/definitions/ThrottleDevice" - BlkioDeviceWriteIOps: - description: | - Limit write rate (IO per second) to a device, in the form: - - ``` - [{"Path": "device_path", "Rate": rate}] - ``` - type: "array" - items: - $ref: "#/definitions/ThrottleDevice" - CpuPeriod: - description: "The length of a CPU period in microseconds." - type: "integer" - format: "int64" - CpuQuota: - description: | - Microseconds of CPU time that the container can get in a CPU period. - type: "integer" - format: "int64" - CpuRealtimePeriod: - description: | - The length of a CPU real-time period in microseconds. Set to 0 to - allocate no time allocated to real-time tasks. - type: "integer" - format: "int64" - CpuRealtimeRuntime: - description: | - The length of a CPU real-time runtime in microseconds. Set to 0 to - allocate no time allocated to real-time tasks. - type: "integer" - format: "int64" - CpusetCpus: - description: | - CPUs in which to allow execution (e.g., `0-3`, `0,1`). - type: "string" - example: "0-3" - CpusetMems: - description: | - Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only - effective on NUMA systems. - type: "string" - Devices: - description: "A list of devices to add to the container." - type: "array" - items: - $ref: "#/definitions/DeviceMapping" - DeviceCgroupRules: - description: "a list of cgroup rules to apply to the container" - type: "array" - items: - type: "string" - example: "c 13:* rwm" - DeviceRequests: - description: | - A list of requests for devices to be sent to device drivers. - type: "array" - items: - $ref: "#/definitions/DeviceRequest" - KernelMemoryTCP: - description: | - Hard limit for kernel TCP buffer memory (in bytes). Depending on the - OCI runtime in use, this option may be ignored. It is no longer supported - by the default (runc) runtime. - - This field is omitted when empty. - - **Deprecated**: This field is deprecated as kernel 6.12 has deprecated `memory.kmem.tcp.limit_in_bytes` field - for cgroups v1. This field will be removed in a future release. - type: "integer" - format: "int64" - MemoryReservation: - description: "Memory soft limit in bytes." - type: "integer" - format: "int64" - MemorySwap: - description: | - Total memory limit (memory + swap). Set as `-1` to enable unlimited - swap. - type: "integer" - format: "int64" - MemorySwappiness: - description: | - Tune a container's memory swappiness behavior. Accepts an integer - between 0 and 100. - type: "integer" - format: "int64" - minimum: 0 - maximum: 100 - NanoCpus: - description: "CPU quota in units of 10-9 CPUs." - type: "integer" - format: "int64" - OomKillDisable: - description: "Disable OOM Killer for the container." - type: "boolean" - Init: - description: | - Run an init inside the container that forwards signals and reaps - processes. This field is omitted if empty, and the default (as - configured on the daemon) is used. - type: "boolean" - x-nullable: true - PidsLimit: - description: | - Tune a container's PIDs limit. Set `0` or `-1` for unlimited, or `null` - to not change. - type: "integer" - format: "int64" - x-nullable: true - Ulimits: - description: | - A list of resource limits to set in the container. For example: - - ``` - {"Name": "nofile", "Soft": 1024, "Hard": 2048} - ``` - type: "array" - items: - type: "object" - properties: - Name: - description: "Name of ulimit" - type: "string" - Soft: - description: "Soft limit" - type: "integer" - Hard: - description: "Hard limit" - type: "integer" - # Applicable to Windows - CpuCount: - description: | - The number of usable CPUs (Windows only). - - On Windows Server containers, the processor resource controls are - mutually exclusive. The order of precedence is `CPUCount` first, then - `CPUShares`, and `CPUPercent` last. - type: "integer" - format: "int64" - CpuPercent: - description: | - The usable percentage of the available CPUs (Windows only). - - On Windows Server containers, the processor resource controls are - mutually exclusive. The order of precedence is `CPUCount` first, then - `CPUShares`, and `CPUPercent` last. - type: "integer" - format: "int64" - IOMaximumIOps: - description: "Maximum IOps for the container system drive (Windows only)" - type: "integer" - format: "int64" - IOMaximumBandwidth: - description: | - Maximum IO in bytes per second for the container system drive - (Windows only). - type: "integer" - format: "int64" - - Limit: - description: | - An object describing a limit on resources which can be requested by a task. - type: "object" - properties: - NanoCPUs: - type: "integer" - format: "int64" - example: 4000000000 - MemoryBytes: - type: "integer" - format: "int64" - example: 8272408576 - Pids: - description: | - Limits the maximum number of PIDs in the container. Set `0` for unlimited. - type: "integer" - format: "int64" - default: 0 - example: 100 - - ResourceObject: - description: | - An object describing the resources which can be advertised by a node and - requested by a task. - type: "object" - properties: - NanoCPUs: - type: "integer" - format: "int64" - example: 4000000000 - MemoryBytes: - type: "integer" - format: "int64" - example: 8272408576 - GenericResources: - $ref: "#/definitions/GenericResources" - - GenericResources: - description: | - User-defined resources can be either Integer resources (e.g, `SSD=3`) or - String resources (e.g, `GPU=UUID1`). - type: "array" - items: - type: "object" - properties: - NamedResourceSpec: - type: "object" - properties: - Kind: - type: "string" - Value: - type: "string" - DiscreteResourceSpec: - type: "object" - properties: - Kind: - type: "string" - Value: - type: "integer" - format: "int64" - example: - - DiscreteResourceSpec: - Kind: "SSD" - Value: 3 - - NamedResourceSpec: - Kind: "GPU" - Value: "UUID1" - - NamedResourceSpec: - Kind: "GPU" - Value: "UUID2" - - HealthConfig: - description: "A test to perform to check that the container is healthy." - type: "object" - properties: - Test: - description: | - The test to perform. Possible values are: - - - `[]` inherit healthcheck from image or parent image - - `["NONE"]` disable healthcheck - - `["CMD", args...]` exec arguments directly - - `["CMD-SHELL", command]` run command with system's default shell - type: "array" - items: - type: "string" - Interval: - description: | - The time to wait between checks in nanoseconds. It should be 0 or at - least 1000000 (1 ms). 0 means inherit. - type: "integer" - format: "int64" - Timeout: - description: | - The time to wait before considering the check to have hung. It should - be 0 or at least 1000000 (1 ms). 0 means inherit. - type: "integer" - format: "int64" - Retries: - description: | - The number of consecutive failures needed to consider a container as - unhealthy. 0 means inherit. - type: "integer" - StartPeriod: - description: | - Start period for the container to initialize before starting - health-retries countdown in nanoseconds. It should be 0 or at least - 1000000 (1 ms). 0 means inherit. - type: "integer" - format: "int64" - StartInterval: - description: | - The time to wait between checks in nanoseconds during the start period. - It should be 0 or at least 1000000 (1 ms). 0 means inherit. - type: "integer" - format: "int64" - - Health: - description: | - Health stores information about the container's healthcheck results. - type: "object" - x-nullable: true - properties: - Status: - description: | - Status is one of `none`, `starting`, `healthy` or `unhealthy` - - - "none" Indicates there is no healthcheck - - "starting" Starting indicates that the container is not yet ready - - "healthy" Healthy indicates that the container is running correctly - - "unhealthy" Unhealthy indicates that the container has a problem - type: "string" - enum: - - "none" - - "starting" - - "healthy" - - "unhealthy" - example: "healthy" - FailingStreak: - description: "FailingStreak is the number of consecutive failures" - type: "integer" - example: 0 - Log: - type: "array" - description: | - Log contains the last few results (oldest first) - items: - $ref: "#/definitions/HealthcheckResult" - - HealthcheckResult: - description: | - HealthcheckResult stores information about a single run of a healthcheck probe - type: "object" - x-nullable: true - properties: - Start: - description: | - Date and time at which this check started in - [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds. - type: "string" - format: "date-time" - example: "2020-01-04T10:44:24.496525531Z" - End: - description: | - Date and time at which this check ended in - [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds. - type: "string" - format: "dateTime" - example: "2020-01-04T10:45:21.364524523Z" - ExitCode: - description: | - ExitCode meanings: - - - `0` healthy - - `1` unhealthy - - `2` reserved (considered unhealthy) - - other values: error running probe - type: "integer" - example: 0 - Output: - description: "Output from last check" - type: "string" - - HostConfig: - description: "Container configuration that depends on the host we are running on" - allOf: - - $ref: "#/definitions/Resources" - - type: "object" - properties: - # Applicable to all platforms - Binds: - type: "array" - description: | - A list of volume bindings for this container. Each volume binding - is a string in one of these forms: - - - `host-src:container-dest[:options]` to bind-mount a host path - into the container. Both `host-src`, and `container-dest` must - be an _absolute_ path. - - `volume-name:container-dest[:options]` to bind-mount a volume - managed by a volume driver into the container. `container-dest` - must be an _absolute_ path. - - `options` is an optional, comma-delimited list of: - - - `nocopy` disables automatic copying of data from the container - path to the volume. The `nocopy` flag only applies to named volumes. - - `[ro|rw]` mounts a volume read-only or read-write, respectively. - If omitted or set to `rw`, volumes are mounted read-write. - - `[z|Z]` applies SELinux labels to allow or deny multiple containers - to read and write to the same volume. - - `z`: a _shared_ content label is applied to the content. This - label indicates that multiple containers can share the volume - content, for both reading and writing. - - `Z`: a _private unshared_ label is applied to the content. - This label indicates that only the current container can use - a private volume. Labeling systems such as SELinux require - proper labels to be placed on volume content that is mounted - into a container. Without a label, the security system can - prevent a container's processes from using the content. By - default, the labels set by the host operating system are not - modified. - - `[[r]shared|[r]slave|[r]private]` specifies mount - [propagation behavior](https://www.kernel.org/doc/Documentation/filesystems/sharedsubtree.txt). - This only applies to bind-mounted volumes, not internal volumes - or named volumes. Mount propagation requires the source mount - point (the location where the source directory is mounted in the - host operating system) to have the correct propagation properties. - For shared volumes, the source mount point must be set to `shared`. - For slave volumes, the mount must be set to either `shared` or - `slave`. - items: - type: "string" - ContainerIDFile: - type: "string" - description: "Path to a file where the container ID is written" - example: "" - LogConfig: - type: "object" - description: "The logging configuration for this container" - properties: - Type: - description: |- - Name of the logging driver used for the container or "none" - if logging is disabled. - type: "string" - enum: - - "local" - - "json-file" - - "syslog" - - "journald" - - "gelf" - - "fluentd" - - "awslogs" - - "splunk" - - "etwlogs" - - "none" - Config: - description: |- - Driver-specific configuration options for the logging driver. - type: "object" - additionalProperties: - type: "string" - example: - "max-file": "5" - "max-size": "10m" - NetworkMode: - type: "string" - description: | - Network mode to use for this container. Supported standard values - are: `bridge`, `host`, `none`, and `container:`. Any - other value is taken as a custom network's name to which this - container should connect to. - PortBindings: - $ref: "#/definitions/PortMap" - RestartPolicy: - $ref: "#/definitions/RestartPolicy" - AutoRemove: - type: "boolean" - description: | - Automatically remove the container when the container's process - exits. This has no effect if `RestartPolicy` is set. - VolumeDriver: - type: "string" - description: "Driver that this container uses to mount volumes." - VolumesFrom: - type: "array" - description: | - A list of volumes to inherit from another container, specified in - the form `[:]`. - items: - type: "string" - Mounts: - description: | - Specification for mounts to be added to the container. - type: "array" - items: - $ref: "#/definitions/Mount" - ConsoleSize: - type: "array" - description: | - Initial console size, as an `[height, width]` array. - x-nullable: true - minItems: 2 - maxItems: 2 - items: - type: "integer" - minimum: 0 - example: [80, 64] - Annotations: - type: "object" - description: | - Arbitrary non-identifying metadata attached to container and - provided to the runtime when the container is started. - additionalProperties: - type: "string" - - # Applicable to UNIX platforms - CapAdd: - type: "array" - description: | - A list of kernel capabilities to add to the container. Conflicts - with option 'Capabilities'. - items: - type: "string" - CapDrop: - type: "array" - description: | - A list of kernel capabilities to drop from the container. Conflicts - with option 'Capabilities'. - items: - type: "string" - CgroupnsMode: - type: "string" - enum: - - "private" - - "host" - description: | - cgroup namespace mode for the container. Possible values are: - - - `"private"`: the container runs in its own private cgroup namespace - - `"host"`: use the host system's cgroup namespace - - If not specified, the daemon default is used, which can either be `"private"` - or `"host"`, depending on daemon version, kernel support and configuration. - Dns: - type: "array" - description: "A list of DNS servers for the container to use." - items: - type: "string" - DnsOptions: - type: "array" - description: "A list of DNS options." - items: - type: "string" - DnsSearch: - type: "array" - description: "A list of DNS search domains." - items: - type: "string" - ExtraHosts: - type: "array" - description: | - A list of hostnames/IP mappings to add to the container's `/etc/hosts` - file. Specified in the form `["hostname:IP"]`. - items: - type: "string" - GroupAdd: - type: "array" - description: | - A list of additional groups that the container process will run as. - items: - type: "string" - IpcMode: - type: "string" - description: | - IPC sharing mode for the container. Possible values are: - - - `"none"`: own private IPC namespace, with /dev/shm not mounted - - `"private"`: own private IPC namespace - - `"shareable"`: own private IPC namespace, with a possibility to share it with other containers - - `"container:"`: join another (shareable) container's IPC namespace - - `"host"`: use the host system's IPC namespace - - If not specified, daemon default is used, which can either be `"private"` - or `"shareable"`, depending on daemon version and configuration. - Cgroup: - type: "string" - description: "Cgroup to use for the container." - Links: - type: "array" - description: | - A list of links for the container in the form `container_name:alias`. - items: - type: "string" - OomScoreAdj: - type: "integer" - description: | - An integer value containing the score given to the container in - order to tune OOM killer preferences. - example: 500 - PidMode: - type: "string" - description: | - Set the PID (Process) Namespace mode for the container. It can be - either: - - - `"container:"`: joins another container's PID namespace - - `"host"`: use the host's PID namespace inside the container - Privileged: - type: "boolean" - description: |- - Gives the container full access to the host. - PublishAllPorts: - type: "boolean" - description: | - Allocates an ephemeral host port for all of a container's - exposed ports. - - Ports are de-allocated when the container stops and allocated when - the container starts. The allocated port might be changed when - restarting the container. - - The port is selected from the ephemeral port range that depends on - the kernel. For example, on Linux the range is defined by - `/proc/sys/net/ipv4/ip_local_port_range`. - ReadonlyRootfs: - type: "boolean" - description: "Mount the container's root filesystem as read only." - SecurityOpt: - type: "array" - description: | - A list of string values to customize labels for MLS systems, such - as SELinux. - items: - type: "string" - StorageOpt: - type: "object" - description: | - Storage driver options for this container, in the form `{"size": "120G"}`. - additionalProperties: - type: "string" - Tmpfs: - type: "object" - description: | - A map of container directories which should be replaced by tmpfs - mounts, and their corresponding mount options. For example: - - ``` - { "/run": "rw,noexec,nosuid,size=65536k" } - ``` - additionalProperties: - type: "string" - UTSMode: - type: "string" - description: "UTS namespace to use for the container." - UsernsMode: - type: "string" - description: | - Sets the usernamespace mode for the container when usernamespace - remapping option is enabled. - ShmSize: - type: "integer" - format: "int64" - description: | - Size of `/dev/shm` in bytes. If omitted, the system uses 64MB. - minimum: 0 - Sysctls: - type: "object" - x-nullable: true - description: |- - A list of kernel parameters (sysctls) to set in the container. - - This field is omitted if not set. - additionalProperties: - type: "string" - example: - "net.ipv4.ip_forward": "1" - Runtime: - type: "string" - x-nullable: true - description: |- - Runtime to use with this container. - # Applicable to Windows - Isolation: - type: "string" - description: | - Isolation technology of the container. (Windows only) - enum: - - "default" - - "process" - - "hyperv" - - "" - MaskedPaths: - type: "array" - description: | - The list of paths to be masked inside the container (this overrides - the default set of paths). - items: - type: "string" - example: - - "/proc/asound" - - "/proc/acpi" - - "/proc/kcore" - - "/proc/keys" - - "/proc/latency_stats" - - "/proc/timer_list" - - "/proc/timer_stats" - - "/proc/sched_debug" - - "/proc/scsi" - - "/sys/firmware" - - "/sys/devices/virtual/powercap" - ReadonlyPaths: - type: "array" - description: | - The list of paths to be set as read-only inside the container - (this overrides the default set of paths). - items: - type: "string" - example: - - "/proc/bus" - - "/proc/fs" - - "/proc/irq" - - "/proc/sys" - - "/proc/sysrq-trigger" - - ContainerConfig: - description: | - Configuration for a container that is portable between hosts. - type: "object" - properties: - Hostname: - description: | - The hostname to use for the container, as a valid RFC 1123 hostname. - type: "string" - example: "439f4e91bd1d" - Domainname: - description: | - The domain name to use for the container. - type: "string" - User: - description: |- - Commands run as this user inside the container. If omitted, commands - run as the user specified in the image the container was started from. - - Can be either user-name or UID, and optional group-name or GID, - separated by a colon (`[<:group-name|GID>]`). - type: "string" - example: "123:456" - AttachStdin: - description: "Whether to attach to `stdin`." - type: "boolean" - default: false - AttachStdout: - description: "Whether to attach to `stdout`." - type: "boolean" - default: true - AttachStderr: - description: "Whether to attach to `stderr`." - type: "boolean" - default: true - ExposedPorts: - description: | - An object mapping ports to an empty object in the form: - - `{"/": {}}` - type: "object" - x-nullable: true - additionalProperties: - type: "object" - enum: - - {} - default: {} - example: { - "80/tcp": {}, - "443/tcp": {} - } - Tty: - description: | - Attach standard streams to a TTY, including `stdin` if it is not closed. - type: "boolean" - default: false - OpenStdin: - description: "Open `stdin`" - type: "boolean" - default: false - StdinOnce: - description: "Close `stdin` after one attached client disconnects" - type: "boolean" - default: false - Env: - description: | - A list of environment variables to set inside the container in the - form `["VAR=value", ...]`. A variable without `=` is removed from the - environment, rather than to have an empty value. - type: "array" - items: - type: "string" - example: - - "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" - Cmd: - description: | - Command to run specified as a string or an array of strings. - type: "array" - items: - type: "string" - example: ["/bin/sh"] - Healthcheck: - $ref: "#/definitions/HealthConfig" - ArgsEscaped: - description: "Command is already escaped (Windows only)" - type: "boolean" - default: false - example: false - x-nullable: true - Image: - description: | - The name (or reference) of the image to use when creating the container, - or which was used when the container was created. - type: "string" - example: "example-image:1.0" - Volumes: - description: | - An object mapping mount point paths inside the container to empty - objects. - type: "object" - additionalProperties: - type: "object" - enum: - - {} - default: {} - WorkingDir: - description: "The working directory for commands to run in." - type: "string" - example: "/public/" - Entrypoint: - description: | - The entry point for the container as a string or an array of strings. - - If the array consists of exactly one empty string (`[""]`) then the - entry point is reset to system default (i.e., the entry point used by - docker when there is no `ENTRYPOINT` instruction in the `Dockerfile`). - type: "array" - items: - type: "string" - example: [] - NetworkDisabled: - description: "Disable networking for the container." - type: "boolean" - x-nullable: true - MacAddress: - description: | - MAC address of the container. - - Deprecated: this field is deprecated in API v1.44 and up. Use EndpointSettings.MacAddress instead. - type: "string" - x-nullable: true - OnBuild: - description: | - `ONBUILD` metadata that were defined in the image's `Dockerfile`. - type: "array" - x-nullable: true - items: - type: "string" - example: [] - Labels: - description: "User-defined key/value metadata." - type: "object" - additionalProperties: - type: "string" - example: - com.example.some-label: "some-value" - com.example.some-other-label: "some-other-value" - StopSignal: - description: | - Signal to stop a container as a string or unsigned integer. - type: "string" - example: "SIGTERM" - x-nullable: true - StopTimeout: - description: "Timeout to stop a container in seconds." - type: "integer" - default: 10 - x-nullable: true - Shell: - description: | - Shell for when `RUN`, `CMD`, and `ENTRYPOINT` uses a shell. - type: "array" - x-nullable: true - items: - type: "string" - example: ["/bin/sh", "-c"] - - ImageConfig: - description: | - Configuration of the image. These fields are used as defaults - when starting a container from the image. - type: "object" - properties: - User: - description: "The user that commands are run as inside the container." - type: "string" - example: "web:web" - ExposedPorts: - description: | - An object mapping ports to an empty object in the form: - - `{"/": {}}` - type: "object" - x-nullable: true - additionalProperties: - type: "object" - enum: - - {} - default: {} - example: { - "80/tcp": {}, - "443/tcp": {} - } - Env: - description: | - A list of environment variables to set inside the container in the - form `["VAR=value", ...]`. A variable without `=` is removed from the - environment, rather than to have an empty value. - type: "array" - items: - type: "string" - example: - - "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" - Cmd: - description: | - Command to run specified as a string or an array of strings. - type: "array" - items: - type: "string" - example: ["/bin/sh"] - Healthcheck: - $ref: "#/definitions/HealthConfig" - ArgsEscaped: - description: "Command is already escaped (Windows only)" - type: "boolean" - default: false - example: false - x-nullable: true - Volumes: - description: | - An object mapping mount point paths inside the container to empty - objects. - type: "object" - additionalProperties: - type: "object" - enum: - - {} - default: {} - example: - "/app/data": {} - "/app/config": {} - WorkingDir: - description: "The working directory for commands to run in." - type: "string" - example: "/public/" - Entrypoint: - description: | - The entry point for the container as a string or an array of strings. - - If the array consists of exactly one empty string (`[""]`) then the - entry point is reset to system default (i.e., the entry point used by - docker when there is no `ENTRYPOINT` instruction in the `Dockerfile`). - type: "array" - items: - type: "string" - example: [] - OnBuild: - description: | - `ONBUILD` metadata that were defined in the image's `Dockerfile`. - type: "array" - x-nullable: true - items: - type: "string" - example: [] - Labels: - description: "User-defined key/value metadata." - type: "object" - additionalProperties: - type: "string" - example: - com.example.some-label: "some-value" - com.example.some-other-label: "some-other-value" - StopSignal: - description: | - Signal to stop a container as a string or unsigned integer. - type: "string" - example: "SIGTERM" - x-nullable: true - Shell: - description: | - Shell for when `RUN`, `CMD`, and `ENTRYPOINT` uses a shell. - type: "array" - x-nullable: true - items: - type: "string" - example: ["/bin/sh", "-c"] - - NetworkingConfig: - description: | - NetworkingConfig represents the container's networking configuration for - each of its interfaces. - It is used for the networking configs specified in the `docker create` - and `docker network connect` commands. - type: "object" - properties: - EndpointsConfig: - description: | - A mapping of network name to endpoint configuration for that network. - The endpoint configuration can be left empty to connect to that - network with no particular endpoint configuration. - type: "object" - additionalProperties: - $ref: "#/definitions/EndpointSettings" - example: - # putting an example here, instead of using the example values from - # /definitions/EndpointSettings, because EndpointSettings contains - # operational data returned when inspecting a container that we don't - # accept here. - EndpointsConfig: - isolated_nw: - IPAMConfig: - IPv4Address: "172.20.30.33" - IPv6Address: "2001:db8:abcd::3033" - LinkLocalIPs: - - "169.254.34.68" - - "fe80::3468" - MacAddress: "02:42:ac:12:05:02" - Links: - - "container_1" - - "container_2" - Aliases: - - "server_x" - - "server_y" - database_nw: {} - - NetworkSettings: - description: "NetworkSettings exposes the network settings in the API" - type: "object" - properties: - Bridge: - description: | - Name of the default bridge interface when dockerd's --bridge flag is set. - - Deprecated: This field is only set when the daemon is started with the --bridge flag specified. - type: "string" - example: "docker0" - SandboxID: - description: SandboxID uniquely represents a container's network stack. - type: "string" - example: "9d12daf2c33f5959c8bf90aa513e4f65b561738661003029ec84830cd503a0c3" - HairpinMode: - description: | - Indicates if hairpin NAT should be enabled on the virtual interface. - - Deprecated: This field is never set and will be removed in a future release. - type: "boolean" - example: false - LinkLocalIPv6Address: - description: | - IPv6 unicast address using the link-local prefix. - - Deprecated: This field is never set and will be removed in a future release. - type: "string" - example: "" - LinkLocalIPv6PrefixLen: - description: | - Prefix length of the IPv6 unicast address. - - Deprecated: This field is never set and will be removed in a future release. - type: "integer" - example: "" - Ports: - $ref: "#/definitions/PortMap" - SandboxKey: - description: SandboxKey is the full path of the netns handle - type: "string" - example: "/var/run/docker/netns/8ab54b426c38" - - SecondaryIPAddresses: - description: "Deprecated: This field is never set and will be removed in a future release." - type: "array" - items: - $ref: "#/definitions/Address" - x-nullable: true - - SecondaryIPv6Addresses: - description: "Deprecated: This field is never set and will be removed in a future release." - type: "array" - items: - $ref: "#/definitions/Address" - x-nullable: true - - # TODO properties below are part of DefaultNetworkSettings, which is - # marked as deprecated since Docker 1.9 and to be removed in Docker v17.12 - EndpointID: - description: | - EndpointID uniquely represents a service endpoint in a Sandbox. - -


- - > **Deprecated**: This field is only propagated when attached to the - > default "bridge" network. Use the information from the "bridge" - > network inside the `Networks` map instead, which contains the same - > information. This field was deprecated in Docker 1.9 and is scheduled - > to be removed in Docker 17.12.0 - type: "string" - example: "b88f5b905aabf2893f3cbc4ee42d1ea7980bbc0a92e2c8922b1e1795298afb0b" - Gateway: - description: | - Gateway address for the default "bridge" network. - -


- - > **Deprecated**: This field is only propagated when attached to the - > default "bridge" network. Use the information from the "bridge" - > network inside the `Networks` map instead, which contains the same - > information. This field was deprecated in Docker 1.9 and is scheduled - > to be removed in Docker 17.12.0 - type: "string" - example: "172.17.0.1" - GlobalIPv6Address: - description: | - Global IPv6 address for the default "bridge" network. - -


- - > **Deprecated**: This field is only propagated when attached to the - > default "bridge" network. Use the information from the "bridge" - > network inside the `Networks` map instead, which contains the same - > information. This field was deprecated in Docker 1.9 and is scheduled - > to be removed in Docker 17.12.0 - type: "string" - example: "2001:db8::5689" - GlobalIPv6PrefixLen: - description: | - Mask length of the global IPv6 address. - -


- - > **Deprecated**: This field is only propagated when attached to the - > default "bridge" network. Use the information from the "bridge" - > network inside the `Networks` map instead, which contains the same - > information. This field was deprecated in Docker 1.9 and is scheduled - > to be removed in Docker 17.12.0 - type: "integer" - example: 64 - IPAddress: - description: | - IPv4 address for the default "bridge" network. - -


- - > **Deprecated**: This field is only propagated when attached to the - > default "bridge" network. Use the information from the "bridge" - > network inside the `Networks` map instead, which contains the same - > information. This field was deprecated in Docker 1.9 and is scheduled - > to be removed in Docker 17.12.0 - type: "string" - example: "172.17.0.4" - IPPrefixLen: - description: | - Mask length of the IPv4 address. - -


- - > **Deprecated**: This field is only propagated when attached to the - > default "bridge" network. Use the information from the "bridge" - > network inside the `Networks` map instead, which contains the same - > information. This field was deprecated in Docker 1.9 and is scheduled - > to be removed in Docker 17.12.0 - type: "integer" - example: 16 - IPv6Gateway: - description: | - IPv6 gateway address for this network. - -


- - > **Deprecated**: This field is only propagated when attached to the - > default "bridge" network. Use the information from the "bridge" - > network inside the `Networks` map instead, which contains the same - > information. This field was deprecated in Docker 1.9 and is scheduled - > to be removed in Docker 17.12.0 - type: "string" - example: "2001:db8:2::100" - MacAddress: - description: | - MAC address for the container on the default "bridge" network. - -


- - > **Deprecated**: This field is only propagated when attached to the - > default "bridge" network. Use the information from the "bridge" - > network inside the `Networks` map instead, which contains the same - > information. This field was deprecated in Docker 1.9 and is scheduled - > to be removed in Docker 17.12.0 - type: "string" - example: "02:42:ac:11:00:04" - Networks: - description: | - Information about all networks that the container is connected to. - type: "object" - additionalProperties: - $ref: "#/definitions/EndpointSettings" - - Address: - description: Address represents an IPv4 or IPv6 IP address. - type: "object" - properties: - Addr: - description: IP address. - type: "string" - PrefixLen: - description: Mask length of the IP address. - type: "integer" - - PortMap: - description: | - PortMap describes the mapping of container ports to host ports, using the - container's port-number and protocol as key in the format `/`, - for example, `80/udp`. - - If a container's port is mapped for multiple protocols, separate entries - are added to the mapping table. - type: "object" - additionalProperties: - type: "array" - x-nullable: true - items: - $ref: "#/definitions/PortBinding" - example: - "443/tcp": - - HostIp: "127.0.0.1" - HostPort: "4443" - "80/tcp": - - HostIp: "0.0.0.0" - HostPort: "80" - - HostIp: "0.0.0.0" - HostPort: "8080" - "80/udp": - - HostIp: "0.0.0.0" - HostPort: "80" - "53/udp": - - HostIp: "0.0.0.0" - HostPort: "53" - "2377/tcp": null - - PortBinding: - description: | - PortBinding represents a binding between a host IP address and a host - port. - type: "object" - properties: - HostIp: - description: "Host IP address that the container's port is mapped to." - type: "string" - example: "127.0.0.1" - HostPort: - description: "Host port number that the container's port is mapped to." - type: "string" - example: "4443" - - DriverData: - description: | - Information about the storage driver used to store the container's and - image's filesystem. - type: "object" - required: [Name, Data] - properties: - Name: - description: "Name of the storage driver." - type: "string" - x-nullable: false - example: "overlay2" - Data: - description: | - Low-level storage metadata, provided as key/value pairs. - - This information is driver-specific, and depends on the storage-driver - in use, and should be used for informational purposes only. - type: "object" - x-nullable: false - additionalProperties: - type: "string" - example: { - "MergedDir": "/var/lib/docker/overlay2/ef749362d13333e65fc95c572eb525abbe0052e16e086cb64bc3b98ae9aa6d74/merged", - "UpperDir": "/var/lib/docker/overlay2/ef749362d13333e65fc95c572eb525abbe0052e16e086cb64bc3b98ae9aa6d74/diff", - "WorkDir": "/var/lib/docker/overlay2/ef749362d13333e65fc95c572eb525abbe0052e16e086cb64bc3b98ae9aa6d74/work" - } - - FilesystemChange: - description: | - Change in the container's filesystem. - type: "object" - required: [Path, Kind] - properties: - Path: - description: | - Path to file or directory that has changed. - type: "string" - x-nullable: false - Kind: - $ref: "#/definitions/ChangeType" - - ChangeType: - description: | - Kind of change - - Can be one of: - - - `0`: Modified ("C") - - `1`: Added ("A") - - `2`: Deleted ("D") - type: "integer" - format: "uint8" - enum: [0, 1, 2] - x-nullable: false - - ImageInspect: - description: | - Information about an image in the local image cache. - type: "object" - properties: - Id: - description: | - ID is the content-addressable ID of an image. - - This identifier is a content-addressable digest calculated from the - image's configuration (which includes the digests of layers used by - the image). - - Note that this digest differs from the `RepoDigests` below, which - holds digests of image manifests that reference the image. - type: "string" - x-nullable: false - example: "sha256:ec3f0931a6e6b6855d76b2d7b0be30e81860baccd891b2e243280bf1cd8ad710" - Descriptor: - description: | - Descriptor is an OCI descriptor of the image target. - In case of a multi-platform image, this descriptor points to the OCI index - or a manifest list. - - This field is only present if the daemon provides a multi-platform image store. - - WARNING: This is experimental and may change at any time without any backward - compatibility. - x-nullable: true - $ref: "#/definitions/OCIDescriptor" - Manifests: - description: | - Manifests is a list of image manifests available in this image. It - provides a more detailed view of the platform-specific image manifests or - other image-attached data like build attestations. - - Only available if the daemon provides a multi-platform image store - and the `manifests` option is set in the inspect request. - - WARNING: This is experimental and may change at any time without any backward - compatibility. - type: "array" - x-nullable: true - items: - $ref: "#/definitions/ImageManifestSummary" - RepoTags: - description: | - List of image names/tags in the local image cache that reference this - image. - - Multiple image tags can refer to the same image, and this list may be - empty if no tags reference the image, in which case the image is - "untagged", in which case it can still be referenced by its ID. - type: "array" - items: - type: "string" - example: - - "example:1.0" - - "example:latest" - - "example:stable" - - "internal.registry.example.com:5000/example:1.0" - RepoDigests: - description: | - List of content-addressable digests of locally available image manifests - that the image is referenced from. Multiple manifests can refer to the - same image. - - These digests are usually only available if the image was either pulled - from a registry, or if the image was pushed to a registry, which is when - the manifest is generated and its digest calculated. - type: "array" - items: - type: "string" - example: - - "example@sha256:afcc7f1ac1b49db317a7196c902e61c6c3c4607d63599ee1a82d702d249a0ccb" - - "internal.registry.example.com:5000/example@sha256:b69959407d21e8a062e0416bf13405bb2b71ed7a84dde4158ebafacfa06f5578" - Parent: - description: | - ID of the parent image. - - Depending on how the image was created, this field may be empty and - is only set for images that were built/created locally. This field - is empty if the image was pulled from an image registry. - - > **Deprecated**: This field is only set when using the deprecated - > legacy builder. It is included in API responses for informational - > purposes, but should not be depended on as it will be omitted - > once the legacy builder is removed. - type: "string" - x-nullable: false - example: "" - Comment: - description: | - Optional message that was set when committing or importing the image. - type: "string" - x-nullable: false - example: "" - Created: - description: | - Date and time at which the image was created, formatted in - [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds. - - This information is only available if present in the image, - and omitted otherwise. - type: "string" - format: "dateTime" - x-nullable: true - example: "2022-02-04T21:20:12.497794809Z" - DockerVersion: - description: | - The version of Docker that was used to build the image. - - Depending on how the image was created, this field may be empty. - - > **Deprecated**: This field is only set when using the deprecated - > legacy builder. It is included in API responses for informational - > purposes, but should not be depended on as it will be omitted - > once the legacy builder is removed. - type: "string" - x-nullable: false - example: "27.0.1" - Author: - description: | - Name of the author that was specified when committing the image, or as - specified through MAINTAINER (deprecated) in the Dockerfile. - type: "string" - x-nullable: false - example: "" - Config: - $ref: "#/definitions/ImageConfig" - Architecture: - description: | - Hardware CPU architecture that the image runs on. - type: "string" - x-nullable: false - example: "arm" - Variant: - description: | - CPU architecture variant (presently ARM-only). - type: "string" - x-nullable: true - example: "v7" - Os: - description: | - Operating System the image is built to run on. - type: "string" - x-nullable: false - example: "linux" - OsVersion: - description: | - Operating System version the image is built to run on (especially - for Windows). - type: "string" - example: "" - x-nullable: true - Size: - description: | - Total size of the image including all layers it is composed of. - type: "integer" - format: "int64" - x-nullable: false - example: 1239828 - GraphDriver: - $ref: "#/definitions/DriverData" - RootFS: - description: | - Information about the image's RootFS, including the layer IDs. - type: "object" - required: [Type] - properties: - Type: - type: "string" - x-nullable: false - example: "layers" - Layers: - type: "array" - items: - type: "string" - example: - - "sha256:1834950e52ce4d5a88a1bbd131c537f4d0e56d10ff0dd69e66be3b7dfa9df7e6" - - "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef" - Metadata: - description: | - Additional metadata of the image in the local cache. This information - is local to the daemon, and not part of the image itself. - type: "object" - properties: - LastTagTime: - description: | - Date and time at which the image was last tagged in - [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds. - - This information is only available if the image was tagged locally, - and omitted otherwise. - type: "string" - format: "dateTime" - example: "2022-02-28T14:40:02.623929178Z" - x-nullable: true - - ImageSummary: - type: "object" - x-go-name: "Summary" - required: - - Id - - ParentId - - RepoTags - - RepoDigests - - Created - - Size - - SharedSize - - Labels - - Containers - properties: - Id: - description: | - ID is the content-addressable ID of an image. - - This identifier is a content-addressable digest calculated from the - image's configuration (which includes the digests of layers used by - the image). - - Note that this digest differs from the `RepoDigests` below, which - holds digests of image manifests that reference the image. - type: "string" - x-nullable: false - example: "sha256:ec3f0931a6e6b6855d76b2d7b0be30e81860baccd891b2e243280bf1cd8ad710" - ParentId: - description: | - ID of the parent image. - - Depending on how the image was created, this field may be empty and - is only set for images that were built/created locally. This field - is empty if the image was pulled from an image registry. - type: "string" - x-nullable: false - example: "" - RepoTags: - description: | - List of image names/tags in the local image cache that reference this - image. - - Multiple image tags can refer to the same image, and this list may be - empty if no tags reference the image, in which case the image is - "untagged", in which case it can still be referenced by its ID. - type: "array" - x-nullable: false - items: - type: "string" - example: - - "example:1.0" - - "example:latest" - - "example:stable" - - "internal.registry.example.com:5000/example:1.0" - RepoDigests: - description: | - List of content-addressable digests of locally available image manifests - that the image is referenced from. Multiple manifests can refer to the - same image. - - These digests are usually only available if the image was either pulled - from a registry, or if the image was pushed to a registry, which is when - the manifest is generated and its digest calculated. - type: "array" - x-nullable: false - items: - type: "string" - example: - - "example@sha256:afcc7f1ac1b49db317a7196c902e61c6c3c4607d63599ee1a82d702d249a0ccb" - - "internal.registry.example.com:5000/example@sha256:b69959407d21e8a062e0416bf13405bb2b71ed7a84dde4158ebafacfa06f5578" - Created: - description: | - Date and time at which the image was created as a Unix timestamp - (number of seconds since EPOCH). - type: "integer" - x-nullable: false - example: "1644009612" - Size: - description: | - Total size of the image including all layers it is composed of. - type: "integer" - format: "int64" - x-nullable: false - example: 172064416 - SharedSize: - description: | - Total size of image layers that are shared between this image and other - images. - - This size is not calculated by default. `-1` indicates that the value - has not been set / calculated. - type: "integer" - format: "int64" - x-nullable: false - example: 1239828 - Labels: - description: "User-defined key/value metadata." - type: "object" - x-nullable: false - additionalProperties: - type: "string" - example: - com.example.some-label: "some-value" - com.example.some-other-label: "some-other-value" - Containers: - description: | - Number of containers using this image. Includes both stopped and running - containers. - - `-1` indicates that the value has not been set / calculated. - x-nullable: false - type: "integer" - example: 2 - Manifests: - description: | - Manifests is a list of manifests available in this image. - It provides a more detailed view of the platform-specific image manifests - or other image-attached data like build attestations. - - WARNING: This is experimental and may change at any time without any backward - compatibility. - type: "array" - x-nullable: false - x-omitempty: true - items: - $ref: "#/definitions/ImageManifestSummary" - Descriptor: - description: | - Descriptor is an OCI descriptor of the image target. - In case of a multi-platform image, this descriptor points to the OCI index - or a manifest list. - - This field is only present if the daemon provides a multi-platform image store. - - WARNING: This is experimental and may change at any time without any backward - compatibility. - x-nullable: true - $ref: "#/definitions/OCIDescriptor" - - AuthConfig: - type: "object" - properties: - username: - type: "string" - password: - type: "string" - email: - description: | - Email is an optional value associated with the username. - - > **Deprecated**: This field is deprecated since docker 1.11 (API v1.23) and will be removed in a future release. - type: "string" - serveraddress: - type: "string" - example: - username: "hannibal" - password: "xxxx" - serveraddress: "https://index.docker.io/v1/" - - ProcessConfig: - type: "object" - properties: - privileged: - type: "boolean" - user: - type: "string" - tty: - type: "boolean" - entrypoint: - type: "string" - arguments: - type: "array" - items: - type: "string" - - Volume: - type: "object" - required: [Name, Driver, Mountpoint, Labels, Scope, Options] - properties: - Name: - type: "string" - description: "Name of the volume." - x-nullable: false - example: "tardis" - Driver: - type: "string" - description: "Name of the volume driver used by the volume." - x-nullable: false - example: "custom" - Mountpoint: - type: "string" - description: "Mount path of the volume on the host." - x-nullable: false - example: "/var/lib/docker/volumes/tardis" - CreatedAt: - type: "string" - format: "dateTime" - description: "Date/Time the volume was created." - example: "2016-06-07T20:31:11.853781916Z" - Status: - type: "object" - description: | - Low-level details about the volume, provided by the volume driver. - Details are returned as a map with key/value pairs: - `{"key":"value","key2":"value2"}`. - - The `Status` field is optional, and is omitted if the volume driver - does not support this feature. - additionalProperties: - type: "object" - example: - hello: "world" - Labels: - type: "object" - description: "User-defined key/value metadata." - x-nullable: false - additionalProperties: - type: "string" - example: - com.example.some-label: "some-value" - com.example.some-other-label: "some-other-value" - Scope: - type: "string" - description: | - The level at which the volume exists. Either `global` for cluster-wide, - or `local` for machine level. - default: "local" - x-nullable: false - enum: ["local", "global"] - example: "local" - ClusterVolume: - $ref: "#/definitions/ClusterVolume" - Options: - type: "object" - description: | - The driver specific options used when creating the volume. - additionalProperties: - type: "string" - example: - device: "tmpfs" - o: "size=100m,uid=1000" - type: "tmpfs" - UsageData: - type: "object" - x-nullable: true - x-go-name: "UsageData" - required: [Size, RefCount] - description: | - Usage details about the volume. This information is used by the - `GET /system/df` endpoint, and omitted in other endpoints. - properties: - Size: - type: "integer" - format: "int64" - default: -1 - description: | - Amount of disk space used by the volume (in bytes). This information - is only available for volumes created with the `"local"` volume - driver. For volumes created with other volume drivers, this field - is set to `-1` ("not available") - x-nullable: false - RefCount: - type: "integer" - format: "int64" - default: -1 - description: | - The number of containers referencing this volume. This field - is set to `-1` if the reference-count is not available. - x-nullable: false - - VolumeCreateOptions: - description: "Volume configuration" - type: "object" - title: "VolumeConfig" - x-go-name: "CreateOptions" - properties: - Name: - description: | - The new volume's name. If not specified, Docker generates a name. - type: "string" - x-nullable: false - example: "tardis" - Driver: - description: "Name of the volume driver to use." - type: "string" - default: "local" - x-nullable: false - example: "custom" - DriverOpts: - description: | - A mapping of driver options and values. These options are - passed directly to the driver and are driver specific. - type: "object" - additionalProperties: - type: "string" - example: - device: "tmpfs" - o: "size=100m,uid=1000" - type: "tmpfs" - Labels: - description: "User-defined key/value metadata." - type: "object" - additionalProperties: - type: "string" - example: - com.example.some-label: "some-value" - com.example.some-other-label: "some-other-value" - ClusterVolumeSpec: - $ref: "#/definitions/ClusterVolumeSpec" - - VolumeListResponse: - type: "object" - title: "VolumeListResponse" - x-go-name: "ListResponse" - description: "Volume list response" - properties: - Volumes: - type: "array" - description: "List of volumes" - items: - $ref: "#/definitions/Volume" - Warnings: - type: "array" - description: | - Warnings that occurred when fetching the list of volumes. - items: - type: "string" - example: [] - - Network: - type: "object" - properties: - Name: - description: | - Name of the network. - type: "string" - example: "my_network" - Id: - description: | - ID that uniquely identifies a network on a single machine. - type: "string" - example: "7d86d31b1478e7cca9ebed7e73aa0fdeec46c5ca29497431d3007d2d9e15ed99" - Created: - description: | - Date and time at which the network was created in - [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds. - type: "string" - format: "dateTime" - example: "2016-10-19T04:33:30.360899459Z" - Scope: - description: | - The level at which the network exists (e.g. `swarm` for cluster-wide - or `local` for machine level) - type: "string" - example: "local" - Driver: - description: | - The name of the driver used to create the network (e.g. `bridge`, - `overlay`). - type: "string" - example: "overlay" - EnableIPv4: - description: | - Whether the network was created with IPv4 enabled. - type: "boolean" - example: true - EnableIPv6: - description: | - Whether the network was created with IPv6 enabled. - type: "boolean" - example: false - IPAM: - $ref: "#/definitions/IPAM" - Internal: - description: | - Whether the network is created to only allow internal networking - connectivity. - type: "boolean" - default: false - example: false - Attachable: - description: | - Whether a global / swarm scope network is manually attachable by regular - containers from workers in swarm mode. - type: "boolean" - default: false - example: false - Ingress: - description: | - Whether the network is providing the routing-mesh for the swarm cluster. - type: "boolean" - default: false - example: false - ConfigFrom: - $ref: "#/definitions/ConfigReference" - ConfigOnly: - description: | - Whether the network is a config-only network. Config-only networks are - placeholder networks for network configurations to be used by other - networks. Config-only networks cannot be used directly to run containers - or services. - type: "boolean" - default: false - Containers: - description: | - Contains endpoints attached to the network. - type: "object" - additionalProperties: - $ref: "#/definitions/NetworkContainer" - example: - 19a4d5d687db25203351ed79d478946f861258f018fe384f229f2efa4b23513c: - Name: "test" - EndpointID: "628cadb8bcb92de107b2a1e516cbffe463e321f548feb37697cce00ad694f21a" - MacAddress: "02:42:ac:13:00:02" - IPv4Address: "172.19.0.2/16" - IPv6Address: "" - Options: - description: | - Network-specific options uses when creating the network. - type: "object" - additionalProperties: - type: "string" - example: - com.docker.network.bridge.default_bridge: "true" - com.docker.network.bridge.enable_icc: "true" - com.docker.network.bridge.enable_ip_masquerade: "true" - com.docker.network.bridge.host_binding_ipv4: "0.0.0.0" - com.docker.network.bridge.name: "docker0" - com.docker.network.driver.mtu: "1500" - Labels: - description: "User-defined key/value metadata." - type: "object" - additionalProperties: - type: "string" - example: - com.example.some-label: "some-value" - com.example.some-other-label: "some-other-value" - Peers: - description: | - List of peer nodes for an overlay network. This field is only present - for overlay networks, and omitted for other network types. - type: "array" - items: - $ref: "#/definitions/PeerInfo" - x-nullable: true - # TODO: Add Services (only present when "verbose" is set). - - ConfigReference: - description: | - The config-only network source to provide the configuration for - this network. - type: "object" - properties: - Network: - description: | - The name of the config-only network that provides the network's - configuration. The specified network must be an existing config-only - network. Only network names are allowed, not network IDs. - type: "string" - example: "config_only_network_01" - - IPAM: - type: "object" - properties: - Driver: - description: "Name of the IPAM driver to use." - type: "string" - default: "default" - example: "default" - Config: - description: | - List of IPAM configuration options, specified as a map: - - ``` - {"Subnet": , "IPRange": , "Gateway": , "AuxAddress": } - ``` - type: "array" - items: - $ref: "#/definitions/IPAMConfig" - Options: - description: "Driver-specific options, specified as a map." - type: "object" - additionalProperties: - type: "string" - example: - foo: "bar" - - IPAMConfig: - type: "object" - properties: - Subnet: - type: "string" - example: "172.20.0.0/16" - IPRange: - type: "string" - example: "172.20.10.0/24" - Gateway: - type: "string" - example: "172.20.10.11" - AuxiliaryAddresses: - type: "object" - additionalProperties: - type: "string" - - NetworkContainer: - type: "object" - properties: - Name: - type: "string" - example: "container_1" - EndpointID: - type: "string" - example: "628cadb8bcb92de107b2a1e516cbffe463e321f548feb37697cce00ad694f21a" - MacAddress: - type: "string" - example: "02:42:ac:13:00:02" - IPv4Address: - type: "string" - example: "172.19.0.2/16" - IPv6Address: - type: "string" - example: "" - - PeerInfo: - description: | - PeerInfo represents one peer of an overlay network. - type: "object" - properties: - Name: - description: - ID of the peer-node in the Swarm cluster. - type: "string" - example: "6869d7c1732b" - IP: - description: - IP-address of the peer-node in the Swarm cluster. - type: "string" - example: "10.133.77.91" - - NetworkCreateResponse: - description: "OK response to NetworkCreate operation" - type: "object" - title: "NetworkCreateResponse" - x-go-name: "CreateResponse" - required: [Id, Warning] - properties: - Id: - description: "The ID of the created network." - type: "string" - x-nullable: false - example: "b5c4fc71e8022147cd25de22b22173de4e3b170134117172eb595cb91b4e7e5d" - Warning: - description: "Warnings encountered when creating the container" - type: "string" - x-nullable: false - example: "" - - BuildInfo: - type: "object" - properties: - id: - type: "string" - stream: - type: "string" - error: - type: "string" - x-nullable: true - description: |- - errors encountered during the operation. - - - > **Deprecated**: This field is deprecated since API v1.4, and will be omitted in a future API version. Use the information in errorDetail instead. - errorDetail: - $ref: "#/definitions/ErrorDetail" - status: - type: "string" - progress: - type: "string" - x-nullable: true - description: |- - Progress is a pre-formatted presentation of progressDetail. - - - > **Deprecated**: This field is deprecated since API v1.8, and will be omitted in a future API version. Use the information in progressDetail instead. - progressDetail: - $ref: "#/definitions/ProgressDetail" - aux: - $ref: "#/definitions/ImageID" - - BuildCache: - type: "object" - description: | - BuildCache contains information about a build cache record. - properties: - ID: - type: "string" - description: | - Unique ID of the build cache record. - example: "ndlpt0hhvkqcdfkputsk4cq9c" - Parent: - description: | - ID of the parent build cache record. - - > **Deprecated**: This field is deprecated, and omitted if empty. - type: "string" - x-nullable: true - example: "" - Parents: - description: | - List of parent build cache record IDs. - type: "array" - items: - type: "string" - x-nullable: true - example: ["hw53o5aio51xtltp5xjp8v7fx"] - Type: - type: "string" - description: | - Cache record type. - example: "regular" - # see https://github.com/moby/buildkit/blob/fce4a32258dc9d9664f71a4831d5de10f0670677/client/diskusage.go#L75-L84 - enum: - - "internal" - - "frontend" - - "source.local" - - "source.git.checkout" - - "exec.cachemount" - - "regular" - Description: - type: "string" - description: | - Description of the build-step that produced the build cache. - example: "mount / from exec /bin/sh -c echo 'Binary::apt::APT::Keep-Downloaded-Packages \"true\";' > /etc/apt/apt.conf.d/keep-cache" - InUse: - type: "boolean" - description: | - Indicates if the build cache is in use. - example: false - Shared: - type: "boolean" - description: | - Indicates if the build cache is shared. - example: true - Size: - description: | - Amount of disk space used by the build cache (in bytes). - type: "integer" - example: 51 - CreatedAt: - description: | - Date and time at which the build cache was created in - [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds. - type: "string" - format: "dateTime" - example: "2016-08-18T10:44:24.496525531Z" - LastUsedAt: - description: | - Date and time at which the build cache was last used in - [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds. - type: "string" - format: "dateTime" - x-nullable: true - example: "2017-08-09T07:09:37.632105588Z" - UsageCount: - type: "integer" - example: 26 - - ImageID: - type: "object" - description: "Image ID or Digest" - properties: - ID: - type: "string" - example: - ID: "sha256:85f05633ddc1c50679be2b16a0479ab6f7637f8884e0cfe0f4d20e1ebb3d6e7c" - - CreateImageInfo: - type: "object" - properties: - id: - type: "string" - error: - type: "string" - x-nullable: true - description: |- - errors encountered during the operation. - - - > **Deprecated**: This field is deprecated since API v1.4, and will be omitted in a future API version. Use the information in errorDetail instead. - errorDetail: - $ref: "#/definitions/ErrorDetail" - status: - type: "string" - progress: - type: "string" - x-nullable: true - description: |- - Progress is a pre-formatted presentation of progressDetail. - - - > **Deprecated**: This field is deprecated since API v1.8, and will be omitted in a future API version. Use the information in progressDetail instead. - progressDetail: - $ref: "#/definitions/ProgressDetail" - - PushImageInfo: - type: "object" - properties: - error: - type: "string" - x-nullable: true - description: |- - errors encountered during the operation. - - - > **Deprecated**: This field is deprecated since API v1.4, and will be omitted in a future API version. Use the information in errorDetail instead. - errorDetail: - $ref: "#/definitions/ErrorDetail" - status: - type: "string" - progress: - type: "string" - x-nullable: true - description: |- - Progress is a pre-formatted presentation of progressDetail. - - - > **Deprecated**: This field is deprecated since API v1.8, and will be omitted in a future API version. Use the information in progressDetail instead. - progressDetail: - $ref: "#/definitions/ProgressDetail" - - DeviceInfo: - type: "object" - description: | - DeviceInfo represents a device that can be used by a container. - properties: - Source: - type: "string" - example: "cdi" - description: | - The origin device driver. - ID: - type: "string" - example: "vendor.com/gpu=0" - description: | - The unique identifier for the device within its source driver. - For CDI devices, this would be an FQDN like "vendor.com/gpu=0". - - ErrorDetail: - type: "object" - properties: - code: - type: "integer" - message: - type: "string" - - ProgressDetail: - type: "object" - properties: - current: - type: "integer" - total: - type: "integer" - - ErrorResponse: - description: "Represents an error." - type: "object" - required: ["message"] - properties: - message: - description: "The error message." - type: "string" - x-nullable: false - example: - message: "Something went wrong." - - IDResponse: - description: "Response to an API call that returns just an Id" - type: "object" - x-go-name: "IDResponse" - required: ["Id"] - properties: - Id: - description: "The id of the newly created object." - type: "string" - x-nullable: false - - EndpointSettings: - description: "Configuration for a network endpoint." - type: "object" - properties: - # Configurations - IPAMConfig: - $ref: "#/definitions/EndpointIPAMConfig" - Links: - type: "array" - items: - type: "string" - example: - - "container_1" - - "container_2" - MacAddress: - description: | - MAC address for the endpoint on this network. The network driver might ignore this parameter. - type: "string" - example: "02:42:ac:11:00:04" - Aliases: - type: "array" - items: - type: "string" - example: - - "server_x" - - "server_y" - DriverOpts: - description: | - DriverOpts is a mapping of driver options and values. These options - are passed directly to the driver and are driver specific. - type: "object" - x-nullable: true - additionalProperties: - type: "string" - example: - com.example.some-label: "some-value" - com.example.some-other-label: "some-other-value" - GwPriority: - description: | - This property determines which endpoint will provide the default - gateway for a container. The endpoint with the highest priority will - be used. If multiple endpoints have the same priority, endpoints are - lexicographically sorted based on their network name, and the one - that sorts first is picked. - type: "integer" - format: "int64" - example: - - 10 - - # Operational data - NetworkID: - description: | - Unique ID of the network. - type: "string" - example: "08754567f1f40222263eab4102e1c733ae697e8e354aa9cd6e18d7402835292a" - EndpointID: - description: | - Unique ID for the service endpoint in a Sandbox. - type: "string" - example: "b88f5b905aabf2893f3cbc4ee42d1ea7980bbc0a92e2c8922b1e1795298afb0b" - Gateway: - description: | - Gateway address for this network. - type: "string" - example: "172.17.0.1" - IPAddress: - description: | - IPv4 address. - type: "string" - example: "172.17.0.4" - IPPrefixLen: - description: | - Mask length of the IPv4 address. - type: "integer" - example: 16 - IPv6Gateway: - description: | - IPv6 gateway address. - type: "string" - example: "2001:db8:2::100" - GlobalIPv6Address: - description: | - Global IPv6 address. - type: "string" - example: "2001:db8::5689" - GlobalIPv6PrefixLen: - description: | - Mask length of the global IPv6 address. - type: "integer" - format: "int64" - example: 64 - DNSNames: - description: | - List of all DNS names an endpoint has on a specific network. This - list is based on the container name, network aliases, container short - ID, and hostname. - - These DNS names are non-fully qualified but can contain several dots. - You can get fully qualified DNS names by appending `.`. - For instance, if container name is `my.ctr` and the network is named - `testnet`, `DNSNames` will contain `my.ctr` and the FQDN will be - `my.ctr.testnet`. - type: array - items: - type: string - example: ["foobar", "server_x", "server_y", "my.ctr"] - - EndpointIPAMConfig: - description: | - EndpointIPAMConfig represents an endpoint's IPAM configuration. - type: "object" - x-nullable: true - properties: - IPv4Address: - type: "string" - example: "172.20.30.33" - IPv6Address: - type: "string" - example: "2001:db8:abcd::3033" - LinkLocalIPs: - type: "array" - items: - type: "string" - example: - - "169.254.34.68" - - "fe80::3468" - - PluginMount: - type: "object" - x-nullable: false - required: [Name, Description, Settable, Source, Destination, Type, Options] - properties: - Name: - type: "string" - x-nullable: false - example: "some-mount" - Description: - type: "string" - x-nullable: false - example: "This is a mount that's used by the plugin." - Settable: - type: "array" - items: - type: "string" - Source: - type: "string" - example: "/var/lib/docker/plugins/" - Destination: - type: "string" - x-nullable: false - example: "/mnt/state" - Type: - type: "string" - x-nullable: false - example: "bind" - Options: - type: "array" - items: - type: "string" - example: - - "rbind" - - "rw" - - PluginDevice: - type: "object" - required: [Name, Description, Settable, Path] - x-nullable: false - properties: - Name: - type: "string" - x-nullable: false - Description: - type: "string" - x-nullable: false - Settable: - type: "array" - items: - type: "string" - Path: - type: "string" - example: "/dev/fuse" - - PluginEnv: - type: "object" - x-nullable: false - required: [Name, Description, Settable, Value] - properties: - Name: - x-nullable: false - type: "string" - Description: - x-nullable: false - type: "string" - Settable: - type: "array" - items: - type: "string" - Value: - type: "string" - - PluginInterfaceType: - type: "object" - x-nullable: false - required: [Prefix, Capability, Version] - properties: - Prefix: - type: "string" - x-nullable: false - Capability: - type: "string" - x-nullable: false - Version: - type: "string" - x-nullable: false - - PluginPrivilege: - description: | - Describes a permission the user has to accept upon installing - the plugin. - type: "object" - x-go-name: "PluginPrivilege" - properties: - Name: - type: "string" - example: "network" - Description: - type: "string" - Value: - type: "array" - items: - type: "string" - example: - - "host" - - Plugin: - description: "A plugin for the Engine API" - type: "object" - required: [Settings, Enabled, Config, Name] - properties: - Id: - type: "string" - example: "5724e2c8652da337ab2eedd19fc6fc0ec908e4bd907c7421bf6a8dfc70c4c078" - Name: - type: "string" - x-nullable: false - example: "tiborvass/sample-volume-plugin" - Enabled: - description: - True if the plugin is running. False if the plugin is not running, - only installed. - type: "boolean" - x-nullable: false - example: true - Settings: - description: "Settings that can be modified by users." - type: "object" - x-nullable: false - required: [Args, Devices, Env, Mounts] - properties: - Mounts: - type: "array" - items: - $ref: "#/definitions/PluginMount" - Env: - type: "array" - items: - type: "string" - example: - - "DEBUG=0" - Args: - type: "array" - items: - type: "string" - Devices: - type: "array" - items: - $ref: "#/definitions/PluginDevice" - PluginReference: - description: "plugin remote reference used to push/pull the plugin" - type: "string" - x-nullable: false - example: "localhost:5000/tiborvass/sample-volume-plugin:latest" - Config: - description: "The config of a plugin." - type: "object" - x-nullable: false - required: - - Description - - Documentation - - Interface - - Entrypoint - - WorkDir - - Network - - Linux - - PidHost - - PropagatedMount - - IpcHost - - Mounts - - Env - - Args - properties: - DockerVersion: - description: |- - Docker Version used to create the plugin. - - Depending on how the plugin was created, this field may be empty or omitted. - - Deprecated: this field is no longer set, and will be removed in the next API version. - type: "string" - x-nullable: false - x-omitempty: true - Description: - type: "string" - x-nullable: false - example: "A sample volume plugin for Docker" - Documentation: - type: "string" - x-nullable: false - example: "https://docs.docker.com/engine/extend/plugins/" - Interface: - description: "The interface between Docker and the plugin" - x-nullable: false - type: "object" - required: [Types, Socket] - properties: - Types: - type: "array" - items: - $ref: "#/definitions/PluginInterfaceType" - example: - - "docker.volumedriver/1.0" - Socket: - type: "string" - x-nullable: false - example: "plugins.sock" - ProtocolScheme: - type: "string" - example: "some.protocol/v1.0" - description: "Protocol to use for clients connecting to the plugin." - enum: - - "" - - "moby.plugins.http/v1" - Entrypoint: - type: "array" - items: - type: "string" - example: - - "/usr/bin/sample-volume-plugin" - - "/data" - WorkDir: - type: "string" - x-nullable: false - example: "/bin/" - User: - type: "object" - x-nullable: false - properties: - UID: - type: "integer" - format: "uint32" - example: 1000 - GID: - type: "integer" - format: "uint32" - example: 1000 - Network: - type: "object" - x-nullable: false - required: [Type] - properties: - Type: - x-nullable: false - type: "string" - example: "host" - Linux: - type: "object" - x-nullable: false - required: [Capabilities, AllowAllDevices, Devices] - properties: - Capabilities: - type: "array" - items: - type: "string" - example: - - "CAP_SYS_ADMIN" - - "CAP_SYSLOG" - AllowAllDevices: - type: "boolean" - x-nullable: false - example: false - Devices: - type: "array" - items: - $ref: "#/definitions/PluginDevice" - PropagatedMount: - type: "string" - x-nullable: false - example: "/mnt/volumes" - IpcHost: - type: "boolean" - x-nullable: false - example: false - PidHost: - type: "boolean" - x-nullable: false - example: false - Mounts: - type: "array" - items: - $ref: "#/definitions/PluginMount" - Env: - type: "array" - items: - $ref: "#/definitions/PluginEnv" - example: - - Name: "DEBUG" - Description: "If set, prints debug messages" - Settable: null - Value: "0" - Args: - type: "object" - x-nullable: false - required: [Name, Description, Settable, Value] - properties: - Name: - x-nullable: false - type: "string" - example: "args" - Description: - x-nullable: false - type: "string" - example: "command line arguments" - Settable: - type: "array" - items: - type: "string" - Value: - type: "array" - items: - type: "string" - rootfs: - type: "object" - properties: - type: - type: "string" - example: "layers" - diff_ids: - type: "array" - items: - type: "string" - example: - - "sha256:675532206fbf3030b8458f88d6e26d4eb1577688a25efec97154c94e8b6b4887" - - "sha256:e216a057b1cb1efc11f8a268f37ef62083e70b1b38323ba252e25ac88904a7e8" - - ObjectVersion: - description: | - The version number of the object such as node, service, etc. This is needed - to avoid conflicting writes. The client must send the version number along - with the modified specification when updating these objects. - - This approach ensures safe concurrency and determinism in that the change - on the object may not be applied if the version number has changed from the - last read. In other words, if two update requests specify the same base - version, only one of the requests can succeed. As a result, two separate - update requests that happen at the same time will not unintentionally - overwrite each other. - type: "object" - properties: - Index: - type: "integer" - format: "uint64" - example: 373531 - - NodeSpec: - type: "object" - properties: - Name: - description: "Name for the node." - type: "string" - example: "my-node" - Labels: - description: "User-defined key/value metadata." - type: "object" - additionalProperties: - type: "string" - Role: - description: "Role of the node." - type: "string" - enum: - - "worker" - - "manager" - example: "manager" - Availability: - description: "Availability of the node." - type: "string" - enum: - - "active" - - "pause" - - "drain" - example: "active" - example: - Availability: "active" - Name: "node-name" - Role: "manager" - Labels: - foo: "bar" - - Node: - type: "object" - properties: - ID: - type: "string" - example: "24ifsmvkjbyhk" - Version: - $ref: "#/definitions/ObjectVersion" - CreatedAt: - description: | - Date and time at which the node was added to the swarm in - [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds. - type: "string" - format: "dateTime" - example: "2016-08-18T10:44:24.496525531Z" - UpdatedAt: - description: | - Date and time at which the node was last updated in - [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds. - type: "string" - format: "dateTime" - example: "2017-08-09T07:09:37.632105588Z" - Spec: - $ref: "#/definitions/NodeSpec" - Description: - $ref: "#/definitions/NodeDescription" - Status: - $ref: "#/definitions/NodeStatus" - ManagerStatus: - $ref: "#/definitions/ManagerStatus" - - NodeDescription: - description: | - NodeDescription encapsulates the properties of the Node as reported by the - agent. - type: "object" - properties: - Hostname: - type: "string" - example: "bf3067039e47" - Platform: - $ref: "#/definitions/Platform" - Resources: - $ref: "#/definitions/ResourceObject" - Engine: - $ref: "#/definitions/EngineDescription" - TLSInfo: - $ref: "#/definitions/TLSInfo" - - Platform: - description: | - Platform represents the platform (Arch/OS). - type: "object" - properties: - Architecture: - description: | - Architecture represents the hardware architecture (for example, - `x86_64`). - type: "string" - example: "x86_64" - OS: - description: | - OS represents the Operating System (for example, `linux` or `windows`). - type: "string" - example: "linux" - - EngineDescription: - description: "EngineDescription provides information about an engine." - type: "object" - properties: - EngineVersion: - type: "string" - example: "17.06.0" - Labels: - type: "object" - additionalProperties: - type: "string" - example: - foo: "bar" - Plugins: - type: "array" - items: - type: "object" - properties: - Type: - type: "string" - Name: - type: "string" - example: - - Type: "Log" - Name: "awslogs" - - Type: "Log" - Name: "fluentd" - - Type: "Log" - Name: "gcplogs" - - Type: "Log" - Name: "gelf" - - Type: "Log" - Name: "journald" - - Type: "Log" - Name: "json-file" - - Type: "Log" - Name: "splunk" - - Type: "Log" - Name: "syslog" - - Type: "Network" - Name: "bridge" - - Type: "Network" - Name: "host" - - Type: "Network" - Name: "ipvlan" - - Type: "Network" - Name: "macvlan" - - Type: "Network" - Name: "null" - - Type: "Network" - Name: "overlay" - - Type: "Volume" - Name: "local" - - Type: "Volume" - Name: "localhost:5000/vieux/sshfs:latest" - - Type: "Volume" - Name: "vieux/sshfs:latest" - - TLSInfo: - description: | - Information about the issuer of leaf TLS certificates and the trusted root - CA certificate. - type: "object" - properties: - TrustRoot: - description: | - The root CA certificate(s) that are used to validate leaf TLS - certificates. - type: "string" - CertIssuerSubject: - description: - The base64-url-safe-encoded raw subject bytes of the issuer. - type: "string" - CertIssuerPublicKey: - description: | - The base64-url-safe-encoded raw public key bytes of the issuer. - type: "string" - example: - TrustRoot: | - -----BEGIN CERTIFICATE----- - MIIBajCCARCgAwIBAgIUbYqrLSOSQHoxD8CwG6Bi2PJi9c8wCgYIKoZIzj0EAwIw - EzERMA8GA1UEAxMIc3dhcm0tY2EwHhcNMTcwNDI0MjE0MzAwWhcNMzcwNDE5MjE0 - MzAwWjATMREwDwYDVQQDEwhzd2FybS1jYTBZMBMGByqGSM49AgEGCCqGSM49AwEH - A0IABJk/VyMPYdaqDXJb/VXh5n/1Yuv7iNrxV3Qb3l06XD46seovcDWs3IZNV1lf - 3Skyr0ofcchipoiHkXBODojJydSjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMB - Af8EBTADAQH/MB0GA1UdDgQWBBRUXxuRcnFjDfR/RIAUQab8ZV/n4jAKBggqhkjO - PQQDAgNIADBFAiAy+JTe6Uc3KyLCMiqGl2GyWGQqQDEcO3/YG36x7om65AIhAJvz - pxv6zFeVEkAEEkqIYi0omA9+CjanB/6Bz4n1uw8H - -----END CERTIFICATE----- - CertIssuerSubject: "MBMxETAPBgNVBAMTCHN3YXJtLWNh" - CertIssuerPublicKey: "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEmT9XIw9h1qoNclv9VeHmf/Vi6/uI2vFXdBveXTpcPjqx6i9wNazchk1XWV/dKTKvSh9xyGKmiIeRcE4OiMnJ1A==" - - NodeStatus: - description: | - NodeStatus represents the status of a node. - - It provides the current status of the node, as seen by the manager. - type: "object" - properties: - State: - $ref: "#/definitions/NodeState" - Message: - type: "string" - example: "" - Addr: - description: "IP address of the node." - type: "string" - example: "172.17.0.2" - - NodeState: - description: "NodeState represents the state of a node." - type: "string" - enum: - - "unknown" - - "down" - - "ready" - - "disconnected" - example: "ready" - - ManagerStatus: - description: | - ManagerStatus represents the status of a manager. - - It provides the current status of a node's manager component, if the node - is a manager. - x-nullable: true - type: "object" - properties: - Leader: - type: "boolean" - default: false - example: true - Reachability: - $ref: "#/definitions/Reachability" - Addr: - description: | - The IP address and port at which the manager is reachable. - type: "string" - example: "10.0.0.46:2377" - - Reachability: - description: "Reachability represents the reachability of a node." - type: "string" - enum: - - "unknown" - - "unreachable" - - "reachable" - example: "reachable" - - SwarmSpec: - description: "User modifiable swarm configuration." - type: "object" - properties: - Name: - description: "Name of the swarm." - type: "string" - example: "default" - Labels: - description: "User-defined key/value metadata." - type: "object" - additionalProperties: - type: "string" - example: - com.example.corp.type: "production" - com.example.corp.department: "engineering" - Orchestration: - description: "Orchestration configuration." - type: "object" - x-nullable: true - properties: - TaskHistoryRetentionLimit: - description: | - The number of historic tasks to keep per instance or node. If - negative, never remove completed or failed tasks. - type: "integer" - format: "int64" - example: 10 - Raft: - description: "Raft configuration." - type: "object" - properties: - SnapshotInterval: - description: "The number of log entries between snapshots." - type: "integer" - format: "uint64" - example: 10000 - KeepOldSnapshots: - description: | - The number of snapshots to keep beyond the current snapshot. - type: "integer" - format: "uint64" - LogEntriesForSlowFollowers: - description: | - The number of log entries to keep around to sync up slow followers - after a snapshot is created. - type: "integer" - format: "uint64" - example: 500 - ElectionTick: - description: | - The number of ticks that a follower will wait for a message from - the leader before becoming a candidate and starting an election. - `ElectionTick` must be greater than `HeartbeatTick`. - - A tick currently defaults to one second, so these translate - directly to seconds currently, but this is NOT guaranteed. - type: "integer" - example: 3 - HeartbeatTick: - description: | - The number of ticks between heartbeats. Every HeartbeatTick ticks, - the leader will send a heartbeat to the followers. - - A tick currently defaults to one second, so these translate - directly to seconds currently, but this is NOT guaranteed. - type: "integer" - example: 1 - Dispatcher: - description: "Dispatcher configuration." - type: "object" - x-nullable: true - properties: - HeartbeatPeriod: - description: | - The delay for an agent to send a heartbeat to the dispatcher. - type: "integer" - format: "int64" - example: 5000000000 - CAConfig: - description: "CA configuration." - type: "object" - x-nullable: true - properties: - NodeCertExpiry: - description: "The duration node certificates are issued for." - type: "integer" - format: "int64" - example: 7776000000000000 - ExternalCAs: - description: | - Configuration for forwarding signing requests to an external - certificate authority. - type: "array" - items: - type: "object" - properties: - Protocol: - description: | - Protocol for communication with the external CA (currently - only `cfssl` is supported). - type: "string" - enum: - - "cfssl" - default: "cfssl" - URL: - description: | - URL where certificate signing requests should be sent. - type: "string" - Options: - description: | - An object with key/value pairs that are interpreted as - protocol-specific options for the external CA driver. - type: "object" - additionalProperties: - type: "string" - CACert: - description: | - The root CA certificate (in PEM format) this external CA uses - to issue TLS certificates (assumed to be to the current swarm - root CA certificate if not provided). - type: "string" - SigningCACert: - description: | - The desired signing CA certificate for all swarm node TLS leaf - certificates, in PEM format. - type: "string" - SigningCAKey: - description: | - The desired signing CA key for all swarm node TLS leaf certificates, - in PEM format. - type: "string" - ForceRotate: - description: | - An integer whose purpose is to force swarm to generate a new - signing CA certificate and key, if none have been specified in - `SigningCACert` and `SigningCAKey` - format: "uint64" - type: "integer" - EncryptionConfig: - description: "Parameters related to encryption-at-rest." - type: "object" - properties: - AutoLockManagers: - description: | - If set, generate a key and use it to lock data stored on the - managers. - type: "boolean" - example: false - TaskDefaults: - description: "Defaults for creating tasks in this cluster." - type: "object" - properties: - LogDriver: - description: | - The log driver to use for tasks created in the orchestrator if - unspecified by a service. - - Updating this value only affects new tasks. Existing tasks continue - to use their previously configured log driver until recreated. - type: "object" - properties: - Name: - description: | - The log driver to use as a default for new tasks. - type: "string" - example: "json-file" - Options: - description: | - Driver-specific options for the selected log driver, specified - as key/value pairs. - type: "object" - additionalProperties: - type: "string" - example: - "max-file": "10" - "max-size": "100m" - - # The Swarm information for `GET /info`. It is the same as `GET /swarm`, but - # without `JoinTokens`. - ClusterInfo: - description: | - ClusterInfo represents information about the swarm as is returned by the - "/info" endpoint. Join-tokens are not included. - x-nullable: true - type: "object" - properties: - ID: - description: "The ID of the swarm." - type: "string" - example: "abajmipo7b4xz5ip2nrla6b11" - Version: - $ref: "#/definitions/ObjectVersion" - CreatedAt: - description: | - Date and time at which the swarm was initialised in - [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds. - type: "string" - format: "dateTime" - example: "2016-08-18T10:44:24.496525531Z" - UpdatedAt: - description: | - Date and time at which the swarm was last updated in - [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds. - type: "string" - format: "dateTime" - example: "2017-08-09T07:09:37.632105588Z" - Spec: - $ref: "#/definitions/SwarmSpec" - TLSInfo: - $ref: "#/definitions/TLSInfo" - RootRotationInProgress: - description: | - Whether there is currently a root CA rotation in progress for the swarm - type: "boolean" - example: false - DataPathPort: - description: | - DataPathPort specifies the data path port number for data traffic. - Acceptable port range is 1024 to 49151. - If no port is set or is set to 0, the default port (4789) is used. - type: "integer" - format: "uint32" - default: 4789 - example: 4789 - DefaultAddrPool: - description: | - Default Address Pool specifies default subnet pools for global scope - networks. - type: "array" - items: - type: "string" - format: "CIDR" - example: ["10.10.0.0/16", "20.20.0.0/16"] - SubnetSize: - description: | - SubnetSize specifies the subnet size of the networks created from the - default subnet pool. - type: "integer" - format: "uint32" - maximum: 29 - default: 24 - example: 24 - - JoinTokens: - description: | - JoinTokens contains the tokens workers and managers need to join the swarm. - type: "object" - properties: - Worker: - description: | - The token workers can use to join the swarm. - type: "string" - example: "SWMTKN-1-3pu6hszjas19xyp7ghgosyx9k8atbfcr8p2is99znpy26u2lkl-1awxwuwd3z9j1z3puu7rcgdbx" - Manager: - description: | - The token managers can use to join the swarm. - type: "string" - example: "SWMTKN-1-3pu6hszjas19xyp7ghgosyx9k8atbfcr8p2is99znpy26u2lkl-7p73s1dx5in4tatdymyhg9hu2" - - Swarm: - type: "object" - allOf: - - $ref: "#/definitions/ClusterInfo" - - type: "object" - properties: - JoinTokens: - $ref: "#/definitions/JoinTokens" - - TaskSpec: - description: "User modifiable task configuration." - type: "object" - properties: - PluginSpec: - type: "object" - description: | - Plugin spec for the service. *(Experimental release only.)* - -


- - > **Note**: ContainerSpec, NetworkAttachmentSpec, and PluginSpec are - > mutually exclusive. PluginSpec is only used when the Runtime field - > is set to `plugin`. NetworkAttachmentSpec is used when the Runtime - > field is set to `attachment`. - properties: - Name: - description: "The name or 'alias' to use for the plugin." - type: "string" - Remote: - description: "The plugin image reference to use." - type: "string" - Disabled: - description: "Disable the plugin once scheduled." - type: "boolean" - PluginPrivilege: - type: "array" - items: - $ref: "#/definitions/PluginPrivilege" - ContainerSpec: - type: "object" - description: | - Container spec for the service. - -


- - > **Note**: ContainerSpec, NetworkAttachmentSpec, and PluginSpec are - > mutually exclusive. PluginSpec is only used when the Runtime field - > is set to `plugin`. NetworkAttachmentSpec is used when the Runtime - > field is set to `attachment`. - properties: - Image: - description: "The image name to use for the container" - type: "string" - Labels: - description: "User-defined key/value data." - type: "object" - additionalProperties: - type: "string" - Command: - description: "The command to be run in the image." - type: "array" - items: - type: "string" - Args: - description: "Arguments to the command." - type: "array" - items: - type: "string" - Hostname: - description: | - The hostname to use for the container, as a valid - [RFC 1123](https://tools.ietf.org/html/rfc1123) hostname. - type: "string" - Env: - description: | - A list of environment variables in the form `VAR=value`. - type: "array" - items: - type: "string" - Dir: - description: "The working directory for commands to run in." - type: "string" - User: - description: "The user inside the container." - type: "string" - Groups: - type: "array" - description: | - A list of additional groups that the container process will run as. - items: - type: "string" - Privileges: - type: "object" - description: "Security options for the container" - properties: - CredentialSpec: - type: "object" - description: "CredentialSpec for managed service account (Windows only)" - properties: - Config: - type: "string" - example: "0bt9dmxjvjiqermk6xrop3ekq" - description: | - Load credential spec from a Swarm Config with the given ID. - The specified config must also be present in the Configs - field with the Runtime property set. - -


- - - > **Note**: `CredentialSpec.File`, `CredentialSpec.Registry`, - > and `CredentialSpec.Config` are mutually exclusive. - File: - type: "string" - example: "spec.json" - description: | - Load credential spec from this file. The file is read by - the daemon, and must be present in the `CredentialSpecs` - subdirectory in the docker data directory, which defaults - to `C:\ProgramData\Docker\` on Windows. - - For example, specifying `spec.json` loads - `C:\ProgramData\Docker\CredentialSpecs\spec.json`. - -


- - > **Note**: `CredentialSpec.File`, `CredentialSpec.Registry`, - > and `CredentialSpec.Config` are mutually exclusive. - Registry: - type: "string" - description: | - Load credential spec from this value in the Windows - registry. The specified registry value must be located in: - - `HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization\Containers\CredentialSpecs` - -


- - - > **Note**: `CredentialSpec.File`, `CredentialSpec.Registry`, - > and `CredentialSpec.Config` are mutually exclusive. - SELinuxContext: - type: "object" - description: "SELinux labels of the container" - properties: - Disable: - type: "boolean" - description: "Disable SELinux" - User: - type: "string" - description: "SELinux user label" - Role: - type: "string" - description: "SELinux role label" - Type: - type: "string" - description: "SELinux type label" - Level: - type: "string" - description: "SELinux level label" - Seccomp: - type: "object" - description: "Options for configuring seccomp on the container" - properties: - Mode: - type: "string" - enum: - - "default" - - "unconfined" - - "custom" - Profile: - description: "The custom seccomp profile as a json object" - type: "string" - AppArmor: - type: "object" - description: "Options for configuring AppArmor on the container" - properties: - Mode: - type: "string" - enum: - - "default" - - "disabled" - NoNewPrivileges: - type: "boolean" - description: "Configuration of the no_new_privs bit in the container" - - TTY: - description: "Whether a pseudo-TTY should be allocated." - type: "boolean" - OpenStdin: - description: "Open `stdin`" - type: "boolean" - ReadOnly: - description: "Mount the container's root filesystem as read only." - type: "boolean" - Mounts: - description: | - Specification for mounts to be added to containers created as part - of the service. - type: "array" - items: - $ref: "#/definitions/Mount" - StopSignal: - description: "Signal to stop the container." - type: "string" - StopGracePeriod: - description: | - Amount of time to wait for the container to terminate before - forcefully killing it. - type: "integer" - format: "int64" - HealthCheck: - $ref: "#/definitions/HealthConfig" - Hosts: - type: "array" - description: | - A list of hostname/IP mappings to add to the container's `hosts` - file. The format of extra hosts is specified in the - [hosts(5)](http://man7.org/linux/man-pages/man5/hosts.5.html) - man page: - - IP_address canonical_hostname [aliases...] - items: - type: "string" - DNSConfig: - description: | - Specification for DNS related configurations in resolver configuration - file (`resolv.conf`). - type: "object" - properties: - Nameservers: - description: "The IP addresses of the name servers." - type: "array" - items: - type: "string" - Search: - description: "A search list for host-name lookup." - type: "array" - items: - type: "string" - Options: - description: | - A list of internal resolver variables to be modified (e.g., - `debug`, `ndots:3`, etc.). - type: "array" - items: - type: "string" - Secrets: - description: | - Secrets contains references to zero or more secrets that will be - exposed to the service. - type: "array" - items: - type: "object" - properties: - File: - description: | - File represents a specific target that is backed by a file. - type: "object" - properties: - Name: - description: | - Name represents the final filename in the filesystem. - type: "string" - UID: - description: "UID represents the file UID." - type: "string" - GID: - description: "GID represents the file GID." - type: "string" - Mode: - description: "Mode represents the FileMode of the file." - type: "integer" - format: "uint32" - SecretID: - description: | - SecretID represents the ID of the specific secret that we're - referencing. - type: "string" - SecretName: - description: | - SecretName is the name of the secret that this references, - but this is just provided for lookup/display purposes. The - secret in the reference will be identified by its ID. - type: "string" - OomScoreAdj: - type: "integer" - format: "int64" - description: | - An integer value containing the score given to the container in - order to tune OOM killer preferences. - example: 0 - Configs: - description: | - Configs contains references to zero or more configs that will be - exposed to the service. - type: "array" - items: - type: "object" - properties: - File: - description: | - File represents a specific target that is backed by a file. - -


- - > **Note**: `Configs.File` and `Configs.Runtime` are mutually exclusive - type: "object" - properties: - Name: - description: | - Name represents the final filename in the filesystem. - type: "string" - UID: - description: "UID represents the file UID." - type: "string" - GID: - description: "GID represents the file GID." - type: "string" - Mode: - description: "Mode represents the FileMode of the file." - type: "integer" - format: "uint32" - Runtime: - description: | - Runtime represents a target that is not mounted into the - container but is used by the task - -


- - > **Note**: `Configs.File` and `Configs.Runtime` are mutually - > exclusive - type: "object" - ConfigID: - description: | - ConfigID represents the ID of the specific config that we're - referencing. - type: "string" - ConfigName: - description: | - ConfigName is the name of the config that this references, - but this is just provided for lookup/display purposes. The - config in the reference will be identified by its ID. - type: "string" - Isolation: - type: "string" - description: | - Isolation technology of the containers running the service. - (Windows only) - enum: - - "default" - - "process" - - "hyperv" - - "" - Init: - description: | - Run an init inside the container that forwards signals and reaps - processes. This field is omitted if empty, and the default (as - configured on the daemon) is used. - type: "boolean" - x-nullable: true - Sysctls: - description: | - Set kernel namedspaced parameters (sysctls) in the container. - The Sysctls option on services accepts the same sysctls as the - are supported on containers. Note that while the same sysctls are - supported, no guarantees or checks are made about their - suitability for a clustered environment, and it's up to the user - to determine whether a given sysctl will work properly in a - Service. - type: "object" - additionalProperties: - type: "string" - # This option is not used by Windows containers - CapabilityAdd: - type: "array" - description: | - A list of kernel capabilities to add to the default set - for the container. - items: - type: "string" - example: - - "CAP_NET_RAW" - - "CAP_SYS_ADMIN" - - "CAP_SYS_CHROOT" - - "CAP_SYSLOG" - CapabilityDrop: - type: "array" - description: | - A list of kernel capabilities to drop from the default set - for the container. - items: - type: "string" - example: - - "CAP_NET_RAW" - Ulimits: - description: | - A list of resource limits to set in the container. For example: `{"Name": "nofile", "Soft": 1024, "Hard": 2048}`" - type: "array" - items: - type: "object" - properties: - Name: - description: "Name of ulimit" - type: "string" - Soft: - description: "Soft limit" - type: "integer" - Hard: - description: "Hard limit" - type: "integer" - NetworkAttachmentSpec: - description: | - Read-only spec type for non-swarm containers attached to swarm overlay - networks. - -


- - > **Note**: ContainerSpec, NetworkAttachmentSpec, and PluginSpec are - > mutually exclusive. PluginSpec is only used when the Runtime field - > is set to `plugin`. NetworkAttachmentSpec is used when the Runtime - > field is set to `attachment`. - type: "object" - properties: - ContainerID: - description: "ID of the container represented by this task" - type: "string" - Resources: - description: | - Resource requirements which apply to each individual container created - as part of the service. - type: "object" - properties: - Limits: - description: "Define resources limits." - $ref: "#/definitions/Limit" - Reservations: - description: "Define resources reservation." - $ref: "#/definitions/ResourceObject" - RestartPolicy: - description: | - Specification for the restart policy which applies to containers - created as part of this service. - type: "object" - properties: - Condition: - description: "Condition for restart." - type: "string" - enum: - - "none" - - "on-failure" - - "any" - Delay: - description: "Delay between restart attempts." - type: "integer" - format: "int64" - MaxAttempts: - description: | - Maximum attempts to restart a given container before giving up - (default value is 0, which is ignored). - type: "integer" - format: "int64" - default: 0 - Window: - description: | - Windows is the time window used to evaluate the restart policy - (default value is 0, which is unbounded). - type: "integer" - format: "int64" - default: 0 - Placement: - type: "object" - properties: - Constraints: - description: | - An array of constraint expressions to limit the set of nodes where - a task can be scheduled. Constraint expressions can either use a - _match_ (`==`) or _exclude_ (`!=`) rule. Multiple constraints find - nodes that satisfy every expression (AND match). Constraints can - match node or Docker Engine labels as follows: - - node attribute | matches | example - ---------------------|--------------------------------|----------------------------------------------- - `node.id` | Node ID | `node.id==2ivku8v2gvtg4` - `node.hostname` | Node hostname | `node.hostname!=node-2` - `node.role` | Node role (`manager`/`worker`) | `node.role==manager` - `node.platform.os` | Node operating system | `node.platform.os==windows` - `node.platform.arch` | Node architecture | `node.platform.arch==x86_64` - `node.labels` | User-defined node labels | `node.labels.security==high` - `engine.labels` | Docker Engine's labels | `engine.labels.operatingsystem==ubuntu-24.04` - - `engine.labels` apply to Docker Engine labels like operating system, - drivers, etc. Swarm administrators add `node.labels` for operational - purposes by using the [`node update endpoint`](#operation/NodeUpdate). - - type: "array" - items: - type: "string" - example: - - "node.hostname!=node3.corp.example.com" - - "node.role!=manager" - - "node.labels.type==production" - - "node.platform.os==linux" - - "node.platform.arch==x86_64" - Preferences: - description: | - Preferences provide a way to make the scheduler aware of factors - such as topology. They are provided in order from highest to - lowest precedence. - type: "array" - items: - type: "object" - properties: - Spread: - type: "object" - properties: - SpreadDescriptor: - description: | - label descriptor, such as `engine.labels.az`. - type: "string" - example: - - Spread: - SpreadDescriptor: "node.labels.datacenter" - - Spread: - SpreadDescriptor: "node.labels.rack" - MaxReplicas: - description: | - Maximum number of replicas for per node (default value is 0, which - is unlimited) - type: "integer" - format: "int64" - default: 0 - Platforms: - description: | - Platforms stores all the platforms that the service's image can - run on. This field is used in the platform filter for scheduling. - If empty, then the platform filter is off, meaning there are no - scheduling restrictions. - type: "array" - items: - $ref: "#/definitions/Platform" - ForceUpdate: - description: | - A counter that triggers an update even if no relevant parameters have - been changed. - type: "integer" - format: "uint64" - Runtime: - description: | - Runtime is the type of runtime specified for the task executor. - type: "string" - Networks: - description: "Specifies which networks the service should attach to." - type: "array" - items: - $ref: "#/definitions/NetworkAttachmentConfig" - LogDriver: - description: | - Specifies the log driver to use for tasks created from this spec. If - not present, the default one for the swarm will be used, finally - falling back to the engine default if not specified. - type: "object" - properties: - Name: - type: "string" - Options: - type: "object" - additionalProperties: - type: "string" - - TaskState: - type: "string" - enum: - - "new" - - "allocated" - - "pending" - - "assigned" - - "accepted" - - "preparing" - - "ready" - - "starting" - - "running" - - "complete" - - "shutdown" - - "failed" - - "rejected" - - "remove" - - "orphaned" - - ContainerStatus: - type: "object" - description: "represents the status of a container." - properties: - ContainerID: - type: "string" - PID: - type: "integer" - ExitCode: - type: "integer" - - PortStatus: - type: "object" - description: "represents the port status of a task's host ports whose service has published host ports" - properties: - Ports: - type: "array" - items: - $ref: "#/definitions/EndpointPortConfig" - - TaskStatus: - type: "object" - description: "represents the status of a task." - properties: - Timestamp: - type: "string" - format: "dateTime" - State: - $ref: "#/definitions/TaskState" - Message: - type: "string" - Err: - type: "string" - ContainerStatus: - $ref: "#/definitions/ContainerStatus" - PortStatus: - $ref: "#/definitions/PortStatus" - - Task: - type: "object" - properties: - ID: - description: "The ID of the task." - type: "string" - Version: - $ref: "#/definitions/ObjectVersion" - CreatedAt: - type: "string" - format: "dateTime" - UpdatedAt: - type: "string" - format: "dateTime" - Name: - description: "Name of the task." - type: "string" - Labels: - description: "User-defined key/value metadata." - type: "object" - additionalProperties: - type: "string" - Spec: - $ref: "#/definitions/TaskSpec" - ServiceID: - description: "The ID of the service this task is part of." - type: "string" - Slot: - type: "integer" - NodeID: - description: "The ID of the node that this task is on." - type: "string" - AssignedGenericResources: - $ref: "#/definitions/GenericResources" - Status: - $ref: "#/definitions/TaskStatus" - DesiredState: - $ref: "#/definitions/TaskState" - JobIteration: - description: | - If the Service this Task belongs to is a job-mode service, contains - the JobIteration of the Service this Task was created for. Absent if - the Task was created for a Replicated or Global Service. - $ref: "#/definitions/ObjectVersion" - example: - ID: "0kzzo1i0y4jz6027t0k7aezc7" - Version: - Index: 71 - CreatedAt: "2016-06-07T21:07:31.171892745Z" - UpdatedAt: "2016-06-07T21:07:31.376370513Z" - Spec: - ContainerSpec: - Image: "redis" - Resources: - Limits: {} - Reservations: {} - RestartPolicy: - Condition: "any" - MaxAttempts: 0 - Placement: {} - ServiceID: "9mnpnzenvg8p8tdbtq4wvbkcz" - Slot: 1 - NodeID: "60gvrl6tm78dmak4yl7srz94v" - Status: - Timestamp: "2016-06-07T21:07:31.290032978Z" - State: "running" - Message: "started" - ContainerStatus: - ContainerID: "e5d62702a1b48d01c3e02ca1e0212a250801fa8d67caca0b6f35919ebc12f035" - PID: 677 - DesiredState: "running" - NetworksAttachments: - - Network: - ID: "4qvuz4ko70xaltuqbt8956gd1" - Version: - Index: 18 - CreatedAt: "2016-06-07T20:31:11.912919752Z" - UpdatedAt: "2016-06-07T21:07:29.955277358Z" - Spec: - Name: "ingress" - Labels: - com.docker.swarm.internal: "true" - DriverConfiguration: {} - IPAMOptions: - Driver: {} - Configs: - - Subnet: "10.255.0.0/16" - Gateway: "10.255.0.1" - DriverState: - Name: "overlay" - Options: - com.docker.network.driver.overlay.vxlanid_list: "256" - IPAMOptions: - Driver: - Name: "default" - Configs: - - Subnet: "10.255.0.0/16" - Gateway: "10.255.0.1" - Addresses: - - "10.255.0.10/16" - AssignedGenericResources: - - DiscreteResourceSpec: - Kind: "SSD" - Value: 3 - - NamedResourceSpec: - Kind: "GPU" - Value: "UUID1" - - NamedResourceSpec: - Kind: "GPU" - Value: "UUID2" - - ServiceSpec: - description: "User modifiable configuration for a service." - type: object - properties: - Name: - description: "Name of the service." - type: "string" - Labels: - description: "User-defined key/value metadata." - type: "object" - additionalProperties: - type: "string" - TaskTemplate: - $ref: "#/definitions/TaskSpec" - Mode: - description: "Scheduling mode for the service." - type: "object" - properties: - Replicated: - type: "object" - properties: - Replicas: - type: "integer" - format: "int64" - Global: - type: "object" - ReplicatedJob: - description: | - The mode used for services with a finite number of tasks that run - to a completed state. - type: "object" - properties: - MaxConcurrent: - description: | - The maximum number of replicas to run simultaneously. - type: "integer" - format: "int64" - default: 1 - TotalCompletions: - description: | - The total number of replicas desired to reach the Completed - state. If unset, will default to the value of `MaxConcurrent` - type: "integer" - format: "int64" - GlobalJob: - description: | - The mode used for services which run a task to the completed state - on each valid node. - type: "object" - UpdateConfig: - description: "Specification for the update strategy of the service." - type: "object" - properties: - Parallelism: - description: | - Maximum number of tasks to be updated in one iteration (0 means - unlimited parallelism). - type: "integer" - format: "int64" - Delay: - description: "Amount of time between updates, in nanoseconds." - type: "integer" - format: "int64" - FailureAction: - description: | - Action to take if an updated task fails to run, or stops running - during the update. - type: "string" - enum: - - "continue" - - "pause" - - "rollback" - Monitor: - description: | - Amount of time to monitor each updated task for failures, in - nanoseconds. - type: "integer" - format: "int64" - MaxFailureRatio: - description: | - The fraction of tasks that may fail during an update before the - failure action is invoked, specified as a floating point number - between 0 and 1. - type: "number" - default: 0 - Order: - description: | - The order of operations when rolling out an updated task. Either - the old task is shut down before the new task is started, or the - new task is started before the old task is shut down. - type: "string" - enum: - - "stop-first" - - "start-first" - RollbackConfig: - description: "Specification for the rollback strategy of the service." - type: "object" - properties: - Parallelism: - description: | - Maximum number of tasks to be rolled back in one iteration (0 means - unlimited parallelism). - type: "integer" - format: "int64" - Delay: - description: | - Amount of time between rollback iterations, in nanoseconds. - type: "integer" - format: "int64" - FailureAction: - description: | - Action to take if an rolled back task fails to run, or stops - running during the rollback. - type: "string" - enum: - - "continue" - - "pause" - Monitor: - description: | - Amount of time to monitor each rolled back task for failures, in - nanoseconds. - type: "integer" - format: "int64" - MaxFailureRatio: - description: | - The fraction of tasks that may fail during a rollback before the - failure action is invoked, specified as a floating point number - between 0 and 1. - type: "number" - default: 0 - Order: - description: | - The order of operations when rolling back a task. Either the old - task is shut down before the new task is started, or the new task - is started before the old task is shut down. - type: "string" - enum: - - "stop-first" - - "start-first" - Networks: - description: | - Specifies which networks the service should attach to. - - Deprecated: This field is deprecated since v1.44. The Networks field in TaskSpec should be used instead. - type: "array" - items: - $ref: "#/definitions/NetworkAttachmentConfig" - - EndpointSpec: - $ref: "#/definitions/EndpointSpec" - - EndpointPortConfig: - type: "object" - properties: - Name: - type: "string" - Protocol: - type: "string" - enum: - - "tcp" - - "udp" - - "sctp" - TargetPort: - description: "The port inside the container." - type: "integer" - PublishedPort: - description: "The port on the swarm hosts." - type: "integer" - PublishMode: - description: | - The mode in which port is published. - -


- - - "ingress" makes the target port accessible on every node, - regardless of whether there is a task for the service running on - that node or not. - - "host" bypasses the routing mesh and publish the port directly on - the swarm node where that service is running. - - type: "string" - enum: - - "ingress" - - "host" - default: "ingress" - example: "ingress" - - EndpointSpec: - description: "Properties that can be configured to access and load balance a service." - type: "object" - properties: - Mode: - description: | - The mode of resolution to use for internal load balancing between tasks. - type: "string" - enum: - - "vip" - - "dnsrr" - default: "vip" - Ports: - description: | - List of exposed ports that this service is accessible on from the - outside. Ports can only be provided if `vip` resolution mode is used. - type: "array" - items: - $ref: "#/definitions/EndpointPortConfig" - - Service: - type: "object" - properties: - ID: - type: "string" - Version: - $ref: "#/definitions/ObjectVersion" - CreatedAt: - type: "string" - format: "dateTime" - UpdatedAt: - type: "string" - format: "dateTime" - Spec: - $ref: "#/definitions/ServiceSpec" - Endpoint: - type: "object" - properties: - Spec: - $ref: "#/definitions/EndpointSpec" - Ports: - type: "array" - items: - $ref: "#/definitions/EndpointPortConfig" - VirtualIPs: - type: "array" - items: - type: "object" - properties: - NetworkID: - type: "string" - Addr: - type: "string" - UpdateStatus: - description: "The status of a service update." - type: "object" - properties: - State: - type: "string" - enum: - - "updating" - - "paused" - - "completed" - StartedAt: - type: "string" - format: "dateTime" - CompletedAt: - type: "string" - format: "dateTime" - Message: - type: "string" - ServiceStatus: - description: | - The status of the service's tasks. Provided only when requested as - part of a ServiceList operation. - type: "object" - properties: - RunningTasks: - description: | - The number of tasks for the service currently in the Running state. - type: "integer" - format: "uint64" - example: 7 - DesiredTasks: - description: | - The number of tasks for the service desired to be running. - For replicated services, this is the replica count from the - service spec. For global services, this is computed by taking - count of all tasks for the service with a Desired State other - than Shutdown. - type: "integer" - format: "uint64" - example: 10 - CompletedTasks: - description: | - The number of tasks for a job that are in the Completed state. - This field must be cross-referenced with the service type, as the - value of 0 may mean the service is not in a job mode, or it may - mean the job-mode service has no tasks yet Completed. - type: "integer" - format: "uint64" - JobStatus: - description: | - The status of the service when it is in one of ReplicatedJob or - GlobalJob modes. Absent on Replicated and Global mode services. The - JobIteration is an ObjectVersion, but unlike the Service's version, - does not need to be sent with an update request. - type: "object" - properties: - JobIteration: - description: | - JobIteration is a value increased each time a Job is executed, - successfully or otherwise. "Executed", in this case, means the - job as a whole has been started, not that an individual Task has - been launched. A job is "Executed" when its ServiceSpec is - updated. JobIteration can be used to disambiguate Tasks belonging - to different executions of a job. Though JobIteration will - increase with each subsequent execution, it may not necessarily - increase by 1, and so JobIteration should not be used to - $ref: "#/definitions/ObjectVersion" - LastExecution: - description: | - The last time, as observed by the server, that this job was - started. - type: "string" - format: "dateTime" - example: - ID: "9mnpnzenvg8p8tdbtq4wvbkcz" - Version: - Index: 19 - CreatedAt: "2016-06-07T21:05:51.880065305Z" - UpdatedAt: "2016-06-07T21:07:29.962229872Z" - Spec: - Name: "hopeful_cori" - TaskTemplate: - ContainerSpec: - Image: "redis" - Resources: - Limits: {} - Reservations: {} - RestartPolicy: - Condition: "any" - MaxAttempts: 0 - Placement: {} - ForceUpdate: 0 - Mode: - Replicated: - Replicas: 1 - UpdateConfig: - Parallelism: 1 - Delay: 1000000000 - FailureAction: "pause" - Monitor: 15000000000 - MaxFailureRatio: 0.15 - RollbackConfig: - Parallelism: 1 - Delay: 1000000000 - FailureAction: "pause" - Monitor: 15000000000 - MaxFailureRatio: 0.15 - EndpointSpec: - Mode: "vip" - Ports: - - - Protocol: "tcp" - TargetPort: 6379 - PublishedPort: 30001 - Endpoint: - Spec: - Mode: "vip" - Ports: - - - Protocol: "tcp" - TargetPort: 6379 - PublishedPort: 30001 - Ports: - - - Protocol: "tcp" - TargetPort: 6379 - PublishedPort: 30001 - VirtualIPs: - - - NetworkID: "4qvuz4ko70xaltuqbt8956gd1" - Addr: "10.255.0.2/16" - - - NetworkID: "4qvuz4ko70xaltuqbt8956gd1" - Addr: "10.255.0.3/16" - - ImageDeleteResponseItem: - type: "object" - x-go-name: "DeleteResponse" - properties: - Untagged: - description: "The image ID of an image that was untagged" - type: "string" - Deleted: - description: "The image ID of an image that was deleted" - type: "string" - - ServiceCreateResponse: - type: "object" - description: | - contains the information returned to a client on the - creation of a new service. - properties: - ID: - description: "The ID of the created service." - type: "string" - x-nullable: false - example: "ak7w3gjqoa3kuz8xcpnyy0pvl" - Warnings: - description: | - Optional warning message. - - FIXME(thaJeztah): this should have "omitempty" in the generated type. - type: "array" - x-nullable: true - items: - type: "string" - example: - - "unable to pin image doesnotexist:latest to digest: image library/doesnotexist:latest not found" - - ServiceUpdateResponse: - type: "object" - properties: - Warnings: - description: "Optional warning messages" - type: "array" - items: - type: "string" - example: - Warnings: - - "unable to pin image doesnotexist:latest to digest: image library/doesnotexist:latest not found" - - ContainerInspectResponse: - type: "object" - title: "ContainerInspectResponse" - x-go-name: "InspectResponse" - properties: - Id: - description: |- - The ID of this container as a 128-bit (64-character) hexadecimal string (32 bytes). - type: "string" - x-go-name: "ID" - minLength: 64 - maxLength: 64 - pattern: "^[0-9a-fA-F]{64}$" - example: "aa86eacfb3b3ed4cd362c1e88fc89a53908ad05fb3a4103bca3f9b28292d14bf" - Created: - description: |- - Date and time at which the container was created, formatted in - [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds. - type: "string" - format: "dateTime" - x-nullable: true - example: "2025-02-17T17:43:39.64001363Z" - Path: - description: |- - The path to the command being run - type: "string" - example: "/bin/sh" - Args: - description: "The arguments to the command being run" - type: "array" - items: - type: "string" - example: - - "-c" - - "exit 9" - State: - $ref: "#/definitions/ContainerState" - Image: - description: |- - The ID (digest) of the image that this container was created from. - type: "string" - example: "sha256:72297848456d5d37d1262630108ab308d3e9ec7ed1c3286a32fe09856619a782" - ResolvConfPath: - description: |- - Location of the `/etc/resolv.conf` generated for the container on the - host. - - This file is managed through the docker daemon, and should not be - accessed or modified by other tools. - type: "string" - example: "/var/lib/docker/containers/aa86eacfb3b3ed4cd362c1e88fc89a53908ad05fb3a4103bca3f9b28292d14bf/resolv.conf" - HostnamePath: - description: |- - Location of the `/etc/hostname` generated for the container on the - host. - - This file is managed through the docker daemon, and should not be - accessed or modified by other tools. - type: "string" - example: "/var/lib/docker/containers/aa86eacfb3b3ed4cd362c1e88fc89a53908ad05fb3a4103bca3f9b28292d14bf/hostname" - HostsPath: - description: |- - Location of the `/etc/hosts` generated for the container on the - host. - - This file is managed through the docker daemon, and should not be - accessed or modified by other tools. - type: "string" - example: "/var/lib/docker/containers/aa86eacfb3b3ed4cd362c1e88fc89a53908ad05fb3a4103bca3f9b28292d14bf/hosts" - LogPath: - description: |- - Location of the file used to buffer the container's logs. Depending on - the logging-driver used for the container, this field may be omitted. - - This file is managed through the docker daemon, and should not be - accessed or modified by other tools. - type: "string" - x-nullable: true - example: "/var/lib/docker/containers/5b7c7e2b992aa426584ce6c47452756066be0e503a08b4516a433a54d2f69e59/5b7c7e2b992aa426584ce6c47452756066be0e503a08b4516a433a54d2f69e59-json.log" - Name: - description: |- - The name associated with this container. - - For historic reasons, the name may be prefixed with a forward-slash (`/`). - type: "string" - example: "/funny_chatelet" - RestartCount: - description: |- - Number of times the container was restarted since it was created, - or since daemon was started. - type: "integer" - example: 0 - Driver: - description: |- - The storage-driver used for the container's filesystem (graph-driver - or snapshotter). - type: "string" - example: "overlayfs" - Platform: - description: |- - The platform (operating system) for which the container was created. - - This field was introduced for the experimental "LCOW" (Linux Containers - On Windows) features, which has been removed. In most cases, this field - is equal to the host's operating system (`linux` or `windows`). - type: "string" - example: "linux" - ImageManifestDescriptor: - $ref: "#/definitions/OCIDescriptor" - description: |- - OCI descriptor of the platform-specific manifest of the image - the container was created from. - - Note: Only available if the daemon provides a multi-platform - image store. - MountLabel: - description: |- - SELinux mount label set for the container. - type: "string" - example: "" - ProcessLabel: - description: |- - SELinux process label set for the container. - type: "string" - example: "" - AppArmorProfile: - description: |- - The AppArmor profile set for the container. - type: "string" - example: "" - ExecIDs: - description: |- - IDs of exec instances that are running in the container. - type: "array" - items: - type: "string" - x-nullable: true - example: - - "b35395de42bc8abd327f9dd65d913b9ba28c74d2f0734eeeae84fa1c616a0fca" - - "3fc1232e5cd20c8de182ed81178503dc6437f4e7ef12b52cc5e8de020652f1c4" - HostConfig: - $ref: "#/definitions/HostConfig" - GraphDriver: - $ref: "#/definitions/DriverData" - SizeRw: - description: |- - The size of files that have been created or changed by this container. - - This field is omitted by default, and only set when size is requested - in the API request. - type: "integer" - format: "int64" - x-nullable: true - example: "122880" - SizeRootFs: - description: |- - The total size of all files in the read-only layers from the image - that the container uses. These layers can be shared between containers. - - This field is omitted by default, and only set when size is requested - in the API request. - type: "integer" - format: "int64" - x-nullable: true - example: "1653948416" - Mounts: - description: |- - List of mounts used by the container. - type: "array" - items: - $ref: "#/definitions/MountPoint" - Config: - $ref: "#/definitions/ContainerConfig" - NetworkSettings: - $ref: "#/definitions/NetworkSettings" - - ContainerSummary: - type: "object" - properties: - Id: - description: |- - The ID of this container as a 128-bit (64-character) hexadecimal string (32 bytes). - type: "string" - x-go-name: "ID" - minLength: 64 - maxLength: 64 - pattern: "^[0-9a-fA-F]{64}$" - example: "aa86eacfb3b3ed4cd362c1e88fc89a53908ad05fb3a4103bca3f9b28292d14bf" - Names: - description: |- - The names associated with this container. Most containers have a single - name, but when using legacy "links", the container can have multiple - names. - - For historic reasons, names are prefixed with a forward-slash (`/`). - type: "array" - items: - type: "string" - example: - - "/funny_chatelet" - Image: - description: |- - The name or ID of the image used to create the container. - - This field shows the image reference as was specified when creating the container, - which can be in its canonical form (e.g., `docker.io/library/ubuntu:latest` - or `docker.io/library/ubuntu@sha256:72297848456d5d37d1262630108ab308d3e9ec7ed1c3286a32fe09856619a782`), - short form (e.g., `ubuntu:latest`)), or the ID(-prefix) of the image (e.g., `72297848456d`). - - The content of this field can be updated at runtime if the image used to - create the container is untagged, in which case the field is updated to - contain the the image ID (digest) it was resolved to in its canonical, - non-truncated form (e.g., `sha256:72297848456d5d37d1262630108ab308d3e9ec7ed1c3286a32fe09856619a782`). - type: "string" - example: "docker.io/library/ubuntu:latest" - ImageID: - description: |- - The ID (digest) of the image that this container was created from. - type: "string" - example: "sha256:72297848456d5d37d1262630108ab308d3e9ec7ed1c3286a32fe09856619a782" - ImageManifestDescriptor: - $ref: "#/definitions/OCIDescriptor" - x-nullable: true - description: | - OCI descriptor of the platform-specific manifest of the image - the container was created from. - - Note: Only available if the daemon provides a multi-platform - image store. - - This field is not populated in the `GET /system/df` endpoint. - Command: - description: "Command to run when starting the container" - type: "string" - example: "/bin/bash" - Created: - description: |- - Date and time at which the container was created as a Unix timestamp - (number of seconds since EPOCH). - type: "integer" - format: "int64" - example: "1739811096" - Ports: - description: |- - Port-mappings for the container. - type: "array" - items: - $ref: "#/definitions/Port" - SizeRw: - description: |- - The size of files that have been created or changed by this container. - - This field is omitted by default, and only set when size is requested - in the API request. - type: "integer" - format: "int64" - x-nullable: true - example: "122880" - SizeRootFs: - description: |- - The total size of all files in the read-only layers from the image - that the container uses. These layers can be shared between containers. - - This field is omitted by default, and only set when size is requested - in the API request. - type: "integer" - format: "int64" - x-nullable: true - example: "1653948416" - Labels: - description: "User-defined key/value metadata." - type: "object" - additionalProperties: - type: "string" - example: - com.example.vendor: "Acme" - com.example.license: "GPL" - com.example.version: "1.0" - State: - description: | - The state of this container. - type: "string" - enum: - - "created" - - "running" - - "paused" - - "restarting" - - "exited" - - "removing" - - "dead" - example: "running" - Status: - description: |- - Additional human-readable status of this container (e.g. `Exit 0`) - type: "string" - example: "Up 4 days" - HostConfig: - type: "object" - description: |- - Summary of host-specific runtime information of the container. This - is a reduced set of information in the container's "HostConfig" as - available in the container "inspect" response. - properties: - NetworkMode: - description: |- - Networking mode (`host`, `none`, `container:`) or name of the - primary network the container is using. - - This field is primarily for backward compatibility. The container - can be connected to multiple networks for which information can be - found in the `NetworkSettings.Networks` field, which enumerates - settings per network. - type: "string" - example: "mynetwork" - Annotations: - description: |- - Arbitrary key-value metadata attached to the container. - type: "object" - x-nullable: true - additionalProperties: - type: "string" - example: - io.kubernetes.docker.type: "container" - io.kubernetes.sandbox.id: "3befe639bed0fd6afdd65fd1fa84506756f59360ec4adc270b0fdac9be22b4d3" - NetworkSettings: - description: |- - Summary of the container's network settings - type: "object" - properties: - Networks: - type: "object" - description: |- - Summary of network-settings for each network the container is - attached to. - additionalProperties: - $ref: "#/definitions/EndpointSettings" - Mounts: - type: "array" - description: |- - List of mounts used by the container. - items: - $ref: "#/definitions/MountPoint" - - Driver: - description: "Driver represents a driver (network, logging, secrets)." - type: "object" - required: [Name] - properties: - Name: - description: "Name of the driver." - type: "string" - x-nullable: false - example: "some-driver" - Options: - description: "Key/value map of driver-specific options." - type: "object" - x-nullable: false - additionalProperties: - type: "string" - example: - OptionA: "value for driver-specific option A" - OptionB: "value for driver-specific option B" - - SecretSpec: - type: "object" - properties: - Name: - description: "User-defined name of the secret." - type: "string" - Labels: - description: "User-defined key/value metadata." - type: "object" - additionalProperties: - type: "string" - example: - com.example.some-label: "some-value" - com.example.some-other-label: "some-other-value" - Data: - description: | - Data is the data to store as a secret, formatted as a Base64-url-safe-encoded - ([RFC 4648](https://tools.ietf.org/html/rfc4648#section-5)) string. - It must be empty if the Driver field is set, in which case the data is - loaded from an external secret store. The maximum allowed size is 500KB, - as defined in [MaxSecretSize](https://pkg.go.dev/github.com/moby/swarmkit/v2@v2.0.0-20250103191802-8c1959736554/api/validation#MaxSecretSize). - - This field is only used to _create_ a secret, and is not returned by - other endpoints. - type: "string" - example: "" - Driver: - description: | - Name of the secrets driver used to fetch the secret's value from an - external secret store. - $ref: "#/definitions/Driver" - Templating: - description: | - Templating driver, if applicable - - Templating controls whether and how to evaluate the config payload as - a template. If no driver is set, no templating is used. - $ref: "#/definitions/Driver" - - Secret: - type: "object" - properties: - ID: - type: "string" - example: "blt1owaxmitz71s9v5zh81zun" - Version: - $ref: "#/definitions/ObjectVersion" - CreatedAt: - type: "string" - format: "dateTime" - example: "2017-07-20T13:55:28.678958722Z" - UpdatedAt: - type: "string" - format: "dateTime" - example: "2017-07-20T13:55:28.678958722Z" - Spec: - $ref: "#/definitions/SecretSpec" - - ConfigSpec: - type: "object" - properties: - Name: - description: "User-defined name of the config." - type: "string" - Labels: - description: "User-defined key/value metadata." - type: "object" - additionalProperties: - type: "string" - Data: - description: | - Data is the data to store as a config, formatted as a Base64-url-safe-encoded - ([RFC 4648](https://tools.ietf.org/html/rfc4648#section-5)) string. - The maximum allowed size is 1000KB, as defined in [MaxConfigSize](https://pkg.go.dev/github.com/moby/swarmkit/v2@v2.0.0-20250103191802-8c1959736554/manager/controlapi#MaxConfigSize). - type: "string" - Templating: - description: | - Templating driver, if applicable - - Templating controls whether and how to evaluate the config payload as - a template. If no driver is set, no templating is used. - $ref: "#/definitions/Driver" - - Config: - type: "object" - properties: - ID: - type: "string" - Version: - $ref: "#/definitions/ObjectVersion" - CreatedAt: - type: "string" - format: "dateTime" - UpdatedAt: - type: "string" - format: "dateTime" - Spec: - $ref: "#/definitions/ConfigSpec" - - ContainerState: - description: | - ContainerState stores container's running state. It's part of ContainerJSONBase - and will be returned by the "inspect" command. - type: "object" - x-nullable: true - properties: - Status: - description: | - String representation of the container state. Can be one of "created", - "running", "paused", "restarting", "removing", "exited", or "dead". - type: "string" - enum: ["created", "running", "paused", "restarting", "removing", "exited", "dead"] - example: "running" - Running: - description: | - Whether this container is running. - - Note that a running container can be _paused_. The `Running` and `Paused` - booleans are not mutually exclusive: - - When pausing a container (on Linux), the freezer cgroup is used to suspend - all processes in the container. Freezing the process requires the process to - be running. As a result, paused containers are both `Running` _and_ `Paused`. - - Use the `Status` field instead to determine if a container's state is "running". - type: "boolean" - example: true - Paused: - description: "Whether this container is paused." - type: "boolean" - example: false - Restarting: - description: "Whether this container is restarting." - type: "boolean" - example: false - OOMKilled: - description: | - Whether a process within this container has been killed because it ran - out of memory since the container was last started. - type: "boolean" - example: false - Dead: - type: "boolean" - example: false - Pid: - description: "The process ID of this container" - type: "integer" - example: 1234 - ExitCode: - description: "The last exit code of this container" - type: "integer" - example: 0 - Error: - type: "string" - StartedAt: - description: "The time when this container was last started." - type: "string" - example: "2020-01-06T09:06:59.461876391Z" - FinishedAt: - description: "The time when this container last exited." - type: "string" - example: "2020-01-06T09:07:59.461876391Z" - Health: - $ref: "#/definitions/Health" - - ContainerCreateResponse: - description: "OK response to ContainerCreate operation" - type: "object" - title: "ContainerCreateResponse" - x-go-name: "CreateResponse" - required: [Id, Warnings] - properties: - Id: - description: "The ID of the created container" - type: "string" - x-nullable: false - example: "ede54ee1afda366ab42f824e8a5ffd195155d853ceaec74a927f249ea270c743" - Warnings: - description: "Warnings encountered when creating the container" - type: "array" - x-nullable: false - items: - type: "string" - example: [] - - ContainerUpdateResponse: - type: "object" - title: "ContainerUpdateResponse" - x-go-name: "UpdateResponse" - description: |- - Response for a successful container-update. - properties: - Warnings: - type: "array" - description: |- - Warnings encountered when updating the container. - items: - type: "string" - example: ["Published ports are discarded when using host network mode"] - - ContainerStatsResponse: - description: | - Statistics sample for a container. - type: "object" - x-go-name: "StatsResponse" - title: "ContainerStatsResponse" - properties: - name: - description: "Name of the container" - type: "string" - x-nullable: true - example: "boring_wozniak" - id: - description: "ID of the container" - type: "string" - x-nullable: true - example: "ede54ee1afda366ab42f824e8a5ffd195155d853ceaec74a927f249ea270c743" - read: - description: | - Date and time at which this sample was collected. - The value is formatted as [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) - with nano-seconds. - type: "string" - format: "date-time" - example: "2025-01-16T13:55:22.165243637Z" - preread: - description: | - Date and time at which this first sample was collected. This field - is not propagated if the "one-shot" option is set. If the "one-shot" - option is set, this field may be omitted, empty, or set to a default - date (`0001-01-01T00:00:00Z`). - - The value is formatted as [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) - with nano-seconds. - type: "string" - format: "date-time" - example: "2025-01-16T13:55:21.160452595Z" - pids_stats: - $ref: "#/definitions/ContainerPidsStats" - blkio_stats: - $ref: "#/definitions/ContainerBlkioStats" - num_procs: - description: | - The number of processors on the system. - - This field is Windows-specific and always zero for Linux containers. - type: "integer" - format: "uint32" - example: 16 - storage_stats: - $ref: "#/definitions/ContainerStorageStats" - cpu_stats: - $ref: "#/definitions/ContainerCPUStats" - precpu_stats: - $ref: "#/definitions/ContainerCPUStats" - memory_stats: - $ref: "#/definitions/ContainerMemoryStats" - networks: - description: | - Network statistics for the container per interface. - - This field is omitted if the container has no networking enabled. - x-nullable: true - additionalProperties: - $ref: "#/definitions/ContainerNetworkStats" - example: - eth0: - rx_bytes: 5338 - rx_dropped: 0 - rx_errors: 0 - rx_packets: 36 - tx_bytes: 648 - tx_dropped: 0 - tx_errors: 0 - tx_packets: 8 - eth5: - rx_bytes: 4641 - rx_dropped: 0 - rx_errors: 0 - rx_packets: 26 - tx_bytes: 690 - tx_dropped: 0 - tx_errors: 0 - tx_packets: 9 - - ContainerBlkioStats: - description: | - BlkioStats stores all IO service stats for data read and write. - - This type is Linux-specific and holds many fields that are specific to cgroups v1. - On a cgroup v2 host, all fields other than `io_service_bytes_recursive` - are omitted or `null`. - - This type is only populated on Linux and omitted for Windows containers. - type: "object" - x-go-name: "BlkioStats" - x-nullable: true - properties: - io_service_bytes_recursive: - type: "array" - items: - $ref: "#/definitions/ContainerBlkioStatEntry" - io_serviced_recursive: - description: | - This field is only available when using Linux containers with - cgroups v1. It is omitted or `null` when using cgroups v2. - x-nullable: true - type: "array" - items: - $ref: "#/definitions/ContainerBlkioStatEntry" - io_queue_recursive: - description: | - This field is only available when using Linux containers with - cgroups v1. It is omitted or `null` when using cgroups v2. - x-nullable: true - type: "array" - items: - $ref: "#/definitions/ContainerBlkioStatEntry" - io_service_time_recursive: - description: | - This field is only available when using Linux containers with - cgroups v1. It is omitted or `null` when using cgroups v2. - x-nullable: true - type: "array" - items: - $ref: "#/definitions/ContainerBlkioStatEntry" - io_wait_time_recursive: - description: | - This field is only available when using Linux containers with - cgroups v1. It is omitted or `null` when using cgroups v2. - x-nullable: true - type: "array" - items: - $ref: "#/definitions/ContainerBlkioStatEntry" - io_merged_recursive: - description: | - This field is only available when using Linux containers with - cgroups v1. It is omitted or `null` when using cgroups v2. - x-nullable: true - type: "array" - items: - $ref: "#/definitions/ContainerBlkioStatEntry" - io_time_recursive: - description: | - This field is only available when using Linux containers with - cgroups v1. It is omitted or `null` when using cgroups v2. - x-nullable: true - type: "array" - items: - $ref: "#/definitions/ContainerBlkioStatEntry" - sectors_recursive: - description: | - This field is only available when using Linux containers with - cgroups v1. It is omitted or `null` when using cgroups v2. - x-nullable: true - type: "array" - items: - $ref: "#/definitions/ContainerBlkioStatEntry" - example: - io_service_bytes_recursive: [ - {"major": 254, "minor": 0, "op": "read", "value": 7593984}, - {"major": 254, "minor": 0, "op": "write", "value": 100} - ] - io_serviced_recursive: null - io_queue_recursive: null - io_service_time_recursive: null - io_wait_time_recursive: null - io_merged_recursive: null - io_time_recursive: null - sectors_recursive: null - - ContainerBlkioStatEntry: - description: | - Blkio stats entry. - - This type is Linux-specific and omitted for Windows containers. - type: "object" - x-go-name: "BlkioStatEntry" - x-nullable: true - properties: - major: - type: "integer" - format: "uint64" - example: 254 - minor: - type: "integer" - format: "uint64" - example: 0 - op: - type: "string" - example: "read" - value: - type: "integer" - format: "uint64" - example: 7593984 - - ContainerCPUStats: - description: | - CPU related info of the container - type: "object" - x-go-name: "CPUStats" - x-nullable: true - properties: - cpu_usage: - $ref: "#/definitions/ContainerCPUUsage" - system_cpu_usage: - description: | - System Usage. - - This field is Linux-specific and omitted for Windows containers. - type: "integer" - format: "uint64" - x-nullable: true - example: 5 - online_cpus: - description: | - Number of online CPUs. - - This field is Linux-specific and omitted for Windows containers. - type: "integer" - format: "uint32" - x-nullable: true - example: 5 - throttling_data: - $ref: "#/definitions/ContainerThrottlingData" - - ContainerCPUUsage: - description: | - All CPU stats aggregated since container inception. - type: "object" - x-go-name: "CPUUsage" - x-nullable: true - properties: - total_usage: - description: | - Total CPU time consumed in nanoseconds (Linux) or 100's of nanoseconds (Windows). - type: "integer" - format: "uint64" - example: 29912000 - percpu_usage: - description: | - Total CPU time (in nanoseconds) consumed per core (Linux). - - This field is Linux-specific when using cgroups v1. It is omitted - when using cgroups v2 and Windows containers. - type: "array" - x-nullable: true - items: - type: "integer" - format: "uint64" - example: 29912000 - - usage_in_kernelmode: - description: | - Time (in nanoseconds) spent by tasks of the cgroup in kernel mode (Linux), - or time spent (in 100's of nanoseconds) by all container processes in - kernel mode (Windows). - - Not populated for Windows containers using Hyper-V isolation. - type: "integer" - format: "uint64" - example: 21994000 - usage_in_usermode: - description: | - Time (in nanoseconds) spent by tasks of the cgroup in user mode (Linux), - or time spent (in 100's of nanoseconds) by all container processes in - kernel mode (Windows). - - Not populated for Windows containers using Hyper-V isolation. - type: "integer" - format: "uint64" - example: 7918000 - - ContainerPidsStats: - description: | - PidsStats contains Linux-specific stats of a container's process-IDs (PIDs). - - This type is Linux-specific and omitted for Windows containers. - type: "object" - x-go-name: "PidsStats" - x-nullable: true - properties: - current: - description: | - Current is the number of PIDs in the cgroup. - type: "integer" - format: "uint64" - x-nullable: true - example: 5 - limit: - description: | - Limit is the hard limit on the number of pids in the cgroup. - A "Limit" of 0 means that there is no limit. - type: "integer" - format: "uint64" - x-nullable: true - example: "18446744073709551615" - - ContainerThrottlingData: - description: | - CPU throttling stats of the container. - - This type is Linux-specific and omitted for Windows containers. - type: "object" - x-go-name: "ThrottlingData" - x-nullable: true - properties: - periods: - description: | - Number of periods with throttling active. - type: "integer" - format: "uint64" - example: 0 - throttled_periods: - description: | - Number of periods when the container hit its throttling limit. - type: "integer" - format: "uint64" - example: 0 - throttled_time: - description: | - Aggregated time (in nanoseconds) the container was throttled for. - type: "integer" - format: "uint64" - example: 0 - - ContainerMemoryStats: - description: | - Aggregates all memory stats since container inception on Linux. - Windows returns stats for commit and private working set only. - type: "object" - x-go-name: "MemoryStats" - properties: - usage: - description: | - Current `res_counter` usage for memory. - - This field is Linux-specific and omitted for Windows containers. - type: "integer" - format: "uint64" - x-nullable: true - example: 0 - max_usage: - description: | - Maximum usage ever recorded. - - This field is Linux-specific and only supported on cgroups v1. - It is omitted when using cgroups v2 and for Windows containers. - type: "integer" - format: "uint64" - x-nullable: true - example: 0 - stats: - description: | - All the stats exported via memory.stat. when using cgroups v2. - - This field is Linux-specific and omitted for Windows containers. - type: "object" - additionalProperties: - type: "integer" - format: "uint64" - x-nullable: true - example: - { - "active_anon": 1572864, - "active_file": 5115904, - "anon": 1572864, - "anon_thp": 0, - "file": 7626752, - "file_dirty": 0, - "file_mapped": 2723840, - "file_writeback": 0, - "inactive_anon": 0, - "inactive_file": 2510848, - "kernel_stack": 16384, - "pgactivate": 0, - "pgdeactivate": 0, - "pgfault": 2042, - "pglazyfree": 0, - "pglazyfreed": 0, - "pgmajfault": 45, - "pgrefill": 0, - "pgscan": 0, - "pgsteal": 0, - "shmem": 0, - "slab": 1180928, - "slab_reclaimable": 725576, - "slab_unreclaimable": 455352, - "sock": 0, - "thp_collapse_alloc": 0, - "thp_fault_alloc": 1, - "unevictable": 0, - "workingset_activate": 0, - "workingset_nodereclaim": 0, - "workingset_refault": 0 - } - failcnt: - description: | - Number of times memory usage hits limits. - - This field is Linux-specific and only supported on cgroups v1. - It is omitted when using cgroups v2 and for Windows containers. - type: "integer" - format: "uint64" - x-nullable: true - example: 0 - limit: - description: | - This field is Linux-specific and omitted for Windows containers. - type: "integer" - format: "uint64" - x-nullable: true - example: 8217579520 - commitbytes: - description: | - Committed bytes. - - This field is Windows-specific and omitted for Linux containers. - type: "integer" - format: "uint64" - x-nullable: true - example: 0 - commitpeakbytes: - description: | - Peak committed bytes. - - This field is Windows-specific and omitted for Linux containers. - type: "integer" - format: "uint64" - x-nullable: true - example: 0 - privateworkingset: - description: | - Private working set. - - This field is Windows-specific and omitted for Linux containers. - type: "integer" - format: "uint64" - x-nullable: true - example: 0 - - ContainerNetworkStats: - description: | - Aggregates the network stats of one container - type: "object" - x-go-name: "NetworkStats" - x-nullable: true - properties: - rx_bytes: - description: | - Bytes received. Windows and Linux. - type: "integer" - format: "uint64" - example: 5338 - rx_packets: - description: | - Packets received. Windows and Linux. - type: "integer" - format: "uint64" - example: 36 - rx_errors: - description: | - Received errors. Not used on Windows. - - This field is Linux-specific and always zero for Windows containers. - type: "integer" - format: "uint64" - example: 0 - rx_dropped: - description: | - Incoming packets dropped. Windows and Linux. - type: "integer" - format: "uint64" - example: 0 - tx_bytes: - description: | - Bytes sent. Windows and Linux. - type: "integer" - format: "uint64" - example: 1200 - tx_packets: - description: | - Packets sent. Windows and Linux. - type: "integer" - format: "uint64" - example: 12 - tx_errors: - description: | - Sent errors. Not used on Windows. - - This field is Linux-specific and always zero for Windows containers. - type: "integer" - format: "uint64" - example: 0 - tx_dropped: - description: | - Outgoing packets dropped. Windows and Linux. - type: "integer" - format: "uint64" - example: 0 - endpoint_id: - description: | - Endpoint ID. Not used on Linux. - - This field is Windows-specific and omitted for Linux containers. - type: "string" - x-nullable: true - instance_id: - description: | - Instance ID. Not used on Linux. - - This field is Windows-specific and omitted for Linux containers. - type: "string" - x-nullable: true - - ContainerStorageStats: - description: | - StorageStats is the disk I/O stats for read/write on Windows. - - This type is Windows-specific and omitted for Linux containers. - type: "object" - x-go-name: "StorageStats" - x-nullable: true - properties: - read_count_normalized: - type: "integer" - format: "uint64" - x-nullable: true - example: 7593984 - read_size_bytes: - type: "integer" - format: "uint64" - x-nullable: true - example: 7593984 - write_count_normalized: - type: "integer" - format: "uint64" - x-nullable: true - example: 7593984 - write_size_bytes: - type: "integer" - format: "uint64" - x-nullable: true - example: 7593984 - - ContainerTopResponse: - type: "object" - x-go-name: "TopResponse" - title: "ContainerTopResponse" - description: |- - Container "top" response. - properties: - Titles: - description: "The ps column titles" - type: "array" - items: - type: "string" - example: - Titles: - - "UID" - - "PID" - - "PPID" - - "C" - - "STIME" - - "TTY" - - "TIME" - - "CMD" - Processes: - description: |- - Each process running in the container, where each process - is an array of values corresponding to the titles. - type: "array" - items: - type: "array" - items: - type: "string" - example: - Processes: - - - - "root" - - "13642" - - "882" - - "0" - - "17:03" - - "pts/0" - - "00:00:00" - - "/bin/bash" - - - - "root" - - "13735" - - "13642" - - "0" - - "17:06" - - "pts/0" - - "00:00:00" - - "sleep 10" - - ContainerWaitResponse: - description: "OK response to ContainerWait operation" - type: "object" - x-go-name: "WaitResponse" - title: "ContainerWaitResponse" - required: [StatusCode] - properties: - StatusCode: - description: "Exit code of the container" - type: "integer" - format: "int64" - x-nullable: false - Error: - $ref: "#/definitions/ContainerWaitExitError" - - ContainerWaitExitError: - description: "container waiting error, if any" - type: "object" - x-go-name: "WaitExitError" - properties: - Message: - description: "Details of an error" - type: "string" - - SystemVersion: - type: "object" - description: | - Response of Engine API: GET "/version" - properties: - Platform: - type: "object" - required: [Name] - properties: - Name: - type: "string" - Components: - type: "array" - description: | - Information about system components - items: - type: "object" - x-go-name: ComponentVersion - required: [Name, Version] - properties: - Name: - description: | - Name of the component - type: "string" - example: "Engine" - Version: - description: | - Version of the component - type: "string" - x-nullable: false - example: "27.0.1" - Details: - description: | - Key/value pairs of strings with additional information about the - component. These values are intended for informational purposes - only, and their content is not defined, and not part of the API - specification. - - These messages can be printed by the client as information to the user. - type: "object" - x-nullable: true - Version: - description: "The version of the daemon" - type: "string" - example: "27.0.1" - ApiVersion: - description: | - The default (and highest) API version that is supported by the daemon - type: "string" - example: "1.47" - MinAPIVersion: - description: | - The minimum API version that is supported by the daemon - type: "string" - example: "1.24" - GitCommit: - description: | - The Git commit of the source code that was used to build the daemon - type: "string" - example: "48a66213fe" - GoVersion: - description: | - The version Go used to compile the daemon, and the version of the Go - runtime in use. - type: "string" - example: "go1.22.7" - Os: - description: | - The operating system that the daemon is running on ("linux" or "windows") - type: "string" - example: "linux" - Arch: - description: | - The architecture that the daemon is running on - type: "string" - example: "amd64" - KernelVersion: - description: | - The kernel version (`uname -r`) that the daemon is running on. - - This field is omitted when empty. - type: "string" - example: "6.8.0-31-generic" - Experimental: - description: | - Indicates if the daemon is started with experimental features enabled. - - This field is omitted when empty / false. - type: "boolean" - example: true - BuildTime: - description: | - The date and time that the daemon was compiled. - type: "string" - example: "2020-06-22T15:49:27.000000000+00:00" - - SystemInfo: - type: "object" - properties: - ID: - description: | - Unique identifier of the daemon. - -


- - > **Note**: The format of the ID itself is not part of the API, and - > should not be considered stable. - type: "string" - example: "7TRN:IPZB:QYBB:VPBQ:UMPP:KARE:6ZNR:XE6T:7EWV:PKF4:ZOJD:TPYS" - Containers: - description: "Total number of containers on the host." - type: "integer" - example: 14 - ContainersRunning: - description: | - Number of containers with status `"running"`. - type: "integer" - example: 3 - ContainersPaused: - description: | - Number of containers with status `"paused"`. - type: "integer" - example: 1 - ContainersStopped: - description: | - Number of containers with status `"stopped"`. - type: "integer" - example: 10 - Images: - description: | - Total number of images on the host. - - Both _tagged_ and _untagged_ (dangling) images are counted. - type: "integer" - example: 508 - Driver: - description: "Name of the storage driver in use." - type: "string" - example: "overlay2" - DriverStatus: - description: | - Information specific to the storage driver, provided as - "label" / "value" pairs. - - This information is provided by the storage driver, and formatted - in a way consistent with the output of `docker info` on the command - line. - -


- - > **Note**: The information returned in this field, including the - > formatting of values and labels, should not be considered stable, - > and may change without notice. - type: "array" - items: - type: "array" - items: - type: "string" - example: - - ["Backing Filesystem", "extfs"] - - ["Supports d_type", "true"] - - ["Native Overlay Diff", "true"] - DockerRootDir: - description: | - Root directory of persistent Docker state. - - Defaults to `/var/lib/docker` on Linux, and `C:\ProgramData\docker` - on Windows. - type: "string" - example: "/var/lib/docker" - Plugins: - $ref: "#/definitions/PluginsInfo" - MemoryLimit: - description: "Indicates if the host has memory limit support enabled." - type: "boolean" - example: true - SwapLimit: - description: "Indicates if the host has memory swap limit support enabled." - type: "boolean" - example: true - KernelMemoryTCP: - description: | - Indicates if the host has kernel memory TCP limit support enabled. This - field is omitted if not supported. - - Kernel memory TCP limits are not supported when using cgroups v2, which - does not support the corresponding `memory.kmem.tcp.limit_in_bytes` cgroup. - - **Deprecated**: This field is deprecated as kernel 6.12 has deprecated kernel memory TCP accounting. - type: "boolean" - example: true - CpuCfsPeriod: - description: | - Indicates if CPU CFS(Completely Fair Scheduler) period is supported by - the host. - type: "boolean" - example: true - CpuCfsQuota: - description: | - Indicates if CPU CFS(Completely Fair Scheduler) quota is supported by - the host. - type: "boolean" - example: true - CPUShares: - description: | - Indicates if CPU Shares limiting is supported by the host. - type: "boolean" - example: true - CPUSet: - description: | - Indicates if CPUsets (cpuset.cpus, cpuset.mems) are supported by the host. - - See [cpuset(7)](https://www.kernel.org/doc/Documentation/cgroup-v1/cpusets.txt) - type: "boolean" - example: true - PidsLimit: - description: "Indicates if the host kernel has PID limit support enabled." - type: "boolean" - example: true - OomKillDisable: - description: "Indicates if OOM killer disable is supported on the host." - type: "boolean" - IPv4Forwarding: - description: "Indicates IPv4 forwarding is enabled." - type: "boolean" - example: true - Debug: - description: | - Indicates if the daemon is running in debug-mode / with debug-level - logging enabled. - type: "boolean" - example: true - NFd: - description: | - The total number of file Descriptors in use by the daemon process. - - This information is only returned if debug-mode is enabled. - type: "integer" - example: 64 - NGoroutines: - description: | - The number of goroutines that currently exist. - - This information is only returned if debug-mode is enabled. - type: "integer" - example: 174 - SystemTime: - description: | - Current system-time in [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) - format with nano-seconds. - type: "string" - example: "2017-08-08T20:28:29.06202363Z" - LoggingDriver: - description: | - The logging driver to use as a default for new containers. - type: "string" - CgroupDriver: - description: | - The driver to use for managing cgroups. - type: "string" - enum: ["cgroupfs", "systemd", "none"] - default: "cgroupfs" - example: "cgroupfs" - CgroupVersion: - description: | - The version of the cgroup. - type: "string" - enum: ["1", "2"] - default: "1" - example: "1" - NEventsListener: - description: "Number of event listeners subscribed." - type: "integer" - example: 30 - KernelVersion: - description: | - Kernel version of the host. - - On Linux, this information obtained from `uname`. On Windows this - information is queried from the HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ - registry value, for example _"10.0 14393 (14393.1198.amd64fre.rs1_release_sec.170427-1353)"_. - type: "string" - example: "6.8.0-31-generic" - OperatingSystem: - description: | - Name of the host's operating system, for example: "Ubuntu 24.04 LTS" - or "Windows Server 2016 Datacenter" - type: "string" - example: "Ubuntu 24.04 LTS" - OSVersion: - description: | - Version of the host's operating system - -


- - > **Note**: The information returned in this field, including its - > very existence, and the formatting of values, should not be considered - > stable, and may change without notice. - type: "string" - example: "24.04" - OSType: - description: | - Generic type of the operating system of the host, as returned by the - Go runtime (`GOOS`). - - Currently returned values are "linux" and "windows". A full list of - possible values can be found in the [Go documentation](https://go.dev/doc/install/source#environment). - type: "string" - example: "linux" - Architecture: - description: | - Hardware architecture of the host, as returned by the Go runtime - (`GOARCH`). - - A full list of possible values can be found in the [Go documentation](https://go.dev/doc/install/source#environment). - type: "string" - example: "x86_64" - NCPU: - description: | - The number of logical CPUs usable by the daemon. - - The number of available CPUs is checked by querying the operating - system when the daemon starts. Changes to operating system CPU - allocation after the daemon is started are not reflected. - type: "integer" - example: 4 - MemTotal: - description: | - Total amount of physical memory available on the host, in bytes. - type: "integer" - format: "int64" - example: 2095882240 - - IndexServerAddress: - description: | - Address / URL of the index server that is used for image search, - and as a default for user authentication for Docker Hub and Docker Cloud. - default: "https://index.docker.io/v1/" - type: "string" - example: "https://index.docker.io/v1/" - RegistryConfig: - $ref: "#/definitions/RegistryServiceConfig" - GenericResources: - $ref: "#/definitions/GenericResources" - HttpProxy: - description: | - HTTP-proxy configured for the daemon. This value is obtained from the - [`HTTP_PROXY`](https://www.gnu.org/software/wget/manual/html_node/Proxies.html) environment variable. - Credentials ([user info component](https://tools.ietf.org/html/rfc3986#section-3.2.1)) in the proxy URL - are masked in the API response. - - Containers do not automatically inherit this configuration. - type: "string" - example: "http://xxxxx:xxxxx@proxy.corp.example.com:8080" - HttpsProxy: - description: | - HTTPS-proxy configured for the daemon. This value is obtained from the - [`HTTPS_PROXY`](https://www.gnu.org/software/wget/manual/html_node/Proxies.html) environment variable. - Credentials ([user info component](https://tools.ietf.org/html/rfc3986#section-3.2.1)) in the proxy URL - are masked in the API response. - - Containers do not automatically inherit this configuration. - type: "string" - example: "https://xxxxx:xxxxx@proxy.corp.example.com:4443" - NoProxy: - description: | - Comma-separated list of domain extensions for which no proxy should be - used. This value is obtained from the [`NO_PROXY`](https://www.gnu.org/software/wget/manual/html_node/Proxies.html) - environment variable. - - Containers do not automatically inherit this configuration. - type: "string" - example: "*.local, 169.254/16" - Name: - description: "Hostname of the host." - type: "string" - example: "node5.corp.example.com" - Labels: - description: | - User-defined labels (key/value metadata) as set on the daemon. - -


- - > **Note**: When part of a Swarm, nodes can both have _daemon_ labels, - > set through the daemon configuration, and _node_ labels, set from a - > manager node in the Swarm. Node labels are not included in this - > field. Node labels can be retrieved using the `/nodes/(id)` endpoint - > on a manager node in the Swarm. - type: "array" - items: - type: "string" - example: ["storage=ssd", "production"] - ExperimentalBuild: - description: | - Indicates if experimental features are enabled on the daemon. - type: "boolean" - example: true - ServerVersion: - description: | - Version string of the daemon. - type: "string" - example: "27.0.1" - Runtimes: - description: | - List of [OCI compliant](https://github.com/opencontainers/runtime-spec) - runtimes configured on the daemon. Keys hold the "name" used to - reference the runtime. - - The Docker daemon relies on an OCI compliant runtime (invoked via the - `containerd` daemon) as its interface to the Linux kernel namespaces, - cgroups, and SELinux. - - The default runtime is `runc`, and automatically configured. Additional - runtimes can be configured by the user and will be listed here. - type: "object" - additionalProperties: - $ref: "#/definitions/Runtime" - default: - runc: - path: "runc" - example: - runc: - path: "runc" - runc-master: - path: "/go/bin/runc" - custom: - path: "/usr/local/bin/my-oci-runtime" - runtimeArgs: ["--debug", "--systemd-cgroup=false"] - DefaultRuntime: - description: | - Name of the default OCI runtime that is used when starting containers. - - The default can be overridden per-container at create time. - type: "string" - default: "runc" - example: "runc" - Swarm: - $ref: "#/definitions/SwarmInfo" - LiveRestoreEnabled: - description: | - Indicates if live restore is enabled. - - If enabled, containers are kept running when the daemon is shutdown - or upon daemon start if running containers are detected. - type: "boolean" - default: false - example: false - Isolation: - description: | - Represents the isolation technology to use as a default for containers. - The supported values are platform-specific. - - If no isolation value is specified on daemon start, on Windows client, - the default is `hyperv`, and on Windows server, the default is `process`. - - This option is currently not used on other platforms. - default: "default" - type: "string" - enum: - - "default" - - "hyperv" - - "process" - - "" - InitBinary: - description: | - Name and, optional, path of the `docker-init` binary. - - If the path is omitted, the daemon searches the host's `$PATH` for the - binary and uses the first result. - type: "string" - example: "docker-init" - ContainerdCommit: - $ref: "#/definitions/Commit" - RuncCommit: - $ref: "#/definitions/Commit" - InitCommit: - $ref: "#/definitions/Commit" - SecurityOptions: - description: | - List of security features that are enabled on the daemon, such as - apparmor, seccomp, SELinux, user-namespaces (userns), rootless and - no-new-privileges. - - Additional configuration options for each security feature may - be present, and are included as a comma-separated list of key/value - pairs. - type: "array" - items: - type: "string" - example: - - "name=apparmor" - - "name=seccomp,profile=default" - - "name=selinux" - - "name=userns" - - "name=rootless" - ProductLicense: - description: | - Reports a summary of the product license on the daemon. - - If a commercial license has been applied to the daemon, information - such as number of nodes, and expiration are included. - type: "string" - example: "Community Engine" - DefaultAddressPools: - description: | - List of custom default address pools for local networks, which can be - specified in the daemon.json file or dockerd option. - - Example: a Base "10.10.0.0/16" with Size 24 will define the set of 256 - 10.10.[0-255].0/24 address pools. - type: "array" - items: - type: "object" - properties: - Base: - description: "The network address in CIDR format" - type: "string" - example: "10.10.0.0/16" - Size: - description: "The network pool size" - type: "integer" - example: "24" - FirewallBackend: - $ref: "#/definitions/FirewallInfo" - DiscoveredDevices: - description: | - List of devices discovered by device drivers. - - Each device includes information about its source driver, kind, name, - and additional driver-specific attributes. - type: "array" - items: - $ref: "#/definitions/DeviceInfo" - Warnings: - description: | - List of warnings / informational messages about missing features, or - issues related to the daemon configuration. - - These messages can be printed by the client as information to the user. - type: "array" - items: - type: "string" - example: - - "WARNING: No memory limit support" - CDISpecDirs: - description: | - List of directories where (Container Device Interface) CDI - specifications are located. - - These specifications define vendor-specific modifications to an OCI - runtime specification for a container being created. - - An empty list indicates that CDI device injection is disabled. - - Note that since using CDI device injection requires the daemon to have - experimental enabled. For non-experimental daemons an empty list will - always be returned. - type: "array" - items: - type: "string" - example: - - "/etc/cdi" - - "/var/run/cdi" - Containerd: - $ref: "#/definitions/ContainerdInfo" - - ContainerdInfo: - description: | - Information for connecting to the containerd instance that is used by the daemon. - This is included for debugging purposes only. - type: "object" - x-nullable: true - properties: - Address: - description: "The address of the containerd socket." - type: "string" - example: "/run/containerd/containerd.sock" - Namespaces: - description: | - The namespaces that the daemon uses for running containers and - plugins in containerd. These namespaces can be configured in the - daemon configuration, and are considered to be used exclusively - by the daemon, Tampering with the containerd instance may cause - unexpected behavior. - - As these namespaces are considered to be exclusively accessed - by the daemon, it is not recommended to change these values, - or to change them to a value that is used by other systems, - such as cri-containerd. - type: "object" - properties: - Containers: - description: | - The default containerd namespace used for containers managed - by the daemon. - - The default namespace for containers is "moby", but will be - suffixed with the `.` of the remapped `root` if - user-namespaces are enabled and the containerd image-store - is used. - type: "string" - default: "moby" - example: "moby" - Plugins: - description: | - The default containerd namespace used for plugins managed by - the daemon. - - The default namespace for plugins is "plugins.moby", but will be - suffixed with the `.` of the remapped `root` if - user-namespaces are enabled and the containerd image-store - is used. - type: "string" - default: "plugins.moby" - example: "plugins.moby" - - FirewallInfo: - description: | - Information about the daemon's firewalling configuration. - - This field is currently only used on Linux, and omitted on other platforms. - type: "object" - x-nullable: true - properties: - Driver: - description: | - The name of the firewall backend driver. - type: "string" - example: "nftables" - Info: - description: | - Information about the firewall backend, provided as - "label" / "value" pairs. - -


- - > **Note**: The information returned in this field, including the - > formatting of values and labels, should not be considered stable, - > and may change without notice. - type: "array" - items: - type: "array" - items: - type: "string" - example: - - ["ReloadedAt", "2025-01-01T00:00:00Z"] - - # PluginsInfo is a temp struct holding Plugins name - # registered with docker daemon. It is used by Info struct - PluginsInfo: - description: | - Available plugins per type. - -


- - > **Note**: Only unmanaged (V1) plugins are included in this list. - > V1 plugins are "lazily" loaded, and are not returned in this list - > if there is no resource using the plugin. - type: "object" - properties: - Volume: - description: "Names of available volume-drivers, and network-driver plugins." - type: "array" - items: - type: "string" - example: ["local"] - Network: - description: "Names of available network-drivers, and network-driver plugins." - type: "array" - items: - type: "string" - example: ["bridge", "host", "ipvlan", "macvlan", "null", "overlay"] - Authorization: - description: "Names of available authorization plugins." - type: "array" - items: - type: "string" - example: ["img-authz-plugin", "hbm"] - Log: - description: "Names of available logging-drivers, and logging-driver plugins." - type: "array" - items: - type: "string" - example: ["awslogs", "fluentd", "gcplogs", "gelf", "journald", "json-file", "splunk", "syslog"] - - - RegistryServiceConfig: - description: | - RegistryServiceConfig stores daemon registry services configuration. - type: "object" - x-nullable: true - properties: - InsecureRegistryCIDRs: - description: | - List of IP ranges of insecure registries, using the CIDR syntax - ([RFC 4632](https://tools.ietf.org/html/4632)). Insecure registries - accept un-encrypted (HTTP) and/or untrusted (HTTPS with certificates - from unknown CAs) communication. - - By default, local registries (`::1/128` and `127.0.0.0/8`) are configured as - insecure. All other registries are secure. Communicating with an - insecure registry is not possible if the daemon assumes that registry - is secure. - - This configuration override this behavior, insecure communication with - registries whose resolved IP address is within the subnet described by - the CIDR syntax. - - Registries can also be marked insecure by hostname. Those registries - are listed under `IndexConfigs` and have their `Secure` field set to - `false`. - - > **Warning**: Using this option can be useful when running a local - > registry, but introduces security vulnerabilities. This option - > should therefore ONLY be used for testing purposes. For increased - > security, users should add their CA to their system's list of trusted - > CAs instead of enabling this option. - type: "array" - items: - type: "string" - example: ["::1/128", "127.0.0.0/8"] - IndexConfigs: - type: "object" - additionalProperties: - $ref: "#/definitions/IndexInfo" - example: - "127.0.0.1:5000": - "Name": "127.0.0.1:5000" - "Mirrors": [] - "Secure": false - "Official": false - "[2001:db8:a0b:12f0::1]:80": - "Name": "[2001:db8:a0b:12f0::1]:80" - "Mirrors": [] - "Secure": false - "Official": false - "docker.io": - Name: "docker.io" - Mirrors: ["https://hub-mirror.corp.example.com:5000/"] - Secure: true - Official: true - "registry.internal.corp.example.com:3000": - Name: "registry.internal.corp.example.com:3000" - Mirrors: [] - Secure: false - Official: false - Mirrors: - description: | - List of registry URLs that act as a mirror for the official - (`docker.io`) registry. - - type: "array" - items: - type: "string" - example: - - "https://hub-mirror.corp.example.com:5000/" - - "https://[2001:db8:a0b:12f0::1]/" - - IndexInfo: - description: - IndexInfo contains information about a registry. - type: "object" - x-nullable: true - properties: - Name: - description: | - Name of the registry, such as "docker.io". - type: "string" - example: "docker.io" - Mirrors: - description: | - List of mirrors, expressed as URIs. - type: "array" - items: - type: "string" - example: - - "https://hub-mirror.corp.example.com:5000/" - - "https://registry-2.docker.io/" - - "https://registry-3.docker.io/" - Secure: - description: | - Indicates if the registry is part of the list of insecure - registries. - - If `false`, the registry is insecure. Insecure registries accept - un-encrypted (HTTP) and/or untrusted (HTTPS with certificates from - unknown CAs) communication. - - > **Warning**: Insecure registries can be useful when running a local - > registry. However, because its use creates security vulnerabilities - > it should ONLY be enabled for testing purposes. For increased - > security, users should add their CA to their system's list of - > trusted CAs instead of enabling this option. - type: "boolean" - example: true - Official: - description: | - Indicates whether this is an official registry (i.e., Docker Hub / docker.io) - type: "boolean" - example: true - - Runtime: - description: | - Runtime describes an [OCI compliant](https://github.com/opencontainers/runtime-spec) - runtime. - - The runtime is invoked by the daemon via the `containerd` daemon. OCI - runtimes act as an interface to the Linux kernel namespaces, cgroups, - and SELinux. - type: "object" - properties: - path: - description: | - Name and, optional, path, of the OCI executable binary. - - If the path is omitted, the daemon searches the host's `$PATH` for the - binary and uses the first result. - type: "string" - example: "/usr/local/bin/my-oci-runtime" - runtimeArgs: - description: | - List of command-line arguments to pass to the runtime when invoked. - type: "array" - x-nullable: true - items: - type: "string" - example: ["--debug", "--systemd-cgroup=false"] - status: - description: | - Information specific to the runtime. - - While this API specification does not define data provided by runtimes, - the following well-known properties may be provided by runtimes: - - `org.opencontainers.runtime-spec.features`: features structure as defined - in the [OCI Runtime Specification](https://github.com/opencontainers/runtime-spec/blob/main/features.md), - in a JSON string representation. - -


- - > **Note**: The information returned in this field, including the - > formatting of values and labels, should not be considered stable, - > and may change without notice. - type: "object" - x-nullable: true - additionalProperties: - type: "string" - example: - "org.opencontainers.runtime-spec.features": "{\"ociVersionMin\":\"1.0.0\",\"ociVersionMax\":\"1.1.0\",\"...\":\"...\"}" - - Commit: - description: | - Commit holds the Git-commit (SHA1) that a binary was built from, as - reported in the version-string of external tools, such as `containerd`, - or `runC`. - type: "object" - properties: - ID: - description: "Actual commit ID of external tool." - type: "string" - example: "cfb82a876ecc11b5ca0977d1733adbe58599088a" - - SwarmInfo: - description: | - Represents generic information about swarm. - type: "object" - properties: - NodeID: - description: "Unique identifier of for this node in the swarm." - type: "string" - default: "" - example: "k67qz4598weg5unwwffg6z1m1" - NodeAddr: - description: | - IP address at which this node can be reached by other nodes in the - swarm. - type: "string" - default: "" - example: "10.0.0.46" - LocalNodeState: - $ref: "#/definitions/LocalNodeState" - ControlAvailable: - type: "boolean" - default: false - example: true - Error: - type: "string" - default: "" - RemoteManagers: - description: | - List of ID's and addresses of other managers in the swarm. - type: "array" - default: null - x-nullable: true - items: - $ref: "#/definitions/PeerNode" - example: - - NodeID: "71izy0goik036k48jg985xnds" - Addr: "10.0.0.158:2377" - - NodeID: "79y6h1o4gv8n120drcprv5nmc" - Addr: "10.0.0.159:2377" - - NodeID: "k67qz4598weg5unwwffg6z1m1" - Addr: "10.0.0.46:2377" - Nodes: - description: "Total number of nodes in the swarm." - type: "integer" - x-nullable: true - example: 4 - Managers: - description: "Total number of managers in the swarm." - type: "integer" - x-nullable: true - example: 3 - Cluster: - $ref: "#/definitions/ClusterInfo" - - LocalNodeState: - description: "Current local status of this node." - type: "string" - default: "" - enum: - - "" - - "inactive" - - "pending" - - "active" - - "error" - - "locked" - example: "active" - - PeerNode: - description: "Represents a peer-node in the swarm" - type: "object" - properties: - NodeID: - description: "Unique identifier of for this node in the swarm." - type: "string" - Addr: - description: | - IP address and ports at which this node can be reached. - type: "string" - - NetworkAttachmentConfig: - description: | - Specifies how a service should be attached to a particular network. - type: "object" - properties: - Target: - description: | - The target network for attachment. Must be a network name or ID. - type: "string" - Aliases: - description: | - Discoverable alternate names for the service on this network. - type: "array" - items: - type: "string" - DriverOpts: - description: | - Driver attachment options for the network target. - type: "object" - additionalProperties: - type: "string" - - EventActor: - description: | - Actor describes something that generates events, like a container, network, - or a volume. - type: "object" - properties: - ID: - description: "The ID of the object emitting the event" - type: "string" - example: "ede54ee1afda366ab42f824e8a5ffd195155d853ceaec74a927f249ea270c743" - Attributes: - description: | - Various key/value attributes of the object, depending on its type. - type: "object" - additionalProperties: - type: "string" - example: - com.example.some-label: "some-label-value" - image: "alpine:latest" - name: "my-container" - - EventMessage: - description: | - EventMessage represents the information an event contains. - type: "object" - title: "SystemEventsResponse" - properties: - Type: - description: "The type of object emitting the event" - type: "string" - enum: ["builder", "config", "container", "daemon", "image", "network", "node", "plugin", "secret", "service", "volume"] - example: "container" - Action: - description: "The type of event" - type: "string" - example: "create" - Actor: - $ref: "#/definitions/EventActor" - scope: - description: | - Scope of the event. Engine events are `local` scope. Cluster (Swarm) - events are `swarm` scope. - type: "string" - enum: ["local", "swarm"] - time: - description: "Timestamp of event" - type: "integer" - format: "int64" - example: 1629574695 - timeNano: - description: "Timestamp of event, with nanosecond accuracy" - type: "integer" - format: "int64" - example: 1629574695515050031 - - OCIDescriptor: - type: "object" - x-go-name: Descriptor - description: | - A descriptor struct containing digest, media type, and size, as defined in - the [OCI Content Descriptors Specification](https://github.com/opencontainers/image-spec/blob/v1.0.1/descriptor.md). - properties: - mediaType: - description: | - The media type of the object this schema refers to. - type: "string" - example: "application/vnd.oci.image.manifest.v1+json" - digest: - description: | - The digest of the targeted content. - type: "string" - example: "sha256:c0537ff6a5218ef531ece93d4984efc99bbf3f7497c0a7726c88e2bb7584dc96" - size: - description: | - The size in bytes of the blob. - type: "integer" - format: "int64" - example: 424 - urls: - description: |- - List of URLs from which this object MAY be downloaded. - type: "array" - items: - type: "string" - format: "uri" - x-nullable: true - annotations: - description: |- - Arbitrary metadata relating to the targeted content. - type: "object" - x-nullable: true - additionalProperties: - type: "string" - example: - "com.docker.official-images.bashbrew.arch": "amd64" - "org.opencontainers.image.base.digest": "sha256:0d0ef5c914d3ea700147da1bd050c59edb8bb12ca312f3800b29d7c8087eabd8" - "org.opencontainers.image.base.name": "scratch" - "org.opencontainers.image.created": "2025-01-27T00:00:00Z" - "org.opencontainers.image.revision": "9fabb4bad5138435b01857e2fe9363e2dc5f6a79" - "org.opencontainers.image.source": "https://git.launchpad.net/cloud-images/+oci/ubuntu-base" - "org.opencontainers.image.url": "https://hub.docker.com/_/ubuntu" - "org.opencontainers.image.version": "24.04" - data: - type: string - x-nullable: true - description: |- - Data is an embedding of the targeted content. This is encoded as a base64 - string when marshalled to JSON (automatically, by encoding/json). If - present, Data can be used directly to avoid fetching the targeted content. - example: null - platform: - $ref: "#/definitions/OCIPlatform" - artifactType: - description: |- - ArtifactType is the IANA media type of this artifact. - type: "string" - x-nullable: true - example: null - - OCIPlatform: - type: "object" - x-go-name: Platform - x-nullable: true - description: | - Describes the platform which the image in the manifest runs on, as defined - in the [OCI Image Index Specification](https://github.com/opencontainers/image-spec/blob/v1.0.1/image-index.md). - properties: - architecture: - description: | - The CPU architecture, for example `amd64` or `ppc64`. - type: "string" - example: "arm" - os: - description: | - The operating system, for example `linux` or `windows`. - type: "string" - example: "windows" - os.version: - description: | - Optional field specifying the operating system version, for example on - Windows `10.0.19041.1165`. - type: "string" - example: "10.0.19041.1165" - os.features: - description: | - Optional field specifying an array of strings, each listing a required - OS feature (for example on Windows `win32k`). - type: "array" - items: - type: "string" - example: - - "win32k" - variant: - description: | - Optional field specifying a variant of the CPU, for example `v7` to - specify ARMv7 when architecture is `arm`. - type: "string" - example: "v7" - - DistributionInspect: - type: "object" - x-go-name: DistributionInspect - title: "DistributionInspectResponse" - required: [Descriptor, Platforms] - description: | - Describes the result obtained from contacting the registry to retrieve - image metadata. - properties: - Descriptor: - $ref: "#/definitions/OCIDescriptor" - Platforms: - type: "array" - description: | - An array containing all platforms supported by the image. - items: - $ref: "#/definitions/OCIPlatform" - - ClusterVolume: - type: "object" - description: | - Options and information specific to, and only present on, Swarm CSI - cluster volumes. - properties: - ID: - type: "string" - description: | - The Swarm ID of this volume. Because cluster volumes are Swarm - objects, they have an ID, unlike non-cluster volumes. This ID can - be used to refer to the Volume instead of the name. - Version: - $ref: "#/definitions/ObjectVersion" - CreatedAt: - type: "string" - format: "dateTime" - UpdatedAt: - type: "string" - format: "dateTime" - Spec: - $ref: "#/definitions/ClusterVolumeSpec" - Info: - type: "object" - description: | - Information about the global status of the volume. - properties: - CapacityBytes: - type: "integer" - format: "int64" - description: | - The capacity of the volume in bytes. A value of 0 indicates that - the capacity is unknown. - VolumeContext: - type: "object" - description: | - A map of strings to strings returned from the storage plugin when - the volume is created. - additionalProperties: - type: "string" - VolumeID: - type: "string" - description: | - The ID of the volume as returned by the CSI storage plugin. This - is distinct from the volume's ID as provided by Docker. This ID - is never used by the user when communicating with Docker to refer - to this volume. If the ID is blank, then the Volume has not been - successfully created in the plugin yet. - AccessibleTopology: - type: "array" - description: | - The topology this volume is actually accessible from. - items: - $ref: "#/definitions/Topology" - PublishStatus: - type: "array" - description: | - The status of the volume as it pertains to its publishing and use on - specific nodes - items: - type: "object" - properties: - NodeID: - type: "string" - description: | - The ID of the Swarm node the volume is published on. - State: - type: "string" - description: | - The published state of the volume. - * `pending-publish` The volume should be published to this node, but the call to the controller plugin to do so has not yet been successfully completed. - * `published` The volume is published successfully to the node. - * `pending-node-unpublish` The volume should be unpublished from the node, and the manager is awaiting confirmation from the worker that it has done so. - * `pending-controller-unpublish` The volume is successfully unpublished from the node, but has not yet been successfully unpublished on the controller. - enum: - - "pending-publish" - - "published" - - "pending-node-unpublish" - - "pending-controller-unpublish" - PublishContext: - type: "object" - description: | - A map of strings to strings returned by the CSI controller - plugin when a volume is published. - additionalProperties: - type: "string" - - ClusterVolumeSpec: - type: "object" - description: | - Cluster-specific options used to create the volume. - properties: - Group: - type: "string" - description: | - Group defines the volume group of this volume. Volumes belonging to - the same group can be referred to by group name when creating - Services. Referring to a volume by group instructs Swarm to treat - volumes in that group interchangeably for the purpose of scheduling. - Volumes with an empty string for a group technically all belong to - the same, emptystring group. - AccessMode: - type: "object" - description: | - Defines how the volume is used by tasks. - properties: - Scope: - type: "string" - description: | - The set of nodes this volume can be used on at one time. - - `single` The volume may only be scheduled to one node at a time. - - `multi` the volume may be scheduled to any supported number of nodes at a time. - default: "single" - enum: ["single", "multi"] - x-nullable: false - Sharing: - type: "string" - description: | - The number and way that different tasks can use this volume - at one time. - - `none` The volume may only be used by one task at a time. - - `readonly` The volume may be used by any number of tasks, but they all must mount the volume as readonly - - `onewriter` The volume may be used by any number of tasks, but only one may mount it as read/write. - - `all` The volume may have any number of readers and writers. - default: "none" - enum: ["none", "readonly", "onewriter", "all"] - x-nullable: false - MountVolume: - type: "object" - description: | - Options for using this volume as a Mount-type volume. - - Either MountVolume or BlockVolume, but not both, must be - present. - properties: - FsType: - type: "string" - description: | - Specifies the filesystem type for the mount volume. - Optional. - MountFlags: - type: "array" - description: | - Flags to pass when mounting the volume. Optional. - items: - type: "string" - BlockVolume: - type: "object" - description: | - Options for using this volume as a Block-type volume. - Intentionally empty. - Secrets: - type: "array" - description: | - Swarm Secrets that are passed to the CSI storage plugin when - operating on this volume. - items: - type: "object" - description: | - One cluster volume secret entry. Defines a key-value pair that - is passed to the plugin. - properties: - Key: - type: "string" - description: | - Key is the name of the key of the key-value pair passed to - the plugin. - Secret: - type: "string" - description: | - Secret is the swarm Secret object from which to read data. - This can be a Secret name or ID. The Secret data is - retrieved by swarm and used as the value of the key-value - pair passed to the plugin. - AccessibilityRequirements: - type: "object" - description: | - Requirements for the accessible topology of the volume. These - fields are optional. For an in-depth description of what these - fields mean, see the CSI specification. - properties: - Requisite: - type: "array" - description: | - A list of required topologies, at least one of which the - volume must be accessible from. - items: - $ref: "#/definitions/Topology" - Preferred: - type: "array" - description: | - A list of topologies that the volume should attempt to be - provisioned in. - items: - $ref: "#/definitions/Topology" - CapacityRange: - type: "object" - description: | - The desired capacity that the volume should be created with. If - empty, the plugin will decide the capacity. - properties: - RequiredBytes: - type: "integer" - format: "int64" - description: | - The volume must be at least this big. The value of 0 - indicates an unspecified minimum - LimitBytes: - type: "integer" - format: "int64" - description: | - The volume must not be bigger than this. The value of 0 - indicates an unspecified maximum. - Availability: - type: "string" - description: | - The availability of the volume for use in tasks. - - `active` The volume is fully available for scheduling on the cluster - - `pause` No new workloads should use the volume, but existing workloads are not stopped. - - `drain` All workloads using this volume should be stopped and rescheduled, and no new ones should be started. - default: "active" - x-nullable: false - enum: - - "active" - - "pause" - - "drain" - - Topology: - description: | - A map of topological domains to topological segments. For in depth - details, see documentation for the Topology object in the CSI - specification. - type: "object" - additionalProperties: - type: "string" - - ImageManifestSummary: - x-go-name: "ManifestSummary" - description: | - ImageManifestSummary represents a summary of an image manifest. - type: "object" - required: ["ID", "Descriptor", "Available", "Size", "Kind"] - properties: - ID: - description: | - ID is the content-addressable ID of an image and is the same as the - digest of the image manifest. - type: "string" - example: "sha256:95869fbcf224d947ace8d61d0e931d49e31bb7fc67fffbbe9c3198c33aa8e93f" - Descriptor: - $ref: "#/definitions/OCIDescriptor" - Available: - description: Indicates whether all the child content (image config, layers) is fully available locally. - type: "boolean" - example: true - Size: - type: "object" - x-nullable: false - required: ["Content", "Total"] - properties: - Total: - type: "integer" - format: "int64" - example: 8213251 - description: | - Total is the total size (in bytes) of all the locally present - data (both distributable and non-distributable) that's related to - this manifest and its children. - This equal to the sum of [Content] size AND all the sizes in the - [Size] struct present in the Kind-specific data struct. - For example, for an image kind (Kind == "image") - this would include the size of the image content and unpacked - image snapshots ([Size.Content] + [ImageData.Size.Unpacked]). - Content: - description: | - Content is the size (in bytes) of all the locally present - content in the content store (e.g. image config, layers) - referenced by this manifest and its children. - This only includes blobs in the content store. - type: "integer" - format: "int64" - example: 3987495 - Kind: - type: "string" - example: "image" - enum: - - "image" - - "attestation" - - "unknown" - description: | - The kind of the manifest. - - kind | description - -------------|----------------------------------------------------------- - image | Image manifest that can be used to start a container. - attestation | Attestation manifest produced by the Buildkit builder for a specific image manifest. - ImageData: - description: | - The image data for the image manifest. - This field is only populated when Kind is "image". - type: "object" - x-nullable: true - x-omitempty: true - required: ["Platform", "Containers", "Size", "UnpackedSize"] - properties: - Platform: - $ref: "#/definitions/OCIPlatform" - description: | - OCI platform of the image. This will be the platform specified in the - manifest descriptor from the index/manifest list. - If it's not available, it will be obtained from the image config. - Containers: - description: | - The IDs of the containers that are using this image. - type: "array" - items: - type: "string" - example: ["ede54ee1fda366ab42f824e8a5ffd195155d853ceaec74a927f249ea270c7430", "abadbce344c096744d8d6071a90d474d28af8f1034b5ea9fb03c3f4bfc6d005e"] - Size: - type: "object" - x-nullable: false - required: ["Unpacked"] - properties: - Unpacked: - type: "integer" - format: "int64" - example: 3987495 - description: | - Unpacked is the size (in bytes) of the locally unpacked - (uncompressed) image content that's directly usable by the containers - running this image. - It's independent of the distributable content - e.g. - the image might still have an unpacked data that's still used by - some container even when the distributable/compressed content is - already gone. - AttestationData: - description: | - The image data for the attestation manifest. - This field is only populated when Kind is "attestation". - type: "object" - x-nullable: true - x-omitempty: true - required: ["For"] - properties: - For: - description: | - The digest of the image manifest that this attestation is for. - type: "string" - example: "sha256:95869fbcf224d947ace8d61d0e931d49e31bb7fc67fffbbe9c3198c33aa8e93f" - -paths: - /containers/json: - get: - summary: "List containers" - description: | - Returns a list of containers. For details on the format, see the - [inspect endpoint](#operation/ContainerInspect). - - Note that it uses a different, smaller representation of a container - than inspecting a single container. For example, the list of linked - containers is not propagated . - operationId: "ContainerList" - produces: - - "application/json" - parameters: - - name: "all" - in: "query" - description: | - Return all containers. By default, only running containers are shown. - type: "boolean" - default: false - - name: "limit" - in: "query" - description: | - Return this number of most recently created containers, including - non-running ones. - type: "integer" - - name: "size" - in: "query" - description: | - Return the size of container as fields `SizeRw` and `SizeRootFs`. - type: "boolean" - default: false - - name: "filters" - in: "query" - description: | - Filters to process on the container list, encoded as JSON (a - `map[string][]string`). For example, `{"status": ["paused"]}` will - only return paused containers. - - Available filters: - - - `ancestor`=(`[:]`, ``, or ``) - - `before`=(`` or ``) - - `expose`=(`[/]`|`/[]`) - - `exited=` containers with exit code of `` - - `health`=(`starting`|`healthy`|`unhealthy`|`none`) - - `id=` a container's ID - - `isolation=`(`default`|`process`|`hyperv`) (Windows daemon only) - - `is-task=`(`true`|`false`) - - `label=key` or `label="key=value"` of a container label - - `name=` a container's name - - `network`=(`` or ``) - - `publish`=(`[/]`|`/[]`) - - `since`=(`` or ``) - - `status=`(`created`|`restarting`|`running`|`removing`|`paused`|`exited`|`dead`) - - `volume`=(`` or ``) - type: "string" - responses: - 200: - description: "no error" - schema: - type: "array" - items: - $ref: "#/definitions/ContainerSummary" - 400: - description: "bad parameter" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - tags: ["Container"] - /containers/create: - post: - summary: "Create a container" - operationId: "ContainerCreate" - consumes: - - "application/json" - - "application/octet-stream" - produces: - - "application/json" - parameters: - - name: "name" - in: "query" - description: | - Assign the specified name to the container. Must match - `/?[a-zA-Z0-9][a-zA-Z0-9_.-]+`. - type: "string" - pattern: "^/?[a-zA-Z0-9][a-zA-Z0-9_.-]+$" - - name: "platform" - in: "query" - description: | - Platform in the format `os[/arch[/variant]]` used for image lookup. - - When specified, the daemon checks if the requested image is present - in the local image cache with the given OS and Architecture, and - otherwise returns a `404` status. - - If the option is not set, the host's native OS and Architecture are - used to look up the image in the image cache. However, if no platform - is passed and the given image does exist in the local image cache, - but its OS or architecture does not match, the container is created - with the available image, and a warning is added to the `Warnings` - field in the response, for example; - - WARNING: The requested image's platform (linux/arm64/v8) does not - match the detected host platform (linux/amd64) and no - specific platform was requested - - type: "string" - default: "" - - name: "body" - in: "body" - description: "Container to create" - schema: - allOf: - - $ref: "#/definitions/ContainerConfig" - - type: "object" - properties: - HostConfig: - $ref: "#/definitions/HostConfig" - NetworkingConfig: - $ref: "#/definitions/NetworkingConfig" - example: - Hostname: "" - Domainname: "" - User: "" - AttachStdin: false - AttachStdout: true - AttachStderr: true - Tty: false - OpenStdin: false - StdinOnce: false - Env: - - "FOO=bar" - - "BAZ=quux" - Cmd: - - "date" - Entrypoint: "" - Image: "ubuntu" - Labels: - com.example.vendor: "Acme" - com.example.license: "GPL" - com.example.version: "1.0" - Volumes: - /volumes/data: {} - WorkingDir: "" - NetworkDisabled: false - MacAddress: "12:34:56:78:9a:bc" - ExposedPorts: - 22/tcp: {} - StopSignal: "SIGTERM" - StopTimeout: 10 - HostConfig: - Binds: - - "/tmp:/tmp" - Links: - - "redis3:redis" - Memory: 0 - MemorySwap: 0 - MemoryReservation: 0 - NanoCpus: 500000 - CpuPercent: 80 - CpuShares: 512 - CpuPeriod: 100000 - CpuRealtimePeriod: 1000000 - CpuRealtimeRuntime: 10000 - CpuQuota: 50000 - CpusetCpus: "0,1" - CpusetMems: "0,1" - MaximumIOps: 0 - MaximumIOBps: 0 - BlkioWeight: 300 - BlkioWeightDevice: - - {} - BlkioDeviceReadBps: - - {} - BlkioDeviceReadIOps: - - {} - BlkioDeviceWriteBps: - - {} - BlkioDeviceWriteIOps: - - {} - DeviceRequests: - - Driver: "nvidia" - Count: -1 - DeviceIDs": ["0", "1", "GPU-fef8089b-4820-abfc-e83e-94318197576e"] - Capabilities: [["gpu", "nvidia", "compute"]] - Options: - property1: "string" - property2: "string" - MemorySwappiness: 60 - OomKillDisable: false - OomScoreAdj: 500 - PidMode: "" - PidsLimit: 0 - PortBindings: - 22/tcp: - - HostPort: "11022" - PublishAllPorts: false - Privileged: false - ReadonlyRootfs: false - Dns: - - "8.8.8.8" - DnsOptions: - - "" - DnsSearch: - - "" - VolumesFrom: - - "parent" - - "other:ro" - CapAdd: - - "NET_ADMIN" - CapDrop: - - "MKNOD" - GroupAdd: - - "newgroup" - RestartPolicy: - Name: "" - MaximumRetryCount: 0 - AutoRemove: true - NetworkMode: "bridge" - Devices: [] - Ulimits: - - {} - LogConfig: - Type: "json-file" - Config: {} - SecurityOpt: [] - StorageOpt: {} - CgroupParent: "" - VolumeDriver: "" - ShmSize: 67108864 - NetworkingConfig: - EndpointsConfig: - isolated_nw: - IPAMConfig: - IPv4Address: "172.20.30.33" - IPv6Address: "2001:db8:abcd::3033" - LinkLocalIPs: - - "169.254.34.68" - - "fe80::3468" - Links: - - "container_1" - - "container_2" - Aliases: - - "server_x" - - "server_y" - database_nw: {} - - required: true - responses: - 201: - description: "Container created successfully" - schema: - $ref: "#/definitions/ContainerCreateResponse" - 400: - description: "bad parameter" - schema: - $ref: "#/definitions/ErrorResponse" - 404: - description: "no such image" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "No such image: c2ada9df5af8" - 409: - description: "conflict" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - tags: ["Container"] - /containers/{id}/json: - get: - summary: "Inspect a container" - description: "Return low-level information about a container." - operationId: "ContainerInspect" - produces: - - "application/json" - responses: - 200: - description: "no error" - schema: - $ref: "#/definitions/ContainerInspectResponse" - 404: - description: "no such container" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "No such container: c2ada9df5af8" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - required: true - description: "ID or name of the container" - type: "string" - - name: "size" - in: "query" - type: "boolean" - default: false - description: "Return the size of container as fields `SizeRw` and `SizeRootFs`" - tags: ["Container"] - /containers/{id}/top: - get: - summary: "List processes running inside a container" - description: | - On Unix systems, this is done by running the `ps` command. This endpoint - is not supported on Windows. - operationId: "ContainerTop" - responses: - 200: - description: "no error" - schema: - $ref: "#/definitions/ContainerTopResponse" - 404: - description: "no such container" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "No such container: c2ada9df5af8" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - required: true - description: "ID or name of the container" - type: "string" - - name: "ps_args" - in: "query" - description: "The arguments to pass to `ps`. For example, `aux`" - type: "string" - default: "-ef" - tags: ["Container"] - /containers/{id}/logs: - get: - summary: "Get container logs" - description: | - Get `stdout` and `stderr` logs from a container. - - Note: This endpoint works only for containers with the `json-file` or - `journald` logging driver. - produces: - - "application/vnd.docker.raw-stream" - - "application/vnd.docker.multiplexed-stream" - operationId: "ContainerLogs" - responses: - 200: - description: | - logs returned as a stream in response body. - For the stream format, [see the documentation for the attach endpoint](#operation/ContainerAttach). - Note that unlike the attach endpoint, the logs endpoint does not - upgrade the connection and does not set Content-Type. - schema: - type: "string" - format: "binary" - 404: - description: "no such container" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "No such container: c2ada9df5af8" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - required: true - description: "ID or name of the container" - type: "string" - - name: "follow" - in: "query" - description: "Keep connection after returning logs." - type: "boolean" - default: false - - name: "stdout" - in: "query" - description: "Return logs from `stdout`" - type: "boolean" - default: false - - name: "stderr" - in: "query" - description: "Return logs from `stderr`" - type: "boolean" - default: false - - name: "since" - in: "query" - description: "Only return logs since this time, as a UNIX timestamp" - type: "integer" - default: 0 - - name: "until" - in: "query" - description: "Only return logs before this time, as a UNIX timestamp" - type: "integer" - default: 0 - - name: "timestamps" - in: "query" - description: "Add timestamps to every log line" - type: "boolean" - default: false - - name: "tail" - in: "query" - description: | - Only return this number of log lines from the end of the logs. - Specify as an integer or `all` to output all log lines. - type: "string" - default: "all" - tags: ["Container"] - /containers/{id}/changes: - get: - summary: "Get changes on a container’s filesystem" - description: | - Returns which files in a container's filesystem have been added, deleted, - or modified. The `Kind` of modification can be one of: - - - `0`: Modified ("C") - - `1`: Added ("A") - - `2`: Deleted ("D") - operationId: "ContainerChanges" - produces: ["application/json"] - responses: - 200: - description: "The list of changes" - schema: - type: "array" - items: - $ref: "#/definitions/FilesystemChange" - examples: - application/json: - - Path: "/dev" - Kind: 0 - - Path: "/dev/kmsg" - Kind: 1 - - Path: "/test" - Kind: 1 - 404: - description: "no such container" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "No such container: c2ada9df5af8" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - required: true - description: "ID or name of the container" - type: "string" - tags: ["Container"] - /containers/{id}/export: - get: - summary: "Export a container" - description: "Export the contents of a container as a tarball." - operationId: "ContainerExport" - produces: - - "application/octet-stream" - responses: - 200: - description: "no error" - 404: - description: "no such container" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "No such container: c2ada9df5af8" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - required: true - description: "ID or name of the container" - type: "string" - tags: ["Container"] - /containers/{id}/stats: - get: - summary: "Get container stats based on resource usage" - description: | - This endpoint returns a live stream of a container’s resource usage - statistics. - - The `precpu_stats` is the CPU statistic of the *previous* read, and is - used to calculate the CPU usage percentage. It is not an exact copy - of the `cpu_stats` field. - - If either `precpu_stats.online_cpus` or `cpu_stats.online_cpus` is - nil then for compatibility with older daemons the length of the - corresponding `cpu_usage.percpu_usage` array should be used. - - On a cgroup v2 host, the following fields are not set - * `blkio_stats`: all fields other than `io_service_bytes_recursive` - * `cpu_stats`: `cpu_usage.percpu_usage` - * `memory_stats`: `max_usage` and `failcnt` - Also, `memory_stats.stats` fields are incompatible with cgroup v1. - - To calculate the values shown by the `stats` command of the docker cli tool - the following formulas can be used: - * used_memory = `memory_stats.usage - memory_stats.stats.cache` - * available_memory = `memory_stats.limit` - * Memory usage % = `(used_memory / available_memory) * 100.0` - * cpu_delta = `cpu_stats.cpu_usage.total_usage - precpu_stats.cpu_usage.total_usage` - * system_cpu_delta = `cpu_stats.system_cpu_usage - precpu_stats.system_cpu_usage` - * number_cpus = `length(cpu_stats.cpu_usage.percpu_usage)` or `cpu_stats.online_cpus` - * CPU usage % = `(cpu_delta / system_cpu_delta) * number_cpus * 100.0` - operationId: "ContainerStats" - produces: ["application/json"] - responses: - 200: - description: "no error" - schema: - $ref: "#/definitions/ContainerStatsResponse" - 404: - description: "no such container" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "No such container: c2ada9df5af8" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - required: true - description: "ID or name of the container" - type: "string" - - name: "stream" - in: "query" - description: | - Stream the output. If false, the stats will be output once and then - it will disconnect. - type: "boolean" - default: true - - name: "one-shot" - in: "query" - description: | - Only get a single stat instead of waiting for 2 cycles. Must be used - with `stream=false`. - type: "boolean" - default: false - tags: ["Container"] - /containers/{id}/resize: - post: - summary: "Resize a container TTY" - description: "Resize the TTY for a container." - operationId: "ContainerResize" - consumes: - - "application/octet-stream" - produces: - - "text/plain" - responses: - 200: - description: "no error" - 404: - description: "no such container" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "No such container: c2ada9df5af8" - 500: - description: "cannot resize container" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - required: true - description: "ID or name of the container" - type: "string" - - name: "h" - in: "query" - required: true - description: "Height of the TTY session in characters" - type: "integer" - - name: "w" - in: "query" - required: true - description: "Width of the TTY session in characters" - type: "integer" - tags: ["Container"] - /containers/{id}/start: - post: - summary: "Start a container" - operationId: "ContainerStart" - responses: - 204: - description: "no error" - 304: - description: "container already started" - 404: - description: "no such container" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "No such container: c2ada9df5af8" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - required: true - description: "ID or name of the container" - type: "string" - - name: "detachKeys" - in: "query" - description: | - Override the key sequence for detaching a container. Format is a - single character `[a-Z]` or `ctrl-` where `` is one - of: `a-z`, `@`, `^`, `[`, `,` or `_`. - type: "string" - tags: ["Container"] - /containers/{id}/stop: - post: - summary: "Stop a container" - operationId: "ContainerStop" - responses: - 204: - description: "no error" - 304: - description: "container already stopped" - 404: - description: "no such container" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "No such container: c2ada9df5af8" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - required: true - description: "ID or name of the container" - type: "string" - - name: "signal" - in: "query" - description: | - Signal to send to the container as an integer or string (e.g. `SIGINT`). - type: "string" - - name: "t" - in: "query" - description: "Number of seconds to wait before killing the container" - type: "integer" - tags: ["Container"] - /containers/{id}/restart: - post: - summary: "Restart a container" - operationId: "ContainerRestart" - responses: - 204: - description: "no error" - 404: - description: "no such container" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "No such container: c2ada9df5af8" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - required: true - description: "ID or name of the container" - type: "string" - - name: "signal" - in: "query" - description: | - Signal to send to the container as an integer or string (e.g. `SIGINT`). - type: "string" - - name: "t" - in: "query" - description: "Number of seconds to wait before killing the container" - type: "integer" - tags: ["Container"] - /containers/{id}/kill: - post: - summary: "Kill a container" - description: | - Send a POSIX signal to a container, defaulting to killing to the - container. - operationId: "ContainerKill" - responses: - 204: - description: "no error" - 404: - description: "no such container" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "No such container: c2ada9df5af8" - 409: - description: "container is not running" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "Container d37cde0fe4ad63c3a7252023b2f9800282894247d145cb5933ddf6e52cc03a28 is not running" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - required: true - description: "ID or name of the container" - type: "string" - - name: "signal" - in: "query" - description: | - Signal to send to the container as an integer or string (e.g. `SIGINT`). - type: "string" - default: "SIGKILL" - tags: ["Container"] - /containers/{id}/update: - post: - summary: "Update a container" - description: | - Change various configuration options of a container without having to - recreate it. - operationId: "ContainerUpdate" - consumes: ["application/json"] - produces: ["application/json"] - responses: - 200: - description: "The container has been updated." - schema: - $ref: "#/definitions/ContainerUpdateResponse" - 404: - description: "no such container" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "No such container: c2ada9df5af8" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - required: true - description: "ID or name of the container" - type: "string" - - name: "update" - in: "body" - required: true - schema: - allOf: - - $ref: "#/definitions/Resources" - - type: "object" - properties: - RestartPolicy: - $ref: "#/definitions/RestartPolicy" - example: - BlkioWeight: 300 - CpuShares: 512 - CpuPeriod: 100000 - CpuQuota: 50000 - CpuRealtimePeriod: 1000000 - CpuRealtimeRuntime: 10000 - CpusetCpus: "0,1" - CpusetMems: "0" - Memory: 314572800 - MemorySwap: 514288000 - MemoryReservation: 209715200 - RestartPolicy: - MaximumRetryCount: 4 - Name: "on-failure" - tags: ["Container"] - /containers/{id}/rename: - post: - summary: "Rename a container" - operationId: "ContainerRename" - responses: - 204: - description: "no error" - 404: - description: "no such container" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "No such container: c2ada9df5af8" - 409: - description: "name already in use" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - required: true - description: "ID or name of the container" - type: "string" - - name: "name" - in: "query" - required: true - description: "New name for the container" - type: "string" - tags: ["Container"] - /containers/{id}/pause: - post: - summary: "Pause a container" - description: | - Use the freezer cgroup to suspend all processes in a container. - - Traditionally, when suspending a process the `SIGSTOP` signal is used, - which is observable by the process being suspended. With the freezer - cgroup the process is unaware, and unable to capture, that it is being - suspended, and subsequently resumed. - operationId: "ContainerPause" - responses: - 204: - description: "no error" - 404: - description: "no such container" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "No such container: c2ada9df5af8" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - required: true - description: "ID or name of the container" - type: "string" - tags: ["Container"] - /containers/{id}/unpause: - post: - summary: "Unpause a container" - description: "Resume a container which has been paused." - operationId: "ContainerUnpause" - responses: - 204: - description: "no error" - 404: - description: "no such container" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "No such container: c2ada9df5af8" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - required: true - description: "ID or name of the container" - type: "string" - tags: ["Container"] - /containers/{id}/attach: - post: - summary: "Attach to a container" - description: | - Attach to a container to read its output or send it input. You can attach - to the same container multiple times and you can reattach to containers - that have been detached. - - Either the `stream` or `logs` parameter must be `true` for this endpoint - to do anything. - - See the [documentation for the `docker attach` command](https://docs.docker.com/engine/reference/commandline/attach/) - for more details. - - ### Hijacking - - This endpoint hijacks the HTTP connection to transport `stdin`, `stdout`, - and `stderr` on the same socket. - - This is the response from the daemon for an attach request: - - ``` - HTTP/1.1 200 OK - Content-Type: application/vnd.docker.raw-stream - - [STREAM] - ``` - - After the headers and two new lines, the TCP connection can now be used - for raw, bidirectional communication between the client and server. - - To hint potential proxies about connection hijacking, the Docker client - can also optionally send connection upgrade headers. - - For example, the client sends this request to upgrade the connection: - - ``` - POST /containers/16253994b7c4/attach?stream=1&stdout=1 HTTP/1.1 - Upgrade: tcp - Connection: Upgrade - ``` - - The Docker daemon will respond with a `101 UPGRADED` response, and will - similarly follow with the raw stream: - - ``` - HTTP/1.1 101 UPGRADED - Content-Type: application/vnd.docker.raw-stream - Connection: Upgrade - Upgrade: tcp - - [STREAM] - ``` - - ### Stream format - - When the TTY setting is disabled in [`POST /containers/create`](#operation/ContainerCreate), - the HTTP Content-Type header is set to application/vnd.docker.multiplexed-stream - and the stream over the hijacked connected is multiplexed to separate out - `stdout` and `stderr`. The stream consists of a series of frames, each - containing a header and a payload. - - The header contains the information which the stream writes (`stdout` or - `stderr`). It also contains the size of the associated frame encoded in - the last four bytes (`uint32`). - - It is encoded on the first eight bytes like this: - - ```go - header := [8]byte{STREAM_TYPE, 0, 0, 0, SIZE1, SIZE2, SIZE3, SIZE4} - ``` - - `STREAM_TYPE` can be: - - - 0: `stdin` (is written on `stdout`) - - 1: `stdout` - - 2: `stderr` - - `SIZE1, SIZE2, SIZE3, SIZE4` are the four bytes of the `uint32` size - encoded as big endian. - - Following the header is the payload, which is the specified number of - bytes of `STREAM_TYPE`. - - The simplest way to implement this protocol is the following: - - 1. Read 8 bytes. - 2. Choose `stdout` or `stderr` depending on the first byte. - 3. Extract the frame size from the last four bytes. - 4. Read the extracted size and output it on the correct output. - 5. Goto 1. - - ### Stream format when using a TTY - - When the TTY setting is enabled in [`POST /containers/create`](#operation/ContainerCreate), - the stream is not multiplexed. The data exchanged over the hijacked - connection is simply the raw data from the process PTY and client's - `stdin`. - - operationId: "ContainerAttach" - produces: - - "application/vnd.docker.raw-stream" - - "application/vnd.docker.multiplexed-stream" - responses: - 101: - description: "no error, hints proxy about hijacking" - 200: - description: "no error, no upgrade header found" - 400: - description: "bad parameter" - schema: - $ref: "#/definitions/ErrorResponse" - 404: - description: "no such container" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "No such container: c2ada9df5af8" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - required: true - description: "ID or name of the container" - type: "string" - - name: "detachKeys" - in: "query" - description: | - Override the key sequence for detaching a container.Format is a single - character `[a-Z]` or `ctrl-` where `` is one of: `a-z`, - `@`, `^`, `[`, `,` or `_`. - type: "string" - - name: "logs" - in: "query" - description: | - Replay previous logs from the container. - - This is useful for attaching to a container that has started and you - want to output everything since the container started. - - If `stream` is also enabled, once all the previous output has been - returned, it will seamlessly transition into streaming current - output. - type: "boolean" - default: false - - name: "stream" - in: "query" - description: | - Stream attached streams from the time the request was made onwards. - type: "boolean" - default: false - - name: "stdin" - in: "query" - description: "Attach to `stdin`" - type: "boolean" - default: false - - name: "stdout" - in: "query" - description: "Attach to `stdout`" - type: "boolean" - default: false - - name: "stderr" - in: "query" - description: "Attach to `stderr`" - type: "boolean" - default: false - tags: ["Container"] - /containers/{id}/attach/ws: - get: - summary: "Attach to a container via a websocket" - operationId: "ContainerAttachWebsocket" - responses: - 101: - description: "no error, hints proxy about hijacking" - 200: - description: "no error, no upgrade header found" - 400: - description: "bad parameter" - schema: - $ref: "#/definitions/ErrorResponse" - 404: - description: "no such container" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "No such container: c2ada9df5af8" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - required: true - description: "ID or name of the container" - type: "string" - - name: "detachKeys" - in: "query" - description: | - Override the key sequence for detaching a container.Format is a single - character `[a-Z]` or `ctrl-` where `` is one of: `a-z`, - `@`, `^`, `[`, `,`, or `_`. - type: "string" - - name: "logs" - in: "query" - description: "Return logs" - type: "boolean" - default: false - - name: "stream" - in: "query" - description: "Return stream" - type: "boolean" - default: false - - name: "stdin" - in: "query" - description: "Attach to `stdin`" - type: "boolean" - default: false - - name: "stdout" - in: "query" - description: "Attach to `stdout`" - type: "boolean" - default: false - - name: "stderr" - in: "query" - description: "Attach to `stderr`" - type: "boolean" - default: false - tags: ["Container"] - /containers/{id}/wait: - post: - summary: "Wait for a container" - description: "Block until a container stops, then returns the exit code." - operationId: "ContainerWait" - produces: ["application/json"] - responses: - 200: - description: "The container has exit." - schema: - $ref: "#/definitions/ContainerWaitResponse" - 400: - description: "bad parameter" - schema: - $ref: "#/definitions/ErrorResponse" - 404: - description: "no such container" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "No such container: c2ada9df5af8" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - required: true - description: "ID or name of the container" - type: "string" - - name: "condition" - in: "query" - description: | - Wait until a container state reaches the given condition. - - Defaults to `not-running` if omitted or empty. - type: "string" - enum: - - "not-running" - - "next-exit" - - "removed" - default: "not-running" - tags: ["Container"] - /containers/{id}: - delete: - summary: "Remove a container" - operationId: "ContainerDelete" - responses: - 204: - description: "no error" - 400: - description: "bad parameter" - schema: - $ref: "#/definitions/ErrorResponse" - 404: - description: "no such container" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "No such container: c2ada9df5af8" - 409: - description: "conflict" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: | - You cannot remove a running container: c2ada9df5af8. Stop the - container before attempting removal or force remove - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - required: true - description: "ID or name of the container" - type: "string" - - name: "v" - in: "query" - description: "Remove anonymous volumes associated with the container." - type: "boolean" - default: false - - name: "force" - in: "query" - description: "If the container is running, kill it before removing it." - type: "boolean" - default: false - - name: "link" - in: "query" - description: "Remove the specified link associated with the container." - type: "boolean" - default: false - tags: ["Container"] - /containers/{id}/archive: - head: - summary: "Get information about files in a container" - description: | - A response header `X-Docker-Container-Path-Stat` is returned, containing - a base64 - encoded JSON object with some filesystem header information - about the path. - operationId: "ContainerArchiveInfo" - responses: - 200: - description: "no error" - headers: - X-Docker-Container-Path-Stat: - type: "string" - description: | - A base64 - encoded JSON object with some filesystem header - information about the path - 400: - description: "Bad parameter" - schema: - $ref: "#/definitions/ErrorResponse" - 404: - description: "Container or path does not exist" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "No such container: c2ada9df5af8" - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - required: true - description: "ID or name of the container" - type: "string" - - name: "path" - in: "query" - required: true - description: "Resource in the container’s filesystem to archive." - type: "string" - tags: ["Container"] - get: - summary: "Get an archive of a filesystem resource in a container" - description: "Get a tar archive of a resource in the filesystem of container id." - operationId: "ContainerArchive" - produces: ["application/x-tar"] - responses: - 200: - description: "no error" - 400: - description: "Bad parameter" - schema: - $ref: "#/definitions/ErrorResponse" - 404: - description: "Container or path does not exist" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "No such container: c2ada9df5af8" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - required: true - description: "ID or name of the container" - type: "string" - - name: "path" - in: "query" - required: true - description: "Resource in the container’s filesystem to archive." - type: "string" - tags: ["Container"] - put: - summary: "Extract an archive of files or folders to a directory in a container" - description: | - Upload a tar archive to be extracted to a path in the filesystem of container id. - `path` parameter is asserted to be a directory. If it exists as a file, 400 error - will be returned with message "not a directory". - operationId: "PutContainerArchive" - consumes: ["application/x-tar", "application/octet-stream"] - responses: - 200: - description: "The content was extracted successfully" - 400: - description: "Bad parameter" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "not a directory" - 403: - description: "Permission denied, the volume or container rootfs is marked as read-only." - schema: - $ref: "#/definitions/ErrorResponse" - 404: - description: "No such container or path does not exist inside the container" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "No such container: c2ada9df5af8" - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - required: true - description: "ID or name of the container" - type: "string" - - name: "path" - in: "query" - required: true - description: "Path to a directory in the container to extract the archive’s contents into. " - type: "string" - - name: "noOverwriteDirNonDir" - in: "query" - description: | - If `1`, `true`, or `True` then it will be an error if unpacking the - given content would cause an existing directory to be replaced with - a non-directory and vice versa. - type: "string" - - name: "copyUIDGID" - in: "query" - description: | - If `1`, `true`, then it will copy UID/GID maps to the dest file or - dir - type: "string" - - name: "inputStream" - in: "body" - required: true - description: | - The input stream must be a tar archive compressed with one of the - following algorithms: `identity` (no compression), `gzip`, `bzip2`, - or `xz`. - schema: - type: "string" - format: "binary" - tags: ["Container"] - /containers/prune: - post: - summary: "Delete stopped containers" - produces: - - "application/json" - operationId: "ContainerPrune" - parameters: - - name: "filters" - in: "query" - description: | - Filters to process on the prune list, encoded as JSON (a `map[string][]string`). - - Available filters: - - `until=` Prune containers created before this timestamp. The `` can be Unix timestamps, date formatted timestamps, or Go duration strings (e.g. `10m`, `1h30m`) computed relative to the daemon machine’s time. - - `label` (`label=`, `label==`, `label!=`, or `label!==`) Prune containers with (or without, in case `label!=...` is used) the specified labels. - type: "string" - responses: - 200: - description: "No error" - schema: - type: "object" - title: "ContainerPruneResponse" - properties: - ContainersDeleted: - description: "Container IDs that were deleted" - type: "array" - items: - type: "string" - SpaceReclaimed: - description: "Disk space reclaimed in bytes" - type: "integer" - format: "int64" - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - tags: ["Container"] - /images/json: - get: - summary: "List Images" - description: "Returns a list of images on the server. Note that it uses a different, smaller representation of an image than inspecting a single image." - operationId: "ImageList" - produces: - - "application/json" - responses: - 200: - description: "Summary image data for the images matching the query" - schema: - type: "array" - items: - $ref: "#/definitions/ImageSummary" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "all" - in: "query" - description: "Show all images. Only images from a final layer (no children) are shown by default." - type: "boolean" - default: false - - name: "filters" - in: "query" - description: | - A JSON encoded value of the filters (a `map[string][]string`) to - process on the images list. - - Available filters: - - - `before`=(`[:]`, `` or ``) - - `dangling=true` - - `label=key` or `label="key=value"` of an image label - - `reference`=(`[:]`) - - `since`=(`[:]`, `` or ``) - - `until=` - type: "string" - - name: "shared-size" - in: "query" - description: "Compute and show shared size as a `SharedSize` field on each image." - type: "boolean" - default: false - - name: "digests" - in: "query" - description: "Show digest information as a `RepoDigests` field on each image." - type: "boolean" - default: false - - name: "manifests" - in: "query" - description: "Include `Manifests` in the image summary." - type: "boolean" - default: false - tags: ["Image"] - /build: - post: - summary: "Build an image" - description: | - Build an image from a tar archive with a `Dockerfile` in it. - - The `Dockerfile` specifies how the image is built from the tar archive. It is typically in the archive's root, but can be at a different path or have a different name by specifying the `dockerfile` parameter. [See the `Dockerfile` reference for more information](https://docs.docker.com/engine/reference/builder/). - - The Docker daemon performs a preliminary validation of the `Dockerfile` before starting the build, and returns an error if the syntax is incorrect. After that, each instruction is run one-by-one until the ID of the new image is output. - - The build is canceled if the client drops the connection by quitting or being killed. - operationId: "ImageBuild" - consumes: - - "application/octet-stream" - produces: - - "application/json" - parameters: - - name: "inputStream" - in: "body" - description: "A tar archive compressed with one of the following algorithms: identity (no compression), gzip, bzip2, xz." - schema: - type: "string" - format: "binary" - - name: "dockerfile" - in: "query" - description: "Path within the build context to the `Dockerfile`. This is ignored if `remote` is specified and points to an external `Dockerfile`." - type: "string" - default: "Dockerfile" - - name: "t" - in: "query" - description: "A name and optional tag to apply to the image in the `name:tag` format. If you omit the tag the default `latest` value is assumed. You can provide several `t` parameters." - type: "string" - - name: "extrahosts" - in: "query" - description: "Extra hosts to add to /etc/hosts" - type: "string" - - name: "remote" - in: "query" - description: "A Git repository URI or HTTP/HTTPS context URI. If the URI points to a single text file, the file’s contents are placed into a file called `Dockerfile` and the image is built from that file. If the URI points to a tarball, the file is downloaded by the daemon and the contents therein used as the context for the build. If the URI points to a tarball and the `dockerfile` parameter is also specified, there must be a file with the corresponding path inside the tarball." - type: "string" - - name: "q" - in: "query" - description: "Suppress verbose build output." - type: "boolean" - default: false - - name: "nocache" - in: "query" - description: "Do not use the cache when building the image." - type: "boolean" - default: false - - name: "cachefrom" - in: "query" - description: "JSON array of images used for build cache resolution." - type: "string" - - name: "pull" - in: "query" - description: "Attempt to pull the image even if an older image exists locally." - type: "string" - - name: "rm" - in: "query" - description: "Remove intermediate containers after a successful build." - type: "boolean" - default: true - - name: "forcerm" - in: "query" - description: "Always remove intermediate containers, even upon failure." - type: "boolean" - default: false - - name: "memory" - in: "query" - description: "Set memory limit for build." - type: "integer" - - name: "memswap" - in: "query" - description: "Total memory (memory + swap). Set as `-1` to disable swap." - type: "integer" - - name: "cpushares" - in: "query" - description: "CPU shares (relative weight)." - type: "integer" - - name: "cpusetcpus" - in: "query" - description: "CPUs in which to allow execution (e.g., `0-3`, `0,1`)." - type: "string" - - name: "cpuperiod" - in: "query" - description: "The length of a CPU period in microseconds." - type: "integer" - - name: "cpuquota" - in: "query" - description: "Microseconds of CPU time that the container can get in a CPU period." - type: "integer" - - name: "buildargs" - in: "query" - description: > - JSON map of string pairs for build-time variables. Users pass these values at build-time. Docker - uses the buildargs as the environment context for commands run via the `Dockerfile` RUN - instruction, or for variable expansion in other `Dockerfile` instructions. This is not meant for - passing secret values. - - - For example, the build arg `FOO=bar` would become `{"FOO":"bar"}` in JSON. This would result in the - query parameter `buildargs={"FOO":"bar"}`. Note that `{"FOO":"bar"}` should be URI component encoded. - - - [Read more about the buildargs instruction.](https://docs.docker.com/engine/reference/builder/#arg) - type: "string" - - name: "shmsize" - in: "query" - description: "Size of `/dev/shm` in bytes. The size must be greater than 0. If omitted the system uses 64MB." - type: "integer" - - name: "squash" - in: "query" - description: "Squash the resulting images layers into a single layer. *(Experimental release only.)*" - type: "boolean" - - name: "labels" - in: "query" - description: "Arbitrary key/value labels to set on the image, as a JSON map of string pairs." - type: "string" - - name: "networkmode" - in: "query" - description: | - Sets the networking mode for the run commands during build. Supported - standard values are: `bridge`, `host`, `none`, and `container:`. - Any other value is taken as a custom network's name or ID to which this - container should connect to. - type: "string" - - name: "Content-type" - in: "header" - type: "string" - enum: - - "application/x-tar" - default: "application/x-tar" - - name: "X-Registry-Config" - in: "header" - description: | - This is a base64-encoded JSON object with auth configurations for multiple registries that a build may refer to. - - The key is a registry URL, and the value is an auth configuration object, [as described in the authentication section](#section/Authentication). For example: - - ``` - { - "docker.example.com": { - "username": "janedoe", - "password": "hunter2" - }, - "https://index.docker.io/v1/": { - "username": "mobydock", - "password": "conta1n3rize14" - } - } - ``` - - Only the registry domain name (and port if not the default 443) are required. However, for legacy reasons, the Docker Hub registry must be specified with both a `https://` prefix and a `/v1/` suffix even though Docker will prefer to use the v2 registry API. - type: "string" - - name: "platform" - in: "query" - description: "Platform in the format os[/arch[/variant]]" - type: "string" - default: "" - - name: "target" - in: "query" - description: "Target build stage" - type: "string" - default: "" - - name: "outputs" - in: "query" - description: "BuildKit output configuration" - type: "string" - default: "" - - name: "version" - in: "query" - type: "string" - default: "1" - enum: ["1", "2"] - description: | - Version of the builder backend to use. - - - `1` is the first generation classic (deprecated) builder in the Docker daemon (default) - - `2` is [BuildKit](https://github.com/moby/buildkit) - responses: - 200: - description: "no error" - 400: - description: "Bad parameter" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - tags: ["Image"] - /build/prune: - post: - summary: "Delete builder cache" - produces: - - "application/json" - operationId: "BuildPrune" - parameters: - - name: "keep-storage" - in: "query" - description: | - Amount of disk space in bytes to keep for cache - - > **Deprecated**: This parameter is deprecated and has been renamed to "reserved-space". - > It is kept for backward compatibility and will be removed in API v1.49. - type: "integer" - format: "int64" - - name: "reserved-space" - in: "query" - description: "Amount of disk space in bytes to keep for cache" - type: "integer" - format: "int64" - - name: "max-used-space" - in: "query" - description: "Maximum amount of disk space allowed to keep for cache" - type: "integer" - format: "int64" - - name: "min-free-space" - in: "query" - description: "Target amount of free disk space after pruning" - type: "integer" - format: "int64" - - name: "all" - in: "query" - type: "boolean" - description: "Remove all types of build cache" - - name: "filters" - in: "query" - type: "string" - description: | - A JSON encoded value of the filters (a `map[string][]string`) to - process on the list of build cache objects. - - Available filters: - - - `until=` remove cache older than ``. The `` can be Unix timestamps, date formatted timestamps, or Go duration strings (e.g. `10m`, `1h30m`) computed relative to the daemon's local time. - - `id=` - - `parent=` - - `type=` - - `description=` - - `inuse` - - `shared` - - `private` - responses: - 200: - description: "No error" - schema: - type: "object" - title: "BuildPruneResponse" - properties: - CachesDeleted: - type: "array" - items: - description: "ID of build cache object" - type: "string" - SpaceReclaimed: - description: "Disk space reclaimed in bytes" - type: "integer" - format: "int64" - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - tags: ["Image"] - /images/create: - post: - summary: "Create an image" - description: "Pull or import an image." - operationId: "ImageCreate" - consumes: - - "text/plain" - - "application/octet-stream" - produces: - - "application/json" - responses: - 200: - description: "no error" - 404: - description: "repository does not exist or no read access" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "fromImage" - in: "query" - description: | - Name of the image to pull. If the name includes a tag or digest, specific behavior applies: - - - If only `fromImage` includes a tag, that tag is used. - - If both `fromImage` and `tag` are provided, `tag` takes precedence. - - If `fromImage` includes a digest, the image is pulled by digest, and `tag` is ignored. - - If neither a tag nor digest is specified, all tags are pulled. - type: "string" - - name: "fromSrc" - in: "query" - description: "Source to import. The value may be a URL from which the image can be retrieved or `-` to read the image from the request body. This parameter may only be used when importing an image." - type: "string" - - name: "repo" - in: "query" - description: "Repository name given to an image when it is imported. The repo may include a tag. This parameter may only be used when importing an image." - type: "string" - - name: "tag" - in: "query" - description: "Tag or digest. If empty when pulling an image, this causes all tags for the given image to be pulled." - type: "string" - - name: "message" - in: "query" - description: "Set commit message for imported image." - type: "string" - - name: "inputImage" - in: "body" - description: "Image content if the value `-` has been specified in fromSrc query parameter" - schema: - type: "string" - required: false - - name: "X-Registry-Auth" - in: "header" - description: | - A base64url-encoded auth configuration. - - Refer to the [authentication section](#section/Authentication) for - details. - type: "string" - - name: "changes" - in: "query" - description: | - Apply `Dockerfile` instructions to the image that is created, - for example: `changes=ENV DEBUG=true`. - Note that `ENV DEBUG=true` should be URI component encoded. - - Supported `Dockerfile` instructions: - `CMD`|`ENTRYPOINT`|`ENV`|`EXPOSE`|`ONBUILD`|`USER`|`VOLUME`|`WORKDIR` - type: "array" - items: - type: "string" - - name: "platform" - in: "query" - description: | - Platform in the format os[/arch[/variant]]. - - When used in combination with the `fromImage` option, the daemon checks - if the given image is present in the local image cache with the given - OS and Architecture, and otherwise attempts to pull the image. If the - option is not set, the host's native OS and Architecture are used. - If the given image does not exist in the local image cache, the daemon - attempts to pull the image with the host's native OS and Architecture. - If the given image does exists in the local image cache, but its OS or - architecture does not match, a warning is produced. - - When used with the `fromSrc` option to import an image from an archive, - this option sets the platform information for the imported image. If - the option is not set, the host's native OS and Architecture are used - for the imported image. - type: "string" - default: "" - tags: ["Image"] - /images/{name}/json: - get: - summary: "Inspect an image" - description: "Return low-level information about an image." - operationId: "ImageInspect" - produces: - - "application/json" - responses: - 200: - description: "No error" - schema: - $ref: "#/definitions/ImageInspect" - 404: - description: "No such image" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "No such image: someimage (tag: latest)" - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "name" - in: "path" - description: "Image name or id" - type: "string" - required: true - - name: "manifests" - in: "query" - description: "Include Manifests in the image summary." - type: "boolean" - default: false - required: false - tags: ["Image"] - /images/{name}/history: - get: - summary: "Get the history of an image" - description: "Return parent layers of an image." - operationId: "ImageHistory" - produces: ["application/json"] - responses: - 200: - description: "List of image layers" - schema: - type: "array" - items: - type: "object" - x-go-name: HistoryResponseItem - title: "HistoryResponseItem" - description: "individual image layer information in response to ImageHistory operation" - required: [Id, Created, CreatedBy, Tags, Size, Comment] - properties: - Id: - type: "string" - x-nullable: false - Created: - type: "integer" - format: "int64" - x-nullable: false - CreatedBy: - type: "string" - x-nullable: false - Tags: - type: "array" - items: - type: "string" - Size: - type: "integer" - format: "int64" - x-nullable: false - Comment: - type: "string" - x-nullable: false - examples: - application/json: - - Id: "3db9c44f45209632d6050b35958829c3a2aa256d81b9a7be45b362ff85c54710" - Created: 1398108230 - CreatedBy: "/bin/sh -c #(nop) ADD file:eb15dbd63394e063b805a3c32ca7bf0266ef64676d5a6fab4801f2e81e2a5148 in /" - Tags: - - "ubuntu:lucid" - - "ubuntu:10.04" - Size: 182964289 - Comment: "" - - Id: "6cfa4d1f33fb861d4d114f43b25abd0ac737509268065cdfd69d544a59c85ab8" - Created: 1398108222 - CreatedBy: "/bin/sh -c #(nop) MAINTAINER Tianon Gravi - mkimage-debootstrap.sh -i iproute,iputils-ping,ubuntu-minimal -t lucid.tar.xz lucid http://archive.ubuntu.com/ubuntu/" - Tags: [] - Size: 0 - Comment: "" - - Id: "511136ea3c5a64f264b78b5433614aec563103b4d4702f3ba7d4d2698e22c158" - Created: 1371157430 - CreatedBy: "" - Tags: - - "scratch12:latest" - - "scratch:latest" - Size: 0 - Comment: "Imported from -" - 404: - description: "No such image" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "name" - in: "path" - description: "Image name or ID" - type: "string" - required: true - - name: "platform" - type: "string" - in: "query" - description: | - JSON-encoded OCI platform to select the platform-variant. - If omitted, it defaults to any locally available platform, - prioritizing the daemon's host platform. - - If the daemon provides a multi-platform image store, this selects - the platform-variant to show the history for. If the image is - a single-platform image, or if the multi-platform image does not - provide a variant matching the given platform, an error is returned. - - Example: `{"os": "linux", "architecture": "arm", "variant": "v5"}` - tags: ["Image"] - /images/{name}/push: - post: - summary: "Push an image" - description: | - Push an image to a registry. - - If you wish to push an image on to a private registry, that image must - already have a tag which references the registry. For example, - `registry.example.com/myimage:latest`. - - The push is cancelled if the HTTP connection is closed. - operationId: "ImagePush" - consumes: - - "application/octet-stream" - responses: - 200: - description: "No error" - 404: - description: "No such image" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "name" - in: "path" - description: | - Name of the image to push. For example, `registry.example.com/myimage`. - The image must be present in the local image store with the same name. - - The name should be provided without tag; if a tag is provided, it - is ignored. For example, `registry.example.com/myimage:latest` is - considered equivalent to `registry.example.com/myimage`. - - Use the `tag` parameter to specify the tag to push. - type: "string" - required: true - - name: "tag" - in: "query" - description: | - Tag of the image to push. For example, `latest`. If no tag is provided, - all tags of the given image that are present in the local image store - are pushed. - type: "string" - - name: "platform" - type: "string" - in: "query" - description: | - JSON-encoded OCI platform to select the platform-variant to push. - If not provided, all available variants will attempt to be pushed. - - If the daemon provides a multi-platform image store, this selects - the platform-variant to push to the registry. If the image is - a single-platform image, or if the multi-platform image does not - provide a variant matching the given platform, an error is returned. - - Example: `{"os": "linux", "architecture": "arm", "variant": "v5"}` - - name: "X-Registry-Auth" - in: "header" - description: | - A base64url-encoded auth configuration. - - Refer to the [authentication section](#section/Authentication) for - details. - type: "string" - required: true - tags: ["Image"] - /images/{name}/tag: - post: - summary: "Tag an image" - description: "Tag an image so that it becomes part of a repository." - operationId: "ImageTag" - responses: - 201: - description: "No error" - 400: - description: "Bad parameter" - schema: - $ref: "#/definitions/ErrorResponse" - 404: - description: "No such image" - schema: - $ref: "#/definitions/ErrorResponse" - 409: - description: "Conflict" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "name" - in: "path" - description: "Image name or ID to tag." - type: "string" - required: true - - name: "repo" - in: "query" - description: "The repository to tag in. For example, `someuser/someimage`." - type: "string" - - name: "tag" - in: "query" - description: "The name of the new tag." - type: "string" - tags: ["Image"] - /images/{name}: - delete: - summary: "Remove an image" - description: | - Remove an image, along with any untagged parent images that were - referenced by that image. - - Images can't be removed if they have descendant images, are being - used by a running container or are being used by a build. - operationId: "ImageDelete" - produces: ["application/json"] - responses: - 200: - description: "The image was deleted successfully" - schema: - type: "array" - items: - $ref: "#/definitions/ImageDeleteResponseItem" - examples: - application/json: - - Untagged: "3e2f21a89f" - - Deleted: "3e2f21a89f" - - Deleted: "53b4f83ac9" - 404: - description: "No such image" - schema: - $ref: "#/definitions/ErrorResponse" - 409: - description: "Conflict" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "name" - in: "path" - description: "Image name or ID" - type: "string" - required: true - - name: "force" - in: "query" - description: "Remove the image even if it is being used by stopped containers or has other tags" - type: "boolean" - default: false - - name: "noprune" - in: "query" - description: "Do not delete untagged parent images" - type: "boolean" - default: false - - name: "platforms" - in: "query" - description: | - Select platform-specific content to delete. - Multiple values are accepted. - Each platform is a OCI platform encoded as a JSON string. - type: "array" - items: - # This should be OCIPlatform - # but $ref is not supported for array in query in Swagger 2.0 - # $ref: "#/definitions/OCIPlatform" - type: "string" - tags: ["Image"] - /images/search: - get: - summary: "Search images" - description: "Search for an image on Docker Hub." - operationId: "ImageSearch" - produces: - - "application/json" - responses: - 200: - description: "No error" - schema: - type: "array" - items: - type: "object" - title: "ImageSearchResponseItem" - properties: - description: - type: "string" - is_official: - type: "boolean" - is_automated: - description: | - Whether this repository has automated builds enabled. - -


- - > **Deprecated**: This field is deprecated and will always be "false". - type: "boolean" - example: false - name: - type: "string" - star_count: - type: "integer" - examples: - application/json: - - description: "A minimal Docker image based on Alpine Linux with a complete package index and only 5 MB in size!" - is_official: true - is_automated: false - name: "alpine" - star_count: 10093 - - description: "Busybox base image." - is_official: true - is_automated: false - name: "Busybox base image." - star_count: 3037 - - description: "The PostgreSQL object-relational database system provides reliability and data integrity." - is_official: true - is_automated: false - name: "postgres" - star_count: 12408 - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "term" - in: "query" - description: "Term to search" - type: "string" - required: true - - name: "limit" - in: "query" - description: "Maximum number of results to return" - type: "integer" - - name: "filters" - in: "query" - description: | - A JSON encoded value of the filters (a `map[string][]string`) to process on the images list. Available filters: - - - `is-official=(true|false)` - - `stars=` Matches images that has at least 'number' stars. - type: "string" - tags: ["Image"] - /images/prune: - post: - summary: "Delete unused images" - produces: - - "application/json" - operationId: "ImagePrune" - parameters: - - name: "filters" - in: "query" - description: | - Filters to process on the prune list, encoded as JSON (a `map[string][]string`). Available filters: - - - `dangling=` When set to `true` (or `1`), prune only - unused *and* untagged images. When set to `false` - (or `0`), all unused images are pruned. - - `until=` Prune images created before this timestamp. The `` can be Unix timestamps, date formatted timestamps, or Go duration strings (e.g. `10m`, `1h30m`) computed relative to the daemon machine’s time. - - `label` (`label=`, `label==`, `label!=`, or `label!==`) Prune images with (or without, in case `label!=...` is used) the specified labels. - type: "string" - responses: - 200: - description: "No error" - schema: - type: "object" - title: "ImagePruneResponse" - properties: - ImagesDeleted: - description: "Images that were deleted" - type: "array" - items: - $ref: "#/definitions/ImageDeleteResponseItem" - SpaceReclaimed: - description: "Disk space reclaimed in bytes" - type: "integer" - format: "int64" - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - tags: ["Image"] - /auth: - post: - summary: "Check auth configuration" - description: | - Validate credentials for a registry and, if available, get an identity - token for accessing the registry without password. - operationId: "SystemAuth" - consumes: ["application/json"] - produces: ["application/json"] - responses: - 200: - description: "An identity token was generated successfully." - schema: - type: "object" - title: "SystemAuthResponse" - required: [Status] - properties: - Status: - description: "The status of the authentication" - type: "string" - x-nullable: false - IdentityToken: - description: "An opaque token used to authenticate a user after a successful login" - type: "string" - x-nullable: false - examples: - application/json: - Status: "Login Succeeded" - IdentityToken: "9cbaf023786cd7..." - 204: - description: "No error" - 401: - description: "Auth error" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "authConfig" - in: "body" - description: "Authentication to check" - schema: - $ref: "#/definitions/AuthConfig" - tags: ["System"] - /info: - get: - summary: "Get system information" - operationId: "SystemInfo" - produces: - - "application/json" - responses: - 200: - description: "No error" - schema: - $ref: "#/definitions/SystemInfo" - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - tags: ["System"] - /version: - get: - summary: "Get version" - description: "Returns the version of Docker that is running and various information about the system that Docker is running on." - operationId: "SystemVersion" - produces: ["application/json"] - responses: - 200: - description: "no error" - schema: - $ref: "#/definitions/SystemVersion" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - tags: ["System"] - /_ping: - get: - summary: "Ping" - description: "This is a dummy endpoint you can use to test if the server is accessible." - operationId: "SystemPing" - produces: ["text/plain"] - responses: - 200: - description: "no error" - schema: - type: "string" - example: "OK" - headers: - Api-Version: - type: "string" - description: "Max API Version the server supports" - Builder-Version: - type: "string" - description: | - Default version of docker image builder - - The default on Linux is version "2" (BuildKit), but the daemon - can be configured to recommend version "1" (classic Builder). - Windows does not yet support BuildKit for native Windows images, - and uses "1" (classic builder) as a default. - - This value is a recommendation as advertised by the daemon, and - it is up to the client to choose which builder to use. - default: "2" - Docker-Experimental: - type: "boolean" - description: "If the server is running with experimental mode enabled" - Swarm: - type: "string" - enum: ["inactive", "pending", "error", "locked", "active/worker", "active/manager"] - description: | - Contains information about Swarm status of the daemon, - and if the daemon is acting as a manager or worker node. - default: "inactive" - Cache-Control: - type: "string" - default: "no-cache, no-store, must-revalidate" - Pragma: - type: "string" - default: "no-cache" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - headers: - Cache-Control: - type: "string" - default: "no-cache, no-store, must-revalidate" - Pragma: - type: "string" - default: "no-cache" - tags: ["System"] - head: - summary: "Ping" - description: "This is a dummy endpoint you can use to test if the server is accessible." - operationId: "SystemPingHead" - produces: ["text/plain"] - responses: - 200: - description: "no error" - schema: - type: "string" - example: "(empty)" - headers: - Api-Version: - type: "string" - description: "Max API Version the server supports" - Builder-Version: - type: "string" - description: "Default version of docker image builder" - Docker-Experimental: - type: "boolean" - description: "If the server is running with experimental mode enabled" - Swarm: - type: "string" - enum: ["inactive", "pending", "error", "locked", "active/worker", "active/manager"] - description: | - Contains information about Swarm status of the daemon, - and if the daemon is acting as a manager or worker node. - default: "inactive" - Cache-Control: - type: "string" - default: "no-cache, no-store, must-revalidate" - Pragma: - type: "string" - default: "no-cache" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - tags: ["System"] - /commit: - post: - summary: "Create a new image from a container" - operationId: "ImageCommit" - consumes: - - "application/json" - produces: - - "application/json" - responses: - 201: - description: "no error" - schema: - $ref: "#/definitions/IDResponse" - 404: - description: "no such container" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "No such container: c2ada9df5af8" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "containerConfig" - in: "body" - description: "The container configuration" - schema: - $ref: "#/definitions/ContainerConfig" - - name: "container" - in: "query" - description: "The ID or name of the container to commit" - type: "string" - - name: "repo" - in: "query" - description: "Repository name for the created image" - type: "string" - - name: "tag" - in: "query" - description: "Tag name for the create image" - type: "string" - - name: "comment" - in: "query" - description: "Commit message" - type: "string" - - name: "author" - in: "query" - description: "Author of the image (e.g., `John Hannibal Smith `)" - type: "string" - - name: "pause" - in: "query" - description: "Whether to pause the container before committing" - type: "boolean" - default: true - - name: "changes" - in: "query" - description: "`Dockerfile` instructions to apply while committing" - type: "string" - tags: ["Image"] - /events: - get: - summary: "Monitor events" - description: | - Stream real-time events from the server. - - Various objects within Docker report events when something happens to them. - - Containers report these events: `attach`, `commit`, `copy`, `create`, `destroy`, `detach`, `die`, `exec_create`, `exec_detach`, `exec_start`, `exec_die`, `export`, `health_status`, `kill`, `oom`, `pause`, `rename`, `resize`, `restart`, `start`, `stop`, `top`, `unpause`, `update`, and `prune` - - Images report these events: `create`, `delete`, `import`, `load`, `pull`, `push`, `save`, `tag`, `untag`, and `prune` - - Volumes report these events: `create`, `mount`, `unmount`, `destroy`, and `prune` - - Networks report these events: `create`, `connect`, `disconnect`, `destroy`, `update`, `remove`, and `prune` - - The Docker daemon reports these events: `reload` - - Services report these events: `create`, `update`, and `remove` - - Nodes report these events: `create`, `update`, and `remove` - - Secrets report these events: `create`, `update`, and `remove` - - Configs report these events: `create`, `update`, and `remove` - - The Builder reports `prune` events - - operationId: "SystemEvents" - produces: - - "application/json" - responses: - 200: - description: "no error" - schema: - $ref: "#/definitions/EventMessage" - 400: - description: "bad parameter" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "since" - in: "query" - description: "Show events created since this timestamp then stream new events." - type: "string" - - name: "until" - in: "query" - description: "Show events created until this timestamp then stop streaming." - type: "string" - - name: "filters" - in: "query" - description: | - A JSON encoded value of filters (a `map[string][]string`) to process on the event list. Available filters: - - - `config=` config name or ID - - `container=` container name or ID - - `daemon=` daemon name or ID - - `event=` event type - - `image=` image name or ID - - `label=` image or container label - - `network=` network name or ID - - `node=` node ID - - `plugin`= plugin name or ID - - `scope`= local or swarm - - `secret=` secret name or ID - - `service=` service name or ID - - `type=` object to filter by, one of `container`, `image`, `volume`, `network`, `daemon`, `plugin`, `node`, `service`, `secret` or `config` - - `volume=` volume name - type: "string" - tags: ["System"] - /system/df: - get: - summary: "Get data usage information" - operationId: "SystemDataUsage" - responses: - 200: - description: "no error" - schema: - type: "object" - title: "SystemDataUsageResponse" - properties: - LayersSize: - type: "integer" - format: "int64" - Images: - type: "array" - items: - $ref: "#/definitions/ImageSummary" - Containers: - type: "array" - items: - $ref: "#/definitions/ContainerSummary" - Volumes: - type: "array" - items: - $ref: "#/definitions/Volume" - BuildCache: - type: "array" - items: - $ref: "#/definitions/BuildCache" - example: - LayersSize: 1092588 - Images: - - - Id: "sha256:2b8fd9751c4c0f5dd266fcae00707e67a2545ef34f9a29354585f93dac906749" - ParentId: "" - RepoTags: - - "busybox:latest" - RepoDigests: - - "busybox@sha256:a59906e33509d14c036c8678d687bd4eec81ed7c4b8ce907b888c607f6a1e0e6" - Created: 1466724217 - Size: 1092588 - SharedSize: 0 - Labels: {} - Containers: 1 - Containers: - - - Id: "e575172ed11dc01bfce087fb27bee502db149e1a0fad7c296ad300bbff178148" - Names: - - "/top" - Image: "busybox" - ImageID: "sha256:2b8fd9751c4c0f5dd266fcae00707e67a2545ef34f9a29354585f93dac906749" - Command: "top" - Created: 1472592424 - Ports: [] - SizeRootFs: 1092588 - Labels: {} - State: "exited" - Status: "Exited (0) 56 minutes ago" - HostConfig: - NetworkMode: "default" - NetworkSettings: - Networks: - bridge: - IPAMConfig: null - Links: null - Aliases: null - NetworkID: "d687bc59335f0e5c9ee8193e5612e8aee000c8c62ea170cfb99c098f95899d92" - EndpointID: "8ed5115aeaad9abb174f68dcf135b49f11daf597678315231a32ca28441dec6a" - Gateway: "172.18.0.1" - IPAddress: "172.18.0.2" - IPPrefixLen: 16 - IPv6Gateway: "" - GlobalIPv6Address: "" - GlobalIPv6PrefixLen: 0 - MacAddress: "02:42:ac:12:00:02" - Mounts: [] - Volumes: - - - Name: "my-volume" - Driver: "local" - Mountpoint: "/var/lib/docker/volumes/my-volume/_data" - Labels: null - Scope: "local" - Options: null - UsageData: - Size: 10920104 - RefCount: 2 - BuildCache: - - - ID: "hw53o5aio51xtltp5xjp8v7fx" - Parents: [] - Type: "regular" - Description: "pulled from docker.io/library/debian@sha256:234cb88d3020898631af0ccbbcca9a66ae7306ecd30c9720690858c1b007d2a0" - InUse: false - Shared: true - Size: 0 - CreatedAt: "2021-06-28T13:31:01.474619385Z" - LastUsedAt: "2021-07-07T22:02:32.738075951Z" - UsageCount: 26 - - - ID: "ndlpt0hhvkqcdfkputsk4cq9c" - Parents: ["ndlpt0hhvkqcdfkputsk4cq9c"] - Type: "regular" - Description: "mount / from exec /bin/sh -c echo 'Binary::apt::APT::Keep-Downloaded-Packages \"true\";' > /etc/apt/apt.conf.d/keep-cache" - InUse: false - Shared: true - Size: 51 - CreatedAt: "2021-06-28T13:31:03.002625487Z" - LastUsedAt: "2021-07-07T22:02:32.773909517Z" - UsageCount: 26 - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "type" - in: "query" - description: | - Object types, for which to compute and return data. - type: "array" - collectionFormat: multi - items: - type: "string" - enum: ["container", "image", "volume", "build-cache"] - tags: ["System"] - /images/{name}/get: - get: - summary: "Export an image" - description: | - Get a tarball containing all images and metadata for a repository. - - If `name` is a specific name and tag (e.g. `ubuntu:latest`), then only that image (and its parents) are returned. If `name` is an image ID, similarly only that image (and its parents) are returned, but with the exclusion of the `repositories` file in the tarball, as there were no image names referenced. - - ### Image tarball format - - An image tarball contains [Content as defined in the OCI Image Layout Specification](https://github.com/opencontainers/image-spec/blob/v1.1.1/image-layout.md#content). - - Additionally, includes the manifest.json file associated with a backwards compatible docker save format. - - If the tarball defines a repository, the tarball should also include a `repositories` file at the root that contains a list of repository and tag names mapped to layer IDs. - - ```json - { - "hello-world": { - "latest": "565a9d68a73f6706862bfe8409a7f659776d4d60a8d096eb4a3cbce6999cc2a1" - } - } - ``` - operationId: "ImageGet" - produces: - - "application/x-tar" - responses: - 200: - description: "no error" - schema: - type: "string" - format: "binary" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "name" - in: "path" - description: "Image name or ID" - type: "string" - required: true - - name: "platform" - type: "string" - in: "query" - description: | - JSON encoded OCI platform describing a platform which will be used - to select a platform-specific image to be saved if the image is - multi-platform. - If not provided, the full multi-platform image will be saved. - - Example: `{"os": "linux", "architecture": "arm", "variant": "v5"}` - tags: ["Image"] - /images/get: - get: - summary: "Export several images" - description: | - Get a tarball containing all images and metadata for several image - repositories. - - For each value of the `names` parameter: if it is a specific name and - tag (e.g. `ubuntu:latest`), then only that image (and its parents) are - returned; if it is an image ID, similarly only that image (and its parents) - are returned and there would be no names referenced in the 'repositories' - file for this image ID. - - For details on the format, see the [export image endpoint](#operation/ImageGet). - operationId: "ImageGetAll" - produces: - - "application/x-tar" - responses: - 200: - description: "no error" - schema: - type: "string" - format: "binary" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "names" - in: "query" - description: "Image names to filter by" - type: "array" - items: - type: "string" - - name: "platform" - type: "string" - in: "query" - description: | - JSON encoded OCI platform describing a platform which will be used - to select a platform-specific image to be saved if the image is - multi-platform. - If not provided, the full multi-platform image will be saved. - - Example: `{"os": "linux", "architecture": "arm", "variant": "v5"}` - tags: ["Image"] - /images/load: - post: - summary: "Import images" - description: | - Load a set of images and tags into a repository. - - For details on the format, see the [export image endpoint](#operation/ImageGet). - operationId: "ImageLoad" - consumes: - - "application/x-tar" - produces: - - "application/json" - responses: - 200: - description: "no error" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "imagesTarball" - in: "body" - description: "Tar archive containing images" - schema: - type: "string" - format: "binary" - - name: "quiet" - in: "query" - description: "Suppress progress details during load." - type: "boolean" - default: false - - name: "platform" - type: "string" - in: "query" - description: | - JSON encoded OCI platform describing a platform which will be used - to select a platform-specific image to be load if the image is - multi-platform. - If not provided, the full multi-platform image will be loaded. - - Example: `{"os": "linux", "architecture": "arm", "variant": "v5"}` - tags: ["Image"] - /containers/{id}/exec: - post: - summary: "Create an exec instance" - description: "Run a command inside a running container." - operationId: "ContainerExec" - consumes: - - "application/json" - produces: - - "application/json" - responses: - 201: - description: "no error" - schema: - $ref: "#/definitions/IDResponse" - 404: - description: "no such container" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "No such container: c2ada9df5af8" - 409: - description: "container is paused" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "execConfig" - in: "body" - description: "Exec configuration" - schema: - type: "object" - title: "ExecConfig" - properties: - AttachStdin: - type: "boolean" - description: "Attach to `stdin` of the exec command." - AttachStdout: - type: "boolean" - description: "Attach to `stdout` of the exec command." - AttachStderr: - type: "boolean" - description: "Attach to `stderr` of the exec command." - ConsoleSize: - type: "array" - description: "Initial console size, as an `[height, width]` array." - x-nullable: true - minItems: 2 - maxItems: 2 - items: - type: "integer" - minimum: 0 - example: [80, 64] - DetachKeys: - type: "string" - description: | - Override the key sequence for detaching a container. Format is - a single character `[a-Z]` or `ctrl-` where `` - is one of: `a-z`, `@`, `^`, `[`, `,` or `_`. - Tty: - type: "boolean" - description: "Allocate a pseudo-TTY." - Env: - description: | - A list of environment variables in the form `["VAR=value", ...]`. - type: "array" - items: - type: "string" - Cmd: - type: "array" - description: "Command to run, as a string or array of strings." - items: - type: "string" - Privileged: - type: "boolean" - description: "Runs the exec process with extended privileges." - default: false - User: - type: "string" - description: | - The user, and optionally, group to run the exec process inside - the container. Format is one of: `user`, `user:group`, `uid`, - or `uid:gid`. - WorkingDir: - type: "string" - description: | - The working directory for the exec process inside the container. - example: - AttachStdin: false - AttachStdout: true - AttachStderr: true - DetachKeys: "ctrl-p,ctrl-q" - Tty: false - Cmd: - - "date" - Env: - - "FOO=bar" - - "BAZ=quux" - required: true - - name: "id" - in: "path" - description: "ID or name of container" - type: "string" - required: true - tags: ["Exec"] - /exec/{id}/start: - post: - summary: "Start an exec instance" - description: | - Starts a previously set up exec instance. If detach is true, this endpoint - returns immediately after starting the command. Otherwise, it sets up an - interactive session with the command. - operationId: "ExecStart" - consumes: - - "application/json" - produces: - - "application/vnd.docker.raw-stream" - - "application/vnd.docker.multiplexed-stream" - responses: - 200: - description: "No error" - 404: - description: "No such exec instance" - schema: - $ref: "#/definitions/ErrorResponse" - 409: - description: "Container is stopped or paused" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "execStartConfig" - in: "body" - schema: - type: "object" - title: "ExecStartConfig" - properties: - Detach: - type: "boolean" - description: "Detach from the command." - example: false - Tty: - type: "boolean" - description: "Allocate a pseudo-TTY." - example: true - ConsoleSize: - type: "array" - description: "Initial console size, as an `[height, width]` array." - x-nullable: true - minItems: 2 - maxItems: 2 - items: - type: "integer" - minimum: 0 - example: [80, 64] - - name: "id" - in: "path" - description: "Exec instance ID" - required: true - type: "string" - tags: ["Exec"] - /exec/{id}/resize: - post: - summary: "Resize an exec instance" - description: | - Resize the TTY session used by an exec instance. This endpoint only works - if `tty` was specified as part of creating and starting the exec instance. - operationId: "ExecResize" - responses: - 200: - description: "No error" - 400: - description: "bad parameter" - schema: - $ref: "#/definitions/ErrorResponse" - 404: - description: "No such exec instance" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - description: "Exec instance ID" - required: true - type: "string" - - name: "h" - in: "query" - required: true - description: "Height of the TTY session in characters" - type: "integer" - - name: "w" - in: "query" - required: true - description: "Width of the TTY session in characters" - type: "integer" - tags: ["Exec"] - /exec/{id}/json: - get: - summary: "Inspect an exec instance" - description: "Return low-level information about an exec instance." - operationId: "ExecInspect" - produces: - - "application/json" - responses: - 200: - description: "No error" - schema: - type: "object" - title: "ExecInspectResponse" - properties: - CanRemove: - type: "boolean" - DetachKeys: - type: "string" - ID: - type: "string" - Running: - type: "boolean" - ExitCode: - type: "integer" - ProcessConfig: - $ref: "#/definitions/ProcessConfig" - OpenStdin: - type: "boolean" - OpenStderr: - type: "boolean" - OpenStdout: - type: "boolean" - ContainerID: - type: "string" - Pid: - type: "integer" - description: "The system process ID for the exec process." - examples: - application/json: - CanRemove: false - ContainerID: "b53ee82b53a40c7dca428523e34f741f3abc51d9f297a14ff874bf761b995126" - DetachKeys: "" - ExitCode: 2 - ID: "f33bbfb39f5b142420f4759b2348913bd4a8d1a6d7fd56499cb41a1bb91d7b3b" - OpenStderr: true - OpenStdin: true - OpenStdout: true - ProcessConfig: - arguments: - - "-c" - - "exit 2" - entrypoint: "sh" - privileged: false - tty: true - user: "1000" - Running: false - Pid: 42000 - 404: - description: "No such exec instance" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - description: "Exec instance ID" - required: true - type: "string" - tags: ["Exec"] - - /volumes: - get: - summary: "List volumes" - operationId: "VolumeList" - produces: ["application/json"] - responses: - 200: - description: "Summary volume data that matches the query" - schema: - $ref: "#/definitions/VolumeListResponse" - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "filters" - in: "query" - description: | - JSON encoded value of the filters (a `map[string][]string`) to - process on the volumes list. Available filters: - - - `dangling=` When set to `true` (or `1`), returns all - volumes that are not in use by a container. When set to `false` - (or `0`), only volumes that are in use by one or more - containers are returned. - - `driver=` Matches volumes based on their driver. - - `label=` or `label=:` Matches volumes based on - the presence of a `label` alone or a `label` and a value. - - `name=` Matches all or part of a volume name. - type: "string" - format: "json" - tags: ["Volume"] - - /volumes/create: - post: - summary: "Create a volume" - operationId: "VolumeCreate" - consumes: ["application/json"] - produces: ["application/json"] - responses: - 201: - description: "The volume was created successfully" - schema: - $ref: "#/definitions/Volume" - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "volumeConfig" - in: "body" - required: true - description: "Volume configuration" - schema: - $ref: "#/definitions/VolumeCreateOptions" - tags: ["Volume"] - - /volumes/{name}: - get: - summary: "Inspect a volume" - operationId: "VolumeInspect" - produces: ["application/json"] - responses: - 200: - description: "No error" - schema: - $ref: "#/definitions/Volume" - 404: - description: "No such volume" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "name" - in: "path" - required: true - description: "Volume name or ID" - type: "string" - tags: ["Volume"] - - put: - summary: | - "Update a volume. Valid only for Swarm cluster volumes" - operationId: "VolumeUpdate" - consumes: ["application/json"] - produces: ["application/json"] - responses: - 200: - description: "no error" - 400: - description: "bad parameter" - schema: - $ref: "#/definitions/ErrorResponse" - 404: - description: "no such volume" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is not part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "name" - in: "path" - description: "The name or ID of the volume" - type: "string" - required: true - - name: "body" - in: "body" - schema: - # though the schema for is an object that contains only a - # ClusterVolumeSpec, wrapping the ClusterVolumeSpec in this object - # means that if, later on, we support things like changing the - # labels, we can do so without duplicating that information to the - # ClusterVolumeSpec. - type: "object" - description: "Volume configuration" - properties: - Spec: - $ref: "#/definitions/ClusterVolumeSpec" - description: | - The spec of the volume to update. Currently, only Availability may - change. All other fields must remain unchanged. - - name: "version" - in: "query" - description: | - The version number of the volume being updated. This is required to - avoid conflicting writes. Found in the volume's `ClusterVolume` - field. - type: "integer" - format: "int64" - required: true - tags: ["Volume"] - - delete: - summary: "Remove a volume" - description: "Instruct the driver to remove the volume." - operationId: "VolumeDelete" - responses: - 204: - description: "The volume was removed" - 404: - description: "No such volume or volume driver" - schema: - $ref: "#/definitions/ErrorResponse" - 409: - description: "Volume is in use and cannot be removed" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "name" - in: "path" - required: true - description: "Volume name or ID" - type: "string" - - name: "force" - in: "query" - description: "Force the removal of the volume" - type: "boolean" - default: false - tags: ["Volume"] - - /volumes/prune: - post: - summary: "Delete unused volumes" - produces: - - "application/json" - operationId: "VolumePrune" - parameters: - - name: "filters" - in: "query" - description: | - Filters to process on the prune list, encoded as JSON (a `map[string][]string`). - - Available filters: - - `label` (`label=`, `label==`, `label!=`, or `label!==`) Prune volumes with (or without, in case `label!=...` is used) the specified labels. - - `all` (`all=true`) - Consider all (local) volumes for pruning and not just anonymous volumes. - type: "string" - responses: - 200: - description: "No error" - schema: - type: "object" - title: "VolumePruneResponse" - properties: - VolumesDeleted: - description: "Volumes that were deleted" - type: "array" - items: - type: "string" - SpaceReclaimed: - description: "Disk space reclaimed in bytes" - type: "integer" - format: "int64" - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - tags: ["Volume"] - /networks: - get: - summary: "List networks" - description: | - Returns a list of networks. For details on the format, see the - [network inspect endpoint](#operation/NetworkInspect). - - Note that it uses a different, smaller representation of a network than - inspecting a single network. For example, the list of containers attached - to the network is not propagated in API versions 1.28 and up. - operationId: "NetworkList" - produces: - - "application/json" - responses: - 200: - description: "No error" - schema: - type: "array" - items: - $ref: "#/definitions/Network" - examples: - application/json: - - Name: "bridge" - Id: "f2de39df4171b0dc801e8002d1d999b77256983dfc63041c0f34030aa3977566" - Created: "2016-10-19T06:21:00.416543526Z" - Scope: "local" - Driver: "bridge" - EnableIPv4: true - EnableIPv6: false - Internal: false - Attachable: false - Ingress: false - IPAM: - Driver: "default" - Config: - - - Subnet: "172.17.0.0/16" - Options: - com.docker.network.bridge.default_bridge: "true" - com.docker.network.bridge.enable_icc: "true" - com.docker.network.bridge.enable_ip_masquerade: "true" - com.docker.network.bridge.host_binding_ipv4: "0.0.0.0" - com.docker.network.bridge.name: "docker0" - com.docker.network.driver.mtu: "1500" - - Name: "none" - Id: "e086a3893b05ab69242d3c44e49483a3bbbd3a26b46baa8f61ab797c1088d794" - Created: "0001-01-01T00:00:00Z" - Scope: "local" - Driver: "null" - EnableIPv4: false - EnableIPv6: false - Internal: false - Attachable: false - Ingress: false - IPAM: - Driver: "default" - Config: [] - Containers: {} - Options: {} - - Name: "host" - Id: "13e871235c677f196c4e1ecebb9dc733b9b2d2ab589e30c539efeda84a24215e" - Created: "0001-01-01T00:00:00Z" - Scope: "local" - Driver: "host" - EnableIPv4: false - EnableIPv6: false - Internal: false - Attachable: false - Ingress: false - IPAM: - Driver: "default" - Config: [] - Containers: {} - Options: {} - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "filters" - in: "query" - description: | - JSON encoded value of the filters (a `map[string][]string`) to process - on the networks list. - - Available filters: - - - `dangling=` When set to `true` (or `1`), returns all - networks that are not in use by a container. When set to `false` - (or `0`), only networks that are in use by one or more - containers are returned. - - `driver=` Matches a network's driver. - - `id=` Matches all or part of a network ID. - - `label=` or `label==` of a network label. - - `name=` Matches all or part of a network name. - - `scope=["swarm"|"global"|"local"]` Filters networks by scope (`swarm`, `global`, or `local`). - - `type=["custom"|"builtin"]` Filters networks by type. The `custom` keyword returns all user-defined networks. - type: "string" - tags: ["Network"] - - /networks/{id}: - get: - summary: "Inspect a network" - operationId: "NetworkInspect" - produces: - - "application/json" - responses: - 200: - description: "No error" - schema: - $ref: "#/definitions/Network" - 404: - description: "Network not found" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - description: "Network ID or name" - required: true - type: "string" - - name: "verbose" - in: "query" - description: "Detailed inspect output for troubleshooting" - type: "boolean" - default: false - - name: "scope" - in: "query" - description: "Filter the network by scope (swarm, global, or local)" - type: "string" - tags: ["Network"] - - delete: - summary: "Remove a network" - operationId: "NetworkDelete" - responses: - 204: - description: "No error" - 403: - description: "operation not supported for pre-defined networks" - schema: - $ref: "#/definitions/ErrorResponse" - 404: - description: "no such network" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - description: "Network ID or name" - required: true - type: "string" - tags: ["Network"] - - /networks/create: - post: - summary: "Create a network" - operationId: "NetworkCreate" - consumes: - - "application/json" - produces: - - "application/json" - responses: - 201: - description: "Network created successfully" - schema: - $ref: "#/definitions/NetworkCreateResponse" - 400: - description: "bad parameter" - schema: - $ref: "#/definitions/ErrorResponse" - 403: - description: | - Forbidden operation. This happens when trying to create a network named after a pre-defined network, - or when trying to create an overlay network on a daemon which is not part of a Swarm cluster. - schema: - $ref: "#/definitions/ErrorResponse" - 404: - description: "plugin not found" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "networkConfig" - in: "body" - description: "Network configuration" - required: true - schema: - type: "object" - title: "NetworkCreateRequest" - required: ["Name"] - properties: - Name: - description: "The network's name." - type: "string" - example: "my_network" - Driver: - description: "Name of the network driver plugin to use." - type: "string" - default: "bridge" - example: "bridge" - Scope: - description: | - The level at which the network exists (e.g. `swarm` for cluster-wide - or `local` for machine level). - type: "string" - Internal: - description: "Restrict external access to the network." - type: "boolean" - Attachable: - description: | - Globally scoped network is manually attachable by regular - containers from workers in swarm mode. - type: "boolean" - example: true - Ingress: - description: | - Ingress network is the network which provides the routing-mesh - in swarm mode. - type: "boolean" - example: false - ConfigOnly: - description: | - Creates a config-only network. Config-only networks are placeholder - networks for network configurations to be used by other networks. - Config-only networks cannot be used directly to run containers - or services. - type: "boolean" - default: false - example: false - ConfigFrom: - description: | - Specifies the source which will provide the configuration for - this network. The specified network must be an existing - config-only network; see ConfigOnly. - $ref: "#/definitions/ConfigReference" - IPAM: - description: "Optional custom IP scheme for the network." - $ref: "#/definitions/IPAM" - EnableIPv4: - description: "Enable IPv4 on the network." - type: "boolean" - example: true - EnableIPv6: - description: "Enable IPv6 on the network." - type: "boolean" - example: true - Options: - description: "Network specific options to be used by the drivers." - type: "object" - additionalProperties: - type: "string" - example: - com.docker.network.bridge.default_bridge: "true" - com.docker.network.bridge.enable_icc: "true" - com.docker.network.bridge.enable_ip_masquerade: "true" - com.docker.network.bridge.host_binding_ipv4: "0.0.0.0" - com.docker.network.bridge.name: "docker0" - com.docker.network.driver.mtu: "1500" - Labels: - description: "User-defined key/value metadata." - type: "object" - additionalProperties: - type: "string" - example: - com.example.some-label: "some-value" - com.example.some-other-label: "some-other-value" - tags: ["Network"] - - /networks/{id}/connect: - post: - summary: "Connect a container to a network" - description: "The network must be either a local-scoped network or a swarm-scoped network with the `attachable` option set. A network cannot be re-attached to a running container" - operationId: "NetworkConnect" - consumes: - - "application/json" - responses: - 200: - description: "No error" - 400: - description: "bad parameter" - schema: - $ref: "#/definitions/ErrorResponse" - 403: - description: "Operation forbidden" - schema: - $ref: "#/definitions/ErrorResponse" - 404: - description: "Network or container not found" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - description: "Network ID or name" - required: true - type: "string" - - name: "container" - in: "body" - required: true - schema: - type: "object" - title: "NetworkConnectRequest" - properties: - Container: - type: "string" - description: "The ID or name of the container to connect to the network." - EndpointConfig: - $ref: "#/definitions/EndpointSettings" - example: - Container: "3613f73ba0e4" - EndpointConfig: - IPAMConfig: - IPv4Address: "172.24.56.89" - IPv6Address: "2001:db8::5689" - MacAddress: "02:42:ac:12:05:02" - Priority: 100 - tags: ["Network"] - - /networks/{id}/disconnect: - post: - summary: "Disconnect a container from a network" - operationId: "NetworkDisconnect" - consumes: - - "application/json" - responses: - 200: - description: "No error" - 403: - description: "Operation not supported for swarm scoped networks" - schema: - $ref: "#/definitions/ErrorResponse" - 404: - description: "Network or container not found" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - description: "Network ID or name" - required: true - type: "string" - - name: "container" - in: "body" - required: true - schema: - type: "object" - title: "NetworkDisconnectRequest" - properties: - Container: - type: "string" - description: | - The ID or name of the container to disconnect from the network. - Force: - type: "boolean" - description: | - Force the container to disconnect from the network. - tags: ["Network"] - /networks/prune: - post: - summary: "Delete unused networks" - produces: - - "application/json" - operationId: "NetworkPrune" - parameters: - - name: "filters" - in: "query" - description: | - Filters to process on the prune list, encoded as JSON (a `map[string][]string`). - - Available filters: - - `until=` Prune networks created before this timestamp. The `` can be Unix timestamps, date formatted timestamps, or Go duration strings (e.g. `10m`, `1h30m`) computed relative to the daemon machine’s time. - - `label` (`label=`, `label==`, `label!=`, or `label!==`) Prune networks with (or without, in case `label!=...` is used) the specified labels. - type: "string" - responses: - 200: - description: "No error" - schema: - type: "object" - title: "NetworkPruneResponse" - properties: - NetworksDeleted: - description: "Networks that were deleted" - type: "array" - items: - type: "string" - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - tags: ["Network"] - /plugins: - get: - summary: "List plugins" - operationId: "PluginList" - description: "Returns information about installed plugins." - produces: ["application/json"] - responses: - 200: - description: "No error" - schema: - type: "array" - items: - $ref: "#/definitions/Plugin" - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "filters" - in: "query" - type: "string" - description: | - A JSON encoded value of the filters (a `map[string][]string`) to - process on the plugin list. - - Available filters: - - - `capability=` - - `enable=|` - tags: ["Plugin"] - - /plugins/privileges: - get: - summary: "Get plugin privileges" - operationId: "GetPluginPrivileges" - responses: - 200: - description: "no error" - schema: - type: "array" - items: - $ref: "#/definitions/PluginPrivilege" - example: - - Name: "network" - Description: "" - Value: - - "host" - - Name: "mount" - Description: "" - Value: - - "/data" - - Name: "device" - Description: "" - Value: - - "/dev/cpu_dma_latency" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "remote" - in: "query" - description: | - The name of the plugin. The `:latest` tag is optional, and is the - default if omitted. - required: true - type: "string" - tags: - - "Plugin" - - /plugins/pull: - post: - summary: "Install a plugin" - operationId: "PluginPull" - description: | - Pulls and installs a plugin. After the plugin is installed, it can be - enabled using the [`POST /plugins/{name}/enable` endpoint](#operation/PostPluginsEnable). - produces: - - "application/json" - responses: - 204: - description: "no error" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "remote" - in: "query" - description: | - Remote reference for plugin to install. - - The `:latest` tag is optional, and is used as the default if omitted. - required: true - type: "string" - - name: "name" - in: "query" - description: | - Local name for the pulled plugin. - - The `:latest` tag is optional, and is used as the default if omitted. - required: false - type: "string" - - name: "X-Registry-Auth" - in: "header" - description: | - A base64url-encoded auth configuration to use when pulling a plugin - from a registry. - - Refer to the [authentication section](#section/Authentication) for - details. - type: "string" - - name: "body" - in: "body" - schema: - type: "array" - items: - $ref: "#/definitions/PluginPrivilege" - example: - - Name: "network" - Description: "" - Value: - - "host" - - Name: "mount" - Description: "" - Value: - - "/data" - - Name: "device" - Description: "" - Value: - - "/dev/cpu_dma_latency" - tags: ["Plugin"] - /plugins/{name}/json: - get: - summary: "Inspect a plugin" - operationId: "PluginInspect" - responses: - 200: - description: "no error" - schema: - $ref: "#/definitions/Plugin" - 404: - description: "plugin is not installed" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "name" - in: "path" - description: | - The name of the plugin. The `:latest` tag is optional, and is the - default if omitted. - required: true - type: "string" - tags: ["Plugin"] - /plugins/{name}: - delete: - summary: "Remove a plugin" - operationId: "PluginDelete" - responses: - 200: - description: "no error" - schema: - $ref: "#/definitions/Plugin" - 404: - description: "plugin is not installed" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "name" - in: "path" - description: | - The name of the plugin. The `:latest` tag is optional, and is the - default if omitted. - required: true - type: "string" - - name: "force" - in: "query" - description: | - Disable the plugin before removing. This may result in issues if the - plugin is in use by a container. - type: "boolean" - default: false - tags: ["Plugin"] - /plugins/{name}/enable: - post: - summary: "Enable a plugin" - operationId: "PluginEnable" - responses: - 200: - description: "no error" - 404: - description: "plugin is not installed" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "name" - in: "path" - description: | - The name of the plugin. The `:latest` tag is optional, and is the - default if omitted. - required: true - type: "string" - - name: "timeout" - in: "query" - description: "Set the HTTP client timeout (in seconds)" - type: "integer" - default: 0 - tags: ["Plugin"] - /plugins/{name}/disable: - post: - summary: "Disable a plugin" - operationId: "PluginDisable" - responses: - 200: - description: "no error" - 404: - description: "plugin is not installed" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "name" - in: "path" - description: | - The name of the plugin. The `:latest` tag is optional, and is the - default if omitted. - required: true - type: "string" - - name: "force" - in: "query" - description: | - Force disable a plugin even if still in use. - required: false - type: "boolean" - tags: ["Plugin"] - /plugins/{name}/upgrade: - post: - summary: "Upgrade a plugin" - operationId: "PluginUpgrade" - responses: - 204: - description: "no error" - 404: - description: "plugin not installed" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "name" - in: "path" - description: | - The name of the plugin. The `:latest` tag is optional, and is the - default if omitted. - required: true - type: "string" - - name: "remote" - in: "query" - description: | - Remote reference to upgrade to. - - The `:latest` tag is optional, and is used as the default if omitted. - required: true - type: "string" - - name: "X-Registry-Auth" - in: "header" - description: | - A base64url-encoded auth configuration to use when pulling a plugin - from a registry. - - Refer to the [authentication section](#section/Authentication) for - details. - type: "string" - - name: "body" - in: "body" - schema: - type: "array" - items: - $ref: "#/definitions/PluginPrivilege" - example: - - Name: "network" - Description: "" - Value: - - "host" - - Name: "mount" - Description: "" - Value: - - "/data" - - Name: "device" - Description: "" - Value: - - "/dev/cpu_dma_latency" - tags: ["Plugin"] - /plugins/create: - post: - summary: "Create a plugin" - operationId: "PluginCreate" - consumes: - - "application/x-tar" - responses: - 204: - description: "no error" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "name" - in: "query" - description: | - The name of the plugin. The `:latest` tag is optional, and is the - default if omitted. - required: true - type: "string" - - name: "tarContext" - in: "body" - description: "Path to tar containing plugin rootfs and manifest" - schema: - type: "string" - format: "binary" - tags: ["Plugin"] - /plugins/{name}/push: - post: - summary: "Push a plugin" - operationId: "PluginPush" - description: | - Push a plugin to the registry. - parameters: - - name: "name" - in: "path" - description: | - The name of the plugin. The `:latest` tag is optional, and is the - default if omitted. - required: true - type: "string" - responses: - 200: - description: "no error" - 404: - description: "plugin not installed" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - tags: ["Plugin"] - /plugins/{name}/set: - post: - summary: "Configure a plugin" - operationId: "PluginSet" - consumes: - - "application/json" - parameters: - - name: "name" - in: "path" - description: | - The name of the plugin. The `:latest` tag is optional, and is the - default if omitted. - required: true - type: "string" - - name: "body" - in: "body" - schema: - type: "array" - items: - type: "string" - example: ["DEBUG=1"] - responses: - 204: - description: "No error" - 404: - description: "Plugin not installed" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - tags: ["Plugin"] - /nodes: - get: - summary: "List nodes" - operationId: "NodeList" - responses: - 200: - description: "no error" - schema: - type: "array" - items: - $ref: "#/definitions/Node" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is not part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "filters" - in: "query" - description: | - Filters to process on the nodes list, encoded as JSON (a `map[string][]string`). - - Available filters: - - `id=` - - `label=` - - `membership=`(`accepted`|`pending`)` - - `name=` - - `node.label=` - - `role=`(`manager`|`worker`)` - type: "string" - tags: ["Node"] - /nodes/{id}: - get: - summary: "Inspect a node" - operationId: "NodeInspect" - responses: - 200: - description: "no error" - schema: - $ref: "#/definitions/Node" - 404: - description: "no such node" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is not part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - description: "The ID or name of the node" - type: "string" - required: true - tags: ["Node"] - delete: - summary: "Delete a node" - operationId: "NodeDelete" - responses: - 200: - description: "no error" - 404: - description: "no such node" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is not part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - description: "The ID or name of the node" - type: "string" - required: true - - name: "force" - in: "query" - description: "Force remove a node from the swarm" - default: false - type: "boolean" - tags: ["Node"] - /nodes/{id}/update: - post: - summary: "Update a node" - operationId: "NodeUpdate" - responses: - 200: - description: "no error" - 400: - description: "bad parameter" - schema: - $ref: "#/definitions/ErrorResponse" - 404: - description: "no such node" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is not part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - description: "The ID of the node" - type: "string" - required: true - - name: "body" - in: "body" - schema: - $ref: "#/definitions/NodeSpec" - - name: "version" - in: "query" - description: | - The version number of the node object being updated. This is required - to avoid conflicting writes. - type: "integer" - format: "int64" - required: true - tags: ["Node"] - /swarm: - get: - summary: "Inspect swarm" - operationId: "SwarmInspect" - responses: - 200: - description: "no error" - schema: - $ref: "#/definitions/Swarm" - 404: - description: "no such swarm" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is not part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - tags: ["Swarm"] - /swarm/init: - post: - summary: "Initialize a new swarm" - operationId: "SwarmInit" - produces: - - "application/json" - - "text/plain" - responses: - 200: - description: "no error" - schema: - description: "The node ID" - type: "string" - example: "7v2t30z9blmxuhnyo6s4cpenp" - 400: - description: "bad parameter" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is already part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "body" - in: "body" - required: true - schema: - type: "object" - title: "SwarmInitRequest" - properties: - ListenAddr: - description: | - Listen address used for inter-manager communication, as well - as determining the networking interface used for the VXLAN - Tunnel Endpoint (VTEP). This can either be an address/port - combination in the form `192.168.1.1:4567`, or an interface - followed by a port number, like `eth0:4567`. If the port number - is omitted, the default swarm listening port is used. - type: "string" - AdvertiseAddr: - description: | - Externally reachable address advertised to other nodes. This - can either be an address/port combination in the form - `192.168.1.1:4567`, or an interface followed by a port number, - like `eth0:4567`. If the port number is omitted, the port - number from the listen address is used. If `AdvertiseAddr` is - not specified, it will be automatically detected when possible. - type: "string" - DataPathAddr: - description: | - Address or interface to use for data path traffic (format: - ``), for example, `192.168.1.1`, or an interface, - like `eth0`. If `DataPathAddr` is unspecified, the same address - as `AdvertiseAddr` is used. - - The `DataPathAddr` specifies the address that global scope - network drivers will publish towards other nodes in order to - reach the containers running on this node. Using this parameter - it is possible to separate the container data traffic from the - management traffic of the cluster. - type: "string" - DataPathPort: - description: | - DataPathPort specifies the data path port number for data traffic. - Acceptable port range is 1024 to 49151. - if no port is set or is set to 0, default port 4789 will be used. - type: "integer" - format: "uint32" - DefaultAddrPool: - description: | - Default Address Pool specifies default subnet pools for global - scope networks. - type: "array" - items: - type: "string" - example: ["10.10.0.0/16", "20.20.0.0/16"] - ForceNewCluster: - description: "Force creation of a new swarm." - type: "boolean" - SubnetSize: - description: | - SubnetSize specifies the subnet size of the networks created - from the default subnet pool. - type: "integer" - format: "uint32" - Spec: - $ref: "#/definitions/SwarmSpec" - example: - ListenAddr: "0.0.0.0:2377" - AdvertiseAddr: "192.168.1.1:2377" - DataPathPort: 4789 - DefaultAddrPool: ["10.10.0.0/8", "20.20.0.0/8"] - SubnetSize: 24 - ForceNewCluster: false - Spec: - Orchestration: {} - Raft: {} - Dispatcher: {} - CAConfig: {} - EncryptionConfig: - AutoLockManagers: false - tags: ["Swarm"] - /swarm/join: - post: - summary: "Join an existing swarm" - operationId: "SwarmJoin" - responses: - 200: - description: "no error" - 400: - description: "bad parameter" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is already part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "body" - in: "body" - required: true - schema: - type: "object" - title: "SwarmJoinRequest" - properties: - ListenAddr: - description: | - Listen address used for inter-manager communication if the node - gets promoted to manager, as well as determining the networking - interface used for the VXLAN Tunnel Endpoint (VTEP). - type: "string" - AdvertiseAddr: - description: | - Externally reachable address advertised to other nodes. This - can either be an address/port combination in the form - `192.168.1.1:4567`, or an interface followed by a port number, - like `eth0:4567`. If the port number is omitted, the port - number from the listen address is used. If `AdvertiseAddr` is - not specified, it will be automatically detected when possible. - type: "string" - DataPathAddr: - description: | - Address or interface to use for data path traffic (format: - ``), for example, `192.168.1.1`, or an interface, - like `eth0`. If `DataPathAddr` is unspecified, the same address - as `AdvertiseAddr` is used. - - The `DataPathAddr` specifies the address that global scope - network drivers will publish towards other nodes in order to - reach the containers running on this node. Using this parameter - it is possible to separate the container data traffic from the - management traffic of the cluster. - - type: "string" - RemoteAddrs: - description: | - Addresses of manager nodes already participating in the swarm. - type: "array" - items: - type: "string" - JoinToken: - description: "Secret token for joining this swarm." - type: "string" - example: - ListenAddr: "0.0.0.0:2377" - AdvertiseAddr: "192.168.1.1:2377" - DataPathAddr: "192.168.1.1" - RemoteAddrs: - - "node1:2377" - JoinToken: "SWMTKN-1-3pu6hszjas19xyp7ghgosyx9k8atbfcr8p2is99znpy26u2lkl-7p73s1dx5in4tatdymyhg9hu2" - tags: ["Swarm"] - /swarm/leave: - post: - summary: "Leave a swarm" - operationId: "SwarmLeave" - responses: - 200: - description: "no error" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is not part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "force" - description: | - Force leave swarm, even if this is the last manager or that it will - break the cluster. - in: "query" - type: "boolean" - default: false - tags: ["Swarm"] - /swarm/update: - post: - summary: "Update a swarm" - operationId: "SwarmUpdate" - responses: - 200: - description: "no error" - 400: - description: "bad parameter" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is not part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "body" - in: "body" - required: true - schema: - $ref: "#/definitions/SwarmSpec" - - name: "version" - in: "query" - description: | - The version number of the swarm object being updated. This is - required to avoid conflicting writes. - type: "integer" - format: "int64" - required: true - - name: "rotateWorkerToken" - in: "query" - description: "Rotate the worker join token." - type: "boolean" - default: false - - name: "rotateManagerToken" - in: "query" - description: "Rotate the manager join token." - type: "boolean" - default: false - - name: "rotateManagerUnlockKey" - in: "query" - description: "Rotate the manager unlock key." - type: "boolean" - default: false - tags: ["Swarm"] - /swarm/unlockkey: - get: - summary: "Get the unlock key" - operationId: "SwarmUnlockkey" - consumes: - - "application/json" - responses: - 200: - description: "no error" - schema: - type: "object" - title: "UnlockKeyResponse" - properties: - UnlockKey: - description: "The swarm's unlock key." - type: "string" - example: - UnlockKey: "SWMKEY-1-7c37Cc8654o6p38HnroywCi19pllOnGtbdZEgtKxZu8" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is not part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - tags: ["Swarm"] - /swarm/unlock: - post: - summary: "Unlock a locked manager" - operationId: "SwarmUnlock" - consumes: - - "application/json" - produces: - - "application/json" - parameters: - - name: "body" - in: "body" - required: true - schema: - type: "object" - title: "SwarmUnlockRequest" - properties: - UnlockKey: - description: "The swarm's unlock key." - type: "string" - example: - UnlockKey: "SWMKEY-1-7c37Cc8654o6p38HnroywCi19pllOnGtbdZEgtKxZu8" - responses: - 200: - description: "no error" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is not part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - tags: ["Swarm"] - /services: - get: - summary: "List services" - operationId: "ServiceList" - responses: - 200: - description: "no error" - schema: - type: "array" - items: - $ref: "#/definitions/Service" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is not part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "filters" - in: "query" - type: "string" - description: | - A JSON encoded value of the filters (a `map[string][]string`) to - process on the services list. - - Available filters: - - - `id=` - - `label=` - - `mode=["replicated"|"global"]` - - `name=` - - name: "status" - in: "query" - type: "boolean" - description: | - Include service status, with count of running and desired tasks. - tags: ["Service"] - /services/create: - post: - summary: "Create a service" - operationId: "ServiceCreate" - consumes: - - "application/json" - produces: - - "application/json" - responses: - 201: - description: "no error" - schema: - $ref: "#/definitions/ServiceCreateResponse" - 400: - description: "bad parameter" - schema: - $ref: "#/definitions/ErrorResponse" - 403: - description: "network is not eligible for services" - schema: - $ref: "#/definitions/ErrorResponse" - 409: - description: "name conflicts with an existing service" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is not part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "body" - in: "body" - required: true - schema: - allOf: - - $ref: "#/definitions/ServiceSpec" - - type: "object" - example: - Name: "web" - TaskTemplate: - ContainerSpec: - Image: "nginx:alpine" - Mounts: - - - ReadOnly: true - Source: "web-data" - Target: "/usr/share/nginx/html" - Type: "volume" - VolumeOptions: - DriverConfig: {} - Labels: - com.example.something: "something-value" - Hosts: ["10.10.10.10 host1", "ABCD:EF01:2345:6789:ABCD:EF01:2345:6789 host2"] - User: "33" - DNSConfig: - Nameservers: ["8.8.8.8"] - Search: ["example.org"] - Options: ["timeout:3"] - Secrets: - - - File: - Name: "www.example.org.key" - UID: "33" - GID: "33" - Mode: 384 - SecretID: "fpjqlhnwb19zds35k8wn80lq9" - SecretName: "example_org_domain_key" - OomScoreAdj: 0 - LogDriver: - Name: "json-file" - Options: - max-file: "3" - max-size: "10M" - Placement: {} - Resources: - Limits: - MemoryBytes: 104857600 - Reservations: {} - RestartPolicy: - Condition: "on-failure" - Delay: 10000000000 - MaxAttempts: 10 - Mode: - Replicated: - Replicas: 4 - UpdateConfig: - Parallelism: 2 - Delay: 1000000000 - FailureAction: "pause" - Monitor: 15000000000 - MaxFailureRatio: 0.15 - RollbackConfig: - Parallelism: 1 - Delay: 1000000000 - FailureAction: "pause" - Monitor: 15000000000 - MaxFailureRatio: 0.15 - EndpointSpec: - Ports: - - - Protocol: "tcp" - PublishedPort: 8080 - TargetPort: 80 - Labels: - foo: "bar" - - name: "X-Registry-Auth" - in: "header" - description: | - A base64url-encoded auth configuration for pulling from private - registries. - - Refer to the [authentication section](#section/Authentication) for - details. - type: "string" - tags: ["Service"] - /services/{id}: - get: - summary: "Inspect a service" - operationId: "ServiceInspect" - responses: - 200: - description: "no error" - schema: - $ref: "#/definitions/Service" - 404: - description: "no such service" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is not part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - description: "ID or name of service." - required: true - type: "string" - - name: "insertDefaults" - in: "query" - description: "Fill empty fields with default values." - type: "boolean" - default: false - tags: ["Service"] - delete: - summary: "Delete a service" - operationId: "ServiceDelete" - responses: - 200: - description: "no error" - 404: - description: "no such service" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is not part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - description: "ID or name of service." - required: true - type: "string" - tags: ["Service"] - /services/{id}/update: - post: - summary: "Update a service" - operationId: "ServiceUpdate" - consumes: ["application/json"] - produces: ["application/json"] - responses: - 200: - description: "no error" - schema: - $ref: "#/definitions/ServiceUpdateResponse" - 400: - description: "bad parameter" - schema: - $ref: "#/definitions/ErrorResponse" - 404: - description: "no such service" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is not part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - description: "ID or name of service." - required: true - type: "string" - - name: "body" - in: "body" - required: true - schema: - allOf: - - $ref: "#/definitions/ServiceSpec" - - type: "object" - example: - Name: "top" - TaskTemplate: - ContainerSpec: - Image: "busybox" - Args: - - "top" - OomScoreAdj: 0 - Resources: - Limits: {} - Reservations: {} - RestartPolicy: - Condition: "any" - MaxAttempts: 0 - Placement: {} - ForceUpdate: 0 - Mode: - Replicated: - Replicas: 1 - UpdateConfig: - Parallelism: 2 - Delay: 1000000000 - FailureAction: "pause" - Monitor: 15000000000 - MaxFailureRatio: 0.15 - RollbackConfig: - Parallelism: 1 - Delay: 1000000000 - FailureAction: "pause" - Monitor: 15000000000 - MaxFailureRatio: 0.15 - EndpointSpec: - Mode: "vip" - - - name: "version" - in: "query" - description: | - The version number of the service object being updated. This is - required to avoid conflicting writes. - This version number should be the value as currently set on the - service *before* the update. You can find the current version by - calling `GET /services/{id}` - required: true - type: "integer" - - name: "registryAuthFrom" - in: "query" - description: | - If the `X-Registry-Auth` header is not specified, this parameter - indicates where to find registry authorization credentials. - type: "string" - enum: ["spec", "previous-spec"] - default: "spec" - - name: "rollback" - in: "query" - description: | - Set to this parameter to `previous` to cause a server-side rollback - to the previous service spec. The supplied spec will be ignored in - this case. - type: "string" - - name: "X-Registry-Auth" - in: "header" - description: | - A base64url-encoded auth configuration for pulling from private - registries. - - Refer to the [authentication section](#section/Authentication) for - details. - type: "string" - - tags: ["Service"] - /services/{id}/logs: - get: - summary: "Get service logs" - description: | - Get `stdout` and `stderr` logs from a service. See also - [`/containers/{id}/logs`](#operation/ContainerLogs). - - **Note**: This endpoint works only for services with the `local`, - `json-file` or `journald` logging drivers. - produces: - - "application/vnd.docker.raw-stream" - - "application/vnd.docker.multiplexed-stream" - operationId: "ServiceLogs" - responses: - 200: - description: "logs returned as a stream in response body" - schema: - type: "string" - format: "binary" - 404: - description: "no such service" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "No such service: c2ada9df5af8" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is not part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - required: true - description: "ID or name of the service" - type: "string" - - name: "details" - in: "query" - description: "Show service context and extra details provided to logs." - type: "boolean" - default: false - - name: "follow" - in: "query" - description: "Keep connection after returning logs." - type: "boolean" - default: false - - name: "stdout" - in: "query" - description: "Return logs from `stdout`" - type: "boolean" - default: false - - name: "stderr" - in: "query" - description: "Return logs from `stderr`" - type: "boolean" - default: false - - name: "since" - in: "query" - description: "Only return logs since this time, as a UNIX timestamp" - type: "integer" - default: 0 - - name: "timestamps" - in: "query" - description: "Add timestamps to every log line" - type: "boolean" - default: false - - name: "tail" - in: "query" - description: | - Only return this number of log lines from the end of the logs. - Specify as an integer or `all` to output all log lines. - type: "string" - default: "all" - tags: ["Service"] - /tasks: - get: - summary: "List tasks" - operationId: "TaskList" - produces: - - "application/json" - responses: - 200: - description: "no error" - schema: - type: "array" - items: - $ref: "#/definitions/Task" - example: - - ID: "0kzzo1i0y4jz6027t0k7aezc7" - Version: - Index: 71 - CreatedAt: "2016-06-07T21:07:31.171892745Z" - UpdatedAt: "2016-06-07T21:07:31.376370513Z" - Spec: - ContainerSpec: - Image: "redis" - Resources: - Limits: {} - Reservations: {} - RestartPolicy: - Condition: "any" - MaxAttempts: 0 - Placement: {} - ServiceID: "9mnpnzenvg8p8tdbtq4wvbkcz" - Slot: 1 - NodeID: "60gvrl6tm78dmak4yl7srz94v" - Status: - Timestamp: "2016-06-07T21:07:31.290032978Z" - State: "running" - Message: "started" - ContainerStatus: - ContainerID: "e5d62702a1b48d01c3e02ca1e0212a250801fa8d67caca0b6f35919ebc12f035" - PID: 677 - DesiredState: "running" - NetworksAttachments: - - Network: - ID: "4qvuz4ko70xaltuqbt8956gd1" - Version: - Index: 18 - CreatedAt: "2016-06-07T20:31:11.912919752Z" - UpdatedAt: "2016-06-07T21:07:29.955277358Z" - Spec: - Name: "ingress" - Labels: - com.docker.swarm.internal: "true" - DriverConfiguration: {} - IPAMOptions: - Driver: {} - Configs: - - Subnet: "10.255.0.0/16" - Gateway: "10.255.0.1" - DriverState: - Name: "overlay" - Options: - com.docker.network.driver.overlay.vxlanid_list: "256" - IPAMOptions: - Driver: - Name: "default" - Configs: - - Subnet: "10.255.0.0/16" - Gateway: "10.255.0.1" - Addresses: - - "10.255.0.10/16" - - ID: "1yljwbmlr8er2waf8orvqpwms" - Version: - Index: 30 - CreatedAt: "2016-06-07T21:07:30.019104782Z" - UpdatedAt: "2016-06-07T21:07:30.231958098Z" - Name: "hopeful_cori" - Spec: - ContainerSpec: - Image: "redis" - Resources: - Limits: {} - Reservations: {} - RestartPolicy: - Condition: "any" - MaxAttempts: 0 - Placement: {} - ServiceID: "9mnpnzenvg8p8tdbtq4wvbkcz" - Slot: 1 - NodeID: "60gvrl6tm78dmak4yl7srz94v" - Status: - Timestamp: "2016-06-07T21:07:30.202183143Z" - State: "shutdown" - Message: "shutdown" - ContainerStatus: - ContainerID: "1cf8d63d18e79668b0004a4be4c6ee58cddfad2dae29506d8781581d0688a213" - DesiredState: "shutdown" - NetworksAttachments: - - Network: - ID: "4qvuz4ko70xaltuqbt8956gd1" - Version: - Index: 18 - CreatedAt: "2016-06-07T20:31:11.912919752Z" - UpdatedAt: "2016-06-07T21:07:29.955277358Z" - Spec: - Name: "ingress" - Labels: - com.docker.swarm.internal: "true" - DriverConfiguration: {} - IPAMOptions: - Driver: {} - Configs: - - Subnet: "10.255.0.0/16" - Gateway: "10.255.0.1" - DriverState: - Name: "overlay" - Options: - com.docker.network.driver.overlay.vxlanid_list: "256" - IPAMOptions: - Driver: - Name: "default" - Configs: - - Subnet: "10.255.0.0/16" - Gateway: "10.255.0.1" - Addresses: - - "10.255.0.5/16" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is not part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "filters" - in: "query" - type: "string" - description: | - A JSON encoded value of the filters (a `map[string][]string`) to - process on the tasks list. - - Available filters: - - - `desired-state=(running | shutdown | accepted)` - - `id=` - - `label=key` or `label="key=value"` - - `name=` - - `node=` - - `service=` - tags: ["Task"] - /tasks/{id}: - get: - summary: "Inspect a task" - operationId: "TaskInspect" - produces: - - "application/json" - responses: - 200: - description: "no error" - schema: - $ref: "#/definitions/Task" - 404: - description: "no such task" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is not part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - description: "ID of the task" - required: true - type: "string" - tags: ["Task"] - /tasks/{id}/logs: - get: - summary: "Get task logs" - description: | - Get `stdout` and `stderr` logs from a task. - See also [`/containers/{id}/logs`](#operation/ContainerLogs). - - **Note**: This endpoint works only for services with the `local`, - `json-file` or `journald` logging drivers. - operationId: "TaskLogs" - produces: - - "application/vnd.docker.raw-stream" - - "application/vnd.docker.multiplexed-stream" - responses: - 200: - description: "logs returned as a stream in response body" - schema: - type: "string" - format: "binary" - 404: - description: "no such task" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "No such task: c2ada9df5af8" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is not part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - required: true - description: "ID of the task" - type: "string" - - name: "details" - in: "query" - description: "Show task context and extra details provided to logs." - type: "boolean" - default: false - - name: "follow" - in: "query" - description: "Keep connection after returning logs." - type: "boolean" - default: false - - name: "stdout" - in: "query" - description: "Return logs from `stdout`" - type: "boolean" - default: false - - name: "stderr" - in: "query" - description: "Return logs from `stderr`" - type: "boolean" - default: false - - name: "since" - in: "query" - description: "Only return logs since this time, as a UNIX timestamp" - type: "integer" - default: 0 - - name: "timestamps" - in: "query" - description: "Add timestamps to every log line" - type: "boolean" - default: false - - name: "tail" - in: "query" - description: | - Only return this number of log lines from the end of the logs. - Specify as an integer or `all` to output all log lines. - type: "string" - default: "all" - tags: ["Task"] - /secrets: - get: - summary: "List secrets" - operationId: "SecretList" - produces: - - "application/json" - responses: - 200: - description: "no error" - schema: - type: "array" - items: - $ref: "#/definitions/Secret" - example: - - ID: "blt1owaxmitz71s9v5zh81zun" - Version: - Index: 85 - CreatedAt: "2017-07-20T13:55:28.678958722Z" - UpdatedAt: "2017-07-20T13:55:28.678958722Z" - Spec: - Name: "mysql-passwd" - Labels: - some.label: "some.value" - Driver: - Name: "secret-bucket" - Options: - OptionA: "value for driver option A" - OptionB: "value for driver option B" - - ID: "ktnbjxoalbkvbvedmg1urrz8h" - Version: - Index: 11 - CreatedAt: "2016-11-05T01:20:17.327670065Z" - UpdatedAt: "2016-11-05T01:20:17.327670065Z" - Spec: - Name: "app-dev.crt" - Labels: - foo: "bar" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is not part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "filters" - in: "query" - type: "string" - description: | - A JSON encoded value of the filters (a `map[string][]string`) to - process on the secrets list. - - Available filters: - - - `id=` - - `label= or label==value` - - `name=` - - `names=` - tags: ["Secret"] - /secrets/create: - post: - summary: "Create a secret" - operationId: "SecretCreate" - consumes: - - "application/json" - produces: - - "application/json" - responses: - 201: - description: "no error" - schema: - $ref: "#/definitions/IDResponse" - 409: - description: "name conflicts with an existing object" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is not part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "body" - in: "body" - schema: - allOf: - - $ref: "#/definitions/SecretSpec" - - type: "object" - example: - Name: "app-key.crt" - Labels: - foo: "bar" - Data: "VEhJUyBJUyBOT1QgQSBSRUFMIENFUlRJRklDQVRFCg==" - Driver: - Name: "secret-bucket" - Options: - OptionA: "value for driver option A" - OptionB: "value for driver option B" - tags: ["Secret"] - /secrets/{id}: - get: - summary: "Inspect a secret" - operationId: "SecretInspect" - produces: - - "application/json" - responses: - 200: - description: "no error" - schema: - $ref: "#/definitions/Secret" - examples: - application/json: - ID: "ktnbjxoalbkvbvedmg1urrz8h" - Version: - Index: 11 - CreatedAt: "2016-11-05T01:20:17.327670065Z" - UpdatedAt: "2016-11-05T01:20:17.327670065Z" - Spec: - Name: "app-dev.crt" - Labels: - foo: "bar" - Driver: - Name: "secret-bucket" - Options: - OptionA: "value for driver option A" - OptionB: "value for driver option B" - - 404: - description: "secret not found" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is not part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - required: true - type: "string" - description: "ID of the secret" - tags: ["Secret"] - delete: - summary: "Delete a secret" - operationId: "SecretDelete" - produces: - - "application/json" - responses: - 204: - description: "no error" - 404: - description: "secret not found" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is not part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - required: true - type: "string" - description: "ID of the secret" - tags: ["Secret"] - /secrets/{id}/update: - post: - summary: "Update a Secret" - operationId: "SecretUpdate" - responses: - 200: - description: "no error" - 400: - description: "bad parameter" - schema: - $ref: "#/definitions/ErrorResponse" - 404: - description: "no such secret" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is not part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - description: "The ID or name of the secret" - type: "string" - required: true - - name: "body" - in: "body" - schema: - $ref: "#/definitions/SecretSpec" - description: | - The spec of the secret to update. Currently, only the Labels field - can be updated. All other fields must remain unchanged from the - [SecretInspect endpoint](#operation/SecretInspect) response values. - - name: "version" - in: "query" - description: | - The version number of the secret object being updated. This is - required to avoid conflicting writes. - type: "integer" - format: "int64" - required: true - tags: ["Secret"] - /configs: - get: - summary: "List configs" - operationId: "ConfigList" - produces: - - "application/json" - responses: - 200: - description: "no error" - schema: - type: "array" - items: - $ref: "#/definitions/Config" - example: - - ID: "ktnbjxoalbkvbvedmg1urrz8h" - Version: - Index: 11 - CreatedAt: "2016-11-05T01:20:17.327670065Z" - UpdatedAt: "2016-11-05T01:20:17.327670065Z" - Spec: - Name: "server.conf" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is not part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "filters" - in: "query" - type: "string" - description: | - A JSON encoded value of the filters (a `map[string][]string`) to - process on the configs list. - - Available filters: - - - `id=` - - `label= or label==value` - - `name=` - - `names=` - tags: ["Config"] - /configs/create: - post: - summary: "Create a config" - operationId: "ConfigCreate" - consumes: - - "application/json" - produces: - - "application/json" - responses: - 201: - description: "no error" - schema: - $ref: "#/definitions/IDResponse" - 409: - description: "name conflicts with an existing object" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is not part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "body" - in: "body" - schema: - allOf: - - $ref: "#/definitions/ConfigSpec" - - type: "object" - example: - Name: "server.conf" - Labels: - foo: "bar" - Data: "VEhJUyBJUyBOT1QgQSBSRUFMIENFUlRJRklDQVRFCg==" - tags: ["Config"] - /configs/{id}: - get: - summary: "Inspect a config" - operationId: "ConfigInspect" - produces: - - "application/json" - responses: - 200: - description: "no error" - schema: - $ref: "#/definitions/Config" - examples: - application/json: - ID: "ktnbjxoalbkvbvedmg1urrz8h" - Version: - Index: 11 - CreatedAt: "2016-11-05T01:20:17.327670065Z" - UpdatedAt: "2016-11-05T01:20:17.327670065Z" - Spec: - Name: "app-dev.crt" - 404: - description: "config not found" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is not part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - required: true - type: "string" - description: "ID of the config" - tags: ["Config"] - delete: - summary: "Delete a config" - operationId: "ConfigDelete" - produces: - - "application/json" - responses: - 204: - description: "no error" - 404: - description: "config not found" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is not part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - required: true - type: "string" - description: "ID of the config" - tags: ["Config"] - /configs/{id}/update: - post: - summary: "Update a Config" - operationId: "ConfigUpdate" - responses: - 200: - description: "no error" - 400: - description: "bad parameter" - schema: - $ref: "#/definitions/ErrorResponse" - 404: - description: "no such config" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - 503: - description: "node is not part of a swarm" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "id" - in: "path" - description: "The ID or name of the config" - type: "string" - required: true - - name: "body" - in: "body" - schema: - $ref: "#/definitions/ConfigSpec" - description: | - The spec of the config to update. Currently, only the Labels field - can be updated. All other fields must remain unchanged from the - [ConfigInspect endpoint](#operation/ConfigInspect) response values. - - name: "version" - in: "query" - description: | - The version number of the config object being updated. This is - required to avoid conflicting writes. - type: "integer" - format: "int64" - required: true - tags: ["Config"] - /distribution/{name}/json: - get: - summary: "Get image information from the registry" - description: | - Return image digest and platform information by contacting the registry. - operationId: "DistributionInspect" - produces: - - "application/json" - responses: - 200: - description: "descriptor and platform information" - schema: - $ref: "#/definitions/DistributionInspect" - 401: - description: "Failed authentication or no image found" - schema: - $ref: "#/definitions/ErrorResponse" - examples: - application/json: - message: "No such image: someimage (tag: latest)" - 500: - description: "Server error" - schema: - $ref: "#/definitions/ErrorResponse" - parameters: - - name: "name" - in: "path" - description: "Image name or id" - type: "string" - required: true - tags: ["Distribution"] - /session: - post: - summary: "Initialize interactive session" - description: | - Start a new interactive session with a server. Session allows server to - call back to the client for advanced capabilities. - - ### Hijacking - - This endpoint hijacks the HTTP connection to HTTP2 transport that allows - the client to expose gPRC services on that connection. - - For example, the client sends this request to upgrade the connection: - - ``` - POST /session HTTP/1.1 - Upgrade: h2c - Connection: Upgrade - ``` - - The Docker daemon responds with a `101 UPGRADED` response follow with - the raw stream: - - ``` - HTTP/1.1 101 UPGRADED - Connection: Upgrade - Upgrade: h2c - ``` - operationId: "Session" - produces: - - "application/vnd.docker.raw-stream" - responses: - 101: - description: "no error, hijacking successful" - 400: - description: "bad parameter" - schema: - $ref: "#/definitions/ErrorResponse" - 500: - description: "server error" - schema: - $ref: "#/definitions/ErrorResponse" - tags: ["Session"] diff --git a/vendor/github.com/docker/docker/api/types/build/disk_usage.go b/vendor/github.com/docker/docker/api/types/build/disk_usage.go deleted file mode 100644 index cfd7333272c4..000000000000 --- a/vendor/github.com/docker/docker/api/types/build/disk_usage.go +++ /dev/null @@ -1,10 +0,0 @@ -package build - -// CacheDiskUsage contains disk usage for the build cache. -// -// Deprecated: this type is no longer used and will be removed in the next release. -type CacheDiskUsage struct { - TotalSize int64 - Reclaimable int64 - Items []*CacheRecord -} diff --git a/vendor/github.com/docker/docker/api/types/checkpoint/options.go b/vendor/github.com/docker/docker/api/types/checkpoint/options.go deleted file mode 100644 index 9477458c241e..000000000000 --- a/vendor/github.com/docker/docker/api/types/checkpoint/options.go +++ /dev/null @@ -1,19 +0,0 @@ -package checkpoint - -// CreateOptions holds parameters to create a checkpoint from a container. -type CreateOptions struct { - CheckpointID string - CheckpointDir string - Exit bool -} - -// ListOptions holds parameters to list checkpoints for a container. -type ListOptions struct { - CheckpointDir string -} - -// DeleteOptions holds parameters to delete a checkpoint from a container. -type DeleteOptions struct { - CheckpointID string - CheckpointDir string -} diff --git a/vendor/github.com/docker/docker/api/types/client.go b/vendor/github.com/docker/docker/api/types/client.go deleted file mode 100644 index 42fe03ecca89..000000000000 --- a/vendor/github.com/docker/docker/api/types/client.go +++ /dev/null @@ -1,85 +0,0 @@ -package types - -import ( - "bufio" - "context" - "net" -) - -// NewHijackedResponse initializes a [HijackedResponse] type. -func NewHijackedResponse(conn net.Conn, mediaType string) HijackedResponse { - return HijackedResponse{Conn: conn, Reader: bufio.NewReader(conn), mediaType: mediaType} -} - -// HijackedResponse holds connection information for a hijacked request. -type HijackedResponse struct { - mediaType string - Conn net.Conn - Reader *bufio.Reader -} - -// Close closes the hijacked connection and reader. -func (h *HijackedResponse) Close() { - h.Conn.Close() -} - -// MediaType let client know if HijackedResponse hold a raw or multiplexed stream. -// returns false if HTTP Content-Type is not relevant, and container must be inspected -func (h *HijackedResponse) MediaType() (string, bool) { - if h.mediaType == "" { - return "", false - } - return h.mediaType, true -} - -// CloseWriter is an interface that implements structs -// that close input streams to prevent from writing. -type CloseWriter interface { - CloseWrite() error -} - -// CloseWrite closes a readWriter for writing. -func (h *HijackedResponse) CloseWrite() error { - if conn, ok := h.Conn.(CloseWriter); ok { - return conn.CloseWrite() - } - return nil -} - -// PluginRemoveOptions holds parameters to remove plugins. -type PluginRemoveOptions struct { - Force bool -} - -// PluginEnableOptions holds parameters to enable plugins. -type PluginEnableOptions struct { - Timeout int -} - -// PluginDisableOptions holds parameters to disable plugins. -type PluginDisableOptions struct { - Force bool -} - -// PluginInstallOptions holds parameters to install a plugin. -type PluginInstallOptions struct { - Disabled bool - AcceptAllPermissions bool - RegistryAuth string // RegistryAuth is the base64 encoded credentials for the registry - RemoteRef string // RemoteRef is the plugin name on the registry - - // PrivilegeFunc is a function that clients can supply to retry operations - // after getting an authorization error. This function returns the registry - // authentication header value in base64 encoded format, or an error if the - // privilege request fails. - // - // For details, refer to [github.com/docker/docker/api/types/registry.RequestAuthConfig]. - PrivilegeFunc func(context.Context) (string, error) - AcceptPermissionsFunc func(context.Context, PluginPrivileges) (bool, error) - Args []string -} - -// PluginCreateOptions hold all options to plugin create. -type PluginCreateOptions struct { - RepoName string -} diff --git a/vendor/github.com/docker/docker/api/types/container/disk_usage.go b/vendor/github.com/docker/docker/api/types/container/disk_usage.go deleted file mode 100644 index d77538c2ab55..000000000000 --- a/vendor/github.com/docker/docker/api/types/container/disk_usage.go +++ /dev/null @@ -1,10 +0,0 @@ -package container - -// DiskUsage contains disk usage for containers. -// -// Deprecated: this type is no longer used and will be removed in the next release. -type DiskUsage struct { - TotalSize int64 - Reclaimable int64 - Items []*Summary -} diff --git a/vendor/github.com/docker/docker/api/types/container/exec.go b/vendor/github.com/docker/docker/api/types/container/exec.go deleted file mode 100644 index e455cd27b278..000000000000 --- a/vendor/github.com/docker/docker/api/types/container/exec.go +++ /dev/null @@ -1,53 +0,0 @@ -package container - -import "github.com/docker/docker/api/types/common" - -// ExecCreateResponse is the response for a successful exec-create request. -// It holds the ID of the exec that was created. -// -// TODO(thaJeztah): make this a distinct type. -type ExecCreateResponse = common.IDResponse - -// ExecOptions is a small subset of the Config struct that holds the configuration -// for the exec feature of docker. -type ExecOptions struct { - User string // User that will run the command - Privileged bool // Is the container in privileged mode - Tty bool // Attach standard streams to a tty. - ConsoleSize *[2]uint `json:",omitempty"` // Initial console size [height, width] - AttachStdin bool // Attach the standard input, makes possible user interaction - AttachStderr bool // Attach the standard error - AttachStdout bool // Attach the standard output - DetachKeys string // Escape keys for detach - Env []string // Environment variables - WorkingDir string // Working directory - Cmd []string // Execution commands and args - - // Deprecated: the Detach field is not used, and will be removed in a future release. - Detach bool -} - -// ExecStartOptions is a temp struct used by execStart -// Config fields is part of ExecConfig in runconfig package -type ExecStartOptions struct { - // ExecStart will first check if it's detached - Detach bool - // Check if there's a tty - Tty bool - // Terminal size [height, width], unused if Tty == false - ConsoleSize *[2]uint `json:",omitempty"` -} - -// ExecAttachOptions is a temp struct used by execAttach. -// -// TODO(thaJeztah): make this a separate type; ContainerExecAttach does not use the Detach option, and cannot run detached. -type ExecAttachOptions = ExecStartOptions - -// ExecInspect holds information returned by exec inspect. -type ExecInspect struct { - ExecID string `json:"ID"` - ContainerID string - Running bool - ExitCode int - Pid int -} diff --git a/vendor/github.com/docker/docker/api/types/container/network_settings.go b/vendor/github.com/docker/docker/api/types/container/network_settings.go deleted file mode 100644 index 687145f2953a..000000000000 --- a/vendor/github.com/docker/docker/api/types/container/network_settings.go +++ /dev/null @@ -1,85 +0,0 @@ -package container - -import ( - "github.com/docker/docker/api/types/network" - "github.com/docker/go-connections/nat" -) - -// NetworkSettings exposes the network settings in the api -type NetworkSettings struct { - NetworkSettingsBase - DefaultNetworkSettings - Networks map[string]*network.EndpointSettings -} - -// NetworkSettingsBase holds networking state for a container when inspecting it. -// -// Deprecated: Most fields in NetworkSettingsBase are deprecated. Fields which aren't deprecated will move to -// NetworkSettings in v29.0, and this struct will be removed. -type NetworkSettingsBase struct { - Bridge string // Deprecated: This field is only set when the daemon is started with the --bridge flag specified. - SandboxID string // SandboxID uniquely represents a container's network stack - SandboxKey string // SandboxKey identifies the sandbox - Ports nat.PortMap // Ports is a collection of PortBinding indexed by Port - - // HairpinMode specifies if hairpin NAT should be enabled on the virtual interface - // - // Deprecated: This field is never set and will be removed in a future release. - HairpinMode bool - // LinkLocalIPv6Address is an IPv6 unicast address using the link-local prefix - // - // Deprecated: This field is never set and will be removed in a future release. - LinkLocalIPv6Address string - // LinkLocalIPv6PrefixLen is the prefix length of an IPv6 unicast address - // - // Deprecated: This field is never set and will be removed in a future release. - LinkLocalIPv6PrefixLen int - SecondaryIPAddresses []network.Address // Deprecated: This field is never set and will be removed in a future release. - SecondaryIPv6Addresses []network.Address // Deprecated: This field is never set and will be removed in a future release. -} - -// DefaultNetworkSettings holds the networking state for the default bridge, if the container is connected to that -// network. -// -// Deprecated: this struct is deprecated since Docker v1.11 and will be removed in v29. You should look for the default -// network in NetworkSettings.Networks instead. -type DefaultNetworkSettings struct { - // EndpointID uniquely represents a service endpoint in a Sandbox - // - // Deprecated: This field will be removed in v29. You should look for the default network in NetworkSettings.Networks instead. - EndpointID string - // Gateway holds the gateway address for the network - // - // Deprecated: This field will be removed in v29. You should look for the default network in NetworkSettings.Networks instead. - Gateway string - // GlobalIPv6Address holds network's global IPv6 address - // - // Deprecated: This field will be removed in v29. You should look for the default network in NetworkSettings.Networks instead. - GlobalIPv6Address string - // GlobalIPv6PrefixLen represents mask length of network's global IPv6 address - // - // Deprecated: This field will be removed in v29. You should look for the default network in NetworkSettings.Networks instead. - GlobalIPv6PrefixLen int - // IPAddress holds the IPv4 address for the network - // - // Deprecated: This field will be removed in v29. You should look for the default network in NetworkSettings.Networks instead. - IPAddress string - // IPPrefixLen represents mask length of network's IPv4 address - // - // Deprecated: This field will be removed in v29. You should look for the default network in NetworkSettings.Networks instead. - IPPrefixLen int - // IPv6Gateway holds gateway address specific for IPv6 - // - // Deprecated: This field will be removed in v29. You should look for the default network in NetworkSettings.Networks instead. - IPv6Gateway string - // MacAddress holds the MAC address for the network - // - // Deprecated: This field will be removed in v29. You should look for the default network in NetworkSettings.Networks instead. - MacAddress string -} - -// NetworkSettingsSummary provides a summary of container's networks -// in /containers/json -type NetworkSettingsSummary struct { - Networks map[string]*network.EndpointSettings -} diff --git a/vendor/github.com/docker/docker/api/types/container/options.go b/vendor/github.com/docker/docker/api/types/container/options.go deleted file mode 100644 index 7a2300576923..000000000000 --- a/vendor/github.com/docker/docker/api/types/container/options.go +++ /dev/null @@ -1,67 +0,0 @@ -package container - -import "github.com/docker/docker/api/types/filters" - -// ResizeOptions holds parameters to resize a TTY. -// It can be used to resize container TTYs and -// exec process TTYs too. -type ResizeOptions struct { - Height uint - Width uint -} - -// AttachOptions holds parameters to attach to a container. -type AttachOptions struct { - Stream bool - Stdin bool - Stdout bool - Stderr bool - DetachKeys string - Logs bool -} - -// CommitOptions holds parameters to commit changes into a container. -type CommitOptions struct { - Reference string - Comment string - Author string - Changes []string - Pause bool - Config *Config -} - -// RemoveOptions holds parameters to remove containers. -type RemoveOptions struct { - RemoveVolumes bool - RemoveLinks bool - Force bool -} - -// StartOptions holds parameters to start containers. -type StartOptions struct { - CheckpointID string - CheckpointDir string -} - -// ListOptions holds parameters to list containers with. -type ListOptions struct { - Size bool - All bool - Latest bool - Since string - Before string - Limit int - Filters filters.Args -} - -// LogsOptions holds parameters to filter logs with. -type LogsOptions struct { - ShowStdout bool - ShowStderr bool - Since string - Until string - Timestamps bool - Follow bool - Tail string - Details bool -} diff --git a/vendor/github.com/docker/docker/api/types/filters/errors.go b/vendor/github.com/docker/docker/api/types/filters/errors.go deleted file mode 100644 index b8a690d67ab5..000000000000 --- a/vendor/github.com/docker/docker/api/types/filters/errors.go +++ /dev/null @@ -1,24 +0,0 @@ -package filters - -import "fmt" - -// invalidFilter indicates that the provided filter or its value is invalid -type invalidFilter struct { - Filter string - Value []string -} - -func (e invalidFilter) Error() string { - msg := "invalid filter" - if e.Filter != "" { - msg += " '" + e.Filter - if e.Value != nil { - msg = fmt.Sprintf("%s=%s", msg, e.Value) - } - msg += "'" - } - return msg -} - -// InvalidParameter marks this error as ErrInvalidParameter -func (e invalidFilter) InvalidParameter() {} diff --git a/vendor/github.com/docker/docker/api/types/filters/filters_deprecated.go b/vendor/github.com/docker/docker/api/types/filters/filters_deprecated.go deleted file mode 100644 index 4504cd7a7fef..000000000000 --- a/vendor/github.com/docker/docker/api/types/filters/filters_deprecated.go +++ /dev/null @@ -1,61 +0,0 @@ -package filters - -import ( - "encoding/json" - - "github.com/docker/docker/api/types/versions" -) - -// ToParamWithVersion encodes Args as a JSON string. If version is less than 1.22 -// then the encoded format will use an older legacy format where the values are a -// list of strings, instead of a set. -// -// Deprecated: do not use in any new code; use ToJSON instead -func ToParamWithVersion(version string, a Args) (string, error) { - out, err := ToJSON(a) - if out == "" || err != nil { - return "", nil - } - if version != "" && versions.LessThan(version, "1.22") { - return encodeLegacyFilters(out) - } - return out, nil -} - -// encodeLegacyFilters encodes Args in the legacy format as used in API v1.21 and older. -// where values are a list of strings, instead of a set. -// -// Don't use in any new code; use [filters.ToJSON]] instead. -func encodeLegacyFilters(currentFormat string) (string, error) { - // The Args.fields field is not exported, but used to marshal JSON, - // so we'll marshal to the new format, then unmarshal to get the - // fields, and marshal again. - // - // This is far from optimal, but this code is only used for deprecated - // API versions, so should not be hit commonly. - var argsFields map[string]map[string]bool - err := json.Unmarshal([]byte(currentFormat), &argsFields) - if err != nil { - return "", err - } - - buf, err := json.Marshal(convertArgsToSlice(argsFields)) - if err != nil { - return "", err - } - return string(buf), nil -} - -func convertArgsToSlice(f map[string]map[string]bool) map[string][]string { - m := map[string][]string{} - for k, v := range f { - values := []string{} - for kk := range v { - if v[kk] { - values = append(values, kk) - } - } - m[k] = values - } - return m -} diff --git a/vendor/github.com/docker/docker/api/types/filters/parse.go b/vendor/github.com/docker/docker/api/types/filters/parse.go deleted file mode 100644 index 396657bb1921..000000000000 --- a/vendor/github.com/docker/docker/api/types/filters/parse.go +++ /dev/null @@ -1,302 +0,0 @@ -/* -Package filters provides tools for encoding a mapping of keys to a set of -multiple values. -*/ -package filters - -import ( - "encoding/json" - "regexp" - "strings" -) - -// Args stores a mapping of keys to a set of multiple values. -type Args struct { - fields map[string]map[string]bool -} - -// KeyValuePair are used to initialize a new Args -type KeyValuePair struct { - Key string - Value string -} - -// Arg creates a new KeyValuePair for initializing Args -func Arg(key, value string) KeyValuePair { - return KeyValuePair{Key: key, Value: value} -} - -// NewArgs returns a new Args populated with the initial args -func NewArgs(initialArgs ...KeyValuePair) Args { - args := Args{fields: map[string]map[string]bool{}} - for _, arg := range initialArgs { - args.Add(arg.Key, arg.Value) - } - return args -} - -// Keys returns all the keys in list of Args -func (args Args) Keys() []string { - keys := make([]string, 0, len(args.fields)) - for k := range args.fields { - keys = append(keys, k) - } - return keys -} - -// MarshalJSON returns a JSON byte representation of the Args -func (args Args) MarshalJSON() ([]byte, error) { - if len(args.fields) == 0 { - return []byte("{}"), nil - } - return json.Marshal(args.fields) -} - -// ToJSON returns the Args as a JSON encoded string -func ToJSON(a Args) (string, error) { - if a.Len() == 0 { - return "", nil - } - buf, err := json.Marshal(a) - return string(buf), err -} - -// FromJSON decodes a JSON encoded string into Args -func FromJSON(p string) (Args, error) { - args := NewArgs() - - if p == "" { - return args, nil - } - - raw := []byte(p) - err := json.Unmarshal(raw, &args) - if err == nil { - return args, nil - } - - // Fallback to parsing arguments in the legacy slice format - deprecated := map[string][]string{} - if legacyErr := json.Unmarshal(raw, &deprecated); legacyErr != nil { - return args, &invalidFilter{} - } - - args.fields = deprecatedArgs(deprecated) - return args, nil -} - -// UnmarshalJSON populates the Args from JSON encode bytes -func (args Args) UnmarshalJSON(raw []byte) error { - return json.Unmarshal(raw, &args.fields) -} - -// Get returns the list of values associated with the key -func (args Args) Get(key string) []string { - values := args.fields[key] - if values == nil { - return make([]string, 0) - } - slice := make([]string, 0, len(values)) - for key := range values { - slice = append(slice, key) - } - return slice -} - -// Add a new value to the set of values -func (args Args) Add(key, value string) { - if _, ok := args.fields[key]; ok { - args.fields[key][value] = true - } else { - args.fields[key] = map[string]bool{value: true} - } -} - -// Del removes a value from the set -func (args Args) Del(key, value string) { - if _, ok := args.fields[key]; ok { - delete(args.fields[key], value) - if len(args.fields[key]) == 0 { - delete(args.fields, key) - } - } -} - -// Len returns the number of keys in the mapping -func (args Args) Len() int { - return len(args.fields) -} - -// MatchKVList returns true if all the pairs in sources exist as key=value -// pairs in the mapping at key, or if there are no values at key. -func (args Args) MatchKVList(key string, sources map[string]string) bool { - fieldValues := args.fields[key] - - // do not filter if there is no filter set or cannot determine filter - if len(fieldValues) == 0 { - return true - } - - if len(sources) == 0 { - return false - } - - for value := range fieldValues { - testK, testV, hasValue := strings.Cut(value, "=") - - v, ok := sources[testK] - if !ok { - return false - } - if hasValue && testV != v { - return false - } - } - - return true -} - -// Match returns true if any of the values at key match the source string -func (args Args) Match(field, source string) bool { - if args.ExactMatch(field, source) { - return true - } - - fieldValues := args.fields[field] - for name2match := range fieldValues { - match, err := regexp.MatchString(name2match, source) - if err != nil { - continue - } - if match { - return true - } - } - return false -} - -// GetBoolOrDefault returns a boolean value of the key if the key is present -// and is interpretable as a boolean value. Otherwise the default value is returned. -// Error is not nil only if the filter values are not valid boolean or are conflicting. -func (args Args) GetBoolOrDefault(key string, defaultValue bool) (bool, error) { - fieldValues, ok := args.fields[key] - if !ok { - return defaultValue, nil - } - - if len(fieldValues) == 0 { - return defaultValue, &invalidFilter{key, nil} - } - - isFalse := fieldValues["0"] || fieldValues["false"] - isTrue := fieldValues["1"] || fieldValues["true"] - if isFalse == isTrue { - // Either no or conflicting truthy/falsy value were provided - return defaultValue, &invalidFilter{key, args.Get(key)} - } - return isTrue, nil -} - -// ExactMatch returns true if the source matches exactly one of the values. -func (args Args) ExactMatch(key, source string) bool { - fieldValues, ok := args.fields[key] - // do not filter if there is no filter set or cannot determine filter - if !ok || len(fieldValues) == 0 { - return true - } - - // try to match full name value to avoid O(N) regular expression matching - return fieldValues[source] -} - -// UniqueExactMatch returns true if there is only one value and the source -// matches exactly the value. -func (args Args) UniqueExactMatch(key, source string) bool { - fieldValues := args.fields[key] - // do not filter if there is no filter set or cannot determine filter - if len(fieldValues) == 0 { - return true - } - if len(args.fields[key]) != 1 { - return false - } - - // try to match full name value to avoid O(N) regular expression matching - return fieldValues[source] -} - -// FuzzyMatch returns true if the source matches exactly one value, or the -// source has one of the values as a prefix. -func (args Args) FuzzyMatch(key, source string) bool { - if args.ExactMatch(key, source) { - return true - } - - fieldValues := args.fields[key] - for prefix := range fieldValues { - if strings.HasPrefix(source, prefix) { - return true - } - } - return false -} - -// Contains returns true if the key exists in the mapping -func (args Args) Contains(field string) bool { - _, ok := args.fields[field] - return ok -} - -// Validate compared the set of accepted keys against the keys in the mapping. -// An error is returned if any mapping keys are not in the accepted set. -func (args Args) Validate(accepted map[string]bool) error { - for name := range args.fields { - if !accepted[name] { - return &invalidFilter{name, nil} - } - } - return nil -} - -// WalkValues iterates over the list of values for a key in the mapping and calls -// op() for each value. If op returns an error the iteration stops and the -// error is returned. -func (args Args) WalkValues(field string, op func(value string) error) error { - if _, ok := args.fields[field]; !ok { - return nil - } - for v := range args.fields[field] { - if err := op(v); err != nil { - return err - } - } - return nil -} - -// Clone returns a copy of args. -func (args Args) Clone() (newArgs Args) { - newArgs.fields = make(map[string]map[string]bool, len(args.fields)) - for k, m := range args.fields { - var mm map[string]bool - if m != nil { - mm = make(map[string]bool, len(m)) - for kk, v := range m { - mm[kk] = v - } - } - newArgs.fields[k] = mm - } - return newArgs -} - -func deprecatedArgs(d map[string][]string) map[string]map[string]bool { - m := map[string]map[string]bool{} - for k, v := range d { - values := map[string]bool{} - for _, vv := range v { - values[vv] = true - } - m[k] = values - } - return m -} diff --git a/vendor/github.com/docker/docker/api/types/image/disk_usage.go b/vendor/github.com/docker/docker/api/types/image/disk_usage.go deleted file mode 100644 index e847386a8d13..000000000000 --- a/vendor/github.com/docker/docker/api/types/image/disk_usage.go +++ /dev/null @@ -1,10 +0,0 @@ -package image - -// DiskUsage contains disk usage for images. -// -// Deprecated: this type is no longer used and will be removed in the next release. -type DiskUsage struct { - TotalSize int64 - Reclaimable int64 - Items []*Summary -} diff --git a/vendor/github.com/docker/docker/api/types/image/image.go b/vendor/github.com/docker/docker/api/types/image/image.go deleted file mode 100644 index abb7ffd8052e..000000000000 --- a/vendor/github.com/docker/docker/api/types/image/image.go +++ /dev/null @@ -1,47 +0,0 @@ -package image - -import ( - "io" - "time" -) - -// Metadata contains engine-local data about the image. -type Metadata struct { - // LastTagTime is the date and time at which the image was last tagged. - LastTagTime time.Time `json:",omitempty"` -} - -// PruneReport contains the response for Engine API: -// POST "/images/prune" -type PruneReport struct { - ImagesDeleted []DeleteResponse - SpaceReclaimed uint64 -} - -// LoadResponse returns information to the client about a load process. -// -// TODO(thaJeztah): remove this type, and just use an io.ReadCloser -// -// This type was added in https://github.com/moby/moby/pull/18878, related -// to https://github.com/moby/moby/issues/19177; -// -// Make docker load to output json when the response content type is json -// Swarm hijacks the response from docker load and returns JSON rather -// than plain text like the Engine does. This makes the API library to return -// information to figure that out. -// -// However the "load" endpoint unconditionally returns JSON; -// https://github.com/moby/moby/blob/7b9d2ef6e5518a3d3f3cc418459f8df786cfbbd1/api/server/router/image/image_routes.go#L248-L255 -// -// PR https://github.com/moby/moby/pull/21959 made the response-type depend -// on whether "quiet" was set, but this logic got changed in a follow-up -// https://github.com/moby/moby/pull/25557, which made the JSON response-type -// unconditionally, but the output produced depend on whether"quiet" was set. -// -// We should deprecated the "quiet" option, as it's really a client -// responsibility. -type LoadResponse struct { - // Body must be closed to avoid a resource leak - Body io.ReadCloser - JSON bool -} diff --git a/vendor/github.com/docker/docker/api/types/image/opts.go b/vendor/github.com/docker/docker/api/types/image/opts.go deleted file mode 100644 index 9e33a42fa63b..000000000000 --- a/vendor/github.com/docker/docker/api/types/image/opts.go +++ /dev/null @@ -1,124 +0,0 @@ -package image - -import ( - "context" - "io" - - "github.com/docker/docker/api/types/filters" - ocispec "github.com/opencontainers/image-spec/specs-go/v1" -) - -// ImportSource holds source information for ImageImport -type ImportSource struct { - Source io.Reader // Source is the data to send to the server to create this image from. You must set SourceName to "-" to leverage this. - SourceName string // SourceName is the name of the image to pull. Set to "-" to leverage the Source attribute. -} - -// ImportOptions holds information to import images from the client host. -type ImportOptions struct { - Tag string // Tag is the name to tag this image with. This attribute is deprecated. - Message string // Message is the message to tag the image with - Changes []string // Changes are the raw changes to apply to this image - Platform string // Platform is the target platform of the image -} - -// CreateOptions holds information to create images. -type CreateOptions struct { - RegistryAuth string // RegistryAuth is the base64 encoded credentials for the registry. - Platform string // Platform is the target platform of the image if it needs to be pulled from the registry. -} - -// PullOptions holds information to pull images. -type PullOptions struct { - All bool - RegistryAuth string // RegistryAuth is the base64 encoded credentials for the registry - - // PrivilegeFunc is a function that clients can supply to retry operations - // after getting an authorization error. This function returns the registry - // authentication header value in base64 encoded format, or an error if the - // privilege request fails. - // - // For details, refer to [github.com/docker/docker/api/types/registry.RequestAuthConfig]. - PrivilegeFunc func(context.Context) (string, error) - Platform string -} - -// PushOptions holds information to push images. -type PushOptions struct { - All bool - RegistryAuth string // RegistryAuth is the base64 encoded credentials for the registry - - // PrivilegeFunc is a function that clients can supply to retry operations - // after getting an authorization error. This function returns the registry - // authentication header value in base64 encoded format, or an error if the - // privilege request fails. - // - // For details, refer to [github.com/docker/docker/api/types/registry.RequestAuthConfig]. - PrivilegeFunc func(context.Context) (string, error) - - // Platform is an optional field that selects a specific platform to push - // when the image is a multi-platform image. - // Using this will only push a single platform-specific manifest. - Platform *ocispec.Platform `json:",omitempty"` -} - -// ListOptions holds parameters to list images with. -type ListOptions struct { - // All controls whether all images in the graph are filtered, or just - // the heads. - All bool - - // Filters is a JSON-encoded set of filter arguments. - Filters filters.Args - - // SharedSize indicates whether the shared size of images should be computed. - SharedSize bool - - // ContainerCount indicates whether container count should be computed. - // - // Deprecated: This field has been unused and is no longer required and will be removed in a future version. - ContainerCount bool - - // Manifests indicates whether the image manifests should be returned. - Manifests bool -} - -// RemoveOptions holds parameters to remove images. -type RemoveOptions struct { - Platforms []ocispec.Platform - Force bool - PruneChildren bool -} - -// HistoryOptions holds parameters to get image history. -type HistoryOptions struct { - // Platform from the manifest list to use for history. - Platform *ocispec.Platform -} - -// LoadOptions holds parameters to load images. -type LoadOptions struct { - // Quiet suppresses progress output - Quiet bool - - // Platforms selects the platforms to load if the image is a - // multi-platform image and has multiple variants. - Platforms []ocispec.Platform -} - -type InspectOptions struct { - // Manifests returns the image manifests. - Manifests bool - - // Platform selects the specific platform of a multi-platform image to inspect. - // - // This option is only available for API version 1.49 and up. - Platform *ocispec.Platform -} - -// SaveOptions holds parameters to save images. -type SaveOptions struct { - // Platforms selects the platforms to save if the image is a - // multi-platform image and has multiple variants. - Platforms []ocispec.Platform -} diff --git a/vendor/github.com/docker/docker/api/types/network/endpoint.go b/vendor/github.com/docker/docker/api/types/network/endpoint.go deleted file mode 100644 index cdc06c6c9001..000000000000 --- a/vendor/github.com/docker/docker/api/types/network/endpoint.go +++ /dev/null @@ -1,151 +0,0 @@ -package network - -import ( - "errors" - "fmt" - "net" -) - -// EndpointSettings stores the network endpoint details -type EndpointSettings struct { - // Configurations - IPAMConfig *EndpointIPAMConfig - Links []string - Aliases []string // Aliases holds the list of extra, user-specified DNS names for this endpoint. - // MacAddress may be used to specify a MAC address when the container is created. - // Once the container is running, it becomes operational data (it may contain a - // generated address). - MacAddress string - DriverOpts map[string]string - - // GwPriority determines which endpoint will provide the default gateway - // for the container. The endpoint with the highest priority will be used. - // If multiple endpoints have the same priority, they are lexicographically - // sorted based on their network name, and the one that sorts first is picked. - GwPriority int - // Operational data - NetworkID string - EndpointID string - Gateway string - IPAddress string - IPPrefixLen int - IPv6Gateway string - GlobalIPv6Address string - GlobalIPv6PrefixLen int - // DNSNames holds all the (non fully qualified) DNS names associated to this endpoint. First entry is used to - // generate PTR records. - DNSNames []string -} - -// Copy makes a deep copy of `EndpointSettings` -func (es *EndpointSettings) Copy() *EndpointSettings { - epCopy := *es - if es.IPAMConfig != nil { - epCopy.IPAMConfig = es.IPAMConfig.Copy() - } - - if es.Links != nil { - links := make([]string, 0, len(es.Links)) - epCopy.Links = append(links, es.Links...) - } - - if es.Aliases != nil { - aliases := make([]string, 0, len(es.Aliases)) - epCopy.Aliases = append(aliases, es.Aliases...) - } - - if len(es.DNSNames) > 0 { - epCopy.DNSNames = make([]string, len(es.DNSNames)) - copy(epCopy.DNSNames, es.DNSNames) - } - - return &epCopy -} - -// EndpointIPAMConfig represents IPAM configurations for the endpoint -type EndpointIPAMConfig struct { - IPv4Address string `json:",omitempty"` - IPv6Address string `json:",omitempty"` - LinkLocalIPs []string `json:",omitempty"` -} - -// Copy makes a copy of the endpoint ipam config -func (cfg *EndpointIPAMConfig) Copy() *EndpointIPAMConfig { - cfgCopy := *cfg - cfgCopy.LinkLocalIPs = make([]string, 0, len(cfg.LinkLocalIPs)) - cfgCopy.LinkLocalIPs = append(cfgCopy.LinkLocalIPs, cfg.LinkLocalIPs...) - return &cfgCopy -} - -// NetworkSubnet describes a user-defined subnet for a specific network. It's only used to validate if an -// EndpointIPAMConfig is valid for a specific network. -type NetworkSubnet interface { - // Contains checks whether the NetworkSubnet contains [addr]. - Contains(addr net.IP) bool - // IsStatic checks whether the subnet was statically allocated (ie. user-defined). - IsStatic() bool -} - -// IsInRange checks whether static IP addresses are valid in a specific network. -func (cfg *EndpointIPAMConfig) IsInRange(v4Subnets []NetworkSubnet, v6Subnets []NetworkSubnet) error { - var errs []error - - if err := validateEndpointIPAddress(cfg.IPv4Address, v4Subnets); err != nil { - errs = append(errs, err) - } - if err := validateEndpointIPAddress(cfg.IPv6Address, v6Subnets); err != nil { - errs = append(errs, err) - } - - return errJoin(errs...) -} - -func validateEndpointIPAddress(epAddr string, ipamSubnets []NetworkSubnet) error { - if epAddr == "" { - return nil - } - - var staticSubnet bool - parsedAddr := net.ParseIP(epAddr) - for _, subnet := range ipamSubnets { - if subnet.IsStatic() { - staticSubnet = true - if subnet.Contains(parsedAddr) { - return nil - } - } - } - - if staticSubnet { - return fmt.Errorf("no configured subnet or ip-range contain the IP address %s", epAddr) - } - - return errors.New("user specified IP address is supported only when connecting to networks with user configured subnets") -} - -// Validate checks whether cfg is valid. -func (cfg *EndpointIPAMConfig) Validate() error { - if cfg == nil { - return nil - } - - var errs []error - - if cfg.IPv4Address != "" { - if addr := net.ParseIP(cfg.IPv4Address); addr == nil || addr.To4() == nil || addr.IsUnspecified() { - errs = append(errs, fmt.Errorf("invalid IPv4 address: %s", cfg.IPv4Address)) - } - } - if cfg.IPv6Address != "" { - if addr := net.ParseIP(cfg.IPv6Address); addr == nil || addr.To4() != nil || addr.IsUnspecified() { - errs = append(errs, fmt.Errorf("invalid IPv6 address: %s", cfg.IPv6Address)) - } - } - for _, addr := range cfg.LinkLocalIPs { - if parsed := net.ParseIP(addr); parsed == nil || parsed.IsUnspecified() { - errs = append(errs, fmt.Errorf("invalid link-local IP address: %s", addr)) - } - } - - return errJoin(errs...) -} diff --git a/vendor/github.com/docker/docker/api/types/network/ipam.go b/vendor/github.com/docker/docker/api/types/network/ipam.go deleted file mode 100644 index f9a9ff9b358f..000000000000 --- a/vendor/github.com/docker/docker/api/types/network/ipam.go +++ /dev/null @@ -1,173 +0,0 @@ -package network - -import ( - "errors" - "fmt" - "net/netip" - "strings" -) - -// IPAM represents IP Address Management -type IPAM struct { - Driver string - Options map[string]string // Per network IPAM driver options - Config []IPAMConfig -} - -// IPAMConfig represents IPAM configurations -type IPAMConfig struct { - Subnet string `json:",omitempty"` - IPRange string `json:",omitempty"` - Gateway string `json:",omitempty"` - AuxAddress map[string]string `json:"AuxiliaryAddresses,omitempty"` -} - -type ipFamily string - -const ( - ip4 ipFamily = "IPv4" - ip6 ipFamily = "IPv6" -) - -// ValidateIPAM checks whether the network's IPAM passed as argument is valid. It returns a joinError of the list of -// errors found. -func ValidateIPAM(ipam *IPAM, enableIPv6 bool) error { - if ipam == nil { - return nil - } - - var errs []error - for _, cfg := range ipam.Config { - subnet, err := netip.ParsePrefix(cfg.Subnet) - if err != nil { - errs = append(errs, fmt.Errorf("invalid subnet %s: invalid CIDR block notation", cfg.Subnet)) - continue - } - subnetFamily := ip4 - if subnet.Addr().Is6() { - subnetFamily = ip6 - } - - if !enableIPv6 && subnetFamily == ip6 { - continue - } - - if subnet != subnet.Masked() { - errs = append(errs, fmt.Errorf("invalid subnet %s: it should be %s", subnet, subnet.Masked())) - } - - if ipRangeErrs := validateIPRange(cfg.IPRange, subnet, subnetFamily); len(ipRangeErrs) > 0 { - errs = append(errs, ipRangeErrs...) - } - - if err := validateAddress(cfg.Gateway, subnet, subnetFamily); err != nil { - errs = append(errs, fmt.Errorf("invalid gateway %s: %w", cfg.Gateway, err)) - } - - for auxName, aux := range cfg.AuxAddress { - if err := validateAddress(aux, subnet, subnetFamily); err != nil { - errs = append(errs, fmt.Errorf("invalid auxiliary address %s: %w", auxName, err)) - } - } - } - - if err := errJoin(errs...); err != nil { - return fmt.Errorf("invalid network config:\n%w", err) - } - - return nil -} - -func validateIPRange(ipRange string, subnet netip.Prefix, subnetFamily ipFamily) []error { - if ipRange == "" { - return nil - } - prefix, err := netip.ParsePrefix(ipRange) - if err != nil { - return []error{fmt.Errorf("invalid ip-range %s: invalid CIDR block notation", ipRange)} - } - family := ip4 - if prefix.Addr().Is6() { - family = ip6 - } - - if family != subnetFamily { - return []error{fmt.Errorf("invalid ip-range %s: parent subnet is an %s block", ipRange, subnetFamily)} - } - - var errs []error - if prefix.Bits() < subnet.Bits() { - errs = append(errs, fmt.Errorf("invalid ip-range %s: CIDR block is bigger than its parent subnet %s", ipRange, subnet)) - } - if prefix != prefix.Masked() { - errs = append(errs, fmt.Errorf("invalid ip-range %s: it should be %s", prefix, prefix.Masked())) - } - if !subnet.Overlaps(prefix) { - errs = append(errs, fmt.Errorf("invalid ip-range %s: parent subnet %s doesn't contain ip-range", ipRange, subnet)) - } - - return errs -} - -func validateAddress(address string, subnet netip.Prefix, subnetFamily ipFamily) error { - if address == "" { - return nil - } - addr, err := netip.ParseAddr(address) - if err != nil { - return errors.New("invalid address") - } - family := ip4 - if addr.Is6() { - family = ip6 - } - - if family != subnetFamily { - return fmt.Errorf("parent subnet is an %s block", subnetFamily) - } - if !subnet.Contains(addr) { - return fmt.Errorf("parent subnet %s doesn't contain this address", subnet) - } - - return nil -} - -func errJoin(errs ...error) error { - n := 0 - for _, err := range errs { - if err != nil { - n++ - } - } - if n == 0 { - return nil - } - e := &joinError{ - errs: make([]error, 0, n), - } - for _, err := range errs { - if err != nil { - e.errs = append(e.errs, err) - } - } - return e -} - -type joinError struct { - errs []error -} - -func (e *joinError) Error() string { - if len(e.errs) == 1 { - return strings.TrimSpace(e.errs[0].Error()) - } - stringErrs := make([]string, 0, len(e.errs)) - for _, subErr := range e.errs { - stringErrs = append(stringErrs, strings.ReplaceAll(subErr.Error(), "\n", "\n\t")) - } - return "* " + strings.Join(stringErrs, "\n* ") -} - -func (e *joinError) Unwrap() []error { - return e.errs -} diff --git a/vendor/github.com/docker/docker/api/types/network/network.go b/vendor/github.com/docker/docker/api/types/network/network.go deleted file mode 100644 index 4a0cb479848d..000000000000 --- a/vendor/github.com/docker/docker/api/types/network/network.go +++ /dev/null @@ -1,168 +0,0 @@ -package network - -import ( - "time" - - "github.com/docker/docker/api/types/filters" -) - -const ( - // NetworkDefault is a platform-independent alias to choose the platform-specific default network stack. - NetworkDefault = "default" - // NetworkHost is the name of the predefined network used when the NetworkMode host is selected (only available on Linux) - NetworkHost = "host" - // NetworkNone is the name of the predefined network used when the NetworkMode none is selected (available on both Linux and Windows) - NetworkNone = "none" - // NetworkBridge is the name of the default network on Linux - NetworkBridge = "bridge" - // NetworkNat is the name of the default network on Windows - NetworkNat = "nat" -) - -// CreateRequest is the request message sent to the server for network create call. -type CreateRequest struct { - CreateOptions - Name string // Name is the requested name of the network. - - // Deprecated: CheckDuplicate is deprecated since API v1.44, but it defaults to true when sent by the client - // package to older daemons. - CheckDuplicate *bool `json:",omitempty"` -} - -// CreateOptions holds options to create a network. -type CreateOptions struct { - Driver string // Driver is the driver-name used to create the network (e.g. `bridge`, `overlay`) - Scope string // Scope describes the level at which the network exists (e.g. `swarm` for cluster-wide or `local` for machine level). - EnableIPv4 *bool `json:",omitempty"` // EnableIPv4 represents whether to enable IPv4. - EnableIPv6 *bool `json:",omitempty"` // EnableIPv6 represents whether to enable IPv6. - IPAM *IPAM // IPAM is the network's IP Address Management. - Internal bool // Internal represents if the network is used internal only. - Attachable bool // Attachable represents if the global scope is manually attachable by regular containers from workers in swarm mode. - Ingress bool // Ingress indicates the network is providing the routing-mesh for the swarm cluster. - ConfigOnly bool // ConfigOnly creates a config-only network. Config-only networks are place-holder networks for network configurations to be used by other networks. ConfigOnly networks cannot be used directly to run containers or services. - ConfigFrom *ConfigReference // ConfigFrom specifies the source which will provide the configuration for this network. The specified network must be a config-only network; see [CreateOptions.ConfigOnly]. - Options map[string]string // Options specifies the network-specific options to use for when creating the network. - Labels map[string]string // Labels holds metadata specific to the network being created. -} - -// ListOptions holds parameters to filter the list of networks with. -type ListOptions struct { - Filters filters.Args -} - -// InspectOptions holds parameters to inspect network. -type InspectOptions struct { - Scope string - Verbose bool -} - -// ConnectOptions represents the data to be used to connect a container to the -// network. -type ConnectOptions struct { - Container string - EndpointConfig *EndpointSettings `json:",omitempty"` -} - -// DisconnectOptions represents the data to be used to disconnect a container -// from the network. -type DisconnectOptions struct { - Container string - Force bool -} - -// Inspect is the body of the "get network" http response message. -type Inspect struct { - Name string // Name is the name of the network - ID string `json:"Id"` // ID uniquely identifies a network on a single machine - Created time.Time // Created is the time the network created - Scope string // Scope describes the level at which the network exists (e.g. `swarm` for cluster-wide or `local` for machine level) - Driver string // Driver is the Driver name used to create the network (e.g. `bridge`, `overlay`) - EnableIPv4 bool // EnableIPv4 represents whether IPv4 is enabled - EnableIPv6 bool // EnableIPv6 represents whether IPv6 is enabled - IPAM IPAM // IPAM is the network's IP Address Management - Internal bool // Internal represents if the network is used internal only - Attachable bool // Attachable represents if the global scope is manually attachable by regular containers from workers in swarm mode. - Ingress bool // Ingress indicates the network is providing the routing-mesh for the swarm cluster. - ConfigFrom ConfigReference // ConfigFrom specifies the source which will provide the configuration for this network. - ConfigOnly bool // ConfigOnly networks are place-holder networks for network configurations to be used by other networks. ConfigOnly networks cannot be used directly to run containers or services. - Containers map[string]EndpointResource // Containers contains endpoints belonging to the network - Options map[string]string // Options holds the network specific options to use for when creating the network - Labels map[string]string // Labels holds metadata specific to the network being created - Peers []PeerInfo `json:",omitempty"` // List of peer nodes for an overlay network - Services map[string]ServiceInfo `json:",omitempty"` -} - -// Summary is used as response when listing networks. It currently is an alias -// for [Inspect], but may diverge in the future, as not all information may -// be included when listing networks. -type Summary = Inspect - -// Address represents an IP address -type Address struct { - Addr string - PrefixLen int -} - -// PeerInfo represents one peer of an overlay network -type PeerInfo struct { - Name string - IP string -} - -// Task carries the information about one backend task -type Task struct { - Name string - EndpointID string - EndpointIP string - Info map[string]string -} - -// ServiceInfo represents service parameters with the list of service's tasks -type ServiceInfo struct { - VIP string - Ports []string - LocalLBIndex int - Tasks []Task -} - -// EndpointResource contains network resources allocated and used for a -// container in a network. -type EndpointResource struct { - Name string - EndpointID string - MacAddress string - IPv4Address string - IPv6Address string -} - -// NetworkingConfig represents the container's networking configuration for each of its interfaces -// Carries the networking configs specified in the `docker run` and `docker network connect` commands -type NetworkingConfig struct { - EndpointsConfig map[string]*EndpointSettings // Endpoint configs for each connecting network -} - -// ConfigReference specifies the source which provides a network's configuration -type ConfigReference struct { - Network string -} - -var acceptedFilters = map[string]bool{ - "dangling": true, - "driver": true, - "id": true, - "label": true, - "name": true, - "scope": true, - "type": true, -} - -// ValidateFilters validates the list of filter args with the available filters. -func ValidateFilters(filter filters.Args) error { - return filter.Validate(acceptedFilters) -} - -// PruneReport contains the response for Engine API: -// POST "/networks/prune" -type PruneReport struct { - NetworksDeleted []string -} diff --git a/vendor/github.com/docker/docker/api/types/plugin_interface_type.go b/vendor/github.com/docker/docker/api/types/plugin_interface_type.go deleted file mode 100644 index c82f204e8708..000000000000 --- a/vendor/github.com/docker/docker/api/types/plugin_interface_type.go +++ /dev/null @@ -1,21 +0,0 @@ -package types - -// This file was generated by the swagger tool. -// Editing this file might prove futile when you re-run the swagger generate command - -// PluginInterfaceType plugin interface type -// swagger:model PluginInterfaceType -type PluginInterfaceType struct { - - // capability - // Required: true - Capability string `json:"Capability"` - - // prefix - // Required: true - Prefix string `json:"Prefix"` - - // version - // Required: true - Version string `json:"Version"` -} diff --git a/vendor/github.com/docker/docker/api/types/plugin_responses.go b/vendor/github.com/docker/docker/api/types/plugin_responses.go deleted file mode 100644 index 18f743fcde3a..000000000000 --- a/vendor/github.com/docker/docker/api/types/plugin_responses.go +++ /dev/null @@ -1,71 +0,0 @@ -package types - -import ( - "encoding/json" - "fmt" - "sort" -) - -// PluginsListResponse contains the response for the Engine API -type PluginsListResponse []*Plugin - -// UnmarshalJSON implements json.Unmarshaler for PluginInterfaceType -func (t *PluginInterfaceType) UnmarshalJSON(p []byte) error { - versionIndex := len(p) - prefixIndex := 0 - if len(p) < 2 || p[0] != '"' || p[len(p)-1] != '"' { - return fmt.Errorf("%q is not a plugin interface type", p) - } - p = p[1 : len(p)-1] -loop: - for i, b := range p { - switch b { - case '.': - prefixIndex = i - case '/': - versionIndex = i - break loop - } - } - t.Prefix = string(p[:prefixIndex]) - t.Capability = string(p[prefixIndex+1 : versionIndex]) - if versionIndex < len(p) { - t.Version = string(p[versionIndex+1:]) - } - return nil -} - -// MarshalJSON implements json.Marshaler for PluginInterfaceType -func (t *PluginInterfaceType) MarshalJSON() ([]byte, error) { - return json.Marshal(t.String()) -} - -// String implements fmt.Stringer for PluginInterfaceType -func (t PluginInterfaceType) String() string { - return fmt.Sprintf("%s.%s/%s", t.Prefix, t.Capability, t.Version) -} - -// PluginPrivilege describes a permission the user has to accept -// upon installing a plugin. -type PluginPrivilege struct { - Name string - Description string - Value []string -} - -// PluginPrivileges is a list of PluginPrivilege -type PluginPrivileges []PluginPrivilege - -func (s PluginPrivileges) Len() int { - return len(s) -} - -func (s PluginPrivileges) Less(i, j int) bool { - return s[i].Name < s[j].Name -} - -func (s PluginPrivileges) Swap(i, j int) { - sort.Strings(s[i].Value) - sort.Strings(s[j].Value) - s[i], s[j] = s[j], s[i] -} diff --git a/vendor/github.com/docker/docker/api/types/registry/authconfig.go b/vendor/github.com/docker/docker/api/types/registry/authconfig.go deleted file mode 100644 index 4c6d7ab2badf..000000000000 --- a/vendor/github.com/docker/docker/api/types/registry/authconfig.go +++ /dev/null @@ -1,112 +0,0 @@ -package registry - -import ( - "context" - "encoding/base64" - "encoding/json" - "fmt" - "io" - "strings" -) - -// AuthHeader is the name of the header used to send encoded registry -// authorization credentials for registry operations (push/pull). -const AuthHeader = "X-Registry-Auth" - -// RequestAuthConfig is a function interface that clients can supply -// to retry operations after getting an authorization error. -// -// The function must return the [AuthHeader] value ([AuthConfig]), encoded -// in base64url format ([RFC4648, section 5]), which can be decoded by -// [DecodeAuthConfig]. -// -// It must return an error if the privilege request fails. -// -// [RFC4648, section 5]: https://tools.ietf.org/html/rfc4648#section-5 -type RequestAuthConfig func(context.Context) (string, error) - -// AuthConfig contains authorization information for connecting to a Registry. -type AuthConfig struct { - Username string `json:"username,omitempty"` - Password string `json:"password,omitempty"` - Auth string `json:"auth,omitempty"` - - // Email is an optional value associated with the username. - // - // Deprecated: This field is deprecated since docker 1.11 (API v1.23) and will be removed in the next release. - Email string `json:"email,omitempty"` - - ServerAddress string `json:"serveraddress,omitempty"` - - // IdentityToken is used to authenticate the user and get - // an access token for the registry. - IdentityToken string `json:"identitytoken,omitempty"` - - // RegistryToken is a bearer token to be sent to a registry - RegistryToken string `json:"registrytoken,omitempty"` -} - -// EncodeAuthConfig serializes the auth configuration as a base64url encoded -// ([RFC4648, section 5]) JSON string for sending through the X-Registry-Auth header. -// -// [RFC4648, section 5]: https://tools.ietf.org/html/rfc4648#section-5 -func EncodeAuthConfig(authConfig AuthConfig) (string, error) { - buf, err := json.Marshal(authConfig) - if err != nil { - return "", errInvalidParameter{err} - } - return base64.URLEncoding.EncodeToString(buf), nil -} - -// DecodeAuthConfig decodes base64url encoded ([RFC4648, section 5]) JSON -// authentication information as sent through the X-Registry-Auth header. -// -// This function always returns an [AuthConfig], even if an error occurs. It is up -// to the caller to decide if authentication is required, and if the error can -// be ignored. -// -// [RFC4648, section 5]: https://tools.ietf.org/html/rfc4648#section-5 -func DecodeAuthConfig(authEncoded string) (*AuthConfig, error) { - if authEncoded == "" { - return &AuthConfig{}, nil - } - - authJSON := base64.NewDecoder(base64.URLEncoding, strings.NewReader(authEncoded)) - return decodeAuthConfigFromReader(authJSON) -} - -// DecodeAuthConfigBody decodes authentication information as sent as JSON in the -// body of a request. This function is to provide backward compatibility with old -// clients and API versions. Current clients and API versions expect authentication -// to be provided through the X-Registry-Auth header. -// -// Like [DecodeAuthConfig], this function always returns an [AuthConfig], even if an -// error occurs. It is up to the caller to decide if authentication is required, -// and if the error can be ignored. -// -// Deprecated: this function is no longer used and will be removed in the next release. -func DecodeAuthConfigBody(rdr io.ReadCloser) (*AuthConfig, error) { - return decodeAuthConfigFromReader(rdr) -} - -func decodeAuthConfigFromReader(rdr io.Reader) (*AuthConfig, error) { - authConfig := &AuthConfig{} - if err := json.NewDecoder(rdr).Decode(authConfig); err != nil { - // always return an (empty) AuthConfig to increase compatibility with - // the existing API. - return &AuthConfig{}, invalid(err) - } - return authConfig, nil -} - -func invalid(err error) error { - return errInvalidParameter{fmt.Errorf("invalid X-Registry-Auth header: %w", err)} -} - -type errInvalidParameter struct{ error } - -func (errInvalidParameter) InvalidParameter() {} - -func (e errInvalidParameter) Cause() error { return e.error } - -func (e errInvalidParameter) Unwrap() error { return e.error } diff --git a/vendor/github.com/docker/docker/api/types/registry/authenticate.go b/vendor/github.com/docker/docker/api/types/registry/authenticate.go deleted file mode 100644 index 42cac4430a62..000000000000 --- a/vendor/github.com/docker/docker/api/types/registry/authenticate.go +++ /dev/null @@ -1,21 +0,0 @@ -package registry - -// ---------------------------------------------------------------------------- -// DO NOT EDIT THIS FILE -// This file was generated by `swagger generate operation` -// -// See hack/generate-swagger-api.sh -// ---------------------------------------------------------------------------- - -// AuthenticateOKBody authenticate o k body -// swagger:model AuthenticateOKBody -type AuthenticateOKBody struct { - - // An opaque token used to authenticate a user after a successful login - // Required: true - IdentityToken string `json:"IdentityToken"` - - // The status of the authentication - // Required: true - Status string `json:"Status"` -} diff --git a/vendor/github.com/docker/docker/api/types/registry/registry.go b/vendor/github.com/docker/docker/api/types/registry/registry.go deleted file mode 100644 index 9319c964cdbd..000000000000 --- a/vendor/github.com/docker/docker/api/types/registry/registry.go +++ /dev/null @@ -1,122 +0,0 @@ -// FIXME(thaJeztah): remove once we are a module; the go:build directive prevents go from downgrading language version to go1.16: -//go:build go1.23 - -package registry - -import ( - "encoding/json" - "net" - - ocispec "github.com/opencontainers/image-spec/specs-go/v1" -) - -// ServiceConfig stores daemon registry services configuration. -type ServiceConfig struct { - AllowNondistributableArtifactsCIDRs []*NetIPNet `json:"AllowNondistributableArtifactsCIDRs,omitempty"` // Deprecated: non-distributable artifacts are deprecated and enabled by default. This field will be removed in the next release. - AllowNondistributableArtifactsHostnames []string `json:"AllowNondistributableArtifactsHostnames,omitempty"` // Deprecated: non-distributable artifacts are deprecated and enabled by default. This field will be removed in the next release. - - InsecureRegistryCIDRs []*NetIPNet `json:"InsecureRegistryCIDRs"` - IndexConfigs map[string]*IndexInfo `json:"IndexConfigs"` - Mirrors []string - - // ExtraFields is for internal use to include deprecated fields on older API versions. - ExtraFields map[string]any `json:"-"` -} - -// MarshalJSON implements a custom marshaler to include legacy fields -// in API responses. -func (sc *ServiceConfig) MarshalJSON() ([]byte, error) { - type tmp ServiceConfig - base, err := json.Marshal((*tmp)(sc)) - if err != nil { - return nil, err - } - var merged map[string]any - _ = json.Unmarshal(base, &merged) - - for k, v := range sc.ExtraFields { - merged[k] = v - } - return json.Marshal(merged) -} - -// NetIPNet is the net.IPNet type, which can be marshalled and -// unmarshalled to JSON -type NetIPNet net.IPNet - -// String returns the CIDR notation of ipnet -func (ipnet *NetIPNet) String() string { - return (*net.IPNet)(ipnet).String() -} - -// MarshalJSON returns the JSON representation of the IPNet -func (ipnet *NetIPNet) MarshalJSON() ([]byte, error) { - return json.Marshal((*net.IPNet)(ipnet).String()) -} - -// UnmarshalJSON sets the IPNet from a byte array of JSON -func (ipnet *NetIPNet) UnmarshalJSON(b []byte) error { - var ipnetStr string - if err := json.Unmarshal(b, &ipnetStr); err != nil { - return err - } - _, cidr, err := net.ParseCIDR(ipnetStr) - if err != nil { - return err - } - *ipnet = NetIPNet(*cidr) - return nil -} - -// IndexInfo contains information about a registry -// -// RepositoryInfo Examples: -// -// { -// "Index" : { -// "Name" : "docker.io", -// "Mirrors" : ["https://registry-2.docker.io/v1/", "https://registry-3.docker.io/v1/"], -// "Secure" : true, -// "Official" : true, -// }, -// "RemoteName" : "library/debian", -// "LocalName" : "debian", -// "CanonicalName" : "docker.io/debian" -// "Official" : true, -// } -// -// { -// "Index" : { -// "Name" : "127.0.0.1:5000", -// "Mirrors" : [], -// "Secure" : false, -// "Official" : false, -// }, -// "RemoteName" : "user/repo", -// "LocalName" : "127.0.0.1:5000/user/repo", -// "CanonicalName" : "127.0.0.1:5000/user/repo", -// "Official" : false, -// } -type IndexInfo struct { - // Name is the name of the registry, such as "docker.io" - Name string - // Mirrors is a list of mirrors, expressed as URIs - Mirrors []string - // Secure is set to false if the registry is part of the list of - // insecure registries. Insecure registries accept HTTP and/or accept - // HTTPS with certificates from unknown CAs. - Secure bool - // Official indicates whether this is an official registry - Official bool -} - -// DistributionInspect describes the result obtained from contacting the -// registry to retrieve image metadata -type DistributionInspect struct { - // Descriptor contains information about the manifest, including - // the content addressable digest - Descriptor ocispec.Descriptor - // Platforms contains the list of platforms supported by the image, - // obtained by parsing the manifest - Platforms []ocispec.Platform -} diff --git a/vendor/github.com/docker/docker/api/types/strslice/strslice.go b/vendor/github.com/docker/docker/api/types/strslice/strslice.go deleted file mode 100644 index bad493fb89fd..000000000000 --- a/vendor/github.com/docker/docker/api/types/strslice/strslice.go +++ /dev/null @@ -1,30 +0,0 @@ -package strslice - -import "encoding/json" - -// StrSlice represents a string or an array of strings. -// We need to override the json decoder to accept both options. -type StrSlice []string - -// UnmarshalJSON decodes the byte slice whether it's a string or an array of -// strings. This method is needed to implement json.Unmarshaler. -func (e *StrSlice) UnmarshalJSON(b []byte) error { - if len(b) == 0 { - // With no input, we preserve the existing value by returning nil and - // leaving the target alone. This allows defining default values for - // the type. - return nil - } - - p := make([]string, 0, 1) - if err := json.Unmarshal(b, &p); err != nil { - var s string - if err := json.Unmarshal(b, &s); err != nil { - return err - } - p = append(p, s) - } - - *e = p - return nil -} diff --git a/vendor/github.com/docker/docker/api/types/swarm/runtime/runtime.go b/vendor/github.com/docker/docker/api/types/swarm/runtime/runtime.go deleted file mode 100644 index 95176b268186..000000000000 --- a/vendor/github.com/docker/docker/api/types/swarm/runtime/runtime.go +++ /dev/null @@ -1,27 +0,0 @@ -package runtime - -import "fmt" - -// PluginSpec defines the base payload which clients can specify for creating -// a service with the plugin runtime. -type PluginSpec struct { - Name string `json:"name,omitempty"` - Remote string `json:"remote,omitempty"` - Privileges []*PluginPrivilege `json:"privileges,omitempty"` - Disabled bool `json:"disabled,omitempty"` - Env []string `json:"env,omitempty"` -} - -// PluginPrivilege describes a permission the user has to accept -// upon installing a plugin. -type PluginPrivilege struct { - Name string `json:"name,omitempty"` - Description string `json:"description,omitempty"` - Value []string `json:"value,omitempty"` -} - -var ( - ErrInvalidLengthPlugin = fmt.Errorf("proto: negative length found during unmarshaling") // Deprecated: this error was only used internally and is no longer used. - ErrIntOverflowPlugin = fmt.Errorf("proto: integer overflow") // Deprecated: this error was only used internally and is no longer used. - ErrUnexpectedEndOfGroupPlugin = fmt.Errorf("proto: unexpected end of group") // Deprecated: this error was only used internally and is no longer used. -) diff --git a/vendor/github.com/docker/docker/api/types/system/security_opts.go b/vendor/github.com/docker/docker/api/types/system/security_opts.go deleted file mode 100644 index edff3eb1acc8..000000000000 --- a/vendor/github.com/docker/docker/api/types/system/security_opts.go +++ /dev/null @@ -1,48 +0,0 @@ -package system - -import ( - "errors" - "fmt" - "strings" -) - -// SecurityOpt contains the name and options of a security option -type SecurityOpt struct { - Name string - Options []KeyValue -} - -// DecodeSecurityOptions decodes a security options string slice to a -// type-safe [SecurityOpt]. -func DecodeSecurityOptions(opts []string) ([]SecurityOpt, error) { - so := []SecurityOpt{} - for _, opt := range opts { - // support output from a < 1.13 docker daemon - if !strings.Contains(opt, "=") { - so = append(so, SecurityOpt{Name: opt}) - continue - } - secopt := SecurityOpt{} - for _, s := range strings.Split(opt, ",") { - k, v, ok := strings.Cut(s, "=") - if !ok { - return nil, fmt.Errorf("invalid security option %q", s) - } - if k == "" || v == "" { - return nil, errors.New("invalid empty security option") - } - if k == "name" { - secopt.Name = v - continue - } - secopt.Options = append(secopt.Options, KeyValue{Key: k, Value: v}) - } - so = append(so, secopt) - } - return so, nil -} - -// KeyValue holds a key/value pair. -type KeyValue struct { - Key, Value string -} diff --git a/vendor/github.com/docker/docker/api/types/types.go b/vendor/github.com/docker/docker/api/types/types.go deleted file mode 100644 index 8bbadeb208e3..000000000000 --- a/vendor/github.com/docker/docker/api/types/types.go +++ /dev/null @@ -1,103 +0,0 @@ -package types - -import ( - "github.com/docker/docker/api/types/build" - "github.com/docker/docker/api/types/container" - "github.com/docker/docker/api/types/image" - "github.com/docker/docker/api/types/swarm" - "github.com/docker/docker/api/types/volume" -) - -const ( - // MediaTypeRawStream is vendor specific MIME-Type set for raw TTY streams - MediaTypeRawStream = "application/vnd.docker.raw-stream" - - // MediaTypeMultiplexedStream is vendor specific MIME-Type set for stdin/stdout/stderr multiplexed streams - MediaTypeMultiplexedStream = "application/vnd.docker.multiplexed-stream" -) - -// Ping contains response of Engine API: -// GET "/_ping" -type Ping struct { - APIVersion string - OSType string - Experimental bool - BuilderVersion build.BuilderVersion - - // SwarmStatus provides information about the current swarm status of the - // engine, obtained from the "Swarm" header in the API response. - // - // It can be a nil struct if the API version does not provide this header - // in the ping response, or if an error occurred, in which case the client - // should use other ways to get the current swarm status, such as the /swarm - // endpoint. - SwarmStatus *swarm.Status -} - -// ComponentVersion describes the version information for a specific component. -type ComponentVersion struct { - Name string - Version string - Details map[string]string `json:",omitempty"` -} - -// Version contains response of Engine API: -// GET "/version" -type Version struct { - Platform struct{ Name string } `json:",omitempty"` - Components []ComponentVersion `json:",omitempty"` - - // The following fields are deprecated, they relate to the Engine component and are kept for backwards compatibility - - Version string - APIVersion string `json:"ApiVersion"` - MinAPIVersion string `json:"MinAPIVersion,omitempty"` - GitCommit string - GoVersion string - Os string - Arch string - KernelVersion string `json:",omitempty"` - Experimental bool `json:",omitempty"` - BuildTime string `json:",omitempty"` -} - -// DiskUsageObject represents an object type used for disk usage query filtering. -type DiskUsageObject string - -const ( - // ContainerObject represents a container DiskUsageObject. - ContainerObject DiskUsageObject = "container" - // ImageObject represents an image DiskUsageObject. - ImageObject DiskUsageObject = "image" - // VolumeObject represents a volume DiskUsageObject. - VolumeObject DiskUsageObject = "volume" - // BuildCacheObject represents a build-cache DiskUsageObject. - BuildCacheObject DiskUsageObject = "build-cache" -) - -// DiskUsageOptions holds parameters for system disk usage query. -type DiskUsageOptions struct { - // Types specifies what object types to include in the response. If empty, - // all object types are returned. - Types []DiskUsageObject -} - -// DiskUsage contains response of Engine API: -// GET "/system/df" -type DiskUsage struct { - LayersSize int64 - Images []*image.Summary - Containers []*container.Summary - Volumes []*volume.Volume - BuildCache []*build.CacheRecord - BuilderSize int64 `json:",omitempty"` // Deprecated: deprecated in API 1.38, and no longer used since API 1.40. -} - -// PushResult contains the tag, manifest digest, and manifest size from the -// push. It's used to signal this information to the trust code in the client -// so it can sign the manifest if necessary. -type PushResult struct { - Tag string - Digest string - Size int -} diff --git a/vendor/github.com/docker/docker/api/types/types_deprecated.go b/vendor/github.com/docker/docker/api/types/types_deprecated.go deleted file mode 100644 index c9c20b873604..000000000000 --- a/vendor/github.com/docker/docker/api/types/types_deprecated.go +++ /dev/null @@ -1,242 +0,0 @@ -package types - -import ( - "context" - - "github.com/docker/docker/api/types/build" - "github.com/docker/docker/api/types/common" - "github.com/docker/docker/api/types/container" - "github.com/docker/docker/api/types/image" - "github.com/docker/docker/api/types/storage" - "github.com/docker/docker/api/types/swarm" -) - -// IDResponse Response to an API call that returns just an Id. -// -// Deprecated: use either [container.CommitResponse] or [container.ExecCreateResponse]. It will be removed in the next release. -type IDResponse = common.IDResponse - -// ContainerJSONBase contains response of Engine API GET "/containers/{name:.*}/json" -// for API version 1.18 and older. -// -// Deprecated: use [container.InspectResponse] or [container.ContainerJSONBase]. It will be removed in the next release. -type ContainerJSONBase = container.ContainerJSONBase - -// ContainerJSON is the response for the GET "/containers/{name:.*}/json" -// endpoint. -// -// Deprecated: use [container.InspectResponse]. It will be removed in the next release. -type ContainerJSON = container.InspectResponse - -// Container contains response of Engine API: -// GET "/containers/json" -// -// Deprecated: use [container.Summary]. -type Container = container.Summary - -// ContainerState stores container's running state -// -// Deprecated: use [container.State]. -type ContainerState = container.State - -// NetworkSettings exposes the network settings in the api. -// -// Deprecated: use [container.NetworkSettings]. -type NetworkSettings = container.NetworkSettings - -// NetworkSettingsBase holds networking state for a container when inspecting it. -// -// Deprecated: [container.NetworkSettingsBase] will be removed in v29. Prefer -// accessing the fields it contains through [container.NetworkSettings]. -type NetworkSettingsBase = container.NetworkSettingsBase //nolint:staticcheck // ignore SA1019: NetworkSettingsBase is deprecated in v28.4. - -// DefaultNetworkSettings holds network information -// during the 2 release deprecation period. -// It will be removed in Docker 1.11. -// -// Deprecated: use [container.DefaultNetworkSettings]. -type DefaultNetworkSettings = container.DefaultNetworkSettings //nolint:staticcheck // ignore SA1019: DefaultNetworkSettings is deprecated in v28.4. - -// SummaryNetworkSettings provides a summary of container's networks -// in /containers/json. -// -// Deprecated: use [container.NetworkSettingsSummary]. -type SummaryNetworkSettings = container.NetworkSettingsSummary - -// Health states -const ( - NoHealthcheck = container.NoHealthcheck // Deprecated: use [container.NoHealthcheck]. - Starting = container.Starting // Deprecated: use [container.Starting]. - Healthy = container.Healthy // Deprecated: use [container.Healthy]. - Unhealthy = container.Unhealthy // Deprecated: use [container.Unhealthy]. -) - -// Health stores information about the container's healthcheck results. -// -// Deprecated: use [container.Health]. -type Health = container.Health - -// HealthcheckResult stores information about a single run of a healthcheck probe. -// -// Deprecated: use [container.HealthcheckResult]. -type HealthcheckResult = container.HealthcheckResult - -// MountPoint represents a mount point configuration inside the container. -// This is used for reporting the mountpoints in use by a container. -// -// Deprecated: use [container.MountPoint]. -type MountPoint = container.MountPoint - -// Port An open port on a container -// -// Deprecated: use [container.Port]. -type Port = container.Port - -// GraphDriverData Information about the storage driver used to store the container's and -// image's filesystem. -// -// Deprecated: use [storage.DriverData]. -type GraphDriverData = storage.DriverData - -// RootFS returns Image's RootFS description including the layer IDs. -// -// Deprecated: use [image.RootFS]. -type RootFS = image.RootFS - -// ImageInspect contains response of Engine API: -// GET "/images/{name:.*}/json" -// -// Deprecated: use [image.InspectResponse]. -type ImageInspect = image.InspectResponse - -// RequestPrivilegeFunc is a function interface that clients can supply to -// retry operations after getting an authorization error. -// This function returns the registry authentication header value in base64 -// format, or an error if the privilege request fails. -// -// Deprecated: moved to [github.com/docker/docker/api/types/registry.RequestAuthConfig]. -type RequestPrivilegeFunc func(context.Context) (string, error) - -// SecretCreateResponse contains the information returned to a client -// on the creation of a new secret. -// -// Deprecated: use [swarm.SecretCreateResponse]. -type SecretCreateResponse = swarm.SecretCreateResponse - -// SecretListOptions holds parameters to list secrets -// -// Deprecated: use [swarm.SecretListOptions]. -type SecretListOptions = swarm.SecretListOptions - -// ConfigCreateResponse contains the information returned to a client -// on the creation of a new config. -// -// Deprecated: use [swarm.ConfigCreateResponse]. -type ConfigCreateResponse = swarm.ConfigCreateResponse - -// ConfigListOptions holds parameters to list configs -// -// Deprecated: use [swarm.ConfigListOptions]. -type ConfigListOptions = swarm.ConfigListOptions - -// NodeListOptions holds parameters to list nodes with. -// -// Deprecated: use [swarm.NodeListOptions]. -type NodeListOptions = swarm.NodeListOptions - -// NodeRemoveOptions holds parameters to remove nodes with. -// -// Deprecated: use [swarm.NodeRemoveOptions]. -type NodeRemoveOptions = swarm.NodeRemoveOptions - -// TaskListOptions holds parameters to list tasks with. -// -// Deprecated: use [swarm.TaskListOptions]. -type TaskListOptions = swarm.TaskListOptions - -// ServiceCreateOptions contains the options to use when creating a service. -// -// Deprecated: use [swarm.ServiceCreateOptions]. -type ServiceCreateOptions = swarm.ServiceCreateOptions - -// ServiceUpdateOptions contains the options to be used for updating services. -// -// Deprecated: use [swarm.ServiceCreateOptions]. -type ServiceUpdateOptions = swarm.ServiceUpdateOptions - -const ( - RegistryAuthFromSpec = swarm.RegistryAuthFromSpec // Deprecated: use [swarm.RegistryAuthFromSpec]. - RegistryAuthFromPreviousSpec = swarm.RegistryAuthFromPreviousSpec // Deprecated: use [swarm.RegistryAuthFromPreviousSpec]. -) - -// ServiceListOptions holds parameters to list services with. -// -// Deprecated: use [swarm.ServiceListOptions]. -type ServiceListOptions = swarm.ServiceListOptions - -// ServiceInspectOptions holds parameters related to the "service inspect" -// operation. -// -// Deprecated: use [swarm.ServiceInspectOptions]. -type ServiceInspectOptions = swarm.ServiceInspectOptions - -// SwarmUnlockKeyResponse contains the response for Engine API: -// GET /swarm/unlockkey -// -// Deprecated: use [swarm.UnlockKeyResponse]. -type SwarmUnlockKeyResponse = swarm.UnlockKeyResponse - -// BuildCache contains information about a build cache record. -// -// Deprecated: deprecated in API 1.49. Use [build.CacheRecord] instead. -type BuildCache = build.CacheRecord - -// BuildCachePruneOptions hold parameters to prune the build cache -// -// Deprecated: use [build.CachePruneOptions]. -type BuildCachePruneOptions = build.CachePruneOptions - -// BuildCachePruneReport contains the response for Engine API: -// POST "/build/prune" -// -// Deprecated: use [build.CachePruneReport]. -type BuildCachePruneReport = build.CachePruneReport - -// BuildResult contains the image id of a successful build/ -// -// Deprecated: use [build.Result]. -type BuildResult = build.Result - -// ImageBuildOptions holds the information -// necessary to build images. -// -// Deprecated: use [build.ImageBuildOptions]. -type ImageBuildOptions = build.ImageBuildOptions - -// ImageBuildOutput defines configuration for exporting a build result -// -// Deprecated: use [build.ImageBuildOutput]. -type ImageBuildOutput = build.ImageBuildOutput - -// ImageBuildResponse holds information -// returned by a server after building -// an image. -// -// Deprecated: use [build.ImageBuildResponse]. -type ImageBuildResponse = build.ImageBuildResponse - -// BuilderVersion sets the version of underlying builder to use -// -// Deprecated: use [build.BuilderVersion]. -type BuilderVersion = build.BuilderVersion - -const ( - // BuilderV1 is the first generation builder in docker daemon - // - // Deprecated: use [build.BuilderV1]. - BuilderV1 = build.BuilderV1 - // BuilderBuildKit is builder based on moby/buildkit project - // - // Deprecated: use [build.BuilderBuildKit]. - BuilderBuildKit = build.BuilderBuildKit -) diff --git a/vendor/github.com/docker/docker/api/types/volume/disk_usage.go b/vendor/github.com/docker/docker/api/types/volume/disk_usage.go deleted file mode 100644 index 88974303a0b0..000000000000 --- a/vendor/github.com/docker/docker/api/types/volume/disk_usage.go +++ /dev/null @@ -1,10 +0,0 @@ -package volume - -// DiskUsage contains disk usage for volumes. -// -// Deprecated: this type is no longer used and will be removed in the next release. -type DiskUsage struct { - TotalSize int64 - Reclaimable int64 - Items []*Volume -} diff --git a/vendor/github.com/docker/docker/api/types/volume/volume_update.go b/vendor/github.com/docker/docker/api/types/volume/volume_update.go deleted file mode 100644 index c26ed44c6cc2..000000000000 --- a/vendor/github.com/docker/docker/api/types/volume/volume_update.go +++ /dev/null @@ -1,7 +0,0 @@ -package volume - -// UpdateOptions is configuration to update a Volume with. -type UpdateOptions struct { - // Spec is the ClusterVolumeSpec to update the volume to. - Spec *ClusterVolumeSpec `json:"Spec,omitempty"` -} diff --git a/vendor/github.com/docker/docker/client/README.md b/vendor/github.com/docker/docker/client/README.md deleted file mode 100644 index f8af3ab903df..000000000000 --- a/vendor/github.com/docker/docker/client/README.md +++ /dev/null @@ -1,38 +0,0 @@ -# Go client for the Docker Engine API - -The `docker` command uses this package to communicate with the daemon. It can -also be used by your own Go applications to do anything the command-line -interface does – running containers, pulling images, managing swarms, etc. - -For example, to list all containers (the equivalent of `docker ps --all`): - -```go -package main - -import ( - "context" - "fmt" - - "github.com/docker/docker/api/types/container" - "github.com/docker/docker/client" -) - -func main() { - apiClient, err := client.NewClientWithOpts(client.FromEnv) - if err != nil { - panic(err) - } - defer apiClient.Close() - - containers, err := apiClient.ContainerList(context.Background(), container.ListOptions{All: true}) - if err != nil { - panic(err) - } - - for _, ctr := range containers { - fmt.Printf("%s %s (status: %s)\n", ctr.ID, ctr.Image, ctr.Status) - } -} -``` - -[Full documentation is available on pkg.go.dev.](https://pkg.go.dev/github.com/docker/docker/client) diff --git a/vendor/github.com/docker/docker/client/build_cancel.go b/vendor/github.com/docker/docker/client/build_cancel.go deleted file mode 100644 index a5eeb8172274..000000000000 --- a/vendor/github.com/docker/docker/client/build_cancel.go +++ /dev/null @@ -1,16 +0,0 @@ -package client - -import ( - "context" - "net/url" -) - -// BuildCancel requests the daemon to cancel the ongoing build request. -func (cli *Client) BuildCancel(ctx context.Context, id string) error { - query := url.Values{} - query.Set("id", id) - - resp, err := cli.post(ctx, "/build/cancel", query, nil, nil) - ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/build_prune.go b/vendor/github.com/docker/docker/client/build_prune.go deleted file mode 100644 index 6f0f59e30dbc..000000000000 --- a/vendor/github.com/docker/docker/client/build_prune.go +++ /dev/null @@ -1,56 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - "net/url" - "strconv" - - "github.com/docker/docker/api/types/build" - "github.com/docker/docker/api/types/filters" - "github.com/pkg/errors" -) - -// BuildCachePrune requests the daemon to delete unused cache data -func (cli *Client) BuildCachePrune(ctx context.Context, opts build.CachePruneOptions) (*build.CachePruneReport, error) { - if err := cli.NewVersionError(ctx, "1.31", "build prune"); err != nil { - return nil, err - } - - query := url.Values{} - if opts.All { - query.Set("all", "1") - } - - if opts.KeepStorage != 0 { - query.Set("keep-storage", strconv.Itoa(int(opts.KeepStorage))) - } - if opts.ReservedSpace != 0 { - query.Set("reserved-space", strconv.Itoa(int(opts.ReservedSpace))) - } - if opts.MaxUsedSpace != 0 { - query.Set("max-used-space", strconv.Itoa(int(opts.MaxUsedSpace))) - } - if opts.MinFreeSpace != 0 { - query.Set("min-free-space", strconv.Itoa(int(opts.MinFreeSpace))) - } - f, err := filters.ToJSON(opts.Filters) - if err != nil { - return nil, errors.Wrap(err, "prune could not marshal filters option") - } - query.Set("filters", f) - - resp, err := cli.post(ctx, "/build/prune", query, nil, nil) - defer ensureReaderClosed(resp) - - if err != nil { - return nil, err - } - - report := build.CachePruneReport{} - if err := json.NewDecoder(resp.Body).Decode(&report); err != nil { - return nil, errors.Wrap(err, "error retrieving disk usage") - } - - return &report, nil -} diff --git a/vendor/github.com/docker/docker/client/checkpoint.go b/vendor/github.com/docker/docker/client/checkpoint.go deleted file mode 100644 index d020574c897c..000000000000 --- a/vendor/github.com/docker/docker/client/checkpoint.go +++ /dev/null @@ -1,18 +0,0 @@ -package client - -import ( - "context" - - "github.com/docker/docker/api/types/checkpoint" -) - -// CheckpointAPIClient defines API client methods for the checkpoints. -// -// Experimental: checkpoint and restore is still an experimental feature, -// and only available if the daemon is running with experimental features -// enabled. -type CheckpointAPIClient interface { - CheckpointCreate(ctx context.Context, container string, options checkpoint.CreateOptions) error - CheckpointDelete(ctx context.Context, container string, options checkpoint.DeleteOptions) error - CheckpointList(ctx context.Context, container string, options checkpoint.ListOptions) ([]checkpoint.Summary, error) -} diff --git a/vendor/github.com/docker/docker/client/checkpoint_create.go b/vendor/github.com/docker/docker/client/checkpoint_create.go deleted file mode 100644 index 961a5fe62f96..000000000000 --- a/vendor/github.com/docker/docker/client/checkpoint_create.go +++ /dev/null @@ -1,19 +0,0 @@ -package client - -import ( - "context" - - "github.com/docker/docker/api/types/checkpoint" -) - -// CheckpointCreate creates a checkpoint from the given container with the given name -func (cli *Client) CheckpointCreate(ctx context.Context, containerID string, options checkpoint.CreateOptions) error { - containerID, err := trimID("container", containerID) - if err != nil { - return err - } - - resp, err := cli.post(ctx, "/containers/"+containerID+"/checkpoints", nil, options, nil) - ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/checkpoint_delete.go b/vendor/github.com/docker/docker/client/checkpoint_delete.go deleted file mode 100644 index 4c51b25f2495..000000000000 --- a/vendor/github.com/docker/docker/client/checkpoint_delete.go +++ /dev/null @@ -1,25 +0,0 @@ -package client - -import ( - "context" - "net/url" - - "github.com/docker/docker/api/types/checkpoint" -) - -// CheckpointDelete deletes the checkpoint with the given name from the given container -func (cli *Client) CheckpointDelete(ctx context.Context, containerID string, options checkpoint.DeleteOptions) error { - containerID, err := trimID("container", containerID) - if err != nil { - return err - } - - query := url.Values{} - if options.CheckpointDir != "" { - query.Set("dir", options.CheckpointDir) - } - - resp, err := cli.delete(ctx, "/containers/"+containerID+"/checkpoints/"+options.CheckpointID, query, nil) - ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/checkpoint_list.go b/vendor/github.com/docker/docker/client/checkpoint_list.go deleted file mode 100644 index 8164c7668b8d..000000000000 --- a/vendor/github.com/docker/docker/client/checkpoint_list.go +++ /dev/null @@ -1,28 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - "net/url" - - "github.com/docker/docker/api/types/checkpoint" -) - -// CheckpointList returns the checkpoints of the given container in the docker host -func (cli *Client) CheckpointList(ctx context.Context, container string, options checkpoint.ListOptions) ([]checkpoint.Summary, error) { - var checkpoints []checkpoint.Summary - - query := url.Values{} - if options.CheckpointDir != "" { - query.Set("dir", options.CheckpointDir) - } - - resp, err := cli.get(ctx, "/containers/"+container+"/checkpoints", query, nil) - defer ensureReaderClosed(resp) - if err != nil { - return checkpoints, err - } - - err = json.NewDecoder(resp.Body).Decode(&checkpoints) - return checkpoints, err -} diff --git a/vendor/github.com/docker/docker/client/client_deprecated.go b/vendor/github.com/docker/docker/client/client_deprecated.go deleted file mode 100644 index 9e366ce20d16..000000000000 --- a/vendor/github.com/docker/docker/client/client_deprecated.go +++ /dev/null @@ -1,27 +0,0 @@ -package client - -import "net/http" - -// NewClient initializes a new API client for the given host and API version. -// It uses the given http client as transport. -// It also initializes the custom http headers to add to each request. -// -// It won't send any version information if the version number is empty. It is -// highly recommended that you set a version or your client may break if the -// server is upgraded. -// -// Deprecated: use [NewClientWithOpts] passing the [WithHost], [WithVersion], -// [WithHTTPClient] and [WithHTTPHeaders] options. We recommend enabling API -// version negotiation by passing the [WithAPIVersionNegotiation] option instead -// of WithVersion. -func NewClient(host string, version string, client *http.Client, httpHeaders map[string]string) (*Client, error) { - return NewClientWithOpts(WithHost(host), WithVersion(version), WithHTTPClient(client), WithHTTPHeaders(httpHeaders)) -} - -// NewEnvClient initializes a new API client based on environment variables. -// See FromEnv for a list of support environment variables. -// -// Deprecated: use [NewClientWithOpts] passing the [FromEnv] option. -func NewEnvClient() (*Client, error) { - return NewClientWithOpts(FromEnv) -} diff --git a/vendor/github.com/docker/docker/client/client_interfaces.go b/vendor/github.com/docker/docker/client/client_interfaces.go deleted file mode 100644 index df7aad430c7d..000000000000 --- a/vendor/github.com/docker/docker/client/client_interfaces.go +++ /dev/null @@ -1,237 +0,0 @@ -package client - -import ( - "context" - "io" - "net" - "net/http" - - "github.com/docker/docker/api/types" - "github.com/docker/docker/api/types/build" - "github.com/docker/docker/api/types/container" - "github.com/docker/docker/api/types/events" - "github.com/docker/docker/api/types/filters" - "github.com/docker/docker/api/types/image" - "github.com/docker/docker/api/types/network" - "github.com/docker/docker/api/types/registry" - "github.com/docker/docker/api/types/swarm" - "github.com/docker/docker/api/types/system" - "github.com/docker/docker/api/types/volume" - ocispec "github.com/opencontainers/image-spec/specs-go/v1" -) - -// CommonAPIClient is the common methods between stable and experimental versions of APIClient. -// -// Deprecated: use [APIClient] instead. This type will be an alias for [APIClient] in the next release, and removed after. -type CommonAPIClient = stableAPIClient - -// APIClient is an interface that clients that talk with a docker server must implement. -type APIClient interface { - stableAPIClient - CheckpointAPIClient // CheckpointAPIClient is still experimental. -} - -type stableAPIClient interface { - ConfigAPIClient - ContainerAPIClient - DistributionAPIClient - ImageAPIClient - NetworkAPIClient - PluginAPIClient - SystemAPIClient - VolumeAPIClient - ClientVersion() string - DaemonHost() string - HTTPClient() *http.Client - ServerVersion(ctx context.Context) (types.Version, error) - NegotiateAPIVersion(ctx context.Context) - NegotiateAPIVersionPing(types.Ping) - HijackDialer - Dialer() func(context.Context) (net.Conn, error) - Close() error - SwarmManagementAPIClient -} - -// SwarmManagementAPIClient defines all methods for managing Swarm-specific -// objects. -type SwarmManagementAPIClient interface { - SwarmAPIClient - NodeAPIClient - ServiceAPIClient - SecretAPIClient - ConfigAPIClient -} - -// HijackDialer defines methods for a hijack dialer. -type HijackDialer interface { - DialHijack(ctx context.Context, url, proto string, meta map[string][]string) (net.Conn, error) -} - -// ContainerAPIClient defines API client methods for the containers -type ContainerAPIClient interface { - ContainerAttach(ctx context.Context, container string, options container.AttachOptions) (types.HijackedResponse, error) - ContainerCommit(ctx context.Context, container string, options container.CommitOptions) (container.CommitResponse, error) - ContainerCreate(ctx context.Context, config *container.Config, hostConfig *container.HostConfig, networkingConfig *network.NetworkingConfig, platform *ocispec.Platform, containerName string) (container.CreateResponse, error) - ContainerDiff(ctx context.Context, container string) ([]container.FilesystemChange, error) - ContainerExecAttach(ctx context.Context, execID string, options container.ExecAttachOptions) (types.HijackedResponse, error) - ContainerExecCreate(ctx context.Context, container string, options container.ExecOptions) (container.ExecCreateResponse, error) - ContainerExecInspect(ctx context.Context, execID string) (container.ExecInspect, error) - ContainerExecResize(ctx context.Context, execID string, options container.ResizeOptions) error - ContainerExecStart(ctx context.Context, execID string, options container.ExecStartOptions) error - ContainerExport(ctx context.Context, container string) (io.ReadCloser, error) - ContainerInspect(ctx context.Context, container string) (container.InspectResponse, error) - ContainerInspectWithRaw(ctx context.Context, container string, getSize bool) (container.InspectResponse, []byte, error) - ContainerKill(ctx context.Context, container, signal string) error - ContainerList(ctx context.Context, options container.ListOptions) ([]container.Summary, error) - ContainerLogs(ctx context.Context, container string, options container.LogsOptions) (io.ReadCloser, error) - ContainerPause(ctx context.Context, container string) error - ContainerRemove(ctx context.Context, container string, options container.RemoveOptions) error - ContainerRename(ctx context.Context, container, newContainerName string) error - ContainerResize(ctx context.Context, container string, options container.ResizeOptions) error - ContainerRestart(ctx context.Context, container string, options container.StopOptions) error - ContainerStatPath(ctx context.Context, container, path string) (container.PathStat, error) - ContainerStats(ctx context.Context, container string, stream bool) (container.StatsResponseReader, error) - ContainerStatsOneShot(ctx context.Context, container string) (container.StatsResponseReader, error) - ContainerStart(ctx context.Context, container string, options container.StartOptions) error - ContainerStop(ctx context.Context, container string, options container.StopOptions) error - ContainerTop(ctx context.Context, container string, arguments []string) (container.TopResponse, error) - ContainerUnpause(ctx context.Context, container string) error - ContainerUpdate(ctx context.Context, container string, updateConfig container.UpdateConfig) (container.UpdateResponse, error) - ContainerWait(ctx context.Context, container string, condition container.WaitCondition) (<-chan container.WaitResponse, <-chan error) - CopyFromContainer(ctx context.Context, container, srcPath string) (io.ReadCloser, container.PathStat, error) - CopyToContainer(ctx context.Context, container, path string, content io.Reader, options container.CopyToContainerOptions) error - ContainersPrune(ctx context.Context, pruneFilters filters.Args) (container.PruneReport, error) -} - -// DistributionAPIClient defines API client methods for the registry -type DistributionAPIClient interface { - DistributionInspect(ctx context.Context, image, encodedRegistryAuth string) (registry.DistributionInspect, error) -} - -// ImageAPIClient defines API client methods for the images -type ImageAPIClient interface { - ImageBuild(ctx context.Context, context io.Reader, options build.ImageBuildOptions) (build.ImageBuildResponse, error) - BuildCachePrune(ctx context.Context, opts build.CachePruneOptions) (*build.CachePruneReport, error) - BuildCancel(ctx context.Context, id string) error - ImageCreate(ctx context.Context, parentReference string, options image.CreateOptions) (io.ReadCloser, error) - ImageImport(ctx context.Context, source image.ImportSource, ref string, options image.ImportOptions) (io.ReadCloser, error) - - ImageList(ctx context.Context, options image.ListOptions) ([]image.Summary, error) - ImagePull(ctx context.Context, ref string, options image.PullOptions) (io.ReadCloser, error) - ImagePush(ctx context.Context, ref string, options image.PushOptions) (io.ReadCloser, error) - ImageRemove(ctx context.Context, image string, options image.RemoveOptions) ([]image.DeleteResponse, error) - ImageSearch(ctx context.Context, term string, options registry.SearchOptions) ([]registry.SearchResult, error) - ImageTag(ctx context.Context, image, ref string) error - ImagesPrune(ctx context.Context, pruneFilter filters.Args) (image.PruneReport, error) - - ImageInspect(ctx context.Context, image string, _ ...ImageInspectOption) (image.InspectResponse, error) - ImageHistory(ctx context.Context, image string, _ ...ImageHistoryOption) ([]image.HistoryResponseItem, error) - ImageLoad(ctx context.Context, input io.Reader, _ ...ImageLoadOption) (image.LoadResponse, error) - ImageSave(ctx context.Context, images []string, _ ...ImageSaveOption) (io.ReadCloser, error) - - ImageAPIClientDeprecated -} - -// ImageAPIClientDeprecated defines deprecated methods of the ImageAPIClient. -type ImageAPIClientDeprecated interface { - // ImageInspectWithRaw returns the image information and its raw representation. - // - // Deprecated: Use [Client.ImageInspect] instead. Raw response can be obtained using the [ImageInspectWithRawResponse] option. - ImageInspectWithRaw(ctx context.Context, image string) (image.InspectResponse, []byte, error) -} - -// NetworkAPIClient defines API client methods for the networks -type NetworkAPIClient interface { - NetworkConnect(ctx context.Context, network, container string, config *network.EndpointSettings) error - NetworkCreate(ctx context.Context, name string, options network.CreateOptions) (network.CreateResponse, error) - NetworkDisconnect(ctx context.Context, network, container string, force bool) error - NetworkInspect(ctx context.Context, network string, options network.InspectOptions) (network.Inspect, error) - NetworkInspectWithRaw(ctx context.Context, network string, options network.InspectOptions) (network.Inspect, []byte, error) - NetworkList(ctx context.Context, options network.ListOptions) ([]network.Summary, error) - NetworkRemove(ctx context.Context, network string) error - NetworksPrune(ctx context.Context, pruneFilter filters.Args) (network.PruneReport, error) -} - -// NodeAPIClient defines API client methods for the nodes -type NodeAPIClient interface { - NodeInspectWithRaw(ctx context.Context, nodeID string) (swarm.Node, []byte, error) - NodeList(ctx context.Context, options swarm.NodeListOptions) ([]swarm.Node, error) - NodeRemove(ctx context.Context, nodeID string, options swarm.NodeRemoveOptions) error - NodeUpdate(ctx context.Context, nodeID string, version swarm.Version, node swarm.NodeSpec) error -} - -// PluginAPIClient defines API client methods for the plugins -type PluginAPIClient interface { - PluginList(ctx context.Context, filter filters.Args) (types.PluginsListResponse, error) - PluginRemove(ctx context.Context, name string, options types.PluginRemoveOptions) error - PluginEnable(ctx context.Context, name string, options types.PluginEnableOptions) error - PluginDisable(ctx context.Context, name string, options types.PluginDisableOptions) error - PluginInstall(ctx context.Context, name string, options types.PluginInstallOptions) (io.ReadCloser, error) - PluginUpgrade(ctx context.Context, name string, options types.PluginInstallOptions) (io.ReadCloser, error) - PluginPush(ctx context.Context, name string, registryAuth string) (io.ReadCloser, error) - PluginSet(ctx context.Context, name string, args []string) error - PluginInspectWithRaw(ctx context.Context, name string) (*types.Plugin, []byte, error) - PluginCreate(ctx context.Context, createContext io.Reader, options types.PluginCreateOptions) error -} - -// ServiceAPIClient defines API client methods for the services -type ServiceAPIClient interface { - ServiceCreate(ctx context.Context, service swarm.ServiceSpec, options swarm.ServiceCreateOptions) (swarm.ServiceCreateResponse, error) - ServiceInspectWithRaw(ctx context.Context, serviceID string, options swarm.ServiceInspectOptions) (swarm.Service, []byte, error) - ServiceList(ctx context.Context, options swarm.ServiceListOptions) ([]swarm.Service, error) - ServiceRemove(ctx context.Context, serviceID string) error - ServiceUpdate(ctx context.Context, serviceID string, version swarm.Version, service swarm.ServiceSpec, options swarm.ServiceUpdateOptions) (swarm.ServiceUpdateResponse, error) - ServiceLogs(ctx context.Context, serviceID string, options container.LogsOptions) (io.ReadCloser, error) - TaskLogs(ctx context.Context, taskID string, options container.LogsOptions) (io.ReadCloser, error) - TaskInspectWithRaw(ctx context.Context, taskID string) (swarm.Task, []byte, error) - TaskList(ctx context.Context, options swarm.TaskListOptions) ([]swarm.Task, error) -} - -// SwarmAPIClient defines API client methods for the swarm -type SwarmAPIClient interface { - SwarmInit(ctx context.Context, req swarm.InitRequest) (string, error) - SwarmJoin(ctx context.Context, req swarm.JoinRequest) error - SwarmGetUnlockKey(ctx context.Context) (swarm.UnlockKeyResponse, error) - SwarmUnlock(ctx context.Context, req swarm.UnlockRequest) error - SwarmLeave(ctx context.Context, force bool) error - SwarmInspect(ctx context.Context) (swarm.Swarm, error) - SwarmUpdate(ctx context.Context, version swarm.Version, swarm swarm.Spec, flags swarm.UpdateFlags) error -} - -// SystemAPIClient defines API client methods for the system -type SystemAPIClient interface { - Events(ctx context.Context, options events.ListOptions) (<-chan events.Message, <-chan error) - Info(ctx context.Context) (system.Info, error) - RegistryLogin(ctx context.Context, auth registry.AuthConfig) (registry.AuthenticateOKBody, error) - DiskUsage(ctx context.Context, options types.DiskUsageOptions) (types.DiskUsage, error) - Ping(ctx context.Context) (types.Ping, error) -} - -// VolumeAPIClient defines API client methods for the volumes -type VolumeAPIClient interface { - VolumeCreate(ctx context.Context, options volume.CreateOptions) (volume.Volume, error) - VolumeInspect(ctx context.Context, volumeID string) (volume.Volume, error) - VolumeInspectWithRaw(ctx context.Context, volumeID string) (volume.Volume, []byte, error) - VolumeList(ctx context.Context, options volume.ListOptions) (volume.ListResponse, error) - VolumeRemove(ctx context.Context, volumeID string, force bool) error - VolumesPrune(ctx context.Context, pruneFilter filters.Args) (volume.PruneReport, error) - VolumeUpdate(ctx context.Context, volumeID string, version swarm.Version, options volume.UpdateOptions) error -} - -// SecretAPIClient defines API client methods for secrets -type SecretAPIClient interface { - SecretList(ctx context.Context, options swarm.SecretListOptions) ([]swarm.Secret, error) - SecretCreate(ctx context.Context, secret swarm.SecretSpec) (swarm.SecretCreateResponse, error) - SecretRemove(ctx context.Context, id string) error - SecretInspectWithRaw(ctx context.Context, name string) (swarm.Secret, []byte, error) - SecretUpdate(ctx context.Context, id string, version swarm.Version, secret swarm.SecretSpec) error -} - -// ConfigAPIClient defines API client methods for configs -type ConfigAPIClient interface { - ConfigList(ctx context.Context, options swarm.ConfigListOptions) ([]swarm.Config, error) - ConfigCreate(ctx context.Context, config swarm.ConfigSpec) (swarm.ConfigCreateResponse, error) - ConfigRemove(ctx context.Context, id string) error - ConfigInspectWithRaw(ctx context.Context, name string) (swarm.Config, []byte, error) - ConfigUpdate(ctx context.Context, id string, version swarm.Version, config swarm.ConfigSpec) error -} diff --git a/vendor/github.com/docker/docker/client/config_create.go b/vendor/github.com/docker/docker/client/config_create.go deleted file mode 100644 index a39168e23be1..000000000000 --- a/vendor/github.com/docker/docker/client/config_create.go +++ /dev/null @@ -1,24 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - - "github.com/docker/docker/api/types/swarm" -) - -// ConfigCreate creates a new config. -func (cli *Client) ConfigCreate(ctx context.Context, config swarm.ConfigSpec) (swarm.ConfigCreateResponse, error) { - var response swarm.ConfigCreateResponse - if err := cli.NewVersionError(ctx, "1.30", "config create"); err != nil { - return response, err - } - resp, err := cli.post(ctx, "/configs/create", nil, config, nil) - defer ensureReaderClosed(resp) - if err != nil { - return response, err - } - - err = json.NewDecoder(resp.Body).Decode(&response) - return response, err -} diff --git a/vendor/github.com/docker/docker/client/config_inspect.go b/vendor/github.com/docker/docker/client/config_inspect.go deleted file mode 100644 index a9f0a8b05ee8..000000000000 --- a/vendor/github.com/docker/docker/client/config_inspect.go +++ /dev/null @@ -1,37 +0,0 @@ -package client - -import ( - "bytes" - "context" - "encoding/json" - "io" - - "github.com/docker/docker/api/types/swarm" -) - -// ConfigInspectWithRaw returns the config information with raw data -func (cli *Client) ConfigInspectWithRaw(ctx context.Context, id string) (swarm.Config, []byte, error) { - id, err := trimID("contig", id) - if err != nil { - return swarm.Config{}, nil, err - } - if err := cli.NewVersionError(ctx, "1.30", "config inspect"); err != nil { - return swarm.Config{}, nil, err - } - resp, err := cli.get(ctx, "/configs/"+id, nil, nil) - defer ensureReaderClosed(resp) - if err != nil { - return swarm.Config{}, nil, err - } - - body, err := io.ReadAll(resp.Body) - if err != nil { - return swarm.Config{}, nil, err - } - - var config swarm.Config - rdr := bytes.NewReader(body) - err = json.NewDecoder(rdr).Decode(&config) - - return config, body, err -} diff --git a/vendor/github.com/docker/docker/client/config_list.go b/vendor/github.com/docker/docker/client/config_list.go deleted file mode 100644 index 6f8a1c21f0ca..000000000000 --- a/vendor/github.com/docker/docker/client/config_list.go +++ /dev/null @@ -1,37 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - "net/url" - - "github.com/docker/docker/api/types/filters" - "github.com/docker/docker/api/types/swarm" -) - -// ConfigList returns the list of configs. -func (cli *Client) ConfigList(ctx context.Context, options swarm.ConfigListOptions) ([]swarm.Config, error) { - if err := cli.NewVersionError(ctx, "1.30", "config list"); err != nil { - return nil, err - } - query := url.Values{} - - if options.Filters.Len() > 0 { - filterJSON, err := filters.ToJSON(options.Filters) - if err != nil { - return nil, err - } - - query.Set("filters", filterJSON) - } - - resp, err := cli.get(ctx, "/configs", query, nil) - defer ensureReaderClosed(resp) - if err != nil { - return nil, err - } - - var configs []swarm.Config - err = json.NewDecoder(resp.Body).Decode(&configs) - return configs, err -} diff --git a/vendor/github.com/docker/docker/client/config_remove.go b/vendor/github.com/docker/docker/client/config_remove.go deleted file mode 100644 index 99d33b1ce2ba..000000000000 --- a/vendor/github.com/docker/docker/client/config_remove.go +++ /dev/null @@ -1,17 +0,0 @@ -package client - -import "context" - -// ConfigRemove removes a config. -func (cli *Client) ConfigRemove(ctx context.Context, id string) error { - id, err := trimID("config", id) - if err != nil { - return err - } - if err := cli.NewVersionError(ctx, "1.30", "config remove"); err != nil { - return err - } - resp, err := cli.delete(ctx, "/configs/"+id, nil, nil) - defer ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/config_update.go b/vendor/github.com/docker/docker/client/config_update.go deleted file mode 100644 index 9bc137f7f9d9..000000000000 --- a/vendor/github.com/docker/docker/client/config_update.go +++ /dev/null @@ -1,24 +0,0 @@ -package client - -import ( - "context" - "net/url" - - "github.com/docker/docker/api/types/swarm" -) - -// ConfigUpdate attempts to update a config -func (cli *Client) ConfigUpdate(ctx context.Context, id string, version swarm.Version, config swarm.ConfigSpec) error { - id, err := trimID("config", id) - if err != nil { - return err - } - if err := cli.NewVersionError(ctx, "1.30", "config update"); err != nil { - return err - } - query := url.Values{} - query.Set("version", version.String()) - resp, err := cli.post(ctx, "/configs/"+id+"/update", query, config, nil) - ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/container_attach.go b/vendor/github.com/docker/docker/client/container_attach.go deleted file mode 100644 index 1fb3493ebf9b..000000000000 --- a/vendor/github.com/docker/docker/client/container_attach.go +++ /dev/null @@ -1,65 +0,0 @@ -package client - -import ( - "context" - "net/http" - "net/url" - - "github.com/docker/docker/api/types" - "github.com/docker/docker/api/types/container" -) - -// ContainerAttach attaches a connection to a container in the server. -// It returns a types.HijackedConnection with the hijacked connection -// and the a reader to get output. It's up to the called to close -// the hijacked connection by calling types.HijackedResponse.Close. -// -// The stream format on the response will be in one of two formats: -// -// If the container is using a TTY, there is only a single stream (stdout), and -// data is copied directly from the container output stream, no extra -// multiplexing or headers. -// -// If the container is *not* using a TTY, streams for stdout and stderr are -// multiplexed. -// The format of the multiplexed stream is as follows: -// -// [8]byte{STREAM_TYPE, 0, 0, 0, SIZE1, SIZE2, SIZE3, SIZE4}[]byte{OUTPUT} -// -// STREAM_TYPE can be 1 for stdout and 2 for stderr -// -// SIZE1, SIZE2, SIZE3, and SIZE4 are four bytes of uint32 encoded as big endian. -// This is the size of OUTPUT. -// -// You can use github.com/docker/docker/pkg/stdcopy.StdCopy to demultiplex this -// stream. -func (cli *Client) ContainerAttach(ctx context.Context, containerID string, options container.AttachOptions) (types.HijackedResponse, error) { - containerID, err := trimID("container", containerID) - if err != nil { - return types.HijackedResponse{}, err - } - - query := url.Values{} - if options.Stream { - query.Set("stream", "1") - } - if options.Stdin { - query.Set("stdin", "1") - } - if options.Stdout { - query.Set("stdout", "1") - } - if options.Stderr { - query.Set("stderr", "1") - } - if options.DetachKeys != "" { - query.Set("detachKeys", options.DetachKeys) - } - if options.Logs { - query.Set("logs", "1") - } - - return cli.postHijacked(ctx, "/containers/"+containerID+"/attach", query, nil, http.Header{ - "Content-Type": {"text/plain"}, - }) -} diff --git a/vendor/github.com/docker/docker/client/container_create.go b/vendor/github.com/docker/docker/client/container_create.go deleted file mode 100644 index 0625cb125ccb..000000000000 --- a/vendor/github.com/docker/docker/client/container_create.go +++ /dev/null @@ -1,168 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - "errors" - "net/url" - "path" - "sort" - "strings" - - "github.com/docker/docker/api/types/container" - "github.com/docker/docker/api/types/network" - "github.com/docker/docker/api/types/versions" - ocispec "github.com/opencontainers/image-spec/specs-go/v1" -) - -// ContainerCreate creates a new container based on the given configuration. -// It can be associated with a name, but it's not mandatory. -func (cli *Client) ContainerCreate(ctx context.Context, config *container.Config, hostConfig *container.HostConfig, networkingConfig *network.NetworkingConfig, platform *ocispec.Platform, containerName string) (container.CreateResponse, error) { - var response container.CreateResponse - - // Make sure we negotiated (if the client is configured to do so), - // as code below contains API-version specific handling of options. - // - // Normally, version-negotiation (if enabled) would not happen until - // the API request is made. - if err := cli.checkVersion(ctx); err != nil { - return response, err - } - - if err := cli.NewVersionError(ctx, "1.25", "stop timeout"); config != nil && config.StopTimeout != nil && err != nil { - return response, err - } - if err := cli.NewVersionError(ctx, "1.41", "specify container image platform"); platform != nil && err != nil { - return response, err - } - if err := cli.NewVersionError(ctx, "1.44", "specify health-check start interval"); config != nil && config.Healthcheck != nil && config.Healthcheck.StartInterval != 0 && err != nil { - return response, err - } - if err := cli.NewVersionError(ctx, "1.44", "specify mac-address per network"); hasEndpointSpecificMacAddress(networkingConfig) && err != nil { - return response, err - } - - if hostConfig != nil { - if versions.LessThan(cli.ClientVersion(), "1.25") { - // When using API 1.24 and under, the client is responsible for removing the container - hostConfig.AutoRemove = false - } - if versions.GreaterThanOrEqualTo(cli.ClientVersion(), "1.42") || versions.LessThan(cli.ClientVersion(), "1.40") { - // KernelMemory was added in API 1.40, and deprecated in API 1.42 - hostConfig.KernelMemory = 0 - } - if platform != nil && platform.OS == "linux" && versions.LessThan(cli.ClientVersion(), "1.42") { - // When using API under 1.42, the Linux daemon doesn't respect the ConsoleSize - hostConfig.ConsoleSize = [2]uint{0, 0} - } - if versions.LessThan(cli.ClientVersion(), "1.44") { - for _, m := range hostConfig.Mounts { - if m.BindOptions != nil { - // ReadOnlyNonRecursive can be safely ignored when API < 1.44 - if m.BindOptions.ReadOnlyForceRecursive { - return response, errors.New("bind-recursive=readonly requires API v1.44 or later") - } - if m.BindOptions.NonRecursive && versions.LessThan(cli.ClientVersion(), "1.40") { - return response, errors.New("bind-recursive=disabled requires API v1.40 or later") - } - } - } - } - - hostConfig.CapAdd = normalizeCapabilities(hostConfig.CapAdd) - hostConfig.CapDrop = normalizeCapabilities(hostConfig.CapDrop) - } - - // Since API 1.44, the container-wide MacAddress is deprecated and will trigger a WARNING if it's specified. - if versions.GreaterThanOrEqualTo(cli.ClientVersion(), "1.44") { - config.MacAddress = "" //nolint:staticcheck // ignore SA1019: field is deprecated, but still used on API < v1.44. - } - - query := url.Values{} - if p := formatPlatform(platform); p != "" { - query.Set("platform", p) - } - - if containerName != "" { - query.Set("name", containerName) - } - - body := container.CreateRequest{ - Config: config, - HostConfig: hostConfig, - NetworkingConfig: networkingConfig, - } - - resp, err := cli.post(ctx, "/containers/create", query, body, nil) - defer ensureReaderClosed(resp) - if err != nil { - return response, err - } - - err = json.NewDecoder(resp.Body).Decode(&response) - return response, err -} - -// formatPlatform returns a formatted string representing platform (e.g. linux/arm/v7). -// -// Similar to containerd's platforms.Format(), but does allow components to be -// omitted (e.g. pass "architecture" only, without "os": -// https://github.com/containerd/containerd/blob/v1.5.2/platforms/platforms.go#L243-L263 -func formatPlatform(platform *ocispec.Platform) string { - if platform == nil { - return "" - } - return path.Join(platform.OS, platform.Architecture, platform.Variant) -} - -// hasEndpointSpecificMacAddress checks whether one of the endpoint in networkingConfig has a MacAddress defined. -func hasEndpointSpecificMacAddress(networkingConfig *network.NetworkingConfig) bool { - if networkingConfig == nil { - return false - } - for _, endpoint := range networkingConfig.EndpointsConfig { - if endpoint.MacAddress != "" { - return true - } - } - return false -} - -// allCapabilities is a magic value for "all capabilities" -const allCapabilities = "ALL" - -// normalizeCapabilities normalizes capabilities to their canonical form, -// removes duplicates, and sorts the results. -// -// It is similar to [github.com/docker/docker/oci/caps.NormalizeLegacyCapabilities], -// but performs no validation based on supported capabilities. -func normalizeCapabilities(caps []string) []string { - var normalized []string - - unique := make(map[string]struct{}) - for _, c := range caps { - c = normalizeCap(c) - if _, ok := unique[c]; ok { - continue - } - unique[c] = struct{}{} - normalized = append(normalized, c) - } - - sort.Strings(normalized) - return normalized -} - -// normalizeCap normalizes a capability to its canonical format by upper-casing -// and adding a "CAP_" prefix (if not yet present). It also accepts the "ALL" -// magic-value. -func normalizeCap(cap string) string { - cap = strings.ToUpper(cap) - if cap == allCapabilities { - return cap - } - if !strings.HasPrefix(cap, "CAP_") { - cap = "CAP_" + cap - } - return cap -} diff --git a/vendor/github.com/docker/docker/client/container_exec.go b/vendor/github.com/docker/docker/client/container_exec.go deleted file mode 100644 index 8abbf8924b67..000000000000 --- a/vendor/github.com/docker/docker/client/container_exec.go +++ /dev/null @@ -1,81 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - "net/http" - - "github.com/docker/docker/api/types" - "github.com/docker/docker/api/types/container" - "github.com/docker/docker/api/types/versions" -) - -// ContainerExecCreate creates a new exec configuration to run an exec process. -func (cli *Client) ContainerExecCreate(ctx context.Context, containerID string, options container.ExecOptions) (container.ExecCreateResponse, error) { - containerID, err := trimID("container", containerID) - if err != nil { - return container.ExecCreateResponse{}, err - } - - // Make sure we negotiated (if the client is configured to do so), - // as code below contains API-version specific handling of options. - // - // Normally, version-negotiation (if enabled) would not happen until - // the API request is made. - if err := cli.checkVersion(ctx); err != nil { - return container.ExecCreateResponse{}, err - } - - if err := cli.NewVersionError(ctx, "1.25", "env"); len(options.Env) != 0 && err != nil { - return container.ExecCreateResponse{}, err - } - if versions.LessThan(cli.ClientVersion(), "1.42") { - options.ConsoleSize = nil - } - - resp, err := cli.post(ctx, "/containers/"+containerID+"/exec", nil, options, nil) - defer ensureReaderClosed(resp) - if err != nil { - return container.ExecCreateResponse{}, err - } - - var response container.ExecCreateResponse - err = json.NewDecoder(resp.Body).Decode(&response) - return response, err -} - -// ContainerExecStart starts an exec process already created in the docker host. -func (cli *Client) ContainerExecStart(ctx context.Context, execID string, config container.ExecStartOptions) error { - if versions.LessThan(cli.ClientVersion(), "1.42") { - config.ConsoleSize = nil - } - resp, err := cli.post(ctx, "/exec/"+execID+"/start", nil, config, nil) - ensureReaderClosed(resp) - return err -} - -// ContainerExecAttach attaches a connection to an exec process in the server. -// It returns a types.HijackedConnection with the hijacked connection -// and the a reader to get output. It's up to the called to close -// the hijacked connection by calling types.HijackedResponse.Close. -func (cli *Client) ContainerExecAttach(ctx context.Context, execID string, config container.ExecAttachOptions) (types.HijackedResponse, error) { - if versions.LessThan(cli.ClientVersion(), "1.42") { - config.ConsoleSize = nil - } - return cli.postHijacked(ctx, "/exec/"+execID+"/start", nil, config, http.Header{ - "Content-Type": {"application/json"}, - }) -} - -// ContainerExecInspect returns information about a specific exec process on the docker host. -func (cli *Client) ContainerExecInspect(ctx context.Context, execID string) (container.ExecInspect, error) { - var response container.ExecInspect - resp, err := cli.get(ctx, "/exec/"+execID+"/json", nil, nil) - if err != nil { - return response, err - } - - err = json.NewDecoder(resp.Body).Decode(&response) - ensureReaderClosed(resp) - return response, err -} diff --git a/vendor/github.com/docker/docker/client/container_export.go b/vendor/github.com/docker/docker/client/container_export.go deleted file mode 100644 index 3fc4d5704d2b..000000000000 --- a/vendor/github.com/docker/docker/client/container_export.go +++ /dev/null @@ -1,24 +0,0 @@ -package client - -import ( - "context" - "io" - "net/url" -) - -// ContainerExport retrieves the raw contents of a container -// and returns them as an io.ReadCloser. It's up to the caller -// to close the stream. -func (cli *Client) ContainerExport(ctx context.Context, containerID string) (io.ReadCloser, error) { - containerID, err := trimID("container", containerID) - if err != nil { - return nil, err - } - - resp, err := cli.get(ctx, "/containers/"+containerID+"/export", url.Values{}, nil) - if err != nil { - return nil, err - } - - return resp.Body, nil -} diff --git a/vendor/github.com/docker/docker/client/container_inspect.go b/vendor/github.com/docker/docker/client/container_inspect.go deleted file mode 100644 index 18ccdf23393a..000000000000 --- a/vendor/github.com/docker/docker/client/container_inspect.go +++ /dev/null @@ -1,57 +0,0 @@ -package client - -import ( - "bytes" - "context" - "encoding/json" - "io" - "net/url" - - "github.com/docker/docker/api/types/container" -) - -// ContainerInspect returns the container information. -func (cli *Client) ContainerInspect(ctx context.Context, containerID string) (container.InspectResponse, error) { - containerID, err := trimID("container", containerID) - if err != nil { - return container.InspectResponse{}, err - } - - resp, err := cli.get(ctx, "/containers/"+containerID+"/json", nil, nil) - defer ensureReaderClosed(resp) - if err != nil { - return container.InspectResponse{}, err - } - - var response container.InspectResponse - err = json.NewDecoder(resp.Body).Decode(&response) - return response, err -} - -// ContainerInspectWithRaw returns the container information and its raw representation. -func (cli *Client) ContainerInspectWithRaw(ctx context.Context, containerID string, getSize bool) (container.InspectResponse, []byte, error) { - containerID, err := trimID("container", containerID) - if err != nil { - return container.InspectResponse{}, nil, err - } - - query := url.Values{} - if getSize { - query.Set("size", "1") - } - resp, err := cli.get(ctx, "/containers/"+containerID+"/json", query, nil) - defer ensureReaderClosed(resp) - if err != nil { - return container.InspectResponse{}, nil, err - } - - body, err := io.ReadAll(resp.Body) - if err != nil { - return container.InspectResponse{}, nil, err - } - - var response container.InspectResponse - rdr := bytes.NewReader(body) - err = json.NewDecoder(rdr).Decode(&response) - return response, body, err -} diff --git a/vendor/github.com/docker/docker/client/container_kill.go b/vendor/github.com/docker/docker/client/container_kill.go deleted file mode 100644 index 251ae479a38f..000000000000 --- a/vendor/github.com/docker/docker/client/container_kill.go +++ /dev/null @@ -1,23 +0,0 @@ -package client - -import ( - "context" - "net/url" -) - -// ContainerKill terminates the container process but does not remove the container from the docker host. -func (cli *Client) ContainerKill(ctx context.Context, containerID, signal string) error { - containerID, err := trimID("container", containerID) - if err != nil { - return err - } - - query := url.Values{} - if signal != "" { - query.Set("signal", signal) - } - - resp, err := cli.post(ctx, "/containers/"+containerID+"/kill", query, nil, nil) - ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/container_logs.go b/vendor/github.com/docker/docker/client/container_logs.go deleted file mode 100644 index 3ea1f68d4212..000000000000 --- a/vendor/github.com/docker/docker/client/container_logs.go +++ /dev/null @@ -1,85 +0,0 @@ -package client - -import ( - "context" - "io" - "net/url" - "time" - - "github.com/docker/docker/api/types/container" - timetypes "github.com/docker/docker/api/types/time" - "github.com/pkg/errors" -) - -// ContainerLogs returns the logs generated by a container in an io.ReadCloser. -// It's up to the caller to close the stream. -// -// The stream format on the response will be in one of two formats: -// -// If the container is using a TTY, there is only a single stream (stdout), and -// data is copied directly from the container output stream, no extra -// multiplexing or headers. -// -// If the container is *not* using a TTY, streams for stdout and stderr are -// multiplexed. -// The format of the multiplexed stream is as follows: -// -// [8]byte{STREAM_TYPE, 0, 0, 0, SIZE1, SIZE2, SIZE3, SIZE4}[]byte{OUTPUT} -// -// STREAM_TYPE can be 1 for stdout and 2 for stderr -// -// SIZE1, SIZE2, SIZE3, and SIZE4 are four bytes of uint32 encoded as big endian. -// This is the size of OUTPUT. -// -// You can use github.com/docker/docker/pkg/stdcopy.StdCopy to demultiplex this -// stream. -func (cli *Client) ContainerLogs(ctx context.Context, containerID string, options container.LogsOptions) (io.ReadCloser, error) { - containerID, err := trimID("container", containerID) - if err != nil { - return nil, err - } - - query := url.Values{} - if options.ShowStdout { - query.Set("stdout", "1") - } - - if options.ShowStderr { - query.Set("stderr", "1") - } - - if options.Since != "" { - ts, err := timetypes.GetTimestamp(options.Since, time.Now()) - if err != nil { - return nil, errors.Wrap(err, `invalid value for "since"`) - } - query.Set("since", ts) - } - - if options.Until != "" { - ts, err := timetypes.GetTimestamp(options.Until, time.Now()) - if err != nil { - return nil, errors.Wrap(err, `invalid value for "until"`) - } - query.Set("until", ts) - } - - if options.Timestamps { - query.Set("timestamps", "1") - } - - if options.Details { - query.Set("details", "1") - } - - if options.Follow { - query.Set("follow", "1") - } - query.Set("tail", options.Tail) - - resp, err := cli.get(ctx, "/containers/"+containerID+"/logs", query, nil) - if err != nil { - return nil, err - } - return resp.Body, nil -} diff --git a/vendor/github.com/docker/docker/client/container_pause.go b/vendor/github.com/docker/docker/client/container_pause.go deleted file mode 100644 index 59b3e2d86584..000000000000 --- a/vendor/github.com/docker/docker/client/container_pause.go +++ /dev/null @@ -1,15 +0,0 @@ -package client - -import "context" - -// ContainerPause pauses the main process of a given container without terminating it. -func (cli *Client) ContainerPause(ctx context.Context, containerID string) error { - containerID, err := trimID("container", containerID) - if err != nil { - return err - } - - resp, err := cli.post(ctx, "/containers/"+containerID+"/pause", nil, nil, nil) - ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/container_prune.go b/vendor/github.com/docker/docker/client/container_prune.go deleted file mode 100644 index 84fb6bc2350a..000000000000 --- a/vendor/github.com/docker/docker/client/container_prune.go +++ /dev/null @@ -1,35 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - "fmt" - - "github.com/docker/docker/api/types/container" - "github.com/docker/docker/api/types/filters" -) - -// ContainersPrune requests the daemon to delete unused data -func (cli *Client) ContainersPrune(ctx context.Context, pruneFilters filters.Args) (container.PruneReport, error) { - if err := cli.NewVersionError(ctx, "1.25", "container prune"); err != nil { - return container.PruneReport{}, err - } - - query, err := getFiltersQuery(pruneFilters) - if err != nil { - return container.PruneReport{}, err - } - - resp, err := cli.post(ctx, "/containers/prune", query, nil, nil) - defer ensureReaderClosed(resp) - if err != nil { - return container.PruneReport{}, err - } - - var report container.PruneReport - if err := json.NewDecoder(resp.Body).Decode(&report); err != nil { - return container.PruneReport{}, fmt.Errorf("Error retrieving disk usage: %v", err) - } - - return report, nil -} diff --git a/vendor/github.com/docker/docker/client/container_rename.go b/vendor/github.com/docker/docker/client/container_rename.go deleted file mode 100644 index 4c030228cdd3..000000000000 --- a/vendor/github.com/docker/docker/client/container_rename.go +++ /dev/null @@ -1,20 +0,0 @@ -package client - -import ( - "context" - "net/url" -) - -// ContainerRename changes the name of a given container. -func (cli *Client) ContainerRename(ctx context.Context, containerID, newContainerName string) error { - containerID, err := trimID("container", containerID) - if err != nil { - return err - } - - query := url.Values{} - query.Set("name", newContainerName) - resp, err := cli.post(ctx, "/containers/"+containerID+"/rename", query, nil, nil) - ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/container_resize.go b/vendor/github.com/docker/docker/client/container_resize.go deleted file mode 100644 index 56b7368b753f..000000000000 --- a/vendor/github.com/docker/docker/client/container_resize.go +++ /dev/null @@ -1,38 +0,0 @@ -package client - -import ( - "context" - "net/url" - "strconv" - - "github.com/docker/docker/api/types/container" -) - -// ContainerResize changes the size of the tty for a container. -func (cli *Client) ContainerResize(ctx context.Context, containerID string, options container.ResizeOptions) error { - containerID, err := trimID("container", containerID) - if err != nil { - return err - } - return cli.resize(ctx, "/containers/"+containerID, options.Height, options.Width) -} - -// ContainerExecResize changes the size of the tty for an exec process running inside a container. -func (cli *Client) ContainerExecResize(ctx context.Context, execID string, options container.ResizeOptions) error { - execID, err := trimID("exec", execID) - if err != nil { - return err - } - return cli.resize(ctx, "/exec/"+execID, options.Height, options.Width) -} - -func (cli *Client) resize(ctx context.Context, basePath string, height, width uint) error { - // FIXME(thaJeztah): the API / backend accepts uint32, but container.ResizeOptions uses uint. - query := url.Values{} - query.Set("h", strconv.FormatUint(uint64(height), 10)) - query.Set("w", strconv.FormatUint(uint64(width), 10)) - - resp, err := cli.post(ctx, basePath+"/resize", query, nil, nil) - ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/container_restart.go b/vendor/github.com/docker/docker/client/container_restart.go deleted file mode 100644 index 5af07bfc76f8..000000000000 --- a/vendor/github.com/docker/docker/client/container_restart.go +++ /dev/null @@ -1,41 +0,0 @@ -package client - -import ( - "context" - "net/url" - "strconv" - - "github.com/docker/docker/api/types/container" - "github.com/docker/docker/api/types/versions" -) - -// ContainerRestart stops and starts a container again. -// It makes the daemon wait for the container to be up again for -// a specific amount of time, given the timeout. -func (cli *Client) ContainerRestart(ctx context.Context, containerID string, options container.StopOptions) error { - containerID, err := trimID("container", containerID) - if err != nil { - return err - } - - query := url.Values{} - if options.Timeout != nil { - query.Set("t", strconv.Itoa(*options.Timeout)) - } - if options.Signal != "" { - // Make sure we negotiated (if the client is configured to do so), - // as code below contains API-version specific handling of options. - // - // Normally, version-negotiation (if enabled) would not happen until - // the API request is made. - if err := cli.checkVersion(ctx); err != nil { - return err - } - if versions.GreaterThanOrEqualTo(cli.version, "1.42") { - query.Set("signal", options.Signal) - } - } - resp, err := cli.post(ctx, "/containers/"+containerID+"/restart", query, nil, nil) - ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/container_stats.go b/vendor/github.com/docker/docker/client/container_stats.go deleted file mode 100644 index 076954f4c3e8..000000000000 --- a/vendor/github.com/docker/docker/client/container_stats.go +++ /dev/null @@ -1,56 +0,0 @@ -package client - -import ( - "context" - "net/url" - - "github.com/docker/docker/api/types/container" -) - -// ContainerStats returns near realtime stats for a given container. -// It's up to the caller to close the io.ReadCloser returned. -func (cli *Client) ContainerStats(ctx context.Context, containerID string, stream bool) (container.StatsResponseReader, error) { - containerID, err := trimID("container", containerID) - if err != nil { - return container.StatsResponseReader{}, err - } - - query := url.Values{} - query.Set("stream", "0") - if stream { - query.Set("stream", "1") - } - - resp, err := cli.get(ctx, "/containers/"+containerID+"/stats", query, nil) - if err != nil { - return container.StatsResponseReader{}, err - } - - return container.StatsResponseReader{ - Body: resp.Body, - OSType: resp.Header.Get("Ostype"), - }, nil -} - -// ContainerStatsOneShot gets a single stat entry from a container. -// It differs from `ContainerStats` in that the API should not wait to prime the stats -func (cli *Client) ContainerStatsOneShot(ctx context.Context, containerID string) (container.StatsResponseReader, error) { - containerID, err := trimID("container", containerID) - if err != nil { - return container.StatsResponseReader{}, err - } - - query := url.Values{} - query.Set("stream", "0") - query.Set("one-shot", "1") - - resp, err := cli.get(ctx, "/containers/"+containerID+"/stats", query, nil) - if err != nil { - return container.StatsResponseReader{}, err - } - - return container.StatsResponseReader{ - Body: resp.Body, - OSType: resp.Header.Get("Ostype"), - }, nil -} diff --git a/vendor/github.com/docker/docker/client/container_stop.go b/vendor/github.com/docker/docker/client/container_stop.go deleted file mode 100644 index 175b9c8bcc8f..000000000000 --- a/vendor/github.com/docker/docker/client/container_stop.go +++ /dev/null @@ -1,45 +0,0 @@ -package client - -import ( - "context" - "net/url" - "strconv" - - "github.com/docker/docker/api/types/container" - "github.com/docker/docker/api/types/versions" -) - -// ContainerStop stops a container. In case the container fails to stop -// gracefully within a time frame specified by the timeout argument, -// it is forcefully terminated (killed). -// -// If the timeout is nil, the container's StopTimeout value is used, if set, -// otherwise the engine default. A negative timeout value can be specified, -// meaning no timeout, i.e. no forceful termination is performed. -func (cli *Client) ContainerStop(ctx context.Context, containerID string, options container.StopOptions) error { - containerID, err := trimID("container", containerID) - if err != nil { - return err - } - - query := url.Values{} - if options.Timeout != nil { - query.Set("t", strconv.Itoa(*options.Timeout)) - } - if options.Signal != "" { - // Make sure we negotiated (if the client is configured to do so), - // as code below contains API-version specific handling of options. - // - // Normally, version-negotiation (if enabled) would not happen until - // the API request is made. - if err := cli.checkVersion(ctx); err != nil { - return err - } - if versions.GreaterThanOrEqualTo(cli.version, "1.42") { - query.Set("signal", options.Signal) - } - } - resp, err := cli.post(ctx, "/containers/"+containerID+"/stop", query, nil, nil) - ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/container_top.go b/vendor/github.com/docker/docker/client/container_top.go deleted file mode 100644 index 5770f9d469a1..000000000000 --- a/vendor/github.com/docker/docker/client/container_top.go +++ /dev/null @@ -1,33 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - "net/url" - "strings" - - "github.com/docker/docker/api/types/container" -) - -// ContainerTop shows process information from within a container. -func (cli *Client) ContainerTop(ctx context.Context, containerID string, arguments []string) (container.TopResponse, error) { - containerID, err := trimID("container", containerID) - if err != nil { - return container.TopResponse{}, err - } - - query := url.Values{} - if len(arguments) > 0 { - query.Set("ps_args", strings.Join(arguments, " ")) - } - - resp, err := cli.get(ctx, "/containers/"+containerID+"/top", query, nil) - defer ensureReaderClosed(resp) - if err != nil { - return container.TopResponse{}, err - } - - var response container.TopResponse - err = json.NewDecoder(resp.Body).Decode(&response) - return response, err -} diff --git a/vendor/github.com/docker/docker/client/container_unpause.go b/vendor/github.com/docker/docker/client/container_unpause.go deleted file mode 100644 index c95f6e3abaef..000000000000 --- a/vendor/github.com/docker/docker/client/container_unpause.go +++ /dev/null @@ -1,15 +0,0 @@ -package client - -import "context" - -// ContainerUnpause resumes the process execution within a container -func (cli *Client) ContainerUnpause(ctx context.Context, containerID string) error { - containerID, err := trimID("container", containerID) - if err != nil { - return err - } - - resp, err := cli.post(ctx, "/containers/"+containerID+"/unpause", nil, nil, nil) - ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/container_update.go b/vendor/github.com/docker/docker/client/container_update.go deleted file mode 100644 index 10e966d089e7..000000000000 --- a/vendor/github.com/docker/docker/client/container_update.go +++ /dev/null @@ -1,26 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - - "github.com/docker/docker/api/types/container" -) - -// ContainerUpdate updates the resources of a container. -func (cli *Client) ContainerUpdate(ctx context.Context, containerID string, updateConfig container.UpdateConfig) (container.UpdateResponse, error) { - containerID, err := trimID("container", containerID) - if err != nil { - return container.UpdateResponse{}, err - } - - resp, err := cli.post(ctx, "/containers/"+containerID+"/update", nil, updateConfig, nil) - defer ensureReaderClosed(resp) - if err != nil { - return container.UpdateResponse{}, err - } - - var response container.UpdateResponse - err = json.NewDecoder(resp.Body).Decode(&response) - return response, err -} diff --git a/vendor/github.com/docker/docker/client/container_wait.go b/vendor/github.com/docker/docker/client/container_wait.go deleted file mode 100644 index 75c03a12fa67..000000000000 --- a/vendor/github.com/docker/docker/client/container_wait.go +++ /dev/null @@ -1,122 +0,0 @@ -package client - -import ( - "bytes" - "context" - "encoding/json" - "errors" - "io" - "net/url" - - "github.com/docker/docker/api/types/container" - "github.com/docker/docker/api/types/versions" -) - -const containerWaitErrorMsgLimit = 2 * 1024 /* Max: 2KiB */ - -// ContainerWait waits until the specified container is in a certain state -// indicated by the given condition, either "not-running" (default), -// "next-exit", or "removed". -// -// If this client's API version is before 1.30, condition is ignored and -// ContainerWait will return immediately with the two channels, as the server -// will wait as if the condition were "not-running". -// -// If this client's API version is at least 1.30, ContainerWait blocks until -// the request has been acknowledged by the server (with a response header), -// then returns two channels on which the caller can wait for the exit status -// of the container or an error if there was a problem either beginning the -// wait request or in getting the response. This allows the caller to -// synchronize ContainerWait with other calls, such as specifying a -// "next-exit" condition before issuing a ContainerStart request. -func (cli *Client) ContainerWait(ctx context.Context, containerID string, condition container.WaitCondition) (<-chan container.WaitResponse, <-chan error) { - resultC := make(chan container.WaitResponse) - errC := make(chan error, 1) - - containerID, err := trimID("container", containerID) - if err != nil { - errC <- err - return resultC, errC - } - - // Make sure we negotiated (if the client is configured to do so), - // as code below contains API-version specific handling of options. - // - // Normally, version-negotiation (if enabled) would not happen until - // the API request is made. - if err := cli.checkVersion(ctx); err != nil { - errC <- err - return resultC, errC - } - if versions.LessThan(cli.ClientVersion(), "1.30") { - return cli.legacyContainerWait(ctx, containerID) - } - - query := url.Values{} - if condition != "" { - query.Set("condition", string(condition)) - } - - resp, err := cli.post(ctx, "/containers/"+containerID+"/wait", query, nil, nil) - if err != nil { - defer ensureReaderClosed(resp) - errC <- err - return resultC, errC - } - - go func() { - defer ensureReaderClosed(resp) - - responseText := bytes.NewBuffer(nil) - stream := io.TeeReader(resp.Body, responseText) - - var res container.WaitResponse - if err := json.NewDecoder(stream).Decode(&res); err != nil { - // NOTE(nicks): The /wait API does not work well with HTTP proxies. - // At any time, the proxy could cut off the response stream. - // - // But because the HTTP status has already been written, the proxy's - // only option is to write a plaintext error message. - // - // If there's a JSON parsing error, read the real error message - // off the body and send it to the client. - if errors.As(err, new(*json.SyntaxError)) { - _, _ = io.ReadAll(io.LimitReader(stream, containerWaitErrorMsgLimit)) - errC <- errors.New(responseText.String()) - } else { - errC <- err - } - return - } - - resultC <- res - }() - - return resultC, errC -} - -// legacyContainerWait returns immediately and doesn't have an option to wait -// until the container is removed. -func (cli *Client) legacyContainerWait(ctx context.Context, containerID string) (<-chan container.WaitResponse, <-chan error) { - resultC := make(chan container.WaitResponse) - errC := make(chan error) - - go func() { - resp, err := cli.post(ctx, "/containers/"+containerID+"/wait", nil, nil, nil) - if err != nil { - errC <- err - return - } - defer ensureReaderClosed(resp) - - var res container.WaitResponse - if err := json.NewDecoder(resp.Body).Decode(&res); err != nil { - errC <- err - return - } - - resultC <- res - }() - - return resultC, errC -} diff --git a/vendor/github.com/docker/docker/client/disk_usage.go b/vendor/github.com/docker/docker/client/disk_usage.go deleted file mode 100644 index 729e105715fd..000000000000 --- a/vendor/github.com/docker/docker/client/disk_usage.go +++ /dev/null @@ -1,33 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - "fmt" - "net/url" - - "github.com/docker/docker/api/types" -) - -// DiskUsage requests the current data usage from the daemon -func (cli *Client) DiskUsage(ctx context.Context, options types.DiskUsageOptions) (types.DiskUsage, error) { - var query url.Values - if len(options.Types) > 0 { - query = url.Values{} - for _, t := range options.Types { - query.Add("type", string(t)) - } - } - - resp, err := cli.get(ctx, "/system/df", query, nil) - defer ensureReaderClosed(resp) - if err != nil { - return types.DiskUsage{}, err - } - - var du types.DiskUsage - if err := json.NewDecoder(resp.Body).Decode(&du); err != nil { - return types.DiskUsage{}, fmt.Errorf("Error retrieving disk usage: %v", err) - } - return du, nil -} diff --git a/vendor/github.com/docker/docker/client/distribution_inspect.go b/vendor/github.com/docker/docker/client/distribution_inspect.go deleted file mode 100644 index 693c4121a621..000000000000 --- a/vendor/github.com/docker/docker/client/distribution_inspect.go +++ /dev/null @@ -1,39 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - "net/http" - "net/url" - - "github.com/docker/docker/api/types/registry" -) - -// DistributionInspect returns the image digest with the full manifest. -func (cli *Client) DistributionInspect(ctx context.Context, imageRef, encodedRegistryAuth string) (registry.DistributionInspect, error) { - if imageRef == "" { - return registry.DistributionInspect{}, objectNotFoundError{object: "distribution", id: imageRef} - } - - if err := cli.NewVersionError(ctx, "1.30", "distribution inspect"); err != nil { - return registry.DistributionInspect{}, err - } - - var headers http.Header - if encodedRegistryAuth != "" { - headers = http.Header{ - registry.AuthHeader: {encodedRegistryAuth}, - } - } - - // Contact the registry to retrieve digest and platform information - resp, err := cli.get(ctx, "/distribution/"+imageRef+"/json", url.Values{}, headers) - defer ensureReaderClosed(resp) - if err != nil { - return registry.DistributionInspect{}, err - } - - var distributionInspect registry.DistributionInspect - err = json.NewDecoder(resp.Body).Decode(&distributionInspect) - return distributionInspect, err -} diff --git a/vendor/github.com/docker/docker/client/events.go b/vendor/github.com/docker/docker/client/events.go deleted file mode 100644 index 498fe4631404..000000000000 --- a/vendor/github.com/docker/docker/client/events.go +++ /dev/null @@ -1,100 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - "net/url" - "time" - - "github.com/docker/docker/api/types/events" - "github.com/docker/docker/api/types/filters" - timetypes "github.com/docker/docker/api/types/time" -) - -// Events returns a stream of events in the daemon. It's up to the caller to close the stream -// by cancelling the context. Once the stream has been completely read an io.EOF error will -// be sent over the error channel. If an error is sent all processing will be stopped. It's up -// to the caller to reopen the stream in the event of an error by reinvoking this method. -func (cli *Client) Events(ctx context.Context, options events.ListOptions) (<-chan events.Message, <-chan error) { - messages := make(chan events.Message) - errs := make(chan error, 1) - - started := make(chan struct{}) - go func() { - defer close(errs) - - query, err := buildEventsQueryParams(cli.version, options) - if err != nil { - close(started) - errs <- err - return - } - - resp, err := cli.get(ctx, "/events", query, nil) - if err != nil { - close(started) - errs <- err - return - } - defer resp.Body.Close() - - decoder := json.NewDecoder(resp.Body) - - close(started) - for { - select { - case <-ctx.Done(): - errs <- ctx.Err() - return - default: - var event events.Message - if err := decoder.Decode(&event); err != nil { - errs <- err - return - } - - select { - case messages <- event: - case <-ctx.Done(): - errs <- ctx.Err() - return - } - } - } - }() - <-started - - return messages, errs -} - -func buildEventsQueryParams(cliVersion string, options events.ListOptions) (url.Values, error) { - query := url.Values{} - ref := time.Now() - - if options.Since != "" { - ts, err := timetypes.GetTimestamp(options.Since, ref) - if err != nil { - return nil, err - } - query.Set("since", ts) - } - - if options.Until != "" { - ts, err := timetypes.GetTimestamp(options.Until, ref) - if err != nil { - return nil, err - } - query.Set("until", ts) - } - - if options.Filters.Len() > 0 { - //nolint:staticcheck // ignore SA1019 for old code - filterJSON, err := filters.ToParamWithVersion(cliVersion, options.Filters) - if err != nil { - return nil, err - } - query.Set("filters", filterJSON) - } - - return query, nil -} diff --git a/vendor/github.com/docker/docker/client/image_create.go b/vendor/github.com/docker/docker/client/image_create.go deleted file mode 100644 index 1e044d7779d0..000000000000 --- a/vendor/github.com/docker/docker/client/image_create.go +++ /dev/null @@ -1,40 +0,0 @@ -package client - -import ( - "context" - "io" - "net/http" - "net/url" - "strings" - - "github.com/distribution/reference" - "github.com/docker/docker/api/types/image" - "github.com/docker/docker/api/types/registry" -) - -// ImageCreate creates a new image based on the parent options. -// It returns the JSON content in the response body. -func (cli *Client) ImageCreate(ctx context.Context, parentReference string, options image.CreateOptions) (io.ReadCloser, error) { - ref, err := reference.ParseNormalizedNamed(parentReference) - if err != nil { - return nil, err - } - - query := url.Values{} - query.Set("fromImage", ref.Name()) - query.Set("tag", getAPITagFromNamedRef(ref)) - if options.Platform != "" { - query.Set("platform", strings.ToLower(options.Platform)) - } - resp, err := cli.tryImageCreate(ctx, query, options.RegistryAuth) - if err != nil { - return nil, err - } - return resp.Body, nil -} - -func (cli *Client) tryImageCreate(ctx context.Context, query url.Values, registryAuth string) (*http.Response, error) { - return cli.post(ctx, "/images/create", query, nil, http.Header{ - registry.AuthHeader: {registryAuth}, - }) -} diff --git a/vendor/github.com/docker/docker/client/image_import.go b/vendor/github.com/docker/docker/client/image_import.go deleted file mode 100644 index 5236dbc62a85..000000000000 --- a/vendor/github.com/docker/docker/client/image_import.go +++ /dev/null @@ -1,48 +0,0 @@ -package client - -import ( - "context" - "io" - "net/url" - "strings" - - "github.com/distribution/reference" - "github.com/docker/docker/api/types/image" -) - -// ImageImport creates a new image based on the source options. -// It returns the JSON content in the response body. -func (cli *Client) ImageImport(ctx context.Context, source image.ImportSource, ref string, options image.ImportOptions) (io.ReadCloser, error) { - if ref != "" { - // Check if the given image name can be resolved - if _, err := reference.ParseNormalizedNamed(ref); err != nil { - return nil, err - } - } - - query := url.Values{} - if source.SourceName != "" { - query.Set("fromSrc", source.SourceName) - } - if ref != "" { - query.Set("repo", ref) - } - if options.Tag != "" { - query.Set("tag", options.Tag) - } - if options.Message != "" { - query.Set("message", options.Message) - } - if options.Platform != "" { - query.Set("platform", strings.ToLower(options.Platform)) - } - for _, change := range options.Changes { - query.Add("changes", change) - } - - resp, err := cli.postRaw(ctx, "/images/create", query, source.Source, nil) - if err != nil { - return nil, err - } - return resp.Body, nil -} diff --git a/vendor/github.com/docker/docker/client/image_inspect.go b/vendor/github.com/docker/docker/client/image_inspect.go deleted file mode 100644 index 4c35003129f0..000000000000 --- a/vendor/github.com/docker/docker/client/image_inspect.go +++ /dev/null @@ -1,76 +0,0 @@ -package client - -import ( - "bytes" - "context" - "encoding/json" - "fmt" - "io" - "net/url" - - "github.com/docker/docker/api/types/image" -) - -// ImageInspect returns the image information. -func (cli *Client) ImageInspect(ctx context.Context, imageID string, inspectOpts ...ImageInspectOption) (image.InspectResponse, error) { - if imageID == "" { - return image.InspectResponse{}, objectNotFoundError{object: "image", id: imageID} - } - - var opts imageInspectOpts - for _, opt := range inspectOpts { - if err := opt.Apply(&opts); err != nil { - return image.InspectResponse{}, fmt.Errorf("error applying image inspect option: %w", err) - } - } - - query := url.Values{} - if opts.apiOptions.Manifests { - if err := cli.NewVersionError(ctx, "1.48", "manifests"); err != nil { - return image.InspectResponse{}, err - } - query.Set("manifests", "1") - } - - if opts.apiOptions.Platform != nil { - if err := cli.NewVersionError(ctx, "1.49", "platform"); err != nil { - return image.InspectResponse{}, err - } - platform, err := encodePlatform(opts.apiOptions.Platform) - if err != nil { - return image.InspectResponse{}, err - } - query.Set("platform", platform) - } - - resp, err := cli.get(ctx, "/images/"+imageID+"/json", query, nil) - defer ensureReaderClosed(resp) - if err != nil { - return image.InspectResponse{}, err - } - - buf := opts.raw - if buf == nil { - buf = &bytes.Buffer{} - } - - if _, err := io.Copy(buf, resp.Body); err != nil { - return image.InspectResponse{}, err - } - - var response image.InspectResponse - err = json.Unmarshal(buf.Bytes(), &response) - return response, err -} - -// ImageInspectWithRaw returns the image information and its raw representation. -// -// Deprecated: Use [Client.ImageInspect] instead. Raw response can be obtained using the [ImageInspectWithRawResponse] option. -func (cli *Client) ImageInspectWithRaw(ctx context.Context, imageID string) (image.InspectResponse, []byte, error) { - var buf bytes.Buffer - resp, err := cli.ImageInspect(ctx, imageID, ImageInspectWithRawResponse(&buf)) - if err != nil { - return image.InspectResponse{}, nil, err - } - return resp, buf.Bytes(), err -} diff --git a/vendor/github.com/docker/docker/client/image_list.go b/vendor/github.com/docker/docker/client/image_list.go deleted file mode 100644 index ec0a2ad57060..000000000000 --- a/vendor/github.com/docker/docker/client/image_list.go +++ /dev/null @@ -1,67 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - "net/url" - - "github.com/docker/docker/api/types/filters" - "github.com/docker/docker/api/types/image" - "github.com/docker/docker/api/types/versions" -) - -// ImageList returns a list of images in the docker host. -// -// Experimental: Setting the [options.Manifest] will populate -// [image.Summary.Manifests] with information about image manifests. -// This is experimental and might change in the future without any backward -// compatibility. -func (cli *Client) ImageList(ctx context.Context, options image.ListOptions) ([]image.Summary, error) { - var images []image.Summary - - // Make sure we negotiated (if the client is configured to do so), - // as code below contains API-version specific handling of options. - // - // Normally, version-negotiation (if enabled) would not happen until - // the API request is made. - if err := cli.checkVersion(ctx); err != nil { - return images, err - } - - query := url.Values{} - - optionFilters := options.Filters - referenceFilters := optionFilters.Get("reference") - if versions.LessThan(cli.version, "1.25") && len(referenceFilters) > 0 { - query.Set("filter", referenceFilters[0]) - for _, filterValue := range referenceFilters { - optionFilters.Del("reference", filterValue) - } - } - if optionFilters.Len() > 0 { - //nolint:staticcheck // ignore SA1019 for old code - filterJSON, err := filters.ToParamWithVersion(cli.version, optionFilters) - if err != nil { - return images, err - } - query.Set("filters", filterJSON) - } - if options.All { - query.Set("all", "1") - } - if options.SharedSize && versions.GreaterThanOrEqualTo(cli.version, "1.42") { - query.Set("shared-size", "1") - } - if options.Manifests && versions.GreaterThanOrEqualTo(cli.version, "1.47") { - query.Set("manifests", "1") - } - - resp, err := cli.get(ctx, "/images/json", query, nil) - defer ensureReaderClosed(resp) - if err != nil { - return images, err - } - - err = json.NewDecoder(resp.Body).Decode(&images) - return images, err -} diff --git a/vendor/github.com/docker/docker/client/image_load.go b/vendor/github.com/docker/docker/client/image_load.go deleted file mode 100644 index 079002e943ea..000000000000 --- a/vendor/github.com/docker/docker/client/image_load.go +++ /dev/null @@ -1,54 +0,0 @@ -package client - -import ( - "context" - "io" - "net/http" - "net/url" - - "github.com/docker/docker/api/types/image" -) - -// ImageLoad loads an image in the docker host from the client host. -// It's up to the caller to close the io.ReadCloser in the -// ImageLoadResponse returned by this function. -// -// Platform is an optional parameter that specifies the platform to load from -// the provided multi-platform image. This is only has effect if the input image -// is a multi-platform image. -func (cli *Client) ImageLoad(ctx context.Context, input io.Reader, loadOpts ...ImageLoadOption) (image.LoadResponse, error) { - var opts imageLoadOpts - for _, opt := range loadOpts { - if err := opt.Apply(&opts); err != nil { - return image.LoadResponse{}, err - } - } - - query := url.Values{} - query.Set("quiet", "0") - if opts.apiOptions.Quiet { - query.Set("quiet", "1") - } - if len(opts.apiOptions.Platforms) > 0 { - if err := cli.NewVersionError(ctx, "1.48", "platform"); err != nil { - return image.LoadResponse{}, err - } - - p, err := encodePlatforms(opts.apiOptions.Platforms...) - if err != nil { - return image.LoadResponse{}, err - } - query["platform"] = p - } - - resp, err := cli.postRaw(ctx, "/images/load", query, input, http.Header{ - "Content-Type": {"application/x-tar"}, - }) - if err != nil { - return image.LoadResponse{}, err - } - return image.LoadResponse{ - Body: resp.Body, - JSON: resp.Header.Get("Content-Type") == "application/json", - }, nil -} diff --git a/vendor/github.com/docker/docker/client/image_prune.go b/vendor/github.com/docker/docker/client/image_prune.go deleted file mode 100644 index 52e8bcf5512a..000000000000 --- a/vendor/github.com/docker/docker/client/image_prune.go +++ /dev/null @@ -1,35 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - "fmt" - - "github.com/docker/docker/api/types/filters" - "github.com/docker/docker/api/types/image" -) - -// ImagesPrune requests the daemon to delete unused data -func (cli *Client) ImagesPrune(ctx context.Context, pruneFilters filters.Args) (image.PruneReport, error) { - if err := cli.NewVersionError(ctx, "1.25", "image prune"); err != nil { - return image.PruneReport{}, err - } - - query, err := getFiltersQuery(pruneFilters) - if err != nil { - return image.PruneReport{}, err - } - - resp, err := cli.post(ctx, "/images/prune", query, nil, nil) - defer ensureReaderClosed(resp) - if err != nil { - return image.PruneReport{}, err - } - - var report image.PruneReport - if err := json.NewDecoder(resp.Body).Decode(&report); err != nil { - return image.PruneReport{}, fmt.Errorf("Error retrieving disk usage: %v", err) - } - - return report, nil -} diff --git a/vendor/github.com/docker/docker/client/image_pull.go b/vendor/github.com/docker/docker/client/image_pull.go deleted file mode 100644 index ab7606b4563c..000000000000 --- a/vendor/github.com/docker/docker/client/image_pull.go +++ /dev/null @@ -1,64 +0,0 @@ -package client - -import ( - "context" - "io" - "net/url" - "strings" - - cerrdefs "github.com/containerd/errdefs" - "github.com/distribution/reference" - "github.com/docker/docker/api/types/image" -) - -// ImagePull requests the docker host to pull an image from a remote registry. -// It executes the privileged function if the operation is unauthorized -// and it tries one more time. -// It's up to the caller to handle the io.ReadCloser and close it properly. -// -// FIXME(vdemeester): there is currently used in a few way in docker/docker -// - if not in trusted content, ref is used to pass the whole reference, and tag is empty -// - if in trusted content, ref is used to pass the reference name, and tag for the digest -func (cli *Client) ImagePull(ctx context.Context, refStr string, options image.PullOptions) (io.ReadCloser, error) { - ref, err := reference.ParseNormalizedNamed(refStr) - if err != nil { - return nil, err - } - - query := url.Values{} - query.Set("fromImage", ref.Name()) - if !options.All { - query.Set("tag", getAPITagFromNamedRef(ref)) - } - if options.Platform != "" { - query.Set("platform", strings.ToLower(options.Platform)) - } - - resp, err := cli.tryImageCreate(ctx, query, options.RegistryAuth) - if cerrdefs.IsUnauthorized(err) && options.PrivilegeFunc != nil { - newAuthHeader, privilegeErr := options.PrivilegeFunc(ctx) - if privilegeErr != nil { - return nil, privilegeErr - } - resp, err = cli.tryImageCreate(ctx, query, newAuthHeader) - } - if err != nil { - return nil, err - } - return resp.Body, nil -} - -// getAPITagFromNamedRef returns a tag from the specified reference. -// This function is necessary as long as the docker "server" api expects -// digests to be sent as tags and makes a distinction between the name -// and tag/digest part of a reference. -func getAPITagFromNamedRef(ref reference.Named) string { - if digested, ok := ref.(reference.Digested); ok { - return digested.Digest().String() - } - ref = reference.TagNameOnly(ref) - if tagged, ok := ref.(reference.Tagged); ok { - return tagged.Tag() - } - return "" -} diff --git a/vendor/github.com/docker/docker/client/image_tag.go b/vendor/github.com/docker/docker/client/image_tag.go deleted file mode 100644 index 2bfafc51cdd5..000000000000 --- a/vendor/github.com/docker/docker/client/image_tag.go +++ /dev/null @@ -1,37 +0,0 @@ -package client - -import ( - "context" - "net/url" - - "github.com/distribution/reference" - "github.com/pkg/errors" -) - -// ImageTag tags an image in the docker host -func (cli *Client) ImageTag(ctx context.Context, source, target string) error { - if _, err := reference.ParseAnyReference(source); err != nil { - return errors.Wrapf(err, "Error parsing reference: %q is not a valid repository/tag", source) - } - - ref, err := reference.ParseNormalizedNamed(target) - if err != nil { - return errors.Wrapf(err, "Error parsing reference: %q is not a valid repository/tag", target) - } - - if _, isCanonical := ref.(reference.Canonical); isCanonical { - return errors.New("refusing to create a tag with a digest reference") - } - - ref = reference.TagNameOnly(ref) - - query := url.Values{} - query.Set("repo", ref.Name()) - if tagged, ok := ref.(reference.Tagged); ok { - query.Set("tag", tagged.Tag()) - } - - resp, err := cli.post(ctx, "/images/"+source+"/tag", query, nil, nil) - ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/info.go b/vendor/github.com/docker/docker/client/info.go deleted file mode 100644 index ed85d7f8d9cf..000000000000 --- a/vendor/github.com/docker/docker/client/info.go +++ /dev/null @@ -1,26 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - "fmt" - "net/url" - - "github.com/docker/docker/api/types/system" -) - -// Info returns information about the docker server. -func (cli *Client) Info(ctx context.Context) (system.Info, error) { - var info system.Info - resp, err := cli.get(ctx, "/info", url.Values{}, nil) - defer ensureReaderClosed(resp) - if err != nil { - return info, err - } - - if err := json.NewDecoder(resp.Body).Decode(&info); err != nil { - return info, fmt.Errorf("Error reading remote info: %v", err) - } - - return info, nil -} diff --git a/vendor/github.com/docker/docker/client/login.go b/vendor/github.com/docker/docker/client/login.go deleted file mode 100644 index 2d7f179023c3..000000000000 --- a/vendor/github.com/docker/docker/client/login.go +++ /dev/null @@ -1,24 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - "net/url" - - "github.com/docker/docker/api/types/registry" -) - -// RegistryLogin authenticates the docker server with a given docker registry. -// It returns unauthorizedError when the authentication fails. -func (cli *Client) RegistryLogin(ctx context.Context, auth registry.AuthConfig) (registry.AuthenticateOKBody, error) { - resp, err := cli.post(ctx, "/auth", url.Values{}, auth, nil) - defer ensureReaderClosed(resp) - - if err != nil { - return registry.AuthenticateOKBody{}, err - } - - var response registry.AuthenticateOKBody - err = json.NewDecoder(resp.Body).Decode(&response) - return response, err -} diff --git a/vendor/github.com/docker/docker/client/network_connect.go b/vendor/github.com/docker/docker/client/network_connect.go deleted file mode 100644 index f7526c5d8ee3..000000000000 --- a/vendor/github.com/docker/docker/client/network_connect.go +++ /dev/null @@ -1,28 +0,0 @@ -package client - -import ( - "context" - - "github.com/docker/docker/api/types/network" -) - -// NetworkConnect connects a container to an existent network in the docker host. -func (cli *Client) NetworkConnect(ctx context.Context, networkID, containerID string, config *network.EndpointSettings) error { - networkID, err := trimID("network", networkID) - if err != nil { - return err - } - - containerID, err = trimID("container", containerID) - if err != nil { - return err - } - - nc := network.ConnectOptions{ - Container: containerID, - EndpointConfig: config, - } - resp, err := cli.post(ctx, "/networks/"+networkID+"/connect", nil, nc, nil) - ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/network_create.go b/vendor/github.com/docker/docker/client/network_create.go deleted file mode 100644 index 6a7f2ea52e9e..000000000000 --- a/vendor/github.com/docker/docker/client/network_create.go +++ /dev/null @@ -1,40 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - - "github.com/docker/docker/api/types/network" - "github.com/docker/docker/api/types/versions" -) - -// NetworkCreate creates a new network in the docker host. -func (cli *Client) NetworkCreate(ctx context.Context, name string, options network.CreateOptions) (network.CreateResponse, error) { - // Make sure we negotiated (if the client is configured to do so), - // as code below contains API-version specific handling of options. - // - // Normally, version-negotiation (if enabled) would not happen until - // the API request is made. - if err := cli.checkVersion(ctx); err != nil { - return network.CreateResponse{}, err - } - - networkCreateRequest := network.CreateRequest{ - CreateOptions: options, - Name: name, - } - if versions.LessThan(cli.version, "1.44") { - enabled := true - networkCreateRequest.CheckDuplicate = &enabled //nolint:staticcheck // ignore SA1019: CheckDuplicate is deprecated since API v1.44. - } - - resp, err := cli.post(ctx, "/networks/create", nil, networkCreateRequest, nil) - defer ensureReaderClosed(resp) - if err != nil { - return network.CreateResponse{}, err - } - - var response network.CreateResponse - err = json.NewDecoder(resp.Body).Decode(&response) - return response, err -} diff --git a/vendor/github.com/docker/docker/client/network_disconnect.go b/vendor/github.com/docker/docker/client/network_disconnect.go deleted file mode 100644 index 55f9b6a206d6..000000000000 --- a/vendor/github.com/docker/docker/client/network_disconnect.go +++ /dev/null @@ -1,28 +0,0 @@ -package client - -import ( - "context" - - "github.com/docker/docker/api/types/network" -) - -// NetworkDisconnect disconnects a container from an existent network in the docker host. -func (cli *Client) NetworkDisconnect(ctx context.Context, networkID, containerID string, force bool) error { - networkID, err := trimID("network", networkID) - if err != nil { - return err - } - - containerID, err = trimID("container", containerID) - if err != nil { - return err - } - - nd := network.DisconnectOptions{ - Container: containerID, - Force: force, - } - resp, err := cli.post(ctx, "/networks/"+networkID+"/disconnect", nil, nd, nil) - ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/network_inspect.go b/vendor/github.com/docker/docker/client/network_inspect.go deleted file mode 100644 index 734ec1021193..000000000000 --- a/vendor/github.com/docker/docker/client/network_inspect.go +++ /dev/null @@ -1,47 +0,0 @@ -package client - -import ( - "bytes" - "context" - "encoding/json" - "io" - "net/url" - - "github.com/docker/docker/api/types/network" -) - -// NetworkInspect returns the information for a specific network configured in the docker host. -func (cli *Client) NetworkInspect(ctx context.Context, networkID string, options network.InspectOptions) (network.Inspect, error) { - networkResource, _, err := cli.NetworkInspectWithRaw(ctx, networkID, options) - return networkResource, err -} - -// NetworkInspectWithRaw returns the information for a specific network configured in the docker host and its raw representation. -func (cli *Client) NetworkInspectWithRaw(ctx context.Context, networkID string, options network.InspectOptions) (network.Inspect, []byte, error) { - networkID, err := trimID("network", networkID) - if err != nil { - return network.Inspect{}, nil, err - } - query := url.Values{} - if options.Verbose { - query.Set("verbose", "true") - } - if options.Scope != "" { - query.Set("scope", options.Scope) - } - - resp, err := cli.get(ctx, "/networks/"+networkID, query, nil) - defer ensureReaderClosed(resp) - if err != nil { - return network.Inspect{}, nil, err - } - - raw, err := io.ReadAll(resp.Body) - if err != nil { - return network.Inspect{}, nil, err - } - - var nw network.Inspect - err = json.NewDecoder(bytes.NewReader(raw)).Decode(&nw) - return nw, raw, err -} diff --git a/vendor/github.com/docker/docker/client/network_list.go b/vendor/github.com/docker/docker/client/network_list.go deleted file mode 100644 index 8d93361966c2..000000000000 --- a/vendor/github.com/docker/docker/client/network_list.go +++ /dev/null @@ -1,32 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - "net/url" - - "github.com/docker/docker/api/types/filters" - "github.com/docker/docker/api/types/network" -) - -// NetworkList returns the list of networks configured in the docker host. -func (cli *Client) NetworkList(ctx context.Context, options network.ListOptions) ([]network.Summary, error) { - query := url.Values{} - if options.Filters.Len() > 0 { - //nolint:staticcheck // ignore SA1019 for old code - filterJSON, err := filters.ToParamWithVersion(cli.version, options.Filters) - if err != nil { - return nil, err - } - - query.Set("filters", filterJSON) - } - var networkResources []network.Summary - resp, err := cli.get(ctx, "/networks", query, nil) - defer ensureReaderClosed(resp) - if err != nil { - return networkResources, err - } - err = json.NewDecoder(resp.Body).Decode(&networkResources) - return networkResources, err -} diff --git a/vendor/github.com/docker/docker/client/network_prune.go b/vendor/github.com/docker/docker/client/network_prune.go deleted file mode 100644 index 7835fe90693f..000000000000 --- a/vendor/github.com/docker/docker/client/network_prune.go +++ /dev/null @@ -1,35 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - "fmt" - - "github.com/docker/docker/api/types/filters" - "github.com/docker/docker/api/types/network" -) - -// NetworksPrune requests the daemon to delete unused networks -func (cli *Client) NetworksPrune(ctx context.Context, pruneFilters filters.Args) (network.PruneReport, error) { - if err := cli.NewVersionError(ctx, "1.25", "network prune"); err != nil { - return network.PruneReport{}, err - } - - query, err := getFiltersQuery(pruneFilters) - if err != nil { - return network.PruneReport{}, err - } - - resp, err := cli.post(ctx, "/networks/prune", query, nil, nil) - defer ensureReaderClosed(resp) - if err != nil { - return network.PruneReport{}, err - } - - var report network.PruneReport - if err := json.NewDecoder(resp.Body).Decode(&report); err != nil { - return network.PruneReport{}, fmt.Errorf("Error retrieving network prune report: %v", err) - } - - return report, nil -} diff --git a/vendor/github.com/docker/docker/client/network_remove.go b/vendor/github.com/docker/docker/client/network_remove.go deleted file mode 100644 index 9b164d3eae46..000000000000 --- a/vendor/github.com/docker/docker/client/network_remove.go +++ /dev/null @@ -1,14 +0,0 @@ -package client - -import "context" - -// NetworkRemove removes an existent network from the docker host. -func (cli *Client) NetworkRemove(ctx context.Context, networkID string) error { - networkID, err := trimID("network", networkID) - if err != nil { - return err - } - resp, err := cli.delete(ctx, "/networks/"+networkID, nil, nil) - defer ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/node_inspect.go b/vendor/github.com/docker/docker/client/node_inspect.go deleted file mode 100644 index dd1f1f8ab40b..000000000000 --- a/vendor/github.com/docker/docker/client/node_inspect.go +++ /dev/null @@ -1,33 +0,0 @@ -package client - -import ( - "bytes" - "context" - "encoding/json" - "io" - - "github.com/docker/docker/api/types/swarm" -) - -// NodeInspectWithRaw returns the node information. -func (cli *Client) NodeInspectWithRaw(ctx context.Context, nodeID string) (swarm.Node, []byte, error) { - nodeID, err := trimID("node", nodeID) - if err != nil { - return swarm.Node{}, nil, err - } - resp, err := cli.get(ctx, "/nodes/"+nodeID, nil, nil) - defer ensureReaderClosed(resp) - if err != nil { - return swarm.Node{}, nil, err - } - - body, err := io.ReadAll(resp.Body) - if err != nil { - return swarm.Node{}, nil, err - } - - var response swarm.Node - rdr := bytes.NewReader(body) - err = json.NewDecoder(rdr).Decode(&response) - return response, body, err -} diff --git a/vendor/github.com/docker/docker/client/node_list.go b/vendor/github.com/docker/docker/client/node_list.go deleted file mode 100644 index 3b393ffe38e3..000000000000 --- a/vendor/github.com/docker/docker/client/node_list.go +++ /dev/null @@ -1,34 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - "net/url" - - "github.com/docker/docker/api/types/filters" - "github.com/docker/docker/api/types/swarm" -) - -// NodeList returns the list of nodes. -func (cli *Client) NodeList(ctx context.Context, options swarm.NodeListOptions) ([]swarm.Node, error) { - query := url.Values{} - - if options.Filters.Len() > 0 { - filterJSON, err := filters.ToJSON(options.Filters) - if err != nil { - return nil, err - } - - query.Set("filters", filterJSON) - } - - resp, err := cli.get(ctx, "/nodes", query, nil) - defer ensureReaderClosed(resp) - if err != nil { - return nil, err - } - - var nodes []swarm.Node - err = json.NewDecoder(resp.Body).Decode(&nodes) - return nodes, err -} diff --git a/vendor/github.com/docker/docker/client/node_update.go b/vendor/github.com/docker/docker/client/node_update.go deleted file mode 100644 index 62af964cf0dd..000000000000 --- a/vendor/github.com/docker/docker/client/node_update.go +++ /dev/null @@ -1,22 +0,0 @@ -package client - -import ( - "context" - "net/url" - - "github.com/docker/docker/api/types/swarm" -) - -// NodeUpdate updates a Node. -func (cli *Client) NodeUpdate(ctx context.Context, nodeID string, version swarm.Version, node swarm.NodeSpec) error { - nodeID, err := trimID("node", nodeID) - if err != nil { - return err - } - - query := url.Values{} - query.Set("version", version.String()) - resp, err := cli.post(ctx, "/nodes/"+nodeID+"/update", query, node, nil) - ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/ping.go b/vendor/github.com/docker/docker/client/ping.go deleted file mode 100644 index 385fdf0524ea..000000000000 --- a/vendor/github.com/docker/docker/client/ping.go +++ /dev/null @@ -1,81 +0,0 @@ -package client - -import ( - "context" - "net/http" - "path" - "strings" - - "github.com/docker/docker/api/types" - "github.com/docker/docker/api/types/build" - "github.com/docker/docker/api/types/swarm" -) - -// Ping pings the server and returns the value of the "Docker-Experimental", -// "Builder-Version", "OS-Type" & "API-Version" headers. It attempts to use -// a HEAD request on the endpoint, but falls back to GET if HEAD is not supported -// by the daemon. It ignores internal server errors returned by the API, which -// may be returned if the daemon is in an unhealthy state, but returns errors -// for other non-success status codes, failing to connect to the API, or failing -// to parse the API response. -func (cli *Client) Ping(ctx context.Context) (types.Ping, error) { - var ping types.Ping - - // Using cli.buildRequest() + cli.doRequest() instead of cli.sendRequest() - // because ping requests are used during API version negotiation, so we want - // to hit the non-versioned /_ping endpoint, not /v1.xx/_ping - req, err := cli.buildRequest(ctx, http.MethodHead, path.Join(cli.basePath, "/_ping"), nil, nil) - if err != nil { - return ping, err - } - resp, err := cli.doRequest(req) - if err != nil { - if IsErrConnectionFailed(err) { - return ping, err - } - // We managed to connect, but got some error; continue and try GET request. - } else { - defer ensureReaderClosed(resp) - switch resp.StatusCode { - case http.StatusOK, http.StatusInternalServerError: - // Server handled the request, so parse the response - return parsePingResponse(cli, resp) - } - } - - // HEAD failed; fallback to GET. - req.Method = http.MethodGet - resp, err = cli.doRequest(req) - defer ensureReaderClosed(resp) - if err != nil { - return ping, err - } - return parsePingResponse(cli, resp) -} - -func parsePingResponse(cli *Client, resp *http.Response) (types.Ping, error) { - if resp == nil { - return types.Ping{}, nil - } - - var ping types.Ping - if resp.Header == nil { - return ping, cli.checkResponseErr(resp) - } - ping.APIVersion = resp.Header.Get("Api-Version") - ping.OSType = resp.Header.Get("Ostype") - if resp.Header.Get("Docker-Experimental") == "true" { - ping.Experimental = true - } - if bv := resp.Header.Get("Builder-Version"); bv != "" { - ping.BuilderVersion = build.BuilderVersion(bv) - } - if si := resp.Header.Get("Swarm"); si != "" { - state, role, _ := strings.Cut(si, "/") - ping.SwarmStatus = &swarm.Status{ - NodeState: swarm.LocalNodeState(state), - ControlAvailable: role == "manager", - } - } - return ping, cli.checkResponseErr(resp) -} diff --git a/vendor/github.com/docker/docker/client/plugin_create.go b/vendor/github.com/docker/docker/client/plugin_create.go deleted file mode 100644 index eaba7ee6539a..000000000000 --- a/vendor/github.com/docker/docker/client/plugin_create.go +++ /dev/null @@ -1,23 +0,0 @@ -package client - -import ( - "context" - "io" - "net/http" - "net/url" - - "github.com/docker/docker/api/types" -) - -// PluginCreate creates a plugin -func (cli *Client) PluginCreate(ctx context.Context, createContext io.Reader, createOptions types.PluginCreateOptions) error { - headers := http.Header(make(map[string][]string)) - headers.Set("Content-Type", "application/x-tar") - - query := url.Values{} - query.Set("name", createOptions.RepoName) - - resp, err := cli.postRaw(ctx, "/plugins/create", query, createContext, headers) - ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/plugin_disable.go b/vendor/github.com/docker/docker/client/plugin_disable.go deleted file mode 100644 index 4049b1b6ace0..000000000000 --- a/vendor/github.com/docker/docker/client/plugin_disable.go +++ /dev/null @@ -1,23 +0,0 @@ -package client - -import ( - "context" - "net/url" - - "github.com/docker/docker/api/types" -) - -// PluginDisable disables a plugin -func (cli *Client) PluginDisable(ctx context.Context, name string, options types.PluginDisableOptions) error { - name, err := trimID("plugin", name) - if err != nil { - return err - } - query := url.Values{} - if options.Force { - query.Set("force", "1") - } - resp, err := cli.post(ctx, "/plugins/"+name+"/disable", query, nil, nil) - ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/plugin_enable.go b/vendor/github.com/docker/docker/client/plugin_enable.go deleted file mode 100644 index 611856935dba..000000000000 --- a/vendor/github.com/docker/docker/client/plugin_enable.go +++ /dev/null @@ -1,23 +0,0 @@ -package client - -import ( - "context" - "net/url" - "strconv" - - "github.com/docker/docker/api/types" -) - -// PluginEnable enables a plugin -func (cli *Client) PluginEnable(ctx context.Context, name string, options types.PluginEnableOptions) error { - name, err := trimID("plugin", name) - if err != nil { - return err - } - query := url.Values{} - query.Set("timeout", strconv.Itoa(options.Timeout)) - - resp, err := cli.post(ctx, "/plugins/"+name+"/enable", query, nil, nil) - ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/plugin_inspect.go b/vendor/github.com/docker/docker/client/plugin_inspect.go deleted file mode 100644 index eaedeb8a6740..000000000000 --- a/vendor/github.com/docker/docker/client/plugin_inspect.go +++ /dev/null @@ -1,32 +0,0 @@ -package client - -import ( - "bytes" - "context" - "encoding/json" - "io" - - "github.com/docker/docker/api/types" -) - -// PluginInspectWithRaw inspects an existing plugin -func (cli *Client) PluginInspectWithRaw(ctx context.Context, name string) (*types.Plugin, []byte, error) { - name, err := trimID("plugin", name) - if err != nil { - return nil, nil, err - } - resp, err := cli.get(ctx, "/plugins/"+name+"/json", nil, nil) - defer ensureReaderClosed(resp) - if err != nil { - return nil, nil, err - } - - body, err := io.ReadAll(resp.Body) - if err != nil { - return nil, nil, err - } - var p types.Plugin - rdr := bytes.NewReader(body) - err = json.NewDecoder(rdr).Decode(&p) - return &p, body, err -} diff --git a/vendor/github.com/docker/docker/client/plugin_install.go b/vendor/github.com/docker/docker/client/plugin_install.go deleted file mode 100644 index 5fd2ff2182ba..000000000000 --- a/vendor/github.com/docker/docker/client/plugin_install.go +++ /dev/null @@ -1,117 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - "io" - "net/http" - "net/url" - - cerrdefs "github.com/containerd/errdefs" - "github.com/distribution/reference" - "github.com/docker/docker/api/types" - "github.com/docker/docker/api/types/registry" - "github.com/pkg/errors" -) - -// PluginInstall installs a plugin -func (cli *Client) PluginInstall(ctx context.Context, name string, options types.PluginInstallOptions) (_ io.ReadCloser, retErr error) { - query := url.Values{} - if _, err := reference.ParseNormalizedNamed(options.RemoteRef); err != nil { - return nil, errors.Wrap(err, "invalid remote reference") - } - query.Set("remote", options.RemoteRef) - - privileges, err := cli.checkPluginPermissions(ctx, query, options) - if err != nil { - return nil, err - } - - // set name for plugin pull, if empty should default to remote reference - query.Set("name", name) - - resp, err := cli.tryPluginPull(ctx, query, privileges, options.RegistryAuth) - if err != nil { - return nil, err - } - - name = resp.Header.Get("Docker-Plugin-Name") - - pr, pw := io.Pipe() - go func() { // todo: the client should probably be designed more around the actual api - _, err := io.Copy(pw, resp.Body) - if err != nil { - _ = pw.CloseWithError(err) - return - } - defer func() { - if retErr != nil { - delResp, _ := cli.delete(ctx, "/plugins/"+name, nil, nil) - ensureReaderClosed(delResp) - } - }() - if len(options.Args) > 0 { - if err := cli.PluginSet(ctx, name, options.Args); err != nil { - _ = pw.CloseWithError(err) - return - } - } - - if options.Disabled { - _ = pw.Close() - return - } - - enableErr := cli.PluginEnable(ctx, name, types.PluginEnableOptions{Timeout: 0}) - _ = pw.CloseWithError(enableErr) - }() - return pr, nil -} - -func (cli *Client) tryPluginPrivileges(ctx context.Context, query url.Values, registryAuth string) (*http.Response, error) { - return cli.get(ctx, "/plugins/privileges", query, http.Header{ - registry.AuthHeader: {registryAuth}, - }) -} - -func (cli *Client) tryPluginPull(ctx context.Context, query url.Values, privileges types.PluginPrivileges, registryAuth string) (*http.Response, error) { - return cli.post(ctx, "/plugins/pull", query, privileges, http.Header{ - registry.AuthHeader: {registryAuth}, - }) -} - -func (cli *Client) checkPluginPermissions(ctx context.Context, query url.Values, options types.PluginInstallOptions) (types.PluginPrivileges, error) { - resp, err := cli.tryPluginPrivileges(ctx, query, options.RegistryAuth) - if cerrdefs.IsUnauthorized(err) && options.PrivilegeFunc != nil { - // todo: do inspect before to check existing name before checking privileges - newAuthHeader, privilegeErr := options.PrivilegeFunc(ctx) - if privilegeErr != nil { - ensureReaderClosed(resp) - return nil, privilegeErr - } - options.RegistryAuth = newAuthHeader - resp, err = cli.tryPluginPrivileges(ctx, query, options.RegistryAuth) - } - if err != nil { - ensureReaderClosed(resp) - return nil, err - } - - var privileges types.PluginPrivileges - if err := json.NewDecoder(resp.Body).Decode(&privileges); err != nil { - ensureReaderClosed(resp) - return nil, err - } - ensureReaderClosed(resp) - - if !options.AcceptAllPermissions && options.AcceptPermissionsFunc != nil && len(privileges) > 0 { - accept, err := options.AcceptPermissionsFunc(ctx, privileges) - if err != nil { - return nil, err - } - if !accept { - return nil, errors.Errorf("permission denied while installing plugin %s", options.RemoteRef) - } - } - return privileges, nil -} diff --git a/vendor/github.com/docker/docker/client/plugin_list.go b/vendor/github.com/docker/docker/client/plugin_list.go deleted file mode 100644 index f314e17f1e1c..000000000000 --- a/vendor/github.com/docker/docker/client/plugin_list.go +++ /dev/null @@ -1,33 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - "net/url" - - "github.com/docker/docker/api/types" - "github.com/docker/docker/api/types/filters" -) - -// PluginList returns the installed plugins -func (cli *Client) PluginList(ctx context.Context, filter filters.Args) (types.PluginsListResponse, error) { - var plugins types.PluginsListResponse - query := url.Values{} - - if filter.Len() > 0 { - //nolint:staticcheck // ignore SA1019 for old code - filterJSON, err := filters.ToParamWithVersion(cli.version, filter) - if err != nil { - return plugins, err - } - query.Set("filters", filterJSON) - } - resp, err := cli.get(ctx, "/plugins", query, nil) - defer ensureReaderClosed(resp) - if err != nil { - return plugins, err - } - - err = json.NewDecoder(resp.Body).Decode(&plugins) - return plugins, err -} diff --git a/vendor/github.com/docker/docker/client/plugin_push.go b/vendor/github.com/docker/docker/client/plugin_push.go deleted file mode 100644 index 4574dcddbfd9..000000000000 --- a/vendor/github.com/docker/docker/client/plugin_push.go +++ /dev/null @@ -1,24 +0,0 @@ -package client - -import ( - "context" - "io" - "net/http" - - "github.com/docker/docker/api/types/registry" -) - -// PluginPush pushes a plugin to a registry -func (cli *Client) PluginPush(ctx context.Context, name string, registryAuth string) (io.ReadCloser, error) { - name, err := trimID("plugin", name) - if err != nil { - return nil, err - } - resp, err := cli.post(ctx, "/plugins/"+name+"/push", nil, nil, http.Header{ - registry.AuthHeader: {registryAuth}, - }) - if err != nil { - return nil, err - } - return resp.Body, nil -} diff --git a/vendor/github.com/docker/docker/client/plugin_remove.go b/vendor/github.com/docker/docker/client/plugin_remove.go deleted file mode 100644 index 2ba0a8ccc402..000000000000 --- a/vendor/github.com/docker/docker/client/plugin_remove.go +++ /dev/null @@ -1,25 +0,0 @@ -package client - -import ( - "context" - "net/url" - - "github.com/docker/docker/api/types" -) - -// PluginRemove removes a plugin -func (cli *Client) PluginRemove(ctx context.Context, name string, options types.PluginRemoveOptions) error { - name, err := trimID("plugin", name) - if err != nil { - return err - } - - query := url.Values{} - if options.Force { - query.Set("force", "1") - } - - resp, err := cli.delete(ctx, "/plugins/"+name, query, nil) - defer ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/plugin_set.go b/vendor/github.com/docker/docker/client/plugin_set.go deleted file mode 100644 index f0e4a0c30522..000000000000 --- a/vendor/github.com/docker/docker/client/plugin_set.go +++ /dev/null @@ -1,17 +0,0 @@ -package client - -import ( - "context" -) - -// PluginSet modifies settings for an existing plugin -func (cli *Client) PluginSet(ctx context.Context, name string, args []string) error { - name, err := trimID("plugin", name) - if err != nil { - return err - } - - resp, err := cli.post(ctx, "/plugins/"+name+"/set", nil, args, nil) - ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/plugin_upgrade.go b/vendor/github.com/docker/docker/client/plugin_upgrade.go deleted file mode 100644 index cd0cf4d22225..000000000000 --- a/vendor/github.com/docker/docker/client/plugin_upgrade.go +++ /dev/null @@ -1,47 +0,0 @@ -package client - -import ( - "context" - "io" - "net/http" - "net/url" - - "github.com/distribution/reference" - "github.com/docker/docker/api/types" - "github.com/docker/docker/api/types/registry" - "github.com/pkg/errors" -) - -// PluginUpgrade upgrades a plugin -func (cli *Client) PluginUpgrade(ctx context.Context, name string, options types.PluginInstallOptions) (io.ReadCloser, error) { - name, err := trimID("plugin", name) - if err != nil { - return nil, err - } - - if err := cli.NewVersionError(ctx, "1.26", "plugin upgrade"); err != nil { - return nil, err - } - query := url.Values{} - if _, err := reference.ParseNormalizedNamed(options.RemoteRef); err != nil { - return nil, errors.Wrap(err, "invalid remote reference") - } - query.Set("remote", options.RemoteRef) - - privileges, err := cli.checkPluginPermissions(ctx, query, options) - if err != nil { - return nil, err - } - - resp, err := cli.tryPluginUpgrade(ctx, query, privileges, name, options.RegistryAuth) - if err != nil { - return nil, err - } - return resp.Body, nil -} - -func (cli *Client) tryPluginUpgrade(ctx context.Context, query url.Values, privileges types.PluginPrivileges, name, registryAuth string) (*http.Response, error) { - return cli.post(ctx, "/plugins/"+name+"/upgrade", query, privileges, http.Header{ - registry.AuthHeader: {registryAuth}, - }) -} diff --git a/vendor/github.com/docker/docker/client/secret_create.go b/vendor/github.com/docker/docker/client/secret_create.go deleted file mode 100644 index be4a1da45640..000000000000 --- a/vendor/github.com/docker/docker/client/secret_create.go +++ /dev/null @@ -1,24 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - - "github.com/docker/docker/api/types/swarm" -) - -// SecretCreate creates a new secret. -func (cli *Client) SecretCreate(ctx context.Context, secret swarm.SecretSpec) (swarm.SecretCreateResponse, error) { - if err := cli.NewVersionError(ctx, "1.25", "secret create"); err != nil { - return swarm.SecretCreateResponse{}, err - } - resp, err := cli.post(ctx, "/secrets/create", nil, secret, nil) - defer ensureReaderClosed(resp) - if err != nil { - return swarm.SecretCreateResponse{}, err - } - - var response swarm.SecretCreateResponse - err = json.NewDecoder(resp.Body).Decode(&response) - return response, err -} diff --git a/vendor/github.com/docker/docker/client/secret_inspect.go b/vendor/github.com/docker/docker/client/secret_inspect.go deleted file mode 100644 index f44c00e75504..000000000000 --- a/vendor/github.com/docker/docker/client/secret_inspect.go +++ /dev/null @@ -1,37 +0,0 @@ -package client - -import ( - "bytes" - "context" - "encoding/json" - "io" - - "github.com/docker/docker/api/types/swarm" -) - -// SecretInspectWithRaw returns the secret information with raw data -func (cli *Client) SecretInspectWithRaw(ctx context.Context, id string) (swarm.Secret, []byte, error) { - id, err := trimID("secret", id) - if err != nil { - return swarm.Secret{}, nil, err - } - if err := cli.NewVersionError(ctx, "1.25", "secret inspect"); err != nil { - return swarm.Secret{}, nil, err - } - resp, err := cli.get(ctx, "/secrets/"+id, nil, nil) - defer ensureReaderClosed(resp) - if err != nil { - return swarm.Secret{}, nil, err - } - - body, err := io.ReadAll(resp.Body) - if err != nil { - return swarm.Secret{}, nil, err - } - - var secret swarm.Secret - rdr := bytes.NewReader(body) - err = json.NewDecoder(rdr).Decode(&secret) - - return secret, body, err -} diff --git a/vendor/github.com/docker/docker/client/secret_list.go b/vendor/github.com/docker/docker/client/secret_list.go deleted file mode 100644 index 2e37bda273c0..000000000000 --- a/vendor/github.com/docker/docker/client/secret_list.go +++ /dev/null @@ -1,37 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - "net/url" - - "github.com/docker/docker/api/types/filters" - "github.com/docker/docker/api/types/swarm" -) - -// SecretList returns the list of secrets. -func (cli *Client) SecretList(ctx context.Context, options swarm.SecretListOptions) ([]swarm.Secret, error) { - if err := cli.NewVersionError(ctx, "1.25", "secret list"); err != nil { - return nil, err - } - query := url.Values{} - - if options.Filters.Len() > 0 { - filterJSON, err := filters.ToJSON(options.Filters) - if err != nil { - return nil, err - } - - query.Set("filters", filterJSON) - } - - resp, err := cli.get(ctx, "/secrets", query, nil) - defer ensureReaderClosed(resp) - if err != nil { - return nil, err - } - - var secrets []swarm.Secret - err = json.NewDecoder(resp.Body).Decode(&secrets) - return secrets, err -} diff --git a/vendor/github.com/docker/docker/client/secret_remove.go b/vendor/github.com/docker/docker/client/secret_remove.go deleted file mode 100644 index d1044aaf857b..000000000000 --- a/vendor/github.com/docker/docker/client/secret_remove.go +++ /dev/null @@ -1,17 +0,0 @@ -package client - -import "context" - -// SecretRemove removes a secret. -func (cli *Client) SecretRemove(ctx context.Context, id string) error { - id, err := trimID("secret", id) - if err != nil { - return err - } - if err := cli.NewVersionError(ctx, "1.25", "secret remove"); err != nil { - return err - } - resp, err := cli.delete(ctx, "/secrets/"+id, nil, nil) - defer ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/secret_update.go b/vendor/github.com/docker/docker/client/secret_update.go deleted file mode 100644 index a0aff7cb696d..000000000000 --- a/vendor/github.com/docker/docker/client/secret_update.go +++ /dev/null @@ -1,24 +0,0 @@ -package client - -import ( - "context" - "net/url" - - "github.com/docker/docker/api/types/swarm" -) - -// SecretUpdate attempts to update a secret. -func (cli *Client) SecretUpdate(ctx context.Context, id string, version swarm.Version, secret swarm.SecretSpec) error { - id, err := trimID("secret", id) - if err != nil { - return err - } - if err := cli.NewVersionError(ctx, "1.25", "secret update"); err != nil { - return err - } - query := url.Values{} - query.Set("version", version.String()) - resp, err := cli.post(ctx, "/secrets/"+id+"/update", query, secret, nil) - ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/service_inspect.go b/vendor/github.com/docker/docker/client/service_inspect.go deleted file mode 100644 index cb25ade174ad..000000000000 --- a/vendor/github.com/docker/docker/client/service_inspect.go +++ /dev/null @@ -1,38 +0,0 @@ -package client - -import ( - "bytes" - "context" - "encoding/json" - "fmt" - "io" - "net/url" - - "github.com/docker/docker/api/types/swarm" -) - -// ServiceInspectWithRaw returns the service information and the raw data. -func (cli *Client) ServiceInspectWithRaw(ctx context.Context, serviceID string, opts swarm.ServiceInspectOptions) (swarm.Service, []byte, error) { - serviceID, err := trimID("service", serviceID) - if err != nil { - return swarm.Service{}, nil, err - } - - query := url.Values{} - query.Set("insertDefaults", fmt.Sprintf("%v", opts.InsertDefaults)) - resp, err := cli.get(ctx, "/services/"+serviceID, query, nil) - defer ensureReaderClosed(resp) - if err != nil { - return swarm.Service{}, nil, err - } - - body, err := io.ReadAll(resp.Body) - if err != nil { - return swarm.Service{}, nil, err - } - - var response swarm.Service - rdr := bytes.NewReader(body) - err = json.NewDecoder(rdr).Decode(&response) - return response, body, err -} diff --git a/vendor/github.com/docker/docker/client/service_list.go b/vendor/github.com/docker/docker/client/service_list.go deleted file mode 100644 index 26b25ff0be07..000000000000 --- a/vendor/github.com/docker/docker/client/service_list.go +++ /dev/null @@ -1,38 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - "net/url" - - "github.com/docker/docker/api/types/filters" - "github.com/docker/docker/api/types/swarm" -) - -// ServiceList returns the list of services. -func (cli *Client) ServiceList(ctx context.Context, options swarm.ServiceListOptions) ([]swarm.Service, error) { - query := url.Values{} - - if options.Filters.Len() > 0 { - filterJSON, err := filters.ToJSON(options.Filters) - if err != nil { - return nil, err - } - - query.Set("filters", filterJSON) - } - - if options.Status { - query.Set("status", "true") - } - - resp, err := cli.get(ctx, "/services", query, nil) - defer ensureReaderClosed(resp) - if err != nil { - return nil, err - } - - var services []swarm.Service - err = json.NewDecoder(resp.Body).Decode(&services) - return services, err -} diff --git a/vendor/github.com/docker/docker/client/service_logs.go b/vendor/github.com/docker/docker/client/service_logs.go deleted file mode 100644 index 8bf04082615d..000000000000 --- a/vendor/github.com/docker/docker/client/service_logs.go +++ /dev/null @@ -1,57 +0,0 @@ -package client - -import ( - "context" - "io" - "net/url" - "time" - - "github.com/docker/docker/api/types/container" - timetypes "github.com/docker/docker/api/types/time" - "github.com/pkg/errors" -) - -// ServiceLogs returns the logs generated by a service in an io.ReadCloser. -// It's up to the caller to close the stream. -func (cli *Client) ServiceLogs(ctx context.Context, serviceID string, options container.LogsOptions) (io.ReadCloser, error) { - serviceID, err := trimID("service", serviceID) - if err != nil { - return nil, err - } - - query := url.Values{} - if options.ShowStdout { - query.Set("stdout", "1") - } - - if options.ShowStderr { - query.Set("stderr", "1") - } - - if options.Since != "" { - ts, err := timetypes.GetTimestamp(options.Since, time.Now()) - if err != nil { - return nil, errors.Wrap(err, `invalid value for "since"`) - } - query.Set("since", ts) - } - - if options.Timestamps { - query.Set("timestamps", "1") - } - - if options.Details { - query.Set("details", "1") - } - - if options.Follow { - query.Set("follow", "1") - } - query.Set("tail", options.Tail) - - resp, err := cli.get(ctx, "/services/"+serviceID+"/logs", query, nil) - if err != nil { - return nil, err - } - return resp.Body, nil -} diff --git a/vendor/github.com/docker/docker/client/service_remove.go b/vendor/github.com/docker/docker/client/service_remove.go deleted file mode 100644 index 0c7cc571e0c4..000000000000 --- a/vendor/github.com/docker/docker/client/service_remove.go +++ /dev/null @@ -1,15 +0,0 @@ -package client - -import "context" - -// ServiceRemove kills and removes a service. -func (cli *Client) ServiceRemove(ctx context.Context, serviceID string) error { - serviceID, err := trimID("service", serviceID) - if err != nil { - return err - } - - resp, err := cli.delete(ctx, "/services/"+serviceID, nil, nil) - defer ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/service_update.go b/vendor/github.com/docker/docker/client/service_update.go deleted file mode 100644 index 278e305d0273..000000000000 --- a/vendor/github.com/docker/docker/client/service_update.go +++ /dev/null @@ -1,89 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - "net/http" - "net/url" - - "github.com/docker/docker/api/types/registry" - "github.com/docker/docker/api/types/swarm" - "github.com/docker/docker/api/types/versions" -) - -// ServiceUpdate updates a Service. The version number is required to avoid conflicting writes. -// It should be the value as set *before* the update. You can find this value in the Meta field -// of swarm.Service, which can be found using ServiceInspectWithRaw. -func (cli *Client) ServiceUpdate(ctx context.Context, serviceID string, version swarm.Version, service swarm.ServiceSpec, options swarm.ServiceUpdateOptions) (swarm.ServiceUpdateResponse, error) { - serviceID, err := trimID("service", serviceID) - if err != nil { - return swarm.ServiceUpdateResponse{}, err - } - - // Make sure we negotiated (if the client is configured to do so), - // as code below contains API-version specific handling of options. - // - // Normally, version-negotiation (if enabled) would not happen until - // the API request is made. - if err := cli.checkVersion(ctx); err != nil { - return swarm.ServiceUpdateResponse{}, err - } - - query := url.Values{} - if options.RegistryAuthFrom != "" { - query.Set("registryAuthFrom", options.RegistryAuthFrom) - } - - if options.Rollback != "" { - query.Set("rollback", options.Rollback) - } - - query.Set("version", version.String()) - - if err := validateServiceSpec(service); err != nil { - return swarm.ServiceUpdateResponse{}, err - } - - // ensure that the image is tagged - var resolveWarning string - switch { - case service.TaskTemplate.ContainerSpec != nil: - if taggedImg := imageWithTagString(service.TaskTemplate.ContainerSpec.Image); taggedImg != "" { - service.TaskTemplate.ContainerSpec.Image = taggedImg - } - if options.QueryRegistry { - resolveWarning = resolveContainerSpecImage(ctx, cli, &service.TaskTemplate, options.EncodedRegistryAuth) - } - case service.TaskTemplate.PluginSpec != nil: - if taggedImg := imageWithTagString(service.TaskTemplate.PluginSpec.Remote); taggedImg != "" { - service.TaskTemplate.PluginSpec.Remote = taggedImg - } - if options.QueryRegistry { - resolveWarning = resolvePluginSpecRemote(ctx, cli, &service.TaskTemplate, options.EncodedRegistryAuth) - } - } - - headers := http.Header{} - if versions.LessThan(cli.version, "1.30") { - // the custom "version" header was used by engine API before 20.10 - // (API 1.30) to switch between client- and server-side lookup of - // image digests. - headers["version"] = []string{cli.version} - } - if options.EncodedRegistryAuth != "" { - headers[registry.AuthHeader] = []string{options.EncodedRegistryAuth} - } - resp, err := cli.post(ctx, "/services/"+serviceID+"/update", query, service, headers) - defer ensureReaderClosed(resp) - if err != nil { - return swarm.ServiceUpdateResponse{}, err - } - - var response swarm.ServiceUpdateResponse - err = json.NewDecoder(resp.Body).Decode(&response) - if resolveWarning != "" { - response.Warnings = append(response.Warnings, resolveWarning) - } - - return response, err -} diff --git a/vendor/github.com/docker/docker/client/swarm_get_unlock_key.go b/vendor/github.com/docker/docker/client/swarm_get_unlock_key.go deleted file mode 100644 index 41151f6cd287..000000000000 --- a/vendor/github.com/docker/docker/client/swarm_get_unlock_key.go +++ /dev/null @@ -1,21 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - - "github.com/docker/docker/api/types/swarm" -) - -// SwarmGetUnlockKey retrieves the swarm's unlock key. -func (cli *Client) SwarmGetUnlockKey(ctx context.Context) (swarm.UnlockKeyResponse, error) { - resp, err := cli.get(ctx, "/swarm/unlockkey", nil, nil) - defer ensureReaderClosed(resp) - if err != nil { - return swarm.UnlockKeyResponse{}, err - } - - var response swarm.UnlockKeyResponse - err = json.NewDecoder(resp.Body).Decode(&response) - return response, err -} diff --git a/vendor/github.com/docker/docker/client/swarm_init.go b/vendor/github.com/docker/docker/client/swarm_init.go deleted file mode 100644 index 7f29165493c9..000000000000 --- a/vendor/github.com/docker/docker/client/swarm_init.go +++ /dev/null @@ -1,21 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - - "github.com/docker/docker/api/types/swarm" -) - -// SwarmInit initializes the swarm. -func (cli *Client) SwarmInit(ctx context.Context, req swarm.InitRequest) (string, error) { - resp, err := cli.post(ctx, "/swarm/init", nil, req, nil) - defer ensureReaderClosed(resp) - if err != nil { - return "", err - } - - var response string - err = json.NewDecoder(resp.Body).Decode(&response) - return response, err -} diff --git a/vendor/github.com/docker/docker/client/swarm_inspect.go b/vendor/github.com/docker/docker/client/swarm_inspect.go deleted file mode 100644 index 597693bd33b6..000000000000 --- a/vendor/github.com/docker/docker/client/swarm_inspect.go +++ /dev/null @@ -1,21 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - - "github.com/docker/docker/api/types/swarm" -) - -// SwarmInspect inspects the swarm. -func (cli *Client) SwarmInspect(ctx context.Context) (swarm.Swarm, error) { - resp, err := cli.get(ctx, "/swarm", nil, nil) - defer ensureReaderClosed(resp) - if err != nil { - return swarm.Swarm{}, err - } - - var response swarm.Swarm - err = json.NewDecoder(resp.Body).Decode(&response) - return response, err -} diff --git a/vendor/github.com/docker/docker/client/swarm_join.go b/vendor/github.com/docker/docker/client/swarm_join.go deleted file mode 100644 index 446d4d0482d2..000000000000 --- a/vendor/github.com/docker/docker/client/swarm_join.go +++ /dev/null @@ -1,14 +0,0 @@ -package client - -import ( - "context" - - "github.com/docker/docker/api/types/swarm" -) - -// SwarmJoin joins the swarm. -func (cli *Client) SwarmJoin(ctx context.Context, req swarm.JoinRequest) error { - resp, err := cli.post(ctx, "/swarm/join", nil, req, nil) - ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/swarm_leave.go b/vendor/github.com/docker/docker/client/swarm_leave.go deleted file mode 100644 index 709e5adb3536..000000000000 --- a/vendor/github.com/docker/docker/client/swarm_leave.go +++ /dev/null @@ -1,17 +0,0 @@ -package client - -import ( - "context" - "net/url" -) - -// SwarmLeave leaves the swarm. -func (cli *Client) SwarmLeave(ctx context.Context, force bool) error { - query := url.Values{} - if force { - query.Set("force", "1") - } - resp, err := cli.post(ctx, "/swarm/leave", query, nil, nil) - ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/swarm_unlock.go b/vendor/github.com/docker/docker/client/swarm_unlock.go deleted file mode 100644 index e3c756b661fa..000000000000 --- a/vendor/github.com/docker/docker/client/swarm_unlock.go +++ /dev/null @@ -1,14 +0,0 @@ -package client - -import ( - "context" - - "github.com/docker/docker/api/types/swarm" -) - -// SwarmUnlock unlocks locked swarm. -func (cli *Client) SwarmUnlock(ctx context.Context, req swarm.UnlockRequest) error { - resp, err := cli.post(ctx, "/swarm/unlock", nil, req, nil) - ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/swarm_update.go b/vendor/github.com/docker/docker/client/swarm_update.go deleted file mode 100644 index 309ab194a46a..000000000000 --- a/vendor/github.com/docker/docker/client/swarm_update.go +++ /dev/null @@ -1,21 +0,0 @@ -package client - -import ( - "context" - "net/url" - "strconv" - - "github.com/docker/docker/api/types/swarm" -) - -// SwarmUpdate updates the swarm. -func (cli *Client) SwarmUpdate(ctx context.Context, version swarm.Version, swarm swarm.Spec, flags swarm.UpdateFlags) error { - query := url.Values{} - query.Set("version", version.String()) - query.Set("rotateWorkerToken", strconv.FormatBool(flags.RotateWorkerToken)) - query.Set("rotateManagerToken", strconv.FormatBool(flags.RotateManagerToken)) - query.Set("rotateManagerUnlockKey", strconv.FormatBool(flags.RotateManagerUnlockKey)) - resp, err := cli.post(ctx, "/swarm/update", query, swarm, nil) - ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/task_inspect.go b/vendor/github.com/docker/docker/client/task_inspect.go deleted file mode 100644 index ca3924fc4805..000000000000 --- a/vendor/github.com/docker/docker/client/task_inspect.go +++ /dev/null @@ -1,34 +0,0 @@ -package client - -import ( - "bytes" - "context" - "encoding/json" - "io" - - "github.com/docker/docker/api/types/swarm" -) - -// TaskInspectWithRaw returns the task information and its raw representation. -func (cli *Client) TaskInspectWithRaw(ctx context.Context, taskID string) (swarm.Task, []byte, error) { - taskID, err := trimID("task", taskID) - if err != nil { - return swarm.Task{}, nil, err - } - - resp, err := cli.get(ctx, "/tasks/"+taskID, nil, nil) - defer ensureReaderClosed(resp) - if err != nil { - return swarm.Task{}, nil, err - } - - body, err := io.ReadAll(resp.Body) - if err != nil { - return swarm.Task{}, nil, err - } - - var response swarm.Task - rdr := bytes.NewReader(body) - err = json.NewDecoder(rdr).Decode(&response) - return response, body, err -} diff --git a/vendor/github.com/docker/docker/client/task_list.go b/vendor/github.com/docker/docker/client/task_list.go deleted file mode 100644 index de743e99c503..000000000000 --- a/vendor/github.com/docker/docker/client/task_list.go +++ /dev/null @@ -1,34 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - "net/url" - - "github.com/docker/docker/api/types/filters" - "github.com/docker/docker/api/types/swarm" -) - -// TaskList returns the list of tasks. -func (cli *Client) TaskList(ctx context.Context, options swarm.TaskListOptions) ([]swarm.Task, error) { - query := url.Values{} - - if options.Filters.Len() > 0 { - filterJSON, err := filters.ToJSON(options.Filters) - if err != nil { - return nil, err - } - - query.Set("filters", filterJSON) - } - - resp, err := cli.get(ctx, "/tasks", query, nil) - defer ensureReaderClosed(resp) - if err != nil { - return nil, err - } - - var tasks []swarm.Task - err = json.NewDecoder(resp.Body).Decode(&tasks) - return tasks, err -} diff --git a/vendor/github.com/docker/docker/client/task_logs.go b/vendor/github.com/docker/docker/client/task_logs.go deleted file mode 100644 index baa55528a788..000000000000 --- a/vendor/github.com/docker/docker/client/task_logs.go +++ /dev/null @@ -1,51 +0,0 @@ -package client - -import ( - "context" - "io" - "net/url" - "time" - - "github.com/docker/docker/api/types/container" - timetypes "github.com/docker/docker/api/types/time" -) - -// TaskLogs returns the logs generated by a task in an io.ReadCloser. -// It's up to the caller to close the stream. -func (cli *Client) TaskLogs(ctx context.Context, taskID string, options container.LogsOptions) (io.ReadCloser, error) { - query := url.Values{} - if options.ShowStdout { - query.Set("stdout", "1") - } - - if options.ShowStderr { - query.Set("stderr", "1") - } - - if options.Since != "" { - ts, err := timetypes.GetTimestamp(options.Since, time.Now()) - if err != nil { - return nil, err - } - query.Set("since", ts) - } - - if options.Timestamps { - query.Set("timestamps", "1") - } - - if options.Details { - query.Set("details", "1") - } - - if options.Follow { - query.Set("follow", "1") - } - query.Set("tail", options.Tail) - - resp, err := cli.get(ctx, "/tasks/"+taskID+"/logs", query, nil) - if err != nil { - return nil, err - } - return resp.Body, nil -} diff --git a/vendor/github.com/docker/docker/client/version.go b/vendor/github.com/docker/docker/client/version.go deleted file mode 100644 index 046af16cc5ca..000000000000 --- a/vendor/github.com/docker/docker/client/version.go +++ /dev/null @@ -1,21 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - - "github.com/docker/docker/api/types" -) - -// ServerVersion returns information of the docker client and server host. -func (cli *Client) ServerVersion(ctx context.Context) (types.Version, error) { - resp, err := cli.get(ctx, "/version", nil, nil) - defer ensureReaderClosed(resp) - if err != nil { - return types.Version{}, err - } - - var server types.Version - err = json.NewDecoder(resp.Body).Decode(&server) - return server, err -} diff --git a/vendor/github.com/docker/docker/client/volume_create.go b/vendor/github.com/docker/docker/client/volume_create.go deleted file mode 100644 index 1aad3f479c4c..000000000000 --- a/vendor/github.com/docker/docker/client/volume_create.go +++ /dev/null @@ -1,21 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - - "github.com/docker/docker/api/types/volume" -) - -// VolumeCreate creates a volume in the docker host. -func (cli *Client) VolumeCreate(ctx context.Context, options volume.CreateOptions) (volume.Volume, error) { - resp, err := cli.post(ctx, "/volumes/create", nil, options, nil) - defer ensureReaderClosed(resp) - if err != nil { - return volume.Volume{}, err - } - - var vol volume.Volume - err = json.NewDecoder(resp.Body).Decode(&vol) - return vol, err -} diff --git a/vendor/github.com/docker/docker/client/volume_inspect.go b/vendor/github.com/docker/docker/client/volume_inspect.go deleted file mode 100644 index 389a4a71aab6..000000000000 --- a/vendor/github.com/docker/docker/client/volume_inspect.go +++ /dev/null @@ -1,40 +0,0 @@ -package client - -import ( - "bytes" - "context" - "encoding/json" - "io" - - "github.com/docker/docker/api/types/volume" -) - -// VolumeInspect returns the information about a specific volume in the docker host. -func (cli *Client) VolumeInspect(ctx context.Context, volumeID string) (volume.Volume, error) { - vol, _, err := cli.VolumeInspectWithRaw(ctx, volumeID) - return vol, err -} - -// VolumeInspectWithRaw returns the information about a specific volume in the docker host and its raw representation -func (cli *Client) VolumeInspectWithRaw(ctx context.Context, volumeID string) (volume.Volume, []byte, error) { - volumeID, err := trimID("volume", volumeID) - if err != nil { - return volume.Volume{}, nil, err - } - - resp, err := cli.get(ctx, "/volumes/"+volumeID, nil, nil) - defer ensureReaderClosed(resp) - if err != nil { - return volume.Volume{}, nil, err - } - - body, err := io.ReadAll(resp.Body) - if err != nil { - return volume.Volume{}, nil, err - } - - var vol volume.Volume - rdr := bytes.NewReader(body) - err = json.NewDecoder(rdr).Decode(&vol) - return vol, body, err -} diff --git a/vendor/github.com/docker/docker/client/volume_list.go b/vendor/github.com/docker/docker/client/volume_list.go deleted file mode 100644 index 61ed518cd6cc..000000000000 --- a/vendor/github.com/docker/docker/client/volume_list.go +++ /dev/null @@ -1,33 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - "net/url" - - "github.com/docker/docker/api/types/filters" - "github.com/docker/docker/api/types/volume" -) - -// VolumeList returns the volumes configured in the docker host. -func (cli *Client) VolumeList(ctx context.Context, options volume.ListOptions) (volume.ListResponse, error) { - query := url.Values{} - - if options.Filters.Len() > 0 { - //nolint:staticcheck // ignore SA1019 for old code - filterJSON, err := filters.ToParamWithVersion(cli.version, options.Filters) - if err != nil { - return volume.ListResponse{}, err - } - query.Set("filters", filterJSON) - } - resp, err := cli.get(ctx, "/volumes", query, nil) - defer ensureReaderClosed(resp) - if err != nil { - return volume.ListResponse{}, err - } - - var volumes volume.ListResponse - err = json.NewDecoder(resp.Body).Decode(&volumes) - return volumes, err -} diff --git a/vendor/github.com/docker/docker/client/volume_prune.go b/vendor/github.com/docker/docker/client/volume_prune.go deleted file mode 100644 index e22f0072f9ec..000000000000 --- a/vendor/github.com/docker/docker/client/volume_prune.go +++ /dev/null @@ -1,35 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - "fmt" - - "github.com/docker/docker/api/types/filters" - "github.com/docker/docker/api/types/volume" -) - -// VolumesPrune requests the daemon to delete unused data -func (cli *Client) VolumesPrune(ctx context.Context, pruneFilters filters.Args) (volume.PruneReport, error) { - if err := cli.NewVersionError(ctx, "1.25", "volume prune"); err != nil { - return volume.PruneReport{}, err - } - - query, err := getFiltersQuery(pruneFilters) - if err != nil { - return volume.PruneReport{}, err - } - - resp, err := cli.post(ctx, "/volumes/prune", query, nil, nil) - defer ensureReaderClosed(resp) - if err != nil { - return volume.PruneReport{}, err - } - - var report volume.PruneReport - if err := json.NewDecoder(resp.Body).Decode(&report); err != nil { - return volume.PruneReport{}, fmt.Errorf("Error retrieving volume prune report: %v", err) - } - - return report, nil -} diff --git a/vendor/github.com/docker/docker/client/volume_remove.go b/vendor/github.com/docker/docker/client/volume_remove.go deleted file mode 100644 index e2a53fa9b89c..000000000000 --- a/vendor/github.com/docker/docker/client/volume_remove.go +++ /dev/null @@ -1,34 +0,0 @@ -package client - -import ( - "context" - "net/url" - - "github.com/docker/docker/api/types/versions" -) - -// VolumeRemove removes a volume from the docker host. -func (cli *Client) VolumeRemove(ctx context.Context, volumeID string, force bool) error { - volumeID, err := trimID("volume", volumeID) - if err != nil { - return err - } - - query := url.Values{} - if force { - // Make sure we negotiated (if the client is configured to do so), - // as code below contains API-version specific handling of options. - // - // Normally, version-negotiation (if enabled) would not happen until - // the API request is made. - if err := cli.checkVersion(ctx); err != nil { - return err - } - if versions.GreaterThanOrEqualTo(cli.version, "1.25") { - query.Set("force", "1") - } - } - resp, err := cli.delete(ctx, "/volumes/"+volumeID, query, nil) - defer ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/client/volume_update.go b/vendor/github.com/docker/docker/client/volume_update.go deleted file mode 100644 index 879932f008e7..000000000000 --- a/vendor/github.com/docker/docker/client/volume_update.go +++ /dev/null @@ -1,28 +0,0 @@ -package client - -import ( - "context" - "net/url" - - "github.com/docker/docker/api/types/swarm" - "github.com/docker/docker/api/types/volume" -) - -// VolumeUpdate updates a volume. This only works for Cluster Volumes, and -// only some fields can be updated. -func (cli *Client) VolumeUpdate(ctx context.Context, volumeID string, version swarm.Version, options volume.UpdateOptions) error { - volumeID, err := trimID("volume", volumeID) - if err != nil { - return err - } - if err := cli.NewVersionError(ctx, "1.42", "volume update"); err != nil { - return err - } - - query := url.Values{} - query.Set("version", version.String()) - - resp, err := cli.put(ctx, "/volumes/"+volumeID, query, options, nil) - ensureReaderClosed(resp) - return err -} diff --git a/vendor/github.com/docker/docker/pkg/jsonmessage/jsonmessage.go b/vendor/github.com/docker/docker/pkg/jsonmessage/jsonmessage.go deleted file mode 100644 index 13df228c622c..000000000000 --- a/vendor/github.com/docker/docker/pkg/jsonmessage/jsonmessage.go +++ /dev/null @@ -1,314 +0,0 @@ -package jsonmessage - -import ( - "encoding/json" - "fmt" - "io" - "strings" - "time" - - "github.com/docker/go-units" - "github.com/moby/term" - "github.com/morikuni/aec" -) - -// RFC3339NanoFixed is time.RFC3339Nano with nanoseconds padded using zeros to -// ensure the formatted time isalways the same number of characters. -const RFC3339NanoFixed = "2006-01-02T15:04:05.000000000Z07:00" - -// JSONError wraps a concrete Code and Message, Code is -// an integer error code, Message is the error message. -type JSONError struct { - Code int `json:"code,omitempty"` - Message string `json:"message,omitempty"` -} - -func (e *JSONError) Error() string { - return e.Message -} - -// JSONProgress describes a progress message in a JSON stream. -type JSONProgress struct { - // Current is the current status and value of the progress made towards Total. - Current int64 `json:"current,omitempty"` - // Total is the end value describing when we made 100% progress for an operation. - Total int64 `json:"total,omitempty"` - // Start is the initial value for the operation. - Start int64 `json:"start,omitempty"` - // HideCounts. if true, hides the progress count indicator (xB/yB). - HideCounts bool `json:"hidecounts,omitempty"` - // Units is the unit to print for progress. It defaults to "bytes" if empty. - Units string `json:"units,omitempty"` - - // terminalFd is the fd of the current terminal, if any. It is used - // to get the terminal width. - terminalFd uintptr - - // nowFunc is used to override the current time in tests. - nowFunc func() time.Time - - // winSize is used to override the terminal width in tests. - winSize int -} - -func (p *JSONProgress) String() string { - var ( - width = p.width() - pbBox string - numbersBox string - ) - if p.Current <= 0 && p.Total <= 0 { - return "" - } - if p.Total <= 0 { - switch p.Units { - case "": - return fmt.Sprintf("%8v", units.HumanSize(float64(p.Current))) - default: - return fmt.Sprintf("%d %s", p.Current, p.Units) - } - } - - percentage := int(float64(p.Current)/float64(p.Total)*100) / 2 - if percentage > 50 { - percentage = 50 - } - if width > 110 { - // this number can't be negative gh#7136 - numSpaces := 0 - if 50-percentage > 0 { - numSpaces = 50 - percentage - } - pbBox = fmt.Sprintf("[%s>%s] ", strings.Repeat("=", percentage), strings.Repeat(" ", numSpaces)) - } - - switch { - case p.HideCounts: - case p.Units == "": // no units, use bytes - current := units.HumanSize(float64(p.Current)) - total := units.HumanSize(float64(p.Total)) - - numbersBox = fmt.Sprintf("%8v/%v", current, total) - - if p.Current > p.Total { - // remove total display if the reported current is wonky. - numbersBox = fmt.Sprintf("%8v", current) - } - default: - numbersBox = fmt.Sprintf("%d/%d %s", p.Current, p.Total, p.Units) - - if p.Current > p.Total { - // remove total display if the reported current is wonky. - numbersBox = fmt.Sprintf("%d %s", p.Current, p.Units) - } - } - - // Show approximation of remaining time if there's enough width. - var timeLeftBox string - if width > 50 { - if p.Current > 0 && p.Start > 0 && percentage < 50 { - fromStart := p.now().Sub(time.Unix(p.Start, 0)) - perEntry := fromStart / time.Duration(p.Current) - left := time.Duration(p.Total-p.Current) * perEntry - timeLeftBox = " " + left.Round(time.Second).String() - } - } - return pbBox + numbersBox + timeLeftBox -} - -// now returns the current time in UTC, but can be overridden in tests -// by setting JSONProgress.nowFunc to a custom function. -func (p *JSONProgress) now() time.Time { - if p.nowFunc != nil { - return p.nowFunc() - } - return time.Now().UTC() -} - -// width returns the current terminal's width, but can be overridden -// in tests by setting JSONProgress.winSize to a non-zero value. -func (p *JSONProgress) width() int { - if p.winSize != 0 { - return p.winSize - } - ws, err := term.GetWinsize(p.terminalFd) - if err == nil { - return int(ws.Width) - } - return 200 -} - -// JSONMessage defines a message struct. It describes -// the created time, where it from, status, ID of the -// message. It's used for docker events. -type JSONMessage struct { - Stream string `json:"stream,omitempty"` - Status string `json:"status,omitempty"` - Progress *JSONProgress `json:"progressDetail,omitempty"` - - // ProgressMessage is a pre-formatted presentation of [Progress]. - // - // Deprecated: this field is deprecated since docker v0.7.1 / API v1.8. Use the information in [Progress] instead. This field will be omitted in a future release. - ProgressMessage string `json:"progress,omitempty"` - ID string `json:"id,omitempty"` - From string `json:"from,omitempty"` // Deprecated: this field is no longer set in stream responses and should not be used. - Time int64 `json:"time,omitempty"` // Deprecated: this field is no longer set in stream responses and should not be used. - TimeNano int64 `json:"timeNano,omitempty"` // Deprecated: this field is no longer set in stream responses and should not be used. - Error *JSONError `json:"errorDetail,omitempty"` - - // ErrorMessage contains errors encountered during the operation. - // - // Deprecated: this field is deprecated since docker v0.6.0 / API v1.4. Use [Error.Message] instead. This field will be omitted in a future release. - ErrorMessage string `json:"error,omitempty"` // deprecated - // Aux contains out-of-band data, such as digests for push signing and image id after building. - Aux *json.RawMessage `json:"aux,omitempty"` -} - -func clearLine(out io.Writer) { - eraseMode := aec.EraseModes.All - cl := aec.EraseLine(eraseMode) - fmt.Fprint(out, cl) -} - -func cursorUp(out io.Writer, l uint) { - fmt.Fprint(out, aec.Up(l)) -} - -func cursorDown(out io.Writer, l uint) { - fmt.Fprint(out, aec.Down(l)) -} - -// Display prints the JSONMessage to out. If isTerminal is true, it erases -// the entire current line when displaying the progressbar. It returns an -// error if the [JSONMessage.Error] field is non-nil. -func (jm *JSONMessage) Display(out io.Writer, isTerminal bool) error { - if jm.Error != nil { - return jm.Error - } - var endl string - if isTerminal && jm.Stream == "" && jm.Progress != nil { - clearLine(out) - endl = "\r" - fmt.Fprint(out, endl) - } else if jm.Progress != nil && jm.Progress.String() != "" { // disable progressbar in non-terminal - return nil - } - if jm.TimeNano != 0 { - fmt.Fprintf(out, "%s ", time.Unix(0, jm.TimeNano).Format(RFC3339NanoFixed)) - } else if jm.Time != 0 { - fmt.Fprintf(out, "%s ", time.Unix(jm.Time, 0).Format(RFC3339NanoFixed)) - } - if jm.ID != "" { - fmt.Fprintf(out, "%s: ", jm.ID) - } - if jm.From != "" { - fmt.Fprintf(out, "(from %s) ", jm.From) - } - if jm.Progress != nil && isTerminal { - fmt.Fprintf(out, "%s %s%s", jm.Status, jm.Progress.String(), endl) - } else if jm.ProgressMessage != "" { // deprecated - fmt.Fprintf(out, "%s %s%s", jm.Status, jm.ProgressMessage, endl) - } else if jm.Stream != "" { - fmt.Fprintf(out, "%s%s", jm.Stream, endl) - } else { - fmt.Fprintf(out, "%s%s\n", jm.Status, endl) - } - return nil -} - -// DisplayJSONMessagesStream reads a JSON message stream from in, and writes -// each [JSONMessage] to out. It returns an error if an invalid JSONMessage -// is received, or if a JSONMessage containers a non-zero [JSONMessage.Error]. -// -// Presentation of the JSONMessage depends on whether a terminal is attached, -// and on the terminal width. Progress bars ([JSONProgress]) are suppressed -// on narrower terminals (< 110 characters). -// -// - isTerminal describes if out is a terminal, in which case it prints -// a newline ("\n") at the end of each line and moves the cursor while -// displaying. -// - terminalFd is the fd of the current terminal (if any), and used -// to get the terminal width. -// - auxCallback allows handling the [JSONMessage.Aux] field. It is -// called if a JSONMessage contains an Aux field, in which case -// DisplayJSONMessagesStream does not present the JSONMessage. -func DisplayJSONMessagesStream(in io.Reader, out io.Writer, terminalFd uintptr, isTerminal bool, auxCallback func(JSONMessage)) error { - var ( - dec = json.NewDecoder(in) - ids = make(map[string]uint) - ) - - for { - var diff uint - var jm JSONMessage - if err := dec.Decode(&jm); err != nil { - if err == io.EOF { - break - } - return err - } - - if jm.Aux != nil { - if auxCallback != nil { - auxCallback(jm) - } - continue - } - - if jm.Progress != nil { - jm.Progress.terminalFd = terminalFd - } - if jm.ID != "" && (jm.Progress != nil || jm.ProgressMessage != "") { - line, ok := ids[jm.ID] - if !ok { - // NOTE: This approach of using len(id) to - // figure out the number of lines of history - // only works as long as we clear the history - // when we output something that's not - // accounted for in the map, such as a line - // with no ID. - line = uint(len(ids)) - ids[jm.ID] = line - if isTerminal { - fmt.Fprintf(out, "\n") - } - } - diff = uint(len(ids)) - line - if isTerminal { - cursorUp(out, diff) - } - } else { - // When outputting something that isn't progress - // output, clear the history of previous lines. We - // don't want progress entries from some previous - // operation to be updated (for example, pull -a - // with multiple tags). - ids = make(map[string]uint) - } - err := jm.Display(out, isTerminal) - if jm.ID != "" && isTerminal { - cursorDown(out, diff) - } - if err != nil { - return err - } - } - return nil -} - -// Stream is an io.Writer for output with utilities to get the output's file -// descriptor and to detect whether it's a terminal. -// -// it is subset of the streams.Out type in -// https://pkg.go.dev/github.com/docker/cli@v20.10.17+incompatible/cli/streams#Out -type Stream interface { - io.Writer - FD() uintptr - IsTerminal() bool -} - -// DisplayJSONMessagesToStream prints json messages to the output Stream. It is -// used by the Docker CLI to print JSONMessage streams. -func DisplayJSONMessagesToStream(in io.Reader, stream Stream, auxCallback func(JSONMessage)) error { - return DisplayJSONMessagesStream(in, stream, stream.FD(), stream.IsTerminal(), auxCallback) -} diff --git a/vendor/github.com/docker/go-connections/nat/nat.go b/vendor/github.com/docker/go-connections/nat/nat.go index 4049d780c54a..1ffe0355dc15 100644 --- a/vendor/github.com/docker/go-connections/nat/nat.go +++ b/vendor/github.com/docker/go-connections/nat/nat.go @@ -2,6 +2,7 @@ package nat import ( + "errors" "fmt" "net" "strconv" @@ -43,19 +44,19 @@ func NewPort(proto, port string) (Port, error) { // ParsePort parses the port number string and returns an int func ParsePort(rawPort string) (int, error) { - if len(rawPort) == 0 { + if rawPort == "" { return 0, nil } port, err := strconv.ParseUint(rawPort, 10, 16) if err != nil { - return 0, err + return 0, fmt.Errorf("invalid port '%s': %w", rawPort, errors.Unwrap(err)) } return int(port), nil } // ParsePortRangeToInt parses the port range string and returns start/end ints func ParsePortRangeToInt(rawPort string) (int, int, error) { - if len(rawPort) == 0 { + if rawPort == "" { return 0, 0, nil } start, end, err := ParsePortRange(rawPort) @@ -91,29 +92,31 @@ func (p Port) Range() (int, int, error) { return ParsePortRangeToInt(p.Port()) } -// SplitProtoPort splits a port in the format of proto/port -func SplitProtoPort(rawPort string) (string, string) { - parts := strings.Split(rawPort, "/") - l := len(parts) - if len(rawPort) == 0 || l == 0 || len(parts[0]) == 0 { +// SplitProtoPort splits a port(range) and protocol, formatted as "/[]" +// "/[]". It returns an empty string for both if +// no port(range) is provided. If a port(range) is provided, but no protocol, +// the default ("tcp") protocol is returned. +// +// SplitProtoPort does not validate or normalize the returned values. +func SplitProtoPort(rawPort string) (proto string, port string) { + port, proto, _ = strings.Cut(rawPort, "/") + if port == "" { return "", "" } - if l == 1 { - return "tcp", rawPort + if proto == "" { + proto = "tcp" } - if len(parts[1]) == 0 { - return "tcp", parts[0] - } - return parts[1], parts[0] + return proto, port } -func validateProto(proto string) bool { - for _, availableProto := range []string{"tcp", "udp", "sctp"} { - if availableProto == proto { - return true - } +func validateProto(proto string) error { + switch proto { + case "tcp", "udp", "sctp": + // All good + return nil + default: + return errors.New("invalid proto: " + proto) } - return false } // ParsePortSpecs receives port specs in the format of ip:public:private/proto and parses @@ -123,22 +126,18 @@ func ParsePortSpecs(ports []string) (map[Port]struct{}, map[Port][]PortBinding, exposedPorts = make(map[Port]struct{}, len(ports)) bindings = make(map[Port][]PortBinding) ) - for _, rawPort := range ports { - portMappings, err := ParsePortSpec(rawPort) + for _, p := range ports { + portMappings, err := ParsePortSpec(p) if err != nil { return nil, nil, err } - for _, portMapping := range portMappings { - port := portMapping.Port - if _, exists := exposedPorts[port]; !exists { + for _, pm := range portMappings { + port := pm.Port + if _, ok := exposedPorts[port]; !ok { exposedPorts[port] = struct{}{} } - bslice, exists := bindings[port] - if !exists { - bslice = []PortBinding{} - } - bindings[port] = append(bslice, portMapping.Binding) + bindings[port] = append(bindings[port], pm.Binding) } } return exposedPorts, bindings, nil @@ -150,28 +149,34 @@ type PortMapping struct { Binding PortBinding } -func splitParts(rawport string) (string, string, string) { +func (p *PortMapping) String() string { + return net.JoinHostPort(p.Binding.HostIP, p.Binding.HostPort+":"+string(p.Port)) +} + +func splitParts(rawport string) (hostIP, hostPort, containerPort string) { parts := strings.Split(rawport, ":") - n := len(parts) - containerPort := parts[n-1] - switch n { + switch len(parts) { case 1: - return "", "", containerPort + return "", "", parts[0] case 2: - return "", parts[0], containerPort + return "", parts[0], parts[1] case 3: - return parts[0], parts[1], containerPort + return parts[0], parts[1], parts[2] default: - return strings.Join(parts[:n-2], ":"), parts[n-2], containerPort + n := len(parts) + return strings.Join(parts[:n-2], ":"), parts[n-2], parts[n-1] } } // ParsePortSpec parses a port specification string into a slice of PortMappings func ParsePortSpec(rawPort string) ([]PortMapping, error) { - var proto string ip, hostPort, containerPort := splitParts(rawPort) - proto, containerPort = SplitProtoPort(containerPort) + proto, containerPort := SplitProtoPort(containerPort) + proto = strings.ToLower(proto) + if err := validateProto(proto); err != nil { + return nil, err + } if ip != "" && ip[0] == '[' { // Strip [] from IPV6 addresses @@ -182,7 +187,7 @@ func ParsePortSpec(rawPort string) ([]PortMapping, error) { ip = rawIP } if ip != "" && net.ParseIP(ip) == nil { - return nil, fmt.Errorf("invalid IP address: %s", ip) + return nil, errors.New("invalid IP address: " + ip) } if containerPort == "" { return nil, fmt.Errorf("no port specified: %s", rawPort) @@ -190,51 +195,43 @@ func ParsePortSpec(rawPort string) ([]PortMapping, error) { startPort, endPort, err := ParsePortRange(containerPort) if err != nil { - return nil, fmt.Errorf("invalid containerPort: %s", containerPort) + return nil, errors.New("invalid containerPort: " + containerPort) } - var startHostPort, endHostPort uint64 = 0, 0 - if len(hostPort) > 0 { + var startHostPort, endHostPort uint64 + if hostPort != "" { startHostPort, endHostPort, err = ParsePortRange(hostPort) if err != nil { - return nil, fmt.Errorf("invalid hostPort: %s", hostPort) + return nil, errors.New("invalid hostPort: " + hostPort) } - } - - if hostPort != "" && (endPort-startPort) != (endHostPort-startHostPort) { - // Allow host port range iff containerPort is not a range. - // In this case, use the host port range as the dynamic - // host port range to allocate into. - if endPort != startPort { - return nil, fmt.Errorf("invalid ranges specified for container and host Ports: %s and %s", containerPort, hostPort) + if (endPort - startPort) != (endHostPort - startHostPort) { + // Allow host port range iff containerPort is not a range. + // In this case, use the host port range as the dynamic + // host port range to allocate into. + if endPort != startPort { + return nil, fmt.Errorf("invalid ranges specified for container and host Ports: %s and %s", containerPort, hostPort) + } } } - if !validateProto(strings.ToLower(proto)) { - return nil, fmt.Errorf("invalid proto: %s", proto) - } - - ports := []PortMapping{} - for i := uint64(0); i <= (endPort - startPort); i++ { - containerPort = strconv.FormatUint(startPort+i, 10) - if len(hostPort) > 0 { - hostPort = strconv.FormatUint(startHostPort+i, 10) - } - // Set hostPort to a range only if there is a single container port - // and a dynamic host port. - if startPort == endPort && startHostPort != endHostPort { - hostPort = fmt.Sprintf("%s-%s", hostPort, strconv.FormatUint(endHostPort, 10)) - } - port, err := NewPort(strings.ToLower(proto), containerPort) - if err != nil { - return nil, err - } + count := endPort - startPort + 1 + ports := make([]PortMapping, 0, count) - binding := PortBinding{ - HostIP: ip, - HostPort: hostPort, + for i := uint64(0); i < count; i++ { + cPort := Port(strconv.FormatUint(startPort+i, 10) + "/" + proto) + hPort := "" + if hostPort != "" { + hPort = strconv.FormatUint(startHostPort+i, 10) + // Set hostPort to a range only if there is a single container port + // and a dynamic host port. + if count == 1 && startHostPort != endHostPort { + hPort += "-" + strconv.FormatUint(endHostPort, 10) + } } - ports = append(ports, PortMapping{Port: port, Binding: binding}) + ports = append(ports, PortMapping{ + Port: cPort, + Binding: PortBinding{HostIP: ip, HostPort: hPort}, + }) } return ports, nil } diff --git a/vendor/github.com/docker/go-connections/nat/parse.go b/vendor/github.com/docker/go-connections/nat/parse.go index e4b53e8a3242..64affa2a904c 100644 --- a/vendor/github.com/docker/go-connections/nat/parse.go +++ b/vendor/github.com/docker/go-connections/nat/parse.go @@ -1,7 +1,7 @@ package nat import ( - "fmt" + "errors" "strconv" "strings" ) @@ -9,7 +9,7 @@ import ( // ParsePortRange parses and validates the specified string as a port-range (8000-9000) func ParsePortRange(ports string) (uint64, uint64, error) { if ports == "" { - return 0, 0, fmt.Errorf("empty string specified for ports") + return 0, 0, errors.New("empty string specified for ports") } if !strings.Contains(ports, "-") { start, err := strconv.ParseUint(ports, 10, 16) @@ -27,7 +27,7 @@ func ParsePortRange(ports string) (uint64, uint64, error) { return 0, 0, err } if end < start { - return 0, 0, fmt.Errorf("invalid range specified for port: %s", ports) + return 0, 0, errors.New("invalid range specified for port: " + ports) } return start, end, nil } diff --git a/vendor/github.com/docker/go-connections/sockets/README.md b/vendor/github.com/docker/go-connections/sockets/README.md deleted file mode 100644 index e69de29bb2d1..000000000000 diff --git a/vendor/github.com/docker/go-connections/sockets/proxy.go b/vendor/github.com/docker/go-connections/sockets/proxy.go index c897cb02adea..f04980e40a5a 100644 --- a/vendor/github.com/docker/go-connections/sockets/proxy.go +++ b/vendor/github.com/docker/go-connections/sockets/proxy.go @@ -9,6 +9,8 @@ import ( // GetProxyEnv allows access to the uppercase and the lowercase forms of // proxy-related variables. See the Go specification for details on these // variables. https://golang.org/pkg/net/http/ +// +// Deprecated: this function was used as helper for [DialerFromEnvironment] and is no longer used. It will be removed in the next release. func GetProxyEnv(key string) string { proxyValue := os.Getenv(strings.ToUpper(key)) if proxyValue == "" { @@ -19,10 +21,11 @@ func GetProxyEnv(key string) string { // DialerFromEnvironment was previously used to configure a net.Dialer to route // connections through a SOCKS proxy. -// DEPRECATED: SOCKS proxies are now supported by configuring only +// +// Deprecated: SOCKS proxies are now supported by configuring only // http.Transport.Proxy, and no longer require changing http.Transport.Dial. -// Therefore, only sockets.ConfigureTransport() needs to be called, and any -// sockets.DialerFromEnvironment() calls can be dropped. +// Therefore, only [sockets.ConfigureTransport] needs to be called, and any +// [sockets.DialerFromEnvironment] calls can be dropped. func DialerFromEnvironment(direct *net.Dialer) (*net.Dialer, error) { return direct, nil } diff --git a/vendor/github.com/docker/go-connections/sockets/sockets.go b/vendor/github.com/docker/go-connections/sockets/sockets.go index b0eae239d2c5..6117297860db 100644 --- a/vendor/github.com/docker/go-connections/sockets/sockets.go +++ b/vendor/github.com/docker/go-connections/sockets/sockets.go @@ -2,13 +2,19 @@ package sockets import ( + "context" "errors" + "fmt" "net" "net/http" + "syscall" "time" ) -const defaultTimeout = 10 * time.Second +const ( + defaultTimeout = 10 * time.Second + maxUnixSocketPathSize = len(syscall.RawSockaddrUnix{}.Path) +) // ErrProtocolNotAvailable is returned when a given transport protocol is not provided by the operating system. var ErrProtocolNotAvailable = errors.New("protocol not available") @@ -35,3 +41,26 @@ func ConfigureTransport(tr *http.Transport, proto, addr string) error { } return nil } + +// DialPipe connects to a Windows named pipe. It is not supported on +// non-Windows platforms. +// +// Deprecated: use [github.com/Microsoft/go-winio.DialPipe] or [github.com/Microsoft/go-winio.DialPipeContext]. +func DialPipe(addr string, timeout time.Duration) (net.Conn, error) { + return dialPipe(addr, timeout) +} + +func configureUnixTransport(tr *http.Transport, proto, addr string) error { + if len(addr) > maxUnixSocketPathSize { + return fmt.Errorf("unix socket path %q is too long", addr) + } + // No need for compression in local communications. + tr.DisableCompression = true + dialer := &net.Dialer{ + Timeout: defaultTimeout, + } + tr.DialContext = func(ctx context.Context, _, _ string) (net.Conn, error) { + return dialer.DialContext(ctx, proto, addr) + } + return nil +} diff --git a/vendor/github.com/docker/go-connections/sockets/sockets_unix.go b/vendor/github.com/docker/go-connections/sockets/sockets_unix.go index 78a34a980d28..913d2f00dd2f 100644 --- a/vendor/github.com/docker/go-connections/sockets/sockets_unix.go +++ b/vendor/github.com/docker/go-connections/sockets/sockets_unix.go @@ -3,37 +3,16 @@ package sockets import ( - "context" - "fmt" "net" "net/http" "syscall" "time" ) -const maxUnixSocketPathSize = len(syscall.RawSockaddrUnix{}.Path) - -func configureUnixTransport(tr *http.Transport, proto, addr string) error { - if len(addr) > maxUnixSocketPathSize { - return fmt.Errorf("unix socket path %q is too long", addr) - } - // No need for compression in local communications. - tr.DisableCompression = true - dialer := &net.Dialer{ - Timeout: defaultTimeout, - } - tr.DialContext = func(ctx context.Context, _, _ string) (net.Conn, error) { - return dialer.DialContext(ctx, proto, addr) - } - return nil -} - func configureNpipeTransport(tr *http.Transport, proto, addr string) error { return ErrProtocolNotAvailable } -// DialPipe connects to a Windows named pipe. -// This is not supported on other OSes. -func DialPipe(_ string, _ time.Duration) (net.Conn, error) { +func dialPipe(_ string, _ time.Duration) (net.Conn, error) { return nil, syscall.EAFNOSUPPORT } diff --git a/vendor/github.com/docker/go-connections/sockets/sockets_windows.go b/vendor/github.com/docker/go-connections/sockets/sockets_windows.go index 7acafc5a2ad8..6d6beb3855c0 100644 --- a/vendor/github.com/docker/go-connections/sockets/sockets_windows.go +++ b/vendor/github.com/docker/go-connections/sockets/sockets_windows.go @@ -9,10 +9,6 @@ import ( "github.com/Microsoft/go-winio" ) -func configureUnixTransport(tr *http.Transport, proto, addr string) error { - return ErrProtocolNotAvailable -} - func configureNpipeTransport(tr *http.Transport, proto, addr string) error { // No need for compression in local communications. tr.DisableCompression = true @@ -22,7 +18,6 @@ func configureNpipeTransport(tr *http.Transport, proto, addr string) error { return nil } -// DialPipe connects to a Windows named pipe. -func DialPipe(addr string, timeout time.Duration) (net.Conn, error) { +func dialPipe(addr string, timeout time.Duration) (net.Conn, error) { return winio.DialPipe(addr, &timeout) } diff --git a/vendor/github.com/docker/go-connections/sockets/unix_socket.go b/vendor/github.com/docker/go-connections/sockets/unix_socket.go index b9233521e49a..e736f71d38b1 100644 --- a/vendor/github.com/docker/go-connections/sockets/unix_socket.go +++ b/vendor/github.com/docker/go-connections/sockets/unix_socket.go @@ -1,5 +1,3 @@ -//go:build !windows - /* Package sockets is a simple unix domain socket wrapper. @@ -57,26 +55,6 @@ import ( // SockOption sets up socket file's creating option type SockOption func(string) error -// WithChown modifies the socket file's uid and gid -func WithChown(uid, gid int) SockOption { - return func(path string) error { - if err := os.Chown(path, uid, gid); err != nil { - return err - } - return nil - } -} - -// WithChmod modifies socket file's access mode. -func WithChmod(mask os.FileMode) SockOption { - return func(path string) error { - if err := os.Chmod(path, mask); err != nil { - return err - } - return nil - } -} - // NewUnixSocketWithOpts creates a unix socket with the specified options. // By default, socket permissions are 0000 (i.e.: no access for anyone); pass // WithChmod() and WithChown() to set the desired ownership and permissions. @@ -90,22 +68,7 @@ func NewUnixSocketWithOpts(path string, opts ...SockOption) (net.Listener, error return nil, err } - // net.Listen does not allow for permissions to be set. As a result, when - // specifying custom permissions ("WithChmod()"), there is a short time - // between creating the socket and applying the permissions, during which - // the socket permissions are Less restrictive than desired. - // - // To work around this limitation of net.Listen(), we temporarily set the - // umask to 0777, which forces the socket to be created with 000 permissions - // (i.e.: no access for anyone). After that, WithChmod() must be used to set - // the desired permissions. - // - // We don't use "defer" here, to reset the umask to its original value as soon - // as possible. Ideally we'd be able to detect if WithChmod() was passed as - // an option, and skip changing umask if default permissions are used. - origUmask := syscall.Umask(0o777) - l, err := net.Listen("unix", path) - syscall.Umask(origUmask) + l, err := listenUnix(path) if err != nil { return nil, err } @@ -119,8 +82,3 @@ func NewUnixSocketWithOpts(path string, opts ...SockOption) (net.Listener, error return l, nil } - -// NewUnixSocket creates a unix socket with the specified path and group. -func NewUnixSocket(path string, gid int) (net.Listener, error) { - return NewUnixSocketWithOpts(path, WithChown(0, gid), WithChmod(0o660)) -} diff --git a/vendor/github.com/docker/go-connections/sockets/unix_socket_unix.go b/vendor/github.com/docker/go-connections/sockets/unix_socket_unix.go new file mode 100644 index 000000000000..a41a71654742 --- /dev/null +++ b/vendor/github.com/docker/go-connections/sockets/unix_socket_unix.go @@ -0,0 +1,54 @@ +//go:build !windows + +package sockets + +import ( + "net" + "os" + "syscall" +) + +// WithChown modifies the socket file's uid and gid +func WithChown(uid, gid int) SockOption { + return func(path string) error { + if err := os.Chown(path, uid, gid); err != nil { + return err + } + return nil + } +} + +// WithChmod modifies socket file's access mode. +func WithChmod(mask os.FileMode) SockOption { + return func(path string) error { + if err := os.Chmod(path, mask); err != nil { + return err + } + return nil + } +} + +// NewUnixSocket creates a unix socket with the specified path and group. +func NewUnixSocket(path string, gid int) (net.Listener, error) { + return NewUnixSocketWithOpts(path, WithChown(0, gid), WithChmod(0o660)) +} + +func listenUnix(path string) (net.Listener, error) { + // net.Listen does not allow for permissions to be set. As a result, when + // specifying custom permissions ("WithChmod()"), there is a short time + // between creating the socket and applying the permissions, during which + // the socket permissions are Less restrictive than desired. + // + // To work around this limitation of net.Listen(), we temporarily set the + // umask to 0777, which forces the socket to be created with 000 permissions + // (i.e.: no access for anyone). After that, WithChmod() must be used to set + // the desired permissions. + // + // We don't use "defer" here, to reset the umask to its original value as soon + // as possible. Ideally we'd be able to detect if WithChmod() was passed as + // an option, and skip changing umask if default permissions are used. + origUmask := syscall.Umask(0o777) + l, err := net.Listen("unix", path) + syscall.Umask(origUmask) + return l, err +} diff --git a/vendor/github.com/docker/go-connections/sockets/unix_socket_windows.go b/vendor/github.com/docker/go-connections/sockets/unix_socket_windows.go new file mode 100644 index 000000000000..5ec29e059e78 --- /dev/null +++ b/vendor/github.com/docker/go-connections/sockets/unix_socket_windows.go @@ -0,0 +1,7 @@ +package sockets + +import "net" + +func listenUnix(path string) (net.Listener, error) { + return net.Listen("unix", path) +} diff --git a/vendor/github.com/docker/go-connections/tlsconfig/config.go b/vendor/github.com/docker/go-connections/tlsconfig/config.go index 606c98a38b51..8b0264f68b75 100644 --- a/vendor/github.com/docker/go-connections/tlsconfig/config.go +++ b/vendor/github.com/docker/go-connections/tlsconfig/config.go @@ -34,51 +34,37 @@ type Options struct { // the system pool will be used. ExclusiveRootPools bool MinVersion uint16 - // If Passphrase is set, it will be used to decrypt a TLS private key - // if the key is encrypted. - // - // Deprecated: Use of encrypted TLS private keys has been deprecated, and - // will be removed in a future release. Golang has deprecated support for - // legacy PEM encryption (as specified in RFC 1423), as it is insecure by - // design (see https://go-review.googlesource.com/c/go/+/264159). - Passphrase string -} - -// Extra (server-side) accepted CBC cipher suites - will phase out in the future -var acceptedCBCCiphers = []uint16{ - tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, - tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, - tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, - tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, } // DefaultServerAcceptedCiphers should be uses by code which already has a crypto/tls // options struct but wants to use a commonly accepted set of TLS cipher suites, with // known weak algorithms removed. -var DefaultServerAcceptedCiphers = append(clientCipherSuites, acceptedCBCCiphers...) +var DefaultServerAcceptedCiphers = defaultCipherSuites + +// defaultCipherSuites is shared by both client and server as the default set. +var defaultCipherSuites = []uint16{ + tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, + tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, + tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, + tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, +} // ServerDefault returns a secure-enough TLS configuration for the server TLS configuration. func ServerDefault(ops ...func(*tls.Config)) *tls.Config { - tlsConfig := &tls.Config{ - // Avoid fallback by default to SSL protocols < TLS1.2 - MinVersion: tls.VersionTLS12, - PreferServerCipherSuites: true, - CipherSuites: DefaultServerAcceptedCiphers, - } - - for _, op := range ops { - op(tlsConfig) - } - - return tlsConfig + return defaultConfig(ops...) } // ClientDefault returns a secure-enough TLS configuration for the client TLS configuration. func ClientDefault(ops ...func(*tls.Config)) *tls.Config { + return defaultConfig(ops...) +} + +// defaultConfig is the default config used by both client and server TLS configuration. +func defaultConfig(ops ...func(*tls.Config)) *tls.Config { tlsConfig := &tls.Config{ - // Prefer TLS1.2 as the client minimum + // Avoid fallback by default to SSL protocols < TLS1.2 MinVersion: tls.VersionTLS12, - CipherSuites: clientCipherSuites, + CipherSuites: defaultCipherSuites, } for _, op := range ops { @@ -92,13 +78,13 @@ func ClientDefault(ops ...func(*tls.Config)) *tls.Config { func certPool(caFile string, exclusivePool bool) (*x509.CertPool, error) { // If we should verify the server, we need to load a trusted ca var ( - certPool *x509.CertPool - err error + pool *x509.CertPool + err error ) if exclusivePool { - certPool = x509.NewCertPool() + pool = x509.NewCertPool() } else { - certPool, err = SystemCertPool() + pool, err = SystemCertPool() if err != nil { return nil, fmt.Errorf("failed to read system certificates: %v", err) } @@ -107,10 +93,10 @@ func certPool(caFile string, exclusivePool bool) (*x509.CertPool, error) { if err != nil { return nil, fmt.Errorf("could not read CA certificate %q: %v", caFile, err) } - if !certPool.AppendCertsFromPEM(pemData) { + if !pool.AppendCertsFromPEM(pemData) { return nil, fmt.Errorf("failed to append certificates from PEM file: %q", caFile) } - return certPool, nil + return pool, nil } // allTLSVersions lists all the TLS versions and is used by the code that validates @@ -144,34 +130,32 @@ func adjustMinVersion(options Options, config *tls.Config) error { return nil } -// IsErrEncryptedKey returns true if the 'err' is an error of incorrect -// password when trying to decrypt a TLS private key. +// errEncryptedKeyDeprecated is produced when we encounter an encrypted +// (password-protected) key. From https://go-review.googlesource.com/c/go/+/264159; // -// Deprecated: Use of encrypted TLS private keys has been deprecated, and -// will be removed in a future release. Golang has deprecated support for -// legacy PEM encryption (as specified in RFC 1423), as it is insecure by -// design (see https://go-review.googlesource.com/c/go/+/264159). -func IsErrEncryptedKey(err error) bool { - return errors.Is(err, x509.IncorrectPasswordError) -} +// > Legacy PEM encryption as specified in RFC 1423 is insecure by design. Since +// > it does not authenticate the ciphertext, it is vulnerable to padding oracle +// > attacks that can let an attacker recover the plaintext +// > +// > It's unfortunate that we don't implement PKCS#8 encryption so we can't +// > recommend an alternative but PEM encryption is so broken that it's worth +// > deprecating outright. +// +// Also see https://docs.docker.com/go/deprecated/ +var errEncryptedKeyDeprecated = errors.New("private key is encrypted; encrypted private keys are obsolete, and not supported") // getPrivateKey returns the private key in 'keyBytes', in PEM-encoded format. -// If the private key is encrypted, 'passphrase' is used to decrypted the -// private key. -func getPrivateKey(keyBytes []byte, passphrase string) ([]byte, error) { +// It returns an error if the file could not be decoded or was protected by +// a passphrase. +func getPrivateKey(keyBytes []byte) ([]byte, error) { // this section makes some small changes to code from notary/tuf/utils/x509.go pemBlock, _ := pem.Decode(keyBytes) if pemBlock == nil { return nil, fmt.Errorf("no valid private key found") } - var err error if x509.IsEncryptedPEMBlock(pemBlock) { //nolint:staticcheck // Ignore SA1019 (IsEncryptedPEMBlock is deprecated) - keyBytes, err = x509.DecryptPEMBlock(pemBlock, []byte(passphrase)) //nolint:staticcheck // Ignore SA1019 (DecryptPEMBlock is deprecated) - if err != nil { - return nil, fmt.Errorf("private key is encrypted, but could not decrypt it: %w", err) - } - keyBytes = pem.EncodeToMemory(&pem.Block{Type: pemBlock.Type, Bytes: keyBytes}) + return nil, errEncryptedKeyDeprecated } return keyBytes, nil @@ -195,7 +179,7 @@ func getCert(options Options) ([]tls.Certificate, error) { return nil, err } - prKeyBytes, err = getPrivateKey(prKeyBytes, options.Passphrase) + prKeyBytes, err = getPrivateKey(prKeyBytes) if err != nil { return nil, err } @@ -210,7 +194,7 @@ func getCert(options Options) ([]tls.Certificate, error) { // Client returns a TLS configuration meant to be used by a client. func Client(options Options) (*tls.Config, error) { - tlsConfig := ClientDefault() + tlsConfig := defaultConfig() tlsConfig.InsecureSkipVerify = options.InsecureSkipVerify if !options.InsecureSkipVerify && options.CAFile != "" { CAs, err := certPool(options.CAFile, options.ExclusiveRootPools) @@ -235,7 +219,7 @@ func Client(options Options) (*tls.Config, error) { // Server returns a TLS configuration meant to be used by a server. func Server(options Options) (*tls.Config, error) { - tlsConfig := ServerDefault() + tlsConfig := defaultConfig() tlsConfig.ClientAuth = options.ClientAuth tlsCert, err := tls.LoadX509KeyPair(options.CertFile, options.KeyFile) if err != nil { diff --git a/vendor/github.com/docker/go-connections/tlsconfig/config_client_ciphers.go b/vendor/github.com/docker/go-connections/tlsconfig/config_client_ciphers.go deleted file mode 100644 index a82f9fa52e2e..000000000000 --- a/vendor/github.com/docker/go-connections/tlsconfig/config_client_ciphers.go +++ /dev/null @@ -1,14 +0,0 @@ -// Package tlsconfig provides primitives to retrieve secure-enough TLS configurations for both clients and servers. -package tlsconfig - -import ( - "crypto/tls" -) - -// Client TLS cipher suites (dropping CBC ciphers for client preferred suite set) -var clientCipherSuites = []uint16{ - tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, - tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, - tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, - tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, -} diff --git a/vendor/github.com/fvbommel/sortorder/README.md b/vendor/github.com/fvbommel/sortorder/README.md index 7ebcab1d16e3..06779c88520a 100644 --- a/vendor/github.com/fvbommel/sortorder/README.md +++ b/vendor/github.com/fvbommel/sortorder/README.md @@ -3,3 +3,7 @@ import "github.com/fvbommel/sortorder" Sort orders and comparison functions. + +Case-insensitive sort orders are in the `casefolded` sub-package +because it pulls in the Unicode tables in the standard library, +which can add significantly to the size of binaries. diff --git a/vendor/github.com/fvbommel/sortorder/doc.go b/vendor/github.com/fvbommel/sortorder/doc.go index 75d5a2928f38..a7dd9585d0cb 100644 --- a/vendor/github.com/fvbommel/sortorder/doc.go +++ b/vendor/github.com/fvbommel/sortorder/doc.go @@ -2,4 +2,4 @@ // // Currently, it only implements so-called "natural order", where integers // embedded in strings are compared by value. -package sortorder +package sortorder // import "github.com/fvbommel/sortorder" diff --git a/vendor/github.com/fvbommel/sortorder/natsort.go b/vendor/github.com/fvbommel/sortorder/natsort.go index 66a52c7125d6..e4f15110b8eb 100644 --- a/vendor/github.com/fvbommel/sortorder/natsort.go +++ b/vendor/github.com/fvbommel/sortorder/natsort.go @@ -4,7 +4,7 @@ package sortorder // means that e.g. "abc2" < "abc12". // // Non-digit sequences and numbers are compared separately. The former are -// compared bytewise, while the latter are compared numerically (except that +// compared bytewise, while digits are compared numerically (except that // the number of leading zeros is used as a tie-breaker, so e.g. "2" < "02") // // Limitation: only ASCII digits (0-9) are considered. @@ -14,13 +14,13 @@ func (n Natural) Len() int { return len(n) } func (n Natural) Swap(i, j int) { n[i], n[j] = n[j], n[i] } func (n Natural) Less(i, j int) bool { return NaturalLess(n[i], n[j]) } -func isdigit(b byte) bool { return '0' <= b && b <= '9' } +func isDigit(b byte) bool { return '0' <= b && b <= '9' } // NaturalLess compares two strings using natural ordering. This means that e.g. // "abc2" < "abc12". // // Non-digit sequences and numbers are compared separately. The former are -// compared bytewise, while the latter are compared numerically (except that +// compared bytewise, while digits are compared numerically (except that // the number of leading zeros is used as a tie-breaker, so e.g. "2" < "02") // // Limitation: only ASCII digits (0-9) are considered. @@ -28,7 +28,7 @@ func NaturalLess(str1, str2 string) bool { idx1, idx2 := 0, 0 for idx1 < len(str1) && idx2 < len(str2) { c1, c2 := str1[idx1], str2[idx2] - dig1, dig2 := isdigit(c1), isdigit(c2) + dig1, dig2 := isDigit(c1), isDigit(c2) switch { case dig1 != dig2: // Digits before other characters. return dig1 // True if LHS is a digit, false if the RHS is one. @@ -48,16 +48,16 @@ func NaturalLess(str1, str2 string) bool { } // Eat all digits. nonZero1, nonZero2 := idx1, idx2 - for ; idx1 < len(str1) && isdigit(str1[idx1]); idx1++ { + for ; idx1 < len(str1) && isDigit(str1[idx1]); idx1++ { } - for ; idx2 < len(str2) && isdigit(str2[idx2]); idx2++ { + for ; idx2 < len(str2) && isDigit(str2[idx2]); idx2++ { } // If lengths of numbers with non-zero prefix differ, the shorter // one is less. if len1, len2 := idx1-nonZero1, idx2-nonZero2; len1 != len2 { return len1 < len2 } - // If they're equal, string comparison is correct. + // If they're equally long, string comparison is correct. if nr1, nr2 := str1[nonZero1:idx1], str2[nonZero2:idx2]; nr1 != nr2 { return nr1 < nr2 } diff --git a/vendor/github.com/moby/moby/api/LICENSE b/vendor/github.com/moby/moby/api/LICENSE new file mode 100644 index 000000000000..6d8d58fb676b --- /dev/null +++ b/vendor/github.com/moby/moby/api/LICENSE @@ -0,0 +1,191 @@ + + Apache License + Version 2.0, January 2004 + https://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + Copyright 2013-2018 Docker, Inc. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + https://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/github.com/moby/moby/api/pkg/authconfig/authconfig.go b/vendor/github.com/moby/moby/api/pkg/authconfig/authconfig.go new file mode 100644 index 000000000000..51f883e1c236 --- /dev/null +++ b/vendor/github.com/moby/moby/api/pkg/authconfig/authconfig.go @@ -0,0 +1,92 @@ +package authconfig + +import ( + "bytes" + "encoding/base64" + "encoding/json" + "errors" + "fmt" + "io" + + "github.com/moby/moby/api/types/registry" +) + +// Encode serializes the auth configuration as a base64url encoded +// ([RFC4648, section 5]) JSON string for sending through the X-Registry-Auth header. +// +// [RFC4648, section 5]: https://tools.ietf.org/html/rfc4648#section-5 +func Encode(authConfig registry.AuthConfig) (string, error) { + // Older daemons (or registries) may not handle an empty string, + // which resulted in an "io.EOF" when unmarshaling or decoding. + // + // FIXME(thaJeztah): find exactly what code-paths are impacted by this. + // if authConfig == (AuthConfig{}) { return "", nil } + buf, err := json.Marshal(authConfig) + if err != nil { + return "", errInvalidParameter{err} + } + return base64.URLEncoding.EncodeToString(buf), nil +} + +// Decode decodes base64url encoded ([RFC4648, section 5]) JSON +// authentication information as sent through the X-Registry-Auth header. +// +// This function always returns an [AuthConfig], even if an error occurs. It is up +// to the caller to decide if authentication is required, and if the error can +// be ignored. +// +// [RFC4648, section 5]: https://tools.ietf.org/html/rfc4648#section-5 +func Decode(authEncoded string) (*registry.AuthConfig, error) { + if authEncoded == "" { + return ®istry.AuthConfig{}, nil + } + + decoded, err := base64.URLEncoding.DecodeString(authEncoded) + if err != nil { + var e base64.CorruptInputError + if errors.As(err, &e) { + return ®istry.AuthConfig{}, invalid(errors.New("must be a valid base64url-encoded string")) + } + return ®istry.AuthConfig{}, invalid(err) + } + + if bytes.Equal(decoded, []byte("{}")) { + return ®istry.AuthConfig{}, nil + } + + return decode(bytes.NewReader(decoded)) +} + +// DecodeRequestBody decodes authentication information as sent as JSON in the +// body of a request. This function is to provide backward compatibility with old +// clients and API versions. Current clients and API versions expect authentication +// to be provided through the X-Registry-Auth header. +// +// Like [Decode], this function always returns an [AuthConfig], even if an +// error occurs. It is up to the caller to decide if authentication is required, +// and if the error can be ignored. +func DecodeRequestBody(r io.ReadCloser) (*registry.AuthConfig, error) { + return decode(r) +} + +func decode(r io.Reader) (*registry.AuthConfig, error) { + authConfig := ®istry.AuthConfig{} + if err := json.NewDecoder(r).Decode(authConfig); err != nil { + // always return an (empty) AuthConfig to increase compatibility with + // the existing API. + return ®istry.AuthConfig{}, invalid(fmt.Errorf("invalid JSON: %w", err)) + } + return authConfig, nil +} + +func invalid(err error) error { + return errInvalidParameter{fmt.Errorf("invalid X-Registry-Auth header: %w", err)} +} + +type errInvalidParameter struct{ error } + +func (errInvalidParameter) InvalidParameter() {} + +func (e errInvalidParameter) Cause() error { return e.error } + +func (e errInvalidParameter) Unwrap() error { return e.error } diff --git a/vendor/github.com/docker/docker/pkg/stdcopy/stdcopy.go b/vendor/github.com/moby/moby/api/pkg/stdcopy/stdcopy.go similarity index 50% rename from vendor/github.com/docker/docker/pkg/stdcopy/stdcopy.go rename to vendor/github.com/moby/moby/api/pkg/stdcopy/stdcopy.go index 611432a6261f..948c6b6755db 100644 --- a/vendor/github.com/docker/docker/pkg/stdcopy/stdcopy.go +++ b/vendor/github.com/moby/moby/api/pkg/stdcopy/stdcopy.go @@ -1,12 +1,10 @@ package stdcopy import ( - "bytes" "encoding/binary" "errors" "fmt" "io" - "sync" ) // StdType is the type of standard stream @@ -14,16 +12,13 @@ import ( type StdType byte const ( - // Stdin represents standard input stream type. - Stdin StdType = iota - // Stdout represents standard output stream type. - Stdout - // Stderr represents standard error steam type. - Stderr - // Systemerr represents errors originating from the system that make it - // into the multiplexed stream. - Systemerr + Stdin StdType = 0 // Stdin represents standard input stream. It is present for completeness and should NOT be used. When reading the stream with [StdCopy] it is output on [Stdout]. + Stdout StdType = 1 // Stdout represents standard output stream. + Stderr StdType = 2 // Stderr represents standard error steam. + Systemerr StdType = 3 // Systemerr represents errors originating from the system. When reading the stream with [StdCopy] it is returned as an error. +) +const ( stdWriterPrefixLen = 8 stdWriterFdIndex = 0 stdWriterSizeIndex = 4 @@ -31,67 +26,28 @@ const ( startingBufLen = 32*1024 + stdWriterPrefixLen + 1 ) -var bufPool = &sync.Pool{New: func() interface{} { return bytes.NewBuffer(nil) }} - -// stdWriter is wrapper of io.Writer with extra customized info. -type stdWriter struct { - io.Writer - prefix byte -} - -// Write sends the buffer to the underneath writer. -// It inserts the prefix header before the buffer, -// so stdcopy.StdCopy knows where to multiplex the output. -// It makes stdWriter to implement io.Writer. -func (w *stdWriter) Write(p []byte) (int, error) { - if w == nil || w.Writer == nil { - return 0, errors.New("writer not instantiated") - } - if p == nil { - return 0, nil - } - - header := [stdWriterPrefixLen]byte{stdWriterFdIndex: w.prefix} - binary.BigEndian.PutUint32(header[stdWriterSizeIndex:], uint32(len(p))) - buf := bufPool.Get().(*bytes.Buffer) - buf.Write(header[:]) - buf.Write(p) - - n, err := w.Writer.Write(buf.Bytes()) - n -= stdWriterPrefixLen - if n < 0 { - n = 0 - } - - buf.Reset() - bufPool.Put(buf) - return n, err -} - -// NewStdWriter instantiates a new Writer. -// Everything written to it will be encapsulated using a custom format, -// and written to the underlying `w` stream. -// This allows multiple write streams (e.g. stdout and stderr) to be muxed into a single connection. -// `t` indicates the id of the stream to encapsulate. -// It can be stdcopy.Stdin, stdcopy.Stdout, stdcopy.Stderr. -func NewStdWriter(w io.Writer, t StdType) io.Writer { - return &stdWriter{ - Writer: w, - prefix: byte(t), - } -} - -// StdCopy is a modified version of io.Copy. +// StdCopy is a modified version of [io.Copy] to de-multiplex messages +// from "multiplexedSource" and copy them to destination streams +// "destOut" and "destErr". +// +// StdCopy demultiplexes "multiplexedSource", assuming that it contains +// two streams, previously multiplexed using a writer created with +// [NewStdWriter]. // -// StdCopy will demultiplex `src`, assuming that it contains two streams, -// previously multiplexed together using a StdWriter instance. -// As it reads from `src`, StdCopy will write to `dstout` and `dsterr`. +// As it reads from "multiplexedSource", StdCopy writes [Stdout] messages +// to "destOut", and [Stderr] message to "destErr]. For backward-compatibility, +// [Stdin] messages are output to "destOut". The [Systemerr] stream provides +// errors produced by the daemon. It is returned as an error, and terminates +// processing the stream. // -// StdCopy will read until it hits EOF on `src`. It will then return a nil error. -// In other words: if `err` is non nil, it indicates a real underlying error. +// StdCopy it reads until it hits [io.EOF] on "multiplexedSource", after +// which it returns a nil error. In other words: any error returned indicates +// a real underlying error, which may be when an unknown [StdType] stream +// is received. // -// `written` will hold the total number of bytes written to `dstout` and `dsterr`. -func StdCopy(dstout, dsterr io.Writer, src io.Reader) (written int64, _ error) { +// The "written" return holds the total number of bytes written to "destOut" +// and "destErr" combined. +func StdCopy(destOut, destErr io.Writer, multiplexedSource io.Reader) (written int64, _ error) { var ( buf = make([]byte, startingBufLen) bufLen = len(buf) @@ -105,7 +61,7 @@ func StdCopy(dstout, dsterr io.Writer, src io.Reader) (written int64, _ error) { // Make sure we have at least a full header for nr < stdWriterPrefixLen { var nr2 int - nr2, err = src.Read(buf[nr:]) + nr2, err = multiplexedSource.Read(buf[nr:]) nr += nr2 if errors.Is(err, io.EOF) { if nr < stdWriterPrefixLen { @@ -118,24 +74,24 @@ func StdCopy(dstout, dsterr io.Writer, src io.Reader) (written int64, _ error) { } } - stream := StdType(buf[stdWriterFdIndex]) // Check the first byte to know where to write + stream := StdType(buf[stdWriterFdIndex]) switch stream { case Stdin: fallthrough case Stdout: // Write on stdout - out = dstout + out = destOut case Stderr: // Write on stderr - out = dsterr + out = destErr case Systemerr: // If we're on Systemerr, we won't write anywhere. // NB: if this code changes later, make sure you don't try to write // to outstream if Systemerr is the stream out = nil default: - return 0, fmt.Errorf("Unrecognized input header: %d", buf[stdWriterFdIndex]) + return 0, fmt.Errorf("unrecognized stream: %d", stream) } // Retrieve the size of the frame @@ -151,7 +107,7 @@ func StdCopy(dstout, dsterr io.Writer, src io.Reader) (written int64, _ error) { // While the amount of bytes read is less than the size of the frame + header, we keep reading for nr < frameSize+stdWriterPrefixLen { var nr2 int - nr2, err = src.Read(buf[nr:]) + nr2, err = multiplexedSource.Read(buf[nr:]) nr += nr2 if errors.Is(err, io.EOF) { if nr < frameSize+stdWriterPrefixLen { diff --git a/vendor/github.com/docker/docker/api/types/blkiodev/blkio.go b/vendor/github.com/moby/moby/api/types/blkiodev/blkio.go similarity index 100% rename from vendor/github.com/docker/docker/api/types/blkiodev/blkio.go rename to vendor/github.com/moby/moby/api/types/blkiodev/blkio.go diff --git a/vendor/github.com/moby/moby/api/types/build/build.go b/vendor/github.com/moby/moby/api/types/build/build.go new file mode 100644 index 000000000000..db9839773402 --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/build/build.go @@ -0,0 +1,16 @@ +package build + +// BuilderVersion sets the version of underlying builder to use +type BuilderVersion string + +const ( + // BuilderV1 is the first generation builder in docker daemon + BuilderV1 BuilderVersion = "1" + // BuilderBuildKit is builder based on moby/buildkit project + BuilderBuildKit BuilderVersion = "2" +) + +// Result contains the image id of a successful build. +type Result struct { + ID string +} diff --git a/vendor/github.com/docker/docker/api/types/build/cache.go b/vendor/github.com/moby/moby/api/types/build/cache.go similarity index 66% rename from vendor/github.com/docker/docker/api/types/build/cache.go rename to vendor/github.com/moby/moby/api/types/build/cache.go index 42c840457364..39dd23a5f3a7 100644 --- a/vendor/github.com/docker/docker/api/types/build/cache.go +++ b/vendor/github.com/moby/moby/api/types/build/cache.go @@ -2,18 +2,12 @@ package build import ( "time" - - "github.com/docker/docker/api/types/filters" ) // CacheRecord contains information about a build cache record. type CacheRecord struct { // ID is the unique ID of the build cache record. ID string - // Parent is the ID of the parent build cache record. - // - // Deprecated: deprecated in API v1.42 and up, as it was deprecated in BuildKit; use Parents instead. - Parent string `json:"Parent,omitempty"` // Parents is the list of parent build cache record IDs. Parents []string `json:" Parents,omitempty"` // Type is the cache record type. @@ -33,17 +27,6 @@ type CacheRecord struct { UsageCount int } -// CachePruneOptions hold parameters to prune the build cache. -type CachePruneOptions struct { - All bool - ReservedSpace int64 - MaxUsedSpace int64 - MinFreeSpace int64 - Filters filters.Args - - KeepStorage int64 // Deprecated: deprecated in API 1.48. -} - // CachePruneReport contains the response for Engine API: // POST "/build/prune" type CachePruneReport struct { diff --git a/vendor/github.com/moby/moby/api/types/build/disk_usage.go b/vendor/github.com/moby/moby/api/types/build/disk_usage.go new file mode 100644 index 000000000000..3613797dba7e --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/build/disk_usage.go @@ -0,0 +1,36 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package build + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +// DiskUsage represents system data usage for build cache resources. +// +// swagger:model DiskUsage +type DiskUsage struct { + + // Count of active build cache records. + // + // Example: 1 + ActiveCount int64 `json:"ActiveCount,omitempty"` + + // List of build cache records. + // + Items []CacheRecord `json:"Items,omitempty"` + + // Disk space that can be reclaimed by removing inactive build cache records. + // + // Example: 12345678 + Reclaimable int64 `json:"Reclaimable,omitempty"` + + // Count of all build cache records. + // + // Example: 4 + TotalCount int64 `json:"TotalCount,omitempty"` + + // Disk space in use by build cache records. + // + // Example: 98765432 + TotalSize int64 `json:"TotalSize,omitempty"` +} diff --git a/vendor/github.com/moby/moby/api/types/checkpoint/create_request.go b/vendor/github.com/moby/moby/api/types/checkpoint/create_request.go new file mode 100644 index 000000000000..c363783f2a60 --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/checkpoint/create_request.go @@ -0,0 +1,8 @@ +package checkpoint + +// CreateRequest holds parameters to create a checkpoint from a container. +type CreateRequest struct { + CheckpointID string + CheckpointDir string + Exit bool +} diff --git a/vendor/github.com/docker/docker/api/types/checkpoint/list.go b/vendor/github.com/moby/moby/api/types/checkpoint/list.go similarity index 100% rename from vendor/github.com/docker/docker/api/types/checkpoint/list.go rename to vendor/github.com/moby/moby/api/types/checkpoint/list.go diff --git a/vendor/github.com/docker/docker/api/types/error_response.go b/vendor/github.com/moby/moby/api/types/common/error_response.go similarity index 73% rename from vendor/github.com/docker/docker/api/types/error_response.go rename to vendor/github.com/moby/moby/api/types/common/error_response.go index dc942d9d9efa..b49d3eea0a25 100644 --- a/vendor/github.com/docker/docker/api/types/error_response.go +++ b/vendor/github.com/moby/moby/api/types/common/error_response.go @@ -1,9 +1,13 @@ -package types +// Code generated by go-swagger; DO NOT EDIT. + +package common // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command // ErrorResponse Represents an error. +// Example: {"message":"Something went wrong."} +// // swagger:model ErrorResponse type ErrorResponse struct { diff --git a/vendor/github.com/docker/docker/api/types/error_response_ext.go b/vendor/github.com/moby/moby/api/types/common/error_response_ext.go similarity index 86% rename from vendor/github.com/docker/docker/api/types/error_response_ext.go rename to vendor/github.com/moby/moby/api/types/common/error_response_ext.go index f84f034cd545..c92dfe4b12ed 100644 --- a/vendor/github.com/docker/docker/api/types/error_response_ext.go +++ b/vendor/github.com/moby/moby/api/types/common/error_response_ext.go @@ -1,4 +1,4 @@ -package types +package common // Error returns the error message func (e ErrorResponse) Error() string { diff --git a/vendor/github.com/docker/docker/api/types/common/id_response.go b/vendor/github.com/moby/moby/api/types/common/id_response.go similarity index 87% rename from vendor/github.com/docker/docker/api/types/common/id_response.go rename to vendor/github.com/moby/moby/api/types/common/id_response.go index 22e8c60a48d3..7dfe4bf12b55 100644 --- a/vendor/github.com/docker/docker/api/types/common/id_response.go +++ b/vendor/github.com/moby/moby/api/types/common/id_response.go @@ -1,9 +1,12 @@ +// Code generated by go-swagger; DO NOT EDIT. + package common // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command // IDResponse Response to an API call that returns just an Id +// // swagger:model IDResponse type IDResponse struct { diff --git a/vendor/github.com/docker/docker/api/types/container/change_type.go b/vendor/github.com/moby/moby/api/types/container/change_type.go similarity index 87% rename from vendor/github.com/docker/docker/api/types/container/change_type.go rename to vendor/github.com/moby/moby/api/types/container/change_type.go index fe8d6d36966e..52fc99235b1e 100644 --- a/vendor/github.com/docker/docker/api/types/container/change_type.go +++ b/vendor/github.com/moby/moby/api/types/container/change_type.go @@ -1,3 +1,5 @@ +// Code generated by go-swagger; DO NOT EDIT. + package container // This file was generated by the swagger tool. diff --git a/vendor/github.com/docker/docker/api/types/container/change_types.go b/vendor/github.com/moby/moby/api/types/container/change_types.go similarity index 100% rename from vendor/github.com/docker/docker/api/types/container/change_types.go rename to vendor/github.com/moby/moby/api/types/container/change_types.go diff --git a/vendor/github.com/docker/docker/api/types/container/commit.go b/vendor/github.com/moby/moby/api/types/container/commit.go similarity index 76% rename from vendor/github.com/docker/docker/api/types/container/commit.go rename to vendor/github.com/moby/moby/api/types/container/commit.go index 6fd1b0ead138..c5aab26ff4f0 100644 --- a/vendor/github.com/docker/docker/api/types/container/commit.go +++ b/vendor/github.com/moby/moby/api/types/container/commit.go @@ -1,6 +1,6 @@ package container -import "github.com/docker/docker/api/types/common" +import "github.com/moby/moby/api/types/common" // CommitResponse response for the commit API call, containing the ID of the // image that was produced. diff --git a/vendor/github.com/docker/docker/api/types/container/config.go b/vendor/github.com/moby/moby/api/types/container/config.go similarity index 58% rename from vendor/github.com/docker/docker/api/types/container/config.go rename to vendor/github.com/moby/moby/api/types/container/config.go index 0555416540bf..78fa9f9105bc 100644 --- a/vendor/github.com/docker/docker/api/types/container/config.go +++ b/vendor/github.com/moby/moby/api/types/container/config.go @@ -3,9 +3,8 @@ package container import ( "time" - "github.com/docker/docker/api/types/strslice" - "github.com/docker/go-connections/nat" dockerspec "github.com/moby/docker-image-spec/specs-go/v1" + "github.com/moby/moby/api/types/network" ) // MinimumDuration puts a minimum on user configured duration. @@ -14,24 +13,6 @@ import ( // Docker interprets it as 3 nanoseconds. const MinimumDuration = 1 * time.Millisecond -// StopOptions holds the options to stop or restart a container. -type StopOptions struct { - // Signal (optional) is the signal to send to the container to (gracefully) - // stop it before forcibly terminating the container with SIGKILL after the - // timeout expires. If not value is set, the default (SIGTERM) is used. - Signal string `json:",omitempty"` - - // Timeout (optional) is the timeout (in seconds) to wait for the container - // to stop gracefully before forcibly terminating it with SIGKILL. - // - // - Use nil to use the default timeout (10 seconds). - // - Use '-1' to wait indefinitely. - // - Use '0' to not wait for the container to exit gracefully, and - // immediately proceeds to forcibly terminating the container. - // - Other positive values are used as timeout (in seconds). - Timeout *int `json:",omitempty"` -} - // HealthConfig holds configuration settings for the HEALTHCHECK feature. type HealthConfig = dockerspec.HealthcheckConfig @@ -48,26 +29,22 @@ type Config struct { AttachStdin bool // Attach the standard input, makes possible user interaction AttachStdout bool // Attach the standard output AttachStderr bool // Attach the standard error - ExposedPorts nat.PortSet `json:",omitempty"` // List of exposed ports + ExposedPorts network.PortSet `json:",omitempty"` // List of exposed ports Tty bool // Attach standard streams to a tty, including stdin if it is not closed. OpenStdin bool // Open stdin StdinOnce bool // If true, close stdin after the 1 attached client disconnects. Env []string // List of environment variable to set in the container - Cmd strslice.StrSlice // Command to run when starting the container + Cmd []string // Command to run when starting the container Healthcheck *HealthConfig `json:",omitempty"` // Healthcheck describes how to check the container is healthy ArgsEscaped bool `json:",omitempty"` // True if command is already escaped (meaning treat as a command line) (Windows specific). Image string // Name of the image as it was passed by the operator (e.g. could be symbolic) Volumes map[string]struct{} // List of volumes (mounts) used for the container WorkingDir string // Current directory (PWD) in the command will be launched - Entrypoint strslice.StrSlice // Entrypoint to run when starting the container + Entrypoint []string // Entrypoint to run when starting the container NetworkDisabled bool `json:",omitempty"` // Is network disabled - // Mac Address of the container. - // - // Deprecated: this field is deprecated since API v1.44. Use EndpointSettings.MacAddress instead. - MacAddress string `json:",omitempty"` - OnBuild []string // ONBUILD metadata that were defined on the image Dockerfile - Labels map[string]string // List of labels set to this container - StopSignal string `json:",omitempty"` // Signal to stop a container - StopTimeout *int `json:",omitempty"` // Timeout (in seconds) to stop a container - Shell strslice.StrSlice `json:",omitempty"` // Shell for shell-form of RUN, CMD, ENTRYPOINT + OnBuild []string `json:",omitempty"` // ONBUILD metadata that were defined on the image Dockerfile + Labels map[string]string // List of labels set to this container + StopSignal string `json:",omitempty"` // Signal to stop a container + StopTimeout *int `json:",omitempty"` // Timeout (in seconds) to stop a container + Shell []string `json:",omitempty"` // Shell for shell-form of RUN, CMD, ENTRYPOINT } diff --git a/vendor/github.com/docker/docker/api/types/container/container.go b/vendor/github.com/moby/moby/api/types/container/container.go similarity index 69% rename from vendor/github.com/docker/docker/api/types/container/container.go rename to vendor/github.com/moby/moby/api/types/container/container.go index a191ca8bdb73..bffb3de87277 100644 --- a/vendor/github.com/docker/docker/api/types/container/container.go +++ b/vendor/github.com/moby/moby/api/types/container/container.go @@ -1,25 +1,14 @@ package container import ( - "io" "os" "time" - "github.com/docker/docker/api/types/mount" - "github.com/docker/docker/api/types/storage" + "github.com/moby/moby/api/types/mount" + "github.com/moby/moby/api/types/storage" ocispec "github.com/opencontainers/image-spec/specs-go/v1" ) -// ContainerUpdateOKBody OK response to ContainerUpdate operation -// -// Deprecated: use [UpdateResponse]. This alias will be removed in the next release. -type ContainerUpdateOKBody = UpdateResponse - -// ContainerTopOKBody OK response to ContainerTop operation -// -// Deprecated: use [TopResponse]. This alias will be removed in the next release. -type ContainerTopOKBody = TopResponse - // PruneReport contains the response for Engine API: // POST "/containers/prune" type PruneReport struct { @@ -38,30 +27,10 @@ type PathStat struct { LinkTarget string `json:"linkTarget"` } -// CopyToContainerOptions holds information -// about files to copy into a container -type CopyToContainerOptions struct { - AllowOverwriteDirWithFile bool - CopyUIDGID bool -} - -// StatsResponseReader wraps an io.ReadCloser to read (a stream of) stats -// for a container, as produced by the GET "/stats" endpoint. -// -// The OSType field is set to the server's platform to allow -// platform-specific handling of the response. -// -// TODO(thaJeztah): remove this wrapper, and make OSType part of [StatsResponse]. -type StatsResponseReader struct { - Body io.ReadCloser `json:"body"` - OSType string `json:"ostype"` -} - // MountPoint represents a mount point configuration inside the container. // This is used for reporting the mountpoints in use by a container. type MountPoint struct { - // Type is the type of mount, see `Type` definitions in - // github.com/docker/docker/api/types/mount.Type + // Type is the type of mount, see [mount.Type] definitions for details. Type mount.Type `json:",omitempty"` // Name is the name reference to the underlying data defined by `Source` @@ -128,7 +97,7 @@ type Summary struct { ImageManifestDescriptor *ocispec.Descriptor `json:"ImageManifestDescriptor,omitempty"` Command string Created int64 - Ports []Port + Ports []PortSummary SizeRw int64 `json:",omitempty"` SizeRootFs int64 `json:",omitempty"` Labels map[string]string @@ -138,20 +107,14 @@ type Summary struct { NetworkMode string `json:",omitempty"` Annotations map[string]string `json:",omitempty"` } + Health *HealthSummary `json:",omitempty"` NetworkSettings *NetworkSettingsSummary Mounts []MountPoint } -// ContainerJSONBase contains response of Engine API GET "/containers/{name:.*}/json" -// for API version 1.18 and older. -// -// TODO(thaJeztah): combine ContainerJSONBase and InspectResponse into a single struct. -// The split between ContainerJSONBase (ContainerJSONBase) and InspectResponse (InspectResponse) -// was done in commit 6deaa58ba5f051039643cedceee97c8695e2af74 (https://github.com/moby/moby/pull/13675). -// ContainerJSONBase contained all fields for API < 1.19, and InspectResponse -// held fields that were added in API 1.19 and up. Given that the minimum -// supported API version is now 1.24, we no longer use the separate type. -type ContainerJSONBase struct { +// InspectResponse is the response for the GET "/containers/{name:.*}/json" +// endpoint. +type InspectResponse struct { ID string `json:"Id"` Created string Path string @@ -171,15 +134,15 @@ type ContainerJSONBase struct { AppArmorProfile string ExecIDs []string HostConfig *HostConfig - GraphDriver storage.DriverData + + // GraphDriver contains information about the container's graph driver. + GraphDriver *storage.DriverData `json:"GraphDriver,omitempty"` + + // Storage contains information about the storage used for the container's filesystem. + Storage *storage.Storage `json:"Storage,omitempty"` + SizeRw *int64 `json:",omitempty"` SizeRootFs *int64 `json:",omitempty"` -} - -// InspectResponse is the response for the GET "/containers/{name:.*}/json" -// endpoint. -type InspectResponse struct { - *ContainerJSONBase Mounts []MountPoint Config *Config NetworkSettings *NetworkSettings diff --git a/vendor/github.com/docker/docker/api/types/container/create_request.go b/vendor/github.com/moby/moby/api/types/container/create_request.go similarity index 89% rename from vendor/github.com/docker/docker/api/types/container/create_request.go rename to vendor/github.com/moby/moby/api/types/container/create_request.go index e98dd6ad449b..decb208af0e7 100644 --- a/vendor/github.com/docker/docker/api/types/container/create_request.go +++ b/vendor/github.com/moby/moby/api/types/container/create_request.go @@ -1,6 +1,6 @@ package container -import "github.com/docker/docker/api/types/network" +import "github.com/moby/moby/api/types/network" // CreateRequest is the request message sent to the server for container // create calls. It is a config wrapper that holds the container [Config] diff --git a/vendor/github.com/docker/docker/api/types/container/create_response.go b/vendor/github.com/moby/moby/api/types/container/create_response.go similarity index 70% rename from vendor/github.com/docker/docker/api/types/container/create_response.go rename to vendor/github.com/moby/moby/api/types/container/create_response.go index aa0e7f7d0789..39d761aa968c 100644 --- a/vendor/github.com/docker/docker/api/types/container/create_response.go +++ b/vendor/github.com/moby/moby/api/types/container/create_response.go @@ -1,3 +1,5 @@ +// Code generated by go-swagger; DO NOT EDIT. + package container // This file was generated by the swagger tool. @@ -5,15 +7,18 @@ package container // CreateResponse ContainerCreateResponse // -// OK response to ContainerCreate operation +// # OK response to ContainerCreate operation +// // swagger:model CreateResponse type CreateResponse struct { // The ID of the created container + // Example: ede54ee1afda366ab42f824e8a5ffd195155d853ceaec74a927f249ea270c743 // Required: true ID string `json:"Id"` // Warnings encountered when creating the container + // Example: [] // Required: true Warnings []string `json:"Warnings"` } diff --git a/vendor/github.com/moby/moby/api/types/container/disk_usage.go b/vendor/github.com/moby/moby/api/types/container/disk_usage.go new file mode 100644 index 000000000000..c36721d3b00f --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/container/disk_usage.go @@ -0,0 +1,36 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package container + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +// DiskUsage represents system data usage information for container resources. +// +// swagger:model DiskUsage +type DiskUsage struct { + + // Count of active containers. + // + // Example: 1 + ActiveCount int64 `json:"ActiveCount,omitempty"` + + // List of container summaries. + // + Items []Summary `json:"Items,omitempty"` + + // Disk space that can be reclaimed by removing inactive containers. + // + // Example: 12345678 + Reclaimable int64 `json:"Reclaimable,omitempty"` + + // Count of all containers. + // + // Example: 4 + TotalCount int64 `json:"TotalCount,omitempty"` + + // Disk space in use by containers. + // + // Example: 98765432 + TotalSize int64 `json:"TotalSize,omitempty"` +} diff --git a/vendor/github.com/docker/docker/api/types/container/errors.go b/vendor/github.com/moby/moby/api/types/container/errors.go similarity index 100% rename from vendor/github.com/docker/docker/api/types/container/errors.go rename to vendor/github.com/moby/moby/api/types/container/errors.go diff --git a/vendor/github.com/moby/moby/api/types/container/exec.go b/vendor/github.com/moby/moby/api/types/container/exec.go new file mode 100644 index 000000000000..6895926aefeb --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/container/exec.go @@ -0,0 +1,35 @@ +package container + +import "github.com/moby/moby/api/types/common" + +// ExecCreateResponse is the response for a successful exec-create request. +// It holds the ID of the exec that was created. +// +// TODO(thaJeztah): make this a distinct type. +type ExecCreateResponse = common.IDResponse + +// ExecInspectResponse is the API response for the "GET /exec/{id}/json" +// endpoint and holds information about and exec. +type ExecInspectResponse struct { + ID string `json:"ID"` + Running bool `json:"Running"` + ExitCode *int `json:"ExitCode"` + ProcessConfig *ExecProcessConfig + OpenStdin bool `json:"OpenStdin"` + OpenStderr bool `json:"OpenStderr"` + OpenStdout bool `json:"OpenStdout"` + CanRemove bool `json:"CanRemove"` + ContainerID string `json:"ContainerID"` + DetachKeys []byte `json:"DetachKeys"` + Pid int `json:"Pid"` +} + +// ExecProcessConfig holds information about the exec process +// running on the host. +type ExecProcessConfig struct { + Tty bool `json:"tty"` + Entrypoint string `json:"entrypoint"` + Arguments []string `json:"arguments"` + Privileged *bool `json:"privileged,omitempty"` + User string `json:"user,omitempty"` +} diff --git a/vendor/github.com/moby/moby/api/types/container/exec_create_request.go b/vendor/github.com/moby/moby/api/types/container/exec_create_request.go new file mode 100644 index 000000000000..dd7437cd2f38 --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/container/exec_create_request.go @@ -0,0 +1,17 @@ +package container + +// ExecCreateRequest is a small subset of the Config struct that holds the configuration +// for the exec feature of docker. +type ExecCreateRequest struct { + User string // User that will run the command + Privileged bool // Is the container in privileged mode + Tty bool // Attach standard streams to a tty. + ConsoleSize *[2]uint `json:",omitempty"` // Initial console size [height, width] + AttachStdin bool // Attach the standard input, makes possible user interaction + AttachStderr bool // Attach the standard error + AttachStdout bool // Attach the standard output + DetachKeys string // Escape keys for detach + Env []string // Environment variables + WorkingDir string // Working directory + Cmd []string // Execution commands and args +} diff --git a/vendor/github.com/moby/moby/api/types/container/exec_start_request.go b/vendor/github.com/moby/moby/api/types/container/exec_start_request.go new file mode 100644 index 000000000000..4c2ba0a77c19 --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/container/exec_start_request.go @@ -0,0 +1,12 @@ +package container + +// ExecStartRequest is a temp struct used by execStart +// Config fields is part of ExecConfig in runconfig package +type ExecStartRequest struct { + // ExecStart will first check if it's detached + Detach bool + // Check if there's a tty + Tty bool + // Terminal size [height, width], unused if Tty == false + ConsoleSize *[2]uint `json:",omitempty"` +} diff --git a/vendor/github.com/docker/docker/api/types/container/filesystem_change.go b/vendor/github.com/moby/moby/api/types/container/filesystem_change.go similarity index 90% rename from vendor/github.com/docker/docker/api/types/container/filesystem_change.go rename to vendor/github.com/moby/moby/api/types/container/filesystem_change.go index 9e9c2ad1d588..b9ec83e52190 100644 --- a/vendor/github.com/docker/docker/api/types/container/filesystem_change.go +++ b/vendor/github.com/moby/moby/api/types/container/filesystem_change.go @@ -1,3 +1,5 @@ +// Code generated by go-swagger; DO NOT EDIT. + package container // This file was generated by the swagger tool. diff --git a/vendor/github.com/docker/docker/api/types/container/health.go b/vendor/github.com/moby/moby/api/types/container/health.go similarity index 81% rename from vendor/github.com/docker/docker/api/types/container/health.go rename to vendor/github.com/moby/moby/api/types/container/health.go index 96e91cc8d8a8..1a1ba84b40d1 100644 --- a/vendor/github.com/docker/docker/api/types/container/health.go +++ b/vendor/github.com/moby/moby/api/types/container/health.go @@ -7,9 +7,7 @@ import ( ) // HealthStatus is a string representation of the container's health. -// -// It currently is an alias for string, but may become a distinct type in future. -type HealthStatus = string +type HealthStatus string // Health states const ( @@ -26,6 +24,12 @@ type Health struct { Log []*HealthcheckResult // Log contains the last few results (oldest first) } +// HealthSummary stores a summary of the container's healthcheck results. +type HealthSummary struct { + Status HealthStatus // Status is one of [NoHealthcheck], [Starting], [Healthy] or [Unhealthy]. + FailingStreak int // FailingStreak is the number of consecutive failures +} + // HealthcheckResult stores information about a single run of a healthcheck probe type HealthcheckResult struct { Start time.Time // Start is the time this check started @@ -35,7 +39,10 @@ type HealthcheckResult struct { } var validHealths = []string{ - NoHealthcheck, Starting, Healthy, Unhealthy, + string(NoHealthcheck), + string(Starting), + string(Healthy), + string(Unhealthy), } // ValidateHealthStatus checks if the provided string is a valid diff --git a/vendor/github.com/docker/docker/api/types/container/hostconfig.go b/vendor/github.com/moby/moby/api/types/container/hostconfig.go similarity index 92% rename from vendor/github.com/docker/docker/api/types/container/hostconfig.go rename to vendor/github.com/moby/moby/api/types/container/hostconfig.go index 7a41436cc702..0f889c65124c 100644 --- a/vendor/github.com/docker/docker/api/types/container/hostconfig.go +++ b/vendor/github.com/moby/moby/api/types/container/hostconfig.go @@ -3,14 +3,13 @@ package container import ( "errors" "fmt" + "net/netip" "strings" - "github.com/docker/docker/api/types/blkiodev" - "github.com/docker/docker/api/types/mount" - "github.com/docker/docker/api/types/network" - "github.com/docker/docker/api/types/strslice" - "github.com/docker/go-connections/nat" "github.com/docker/go-units" + "github.com/moby/moby/api/types/blkiodev" + "github.com/moby/moby/api/types/mount" + "github.com/moby/moby/api/types/network" ) // CgroupnsMode represents the cgroup namespace mode of the container @@ -391,22 +390,12 @@ type Resources struct { Devices []DeviceMapping // List of devices to map inside the container DeviceCgroupRules []string // List of rule to be added to the device cgroup DeviceRequests []DeviceRequest // List of device requests for device drivers - - // KernelMemory specifies the kernel memory limit (in bytes) for the container. - // Deprecated: kernel 5.4 deprecated kmem.limit_in_bytes. - KernelMemory int64 `json:",omitempty"` - // Hard limit for kernel TCP buffer memory (in bytes). - // - // Deprecated: This field is deprecated and will be removed in the next release. - // Starting with 6.12, the kernel has deprecated kernel memory tcp accounting - // for cgroups v1. - KernelMemoryTCP int64 `json:",omitempty"` // Hard limit for kernel TCP buffer memory (in bytes) - MemoryReservation int64 // Memory soft limit (in bytes) - MemorySwap int64 // Total memory usage (memory + swap); set `-1` to enable unlimited swap - MemorySwappiness *int64 // Tuning container memory swappiness behaviour - OomKillDisable *bool // Whether to disable OOM Killer or not - PidsLimit *int64 // Setting PIDs limit for a container; Set `0` or `-1` for unlimited, or `null` to not change. - Ulimits []*Ulimit // List of ulimits to be set in the container + MemoryReservation int64 // Memory soft limit (in bytes) + MemorySwap int64 // Total memory usage (memory + swap); set `-1` to enable unlimited swap + MemorySwappiness *int64 // Tuning container memory swappiness behaviour + OomKillDisable *bool // Whether to disable OOM Killer or not + PidsLimit *int64 // Setting PIDs limit for a container; Set `0` or `-1` for unlimited, or `null` to not change. + Ulimits []*Ulimit // List of ulimits to be set in the container // Applicable to Windows CPUCount int64 `json:"CpuCount"` // CPU count @@ -432,7 +421,7 @@ type HostConfig struct { ContainerIDFile string // File (path) where the containerId is written LogConfig LogConfig // Configuration of the logs for this container NetworkMode NetworkMode // Network mode to use for the container - PortBindings nat.PortMap // Port mapping between the exposed port (container) and the host + PortBindings network.PortMap // Port mapping between the exposed port (container) and the host RestartPolicy RestartPolicy // Restart policy to be used for the container AutoRemove bool // Automatically remove container when it exits VolumeDriver string // Name of the volume driver used to mount volumes @@ -441,10 +430,10 @@ type HostConfig struct { Annotations map[string]string `json:",omitempty"` // Arbitrary non-identifying metadata attached to container and provided to the runtime // Applicable to UNIX platforms - CapAdd strslice.StrSlice // List of kernel capabilities to add to the container - CapDrop strslice.StrSlice // List of kernel capabilities to remove from the container + CapAdd []string // List of kernel capabilities to add to the container + CapDrop []string // List of kernel capabilities to remove from the container CgroupnsMode CgroupnsMode // Cgroup namespace mode to use for the container - DNS []string `json:"Dns"` // List of DNS server to lookup + DNS []netip.Addr `json:"Dns"` // List of DNS server to lookup DNSOptions []string `json:"DnsOptions"` // List of DNSOption to look for DNSSearch []string `json:"DnsSearch"` // List of DNSSearch to look for ExtraHosts []string // List of extra hosts diff --git a/vendor/github.com/docker/docker/api/types/container/hostconfig_unix.go b/vendor/github.com/moby/moby/api/types/container/hostconfig_unix.go similarity index 95% rename from vendor/github.com/docker/docker/api/types/container/hostconfig_unix.go rename to vendor/github.com/moby/moby/api/types/container/hostconfig_unix.go index cd6a7a9be22b..326a5da7ebef 100644 --- a/vendor/github.com/docker/docker/api/types/container/hostconfig_unix.go +++ b/vendor/github.com/moby/moby/api/types/container/hostconfig_unix.go @@ -2,7 +2,7 @@ package container -import "github.com/docker/docker/api/types/network" +import "github.com/moby/moby/api/types/network" // IsValid indicates if an isolation technology is valid func (i Isolation) IsValid() bool { diff --git a/vendor/github.com/docker/docker/api/types/container/hostconfig_windows.go b/vendor/github.com/moby/moby/api/types/container/hostconfig_windows.go similarity index 95% rename from vendor/github.com/docker/docker/api/types/container/hostconfig_windows.go rename to vendor/github.com/moby/moby/api/types/container/hostconfig_windows.go index db63e190d199..977a3760237e 100644 --- a/vendor/github.com/docker/docker/api/types/container/hostconfig_windows.go +++ b/vendor/github.com/moby/moby/api/types/container/hostconfig_windows.go @@ -1,6 +1,6 @@ package container -import "github.com/docker/docker/api/types/network" +import "github.com/moby/moby/api/types/network" // IsValid indicates if an isolation technology is valid func (i Isolation) IsValid() bool { diff --git a/vendor/github.com/moby/moby/api/types/container/network_settings.go b/vendor/github.com/moby/moby/api/types/container/network_settings.go new file mode 100644 index 000000000000..c51c0839d237 --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/container/network_settings.go @@ -0,0 +1,22 @@ +package container + +import ( + "github.com/moby/moby/api/types/network" +) + +// NetworkSettings exposes the network settings in the api +type NetworkSettings struct { + SandboxID string // SandboxID uniquely represents a container's network stack + SandboxKey string // SandboxKey identifies the sandbox + + // Ports is a collection of [network.PortBinding] indexed by [network.Port] + Ports network.PortMap + + Networks map[string]*network.EndpointSettings +} + +// NetworkSettingsSummary provides a summary of container's networks +// in /containers/json +type NetworkSettingsSummary struct { + Networks map[string]*network.EndpointSettings +} diff --git a/vendor/github.com/docker/docker/api/types/container/port.go b/vendor/github.com/moby/moby/api/types/container/port_summary.go similarity index 56% rename from vendor/github.com/docker/docker/api/types/container/port.go rename to vendor/github.com/moby/moby/api/types/container/port_summary.go index 895043cfe94f..68148eece462 100644 --- a/vendor/github.com/docker/docker/api/types/container/port.go +++ b/vendor/github.com/moby/moby/api/types/container/port_summary.go @@ -1,14 +1,23 @@ +// Code generated by go-swagger; DO NOT EDIT. + package container // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command -// Port An open port on a container -// swagger:model Port -type Port struct { +import ( + "net/netip" +) + +// PortSummary Describes a port-mapping between the container and the host. +// +// Example: {"PrivatePort":8080,"PublicPort":80,"Type":"tcp"} +// +// swagger:model PortSummary +type PortSummary struct { // Host IP address that the container's port is mapped to - IP string `json:"IP,omitempty"` + IP netip.Addr `json:"IP,omitempty"` // Port on the container // Required: true @@ -19,5 +28,6 @@ type Port struct { // type // Required: true + // Enum: ["tcp","udp","sctp"] Type string `json:"Type"` } diff --git a/vendor/github.com/docker/docker/api/types/container/state.go b/vendor/github.com/moby/moby/api/types/container/state.go similarity index 59% rename from vendor/github.com/docker/docker/api/types/container/state.go rename to vendor/github.com/moby/moby/api/types/container/state.go index 78d5c4fe85c7..47c6d1249027 100644 --- a/vendor/github.com/docker/docker/api/types/container/state.go +++ b/vendor/github.com/moby/moby/api/types/container/state.go @@ -6,9 +6,7 @@ import ( ) // ContainerState is a string representation of the container's current state. -// -// It currently is an alias for string, but may become a distinct type in the future. -type ContainerState = string +type ContainerState string const ( StateCreated ContainerState = "created" // StateCreated indicates the container is created, but not (yet) started. @@ -20,8 +18,14 @@ const ( StateDead ContainerState = "dead" // StateDead indicates that the container failed to be deleted. Containers in this state are attempted to be cleaned up when the daemon restarts. ) -var validStates = []ContainerState{ - StateCreated, StateRunning, StatePaused, StateRestarting, StateRemoving, StateExited, StateDead, +var validStates = []string{ + string(StateCreated), + string(StateRunning), + string(StatePaused), + string(StateRestarting), + string(StateRemoving), + string(StateExited), + string(StateDead), } // ValidateContainerState checks if the provided string is a valid @@ -34,31 +38,3 @@ func ValidateContainerState(s ContainerState) error { return errInvalidParameter{error: fmt.Errorf("invalid value for state (%s): must be one of %s", s, strings.Join(validStates, ", "))} } } - -// StateStatus is used to return container wait results. -// Implements exec.ExitCode interface. -// This type is needed as State include a sync.Mutex field which make -// copying it unsafe. -type StateStatus struct { - exitCode int - err error -} - -// ExitCode returns current exitcode for the state. -func (s StateStatus) ExitCode() int { - return s.exitCode -} - -// Err returns current error for the state. Returns nil if the container had -// exited on its own. -func (s StateStatus) Err() error { - return s.err -} - -// NewStateStatus returns a new StateStatus with the given exit code and error. -func NewStateStatus(exitCode int, err error) StateStatus { - return StateStatus{ - exitCode: exitCode, - err: err, - } -} diff --git a/vendor/github.com/docker/docker/api/types/container/stats.go b/vendor/github.com/moby/moby/api/types/container/stats.go similarity index 67% rename from vendor/github.com/docker/docker/api/types/container/stats.go rename to vendor/github.com/moby/moby/api/types/container/stats.go index 3bfeb4849f91..6a34f6ab76c0 100644 --- a/vendor/github.com/docker/docker/api/types/container/stats.go +++ b/vendor/github.com/moby/moby/api/types/container/stats.go @@ -147,31 +147,78 @@ type PidsStats struct { Limit uint64 `json:"limit,omitempty"` } -// Stats is Ultimate struct aggregating all types of stats of one container -// -// Deprecated: use [StatsResponse] instead. This type will be removed in the next release. -type Stats = StatsResponse - // StatsResponse aggregates all types of stats of one container. type StatsResponse struct { - Name string `json:"name,omitempty"` - ID string `json:"id,omitempty"` + // ID is the ID of the container for which the stats were collected. + ID string `json:"id,omitempty"` - // Common stats - Read time.Time `json:"read"` - PreRead time.Time `json:"preread"` + // Name is the name of the container for which the stats were collected. + Name string `json:"name,omitempty"` - // Linux specific stats, not populated on Windows. - PidsStats PidsStats `json:"pids_stats,omitempty"` + // OSType is the OS of the container ("linux" or "windows") to allow + // platform-specific handling of stats. + OSType string `json:"os_type,omitempty"` + + // Read is the date and time at which this sample was collected. + Read time.Time `json:"read"` + + // CPUStats contains CPU related info of the container. + CPUStats CPUStats `json:"cpu_stats,omitempty"` + + // MemoryStats aggregates all memory stats since container inception on Linux. + // Windows returns stats for commit and private working set only. + MemoryStats MemoryStats `json:"memory_stats,omitempty"` + + // Networks contains Nntwork statistics for the container per interface. + // + // This field is omitted if the container has no networking enabled. + Networks map[string]NetworkStats `json:"networks,omitempty"` + + // ------------------------------------------------------------------------- + // Linux-specific stats, not populated on Windows. + // ------------------------------------------------------------------------- + + // PidsStats contains Linux-specific stats of a container's process-IDs (PIDs). + // + // This field is Linux-specific and omitted for Windows containers. + PidsStats PidsStats `json:"pids_stats,omitempty"` + + // BlkioStats stores all IO service stats for data read and write. + // + // This type is Linux-specific and holds many fields that are specific + // to cgroups v1. + // + // On a cgroup v2 host, all fields other than "io_service_bytes_recursive" + // are omitted or "null". + // + // This type is only populated on Linux and omitted for Windows containers. BlkioStats BlkioStats `json:"blkio_stats,omitempty"` - // Windows specific stats, not populated on Linux. - NumProcs uint32 `json:"num_procs"` + // ------------------------------------------------------------------------- + // Windows-specific stats, not populated on Linux. + // ------------------------------------------------------------------------- + + // NumProcs is the number of processors on the system. + // + // This field is Windows-specific and always zero for Linux containers. + NumProcs uint32 `json:"num_procs"` + + // StorageStats is the disk I/O stats for read/write on Windows. + // + // This type is Windows-specific and omitted for Linux containers. StorageStats StorageStats `json:"storage_stats,omitempty"` - // Shared stats - CPUStats CPUStats `json:"cpu_stats,omitempty"` - PreCPUStats CPUStats `json:"precpu_stats,omitempty"` // "Pre"="Previous" - MemoryStats MemoryStats `json:"memory_stats,omitempty"` - Networks map[string]NetworkStats `json:"networks,omitempty"` + // ------------------------------------------------------------------------- + // PreRead and PreCPUStats contain the previous sample of stats for + // the container, and can be used to perform delta-calculation. + // ------------------------------------------------------------------------- + + // PreRead is the date and time at which this first sample was collected. + // This field is not propagated if the "one-shot" option is set. If the + // "one-shot" option is set, this field may be omitted, empty, or set + // to a default date (`0001-01-01T00:00:00Z`). + PreRead time.Time `json:"preread"` + + // PreCPUStats contains the CPUStats of the previous sample. + PreCPUStats CPUStats `json:"precpu_stats,omitempty"` } diff --git a/vendor/github.com/docker/docker/api/types/container/top_response.go b/vendor/github.com/moby/moby/api/types/container/top_response.go similarity index 63% rename from vendor/github.com/docker/docker/api/types/container/top_response.go rename to vendor/github.com/moby/moby/api/types/container/top_response.go index b4bae5ef036b..966603617f11 100644 --- a/vendor/github.com/docker/docker/api/types/container/top_response.go +++ b/vendor/github.com/moby/moby/api/types/container/top_response.go @@ -1,3 +1,5 @@ +// Code generated by go-swagger; DO NOT EDIT. + package container // This file was generated by the swagger tool. @@ -6,13 +8,16 @@ package container // TopResponse ContainerTopResponse // // Container "top" response. +// // swagger:model TopResponse type TopResponse struct { // Each process running in the container, where each process // is an array of values corresponding to the titles. + // Example: {"Processes":[["root","13642","882","0","17:03","pts/0","00:00:00","/bin/bash"],["root","13735","13642","0","17:06","pts/0","00:00:00","sleep 10"]]} Processes [][]string `json:"Processes"` // The ps column titles + // Example: {"Titles":["UID","PID","PPID","C","STIME","TTY","TIME","CMD"]} Titles []string `json:"Titles"` } diff --git a/vendor/github.com/docker/docker/api/types/container/update_response.go b/vendor/github.com/moby/moby/api/types/container/update_response.go similarity index 76% rename from vendor/github.com/docker/docker/api/types/container/update_response.go rename to vendor/github.com/moby/moby/api/types/container/update_response.go index e2b5bf5ac0e4..2f7263b14119 100644 --- a/vendor/github.com/docker/docker/api/types/container/update_response.go +++ b/vendor/github.com/moby/moby/api/types/container/update_response.go @@ -1,3 +1,5 @@ +// Code generated by go-swagger; DO NOT EDIT. + package container // This file was generated by the swagger tool. @@ -6,9 +8,11 @@ package container // UpdateResponse ContainerUpdateResponse // // Response for a successful container-update. +// // swagger:model UpdateResponse type UpdateResponse struct { // Warnings encountered when updating the container. + // Example: ["Published ports are discarded when using host network mode"] Warnings []string `json:"Warnings"` } diff --git a/vendor/github.com/docker/docker/api/types/container/wait_exit_error.go b/vendor/github.com/moby/moby/api/types/container/wait_exit_error.go similarity index 86% rename from vendor/github.com/docker/docker/api/types/container/wait_exit_error.go rename to vendor/github.com/moby/moby/api/types/container/wait_exit_error.go index ab56d4eed8e1..96a7770c34a7 100644 --- a/vendor/github.com/docker/docker/api/types/container/wait_exit_error.go +++ b/vendor/github.com/moby/moby/api/types/container/wait_exit_error.go @@ -1,9 +1,12 @@ +// Code generated by go-swagger; DO NOT EDIT. + package container // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command // WaitExitError container waiting error, if any +// // swagger:model WaitExitError type WaitExitError struct { diff --git a/vendor/github.com/docker/docker/api/types/container/wait_response.go b/vendor/github.com/moby/moby/api/types/container/wait_response.go similarity index 80% rename from vendor/github.com/docker/docker/api/types/container/wait_response.go rename to vendor/github.com/moby/moby/api/types/container/wait_response.go index 84fc6afddc60..68d3c3872421 100644 --- a/vendor/github.com/docker/docker/api/types/container/wait_response.go +++ b/vendor/github.com/moby/moby/api/types/container/wait_response.go @@ -1,3 +1,5 @@ +// Code generated by go-swagger; DO NOT EDIT. + package container // This file was generated by the swagger tool. @@ -5,7 +7,8 @@ package container // WaitResponse ContainerWaitResponse // -// OK response to ContainerWait operation +// # OK response to ContainerWait operation +// // swagger:model WaitResponse type WaitResponse struct { diff --git a/vendor/github.com/docker/docker/api/types/container/waitcondition.go b/vendor/github.com/moby/moby/api/types/container/waitcondition.go similarity index 100% rename from vendor/github.com/docker/docker/api/types/container/waitcondition.go rename to vendor/github.com/moby/moby/api/types/container/waitcondition.go diff --git a/vendor/github.com/docker/docker/api/types/events/events.go b/vendor/github.com/moby/moby/api/types/events/events.go similarity index 90% rename from vendor/github.com/docker/docker/api/types/events/events.go rename to vendor/github.com/moby/moby/api/types/events/events.go index 952c0ff2429c..b8393addd86f 100644 --- a/vendor/github.com/docker/docker/api/types/events/events.go +++ b/vendor/github.com/moby/moby/api/types/events/events.go @@ -1,7 +1,5 @@ package events -import "github.com/docker/docker/api/types/filters" - // Type is used for event-types. type Type string @@ -112,15 +110,6 @@ type Actor struct { // Message represents the information an event contains type Message struct { - // Deprecated: use Action instead. - // Information from JSONMessage. - // With data only in container events. - Status string `json:"status,omitempty"` - // Deprecated: use Actor.ID instead. - ID string `json:"id,omitempty"` - // Deprecated: use Actor.Attributes["image"] instead. - From string `json:"from,omitempty"` - Type Type Action Action Actor Actor @@ -130,10 +119,3 @@ type Message struct { Time int64 `json:"time,omitempty"` TimeNano int64 `json:"timeNano,omitempty"` } - -// ListOptions holds parameters to filter events with. -type ListOptions struct { - Since string - Until string - Filters filters.Args -} diff --git a/vendor/github.com/docker/docker/api/types/image/delete_response.go b/vendor/github.com/moby/moby/api/types/image/delete_response.go similarity index 89% rename from vendor/github.com/docker/docker/api/types/image/delete_response.go rename to vendor/github.com/moby/moby/api/types/image/delete_response.go index 998620dc6a25..b19119a381e6 100644 --- a/vendor/github.com/docker/docker/api/types/image/delete_response.go +++ b/vendor/github.com/moby/moby/api/types/image/delete_response.go @@ -1,9 +1,12 @@ +// Code generated by go-swagger; DO NOT EDIT. + package image // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command // DeleteResponse delete response +// // swagger:model DeleteResponse type DeleteResponse struct { diff --git a/vendor/github.com/moby/moby/api/types/image/disk_usage.go b/vendor/github.com/moby/moby/api/types/image/disk_usage.go new file mode 100644 index 000000000000..7297813c1d59 --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/image/disk_usage.go @@ -0,0 +1,36 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package image + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +// DiskUsage represents system data usage for image resources. +// +// swagger:model DiskUsage +type DiskUsage struct { + + // Count of active images. + // + // Example: 1 + ActiveCount int64 `json:"ActiveCount,omitempty"` + + // List of image summaries. + // + Items []Summary `json:"Items,omitempty"` + + // Disk space that can be reclaimed by removing unused images. + // + // Example: 12345678 + Reclaimable int64 `json:"Reclaimable,omitempty"` + + // Count of all images. + // + // Example: 4 + TotalCount int64 `json:"TotalCount,omitempty"` + + // Disk space in use by images. + // + // Example: 98765432 + TotalSize int64 `json:"TotalSize,omitempty"` +} diff --git a/vendor/github.com/moby/moby/api/types/image/image.go b/vendor/github.com/moby/moby/api/types/image/image.go new file mode 100644 index 000000000000..1c8990ae9006 --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/image/image.go @@ -0,0 +1,18 @@ +package image + +import ( + "time" +) + +// Metadata contains engine-local data about the image. +type Metadata struct { + // LastTagTime is the date and time at which the image was last tagged. + LastTagTime time.Time `json:",omitempty"` +} + +// PruneReport contains the response for Engine API: +// POST "/images/prune" +type PruneReport struct { + ImagesDeleted []DeleteResponse + SpaceReclaimed uint64 +} diff --git a/vendor/github.com/docker/docker/api/types/image/image_history.go b/vendor/github.com/moby/moby/api/types/image/image_history.go similarity index 88% rename from vendor/github.com/docker/docker/api/types/image/image_history.go rename to vendor/github.com/moby/moby/api/types/image/image_history.go index a6cdab84d8a9..648ba779e547 100644 --- a/vendor/github.com/docker/docker/api/types/image/image_history.go +++ b/vendor/github.com/moby/moby/api/types/image/image_history.go @@ -1,12 +1,15 @@ +// Code generated by go-swagger; DO NOT EDIT. + package image // ---------------------------------------------------------------------------- -// Code generated by `swagger generate operation`. DO NOT EDIT. +// Code generated by `swagger generate operation`. // // See hack/generate-swagger-api.sh // ---------------------------------------------------------------------------- // HistoryResponseItem individual image layer information in response to ImageHistory operation +// // swagger:model HistoryResponseItem type HistoryResponseItem struct { diff --git a/vendor/github.com/docker/docker/api/types/image/image_inspect.go b/vendor/github.com/moby/moby/api/types/image/image_inspect.go similarity index 68% rename from vendor/github.com/docker/docker/api/types/image/image_inspect.go rename to vendor/github.com/moby/moby/api/types/image/image_inspect.go index 1bec0b72b287..66a277e55747 100644 --- a/vendor/github.com/docker/docker/api/types/image/image_inspect.go +++ b/vendor/github.com/moby/moby/api/types/image/image_inspect.go @@ -1,9 +1,8 @@ package image import ( - "github.com/docker/docker/api/types/container" - "github.com/docker/docker/api/types/storage" dockerspec "github.com/moby/docker-image-spec/specs-go/v1" + "github.com/moby/moby/api/types/storage" ocispec "github.com/opencontainers/image-spec/specs-go/v1" ) @@ -43,18 +42,9 @@ type InspectResponse struct { // the manifest is generated and its digest calculated. RepoDigests []string - // Parent is the ID of the parent image. - // - // Depending on how the image was created, this field may be empty and - // is only set for images that were built/created locally. This field - // is empty if the image was pulled from an image registry. - // - // Deprecated: this field is deprecated, and will be removed in the next release. - Parent string - // Comment is an optional message that can be set when committing or - // importing the image. - Comment string + // importing the image. This field is omitted if not set. + Comment string `json:",omitempty"` // Created is the date and time at which the image was created, formatted in // RFC 3339 nano-seconds (time.RFC3339Nano). @@ -63,32 +53,10 @@ type InspectResponse struct { // and omitted otherwise. Created string `json:",omitempty"` - // Container is the ID of the container that was used to create the image. - // - // Depending on how the image was created, this field may be empty. - // - // Deprecated: this field is omitted in API v1.45, but kept for backward compatibility. - Container string `json:",omitempty"` - - // ContainerConfig is an optional field containing the configuration of the - // container that was last committed when creating the image. - // - // Previous versions of Docker builder used this field to store build cache, - // and it is not in active use anymore. - // - // Deprecated: this field is omitted in API v1.45, but kept for backward compatibility. - ContainerConfig *container.Config `json:",omitempty"` - - // DockerVersion is the version of Docker that was used to build the image. - // - // Depending on how the image was created, this field may be empty. - // - // Deprecated: this field is deprecated, and will be removed in the next release. - DockerVersion string - // Author is the name of the author that was specified when committing the // image, or as specified through MAINTAINER (deprecated) in the Dockerfile. - Author string + // This field is omitted if not set. + Author string `json:",omitempty"` Config *dockerspec.DockerOCIImageConfig // Architecture is the hardware CPU architecture that the image runs on. @@ -107,15 +75,9 @@ type InspectResponse struct { // Size is the total size of the image including all layers it is composed of. Size int64 - // VirtualSize is the total size of the image including all layers it is - // composed of. - // - // Deprecated: this field is omitted in API v1.44, but kept for backward compatibility. Use Size instead. - VirtualSize int64 `json:"VirtualSize,omitempty"` - // GraphDriver holds information about the storage driver used to store the // container's and image's filesystem. - GraphDriver storage.DriverData + GraphDriver *storage.DriverData `json:"GraphDriver,omitempty"` // RootFS contains information about the image's RootFS, including the // layer IDs. diff --git a/vendor/github.com/docker/docker/api/types/image/manifest.go b/vendor/github.com/moby/moby/api/types/image/manifest.go similarity index 100% rename from vendor/github.com/docker/docker/api/types/image/manifest.go rename to vendor/github.com/moby/moby/api/types/image/manifest.go diff --git a/vendor/github.com/docker/docker/api/types/image/summary.go b/vendor/github.com/moby/moby/api/types/image/summary.go similarity index 93% rename from vendor/github.com/docker/docker/api/types/image/summary.go rename to vendor/github.com/moby/moby/api/types/image/summary.go index c5ae6ab9ca11..3d4dd165a325 100644 --- a/vendor/github.com/docker/docker/api/types/image/summary.go +++ b/vendor/github.com/moby/moby/api/types/image/summary.go @@ -3,7 +3,6 @@ package image import ocispec "github.com/opencontainers/image-spec/specs-go/v1" type Summary struct { - // Number of containers using this image. Includes both stopped and running // containers. // @@ -93,9 +92,4 @@ type Summary struct { // // Required: true Size int64 `json:"Size"` - - // Total size of the image including all layers it is composed of. - // - // Deprecated: this field is omitted in API v1.44, but kept for backward compatibility. Use Size instead. - VirtualSize int64 `json:"VirtualSize,omitempty"` } diff --git a/vendor/github.com/moby/moby/api/types/jsonstream/json_error.go b/vendor/github.com/moby/moby/api/types/jsonstream/json_error.go new file mode 100644 index 000000000000..632b25fdf49a --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/jsonstream/json_error.go @@ -0,0 +1,12 @@ +package jsonstream + +// Error wraps a concrete Code and Message, Code is +// an integer error code, Message is the error message. +type Error struct { + Code int `json:"code,omitempty"` + Message string `json:"message,omitempty"` +} + +func (e *Error) Error() string { + return e.Message +} diff --git a/vendor/github.com/moby/moby/api/types/jsonstream/message.go b/vendor/github.com/moby/moby/api/types/jsonstream/message.go new file mode 100644 index 000000000000..2e1346d41903 --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/jsonstream/message.go @@ -0,0 +1,15 @@ +package jsonstream + +import "encoding/json" + +// JSONMessage defines a message struct. It describes +// the created time, where it from, status, ID of the +// message. It's used for docker events. +type Message struct { + Stream string `json:"stream,omitempty"` + Status string `json:"status,omitempty"` + Progress *Progress `json:"progressDetail,omitempty"` + ID string `json:"id,omitempty"` + Error *Error `json:"errorDetail,omitempty"` + Aux *json.RawMessage `json:"aux,omitempty"` // Aux contains out-of-band data, such as digests for push signing and image id after building. +} diff --git a/vendor/github.com/moby/moby/api/types/jsonstream/progress.go b/vendor/github.com/moby/moby/api/types/jsonstream/progress.go new file mode 100644 index 000000000000..5c38b3b5efc2 --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/jsonstream/progress.go @@ -0,0 +1,10 @@ +package jsonstream + +// Progress describes a progress message in a JSON stream. +type Progress struct { + Current int64 `json:"current,omitempty"` // Current is the current status and value of the progress made towards Total. + Total int64 `json:"total,omitempty"` // Total is the end value describing when we made 100% progress for an operation. + Start int64 `json:"start,omitempty"` // Start is the initial value for the operation. + HideCounts bool `json:"hidecounts,omitempty"` // HideCounts. if true, hides the progress count indicator (xB/yB). + Units string `json:"units,omitempty"` // Units is the unit to print for progress. It defaults to "bytes" if empty. +} diff --git a/vendor/github.com/docker/docker/api/types/mount/mount.go b/vendor/github.com/moby/moby/api/types/mount/mount.go similarity index 100% rename from vendor/github.com/docker/docker/api/types/mount/mount.go rename to vendor/github.com/moby/moby/api/types/mount/mount.go diff --git a/vendor/github.com/moby/moby/api/types/network/config_reference.go b/vendor/github.com/moby/moby/api/types/network/config_reference.go new file mode 100644 index 000000000000..1158afe655ed --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/network/config_reference.go @@ -0,0 +1,20 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package network + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +// ConfigReference The config-only network source to provide the configuration for +// this network. +// +// swagger:model ConfigReference +type ConfigReference struct { + + // The name of the config-only network that provides the network's + // configuration. The specified network must be an existing config-only + // network. Only network names are allowed, not network IDs. + // + // Example: config_only_network_01 + Network string `json:"Network"` +} diff --git a/vendor/github.com/moby/moby/api/types/network/connect_request.go b/vendor/github.com/moby/moby/api/types/network/connect_request.go new file mode 100644 index 000000000000..2ff14d360301 --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/network/connect_request.go @@ -0,0 +1,20 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package network + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +// ConnectRequest NetworkConnectRequest represents the data to be used to connect a container to a network. +// +// swagger:model ConnectRequest +type ConnectRequest struct { + + // The ID or name of the container to connect to the network. + // Example: 3613f73ba0e4 + // Required: true + Container string `json:"Container"` + + // endpoint config + EndpointConfig *EndpointSettings `json:"EndpointConfig,omitempty"` +} diff --git a/vendor/github.com/docker/docker/api/types/network/create_response.go b/vendor/github.com/moby/moby/api/types/network/create_response.go similarity index 71% rename from vendor/github.com/docker/docker/api/types/network/create_response.go rename to vendor/github.com/moby/moby/api/types/network/create_response.go index c32b35bff522..199705991297 100644 --- a/vendor/github.com/docker/docker/api/types/network/create_response.go +++ b/vendor/github.com/moby/moby/api/types/network/create_response.go @@ -1,3 +1,5 @@ +// Code generated by go-swagger; DO NOT EDIT. + package network // This file was generated by the swagger tool. @@ -5,11 +7,13 @@ package network // CreateResponse NetworkCreateResponse // -// OK response to NetworkCreate operation +// # OK response to NetworkCreate operation +// // swagger:model CreateResponse type CreateResponse struct { // The ID of the created network. + // Example: b5c4fc71e8022147cd25de22b22173de4e3b170134117172eb595cb91b4e7e5d // Required: true ID string `json:"Id"` diff --git a/vendor/github.com/moby/moby/api/types/network/disconnect_request.go b/vendor/github.com/moby/moby/api/types/network/disconnect_request.go new file mode 100644 index 000000000000..7b1f521e775b --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/network/disconnect_request.go @@ -0,0 +1,21 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package network + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +// DisconnectRequest NetworkDisconnectRequest represents the data to be used to disconnect a container from a network. +// +// swagger:model DisconnectRequest +type DisconnectRequest struct { + + // The ID or name of the container to disconnect from the network. + // Example: 3613f73ba0e4 + // Required: true + Container string `json:"Container"` + + // Force the container to disconnect from the network. + // Example: false + Force bool `json:"Force"` +} diff --git a/vendor/github.com/moby/moby/api/types/network/endpoint.go b/vendor/github.com/moby/moby/api/types/network/endpoint.go new file mode 100644 index 000000000000..cd39c579f081 --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/network/endpoint.go @@ -0,0 +1,74 @@ +package network + +import ( + "maps" + "net/netip" + "slices" +) + +// EndpointSettings stores the network endpoint details +type EndpointSettings struct { + // Configuration data + IPAMConfig *EndpointIPAMConfig + Links []string + Aliases []string // Aliases holds the list of extra, user-specified DNS names for this endpoint. + DriverOpts map[string]string + + // GwPriority determines which endpoint will provide the default gateway + // for the container. The endpoint with the highest priority will be used. + // If multiple endpoints have the same priority, they are lexicographically + // sorted based on their network name, and the one that sorts first is picked. + GwPriority int + + // Operational data + + NetworkID string + EndpointID string + Gateway netip.Addr + IPAddress netip.Addr + + // MacAddress may be used to specify a MAC address when the container is created. + // Once the container is running, it becomes operational data (it may contain a + // generated address). + MacAddress HardwareAddr + IPPrefixLen int + IPv6Gateway netip.Addr + GlobalIPv6Address netip.Addr + GlobalIPv6PrefixLen int + // DNSNames holds all the (non fully qualified) DNS names associated to this + // endpoint. The first entry is used to generate PTR records. + DNSNames []string +} + +// Copy makes a deep copy of `EndpointSettings` +func (es *EndpointSettings) Copy() *EndpointSettings { + if es == nil { + return nil + } + + epCopy := *es + epCopy.IPAMConfig = es.IPAMConfig.Copy() + epCopy.Links = slices.Clone(es.Links) + epCopy.Aliases = slices.Clone(es.Aliases) + epCopy.DNSNames = slices.Clone(es.DNSNames) + epCopy.DriverOpts = maps.Clone(es.DriverOpts) + + return &epCopy +} + +// EndpointIPAMConfig represents IPAM configurations for the endpoint +type EndpointIPAMConfig struct { + IPv4Address netip.Addr `json:",omitempty"` + IPv6Address netip.Addr `json:",omitempty"` + LinkLocalIPs []netip.Addr `json:",omitempty"` +} + +// Copy makes a copy of the endpoint ipam config +func (cfg *EndpointIPAMConfig) Copy() *EndpointIPAMConfig { + if cfg == nil { + return nil + } + cfgCopy := *cfg + cfgCopy.LinkLocalIPs = slices.Clone(cfg.LinkLocalIPs) + return &cfgCopy +} diff --git a/vendor/github.com/moby/moby/api/types/network/endpoint_resource.go b/vendor/github.com/moby/moby/api/types/network/endpoint_resource.go new file mode 100644 index 000000000000..bf493ad5ddcd --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/network/endpoint_resource.go @@ -0,0 +1,35 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package network + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "net/netip" +) + +// EndpointResource contains network resources allocated and used for a container in a network. +// +// swagger:model EndpointResource +type EndpointResource struct { + + // name + // Example: container_1 + Name string `json:"Name"` + + // endpoint ID + // Example: 628cadb8bcb92de107b2a1e516cbffe463e321f548feb37697cce00ad694f21a + EndpointID string `json:"EndpointID"` + + // mac address + // Example: 02:42:ac:13:00:02 + MacAddress HardwareAddr `json:"MacAddress"` + + // IPv4 address + // Example: 172.19.0.2/16 + IPv4Address netip.Prefix `json:"IPv4Address"` + + // IPv6 address + IPv6Address netip.Prefix `json:"IPv6Address"` +} diff --git a/vendor/github.com/moby/moby/api/types/network/hwaddr.go b/vendor/github.com/moby/moby/api/types/network/hwaddr.go new file mode 100644 index 000000000000..9d0c2b4b6221 --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/network/hwaddr.go @@ -0,0 +1,37 @@ +package network + +import ( + "encoding" + "fmt" + "net" +) + +// A HardwareAddr represents a physical hardware address. +// It implements [encoding.TextMarshaler] and [encoding.TextUnmarshaler] +// in the absence of go.dev/issue/29678. +type HardwareAddr net.HardwareAddr + +var _ encoding.TextMarshaler = (HardwareAddr)(nil) +var _ encoding.TextUnmarshaler = (*HardwareAddr)(nil) +var _ fmt.Stringer = (HardwareAddr)(nil) + +func (m *HardwareAddr) UnmarshalText(text []byte) error { + if len(text) == 0 { + *m = nil + return nil + } + hw, err := net.ParseMAC(string(text)) + if err != nil { + return err + } + *m = HardwareAddr(hw) + return nil +} + +func (m HardwareAddr) MarshalText() ([]byte, error) { + return []byte(net.HardwareAddr(m).String()), nil +} + +func (m HardwareAddr) String() string { + return net.HardwareAddr(m).String() +} diff --git a/vendor/github.com/moby/moby/api/types/network/inspect.go b/vendor/github.com/moby/moby/api/types/network/inspect.go new file mode 100644 index 000000000000..cded5e6081df --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/network/inspect.go @@ -0,0 +1,27 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package network + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +// Inspect The body of the "get network" http response message. +// +// swagger:model Inspect +type Inspect struct { + Network + + // Contains endpoints attached to the network. + // + // Example: {"19a4d5d687db25203351ed79d478946f861258f018fe384f229f2efa4b23513c":{"EndpointID":"628cadb8bcb92de107b2a1e516cbffe463e321f548feb37697cce00ad694f21a","IPv4Address":"172.19.0.2/16","IPv6Address":"","MacAddress":"02:42:ac:13:00:02","Name":"test"}} + Containers map[string]EndpointResource `json:"Containers"` + + // List of services using the network. This field is only present for + // swarm scope networks, and omitted for local scope networks. + // + Services map[string]ServiceInfo `json:"Services,omitempty"` + + // provides runtime information about the network such as the number of allocated IPs. + // + Status *Status `json:"Status,omitempty"` +} diff --git a/vendor/github.com/moby/moby/api/types/network/ipam.go b/vendor/github.com/moby/moby/api/types/network/ipam.go new file mode 100644 index 000000000000..e57be481b72c --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/network/ipam.go @@ -0,0 +1,22 @@ +package network + +import ( + "net/netip" +) + +// IPAM represents IP Address Management +type IPAM struct { + Driver string + Options map[string]string // Per network IPAM driver options + Config []IPAMConfig +} + +// IPAMConfig represents IPAM configurations +type IPAMConfig struct { + Subnet netip.Prefix `json:",omitempty"` + IPRange netip.Prefix `json:",omitempty"` + Gateway netip.Addr `json:",omitempty"` + AuxAddress map[string]netip.Addr `json:"AuxiliaryAddresses,omitempty"` +} + +type SubnetStatuses = map[netip.Prefix]SubnetStatus diff --git a/vendor/github.com/moby/moby/api/types/network/ipam_status.go b/vendor/github.com/moby/moby/api/types/network/ipam_status.go new file mode 100644 index 000000000000..7eb4e8487e95 --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/network/ipam_status.go @@ -0,0 +1,16 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package network + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +// IPAMStatus IPAM status +// +// swagger:model IPAMStatus +type IPAMStatus struct { + + // subnets + // Example: {"172.16.0.0/16":{"DynamicIPsAvailable":65533,"IPsInUse":3},"2001:db8:abcd:0012::0/96":{"DynamicIPsAvailable":4294967291,"IPsInUse":5}} + Subnets SubnetStatuses `json:"Subnets,omitempty"` +} diff --git a/vendor/github.com/moby/moby/api/types/network/network.go b/vendor/github.com/moby/moby/api/types/network/network.go new file mode 100644 index 000000000000..a7d9c0f6ad5a --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/network/network.go @@ -0,0 +1,100 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package network + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + timeext "time" +) + +// Network network +// +// swagger:model Network +type Network struct { + + // Name of the network. + // + // Example: my_network + Name string `json:"Name"` + + // ID that uniquely identifies a network on a single machine. + // + // Example: 7d86d31b1478e7cca9ebed7e73aa0fdeec46c5ca29497431d3007d2d9e15ed99 + ID string `json:"Id"` + + // Date and time at which the network was created in + // [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds. + // + // Example: 2016-10-19T04:33:30.360899459Z + Created timeext.Time `json:"Created"` + + // The level at which the network exists (e.g. `swarm` for cluster-wide + // or `local` for machine level) + // + // Example: local + Scope string `json:"Scope"` + + // The name of the driver used to create the network (e.g. `bridge`, + // `overlay`). + // + // Example: overlay + Driver string `json:"Driver"` + + // Whether the network was created with IPv4 enabled. + // + // Example: true + EnableIPv4 bool `json:"EnableIPv4"` + + // Whether the network was created with IPv6 enabled. + // + // Example: false + EnableIPv6 bool `json:"EnableIPv6"` + + // The network's IP Address Management. + // + IPAM IPAM `json:"IPAM"` + + // Whether the network is created to only allow internal networking + // connectivity. + // + // Example: false + Internal bool `json:"Internal"` + + // Whether a global / swarm scope network is manually attachable by regular + // containers from workers in swarm mode. + // + // Example: false + Attachable bool `json:"Attachable"` + + // Whether the network is providing the routing-mesh for the swarm cluster. + // + // Example: false + Ingress bool `json:"Ingress"` + + // config from + ConfigFrom ConfigReference `json:"ConfigFrom"` + + // Whether the network is a config-only network. Config-only networks are + // placeholder networks for network configurations to be used by other + // networks. Config-only networks cannot be used directly to run containers + // or services. + // + ConfigOnly bool `json:"ConfigOnly"` + + // Network-specific options uses when creating the network. + // + // Example: {"com.docker.network.bridge.default_bridge":"true","com.docker.network.bridge.enable_icc":"true","com.docker.network.bridge.enable_ip_masquerade":"true","com.docker.network.bridge.host_binding_ipv4":"0.0.0.0","com.docker.network.bridge.name":"docker0","com.docker.network.driver.mtu":"1500"} + Options map[string]string `json:"Options"` + + // Metadata specific to the network being created. + // + // Example: {"com.example.some-label":"some-value","com.example.some-other-label":"some-other-value"} + Labels map[string]string `json:"Labels"` + + // List of peer nodes for an overlay network. This field is only present + // for overlay networks, and omitted for other network types. + // + Peers []PeerInfo `json:"Peers,omitempty"` +} diff --git a/vendor/github.com/moby/moby/api/types/network/network_types.go b/vendor/github.com/moby/moby/api/types/network/network_types.go new file mode 100644 index 000000000000..5401f55f826c --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/network/network_types.go @@ -0,0 +1,43 @@ +package network + +const ( + // NetworkDefault is a platform-independent alias to choose the platform-specific default network stack. + NetworkDefault = "default" + // NetworkHost is the name of the predefined network used when the NetworkMode host is selected (only available on Linux) + NetworkHost = "host" + // NetworkNone is the name of the predefined network used when the NetworkMode none is selected (available on both Linux and Windows) + NetworkNone = "none" + // NetworkBridge is the name of the default network on Linux + NetworkBridge = "bridge" + // NetworkNat is the name of the default network on Windows + NetworkNat = "nat" +) + +// CreateRequest is the request message sent to the server for network create call. +type CreateRequest struct { + Name string // Name is the requested name of the network. + Driver string // Driver is the driver-name used to create the network (e.g. `bridge`, `overlay`) + Scope string // Scope describes the level at which the network exists (e.g. `swarm` for cluster-wide or `local` for machine level). + EnableIPv4 *bool `json:",omitempty"` // EnableIPv4 represents whether to enable IPv4. + EnableIPv6 *bool `json:",omitempty"` // EnableIPv6 represents whether to enable IPv6. + IPAM *IPAM // IPAM is the network's IP Address Management. + Internal bool // Internal represents if the network is used internal only. + Attachable bool // Attachable represents if the global scope is manually attachable by regular containers from workers in swarm mode. + Ingress bool // Ingress indicates the network is providing the routing-mesh for the swarm cluster. + ConfigOnly bool // ConfigOnly creates a config-only network. Config-only networks are place-holder networks for network configurations to be used by other networks. ConfigOnly networks cannot be used directly to run containers or services. + ConfigFrom *ConfigReference // ConfigFrom specifies the source which will provide the configuration for this network. The specified network must be a config-only network; see [CreateOptions.ConfigOnly]. + Options map[string]string // Options specifies the network-specific options to use for when creating the network. + Labels map[string]string // Labels holds metadata specific to the network being created. +} + +// NetworkingConfig represents the container's networking configuration for each of its interfaces +// Carries the networking configs specified in the `docker run` and `docker network connect` commands +type NetworkingConfig struct { + EndpointsConfig map[string]*EndpointSettings // Endpoint configs for each connecting network +} + +// PruneReport contains the response for Engine API: +// POST "/networks/prune" +type PruneReport struct { + NetworksDeleted []string +} diff --git a/vendor/github.com/moby/moby/api/types/network/peer_info.go b/vendor/github.com/moby/moby/api/types/network/peer_info.go new file mode 100644 index 000000000000..dc88ec16fa9b --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/network/peer_info.go @@ -0,0 +1,24 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package network + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "net/netip" +) + +// PeerInfo represents one peer of an overlay network. +// +// swagger:model PeerInfo +type PeerInfo struct { + + // ID of the peer-node in the Swarm cluster. + // Example: 6869d7c1732b + Name string `json:"Name"` + + // IP-address of the peer-node in the Swarm cluster. + // Example: 10.133.77.91 + IP netip.Addr `json:"IP"` +} diff --git a/vendor/github.com/moby/moby/api/types/network/port.go b/vendor/github.com/moby/moby/api/types/network/port.go new file mode 100644 index 000000000000..171d9f51d35c --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/network/port.go @@ -0,0 +1,346 @@ +package network + +import ( + "errors" + "fmt" + "iter" + "net/netip" + "strconv" + "strings" + "unique" +) + +// IPProtocol represents a network protocol for a port. +type IPProtocol string + +const ( + TCP IPProtocol = "tcp" + UDP IPProtocol = "udp" + SCTP IPProtocol = "sctp" +) + +// Sentinel port proto value for zero Port and PortRange values. +var protoZero unique.Handle[IPProtocol] + +// Port is a type representing a single port number and protocol in the format "/[]". +// +// The zero port value, i.e. Port{}, is invalid; use [ParsePort] to create a valid Port value. +type Port struct { + num uint16 + proto unique.Handle[IPProtocol] +} + +// ParsePort parses s as a [Port]. +// +// It normalizes the provided protocol such that "80/tcp", "80/TCP", and "80/tCp" are equivalent. +// If a port number is provided, but no protocol, the default ("tcp") protocol is returned. +func ParsePort(s string) (Port, error) { + if s == "" { + return Port{}, errors.New("invalid port: value is empty") + } + + port, proto, _ := strings.Cut(s, "/") + + portNum, err := parsePortNumber(port) + if err != nil { + return Port{}, fmt.Errorf("invalid port '%s': %w", port, err) + } + + normalizedPortProto := normalizePortProto(proto) + return Port{num: portNum, proto: normalizedPortProto}, nil +} + +// MustParsePort calls [ParsePort](s) and panics on error. +// +// It is intended for use in tests with hard-coded strings. +func MustParsePort(s string) Port { + p, err := ParsePort(s) + if err != nil { + panic(err) + } + return p +} + +// PortFrom returns a [Port] with the given number and protocol. +// +// If no protocol is specified (i.e. proto == ""), then PortFrom returns Port{}, false. +func PortFrom(num uint16, proto IPProtocol) (p Port, ok bool) { + if proto == "" { + return Port{}, false + } + normalized := normalizePortProto(string(proto)) + return Port{num: num, proto: normalized}, true +} + +// Num returns p's port number. +func (p Port) Num() uint16 { + return p.num +} + +// Proto returns p's network protocol. +func (p Port) Proto() IPProtocol { + return p.proto.Value() +} + +// IsZero reports whether p is the zero value. +func (p Port) IsZero() bool { + return p.proto == protoZero +} + +// IsValid reports whether p is an initialized valid port (not the zero value). +func (p Port) IsValid() bool { + return p.proto != protoZero +} + +// String returns a string representation of the port in the format "/". +// If the port is the zero value, it returns "invalid port". +func (p Port) String() string { + switch p.proto { + case protoZero: + return "invalid port" + default: + return string(p.AppendTo(nil)) + } +} + +// AppendText implements [encoding.TextAppender] interface. +// It is the same as [Port.AppendTo] but returns an error to satisfy the interface. +func (p Port) AppendText(b []byte) ([]byte, error) { + return p.AppendTo(b), nil +} + +// AppendTo appends a text encoding of p to b and returns the extended buffer. +func (p Port) AppendTo(b []byte) []byte { + if p.IsZero() { + return b + } + return fmt.Appendf(b, "%d/%s", p.num, p.proto.Value()) +} + +// MarshalText implements [encoding.TextMarshaler] interface. +func (p Port) MarshalText() ([]byte, error) { + return p.AppendText(nil) +} + +// UnmarshalText implements [encoding.TextUnmarshaler] interface. +func (p *Port) UnmarshalText(text []byte) error { + if len(text) == 0 { + *p = Port{} + return nil + } + + port, err := ParsePort(string(text)) + if err != nil { + return err + } + + *p = port + return nil +} + +// Range returns a [PortRange] representing the single port. +func (p Port) Range() PortRange { + return PortRange{start: p.num, end: p.num, proto: p.proto} +} + +// PortSet is a collection of structs indexed by [Port]. +type PortSet = map[Port]struct{} + +// PortBinding represents a binding between a Host IP address and a Host Port. +type PortBinding struct { + // HostIP is the host IP Address + HostIP netip.Addr `json:"HostIp"` + // HostPort is the host port number + HostPort string `json:"HostPort"` +} + +// PortMap is a collection of [PortBinding] indexed by [Port]. +type PortMap = map[Port][]PortBinding + +// PortRange represents a range of port numbers and a protocol in the format "8000-9000/tcp". +// +// The zero port range value, i.e. PortRange{}, is invalid; use [ParsePortRange] to create a valid PortRange value. +type PortRange struct { + start uint16 + end uint16 + proto unique.Handle[IPProtocol] +} + +// ParsePortRange parses s as a [PortRange]. +// +// It normalizes the provided protocol such that "80-90/tcp", "80-90/TCP", and "80-90/tCp" are equivalent. +// If a port number range is provided, but no protocol, the default ("tcp") protocol is returned. +func ParsePortRange(s string) (PortRange, error) { + if s == "" { + return PortRange{}, errors.New("invalid port range: value is empty") + } + + portRange, proto, _ := strings.Cut(s, "/") + + start, end, ok := strings.Cut(portRange, "-") + startVal, err := parsePortNumber(start) + if err != nil { + return PortRange{}, fmt.Errorf("invalid start port '%s': %w", start, err) + } + + portProto := normalizePortProto(proto) + + if !ok || start == end { + return PortRange{start: startVal, end: startVal, proto: portProto}, nil + } + + endVal, err := parsePortNumber(end) + if err != nil { + return PortRange{}, fmt.Errorf("invalid end port '%s': %w", end, err) + } + if endVal < startVal { + return PortRange{}, errors.New("invalid port range: " + s) + } + return PortRange{start: startVal, end: endVal, proto: portProto}, nil +} + +// MustParsePortRange calls [ParsePortRange](s) and panics on error. +// It is intended for use in tests with hard-coded strings. +func MustParsePortRange(s string) PortRange { + pr, err := ParsePortRange(s) + if err != nil { + panic(err) + } + return pr +} + +// PortRangeFrom returns a [PortRange] with the given start and end port numbers and protocol. +// +// If end < start or no protocol is specified (i.e. proto == ""), then PortRangeFrom returns PortRange{}, false. +func PortRangeFrom(start, end uint16, proto IPProtocol) (pr PortRange, ok bool) { + if end < start || proto == "" { + return PortRange{}, false + } + normalized := normalizePortProto(string(proto)) + return PortRange{start: start, end: end, proto: normalized}, true +} + +// Start returns pr's start port number. +func (pr PortRange) Start() uint16 { + return pr.start +} + +// End returns pr's end port number. +func (pr PortRange) End() uint16 { + return pr.end +} + +// Proto returns pr's network protocol. +func (pr PortRange) Proto() IPProtocol { + return pr.proto.Value() +} + +// IsZero reports whether pr is the zero value. +func (pr PortRange) IsZero() bool { + return pr.proto == protoZero +} + +// IsValid reports whether pr is an initialized valid port range (not the zero value). +func (pr PortRange) IsValid() bool { + return pr.proto != protoZero +} + +// String returns a string representation of the port range in the format "-/" or "/" if start == end. +// If the port range is the zero value, it returns "invalid port range". +func (pr PortRange) String() string { + switch pr.proto { + case protoZero: + return "invalid port range" + default: + return string(pr.AppendTo(nil)) + } +} + +// AppendText implements [encoding.TextAppender] interface. +// It is the same as [PortRange.AppendTo] but returns an error to satisfy the interface. +func (pr PortRange) AppendText(b []byte) ([]byte, error) { + return pr.AppendTo(b), nil +} + +// AppendTo appends a text encoding of pr to b and returns the extended buffer. +func (pr PortRange) AppendTo(b []byte) []byte { + if pr.IsZero() { + return b + } + if pr.start == pr.end { + return fmt.Appendf(b, "%d/%s", pr.start, pr.proto.Value()) + } + return fmt.Appendf(b, "%d-%d/%s", pr.start, pr.end, pr.proto.Value()) +} + +// MarshalText implements [encoding.TextMarshaler] interface. +func (pr PortRange) MarshalText() ([]byte, error) { + return pr.AppendText(nil) +} + +// UnmarshalText implements [encoding.TextUnmarshaler] interface. +func (pr *PortRange) UnmarshalText(text []byte) error { + if len(text) == 0 { + *pr = PortRange{} + return nil + } + + portRange, err := ParsePortRange(string(text)) + if err != nil { + return err + } + *pr = portRange + return nil +} + +// Range returns pr. +func (pr PortRange) Range() PortRange { + return pr +} + +// All returns an iterator over all the individual ports in the range. +// +// For example: +// +// for port := range pr.All() { +// // ... +// } +func (pr PortRange) All() iter.Seq[Port] { + return func(yield func(Port) bool) { + for i := uint32(pr.Start()); i <= uint32(pr.End()); i++ { + if !yield(Port{num: uint16(i), proto: pr.proto}) { + return + } + } + } +} + +// parsePortNumber parses rawPort into an int, unwrapping strconv errors +// and returning a single "out of range" error for any value outside 0–65535. +func parsePortNumber(rawPort string) (uint16, error) { + if rawPort == "" { + return 0, errors.New("value is empty") + } + port, err := strconv.ParseUint(rawPort, 10, 16) + if err != nil { + var numErr *strconv.NumError + if errors.As(err, &numErr) { + err = numErr.Err + } + return 0, err + } + + return uint16(port), nil +} + +// normalizePortProto normalizes the protocol string such that "tcp", "TCP", and "tCp" are equivalent. +// If proto is not specified, it defaults to "tcp". +func normalizePortProto(proto string) unique.Handle[IPProtocol] { + if proto == "" { + return unique.Make(TCP) + } + + proto = strings.ToLower(proto) + + return unique.Make(IPProtocol(proto)) +} diff --git a/vendor/github.com/moby/moby/api/types/network/service_info.go b/vendor/github.com/moby/moby/api/types/network/service_info.go new file mode 100644 index 000000000000..fdd92f161151 --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/network/service_info.go @@ -0,0 +1,28 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package network + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "net/netip" +) + +// ServiceInfo represents service parameters with the list of service's tasks +// +// swagger:model ServiceInfo +type ServiceInfo struct { + + // v IP + VIP netip.Addr `json:"VIP"` + + // ports + Ports []string `json:"Ports"` + + // local l b index + LocalLBIndex int `json:"LocalLBIndex"` + + // tasks + Tasks []Task `json:"Tasks"` +} diff --git a/vendor/github.com/moby/moby/api/types/network/status.go b/vendor/github.com/moby/moby/api/types/network/status.go new file mode 100644 index 000000000000..94f4b4b2ec84 --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/network/status.go @@ -0,0 +1,15 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package network + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +// Status provides runtime information about the network such as the number of allocated IPs. +// +// swagger:model Status +type Status struct { + + // IPAM + IPAM IPAMStatus `json:"IPAM"` +} diff --git a/vendor/github.com/moby/moby/api/types/network/subnet_status.go b/vendor/github.com/moby/moby/api/types/network/subnet_status.go new file mode 100644 index 000000000000..dd62429f5f83 --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/network/subnet_status.go @@ -0,0 +1,20 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package network + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +// SubnetStatus subnet status +// +// swagger:model SubnetStatus +type SubnetStatus struct { + + // Number of IP addresses in the subnet that are in use or reserved and are therefore unavailable for allocation, saturating at 264 - 1. + // + IPsInUse uint64 `json:"IPsInUse"` + + // Number of IP addresses within the network's IPRange for the subnet that are available for allocation, saturating at 264 - 1. + // + DynamicIPsAvailable uint64 `json:"DynamicIPsAvailable"` +} diff --git a/vendor/github.com/moby/moby/api/types/network/summary.go b/vendor/github.com/moby/moby/api/types/network/summary.go new file mode 100644 index 000000000000..3f50ce22786a --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/network/summary.go @@ -0,0 +1,13 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package network + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +// Summary Network list response item +// +// swagger:model Summary +type Summary struct { + Network +} diff --git a/vendor/github.com/moby/moby/api/types/network/task.go b/vendor/github.com/moby/moby/api/types/network/task.go new file mode 100644 index 000000000000..a547523a44ea --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/network/task.go @@ -0,0 +1,28 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package network + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "net/netip" +) + +// Task carries the information about one backend task +// +// swagger:model Task +type Task struct { + + // name + Name string `json:"Name"` + + // endpoint ID + EndpointID string `json:"EndpointID"` + + // endpoint IP + EndpointIP netip.Addr `json:"EndpointIP"` + + // info + Info map[string]string `json:"Info"` +} diff --git a/vendor/github.com/moby/moby/api/types/plugin/.gitignore b/vendor/github.com/moby/moby/api/types/plugin/.gitignore new file mode 100644 index 000000000000..5cea8434d772 --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/plugin/.gitignore @@ -0,0 +1 @@ +testdata/rapid/** diff --git a/vendor/github.com/moby/moby/api/types/plugin/capability.go b/vendor/github.com/moby/moby/api/types/plugin/capability.go new file mode 100644 index 000000000000..d53f77a1f11a --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/plugin/capability.go @@ -0,0 +1,55 @@ +package plugin + +import ( + "bytes" + "encoding" + "fmt" + "strings" +) + +type CapabilityID struct { + Capability string + Prefix string + Version string +} + +var ( + _ fmt.Stringer = CapabilityID{} + _ encoding.TextUnmarshaler = (*CapabilityID)(nil) + _ encoding.TextMarshaler = CapabilityID{} +) + +// String implements [fmt.Stringer] for CapabilityID +func (t CapabilityID) String() string { + return fmt.Sprintf("%s.%s/%s", t.Prefix, t.Capability, t.Version) +} + +// UnmarshalText implements [encoding.TextUnmarshaler] for CapabilityID +func (t *CapabilityID) UnmarshalText(p []byte) error { + fqcap, version, _ := bytes.Cut(p, []byte{'/'}) + idx := bytes.LastIndexByte(fqcap, '.') + if idx < 0 { + t.Prefix = "" + t.Capability = string(fqcap) + } else { + t.Prefix = string(fqcap[:idx]) + t.Capability = string(fqcap[idx+1:]) + } + t.Version = string(version) + return nil +} + +// MarshalText implements [encoding.TextMarshaler] for CapabilityID +func (t CapabilityID) MarshalText() ([]byte, error) { + // Assert that the value can be round-tripped successfully. + if strings.Contains(t.Capability, ".") { + return nil, fmt.Errorf("capability %q cannot contain a dot", t.Capability) + } + if strings.Contains(t.Prefix, "/") { + return nil, fmt.Errorf("prefix %q cannot contain a slash", t.Prefix) + } + if strings.Contains(t.Capability, "/") { + return nil, fmt.Errorf("capability %q cannot contain a slash", t.Capability) + } + return []byte(t.String()), nil +} diff --git a/vendor/github.com/docker/docker/api/types/plugin_device.go b/vendor/github.com/moby/moby/api/types/plugin/device.go similarity index 72% rename from vendor/github.com/docker/docker/api/types/plugin_device.go rename to vendor/github.com/moby/moby/api/types/plugin/device.go index 569901067559..ae961770474e 100644 --- a/vendor/github.com/docker/docker/api/types/plugin_device.go +++ b/vendor/github.com/moby/moby/api/types/plugin/device.go @@ -1,11 +1,14 @@ -package types +// Code generated by go-swagger; DO NOT EDIT. + +package plugin // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command -// PluginDevice plugin device -// swagger:model PluginDevice -type PluginDevice struct { +// Device device +// +// swagger:model Device +type Device struct { // description // Required: true @@ -16,6 +19,7 @@ type PluginDevice struct { Name string `json:"Name"` // path + // Example: /dev/fuse // Required: true Path *string `json:"Path"` diff --git a/vendor/github.com/docker/docker/api/types/plugin_env.go b/vendor/github.com/moby/moby/api/types/plugin/env.go similarity index 77% rename from vendor/github.com/docker/docker/api/types/plugin_env.go rename to vendor/github.com/moby/moby/api/types/plugin/env.go index 32962dc2ebea..dcbe0b762d79 100644 --- a/vendor/github.com/docker/docker/api/types/plugin_env.go +++ b/vendor/github.com/moby/moby/api/types/plugin/env.go @@ -1,11 +1,14 @@ -package types +// Code generated by go-swagger; DO NOT EDIT. + +package plugin // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command -// PluginEnv plugin env -// swagger:model PluginEnv -type PluginEnv struct { +// Env env +// +// swagger:model Env +type Env struct { // description // Required: true diff --git a/vendor/github.com/docker/docker/api/types/plugin_mount.go b/vendor/github.com/moby/moby/api/types/plugin/mount.go similarity index 65% rename from vendor/github.com/docker/docker/api/types/plugin_mount.go rename to vendor/github.com/moby/moby/api/types/plugin/mount.go index 5c031cf8b5cc..7970306cc85b 100644 --- a/vendor/github.com/docker/docker/api/types/plugin_mount.go +++ b/vendor/github.com/moby/moby/api/types/plugin/mount.go @@ -1,25 +1,32 @@ -package types +// Code generated by go-swagger; DO NOT EDIT. + +package plugin // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command -// PluginMount plugin mount -// swagger:model PluginMount -type PluginMount struct { +// Mount mount +// +// swagger:model Mount +type Mount struct { // description + // Example: This is a mount that's used by the plugin. // Required: true Description string `json:"Description"` // destination + // Example: /mnt/state // Required: true Destination string `json:"Destination"` // name + // Example: some-mount // Required: true Name string `json:"Name"` // options + // Example: ["rbind","rw"] // Required: true Options []string `json:"Options"` @@ -28,10 +35,12 @@ type PluginMount struct { Settable []string `json:"Settable"` // source + // Example: /var/lib/docker/plugins/ // Required: true Source *string `json:"Source"` // type + // Example: bind // Required: true Type string `json:"Type"` } diff --git a/vendor/github.com/docker/docker/api/types/plugin.go b/vendor/github.com/moby/moby/api/types/plugin/plugin.go similarity index 52% rename from vendor/github.com/docker/docker/api/types/plugin.go rename to vendor/github.com/moby/moby/api/types/plugin/plugin.go index a9eff28a0485..3305170d5eec 100644 --- a/vendor/github.com/docker/docker/api/types/plugin.go +++ b/vendor/github.com/moby/moby/api/types/plugin/plugin.go @@ -1,114 +1,126 @@ -package types +// Code generated by go-swagger; DO NOT EDIT. + +package plugin // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command // Plugin A plugin for the Engine API +// // swagger:model Plugin type Plugin struct { // config // Required: true - Config PluginConfig `json:"Config"` + Config Config `json:"Config"` // True if the plugin is running. False if the plugin is not running, only installed. + // Example: true // Required: true Enabled bool `json:"Enabled"` // Id + // Example: 5724e2c8652da337ab2eedd19fc6fc0ec908e4bd907c7421bf6a8dfc70c4c078 ID string `json:"Id,omitempty"` // name + // Example: tiborvass/sample-volume-plugin // Required: true Name string `json:"Name"` // plugin remote reference used to push/pull the plugin + // Example: localhost:5000/tiborvass/sample-volume-plugin:latest PluginReference string `json:"PluginReference,omitempty"` // settings // Required: true - Settings PluginSettings `json:"Settings"` + Settings Settings `json:"Settings"` } -// PluginConfig The config of a plugin. -// swagger:model PluginConfig -type PluginConfig struct { +// Config The config of a plugin. +// +// swagger:model Config +type Config struct { // args // Required: true - Args PluginConfigArgs `json:"Args"` + Args Args `json:"Args"` // description + // Example: A sample volume plugin for Docker // Required: true Description string `json:"Description"` - // Docker Version used to create the plugin. - // - // Depending on how the plugin was created, this field may be empty or omitted. - // - // Deprecated: this field is no longer set, and will be removed in the next API version. - DockerVersion string `json:"DockerVersion,omitempty"` - // documentation + // Example: https://docs.docker.com/engine/extend/plugins/ // Required: true Documentation string `json:"Documentation"` // entrypoint + // Example: ["/usr/bin/sample-volume-plugin","/data"] // Required: true Entrypoint []string `json:"Entrypoint"` // env + // Example: [{"Description":"If set, prints debug messages","Name":"DEBUG","Settable":null,"Value":"0"}] // Required: true - Env []PluginEnv `json:"Env"` + Env []Env `json:"Env"` // interface // Required: true - Interface PluginConfigInterface `json:"Interface"` + Interface Interface `json:"Interface"` // ipc host + // Example: false // Required: true IpcHost bool `json:"IpcHost"` // linux // Required: true - Linux PluginConfigLinux `json:"Linux"` + Linux LinuxConfig `json:"Linux"` // mounts // Required: true - Mounts []PluginMount `json:"Mounts"` + Mounts []Mount `json:"Mounts"` // network // Required: true - Network PluginConfigNetwork `json:"Network"` + Network NetworkConfig `json:"Network"` // pid host + // Example: false // Required: true PidHost bool `json:"PidHost"` // propagated mount + // Example: /mnt/volumes // Required: true PropagatedMount string `json:"PropagatedMount"` // user - User PluginConfigUser `json:"User,omitempty"` + User User `json:"User,omitempty"` // work dir + // Example: /bin/ // Required: true WorkDir string `json:"WorkDir"` // rootfs - Rootfs *PluginConfigRootfs `json:"rootfs,omitempty"` + Rootfs *RootFS `json:"rootfs,omitempty"` } -// PluginConfigArgs plugin config args -// swagger:model PluginConfigArgs -type PluginConfigArgs struct { +// Args args +// +// swagger:model Args +type Args struct { // description + // Example: command line arguments // Required: true Description string `json:"Description"` // name + // Example: args // Required: true Name string `json:"Name"` @@ -121,73 +133,90 @@ type PluginConfigArgs struct { Value []string `json:"Value"` } -// PluginConfigInterface The interface between Docker and the plugin -// swagger:model PluginConfigInterface -type PluginConfigInterface struct { +// Interface The interface between Docker and the plugin +// +// swagger:model Interface +type Interface struct { // Protocol to use for clients connecting to the plugin. + // Example: some.protocol/v1.0 + // Enum: ["","moby.plugins.http/v1"] ProtocolScheme string `json:"ProtocolScheme,omitempty"` // socket + // Example: plugins.sock // Required: true Socket string `json:"Socket"` // types + // Example: ["docker.volumedriver/1.0"] // Required: true - Types []PluginInterfaceType `json:"Types"` + Types []CapabilityID `json:"Types"` } -// PluginConfigLinux plugin config linux -// swagger:model PluginConfigLinux -type PluginConfigLinux struct { +// LinuxConfig linux config +// +// swagger:model LinuxConfig +type LinuxConfig struct { // allow all devices + // Example: false // Required: true AllowAllDevices bool `json:"AllowAllDevices"` // capabilities + // Example: ["CAP_SYS_ADMIN","CAP_SYSLOG"] // Required: true Capabilities []string `json:"Capabilities"` // devices // Required: true - Devices []PluginDevice `json:"Devices"` + Devices []Device `json:"Devices"` } -// PluginConfigNetwork plugin config network -// swagger:model PluginConfigNetwork -type PluginConfigNetwork struct { +// NetworkConfig network config +// +// swagger:model NetworkConfig +type NetworkConfig struct { // type + // Example: host // Required: true Type string `json:"Type"` } -// PluginConfigRootfs plugin config rootfs -// swagger:model PluginConfigRootfs -type PluginConfigRootfs struct { +// RootFS root f s +// +// swagger:model RootFS +type RootFS struct { // diff ids + // Example: ["sha256:675532206fbf3030b8458f88d6e26d4eb1577688a25efec97154c94e8b6b4887","sha256:e216a057b1cb1efc11f8a268f37ef62083e70b1b38323ba252e25ac88904a7e8"] DiffIds []string `json:"diff_ids"` // type + // Example: layers Type string `json:"type,omitempty"` } -// PluginConfigUser plugin config user -// swagger:model PluginConfigUser -type PluginConfigUser struct { +// User user +// +// swagger:model User +type User struct { // g ID + // Example: 1000 GID uint32 `json:"GID,omitempty"` // UID + // Example: 1000 UID uint32 `json:"UID,omitempty"` } -// PluginSettings Settings that can be modified by users. -// swagger:model PluginSettings -type PluginSettings struct { +// Settings user-configurable settings for the plugin. +// +// swagger:model Settings +type Settings struct { // args // Required: true @@ -195,13 +224,14 @@ type PluginSettings struct { // devices // Required: true - Devices []PluginDevice `json:"Devices"` + Devices []Device `json:"Devices"` // env + // Example: ["DEBUG=0"] // Required: true Env []string `json:"Env"` // mounts // Required: true - Mounts []PluginMount `json:"Mounts"` + Mounts []Mount `json:"Mounts"` } diff --git a/vendor/github.com/moby/moby/api/types/plugin/plugin_responses.go b/vendor/github.com/moby/moby/api/types/plugin/plugin_responses.go new file mode 100644 index 000000000000..91b327eb473f --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/plugin/plugin_responses.go @@ -0,0 +1,33 @@ +package plugin + +import ( + "sort" +) + +// ListResponse contains the response for the Engine API +type ListResponse []Plugin + +// Privilege describes a permission the user has to accept +// upon installing a plugin. +type Privilege struct { + Name string + Description string + Value []string +} + +// Privileges is a list of Privilege +type Privileges []Privilege + +func (s Privileges) Len() int { + return len(s) +} + +func (s Privileges) Less(i, j int) bool { + return s[i].Name < s[j].Name +} + +func (s Privileges) Swap(i, j int) { + sort.Strings(s[i].Value) + sort.Strings(s[j].Value) + s[i], s[j] = s[j], s[i] +} diff --git a/vendor/github.com/moby/moby/api/types/registry/auth_response.go b/vendor/github.com/moby/moby/api/types/registry/auth_response.go new file mode 100644 index 000000000000..94c2e1bb36a9 --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/registry/auth_response.go @@ -0,0 +1,21 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package registry + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +// AuthResponse An identity token was generated successfully. +// +// swagger:model AuthResponse +type AuthResponse struct { + + // An opaque token used to authenticate a user after a successful login + // Example: 9cbaf023786cd7... + IdentityToken string `json:"IdentityToken,omitempty"` + + // The status of the authentication + // Example: Login Succeeded + // Required: true + Status string `json:"Status"` +} diff --git a/vendor/github.com/moby/moby/api/types/registry/authconfig.go b/vendor/github.com/moby/moby/api/types/registry/authconfig.go new file mode 100644 index 000000000000..b612feebaae9 --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/registry/authconfig.go @@ -0,0 +1,35 @@ +package registry + +import "context" + +// AuthHeader is the name of the header used to send encoded registry +// authorization credentials for registry operations (push/pull). +const AuthHeader = "X-Registry-Auth" + +// RequestAuthConfig is a function interface that clients can supply +// to retry operations after getting an authorization error. +// +// The function must return the [AuthHeader] value ([AuthConfig]), encoded +// in base64url format ([RFC4648, section 5]), which can be decoded by +// [DecodeAuthConfig]. +// +// It must return an error if the privilege request fails. +// +// [RFC4648, section 5]: https://tools.ietf.org/html/rfc4648#section-5 +type RequestAuthConfig func(context.Context) (string, error) + +// AuthConfig contains authorization information for connecting to a Registry. +type AuthConfig struct { + Username string `json:"username,omitempty"` + Password string `json:"password,omitempty"` + Auth string `json:"auth,omitempty"` + + ServerAddress string `json:"serveraddress,omitempty"` + + // IdentityToken is used to authenticate the user and get + // an access token for the registry. + IdentityToken string `json:"identitytoken,omitempty"` + + // RegistryToken is a bearer token to be sent to a registry + RegistryToken string `json:"registrytoken,omitempty"` +} diff --git a/vendor/github.com/moby/moby/api/types/registry/registry.go b/vendor/github.com/moby/moby/api/types/registry/registry.go new file mode 100644 index 000000000000..7361228d66e3 --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/registry/registry.go @@ -0,0 +1,67 @@ +package registry + +import ( + "net/netip" + + ocispec "github.com/opencontainers/image-spec/specs-go/v1" +) + +// ServiceConfig stores daemon registry services configuration. +type ServiceConfig struct { + InsecureRegistryCIDRs []netip.Prefix `json:"InsecureRegistryCIDRs"` + IndexConfigs map[string]*IndexInfo `json:"IndexConfigs"` + Mirrors []string +} + +// IndexInfo contains information about a registry +// +// RepositoryInfo Examples: +// +// { +// "Index" : { +// "Name" : "docker.io", +// "Mirrors" : ["https://registry-2.docker.io/v1/", "https://registry-3.docker.io/v1/"], +// "Secure" : true, +// "Official" : true, +// }, +// "RemoteName" : "library/debian", +// "LocalName" : "debian", +// "CanonicalName" : "docker.io/debian" +// "Official" : true, +// } +// +// { +// "Index" : { +// "Name" : "127.0.0.1:5000", +// "Mirrors" : [], +// "Secure" : false, +// "Official" : false, +// }, +// "RemoteName" : "user/repo", +// "LocalName" : "127.0.0.1:5000/user/repo", +// "CanonicalName" : "127.0.0.1:5000/user/repo", +// "Official" : false, +// } +type IndexInfo struct { + // Name is the name of the registry, such as "docker.io" + Name string + // Mirrors is a list of mirrors, expressed as URIs + Mirrors []string + // Secure is set to false if the registry is part of the list of + // insecure registries. Insecure registries accept HTTP and/or accept + // HTTPS with certificates from unknown CAs. + Secure bool + // Official indicates whether this is an official registry + Official bool +} + +// DistributionInspect describes the result obtained from contacting the +// registry to retrieve image metadata +type DistributionInspect struct { + // Descriptor contains information about the manifest, including + // the content addressable digest + Descriptor ocispec.Descriptor + // Platforms contains the list of platforms supported by the image, + // obtained by parsing the manifest + Platforms []ocispec.Platform +} diff --git a/vendor/github.com/docker/docker/api/types/registry/search.go b/vendor/github.com/moby/moby/api/types/registry/search.go similarity index 63% rename from vendor/github.com/docker/docker/api/types/registry/search.go rename to vendor/github.com/moby/moby/api/types/registry/search.go index 994ca4c6f96f..bd79462f6079 100644 --- a/vendor/github.com/docker/docker/api/types/registry/search.go +++ b/vendor/github.com/moby/moby/api/types/registry/search.go @@ -1,26 +1,5 @@ package registry -import ( - "context" - - "github.com/docker/docker/api/types/filters" -) - -// SearchOptions holds parameters to search images with. -type SearchOptions struct { - RegistryAuth string - - // PrivilegeFunc is a function that clients can supply to retry operations - // after getting an authorization error. This function returns the registry - // authentication header value in base64 encoded format, or an error if the - // privilege request fails. - // - // For details, refer to [github.com/docker/docker/api/types/registry.RequestAuthConfig]. - PrivilegeFunc func(context.Context) (string, error) - Filters filters.Args - Limit int -} - // SearchResult describes a search result returned from a registry type SearchResult struct { // StarCount indicates the number of stars this repository has diff --git a/vendor/github.com/docker/docker/api/types/storage/driver_data.go b/vendor/github.com/moby/moby/api/types/storage/driver_data.go similarity index 61% rename from vendor/github.com/docker/docker/api/types/storage/driver_data.go rename to vendor/github.com/moby/moby/api/types/storage/driver_data.go index 009e21309507..65d5b4c20ea0 100644 --- a/vendor/github.com/docker/docker/api/types/storage/driver_data.go +++ b/vendor/github.com/moby/moby/api/types/storage/driver_data.go @@ -1,3 +1,5 @@ +// Code generated by go-swagger; DO NOT EDIT. + package storage // This file was generated by the swagger tool. @@ -14,10 +16,12 @@ type DriverData struct { // This information is driver-specific, and depends on the storage-driver // in use, and should be used for informational purposes only. // + // Example: {"MergedDir":"/var/lib/docker/overlay2/ef749362d13333e65fc95c572eb525abbe0052e16e086cb64bc3b98ae9aa6d74/merged","UpperDir":"/var/lib/docker/overlay2/ef749362d13333e65fc95c572eb525abbe0052e16e086cb64bc3b98ae9aa6d74/diff","WorkDir":"/var/lib/docker/overlay2/ef749362d13333e65fc95c572eb525abbe0052e16e086cb64bc3b98ae9aa6d74/work"} // Required: true Data map[string]string `json:"Data"` // Name of the storage driver. + // Example: overlay2 // Required: true Name string `json:"Name"` } diff --git a/vendor/github.com/moby/moby/api/types/storage/root_f_s_storage.go b/vendor/github.com/moby/moby/api/types/storage/root_f_s_storage.go new file mode 100644 index 000000000000..d82f2b6bcbc2 --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/storage/root_f_s_storage.go @@ -0,0 +1,16 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package storage + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +// RootFSStorage Information about the storage used for the container's root filesystem. +// +// swagger:model RootFSStorage +type RootFSStorage struct { + + // Information about the snapshot used for the container's root filesystem. + // + Snapshot *RootFSStorageSnapshot `json:"Snapshot,omitempty"` +} diff --git a/vendor/github.com/moby/moby/api/types/storage/root_f_s_storage_snapshot.go b/vendor/github.com/moby/moby/api/types/storage/root_f_s_storage_snapshot.go new file mode 100644 index 000000000000..dd2b82d245f6 --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/storage/root_f_s_storage_snapshot.go @@ -0,0 +1,15 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package storage + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +// RootFSStorageSnapshot Information about a snapshot backend of the container's root filesystem. +// +// swagger:model RootFSStorageSnapshot +type RootFSStorageSnapshot struct { + + // Name of the snapshotter. + Name string `json:"Name,omitempty"` +} diff --git a/vendor/github.com/moby/moby/api/types/storage/storage.go b/vendor/github.com/moby/moby/api/types/storage/storage.go new file mode 100644 index 000000000000..77843db97089 --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/storage/storage.go @@ -0,0 +1,16 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package storage + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +// Storage Information about the storage used by the container. +// +// swagger:model Storage +type Storage struct { + + // Information about the storage used for the container's root filesystem. + // + RootFS *RootFSStorage `json:"RootFS,omitempty"` +} diff --git a/vendor/github.com/docker/docker/api/types/swarm/common.go b/vendor/github.com/moby/moby/api/types/swarm/common.go similarity index 100% rename from vendor/github.com/docker/docker/api/types/swarm/common.go rename to vendor/github.com/moby/moby/api/types/swarm/common.go diff --git a/vendor/github.com/docker/docker/api/types/swarm/config.go b/vendor/github.com/moby/moby/api/types/swarm/config.go similarity index 90% rename from vendor/github.com/docker/docker/api/types/swarm/config.go rename to vendor/github.com/moby/moby/api/types/swarm/config.go index 80a6ffdb9aaf..b029f2af8567 100644 --- a/vendor/github.com/docker/docker/api/types/swarm/config.go +++ b/vendor/github.com/moby/moby/api/types/swarm/config.go @@ -2,8 +2,6 @@ package swarm import ( "os" - - "github.com/docker/docker/api/types/filters" ) // Config represents a config. @@ -55,8 +53,3 @@ type ConfigCreateResponse struct { // ID is the id of the created config. ID string } - -// ConfigListOptions holds parameters to list configs -type ConfigListOptions struct { - Filters filters.Args -} diff --git a/vendor/github.com/docker/docker/api/types/swarm/container.go b/vendor/github.com/moby/moby/api/types/swarm/container.go similarity index 96% rename from vendor/github.com/docker/docker/api/types/swarm/container.go rename to vendor/github.com/moby/moby/api/types/swarm/container.go index f9416bacca6b..268565ec8ae4 100644 --- a/vendor/github.com/docker/docker/api/types/swarm/container.go +++ b/vendor/github.com/moby/moby/api/types/swarm/container.go @@ -1,10 +1,11 @@ package swarm import ( + "net/netip" "time" - "github.com/docker/docker/api/types/container" - "github.com/docker/docker/api/types/mount" + "github.com/moby/moby/api/types/container" + "github.com/moby/moby/api/types/mount" ) // DNSConfig specifies DNS related configurations in resolver configuration file (resolv.conf) @@ -14,7 +15,7 @@ import ( // TODO: `domain` is not supported yet. type DNSConfig struct { // Nameservers specifies the IP addresses of the name servers - Nameservers []string `json:",omitempty"` + Nameservers []netip.Addr `json:",omitempty"` // Search specifies the search list for host-name lookup Search []string `json:",omitempty"` // Options allows certain internal resolver variables to be modified diff --git a/vendor/github.com/docker/docker/api/types/swarm/network.go b/vendor/github.com/moby/moby/api/types/swarm/network.go similarity index 80% rename from vendor/github.com/docker/docker/api/types/swarm/network.go rename to vendor/github.com/moby/moby/api/types/swarm/network.go index 4b8807233993..65aabc9d3689 100644 --- a/vendor/github.com/docker/docker/api/types/swarm/network.go +++ b/vendor/github.com/moby/moby/api/types/swarm/network.go @@ -1,7 +1,9 @@ package swarm import ( - "github.com/docker/docker/api/types/network" + "net/netip" + + "github.com/moby/moby/api/types/network" ) // Endpoint represents an endpoint. @@ -30,7 +32,7 @@ const ( // PortConfig represents the config of a port. type PortConfig struct { Name string `json:",omitempty"` - Protocol PortConfigProtocol `json:",omitempty"` + Protocol network.IPProtocol `json:",omitempty"` // TargetPort is the port inside the container TargetPort uint32 `json:",omitempty"` // PublishedPort is the port on the swarm hosts @@ -52,24 +54,14 @@ const ( PortConfigPublishModeHost PortConfigPublishMode = "host" ) -// PortConfigProtocol represents the protocol of a port. -type PortConfigProtocol string - -const ( - // TODO(stevvooe): These should be used generally, not just for PortConfig. - - // PortConfigProtocolTCP TCP - PortConfigProtocolTCP PortConfigProtocol = "tcp" - // PortConfigProtocolUDP UDP - PortConfigProtocolUDP PortConfigProtocol = "udp" - // PortConfigProtocolSCTP SCTP - PortConfigProtocolSCTP PortConfigProtocol = "sctp" -) - // EndpointVirtualIP represents the virtual ip of a port. type EndpointVirtualIP struct { NetworkID string `json:",omitempty"` - Addr string `json:",omitempty"` + + // Addr is the virtual ip address. + // This field accepts CIDR notation, for example `10.0.0.1/24`, to maintain backwards + // compatibility, but only the IP address is used. + Addr netip.Prefix `json:",omitempty"` } // Network represents a network. @@ -103,8 +95,12 @@ type NetworkAttachmentConfig struct { // NetworkAttachment represents a network attachment. type NetworkAttachment struct { - Network Network `json:",omitempty"` - Addresses []string `json:",omitempty"` + Network Network `json:",omitempty"` + + // Addresses contains the IP addresses associated with the endpoint in the network. + // This field accepts CIDR notation, for example `10.0.0.1/24`, to maintain backwards + // compatibility, but only the IP address is used. + Addresses []netip.Prefix `json:",omitempty"` } // IPAMOptions represents ipam options. @@ -115,7 +111,7 @@ type IPAMOptions struct { // IPAMConfig represents ipam configuration. type IPAMConfig struct { - Subnet string `json:",omitempty"` - Range string `json:",omitempty"` - Gateway string `json:",omitempty"` + Subnet netip.Prefix `json:",omitempty"` + Range netip.Prefix `json:",omitempty"` + Gateway netip.Addr `json:",omitempty"` } diff --git a/vendor/github.com/docker/docker/api/types/swarm/node.go b/vendor/github.com/moby/moby/api/types/swarm/node.go similarity index 92% rename from vendor/github.com/docker/docker/api/types/swarm/node.go rename to vendor/github.com/moby/moby/api/types/swarm/node.go index 2018a031bbf7..9523799b6794 100644 --- a/vendor/github.com/docker/docker/api/types/swarm/node.go +++ b/vendor/github.com/moby/moby/api/types/swarm/node.go @@ -1,7 +1,5 @@ package swarm -import "github.com/docker/docker/api/types/filters" - // Node represents a node. type Node struct { ID string @@ -133,19 +131,9 @@ const ( ) // Topology defines the CSI topology of this node. This type is a duplicate of -// github.com/docker/docker/api/types.Topology. Because the type definition +// [github.com/moby/moby/api/types/volume.Topology]. Because the type definition // is so simple and to avoid complicated structure or circular imports, we just // duplicate it here. See that type for full documentation type Topology struct { Segments map[string]string `json:",omitempty"` } - -// NodeListOptions holds parameters to list nodes with. -type NodeListOptions struct { - Filters filters.Args -} - -// NodeRemoveOptions holds parameters to remove nodes with. -type NodeRemoveOptions struct { - Force bool -} diff --git a/vendor/github.com/docker/docker/api/types/swarm/runtime.go b/vendor/github.com/moby/moby/api/types/swarm/runtime.go similarity index 68% rename from vendor/github.com/docker/docker/api/types/swarm/runtime.go rename to vendor/github.com/moby/moby/api/types/swarm/runtime.go index 3fda4ca65d1d..23ea712c4770 100644 --- a/vendor/github.com/docker/docker/api/types/swarm/runtime.go +++ b/vendor/github.com/moby/moby/api/types/swarm/runtime.go @@ -1,7 +1,5 @@ package swarm -import "github.com/docker/docker/api/types/swarm/runtime" - // RuntimeType is the type of runtime used for the TaskSpec type RuntimeType string @@ -30,8 +28,18 @@ type NetworkAttachmentSpec struct { // RuntimeSpec defines the base payload which clients can specify for creating // a service with the plugin runtime. -type RuntimeSpec = runtime.PluginSpec +type RuntimeSpec struct { + Name string `json:"name,omitempty"` + Remote string `json:"remote,omitempty"` + Privileges []*RuntimePrivilege `json:"privileges,omitempty"` + Disabled bool `json:"disabled,omitempty"` + Env []string `json:"env,omitempty"` +} // RuntimePrivilege describes a permission the user has to accept // upon installing a plugin. -type RuntimePrivilege = runtime.PluginPrivilege +type RuntimePrivilege struct { + Name string `json:"name,omitempty"` + Description string `json:"description,omitempty"` + Value []string `json:"value,omitempty"` +} diff --git a/vendor/github.com/docker/docker/api/types/swarm/secret.go b/vendor/github.com/moby/moby/api/types/swarm/secret.go similarity index 87% rename from vendor/github.com/docker/docker/api/types/swarm/secret.go rename to vendor/github.com/moby/moby/api/types/swarm/secret.go index d9482ab56d17..0e27ed9b07ba 100644 --- a/vendor/github.com/docker/docker/api/types/swarm/secret.go +++ b/vendor/github.com/moby/moby/api/types/swarm/secret.go @@ -2,8 +2,6 @@ package swarm import ( "os" - - "github.com/docker/docker/api/types/filters" ) // Secret represents a secret. @@ -25,7 +23,7 @@ type SecretSpec struct { // This field is only used to create the secret, and is not returned // by other endpoints. // - // [MaxSecretSize]: https://pkg.go.dev/github.com/moby/swarmkit/v2@v2.0.0-20250103191802-8c1959736554/api/validation#MaxSecretSize + // [MaxSecretSize]: https://pkg.go.dev/github.com/moby/swarmkit/v2@v2.0.0/api/validation#MaxSecretSize Data []byte `json:",omitempty"` // Driver is the name of the secrets driver used to fetch the secret's @@ -59,8 +57,3 @@ type SecretCreateResponse struct { // ID is the id of the created secret. ID string } - -// SecretListOptions holds parameters to list secrets -type SecretListOptions struct { - Filters filters.Args -} diff --git a/vendor/github.com/docker/docker/api/types/swarm/service.go b/vendor/github.com/moby/moby/api/types/swarm/service.go similarity index 71% rename from vendor/github.com/docker/docker/api/types/swarm/service.go rename to vendor/github.com/moby/moby/api/types/swarm/service.go index 56c660c1f0c4..0b678dea335e 100644 --- a/vendor/github.com/docker/docker/api/types/swarm/service.go +++ b/vendor/github.com/moby/moby/api/types/swarm/service.go @@ -2,8 +2,6 @@ package swarm import ( "time" - - "github.com/docker/docker/api/types/filters" ) // Service represents a service. @@ -37,12 +35,7 @@ type ServiceSpec struct { Mode ServiceMode `json:",omitempty"` UpdateConfig *UpdateConfig `json:",omitempty"` RollbackConfig *UpdateConfig `json:",omitempty"` - - // Networks specifies which networks the service should attach to. - // - // Deprecated: This field is deprecated since v1.44. The Networks field in TaskSpec should be used instead. - Networks []NetworkAttachmentConfig `json:",omitempty"` - EndpointSpec *EndpointSpec `json:",omitempty"` + EndpointSpec *EndpointSpec `json:",omitempty"` } // ServiceMode represents the mode of a service. @@ -113,18 +106,27 @@ type ReplicatedJob struct { // This type is deliberately empty. type GlobalJob struct{} +// FailureAction is the action to perform when updating a service fails. +type FailureAction string + const ( // UpdateFailureActionPause PAUSE - UpdateFailureActionPause = "pause" + UpdateFailureActionPause FailureAction = "pause" // UpdateFailureActionContinue CONTINUE - UpdateFailureActionContinue = "continue" + UpdateFailureActionContinue FailureAction = "continue" // UpdateFailureActionRollback ROLLBACK - UpdateFailureActionRollback = "rollback" + UpdateFailureActionRollback FailureAction = "rollback" +) +// UpdateOrder is the order of operations when rolling out or rolling back +// an updated tasks for a service. +type UpdateOrder string + +const ( // UpdateOrderStopFirst STOP_FIRST - UpdateOrderStopFirst = "stop-first" + UpdateOrderStopFirst UpdateOrder = "stop-first" // UpdateOrderStartFirst START_FIRST - UpdateOrderStartFirst = "start-first" + UpdateOrderStartFirst UpdateOrder = "start-first" ) // UpdateConfig represents the update configuration. @@ -137,7 +139,7 @@ type UpdateConfig struct { Delay time.Duration `json:",omitempty"` // FailureAction is the action to take when an update failures. - FailureAction string `json:",omitempty"` + FailureAction FailureAction `json:",omitempty"` // Monitor indicates how long to monitor a task for failure after it is // created. If the task fails by ending up in one of the states @@ -163,7 +165,7 @@ type UpdateConfig struct { // Order indicates the order of operations when rolling out an updated // task. Either the old task is shut down before the new task is // started, or the new task is started before the old task is shut down. - Order string + Order UpdateOrder } // ServiceStatus represents the number of running tasks in a service and the @@ -205,68 +207,12 @@ type JobStatus struct { LastExecution time.Time `json:",omitempty"` } -// ServiceCreateOptions contains the options to use when creating a service. -type ServiceCreateOptions struct { - // EncodedRegistryAuth is the encoded registry authorization credentials to - // use when updating the service. - // - // This field follows the format of the X-Registry-Auth header. - EncodedRegistryAuth string - - // QueryRegistry indicates whether the service update requires - // contacting a registry. A registry may be contacted to retrieve - // the image digest and manifest, which in turn can be used to update - // platform or other information about the service. - QueryRegistry bool -} +// RegistryAuthSource defines options for the "registryAuthFrom" query parameter +// on service update. +type RegistryAuthSource string // Values for RegistryAuthFrom in ServiceUpdateOptions const ( - RegistryAuthFromSpec = "spec" - RegistryAuthFromPreviousSpec = "previous-spec" + RegistryAuthFromSpec RegistryAuthSource = "spec" + RegistryAuthFromPreviousSpec RegistryAuthSource = "previous-spec" ) - -// ServiceUpdateOptions contains the options to be used for updating services. -type ServiceUpdateOptions struct { - // EncodedRegistryAuth is the encoded registry authorization credentials to - // use when updating the service. - // - // This field follows the format of the X-Registry-Auth header. - EncodedRegistryAuth string - - // TODO(stevvooe): Consider moving the version parameter of ServiceUpdate - // into this field. While it does open API users up to racy writes, most - // users may not need that level of consistency in practice. - - // RegistryAuthFrom specifies where to find the registry authorization - // credentials if they are not given in EncodedRegistryAuth. Valid - // values are "spec" and "previous-spec". - RegistryAuthFrom string - - // Rollback indicates whether a server-side rollback should be - // performed. When this is set, the provided spec will be ignored. - // The valid values are "previous" and "none". An empty value is the - // same as "none". - Rollback string - - // QueryRegistry indicates whether the service update requires - // contacting a registry. A registry may be contacted to retrieve - // the image digest and manifest, which in turn can be used to update - // platform or other information about the service. - QueryRegistry bool -} - -// ServiceListOptions holds parameters to list services with. -type ServiceListOptions struct { - Filters filters.Args - - // Status indicates whether the server should include the service task - // count of running and desired tasks. - Status bool -} - -// ServiceInspectOptions holds parameters related to the "service inspect" -// operation. -type ServiceInspectOptions struct { - InsertDefaults bool -} diff --git a/vendor/github.com/docker/docker/api/types/swarm/service_create_response.go b/vendor/github.com/moby/moby/api/types/swarm/service_create_response.go similarity index 73% rename from vendor/github.com/docker/docker/api/types/swarm/service_create_response.go rename to vendor/github.com/moby/moby/api/types/swarm/service_create_response.go index 9a268ff1b93a..ebbc097d90db 100644 --- a/vendor/github.com/docker/docker/api/types/swarm/service_create_response.go +++ b/vendor/github.com/moby/moby/api/types/swarm/service_create_response.go @@ -1,3 +1,5 @@ +// Code generated by go-swagger; DO NOT EDIT. + package swarm // This file was generated by the swagger tool. @@ -10,11 +12,13 @@ package swarm type ServiceCreateResponse struct { // The ID of the created service. + // Example: ak7w3gjqoa3kuz8xcpnyy0pvl ID string `json:"ID,omitempty"` // Optional warning message. // // FIXME(thaJeztah): this should have "omitempty" in the generated type. // + // Example: ["unable to pin image doesnotexist:latest to digest: image library/doesnotexist:latest not found"] Warnings []string `json:"Warnings"` } diff --git a/vendor/github.com/docker/docker/api/types/swarm/service_update_response.go b/vendor/github.com/moby/moby/api/types/swarm/service_update_response.go similarity index 66% rename from vendor/github.com/docker/docker/api/types/swarm/service_update_response.go rename to vendor/github.com/moby/moby/api/types/swarm/service_update_response.go index 0417467dae39..b7649096a07a 100644 --- a/vendor/github.com/docker/docker/api/types/swarm/service_update_response.go +++ b/vendor/github.com/moby/moby/api/types/swarm/service_update_response.go @@ -1,9 +1,13 @@ +// Code generated by go-swagger; DO NOT EDIT. + package swarm // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command // ServiceUpdateResponse service update response +// Example: {"Warnings":["unable to pin image doesnotexist:latest to digest: image library/doesnotexist:latest not found"]} +// // swagger:model ServiceUpdateResponse type ServiceUpdateResponse struct { diff --git a/vendor/github.com/docker/docker/api/types/swarm/swarm.go b/vendor/github.com/moby/moby/api/types/swarm/swarm.go similarity index 92% rename from vendor/github.com/docker/docker/api/types/swarm/swarm.go rename to vendor/github.com/moby/moby/api/types/swarm/swarm.go index 38f3e6666d1e..84218503101a 100644 --- a/vendor/github.com/docker/docker/api/types/swarm/swarm.go +++ b/vendor/github.com/moby/moby/api/types/swarm/swarm.go @@ -1,6 +1,7 @@ package swarm import ( + "net/netip" "time" ) @@ -12,7 +13,7 @@ type ClusterInfo struct { Spec Spec TLSInfo TLSInfo RootRotationInProgress bool - DefaultAddrPool []string + DefaultAddrPool []netip.Prefix SubnetSize uint32 DataPathPort uint32 } @@ -159,7 +160,7 @@ type InitRequest struct { Spec Spec AutoLockManagers bool Availability NodeAvailability - DefaultAddrPool []string + DefaultAddrPool []netip.Prefix SubnetSize uint32 } @@ -213,29 +214,12 @@ type Info struct { Warnings []string `json:",omitempty"` } -// Status provides information about the current swarm status and role, -// obtained from the "Swarm" header in the API response. -type Status struct { - // NodeState represents the state of the node. - NodeState LocalNodeState - - // ControlAvailable indicates if the node is a swarm manager. - ControlAvailable bool -} - // Peer represents a peer. type Peer struct { NodeID string Addr string } -// UpdateFlags contains flags for SwarmUpdate. -type UpdateFlags struct { - RotateWorkerToken bool - RotateManagerToken bool - RotateManagerUnlockKey bool -} - // UnlockKeyResponse contains the response for Engine API: // GET /swarm/unlockkey type UnlockKeyResponse struct { diff --git a/vendor/github.com/docker/docker/api/types/swarm/task.go b/vendor/github.com/moby/moby/api/types/swarm/task.go similarity index 94% rename from vendor/github.com/docker/docker/api/types/swarm/task.go rename to vendor/github.com/moby/moby/api/types/swarm/task.go index e143f844fa8f..f61190683c45 100644 --- a/vendor/github.com/docker/docker/api/types/swarm/task.go +++ b/vendor/github.com/moby/moby/api/types/swarm/task.go @@ -2,8 +2,6 @@ package swarm import ( "time" - - "github.com/docker/docker/api/types/filters" ) // TaskState represents the state of a task. @@ -140,6 +138,17 @@ type DiscreteGenericResource struct { type ResourceRequirements struct { Limits *Limit `json:",omitempty"` Reservations *Resources `json:",omitempty"` + + // Amount of swap in bytes - can only be used together with a memory limit + // -1 means unlimited + // a null pointer keeps the default behaviour of granting twice the memory + // amount in swap + SwapBytes *int64 `json:"SwapBytes,omitzero"` + + // Tune container memory swappiness (0 to 100) - if not specified, defaults + // to the container OS's default - generally 60, or the value predefined in + // the image; set to -1 to unset a previously set value + MemorySwappiness *int64 `json:MemorySwappiness,omitzero"` } // Placement represents orchestration parameters. @@ -223,8 +232,3 @@ type VolumeAttachment struct { // in the ContainerSpec, that this volume fulfills. Target string `json:",omitempty"` } - -// TaskListOptions holds parameters to list tasks with. -type TaskListOptions struct { - Filters filters.Args -} diff --git a/vendor/github.com/moby/moby/api/types/system/disk_usage.go b/vendor/github.com/moby/moby/api/types/system/disk_usage.go new file mode 100644 index 000000000000..33230aed231d --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/system/disk_usage.go @@ -0,0 +1,31 @@ +package system + +import ( + "github.com/moby/moby/api/types/build" + "github.com/moby/moby/api/types/container" + "github.com/moby/moby/api/types/image" + "github.com/moby/moby/api/types/volume" +) + +// DiskUsageObject represents an object type used for disk usage query filtering. +type DiskUsageObject string + +const ( + // ContainerObject represents a container DiskUsageObject. + ContainerObject DiskUsageObject = "container" + // ImageObject represents an image DiskUsageObject. + ImageObject DiskUsageObject = "image" + // VolumeObject represents a volume DiskUsageObject. + VolumeObject DiskUsageObject = "volume" + // BuildCacheObject represents a build-cache DiskUsageObject. + BuildCacheObject DiskUsageObject = "build-cache" +) + +// DiskUsage contains response of Engine API: +// GET "/system/df" +type DiskUsage struct { + ImageUsage *image.DiskUsage `json:"ImageUsage,omitempty"` + ContainerUsage *container.DiskUsage `json:"ContainerUsage,omitempty"` + VolumeUsage *volume.DiskUsage `json:"VolumeUsage,omitempty"` + BuildCacheUsage *build.DiskUsage `json:"BuildCacheUsage,omitempty"` +} diff --git a/vendor/github.com/docker/docker/api/types/system/info.go b/vendor/github.com/moby/moby/api/types/system/info.go similarity index 80% rename from vendor/github.com/docker/docker/api/types/system/info.go rename to vendor/github.com/moby/moby/api/types/system/info.go index 0f39099d8ab5..bca0459df24f 100644 --- a/vendor/github.com/docker/docker/api/types/system/info.go +++ b/vendor/github.com/moby/moby/api/types/system/info.go @@ -1,32 +1,28 @@ package system import ( - "github.com/docker/docker/api/types/container" - "github.com/docker/docker/api/types/registry" - "github.com/docker/docker/api/types/swarm" + "net/netip" + + "github.com/moby/moby/api/types/container" + "github.com/moby/moby/api/types/registry" + "github.com/moby/moby/api/types/swarm" ) // Info contains response of Engine API: // GET "/info" type Info struct { - ID string - Containers int - ContainersRunning int - ContainersPaused int - ContainersStopped int - Images int - Driver string - DriverStatus [][2]string - SystemStatus [][2]string `json:",omitempty"` // SystemStatus is only propagated by the Swarm standalone API - Plugins PluginsInfo - MemoryLimit bool - SwapLimit bool - KernelMemory bool `json:",omitempty"` // Deprecated: kernel 5.4 deprecated kmem.limit_in_bytes - // KernelMemoryLimit is not supported on cgroups v2. - // - // Deprecated: This field is deprecated and will be removed in the next release. - // Starting with kernel 6.12, the kernel has deprecated kernel memory tcp accounting - KernelMemoryTCP bool `json:",omitempty"` // KernelMemoryTCP is not supported on cgroups v2. + ID string + Containers int + ContainersRunning int + ContainersPaused int + ContainersStopped int + Images int + Driver string + DriverStatus [][2]string + SystemStatus [][2]string `json:",omitempty"` // SystemStatus is only propagated by the Swarm standalone API + Plugins PluginsInfo + MemoryLimit bool + SwapLimit bool CPUCfsPeriod bool `json:"CpuCfsPeriod"` CPUCfsQuota bool `json:"CpuCfsQuota"` CPUShares bool @@ -143,16 +139,11 @@ type PluginsInfo struct { type Commit struct { // ID is the actual commit ID or version of external tool. ID string - - // Expected is the commit ID of external tool expected by dockerd as set at build time. - // - // Deprecated: this field is no longer used in API v1.49, but kept for backward-compatibility with older API versions. - Expected string `json:",omitempty"` } // NetworkAddressPool is a temp struct used by [Info] struct. type NetworkAddressPool struct { - Base string + Base netip.Prefix Size int } diff --git a/vendor/github.com/docker/docker/api/types/system/runtime.go b/vendor/github.com/moby/moby/api/types/system/runtime.go similarity index 79% rename from vendor/github.com/docker/docker/api/types/system/runtime.go rename to vendor/github.com/moby/moby/api/types/system/runtime.go index d077295a0d31..33cad367469b 100644 --- a/vendor/github.com/docker/docker/api/types/system/runtime.go +++ b/vendor/github.com/moby/moby/api/types/system/runtime.go @@ -9,8 +9,8 @@ type Runtime struct { // Shimv2 runtime configuration. Mutually exclusive with the legacy config above. - Type string `json:"runtimeType,omitempty"` - Options map[string]interface{} `json:"options,omitempty"` + Type string `json:"runtimeType,omitempty"` + Options map[string]any `json:"options,omitempty"` } // RuntimeWithStatus extends [Runtime] to hold [RuntimeStatus]. diff --git a/vendor/github.com/moby/moby/api/types/system/version_response.go b/vendor/github.com/moby/moby/api/types/system/version_response.go new file mode 100644 index 000000000000..61cd1b6e2fed --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/system/version_response.go @@ -0,0 +1,58 @@ +package system + +// VersionResponse contains information about the Docker server host. +// GET "/version" +type VersionResponse struct { + // Platform is the platform (product name) the server is running on. + Platform PlatformInfo `json:",omitempty"` + + // Version is the version of the daemon. + Version string + + // APIVersion is the highest API version supported by the server. + APIVersion string `json:"ApiVersion"` + + // MinAPIVersion is the minimum API version the server supports. + MinAPIVersion string `json:"MinAPIVersion,omitempty"` + + // Os is the operating system the server runs on. + Os string + + // Arch is the hardware architecture the server runs on. + Arch string + + // Components contains version information for the components making + // up the server. Information in this field is for informational + // purposes, and not part of the API contract. + Components []ComponentVersion `json:",omitempty"` + + // The following fields are deprecated, they relate to the Engine component and are kept for backwards compatibility + + GitCommit string `json:",omitempty"` + GoVersion string `json:",omitempty"` + KernelVersion string `json:",omitempty"` + Experimental bool `json:",omitempty"` + BuildTime string `json:",omitempty"` +} + +// PlatformInfo holds information about the platform (product name) the +// server is running on. +type PlatformInfo struct { + // Name is the name of the platform (for example, "Docker Engine - Community", + // or "Docker Desktop 4.49.0 (208003)") + Name string +} + +// ComponentVersion describes the version information for a specific component. +type ComponentVersion struct { + Name string + Version string + + // Details contains Key/value pairs of strings with additional information + // about the component. These values are intended for informational purposes + // only, and their content is not defined, and not part of the API + // specification. + // + // These messages can be printed by the client as information to the user. + Details map[string]string `json:",omitempty"` +} diff --git a/vendor/github.com/moby/moby/api/types/types.go b/vendor/github.com/moby/moby/api/types/types.go new file mode 100644 index 000000000000..a89befdda43f --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/types.go @@ -0,0 +1,18 @@ +package types + +const ( + // MediaTypeRawStream is vendor specific MIME-Type set for raw TTY streams. + MediaTypeRawStream = "application/vnd.docker.raw-stream" + + // MediaTypeMultiplexedStream is vendor specific MIME-Type set for stdin/stdout/stderr multiplexed streams. + MediaTypeMultiplexedStream = "application/vnd.docker.multiplexed-stream" + + // MediaTypeJSON is the MIME-Type for JSON objects. + MediaTypeJSON = "application/json" + + // MediaTypeNDJSON is the MIME-Type for Newline Delimited JSON objects streams. + MediaTypeNDJSON = "application/x-ndjson" + + // MediaTypeJSONSequence is the MIME-Type for JSON Text Sequences (RFC7464). + MediaTypeJSONSequence = "application/json-seq" +) diff --git a/vendor/github.com/docker/docker/api/types/volume/cluster_volume.go b/vendor/github.com/moby/moby/api/types/volume/cluster_volume.go similarity index 99% rename from vendor/github.com/docker/docker/api/types/volume/cluster_volume.go rename to vendor/github.com/moby/moby/api/types/volume/cluster_volume.go index 618a4816209a..07b75d12a01f 100644 --- a/vendor/github.com/docker/docker/api/types/volume/cluster_volume.go +++ b/vendor/github.com/moby/moby/api/types/volume/cluster_volume.go @@ -1,7 +1,7 @@ package volume import ( - "github.com/docker/docker/api/types/swarm" + "github.com/moby/moby/api/types/swarm" ) // ClusterVolume contains options and information specific to, and only present diff --git a/vendor/github.com/docker/docker/api/types/volume/create_options.go b/vendor/github.com/moby/moby/api/types/volume/create_request.go similarity index 65% rename from vendor/github.com/docker/docker/api/types/volume/create_options.go rename to vendor/github.com/moby/moby/api/types/volume/create_request.go index 37c41a609690..3217df827095 100644 --- a/vendor/github.com/docker/docker/api/types/volume/create_options.go +++ b/vendor/github.com/moby/moby/api/types/volume/create_request.go @@ -1,29 +1,36 @@ +// Code generated by go-swagger; DO NOT EDIT. + package volume // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command -// CreateOptions VolumeConfig +// CreateRequest VolumeConfig +// +// # Volume configuration // -// Volume configuration -// swagger:model CreateOptions -type CreateOptions struct { +// swagger:model CreateRequest +type CreateRequest struct { // cluster volume spec ClusterVolumeSpec *ClusterVolumeSpec `json:"ClusterVolumeSpec,omitempty"` // Name of the volume driver to use. + // Example: custom Driver string `json:"Driver,omitempty"` // A mapping of driver options and values. These options are // passed directly to the driver and are driver specific. // + // Example: {"device":"tmpfs","o":"size=100m,uid=1000","type":"tmpfs"} DriverOpts map[string]string `json:"DriverOpts,omitempty"` // User-defined key/value metadata. + // Example: {"com.example.some-label":"some-value","com.example.some-other-label":"some-other-value"} Labels map[string]string `json:"Labels,omitempty"` // The new volume's name. If not specified, Docker generates a name. // + // Example: tardis Name string `json:"Name,omitempty"` } diff --git a/vendor/github.com/moby/moby/api/types/volume/disk_usage.go b/vendor/github.com/moby/moby/api/types/volume/disk_usage.go new file mode 100644 index 000000000000..e2afbac6591e --- /dev/null +++ b/vendor/github.com/moby/moby/api/types/volume/disk_usage.go @@ -0,0 +1,36 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package volume + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +// DiskUsage represents system data usage for volume resources. +// +// swagger:model DiskUsage +type DiskUsage struct { + + // Count of active volumes. + // + // Example: 1 + ActiveCount int64 `json:"ActiveCount,omitempty"` + + // List of volumes. + // + Items []Volume `json:"Items,omitempty"` + + // Disk space that can be reclaimed by removing inactive volumes. + // + // Example: 12345678 + Reclaimable int64 `json:"Reclaimable,omitempty"` + + // Count of all volumes. + // + // Example: 4 + TotalCount int64 `json:"TotalCount,omitempty"` + + // Disk space in use by volumes. + // + // Example: 98765432 + TotalSize int64 `json:"TotalSize,omitempty"` +} diff --git a/vendor/github.com/docker/docker/api/types/volume/list_response.go b/vendor/github.com/moby/moby/api/types/volume/list_response.go similarity index 74% rename from vendor/github.com/docker/docker/api/types/volume/list_response.go rename to vendor/github.com/moby/moby/api/types/volume/list_response.go index ca5192a2a91e..f257762f09d7 100644 --- a/vendor/github.com/docker/docker/api/types/volume/list_response.go +++ b/vendor/github.com/moby/moby/api/types/volume/list_response.go @@ -1,3 +1,5 @@ +// Code generated by go-swagger; DO NOT EDIT. + package volume // This file was generated by the swagger tool. @@ -5,14 +7,16 @@ package volume // ListResponse VolumeListResponse // -// Volume list response +// # Volume list response +// // swagger:model ListResponse type ListResponse struct { // List of volumes - Volumes []*Volume `json:"Volumes"` + Volumes []Volume `json:"Volumes"` // Warnings that occurred when fetching the list of volumes. // + // Example: [] Warnings []string `json:"Warnings"` } diff --git a/vendor/github.com/docker/docker/api/types/volume/options.go b/vendor/github.com/moby/moby/api/types/volume/prune_report.go similarity index 52% rename from vendor/github.com/docker/docker/api/types/volume/options.go rename to vendor/github.com/moby/moby/api/types/volume/prune_report.go index 875524fbc2d4..7f501d01a7ce 100644 --- a/vendor/github.com/docker/docker/api/types/volume/options.go +++ b/vendor/github.com/moby/moby/api/types/volume/prune_report.go @@ -1,12 +1,5 @@ package volume -import "github.com/docker/docker/api/types/filters" - -// ListOptions holds parameters to list volumes. -type ListOptions struct { - Filters filters.Args -} - // PruneReport contains the response for Engine API: // POST "/volumes/prune" type PruneReport struct { diff --git a/vendor/github.com/docker/docker/api/types/volume/volume.go b/vendor/github.com/moby/moby/api/types/volume/volume.go similarity index 81% rename from vendor/github.com/docker/docker/api/types/volume/volume.go rename to vendor/github.com/moby/moby/api/types/volume/volume.go index ea7d555e5b49..524ebfb8ac69 100644 --- a/vendor/github.com/docker/docker/api/types/volume/volume.go +++ b/vendor/github.com/moby/moby/api/types/volume/volume.go @@ -1,9 +1,12 @@ +// Code generated by go-swagger; DO NOT EDIT. + package volume // This file was generated by the swagger tool. // Editing this file might prove futile when you re-run the swagger generate command // Volume volume +// // swagger:model Volume type Volume struct { @@ -11,33 +14,41 @@ type Volume struct { ClusterVolume *ClusterVolume `json:"ClusterVolume,omitempty"` // Date/Time the volume was created. + // Example: 2016-06-07T20:31:11.853781916Z CreatedAt string `json:"CreatedAt,omitempty"` // Name of the volume driver used by the volume. + // Example: custom // Required: true Driver string `json:"Driver"` // User-defined key/value metadata. + // Example: {"com.example.some-label":"some-value","com.example.some-other-label":"some-other-value"} // Required: true Labels map[string]string `json:"Labels"` // Mount path of the volume on the host. + // Example: /var/lib/docker/volumes/tardis // Required: true Mountpoint string `json:"Mountpoint"` // Name of the volume. + // Example: tardis // Required: true Name string `json:"Name"` // The driver specific options used when creating the volume. // + // Example: {"device":"tmpfs","o":"size=100m,uid=1000","type":"tmpfs"} // Required: true Options map[string]string `json:"Options"` // The level at which the volume exists. Either `global` for cluster-wide, // or `local` for machine level. // + // Example: local // Required: true + // Enum: ["local","global"] Scope string `json:"Scope"` // Low-level details about the volume, provided by the volume driver. @@ -47,7 +58,8 @@ type Volume struct { // The `Status` field is optional, and is omitted if the volume driver // does not support this feature. // - Status map[string]interface{} `json:"Status,omitempty"` + // Example: {"hello":"world"} + Status map[string]any `json:"Status,omitempty"` // usage data UsageData *UsageData `json:"UsageData,omitempty"` diff --git a/vendor/github.com/moby/moby/client/LICENSE b/vendor/github.com/moby/moby/client/LICENSE new file mode 100644 index 000000000000..6d8d58fb676b --- /dev/null +++ b/vendor/github.com/moby/moby/client/LICENSE @@ -0,0 +1,191 @@ + + Apache License + Version 2.0, January 2004 + https://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + Copyright 2013-2018 Docker, Inc. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + https://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/github.com/moby/moby/client/README.md b/vendor/github.com/moby/moby/client/README.md new file mode 100644 index 000000000000..c8c5b96f921c --- /dev/null +++ b/vendor/github.com/moby/moby/client/README.md @@ -0,0 +1,43 @@ +# Go client for the Docker Engine API + +[![PkgGoDev](https://pkg.go.dev/badge/github.com/moby/moby/client)](https://pkg.go.dev/github.com/moby/moby/client) +![GitHub License](https://img.shields.io/github/license/moby/moby) +[![Go Report Card](https://goreportcard.com/badge/github.com/moby/moby/client)](https://goreportcard.com/report/github.com/moby/moby/client) +[![OpenSSF Scorecard](https://api.scorecard.dev/projects/github.com/moby/moby/badge)](https://scorecard.dev/viewer/?uri=github.com/moby/moby) +[![OpenSSF Best Practices](https://www.bestpractices.dev/projects/10989/badge)](https://www.bestpractices.dev/projects/10989) + +The `docker` command uses this package to communicate with the daemon. It can +also be used by your own Go applications to do anything the command-line +interface does; running containers, pulling or pushing images, etc. + +For example, to list all containers (the equivalent of `docker ps --all`): + +```go +package main + +import ( + "context" + "fmt" + + "github.com/moby/moby/client" +) + +func main() { + apiClient, err := client.New(client.FromEnv, client.WithAPIVersionNegotiation()) + if err != nil { + panic(err) + } + defer apiClient.Close() + + containers, err := apiClient.ContainerList(context.Background(), client.ContainerListOptions{All: true}) + if err != nil { + panic(err) + } + + for _, ctr := range containers { + fmt.Printf("%s %s (status: %s)\n", ctr.ID, ctr.Image, ctr.Status) + } +} +``` + +[Full documentation is available on pkg.go.dev.](https://pkg.go.dev/github.com/moby/moby/client) diff --git a/vendor/github.com/moby/moby/client/auth.go b/vendor/github.com/moby/moby/client/auth.go new file mode 100644 index 000000000000..8baf39d2cfa0 --- /dev/null +++ b/vendor/github.com/moby/moby/client/auth.go @@ -0,0 +1,14 @@ +package client + +import ( + "context" + + "github.com/moby/moby/api/types/registry" +) + +// staticAuth creates a privilegeFn from the given registryAuth. +func staticAuth(registryAuth string) registry.RequestAuthConfig { + return func(ctx context.Context) (string, error) { + return registryAuth, nil + } +} diff --git a/vendor/github.com/moby/moby/client/build_cancel.go b/vendor/github.com/moby/moby/client/build_cancel.go new file mode 100644 index 000000000000..f6cfc6bc9155 --- /dev/null +++ b/vendor/github.com/moby/moby/client/build_cancel.go @@ -0,0 +1,21 @@ +package client + +import ( + "context" + "net/url" +) + +type BuildCancelOptions struct{} + +type BuildCancelResult struct{} + +// BuildCancel requests the daemon to cancel the ongoing build request +// with the given id. +func (cli *Client) BuildCancel(ctx context.Context, id string, _ BuildCancelOptions) (BuildCancelResult, error) { + query := url.Values{} + query.Set("id", id) + + resp, err := cli.post(ctx, "/build/cancel", query, nil, nil) + defer ensureReaderClosed(resp) + return BuildCancelResult{}, err +} diff --git a/vendor/github.com/moby/moby/client/build_prune.go b/vendor/github.com/moby/moby/client/build_prune.go new file mode 100644 index 000000000000..a22e9685e2fe --- /dev/null +++ b/vendor/github.com/moby/moby/client/build_prune.go @@ -0,0 +1,67 @@ +package client + +import ( + "context" + "encoding/json" + "fmt" + "net/url" + "strconv" + + "github.com/moby/moby/api/types/build" + "github.com/moby/moby/client/pkg/versions" +) + +// BuildCachePruneOptions hold parameters to prune the build cache. +type BuildCachePruneOptions struct { + All bool + ReservedSpace int64 + MaxUsedSpace int64 + MinFreeSpace int64 + Filters Filters +} + +// BuildCachePruneResult holds the result from the BuildCachePrune method. +type BuildCachePruneResult struct { + Report build.CachePruneReport +} + +// BuildCachePrune requests the daemon to delete unused cache data. +func (cli *Client) BuildCachePrune(ctx context.Context, opts BuildCachePruneOptions) (BuildCachePruneResult, error) { + var out BuildCachePruneResult + query := url.Values{} + if opts.All { + query.Set("all", "1") + } + + if opts.ReservedSpace != 0 { + // Prior to API v1.48, 'keep-storage' was used to set the reserved space for the build cache. + // TODO(austinvazquez): remove once API v1.47 is no longer supported. See https://github.com/moby/moby/issues/50902 + if versions.LessThanOrEqualTo(cli.version, "1.47") { + query.Set("keep-storage", strconv.Itoa(int(opts.ReservedSpace))) + } else { + query.Set("reserved-space", strconv.Itoa(int(opts.ReservedSpace))) + } + } + if opts.MaxUsedSpace != 0 { + query.Set("max-used-space", strconv.Itoa(int(opts.MaxUsedSpace))) + } + if opts.MinFreeSpace != 0 { + query.Set("min-free-space", strconv.Itoa(int(opts.MinFreeSpace))) + } + opts.Filters.updateURLValues(query) + + resp, err := cli.post(ctx, "/build/prune", query, nil, nil) + defer ensureReaderClosed(resp) + + if err != nil { + return BuildCachePruneResult{}, err + } + + report := build.CachePruneReport{} + if err := json.NewDecoder(resp.Body).Decode(&report); err != nil { + return BuildCachePruneResult{}, fmt.Errorf("error retrieving disk usage: %w", err) + } + + out.Report = report + return out, nil +} diff --git a/vendor/github.com/moby/moby/client/checkpoint_create.go b/vendor/github.com/moby/moby/client/checkpoint_create.go new file mode 100644 index 000000000000..b3ba5459d00a --- /dev/null +++ b/vendor/github.com/moby/moby/client/checkpoint_create.go @@ -0,0 +1,36 @@ +package client + +import ( + "context" + + "github.com/moby/moby/api/types/checkpoint" +) + +// CheckpointCreateOptions holds parameters to create a checkpoint from a container. +type CheckpointCreateOptions struct { + CheckpointID string + CheckpointDir string + Exit bool +} + +// CheckpointCreateResult holds the result from [client.CheckpointCreate]. +type CheckpointCreateResult struct { + // Add future fields here +} + +// CheckpointCreate creates a checkpoint from the given container. +func (cli *Client) CheckpointCreate(ctx context.Context, containerID string, options CheckpointCreateOptions) (CheckpointCreateResult, error) { + containerID, err := trimID("container", containerID) + if err != nil { + return CheckpointCreateResult{}, err + } + requestBody := checkpoint.CreateRequest{ + CheckpointID: options.CheckpointID, + CheckpointDir: options.CheckpointDir, + Exit: options.Exit, + } + + resp, err := cli.post(ctx, "/containers/"+containerID+"/checkpoints", nil, requestBody, nil) + defer ensureReaderClosed(resp) + return CheckpointCreateResult{}, err +} diff --git a/vendor/github.com/moby/moby/client/checkpoint_list.go b/vendor/github.com/moby/moby/client/checkpoint_list.go new file mode 100644 index 000000000000..5815f836a16e --- /dev/null +++ b/vendor/github.com/moby/moby/client/checkpoint_list.go @@ -0,0 +1,38 @@ +package client + +import ( + "context" + "encoding/json" + "net/url" + + "github.com/moby/moby/api/types/checkpoint" +) + +// CheckpointListOptions holds parameters to list checkpoints for a container. +type CheckpointListOptions struct { + CheckpointDir string +} + +// CheckpointListResult holds the result from the CheckpointList method. +type CheckpointListResult struct { + Items []checkpoint.Summary +} + +// CheckpointList returns the checkpoints of the given container in the docker host. +func (cli *Client) CheckpointList(ctx context.Context, container string, options CheckpointListOptions) (CheckpointListResult, error) { + var out CheckpointListResult + + query := url.Values{} + if options.CheckpointDir != "" { + query.Set("dir", options.CheckpointDir) + } + + resp, err := cli.get(ctx, "/containers/"+container+"/checkpoints", query, nil) + defer ensureReaderClosed(resp) + if err != nil { + return out, err + } + + err = json.NewDecoder(resp.Body).Decode(&out.Items) + return out, err +} diff --git a/vendor/github.com/moby/moby/client/checkpoint_remove.go b/vendor/github.com/moby/moby/client/checkpoint_remove.go new file mode 100644 index 000000000000..8042c5088226 --- /dev/null +++ b/vendor/github.com/moby/moby/client/checkpoint_remove.go @@ -0,0 +1,34 @@ +package client + +import ( + "context" + "net/url" +) + +// CheckpointRemoveOptions holds parameters to delete a checkpoint from a container. +type CheckpointRemoveOptions struct { + CheckpointID string + CheckpointDir string +} + +// CheckpointRemoveResult represents the result of [Client.CheckpointRemove]. +type CheckpointRemoveResult struct { + // No fields currently; placeholder for future use. +} + +// CheckpointRemove deletes the checkpoint with the given name from the given container. +func (cli *Client) CheckpointRemove(ctx context.Context, containerID string, options CheckpointRemoveOptions) (CheckpointRemoveResult, error) { + containerID, err := trimID("container", containerID) + if err != nil { + return CheckpointRemoveResult{}, err + } + + query := url.Values{} + if options.CheckpointDir != "" { + query.Set("dir", options.CheckpointDir) + } + + resp, err := cli.delete(ctx, "/containers/"+containerID+"/checkpoints/"+options.CheckpointID, query, nil) + defer ensureReaderClosed(resp) + return CheckpointRemoveResult{}, err +} diff --git a/vendor/github.com/docker/docker/client/client.go b/vendor/github.com/moby/moby/client/client.go similarity index 62% rename from vendor/github.com/docker/docker/client/client.go rename to vendor/github.com/moby/moby/client/client.go index 8acfb7f490e4..3d11861440b3 100644 --- a/vendor/github.com/docker/docker/client/client.go +++ b/vendor/github.com/moby/moby/client/client.go @@ -6,10 +6,12 @@ https://docs.docker.com/reference/api/engine/ # Usage -You use the library by constructing a client object using [NewClientWithOpts] +You use the library by constructing a client object using [New] and calling methods on it. The client can be configured from environment -variables by passing the [FromEnv] option, or configured manually by passing any -of the other available [Opts]. +variables by passing the [FromEnv] option, and the [WithAPIVersionNegotiation] +option to allow downgrading the API version used when connecting with an older +daemon version. Other options cen be configured manually by passing any of +the available [Opt] options. For example, to list running containers (the equivalent of "docker ps"): @@ -18,24 +20,33 @@ For example, to list running containers (the equivalent of "docker ps"): import ( "context" "fmt" + "log" - "github.com/docker/docker/api/types/container" - "github.com/docker/docker/client" + "github.com/moby/moby/client" ) func main() { - cli, err := client.NewClientWithOpts(client.FromEnv) + // Create a new client that handles common environment variables + // for configuration (DOCKER_HOST, DOCKER_API_VERSION), and does + // API-version negotiation to allow downgrading the API version + // when connecting with an older daemon version. + apiClient, err := client.New(client.FromEnv, client.WithAPIVersionNegotiation()) if err != nil { - panic(err) + log.Fatal(err) } - containers, err := cli.ContainerList(context.Background(), container.ListOptions{}) + // List all containers (both stopped and running). + result, err := apiClient.ContainerList(context.Background(), client.ContainerListOptions{ + All: true, + }) if err != nil { - panic(err) + log.Fatal(err) } - for _, ctr := range containers { - fmt.Printf("%s %s\n", ctr.ID, ctr.Image) + // Print each container's ID, status and the image it was created from. + fmt.Printf("%s %-22s %s\n", "ID", "STATUS", "IMAGE") + for _, ctr := range result.Items { + fmt.Printf("%s %-22s %s\n", ctr.ID, ctr.Status, ctr.Image) } } */ @@ -44,6 +55,8 @@ package client import ( "context" "crypto/tls" + "errors" + "fmt" "net" "net/http" "net/url" @@ -53,11 +66,9 @@ import ( "sync/atomic" "time" - "github.com/docker/docker/api" - "github.com/docker/docker/api/types" - "github.com/docker/docker/api/types/versions" + cerrdefs "github.com/containerd/errdefs" "github.com/docker/go-connections/sockets" - "github.com/pkg/errors" + "github.com/moby/moby/client/pkg/versions" "go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp" ) @@ -91,12 +102,19 @@ import ( // [Go stdlib]: https://github.com/golang/go/blob/6244b1946bc2101b01955468f1be502dbadd6807/src/net/http/transport.go#L558-L569 const DummyHost = "api.moby.localhost" -// fallbackAPIVersion is the version to fallback to if API-version negotiation -// fails. This version is the highest version of the API before API-version -// negotiation was introduced. If negotiation fails (or no API version was -// included in the API response), we assume the API server uses the most -// recent version before negotiation was introduced. -const fallbackAPIVersion = "1.24" +// MaxAPIVersion is the highest REST API version supported by the client. +// If API-version negotiation is enabled (see [WithAPIVersionNegotiation], +// [Client.NegotiateAPIVersion]), the client may downgrade its API version. +// Similarly, the [WithVersion] and [WithVersionFromEnv] allow overriding +// the version. +// +// This version may be lower than the version of the api library module used. +const MaxAPIVersion = "1.52" + +// fallbackAPIVersion is the version to fall back to if API-version negotiation +// fails. API versions below this version are not supported by the client, +// and not considered when negotiating. +const fallbackAPIVersion = "1.44" // Ensure that Client always implements APIClient. var _ APIClient = &Client{} @@ -104,35 +122,7 @@ var _ APIClient = &Client{} // Client is the API client that performs all operations // against a docker server. type Client struct { - // scheme sets the scheme for the client - scheme string - // host holds the server address to connect to - host string - // proto holds the client protocol i.e. unix. - proto string - // addr holds the client address. - addr string - // basePath holds the path to prepend to the requests. - basePath string - // client used to send and receive http requests. - client *http.Client - // version of the server to talk to. - version string - // userAgent is the User-Agent header to use for HTTP requests. It takes - // precedence over User-Agent headers set in customHTTPHeaders, and other - // header variables. When set to an empty string, the User-Agent header - // is removed, and no header is sent. - userAgent *string - // custom HTTP headers configured by users. - customHTTPHeaders map[string]string - // manualOverride is set to true when the version was set by users. - manualOverride bool - - // negotiateVersion indicates if the client should automatically negotiate - // the API version to use when making requests. API version negotiation is - // performed on the first request, after which negotiated is set to "true" - // so that subsequent requests do not re-negotiate. - negotiateVersion bool + clientConfig // negotiated indicates that API version negotiation took place negotiated atomic.Bool @@ -140,8 +130,6 @@ type Client struct { // negotiateLock is used to single-flight the version negotiation process negotiateLock sync.Mutex - traceOpts []otelhttp.Option - // When the client transport is an *http.Transport (default) we need to do some extra things (like closing idle connections). // Store the original transport as the http.Client transport will be wrapped with tracing libs. baseTransport *http.Transport @@ -172,7 +160,14 @@ func CheckRedirect(_ *http.Request, via []*http.Request) error { return ErrRedirect } -// NewClientWithOpts initializes a new API client with a default HTTPClient, and +// NewClientWithOpts initializes a new API client. +// +// Deprecated: use New. This function will be removed in the next release. +func NewClientWithOpts(ops ...Opt) (*Client, error) { + return New(ops...) +} + +// New initializes a new API client with a default HTTPClient, and // default API host and version. It also initializes the custom HTTP headers to // add to each request. // @@ -182,11 +177,11 @@ func CheckRedirect(_ *http.Request, via []*http.Request) error { // itself with values from environment variables ([FromEnv]), and has automatic // API version negotiation enabled ([WithAPIVersionNegotiation]). // -// cli, err := client.NewClientWithOpts( +// cli, err := client.New( // client.FromEnv, // client.WithAPIVersionNegotiation(), // ) -func NewClientWithOpts(ops ...Opt) (*Client, error) { +func New(ops ...Opt) (*Client, error) { hostURL, err := ParseHostURL(DefaultDockerHost) if err != nil { return nil, err @@ -197,21 +192,23 @@ func NewClientWithOpts(ops ...Opt) (*Client, error) { return nil, err } c := &Client{ - host: DefaultDockerHost, - version: api.DefaultVersion, - client: client, - proto: hostURL.Scheme, - addr: hostURL.Host, - - traceOpts: []otelhttp.Option{ - otelhttp.WithSpanNameFormatter(func(_ string, req *http.Request) string { - return req.Method + " " + req.URL.Path - }), + clientConfig: clientConfig{ + host: DefaultDockerHost, + version: MaxAPIVersion, + client: client, + proto: hostURL.Scheme, + addr: hostURL.Host, + traceOpts: []otelhttp.Option{ + otelhttp.WithSpanNameFormatter(func(_ string, req *http.Request) string { + return req.Method + " " + req.URL.Path + }), + }, }, } + cfg := &c.clientConfig for _, op := range ops { - if err := op(c); err != nil { + if err := op(cfg); err != nil { return nil, err } } @@ -281,23 +278,13 @@ func (cli *Client) Close() error { // be negotiated when making the actual requests, and for which cases // we cannot do the negotiation lazily. func (cli *Client) checkVersion(ctx context.Context) error { - if !cli.manualOverride && cli.negotiateVersion && !cli.negotiated.Load() { - // Ensure exclusive write access to version and negotiated fields - cli.negotiateLock.Lock() - defer cli.negotiateLock.Unlock() - - // May have been set during last execution of critical zone - if cli.negotiated.Load() { - return nil - } - - ping, err := cli.Ping(ctx) - if err != nil { - return err - } - cli.negotiateAPIVersionPing(ping) + if cli.manualOverride || !cli.negotiateVersion || cli.negotiated.Load() { + return nil } - return nil + _, err := cli.Ping(ctx, PingOptions{ + NegotiateAPIVersion: true, + }) + return err } // getAPIPath returns the versioned request path to call the API. @@ -318,75 +305,27 @@ func (cli *Client) ClientVersion() string { return cli.version } -// NegotiateAPIVersion queries the API and updates the version to match the API -// version. NegotiateAPIVersion downgrades the client's API version to match the -// APIVersion if the ping version is lower than the default version. If the API -// version reported by the server is higher than the maximum version supported -// by the client, it uses the client's maximum version. -// -// If a manual override is in place, either through the "DOCKER_API_VERSION" -// ([EnvOverrideAPIVersion]) environment variable, or if the client is initialized -// with a fixed version ([WithVersion]), no negotiation is performed. -// -// If the API server's ping response does not contain an API version, or if the -// client did not get a successful ping response, it assumes it is connected with -// an old daemon that does not support API version negotiation, in which case it -// downgrades to the latest version of the API before version negotiation was -// added (1.24). -func (cli *Client) NegotiateAPIVersion(ctx context.Context) { - if !cli.manualOverride { - // Avoid concurrent modification of version-related fields - cli.negotiateLock.Lock() - defer cli.negotiateLock.Unlock() - - ping, err := cli.Ping(ctx) - if err != nil { - // FIXME(thaJeztah): Ping returns an error when failing to connect to the API; we should not swallow the error here, and instead returning it. - return - } - cli.negotiateAPIVersionPing(ping) - } -} - -// NegotiateAPIVersionPing downgrades the client's API version to match the -// APIVersion in the ping response. If the API version in pingResponse is higher -// than the maximum version supported by the client, it uses the client's maximum -// version. -// -// If a manual override is in place, either through the "DOCKER_API_VERSION" -// ([EnvOverrideAPIVersion]) environment variable, or if the client is initialized -// with a fixed version ([WithVersion]), no negotiation is performed. -// -// If the API server's ping response does not contain an API version, we assume -// we are connected with an old daemon without API version negotiation support, -// and downgrade to the latest version of the API before version negotiation was -// added (1.24). -func (cli *Client) NegotiateAPIVersionPing(pingResponse types.Ping) { - if !cli.manualOverride { - // Avoid concurrent modification of version-related fields - cli.negotiateLock.Lock() - defer cli.negotiateLock.Unlock() - - cli.negotiateAPIVersionPing(pingResponse) - } -} - -// negotiateAPIVersionPing queries the API and updates the version to match the -// API version from the ping response. -func (cli *Client) negotiateAPIVersionPing(pingResponse types.Ping) { - // default to the latest version before versioning headers existed - if pingResponse.APIVersion == "" { - pingResponse.APIVersion = fallbackAPIVersion +// negotiateAPIVersion updates the version to match the API version from +// the ping response. It falls back to the lowest version supported if the +// API version is empty, or returns an error if the API version is lower than +// the lowest supported API version, in which case the version is not modified. +func (cli *Client) negotiateAPIVersion(pingVersion string) error { + pingVersion = strings.TrimPrefix(pingVersion, "v") + if pingVersion == "" { + // TODO(thaJeztah): consider returning an error on empty value or not falling back; see https://github.com/moby/moby/pull/51119#discussion_r2413148487 + pingVersion = fallbackAPIVersion + } else if versions.LessThan(pingVersion, fallbackAPIVersion) { + return cerrdefs.ErrInvalidArgument.WithMessage(fmt.Sprintf("API version %s is not supported by this client: the minimum supported API version is %s", pingVersion, fallbackAPIVersion)) } // if the client is not initialized with a version, start with the latest supported version if cli.version == "" { - cli.version = api.DefaultVersion + cli.version = MaxAPIVersion } // if server version is lower than the client version, downgrade - if versions.LessThan(pingResponse.APIVersion, cli.version) { - cli.version = pingResponse.APIVersion + if versions.LessThan(pingVersion, cli.version) { + cli.version = pingVersion } // Store the results, so that automatic API version negotiation (if enabled) @@ -394,6 +333,7 @@ func (cli *Client) negotiateAPIVersionPing(pingResponse types.Ping) { if cli.negotiateVersion { cli.negotiated.Store(true) } + return nil } // DaemonHost returns the host address used by the client @@ -401,18 +341,12 @@ func (cli *Client) DaemonHost() string { return cli.host } -// HTTPClient returns a copy of the HTTP client bound to the server -func (cli *Client) HTTPClient() *http.Client { - c := *cli.client - return &c -} - // ParseHostURL parses a url string, validates the string is a host url, and // returns the parsed URL func ParseHostURL(host string) (*url.URL, error) { proto, addr, ok := strings.Cut(host, "://") if !ok || addr == "" { - return nil, errors.Errorf("unable to parse docker host `%s`", host) + return nil, fmt.Errorf("unable to parse docker host `%s`", host) } var basePath string diff --git a/vendor/github.com/moby/moby/client/client_interfaces.go b/vendor/github.com/moby/moby/client/client_interfaces.go new file mode 100644 index 000000000000..4bbd45a6e59f --- /dev/null +++ b/vendor/github.com/moby/moby/client/client_interfaces.go @@ -0,0 +1,242 @@ +package client + +import ( + "context" + "io" + "net" +) + +// APIClient is an interface that clients that talk with a docker server must implement. +type APIClient interface { + stableAPIClient + CheckpointAPIClient // CheckpointAPIClient is still experimental. +} + +type stableAPIClient interface { + ConfigAPIClient + ContainerAPIClient + DistributionAPIClient + RegistrySearchClient + ExecAPIClient + ImageBuildAPIClient + ImageAPIClient + NetworkAPIClient + PluginAPIClient + SystemAPIClient + VolumeAPIClient + ClientVersion() string + DaemonHost() string + ServerVersion(ctx context.Context, options ServerVersionOptions) (ServerVersionResult, error) + HijackDialer + Dialer() func(context.Context) (net.Conn, error) + Close() error + SwarmManagementAPIClient +} + +// SwarmManagementAPIClient defines all methods for managing Swarm-specific +// objects. +type SwarmManagementAPIClient interface { + SwarmAPIClient + NodeAPIClient + ServiceAPIClient + TaskAPIClient + SecretAPIClient + ConfigAPIClient +} + +// HijackDialer defines methods for a hijack dialer. +type HijackDialer interface { + DialHijack(ctx context.Context, url, proto string, meta map[string][]string) (net.Conn, error) +} + +// CheckpointAPIClient defines API client methods for the checkpoints. +// +// Experimental: checkpoint and restore is still an experimental feature, +// and only available if the daemon is running with experimental features +// enabled. +type CheckpointAPIClient interface { + CheckpointCreate(ctx context.Context, container string, options CheckpointCreateOptions) (CheckpointCreateResult, error) + CheckpointRemove(ctx context.Context, container string, options CheckpointRemoveOptions) (CheckpointRemoveResult, error) + CheckpointList(ctx context.Context, container string, options CheckpointListOptions) (CheckpointListResult, error) +} + +// ContainerAPIClient defines API client methods for the containers +type ContainerAPIClient interface { + ContainerCreate(ctx context.Context, options ContainerCreateOptions) (ContainerCreateResult, error) + ContainerInspect(ctx context.Context, container string, options ContainerInspectOptions) (ContainerInspectResult, error) + ContainerList(ctx context.Context, options ContainerListOptions) (ContainerListResult, error) + ContainerUpdate(ctx context.Context, container string, updateConfig ContainerUpdateOptions) (ContainerUpdateResult, error) + ContainerRemove(ctx context.Context, container string, options ContainerRemoveOptions) (ContainerRemoveResult, error) + ContainerPrune(ctx context.Context, opts ContainerPruneOptions) (ContainerPruneResult, error) + + ContainerLogs(ctx context.Context, container string, options ContainerLogsOptions) (ContainerLogsResult, error) + + ContainerStart(ctx context.Context, container string, options ContainerStartOptions) (ContainerStartResult, error) + ContainerStop(ctx context.Context, container string, options ContainerStopOptions) (ContainerStopResult, error) + ContainerRestart(ctx context.Context, container string, options ContainerRestartOptions) (ContainerRestartResult, error) + ContainerPause(ctx context.Context, container string, options ContainerPauseOptions) (ContainerPauseResult, error) + ContainerUnpause(ctx context.Context, container string, options ContainerUnpauseOptions) (ContainerUnpauseResult, error) + ContainerWait(ctx context.Context, container string, options ContainerWaitOptions) ContainerWaitResult + ContainerKill(ctx context.Context, container string, options ContainerKillOptions) (ContainerKillResult, error) + + ContainerRename(ctx context.Context, container string, options ContainerRenameOptions) (ContainerRenameResult, error) + ContainerResize(ctx context.Context, container string, options ContainerResizeOptions) (ContainerResizeResult, error) + ContainerAttach(ctx context.Context, container string, options ContainerAttachOptions) (ContainerAttachResult, error) + ContainerCommit(ctx context.Context, container string, options ContainerCommitOptions) (ContainerCommitResult, error) + ContainerDiff(ctx context.Context, container string, options ContainerDiffOptions) (ContainerDiffResult, error) + ContainerExport(ctx context.Context, container string, options ContainerExportOptions) (ContainerExportResult, error) + + ContainerStats(ctx context.Context, container string, options ContainerStatsOptions) (ContainerStatsResult, error) + ContainerTop(ctx context.Context, container string, options ContainerTopOptions) (ContainerTopResult, error) + + ContainerStatPath(ctx context.Context, container string, options ContainerStatPathOptions) (ContainerStatPathResult, error) + CopyFromContainer(ctx context.Context, container string, options CopyFromContainerOptions) (CopyFromContainerResult, error) + CopyToContainer(ctx context.Context, container string, options CopyToContainerOptions) (CopyToContainerResult, error) +} + +type ExecAPIClient interface { + ExecCreate(ctx context.Context, container string, options ExecCreateOptions) (ExecCreateResult, error) + ExecInspect(ctx context.Context, execID string, options ExecInspectOptions) (ExecInspectResult, error) + ExecResize(ctx context.Context, execID string, options ExecResizeOptions) (ExecResizeResult, error) + + ExecStart(ctx context.Context, execID string, options ExecStartOptions) (ExecStartResult, error) + ExecAttach(ctx context.Context, execID string, options ExecAttachOptions) (ExecAttachResult, error) +} + +// DistributionAPIClient defines API client methods for the registry +type DistributionAPIClient interface { + DistributionInspect(ctx context.Context, image string, options DistributionInspectOptions) (DistributionInspectResult, error) +} + +type RegistrySearchClient interface { + ImageSearch(ctx context.Context, term string, options ImageSearchOptions) (ImageSearchResult, error) +} + +// ImageBuildAPIClient defines API client methods for building images +// using the REST API. +type ImageBuildAPIClient interface { + ImageBuild(ctx context.Context, context io.Reader, options ImageBuildOptions) (ImageBuildResult, error) + BuildCachePrune(ctx context.Context, opts BuildCachePruneOptions) (BuildCachePruneResult, error) + BuildCancel(ctx context.Context, id string, opts BuildCancelOptions) (BuildCancelResult, error) +} + +// ImageAPIClient defines API client methods for the images +type ImageAPIClient interface { + ImageImport(ctx context.Context, source ImageImportSource, ref string, options ImageImportOptions) (ImageImportResult, error) + + ImageList(ctx context.Context, options ImageListOptions) (ImageListResult, error) + ImagePull(ctx context.Context, ref string, options ImagePullOptions) (ImagePullResponse, error) + ImagePush(ctx context.Context, ref string, options ImagePushOptions) (ImagePushResponse, error) + ImageRemove(ctx context.Context, image string, options ImageRemoveOptions) (ImageRemoveResult, error) + ImageTag(ctx context.Context, options ImageTagOptions) (ImageTagResult, error) + ImagePrune(ctx context.Context, opts ImagePruneOptions) (ImagePruneResult, error) + + ImageInspect(ctx context.Context, image string, _ ...ImageInspectOption) (ImageInspectResult, error) + ImageHistory(ctx context.Context, image string, _ ...ImageHistoryOption) (ImageHistoryResult, error) + + ImageLoad(ctx context.Context, input io.Reader, _ ...ImageLoadOption) (ImageLoadResult, error) + ImageSave(ctx context.Context, images []string, _ ...ImageSaveOption) (ImageSaveResult, error) +} + +// NetworkAPIClient defines API client methods for the networks +type NetworkAPIClient interface { + NetworkCreate(ctx context.Context, name string, options NetworkCreateOptions) (NetworkCreateResult, error) + NetworkInspect(ctx context.Context, network string, options NetworkInspectOptions) (NetworkInspectResult, error) + NetworkList(ctx context.Context, options NetworkListOptions) (NetworkListResult, error) + NetworkRemove(ctx context.Context, network string, options NetworkRemoveOptions) (NetworkRemoveResult, error) + NetworkPrune(ctx context.Context, opts NetworkPruneOptions) (NetworkPruneResult, error) + + NetworkConnect(ctx context.Context, network string, options NetworkConnectOptions) (NetworkConnectResult, error) + NetworkDisconnect(ctx context.Context, network string, options NetworkDisconnectOptions) (NetworkDisconnectResult, error) +} + +// NodeAPIClient defines API client methods for the nodes +type NodeAPIClient interface { + NodeInspect(ctx context.Context, nodeID string, options NodeInspectOptions) (NodeInspectResult, error) + NodeList(ctx context.Context, options NodeListOptions) (NodeListResult, error) + NodeUpdate(ctx context.Context, nodeID string, options NodeUpdateOptions) (NodeUpdateResult, error) + NodeRemove(ctx context.Context, nodeID string, options NodeRemoveOptions) (NodeRemoveResult, error) +} + +// PluginAPIClient defines API client methods for the plugins +type PluginAPIClient interface { + PluginCreate(ctx context.Context, createContext io.Reader, options PluginCreateOptions) (PluginCreateResult, error) + PluginInstall(ctx context.Context, name string, options PluginInstallOptions) (PluginInstallResult, error) + PluginInspect(ctx context.Context, name string, options PluginInspectOptions) (PluginInspectResult, error) + PluginList(ctx context.Context, options PluginListOptions) (PluginListResult, error) + PluginRemove(ctx context.Context, name string, options PluginRemoveOptions) (PluginRemoveResult, error) + + PluginEnable(ctx context.Context, name string, options PluginEnableOptions) (PluginEnableResult, error) + PluginDisable(ctx context.Context, name string, options PluginDisableOptions) (PluginDisableResult, error) + PluginUpgrade(ctx context.Context, name string, options PluginUpgradeOptions) (PluginUpgradeResult, error) + PluginPush(ctx context.Context, name string, options PluginPushOptions) (PluginPushResult, error) + PluginSet(ctx context.Context, name string, options PluginSetOptions) (PluginSetResult, error) +} + +// ServiceAPIClient defines API client methods for the services +type ServiceAPIClient interface { + ServiceCreate(ctx context.Context, options ServiceCreateOptions) (ServiceCreateResult, error) + ServiceInspect(ctx context.Context, serviceID string, options ServiceInspectOptions) (ServiceInspectResult, error) + ServiceList(ctx context.Context, options ServiceListOptions) (ServiceListResult, error) + ServiceUpdate(ctx context.Context, serviceID string, options ServiceUpdateOptions) (ServiceUpdateResult, error) + ServiceRemove(ctx context.Context, serviceID string, options ServiceRemoveOptions) (ServiceRemoveResult, error) + + ServiceLogs(ctx context.Context, serviceID string, options ServiceLogsOptions) (ServiceLogsResult, error) +} + +// TaskAPIClient defines API client methods to manage swarm tasks. +type TaskAPIClient interface { + TaskInspect(ctx context.Context, taskID string, options TaskInspectOptions) (TaskInspectResult, error) + TaskList(ctx context.Context, options TaskListOptions) (TaskListResult, error) + + TaskLogs(ctx context.Context, taskID string, options TaskLogsOptions) (TaskLogsResult, error) +} + +// SwarmAPIClient defines API client methods for the swarm +type SwarmAPIClient interface { + SwarmInit(ctx context.Context, options SwarmInitOptions) (SwarmInitResult, error) + SwarmJoin(ctx context.Context, options SwarmJoinOptions) (SwarmJoinResult, error) + SwarmInspect(ctx context.Context, options SwarmInspectOptions) (SwarmInspectResult, error) + SwarmUpdate(ctx context.Context, options SwarmUpdateOptions) (SwarmUpdateResult, error) + SwarmLeave(ctx context.Context, options SwarmLeaveOptions) (SwarmLeaveResult, error) + + SwarmGetUnlockKey(ctx context.Context) (SwarmGetUnlockKeyResult, error) + SwarmUnlock(ctx context.Context, options SwarmUnlockOptions) (SwarmUnlockResult, error) +} + +// SystemAPIClient defines API client methods for the system +type SystemAPIClient interface { + Events(ctx context.Context, options EventsListOptions) EventsResult + Info(ctx context.Context, options InfoOptions) (SystemInfoResult, error) + RegistryLogin(ctx context.Context, auth RegistryLoginOptions) (RegistryLoginResult, error) + DiskUsage(ctx context.Context, options DiskUsageOptions) (DiskUsageResult, error) + Ping(ctx context.Context, options PingOptions) (PingResult, error) +} + +// VolumeAPIClient defines API client methods for the volumes +type VolumeAPIClient interface { + VolumeCreate(ctx context.Context, options VolumeCreateOptions) (VolumeCreateResult, error) + VolumeInspect(ctx context.Context, volumeID string, options VolumeInspectOptions) (VolumeInspectResult, error) + VolumeList(ctx context.Context, options VolumeListOptions) (VolumeListResult, error) + VolumeUpdate(ctx context.Context, volumeID string, options VolumeUpdateOptions) (VolumeUpdateResult, error) + VolumeRemove(ctx context.Context, volumeID string, options VolumeRemoveOptions) (VolumeRemoveResult, error) + VolumePrune(ctx context.Context, options VolumePruneOptions) (VolumePruneResult, error) +} + +// SecretAPIClient defines API client methods for secrets +type SecretAPIClient interface { + SecretCreate(ctx context.Context, options SecretCreateOptions) (SecretCreateResult, error) + SecretInspect(ctx context.Context, id string, options SecretInspectOptions) (SecretInspectResult, error) + SecretList(ctx context.Context, options SecretListOptions) (SecretListResult, error) + SecretUpdate(ctx context.Context, id string, options SecretUpdateOptions) (SecretUpdateResult, error) + SecretRemove(ctx context.Context, id string, options SecretRemoveOptions) (SecretRemoveResult, error) +} + +// ConfigAPIClient defines API client methods for configs +type ConfigAPIClient interface { + ConfigCreate(ctx context.Context, options ConfigCreateOptions) (ConfigCreateResult, error) + ConfigInspect(ctx context.Context, id string, options ConfigInspectOptions) (ConfigInspectResult, error) + ConfigList(ctx context.Context, options ConfigListOptions) (ConfigListResult, error) + ConfigUpdate(ctx context.Context, id string, options ConfigUpdateOptions) (ConfigUpdateResult, error) + ConfigRemove(ctx context.Context, id string, options ConfigRemoveOptions) (ConfigRemoveResult, error) +} diff --git a/vendor/github.com/docker/docker/client/client_unix.go b/vendor/github.com/moby/moby/client/client_unix.go similarity index 100% rename from vendor/github.com/docker/docker/client/client_unix.go rename to vendor/github.com/moby/moby/client/client_unix.go diff --git a/vendor/github.com/docker/docker/client/client_windows.go b/vendor/github.com/moby/moby/client/client_windows.go similarity index 100% rename from vendor/github.com/docker/docker/client/client_windows.go rename to vendor/github.com/moby/moby/client/client_windows.go diff --git a/vendor/github.com/moby/moby/client/config_create.go b/vendor/github.com/moby/moby/client/config_create.go new file mode 100644 index 000000000000..874e2c947c5a --- /dev/null +++ b/vendor/github.com/moby/moby/client/config_create.go @@ -0,0 +1,34 @@ +package client + +import ( + "context" + "encoding/json" + + "github.com/moby/moby/api/types/swarm" +) + +// ConfigCreateOptions holds options for creating a config. +type ConfigCreateOptions struct { + Spec swarm.ConfigSpec +} + +// ConfigCreateResult holds the result from the ConfigCreate method. +type ConfigCreateResult struct { + ID string +} + +// ConfigCreate creates a new config. +func (cli *Client) ConfigCreate(ctx context.Context, options ConfigCreateOptions) (ConfigCreateResult, error) { + resp, err := cli.post(ctx, "/configs/create", nil, options.Spec, nil) + defer ensureReaderClosed(resp) + if err != nil { + return ConfigCreateResult{}, err + } + + var out swarm.ConfigCreateResponse + err = json.NewDecoder(resp.Body).Decode(&out) + if err != nil { + return ConfigCreateResult{}, err + } + return ConfigCreateResult{ID: out.ID}, nil +} diff --git a/vendor/github.com/moby/moby/client/config_inspect.go b/vendor/github.com/moby/moby/client/config_inspect.go new file mode 100644 index 000000000000..0bf0ff79167d --- /dev/null +++ b/vendor/github.com/moby/moby/client/config_inspect.go @@ -0,0 +1,35 @@ +package client + +import ( + "context" + "encoding/json" + + "github.com/moby/moby/api/types/swarm" +) + +// ConfigInspectOptions holds options for inspecting a config. +type ConfigInspectOptions struct { + // Add future optional parameters here +} + +// ConfigInspectResult holds the result from the ConfigInspect method. +type ConfigInspectResult struct { + Config swarm.Config + Raw json.RawMessage +} + +// ConfigInspect returns the config information with raw data +func (cli *Client) ConfigInspect(ctx context.Context, id string, options ConfigInspectOptions) (ConfigInspectResult, error) { + id, err := trimID("config", id) + if err != nil { + return ConfigInspectResult{}, err + } + resp, err := cli.get(ctx, "/configs/"+id, nil, nil) + if err != nil { + return ConfigInspectResult{}, err + } + + var out ConfigInspectResult + out.Raw, err = decodeWithRaw(resp, &out.Config) + return out, err +} diff --git a/vendor/github.com/moby/moby/client/config_list.go b/vendor/github.com/moby/moby/client/config_list.go new file mode 100644 index 000000000000..ee5e7fee7ac8 --- /dev/null +++ b/vendor/github.com/moby/moby/client/config_list.go @@ -0,0 +1,38 @@ +package client + +import ( + "context" + "encoding/json" + "net/url" + + "github.com/moby/moby/api/types/swarm" +) + +// ConfigListOptions holds parameters to list configs +type ConfigListOptions struct { + Filters Filters +} + +// ConfigListResult holds the result from the [client.ConfigList] method. +type ConfigListResult struct { + Items []swarm.Config +} + +// ConfigList returns the list of configs. +func (cli *Client) ConfigList(ctx context.Context, options ConfigListOptions) (ConfigListResult, error) { + query := url.Values{} + options.Filters.updateURLValues(query) + + resp, err := cli.get(ctx, "/configs", query, nil) + defer ensureReaderClosed(resp) + if err != nil { + return ConfigListResult{}, err + } + + var out ConfigListResult + err = json.NewDecoder(resp.Body).Decode(&out.Items) + if err != nil { + return ConfigListResult{}, err + } + return out, nil +} diff --git a/vendor/github.com/moby/moby/client/config_remove.go b/vendor/github.com/moby/moby/client/config_remove.go new file mode 100644 index 000000000000..c77a4c37862e --- /dev/null +++ b/vendor/github.com/moby/moby/client/config_remove.go @@ -0,0 +1,25 @@ +package client + +import "context" + +type ConfigRemoveOptions struct { + // Add future optional parameters here +} + +type ConfigRemoveResult struct { + // Add future fields here +} + +// ConfigRemove removes a config. +func (cli *Client) ConfigRemove(ctx context.Context, id string, options ConfigRemoveOptions) (ConfigRemoveResult, error) { + id, err := trimID("config", id) + if err != nil { + return ConfigRemoveResult{}, err + } + resp, err := cli.delete(ctx, "/configs/"+id, nil, nil) + defer ensureReaderClosed(resp) + if err != nil { + return ConfigRemoveResult{}, err + } + return ConfigRemoveResult{}, nil +} diff --git a/vendor/github.com/moby/moby/client/config_update.go b/vendor/github.com/moby/moby/client/config_update.go new file mode 100644 index 000000000000..2651f4b2f89f --- /dev/null +++ b/vendor/github.com/moby/moby/client/config_update.go @@ -0,0 +1,32 @@ +package client + +import ( + "context" + "net/url" + + "github.com/moby/moby/api/types/swarm" +) + +// ConfigUpdateOptions holds options for updating a config. +type ConfigUpdateOptions struct { + Version swarm.Version + Spec swarm.ConfigSpec +} + +type ConfigUpdateResult struct{} + +// ConfigUpdate attempts to update a config +func (cli *Client) ConfigUpdate(ctx context.Context, id string, options ConfigUpdateOptions) (ConfigUpdateResult, error) { + id, err := trimID("config", id) + if err != nil { + return ConfigUpdateResult{}, err + } + query := url.Values{} + query.Set("version", options.Version.String()) + resp, err := cli.post(ctx, "/configs/"+id+"/update", query, options.Spec, nil) + defer ensureReaderClosed(resp) + if err != nil { + return ConfigUpdateResult{}, err + } + return ConfigUpdateResult{}, nil +} diff --git a/vendor/github.com/moby/moby/client/container_attach.go b/vendor/github.com/moby/moby/client/container_attach.go new file mode 100644 index 000000000000..fa3a2efcc998 --- /dev/null +++ b/vendor/github.com/moby/moby/client/container_attach.go @@ -0,0 +1,86 @@ +package client + +import ( + "context" + "net/http" + "net/url" +) + +// ContainerAttachOptions holds parameters to attach to a container. +type ContainerAttachOptions struct { + Stream bool + Stdin bool + Stdout bool + Stderr bool + DetachKeys string + Logs bool +} + +// ContainerAttachResult is the result from attaching to a container. +type ContainerAttachResult struct { + HijackedResponse +} + +// ContainerAttach attaches a connection to a container in the server. +// It returns a [HijackedResponse] with the hijacked connection +// and a reader to get output. It's up to the called to close +// the hijacked connection by calling [HijackedResponse.Close]. +// +// The stream format on the response uses one of two formats: +// +// - If the container is using a TTY, there is only a single stream (stdout) +// and data is copied directly from the container output stream, no extra +// multiplexing or headers. +// - If the container is *not* using a TTY, streams for stdout and stderr are +// multiplexed. +// +// The format of the multiplexed stream is defined in the [stdcopy] package, +// and as follows: +// +// [8]byte{STREAM_TYPE, 0, 0, 0, SIZE1, SIZE2, SIZE3, SIZE4}[]byte{OUTPUT} +// +// STREAM_TYPE can be 1 for [Stdout] and 2 for [Stderr]. Refer to [stdcopy.StdType] +// for details. SIZE1, SIZE2, SIZE3, and SIZE4 are four bytes of uint32 encoded +// as big endian, this is the size of OUTPUT. You can use [stdcopy.StdCopy] +// to demultiplex this stream. +// +// [stdcopy]: https://pkg.go.dev/github.com/moby/moby/api/pkg/stdcopy +// [stdcopy.StdCopy]: https://pkg.go.dev/github.com/moby/moby/api/pkg/stdcopy#StdCopy +// [stdcopy.StdType]: https://pkg.go.dev/github.com/moby/moby/api/pkg/stdcopy#StdType +// [Stdout]: https://pkg.go.dev/github.com/moby/moby/api/pkg/stdcopy#Stdout +// [Stderr]: https://pkg.go.dev/github.com/moby/moby/api/pkg/stdcopy#Stderr +func (cli *Client) ContainerAttach(ctx context.Context, containerID string, options ContainerAttachOptions) (ContainerAttachResult, error) { + containerID, err := trimID("container", containerID) + if err != nil { + return ContainerAttachResult{}, err + } + + query := url.Values{} + if options.Stream { + query.Set("stream", "1") + } + if options.Stdin { + query.Set("stdin", "1") + } + if options.Stdout { + query.Set("stdout", "1") + } + if options.Stderr { + query.Set("stderr", "1") + } + if options.DetachKeys != "" { + query.Set("detachKeys", options.DetachKeys) + } + if options.Logs { + query.Set("logs", "1") + } + + hijacked, err := cli.postHijacked(ctx, "/containers/"+containerID+"/attach", query, nil, http.Header{ + "Content-Type": {"text/plain"}, + }) + if err != nil { + return ContainerAttachResult{}, err + } + + return ContainerAttachResult{HijackedResponse: hijacked}, nil +} diff --git a/vendor/github.com/docker/docker/client/container_commit.go b/vendor/github.com/moby/moby/client/container_commit.go similarity index 56% rename from vendor/github.com/docker/docker/client/container_commit.go rename to vendor/github.com/moby/moby/client/container_commit.go index 2b5b9852fb0e..79da44a54f80 100644 --- a/vendor/github.com/docker/docker/client/container_commit.go +++ b/vendor/github.com/moby/moby/client/container_commit.go @@ -7,25 +7,40 @@ import ( "net/url" "github.com/distribution/reference" - "github.com/docker/docker/api/types/container" + "github.com/moby/moby/api/types/container" ) +// ContainerCommitOptions holds parameters to commit changes into a container. +type ContainerCommitOptions struct { + Reference string + Comment string + Author string + Changes []string + NoPause bool // NoPause disables pausing the container during commit. + Config *container.Config +} + +// ContainerCommitResult is the result from committing a container. +type ContainerCommitResult struct { + ID string +} + // ContainerCommit applies changes to a container and creates a new tagged image. -func (cli *Client) ContainerCommit(ctx context.Context, containerID string, options container.CommitOptions) (container.CommitResponse, error) { +func (cli *Client) ContainerCommit(ctx context.Context, containerID string, options ContainerCommitOptions) (ContainerCommitResult, error) { containerID, err := trimID("container", containerID) if err != nil { - return container.CommitResponse{}, err + return ContainerCommitResult{}, err } var repository, tag string if options.Reference != "" { ref, err := reference.ParseNormalizedNamed(options.Reference) if err != nil { - return container.CommitResponse{}, err + return ContainerCommitResult{}, err } - if _, isCanonical := ref.(reference.Canonical); isCanonical { - return container.CommitResponse{}, errors.New("refusing to create a tag with a digest reference") + if _, ok := ref.(reference.Digested); ok { + return ContainerCommitResult{}, errors.New("refusing to create a tag with a digest reference") } ref = reference.TagNameOnly(ref) @@ -44,7 +59,7 @@ func (cli *Client) ContainerCommit(ctx context.Context, containerID string, opti for _, change := range options.Changes { query.Add("changes", change) } - if !options.Pause { + if options.NoPause { query.Set("pause", "0") } @@ -52,9 +67,9 @@ func (cli *Client) ContainerCommit(ctx context.Context, containerID string, opti resp, err := cli.post(ctx, "/commit", query, options.Config, nil) defer ensureReaderClosed(resp) if err != nil { - return response, err + return ContainerCommitResult{}, err } err = json.NewDecoder(resp.Body).Decode(&response) - return response, err + return ContainerCommitResult{ID: response.ID}, err } diff --git a/vendor/github.com/docker/docker/client/container_copy.go b/vendor/github.com/moby/moby/client/container_copy.go similarity index 58% rename from vendor/github.com/docker/docker/client/container_copy.go rename to vendor/github.com/moby/moby/client/container_copy.go index 7c4130dc7f1e..f76511246ca2 100644 --- a/vendor/github.com/docker/docker/client/container_copy.go +++ b/vendor/github.com/moby/moby/client/container_copy.go @@ -11,37 +11,60 @@ import ( "path/filepath" "strings" - "github.com/docker/docker/api/types/container" + "github.com/moby/moby/api/types/container" ) +type ContainerStatPathOptions struct { + Path string +} + +type ContainerStatPathResult struct { + Stat container.PathStat +} + // ContainerStatPath returns stat information about a path inside the container filesystem. -func (cli *Client) ContainerStatPath(ctx context.Context, containerID, path string) (container.PathStat, error) { +func (cli *Client) ContainerStatPath(ctx context.Context, containerID string, options ContainerStatPathOptions) (ContainerStatPathResult, error) { containerID, err := trimID("container", containerID) if err != nil { - return container.PathStat{}, err + return ContainerStatPathResult{}, err } query := url.Values{} - query.Set("path", filepath.ToSlash(path)) // Normalize the paths used in the API. + query.Set("path", filepath.ToSlash(options.Path)) // Normalize the paths used in the API. resp, err := cli.head(ctx, "/containers/"+containerID+"/archive", query, nil) defer ensureReaderClosed(resp) if err != nil { - return container.PathStat{}, err + return ContainerStatPathResult{}, err + } + stat, err := getContainerPathStatFromHeader(resp.Header) + if err != nil { + return ContainerStatPathResult{}, err } - return getContainerPathStatFromHeader(resp.Header) + return ContainerStatPathResult{Stat: stat}, nil } +// CopyToContainerOptions holds information +// about files to copy into a container +type CopyToContainerOptions struct { + DestinationPath string + Content io.Reader + AllowOverwriteDirWithFile bool + CopyUIDGID bool +} + +type CopyToContainerResult struct{} + // CopyToContainer copies content into the container filesystem. // Note that `content` must be a Reader for a TAR archive -func (cli *Client) CopyToContainer(ctx context.Context, containerID, dstPath string, content io.Reader, options container.CopyToContainerOptions) error { +func (cli *Client) CopyToContainer(ctx context.Context, containerID string, options CopyToContainerOptions) (CopyToContainerResult, error) { containerID, err := trimID("container", containerID) if err != nil { - return err + return CopyToContainerResult{}, err } query := url.Values{} - query.Set("path", filepath.ToSlash(dstPath)) // Normalize the paths used in the API. + query.Set("path", filepath.ToSlash(options.DestinationPath)) // Normalize the paths used in the API. // Do not allow for an existing directory to be overwritten by a non-directory and vice versa. if !options.AllowOverwriteDirWithFile { query.Set("noOverwriteDirNonDir", "true") @@ -51,29 +74,38 @@ func (cli *Client) CopyToContainer(ctx context.Context, containerID, dstPath str query.Set("copyUIDGID", "true") } - response, err := cli.putRaw(ctx, "/containers/"+containerID+"/archive", query, content, nil) + response, err := cli.putRaw(ctx, "/containers/"+containerID+"/archive", query, options.Content, nil) defer ensureReaderClosed(response) if err != nil { - return err + return CopyToContainerResult{}, err } - return nil + return CopyToContainerResult{}, nil +} + +type CopyFromContainerOptions struct { + SourcePath string +} + +type CopyFromContainerResult struct { + Content io.ReadCloser + Stat container.PathStat } // CopyFromContainer gets the content from the container and returns it as a Reader // for a TAR archive to manipulate it in the host. It's up to the caller to close the reader. -func (cli *Client) CopyFromContainer(ctx context.Context, containerID, srcPath string) (io.ReadCloser, container.PathStat, error) { +func (cli *Client) CopyFromContainer(ctx context.Context, containerID string, options CopyFromContainerOptions) (CopyFromContainerResult, error) { containerID, err := trimID("container", containerID) if err != nil { - return nil, container.PathStat{}, err + return CopyFromContainerResult{}, err } query := make(url.Values, 1) - query.Set("path", filepath.ToSlash(srcPath)) // Normalize the paths used in the API. + query.Set("path", filepath.ToSlash(options.SourcePath)) // Normalize the paths used in the API. resp, err := cli.get(ctx, "/containers/"+containerID+"/archive", query, nil) if err != nil { - return nil, container.PathStat{}, err + return CopyFromContainerResult{}, err } // In order to get the copy behavior right, we need to know information @@ -84,9 +116,10 @@ func (cli *Client) CopyFromContainer(ctx context.Context, containerID, srcPath s // can be when copying a file/dir from one location to another file/dir. stat, err := getContainerPathStatFromHeader(resp.Header) if err != nil { - return nil, stat, fmt.Errorf("unable to get resource stat from response: %s", err) + ensureReaderClosed(resp) + return CopyFromContainerResult{Stat: stat}, fmt.Errorf("unable to get resource stat from response: %s", err) } - return resp.Body, stat, err + return CopyFromContainerResult{Content: resp.Body, Stat: stat}, nil } func getContainerPathStatFromHeader(header http.Header) (container.PathStat, error) { diff --git a/vendor/github.com/moby/moby/client/container_create.go b/vendor/github.com/moby/moby/client/container_create.go new file mode 100644 index 000000000000..d941a37207c9 --- /dev/null +++ b/vendor/github.com/moby/moby/client/container_create.go @@ -0,0 +1,125 @@ +package client + +import ( + "context" + "encoding/json" + "net/url" + "path" + "sort" + "strings" + + cerrdefs "github.com/containerd/errdefs" + "github.com/moby/moby/api/types/container" + ocispec "github.com/opencontainers/image-spec/specs-go/v1" +) + +// ContainerCreate creates a new container based on the given configuration. +// It can be associated with a name, but it's not mandatory. +func (cli *Client) ContainerCreate(ctx context.Context, options ContainerCreateOptions) (ContainerCreateResult, error) { + cfg := options.Config + + if cfg == nil { + cfg = &container.Config{} + } + + if options.Image != "" { + if cfg.Image != "" { + return ContainerCreateResult{}, cerrdefs.ErrInvalidArgument.WithMessage("either Image or config.Image should be set") + } + newCfg := *cfg + newCfg.Image = options.Image + cfg = &newCfg + } + + if cfg.Image == "" { + return ContainerCreateResult{}, cerrdefs.ErrInvalidArgument.WithMessage("config.Image or Image is required") + } + + var response container.CreateResponse + + if options.HostConfig != nil { + options.HostConfig.CapAdd = normalizeCapabilities(options.HostConfig.CapAdd) + options.HostConfig.CapDrop = normalizeCapabilities(options.HostConfig.CapDrop) + } + + query := url.Values{} + if options.Platform != nil { + if p := formatPlatform(*options.Platform); p != "unknown" { + query.Set("platform", p) + } + } + + if options.Name != "" { + query.Set("name", options.Name) + } + + body := container.CreateRequest{ + Config: cfg, + HostConfig: options.HostConfig, + NetworkingConfig: options.NetworkingConfig, + } + + resp, err := cli.post(ctx, "/containers/create", query, body, nil) + defer ensureReaderClosed(resp) + if err != nil { + return ContainerCreateResult{}, err + } + + err = json.NewDecoder(resp.Body).Decode(&response) + return ContainerCreateResult{ID: response.ID, Warnings: response.Warnings}, err +} + +// formatPlatform returns a formatted string representing platform (e.g., "linux/arm/v7"). +// +// It is a fork of [platforms.Format], and does not yet support "os.version", +// as [platforms.FormatAll] does. +// +// [platforms.Format]: https://github.com/containerd/platforms/blob/v1.0.0-rc.1/platforms.go#L309-L316 +// [platforms.FormatAll]: https://github.com/containerd/platforms/blob/v1.0.0-rc.1/platforms.go#L318-L330 +func formatPlatform(platform ocispec.Platform) string { + if platform.OS == "" { + return "unknown" + } + return path.Join(platform.OS, platform.Architecture, platform.Variant) +} + +// allCapabilities is a magic value for "all capabilities" +const allCapabilities = "ALL" + +// normalizeCapabilities normalizes capabilities to their canonical form, +// removes duplicates, and sorts the results. +// +// It is similar to [caps.NormalizeLegacyCapabilities], +// but performs no validation based on supported capabilities. +// +// [caps.NormalizeLegacyCapabilities]: https://github.com/moby/moby/blob/v28.3.2/oci/caps/utils.go#L56 +func normalizeCapabilities(caps []string) []string { + var normalized []string + + unique := make(map[string]struct{}) + for _, c := range caps { + c = normalizeCap(c) + if _, ok := unique[c]; ok { + continue + } + unique[c] = struct{}{} + normalized = append(normalized, c) + } + + sort.Strings(normalized) + return normalized +} + +// normalizeCap normalizes a capability to its canonical format by upper-casing +// and adding a "CAP_" prefix (if not yet present). It also accepts the "ALL" +// magic-value. +func normalizeCap(capability string) string { + capability = strings.ToUpper(capability) + if capability == allCapabilities { + return capability + } + if !strings.HasPrefix(capability, "CAP_") { + capability = "CAP_" + capability + } + return capability +} diff --git a/vendor/github.com/moby/moby/client/container_create_opts.go b/vendor/github.com/moby/moby/client/container_create_opts.go new file mode 100644 index 000000000000..8580e20d3a42 --- /dev/null +++ b/vendor/github.com/moby/moby/client/container_create_opts.go @@ -0,0 +1,25 @@ +package client + +import ( + "github.com/moby/moby/api/types/container" + "github.com/moby/moby/api/types/network" + ocispec "github.com/opencontainers/image-spec/specs-go/v1" +) + +// ContainerCreateOptions holds parameters to create a container. +type ContainerCreateOptions struct { + Config *container.Config + HostConfig *container.HostConfig + NetworkingConfig *network.NetworkingConfig + Platform *ocispec.Platform + Name string + + // Image is a shortcut for Config.Image - only one of Image or Config.Image should be set. + Image string +} + +// ContainerCreateResult is the result from creating a container. +type ContainerCreateResult struct { + ID string + Warnings []string +} diff --git a/vendor/github.com/docker/docker/client/container_diff.go b/vendor/github.com/moby/moby/client/container_diff.go similarity index 66% rename from vendor/github.com/docker/docker/client/container_diff.go rename to vendor/github.com/moby/moby/client/container_diff.go index 3848e3117e1d..ec904337e03d 100644 --- a/vendor/github.com/docker/docker/client/container_diff.go +++ b/vendor/github.com/moby/moby/client/container_diff.go @@ -5,26 +5,26 @@ import ( "encoding/json" "net/url" - "github.com/docker/docker/api/types/container" + "github.com/moby/moby/api/types/container" ) // ContainerDiff shows differences in a container filesystem since it was started. -func (cli *Client) ContainerDiff(ctx context.Context, containerID string) ([]container.FilesystemChange, error) { +func (cli *Client) ContainerDiff(ctx context.Context, containerID string, options ContainerDiffOptions) (ContainerDiffResult, error) { containerID, err := trimID("container", containerID) if err != nil { - return nil, err + return ContainerDiffResult{}, err } resp, err := cli.get(ctx, "/containers/"+containerID+"/changes", url.Values{}, nil) defer ensureReaderClosed(resp) if err != nil { - return nil, err + return ContainerDiffResult{}, err } var changes []container.FilesystemChange err = json.NewDecoder(resp.Body).Decode(&changes) if err != nil { - return nil, err + return ContainerDiffResult{}, err } - return changes, err + return ContainerDiffResult{Changes: changes}, err } diff --git a/vendor/github.com/moby/moby/client/container_diff_opts.go b/vendor/github.com/moby/moby/client/container_diff_opts.go new file mode 100644 index 000000000000..5e3c37ab4e80 --- /dev/null +++ b/vendor/github.com/moby/moby/client/container_diff_opts.go @@ -0,0 +1,13 @@ +package client + +import "github.com/moby/moby/api/types/container" + +// ContainerDiffOptions holds parameters to show differences in a container filesystem. +type ContainerDiffOptions struct { + // Currently no options, but this allows for future extensibility +} + +// ContainerDiffResult is the result from showing differences in a container filesystem. +type ContainerDiffResult struct { + Changes []container.FilesystemChange +} diff --git a/vendor/github.com/moby/moby/client/container_exec.go b/vendor/github.com/moby/moby/client/container_exec.go new file mode 100644 index 000000000000..1af6a4e20f98 --- /dev/null +++ b/vendor/github.com/moby/moby/client/container_exec.go @@ -0,0 +1,205 @@ +package client + +import ( + "context" + "encoding/json" + "net/http" + + "github.com/containerd/errdefs" + "github.com/moby/moby/api/types/container" +) + +// ExecCreateOptions is a small subset of the Config struct that holds the configuration +// for the exec feature of docker. +type ExecCreateOptions struct { + User string // User that will run the command + Privileged bool // Is the container in privileged mode + TTY bool // Attach standard streams to a tty. + ConsoleSize ConsoleSize // Initial terminal size [height, width], unused if TTY == false + AttachStdin bool // Attach the standard input, makes possible user interaction + AttachStderr bool // Attach the standard error + AttachStdout bool // Attach the standard output + DetachKeys string // Escape keys for detach + Env []string // Environment variables + WorkingDir string // Working directory + Cmd []string // Execution commands and args +} + +// ExecCreateResult holds the result of creating a container exec. +type ExecCreateResult struct { + ID string +} + +// ExecCreate creates a new exec configuration to run an exec process. +func (cli *Client) ExecCreate(ctx context.Context, containerID string, options ExecCreateOptions) (ExecCreateResult, error) { + containerID, err := trimID("container", containerID) + if err != nil { + return ExecCreateResult{}, err + } + + consoleSize, err := getConsoleSize(options.TTY, options.ConsoleSize) + if err != nil { + return ExecCreateResult{}, err + } + + req := container.ExecCreateRequest{ + User: options.User, + Privileged: options.Privileged, + Tty: options.TTY, + ConsoleSize: consoleSize, + AttachStdin: options.AttachStdin, + AttachStderr: options.AttachStderr, + AttachStdout: options.AttachStdout, + DetachKeys: options.DetachKeys, + Env: options.Env, + WorkingDir: options.WorkingDir, + Cmd: options.Cmd, + } + + resp, err := cli.post(ctx, "/containers/"+containerID+"/exec", nil, req, nil) + defer ensureReaderClosed(resp) + if err != nil { + return ExecCreateResult{}, err + } + + var response container.ExecCreateResponse + err = json.NewDecoder(resp.Body).Decode(&response) + return ExecCreateResult{ID: response.ID}, err +} + +type ConsoleSize struct { + Height, Width uint +} + +// ExecStartOptions holds options for starting a container exec. +type ExecStartOptions struct { + // ExecStart will first check if it's detached + Detach bool + // Check if there's a tty + TTY bool + // Terminal size [height, width], unused if TTY == false + ConsoleSize ConsoleSize +} + +// ExecStartResult holds the result of starting a container exec. +type ExecStartResult struct { +} + +// ExecStart starts an exec process already created in the docker host. +func (cli *Client) ExecStart(ctx context.Context, execID string, options ExecStartOptions) (ExecStartResult, error) { + consoleSize, err := getConsoleSize(options.TTY, options.ConsoleSize) + if err != nil { + return ExecStartResult{}, err + } + + req := container.ExecStartRequest{ + Detach: options.Detach, + Tty: options.TTY, + ConsoleSize: consoleSize, + } + resp, err := cli.post(ctx, "/exec/"+execID+"/start", nil, req, nil) + defer ensureReaderClosed(resp) + return ExecStartResult{}, err +} + +// ExecAttachOptions holds options for attaching to a container exec. +type ExecAttachOptions struct { + // Check if there's a tty + TTY bool + // Terminal size [height, width], unused if TTY == false + ConsoleSize ConsoleSize `json:",omitzero"` +} + +// ExecAttachResult holds the result of attaching to a container exec. +type ExecAttachResult struct { + HijackedResponse +} + +// ExecAttach attaches a connection to an exec process in the server. +// +// It returns a [HijackedResponse] with the hijacked connection +// and a reader to get output. It's up to the called to close +// the hijacked connection by calling [HijackedResponse.Close]. +// +// The stream format on the response uses one of two formats: +// +// - If the container is using a TTY, there is only a single stream (stdout) +// and data is copied directly from the container output stream, no extra +// multiplexing or headers. +// - If the container is *not* using a TTY, streams for stdout and stderr are +// multiplexed. +// +// You can use [stdcopy.StdCopy] to demultiplex this stream. Refer to +// [Client.ContainerAttach] for details about the multiplexed stream. +// +// [stdcopy.StdCopy]: https://pkg.go.dev/github.com/moby/moby/api/pkg/stdcopy#StdCopy +func (cli *Client) ExecAttach(ctx context.Context, execID string, options ExecAttachOptions) (ExecAttachResult, error) { + consoleSize, err := getConsoleSize(options.TTY, options.ConsoleSize) + if err != nil { + return ExecAttachResult{}, err + } + req := container.ExecStartRequest{ + Detach: false, + Tty: options.TTY, + ConsoleSize: consoleSize, + } + response, err := cli.postHijacked(ctx, "/exec/"+execID+"/start", nil, req, http.Header{ + "Content-Type": {"application/json"}, + }) + return ExecAttachResult{HijackedResponse: response}, err +} + +func getConsoleSize(hasTTY bool, consoleSize ConsoleSize) (*[2]uint, error) { + if consoleSize.Height != 0 || consoleSize.Width != 0 { + if !hasTTY { + return nil, errdefs.ErrInvalidArgument.WithMessage("console size is only supported when TTY is enabled") + } + return &[2]uint{consoleSize.Height, consoleSize.Width}, nil + } + return nil, nil +} + +// ExecInspectOptions holds options for inspecting a container exec. +type ExecInspectOptions struct { +} + +// ExecInspectResult holds the result of inspecting a container exec. +// +// It provides a subset of the information included in [container.ExecInspectResponse]. +// +// TODO(thaJeztah): include all fields of [container.ExecInspectResponse] ? +type ExecInspectResult struct { + ID string + ContainerID string + Running bool + ExitCode int + PID int +} + +// ExecInspect returns information about a specific exec process on the docker host. +func (cli *Client) ExecInspect(ctx context.Context, execID string, options ExecInspectOptions) (ExecInspectResult, error) { + resp, err := cli.get(ctx, "/exec/"+execID+"/json", nil, nil) + defer ensureReaderClosed(resp) + if err != nil { + return ExecInspectResult{}, err + } + + var response container.ExecInspectResponse + err = json.NewDecoder(resp.Body).Decode(&response) + if err != nil { + return ExecInspectResult{}, err + } + + var ec int + if response.ExitCode != nil { + ec = *response.ExitCode + } + + return ExecInspectResult{ + ID: response.ID, + ContainerID: response.ContainerID, + Running: response.Running, + ExitCode: ec, + PID: response.Pid, + }, nil +} diff --git a/vendor/github.com/moby/moby/client/container_export.go b/vendor/github.com/moby/moby/client/container_export.go new file mode 100644 index 000000000000..2d33efb7d893 --- /dev/null +++ b/vendor/github.com/moby/moby/client/container_export.go @@ -0,0 +1,47 @@ +package client + +import ( + "context" + "io" + "net/url" +) + +// ContainerExportOptions specifies options for container export operations. +type ContainerExportOptions struct { + // Currently no options are defined for ContainerExport +} + +// ContainerExportResult represents the result of a container export operation. +type ContainerExportResult interface { + io.ReadCloser +} + +// ContainerExport retrieves the raw contents of a container +// and returns them as an [io.ReadCloser]. It's up to the caller +// to close the stream. +// +// The underlying [io.ReadCloser] is automatically closed if the context is canceled, +func (cli *Client) ContainerExport(ctx context.Context, containerID string, options ContainerExportOptions) (ContainerExportResult, error) { + containerID, err := trimID("container", containerID) + if err != nil { + return nil, err + } + + resp, err := cli.get(ctx, "/containers/"+containerID+"/export", url.Values{}, nil) + if err != nil { + return nil, err + } + + return &containerExportResult{ + ReadCloser: newCancelReadCloser(ctx, resp.Body), + }, nil +} + +type containerExportResult struct { + io.ReadCloser +} + +var ( + _ io.ReadCloser = (*containerExportResult)(nil) + _ ContainerExportResult = (*containerExportResult)(nil) +) diff --git a/vendor/github.com/moby/moby/client/container_inspect.go b/vendor/github.com/moby/moby/client/container_inspect.go new file mode 100644 index 000000000000..4f12c46577f3 --- /dev/null +++ b/vendor/github.com/moby/moby/client/container_inspect.go @@ -0,0 +1,47 @@ +package client + +import ( + "context" + "encoding/json" + "net/url" + + "github.com/moby/moby/api/types/container" +) + +// ContainerInspectOptions holds options for inspecting a container using +// the [Client.ConfigInspect] method. +type ContainerInspectOptions struct { + // Size controls whether the container's filesystem size should be calculated. + // When set, the [container.InspectResponse.SizeRw] and [container.InspectResponse.SizeRootFs] + // fields in [ContainerInspectResult.Container] are populated with the result. + // + // Calculating the size can be a costly operation, and should not be used + // unless needed. + Size bool +} + +// ContainerInspectResult holds the result from the [Client.ConfigInspect] method. +type ContainerInspectResult struct { + Container container.InspectResponse + Raw json.RawMessage +} + +// ContainerInspect returns the container information. +func (cli *Client) ContainerInspect(ctx context.Context, containerID string, options ContainerInspectOptions) (ContainerInspectResult, error) { + containerID, err := trimID("container", containerID) + if err != nil { + return ContainerInspectResult{}, err + } + + query := url.Values{} + if options.Size { + query.Set("size", "1") + } + resp, err := cli.get(ctx, "/containers/"+containerID+"/json", query, nil) + if err != nil { + return ContainerInspectResult{}, err + } + var out ContainerInspectResult + out.Raw, err = decodeWithRaw(resp, &out.Container) + return out, err +} diff --git a/vendor/github.com/moby/moby/client/container_kill.go b/vendor/github.com/moby/moby/client/container_kill.go new file mode 100644 index 000000000000..ae7a4ebd8bd7 --- /dev/null +++ b/vendor/github.com/moby/moby/client/container_kill.go @@ -0,0 +1,39 @@ +package client + +import ( + "context" + "net/url" +) + +// ContainerKillOptions holds options for [Client.ContainerKill]. +type ContainerKillOptions struct { + // Signal (optional) is the signal to send to the container to (gracefully) + // stop it before forcibly terminating the container with SIGKILL after a + // timeout. If no value is set, the default (SIGKILL) is used. + Signal string `json:",omitempty"` +} + +// ContainerKillResult holds the result of [Client.ContainerKill], +type ContainerKillResult struct { + // Add future fields here. +} + +// ContainerKill terminates the container process but does not remove the container from the docker host. +func (cli *Client) ContainerKill(ctx context.Context, containerID string, options ContainerKillOptions) (ContainerKillResult, error) { + containerID, err := trimID("container", containerID) + if err != nil { + return ContainerKillResult{}, err + } + + query := url.Values{} + if options.Signal != "" { + query.Set("signal", options.Signal) + } + + resp, err := cli.post(ctx, "/containers/"+containerID+"/kill", query, nil, nil) + defer ensureReaderClosed(resp) + if err != nil { + return ContainerKillResult{}, err + } + return ContainerKillResult{}, nil +} diff --git a/vendor/github.com/docker/docker/client/container_list.go b/vendor/github.com/moby/moby/client/container_list.go similarity index 55% rename from vendor/github.com/docker/docker/client/container_list.go rename to vendor/github.com/moby/moby/client/container_list.go index e17b14acff32..fcd39c4da592 100644 --- a/vendor/github.com/docker/docker/client/container_list.go +++ b/vendor/github.com/moby/moby/client/container_list.go @@ -6,12 +6,26 @@ import ( "net/url" "strconv" - "github.com/docker/docker/api/types/container" - "github.com/docker/docker/api/types/filters" + "github.com/moby/moby/api/types/container" ) +// ContainerListOptions holds parameters to list containers with. +type ContainerListOptions struct { + Size bool + All bool + Latest bool + Since string + Before string + Limit int + Filters Filters +} + +type ContainerListResult struct { + Items []container.Summary +} + // ContainerList returns the list of containers in the docker host. -func (cli *Client) ContainerList(ctx context.Context, options container.ListOptions) ([]container.Summary, error) { +func (cli *Client) ContainerList(ctx context.Context, options ContainerListOptions) (ContainerListResult, error) { query := url.Values{} if options.All { @@ -34,23 +48,15 @@ func (cli *Client) ContainerList(ctx context.Context, options container.ListOpti query.Set("size", "1") } - if options.Filters.Len() > 0 { - //nolint:staticcheck // ignore SA1019 for old code - filterJSON, err := filters.ToParamWithVersion(cli.version, options.Filters) - if err != nil { - return nil, err - } - - query.Set("filters", filterJSON) - } + options.Filters.updateURLValues(query) resp, err := cli.get(ctx, "/containers/json", query, nil) defer ensureReaderClosed(resp) if err != nil { - return nil, err + return ContainerListResult{}, err } var containers []container.Summary err = json.NewDecoder(resp.Body).Decode(&containers) - return containers, err + return ContainerListResult{Items: containers}, err } diff --git a/vendor/github.com/moby/moby/client/container_logs.go b/vendor/github.com/moby/moby/client/container_logs.go new file mode 100644 index 000000000000..636ab221298c --- /dev/null +++ b/vendor/github.com/moby/moby/client/container_logs.go @@ -0,0 +1,118 @@ +package client + +import ( + "context" + "fmt" + "io" + "net/url" + "time" + + "github.com/moby/moby/client/internal/timestamp" +) + +// ContainerLogsOptions holds parameters to filter logs with. +type ContainerLogsOptions struct { + ShowStdout bool + ShowStderr bool + Since string + Until string + Timestamps bool + Follow bool + Tail string + Details bool +} + +// ContainerLogsResult is the result of a container logs operation. +type ContainerLogsResult interface { + io.ReadCloser +} + +// ContainerLogs returns the logs generated by a container in an [io.ReadCloser]. +// It's up to the caller to close the stream. +// +// The underlying [io.ReadCloser] is automatically closed if the context is canceled, +// +// The stream format on the response uses one of two formats: +// +// - If the container is using a TTY, there is only a single stream (stdout) +// and data is copied directly from the container output stream, no extra +// multiplexing or headers. +// - If the container is *not* using a TTY, streams for stdout and stderr are +// multiplexed. +// +// The format of the multiplexed stream is defined in the [stdcopy] package, +// and as follows: +// +// [8]byte{STREAM_TYPE, 0, 0, 0, SIZE1, SIZE2, SIZE3, SIZE4}[]byte{OUTPUT} +// +// STREAM_TYPE can be 1 for [Stdout] and 2 for [Stderr]. Refer to [stdcopy.StdType] +// for details. SIZE1, SIZE2, SIZE3, and SIZE4 are four bytes of uint32 encoded +// as big endian, this is the size of OUTPUT. You can use [stdcopy.StdCopy] +// to demultiplex this stream. +// +// [stdcopy]: https://pkg.go.dev/github.com/moby/moby/api/pkg/stdcopy +// [stdcopy.StdCopy]: https://pkg.go.dev/github.com/moby/moby/api/pkg/stdcopy#StdCopy +// [stdcopy.StdType]: https://pkg.go.dev/github.com/moby/moby/api/pkg/stdcopy#StdType +// [Stdout]: https://pkg.go.dev/github.com/moby/moby/api/pkg/stdcopy#Stdout +// [Stderr]: https://pkg.go.dev/github.com/moby/moby/api/pkg/stdcopy#Stderr +func (cli *Client) ContainerLogs(ctx context.Context, containerID string, options ContainerLogsOptions) (ContainerLogsResult, error) { + containerID, err := trimID("container", containerID) + if err != nil { + return nil, err + } + + query := url.Values{} + if options.ShowStdout { + query.Set("stdout", "1") + } + + if options.ShowStderr { + query.Set("stderr", "1") + } + + if options.Since != "" { + ts, err := timestamp.GetTimestamp(options.Since, time.Now()) + if err != nil { + return nil, fmt.Errorf(`invalid value for "since": %w`, err) + } + query.Set("since", ts) + } + + if options.Until != "" { + ts, err := timestamp.GetTimestamp(options.Until, time.Now()) + if err != nil { + return nil, fmt.Errorf(`invalid value for "until": %w`, err) + } + query.Set("until", ts) + } + + if options.Timestamps { + query.Set("timestamps", "1") + } + + if options.Details { + query.Set("details", "1") + } + + if options.Follow { + query.Set("follow", "1") + } + query.Set("tail", options.Tail) + + resp, err := cli.get(ctx, "/containers/"+containerID+"/logs", query, nil) + if err != nil { + return nil, err + } + return &containerLogsResult{ + ReadCloser: newCancelReadCloser(ctx, resp.Body), + }, nil +} + +type containerLogsResult struct { + io.ReadCloser +} + +var ( + _ io.ReadCloser = (*containerLogsResult)(nil) + _ ContainerLogsResult = (*containerLogsResult)(nil) +) diff --git a/vendor/github.com/moby/moby/client/container_pause.go b/vendor/github.com/moby/moby/client/container_pause.go new file mode 100644 index 000000000000..07669c897078 --- /dev/null +++ b/vendor/github.com/moby/moby/client/container_pause.go @@ -0,0 +1,28 @@ +package client + +import "context" + +// ContainerPauseOptions holds options for [Client.ContainerPause]. +type ContainerPauseOptions struct { + // Add future optional parameters here. +} + +// ContainerPauseResult holds the result of [Client.ContainerPause], +type ContainerPauseResult struct { + // Add future fields here. +} + +// ContainerPause pauses the main process of a given container without terminating it. +func (cli *Client) ContainerPause(ctx context.Context, containerID string, options ContainerPauseOptions) (ContainerPauseResult, error) { + containerID, err := trimID("container", containerID) + if err != nil { + return ContainerPauseResult{}, err + } + + resp, err := cli.post(ctx, "/containers/"+containerID+"/pause", nil, nil, nil) + defer ensureReaderClosed(resp) + if err != nil { + return ContainerPauseResult{}, err + } + return ContainerPauseResult{}, nil +} diff --git a/vendor/github.com/moby/moby/client/container_prune.go b/vendor/github.com/moby/moby/client/container_prune.go new file mode 100644 index 000000000000..f826f8b6fb8a --- /dev/null +++ b/vendor/github.com/moby/moby/client/container_prune.go @@ -0,0 +1,39 @@ +package client + +import ( + "context" + "encoding/json" + "fmt" + "net/url" + + "github.com/moby/moby/api/types/container" +) + +// ContainerPruneOptions holds parameters to prune containers. +type ContainerPruneOptions struct { + Filters Filters +} + +// ContainerPruneResult holds the result from the [Client.ContainerPrune] method. +type ContainerPruneResult struct { + Report container.PruneReport +} + +// ContainerPrune requests the daemon to delete unused data +func (cli *Client) ContainerPrune(ctx context.Context, opts ContainerPruneOptions) (ContainerPruneResult, error) { + query := url.Values{} + opts.Filters.updateURLValues(query) + + resp, err := cli.post(ctx, "/containers/prune", query, nil, nil) + defer ensureReaderClosed(resp) + if err != nil { + return ContainerPruneResult{}, err + } + + var report container.PruneReport + if err := json.NewDecoder(resp.Body).Decode(&report); err != nil { + return ContainerPruneResult{}, fmt.Errorf("Error retrieving disk usage: %v", err) + } + + return ContainerPruneResult{Report: report}, nil +} diff --git a/vendor/github.com/docker/docker/client/container_remove.go b/vendor/github.com/moby/moby/client/container_remove.go similarity index 51% rename from vendor/github.com/docker/docker/client/container_remove.go rename to vendor/github.com/moby/moby/client/container_remove.go index b1a2ce6b831a..0fbfa05fa105 100644 --- a/vendor/github.com/docker/docker/client/container_remove.go +++ b/vendor/github.com/moby/moby/client/container_remove.go @@ -3,15 +3,25 @@ package client import ( "context" "net/url" - - "github.com/docker/docker/api/types/container" ) +// ContainerRemoveOptions holds parameters to remove containers. +type ContainerRemoveOptions struct { + RemoveVolumes bool + RemoveLinks bool + Force bool +} + +// ContainerRemoveResult holds the result of [Client.ContainerRemove], +type ContainerRemoveResult struct { + // Add future fields here. +} + // ContainerRemove kills and removes a container from the docker host. -func (cli *Client) ContainerRemove(ctx context.Context, containerID string, options container.RemoveOptions) error { +func (cli *Client) ContainerRemove(ctx context.Context, containerID string, options ContainerRemoveOptions) (ContainerRemoveResult, error) { containerID, err := trimID("container", containerID) if err != nil { - return err + return ContainerRemoveResult{}, err } query := url.Values{} @@ -28,5 +38,8 @@ func (cli *Client) ContainerRemove(ctx context.Context, containerID string, opti resp, err := cli.delete(ctx, "/containers/"+containerID, query, nil) defer ensureReaderClosed(resp) - return err + if err != nil { + return ContainerRemoveResult{}, err + } + return ContainerRemoveResult{}, nil } diff --git a/vendor/github.com/moby/moby/client/container_rename.go b/vendor/github.com/moby/moby/client/container_rename.go new file mode 100644 index 000000000000..7c6d515b393d --- /dev/null +++ b/vendor/github.com/moby/moby/client/container_rename.go @@ -0,0 +1,39 @@ +package client + +import ( + "context" + "net/url" + "strings" + + "github.com/containerd/errdefs" +) + +// ContainerRenameOptions represents the options for renaming a container. +type ContainerRenameOptions struct { + NewName string +} + +// ContainerRenameResult represents the result of a container rename operation. +type ContainerRenameResult struct { + // This struct can be expanded in the future if needed +} + +// ContainerRename changes the name of a given container. +func (cli *Client) ContainerRename(ctx context.Context, containerID string, options ContainerRenameOptions) (ContainerRenameResult, error) { + containerID, err := trimID("container", containerID) + if err != nil { + return ContainerRenameResult{}, err + } + options.NewName = strings.TrimSpace(options.NewName) + if options.NewName == "" || strings.TrimPrefix(options.NewName, "/") == "" { + // daemons before v29.0 did not handle the canonical name ("/") well + // let's be nice and validate it here before sending + return ContainerRenameResult{}, errdefs.ErrInvalidArgument.WithMessage("new name cannot be blank") + } + + query := url.Values{} + query.Set("name", options.NewName) + resp, err := cli.post(ctx, "/containers/"+containerID+"/rename", query, nil, nil) + defer ensureReaderClosed(resp) + return ContainerRenameResult{}, err +} diff --git a/vendor/github.com/moby/moby/client/container_resize.go b/vendor/github.com/moby/moby/client/container_resize.go new file mode 100644 index 000000000000..311a9dcf5a9f --- /dev/null +++ b/vendor/github.com/moby/moby/client/container_resize.go @@ -0,0 +1,66 @@ +package client + +import ( + "context" + "net/url" + "strconv" +) + +// ContainerResizeOptions holds parameters to resize a TTY. +// It can be used to resize container TTYs and +// exec process TTYs too. +type ContainerResizeOptions struct { + Height uint + Width uint +} + +// ContainerResizeResult holds the result of [Client.ContainerResize], +type ContainerResizeResult struct { + // Add future fields here. +} + +// ContainerResize changes the size of the pseudo-TTY for a container. +func (cli *Client) ContainerResize(ctx context.Context, containerID string, options ContainerResizeOptions) (ContainerResizeResult, error) { + containerID, err := trimID("container", containerID) + if err != nil { + return ContainerResizeResult{}, err + } + // FIXME(thaJeztah): the API / backend accepts uint32, but container.ResizeOptions uses uint. + query := url.Values{} + query.Set("h", strconv.FormatUint(uint64(options.Height), 10)) + query.Set("w", strconv.FormatUint(uint64(options.Width), 10)) + + resp, err := cli.post(ctx, "/containers/"+containerID+"/resize", query, nil, nil) + defer ensureReaderClosed(resp) + if err != nil { + return ContainerResizeResult{}, err + } + return ContainerResizeResult{}, nil +} + +// ExecResizeOptions holds options for resizing a container exec TTY. +type ExecResizeOptions ContainerResizeOptions + +// ExecResizeResult holds the result of resizing a container exec TTY. +type ExecResizeResult struct { +} + +// ExecResize changes the size of the tty for an exec process running inside a container. +func (cli *Client) ExecResize(ctx context.Context, execID string, options ExecResizeOptions) (ExecResizeResult, error) { + execID, err := trimID("exec", execID) + if err != nil { + return ExecResizeResult{}, err + } + // FIXME(thaJeztah): the API / backend accepts uint32, but container.ResizeOptions uses uint. + query := url.Values{} + query.Set("h", strconv.FormatUint(uint64(options.Height), 10)) + query.Set("w", strconv.FormatUint(uint64(options.Width), 10)) + + resp, err := cli.post(ctx, "/exec/"+execID+"/resize", query, nil, nil) + defer ensureReaderClosed(resp) + if err != nil { + return ExecResizeResult{}, err + } + return ExecResizeResult{}, nil + +} diff --git a/vendor/github.com/moby/moby/client/container_restart.go b/vendor/github.com/moby/moby/client/container_restart.go new file mode 100644 index 000000000000..e883f75891bd --- /dev/null +++ b/vendor/github.com/moby/moby/client/container_restart.go @@ -0,0 +1,54 @@ +package client + +import ( + "context" + "net/url" + "strconv" +) + +// ContainerRestartOptions holds options for [Client.ContainerRestart]. +type ContainerRestartOptions struct { + // Signal (optional) is the signal to send to the container to (gracefully) + // stop it before forcibly terminating the container with SIGKILL after the + // timeout expires. If no value is set, the default (SIGTERM) is used. + Signal string `json:",omitempty"` + + // Timeout (optional) is the timeout (in seconds) to wait for the container + // to stop gracefully before forcibly terminating it with SIGKILL. + // + // - Use nil to use the default timeout (10 seconds). + // - Use '-1' to wait indefinitely. + // - Use '0' to not wait for the container to exit gracefully, and + // immediately proceeds to forcibly terminating the container. + // - Other positive values are used as timeout (in seconds). + Timeout *int `json:",omitempty"` +} + +// ContainerRestartResult holds the result of [Client.ContainerRestart], +type ContainerRestartResult struct { + // Add future fields here. +} + +// ContainerRestart stops, and starts a container again. +// It makes the daemon wait for the container to be up again for +// a specific amount of time, given the timeout. +func (cli *Client) ContainerRestart(ctx context.Context, containerID string, options ContainerRestartOptions) (ContainerRestartResult, error) { + containerID, err := trimID("container", containerID) + if err != nil { + return ContainerRestartResult{}, err + } + + query := url.Values{} + if options.Timeout != nil { + query.Set("t", strconv.Itoa(*options.Timeout)) + } + if options.Signal != "" { + query.Set("signal", options.Signal) + } + resp, err := cli.post(ctx, "/containers/"+containerID+"/restart", query, nil, nil) + defer ensureReaderClosed(resp) + if err != nil { + return ContainerRestartResult{}, err + } + return ContainerRestartResult{}, nil +} diff --git a/vendor/github.com/docker/docker/client/container_start.go b/vendor/github.com/moby/moby/client/container_start.go similarity index 51% rename from vendor/github.com/docker/docker/client/container_start.go rename to vendor/github.com/moby/moby/client/container_start.go index c7206e320aee..dfb821d1d1d6 100644 --- a/vendor/github.com/docker/docker/client/container_start.go +++ b/vendor/github.com/moby/moby/client/container_start.go @@ -3,15 +3,24 @@ package client import ( "context" "net/url" - - "github.com/docker/docker/api/types/container" ) +// ContainerStartOptions holds options for [Client.ContainerStart]. +type ContainerStartOptions struct { + CheckpointID string + CheckpointDir string +} + +// ContainerStartResult holds the result of [Client.ContainerStart], +type ContainerStartResult struct { + // Add future fields here. +} + // ContainerStart sends a request to the docker daemon to start a container. -func (cli *Client) ContainerStart(ctx context.Context, containerID string, options container.StartOptions) error { +func (cli *Client) ContainerStart(ctx context.Context, containerID string, options ContainerStartOptions) (ContainerStartResult, error) { containerID, err := trimID("container", containerID) if err != nil { - return err + return ContainerStartResult{}, err } query := url.Values{} @@ -23,6 +32,9 @@ func (cli *Client) ContainerStart(ctx context.Context, containerID string, optio } resp, err := cli.post(ctx, "/containers/"+containerID+"/start", query, nil, nil) - ensureReaderClosed(resp) - return err + defer ensureReaderClosed(resp) + if err != nil { + return ContainerStartResult{}, err + } + return ContainerStartResult{}, nil } diff --git a/vendor/github.com/moby/moby/client/container_stats.go b/vendor/github.com/moby/moby/client/container_stats.go new file mode 100644 index 000000000000..277769dbffa5 --- /dev/null +++ b/vendor/github.com/moby/moby/client/container_stats.go @@ -0,0 +1,75 @@ +package client + +import ( + "context" + "io" + "net/url" +) + +// ContainerStatsOptions holds parameters to retrieve container statistics +// using the [Client.ContainerStats] method. +type ContainerStatsOptions struct { + // Stream enables streaming [container.StatsResponse] results instead + // of collecting a single sample. If enabled, the client remains attached + // until the [ContainerStatsResult.Body] is closed or the context is + // cancelled. + Stream bool + + // IncludePreviousSample asks the daemon to collect a prior sample to populate the + // [container.StatsResponse.PreRead] and [container.StatsResponse.PreCPUStats] + // fields. + // + // It set, the daemon collects two samples at a one-second interval before + // returning the result. The first sample populates the PreCPUStats (“previous + // CPU”) field, allowing delta calculations for CPU usage. If false, only + // a single sample is taken and returned immediately, leaving PreRead and + // PreCPUStats empty. + // + // This option has no effect if Stream is enabled. If Stream is enabled, + // [container.StatsResponse.PreCPUStats] is never populated for the first + // record. + IncludePreviousSample bool +} + +// ContainerStatsResult holds the result from [Client.ContainerStats]. +// +// It wraps an [io.ReadCloser] that provides one or more [container.StatsResponse] +// objects for a container, as produced by the "GET /containers/{id}/stats" endpoint. +// If streaming is disabled, the stream contains a single record. +type ContainerStatsResult struct { + Body io.ReadCloser +} + +// ContainerStats retrieves live resource usage statistics for the specified +// container. The caller must close the [io.ReadCloser] in the returned result +// to release associated resources. +// +// The underlying [io.ReadCloser] is automatically closed if the context is canceled, +func (cli *Client) ContainerStats(ctx context.Context, containerID string, options ContainerStatsOptions) (ContainerStatsResult, error) { + containerID, err := trimID("container", containerID) + if err != nil { + return ContainerStatsResult{}, err + } + + query := url.Values{} + if options.Stream { + query.Set("stream", "true") + } else { + // Note: daemons before v29.0 return an error if both set: "cannot have stream=true and one-shot=true" + // + // TODO(thaJeztah): consider making "stream=false" the default for the API as well, or using Accept Header to switch. + query.Set("stream", "false") + if !options.IncludePreviousSample { + query.Set("one-shot", "true") + } + } + + resp, err := cli.get(ctx, "/containers/"+containerID+"/stats", query, nil) + if err != nil { + return ContainerStatsResult{}, err + } + + return ContainerStatsResult{ + Body: newCancelReadCloser(ctx, resp.Body), + }, nil +} diff --git a/vendor/github.com/moby/moby/client/container_stop.go b/vendor/github.com/moby/moby/client/container_stop.go new file mode 100644 index 000000000000..d4d47d8fd407 --- /dev/null +++ b/vendor/github.com/moby/moby/client/container_stop.go @@ -0,0 +1,58 @@ +package client + +import ( + "context" + "net/url" + "strconv" +) + +// ContainerStopOptions holds the options for [Client.ContainerStop]. +type ContainerStopOptions struct { + // Signal (optional) is the signal to send to the container to (gracefully) + // stop it before forcibly terminating the container with SIGKILL after the + // timeout expires. If no value is set, the default (SIGTERM) is used. + Signal string `json:",omitempty"` + + // Timeout (optional) is the timeout (in seconds) to wait for the container + // to stop gracefully before forcibly terminating it with SIGKILL. + // + // - Use nil to use the default timeout (10 seconds). + // - Use '-1' to wait indefinitely. + // - Use '0' to not wait for the container to exit gracefully, and + // immediately proceeds to forcibly terminating the container. + // - Other positive values are used as timeout (in seconds). + Timeout *int `json:",omitempty"` +} + +// ContainerStopResult holds the result of [Client.ContainerStop], +type ContainerStopResult struct { + // Add future fields here. +} + +// ContainerStop stops a container. In case the container fails to stop +// gracefully within a time frame specified by the timeout argument, +// it is forcefully terminated (killed). +// +// If the timeout is nil, the container's StopTimeout value is used, if set, +// otherwise the engine default. A negative timeout value can be specified, +// meaning no timeout, i.e. no forceful termination is performed. +func (cli *Client) ContainerStop(ctx context.Context, containerID string, options ContainerStopOptions) (ContainerStopResult, error) { + containerID, err := trimID("container", containerID) + if err != nil { + return ContainerStopResult{}, err + } + + query := url.Values{} + if options.Timeout != nil { + query.Set("t", strconv.Itoa(*options.Timeout)) + } + if options.Signal != "" { + query.Set("signal", options.Signal) + } + resp, err := cli.post(ctx, "/containers/"+containerID+"/stop", query, nil, nil) + defer ensureReaderClosed(resp) + if err != nil { + return ContainerStopResult{}, err + } + return ContainerStopResult{}, nil +} diff --git a/vendor/github.com/moby/moby/client/container_top.go b/vendor/github.com/moby/moby/client/container_top.go new file mode 100644 index 000000000000..dc0af8ae48b8 --- /dev/null +++ b/vendor/github.com/moby/moby/client/container_top.go @@ -0,0 +1,44 @@ +package client + +import ( + "context" + "encoding/json" + "net/url" + "strings" + + "github.com/moby/moby/api/types/container" +) + +// ContainerTopOptions defines options for container top operations. +type ContainerTopOptions struct { + Arguments []string +} + +// ContainerTopResult represents the result of a ContainerTop operation. +type ContainerTopResult struct { + Processes [][]string + Titles []string +} + +// ContainerTop shows process information from within a container. +func (cli *Client) ContainerTop(ctx context.Context, containerID string, options ContainerTopOptions) (ContainerTopResult, error) { + containerID, err := trimID("container", containerID) + if err != nil { + return ContainerTopResult{}, err + } + + query := url.Values{} + if len(options.Arguments) > 0 { + query.Set("ps_args", strings.Join(options.Arguments, " ")) + } + + resp, err := cli.get(ctx, "/containers/"+containerID+"/top", query, nil) + defer ensureReaderClosed(resp) + if err != nil { + return ContainerTopResult{}, err + } + + var response container.TopResponse + err = json.NewDecoder(resp.Body).Decode(&response) + return ContainerTopResult{Processes: response.Processes, Titles: response.Titles}, err +} diff --git a/vendor/github.com/moby/moby/client/container_unpause.go b/vendor/github.com/moby/moby/client/container_unpause.go new file mode 100644 index 000000000000..627d60c960d8 --- /dev/null +++ b/vendor/github.com/moby/moby/client/container_unpause.go @@ -0,0 +1,28 @@ +package client + +import "context" + +// ContainerUnpauseOptions holds options for [Client.ContainerUnpause]. +type ContainerUnpauseOptions struct { + // Add future optional parameters here. +} + +// ContainerUnpauseResult holds the result of [Client.ContainerUnpause], +type ContainerUnpauseResult struct { + // Add future fields here. +} + +// ContainerUnpause resumes the process execution within a container. +func (cli *Client) ContainerUnpause(ctx context.Context, containerID string, options ContainerUnpauseOptions) (ContainerUnpauseResult, error) { + containerID, err := trimID("container", containerID) + if err != nil { + return ContainerUnpauseResult{}, err + } + + resp, err := cli.post(ctx, "/containers/"+containerID+"/unpause", nil, nil, nil) + defer ensureReaderClosed(resp) + if err != nil { + return ContainerUnpauseResult{}, err + } + return ContainerUnpauseResult{}, nil +} diff --git a/vendor/github.com/moby/moby/client/container_update.go b/vendor/github.com/moby/moby/client/container_update.go new file mode 100644 index 000000000000..a1d4d249a9f3 --- /dev/null +++ b/vendor/github.com/moby/moby/client/container_update.go @@ -0,0 +1,46 @@ +package client + +import ( + "context" + "encoding/json" + + "github.com/moby/moby/api/types/container" +) + +// ContainerUpdateOptions holds options for [Client.ContainerUpdate]. +type ContainerUpdateOptions struct { + Resources *container.Resources + RestartPolicy *container.RestartPolicy +} + +// ContainerUpdateResult is the result from updating a container. +type ContainerUpdateResult struct { + // Warnings encountered when updating the container. + Warnings []string +} + +// ContainerUpdate updates the resources of a container. +func (cli *Client) ContainerUpdate(ctx context.Context, containerID string, options ContainerUpdateOptions) (ContainerUpdateResult, error) { + containerID, err := trimID("container", containerID) + if err != nil { + return ContainerUpdateResult{}, err + } + + updateConfig := container.UpdateConfig{} + if options.Resources != nil { + updateConfig.Resources = *options.Resources + } + if options.RestartPolicy != nil { + updateConfig.RestartPolicy = *options.RestartPolicy + } + + resp, err := cli.post(ctx, "/containers/"+containerID+"/update", nil, updateConfig, nil) + defer ensureReaderClosed(resp) + if err != nil { + return ContainerUpdateResult{}, err + } + + var response container.UpdateResponse + err = json.NewDecoder(resp.Body).Decode(&response) + return ContainerUpdateResult{Warnings: response.Warnings}, err +} diff --git a/vendor/github.com/moby/moby/client/container_wait.go b/vendor/github.com/moby/moby/client/container_wait.go new file mode 100644 index 000000000000..6f71ed0518db --- /dev/null +++ b/vendor/github.com/moby/moby/client/container_wait.go @@ -0,0 +1,92 @@ +package client + +import ( + "bytes" + "context" + "encoding/json" + "errors" + "io" + "net/url" + + "github.com/moby/moby/api/types/container" +) + +const containerWaitErrorMsgLimit = 2 * 1024 /* Max: 2KiB */ + +// ContainerWaitOptions holds options for [Client.ContainerWait]. +type ContainerWaitOptions struct { + Condition container.WaitCondition +} + +// ContainerWaitResult defines the result from the [Client.ContainerWait] method. +type ContainerWaitResult struct { + Result <-chan container.WaitResponse + Error <-chan error +} + +// ContainerWait waits until the specified container is in a certain state +// indicated by the given condition, either; +// +// - "not-running" ([container.WaitConditionNotRunning]) (default) +// - "next-exit" ([container.WaitConditionNextExit]) +// - "removed" ([container.WaitConditionRemoved]) +// +// ContainerWait blocks until the request has been acknowledged by the server +// (with a response header), then returns two channels on which the caller can +// wait for the exit status of the container or an error if there was a problem +// either beginning the wait request or in getting the response. This allows the +// caller to synchronize ContainerWait with other calls, such as specifying a +// "next-exit" condition ([container.WaitConditionNextExit]) before issuing a +// [Client.ContainerStart] request. +func (cli *Client) ContainerWait(ctx context.Context, containerID string, options ContainerWaitOptions) ContainerWaitResult { + resultC := make(chan container.WaitResponse) + errC := make(chan error, 1) + + containerID, err := trimID("container", containerID) + if err != nil { + errC <- err + return ContainerWaitResult{Result: resultC, Error: errC} + } + + query := url.Values{} + if options.Condition != "" { + query.Set("condition", string(options.Condition)) + } + + resp, err := cli.post(ctx, "/containers/"+containerID+"/wait", query, nil, nil) + if err != nil { + defer ensureReaderClosed(resp) + errC <- err + return ContainerWaitResult{Result: resultC, Error: errC} + } + + go func() { + defer ensureReaderClosed(resp) + + responseText := bytes.NewBuffer(nil) + stream := io.TeeReader(resp.Body, responseText) + + var res container.WaitResponse + if err := json.NewDecoder(stream).Decode(&res); err != nil { + // NOTE(nicks): The /wait API does not work well with HTTP proxies. + // At any time, the proxy could cut off the response stream. + // + // But because the HTTP status has already been written, the proxy's + // only option is to write a plaintext error message. + // + // If there's a JSON parsing error, read the real error message + // off the body and send it to the client. + if errors.As(err, new(*json.SyntaxError)) { + _, _ = io.ReadAll(io.LimitReader(stream, containerWaitErrorMsgLimit)) + errC <- errors.New(responseText.String()) + } else { + errC <- err + } + return + } + + resultC <- res + }() + + return ContainerWaitResult{Result: resultC, Error: errC} +} diff --git a/vendor/github.com/moby/moby/client/distribution_inspect.go b/vendor/github.com/moby/moby/client/distribution_inspect.go new file mode 100644 index 000000000000..ffbf869d3c9c --- /dev/null +++ b/vendor/github.com/moby/moby/client/distribution_inspect.go @@ -0,0 +1,45 @@ +package client + +import ( + "context" + "encoding/json" + "net/http" + "net/url" + + "github.com/moby/moby/api/types/registry" +) + +// DistributionInspectResult holds the result of the DistributionInspect operation. +type DistributionInspectResult struct { + registry.DistributionInspect +} + +// DistributionInspectOptions holds options for the DistributionInspect operation. +type DistributionInspectOptions struct { + EncodedRegistryAuth string +} + +// DistributionInspect returns the image digest with the full manifest. +func (cli *Client) DistributionInspect(ctx context.Context, imageRef string, options DistributionInspectOptions) (DistributionInspectResult, error) { + if imageRef == "" { + return DistributionInspectResult{}, objectNotFoundError{object: "distribution", id: imageRef} + } + + var headers http.Header + if options.EncodedRegistryAuth != "" { + headers = http.Header{ + registry.AuthHeader: {options.EncodedRegistryAuth}, + } + } + + // Contact the registry to retrieve digest and platform information + resp, err := cli.get(ctx, "/distribution/"+imageRef+"/json", url.Values{}, headers) + defer ensureReaderClosed(resp) + if err != nil { + return DistributionInspectResult{}, err + } + + var distributionInspect registry.DistributionInspect + err = json.NewDecoder(resp.Body).Decode(&distributionInspect) + return DistributionInspectResult{DistributionInspect: distributionInspect}, err +} diff --git a/vendor/github.com/docker/docker/client/envvars.go b/vendor/github.com/moby/moby/client/envvars.go similarity index 73% rename from vendor/github.com/docker/docker/client/envvars.go rename to vendor/github.com/moby/moby/client/envvars.go index abe122d18e78..2b0e3f6b5a4b 100644 --- a/vendor/github.com/docker/docker/client/envvars.go +++ b/vendor/github.com/moby/moby/client/envvars.go @@ -4,16 +4,16 @@ const ( // EnvOverrideHost is the name of the environment variable that can be used // to override the default host to connect to (DefaultDockerHost). // - // This env-var is read by FromEnv and WithHostFromEnv and when set to a + // This env-var is read by [FromEnv] and [WithHostFromEnv] and when set to a // non-empty value, takes precedence over the default host (which is platform // specific), or any host already set. EnvOverrideHost = "DOCKER_HOST" // EnvOverrideAPIVersion is the name of the environment variable that can - // be used to override the API version to use. Value should be + // be used to override the API version to use. Value must be // formatted as MAJOR.MINOR, for example, "1.19". // - // This env-var is read by FromEnv and WithVersionFromEnv and when set to a + // This env-var is read by [FromEnv] and [WithVersionFromEnv] and when set to a // non-empty value, takes precedence over API version negotiation. // // This environment variable should be used for debugging purposes only, as @@ -23,16 +23,15 @@ const ( // EnvOverrideCertPath is the name of the environment variable that can be // used to specify the directory from which to load the TLS certificates // (ca.pem, cert.pem, key.pem) from. These certificates are used to configure - // the Client for a TCP connection protected by TLS client authentication. + // the [Client] for a TCP connection protected by TLS client authentication. // // TLS certificate verification is enabled by default if the Client is configured - // to use a TLS connection. Refer to EnvTLSVerify below to learn how to + // to use a TLS connection. Refer to [EnvTLSVerify] below to learn how to // disable verification for testing purposes. // // WARNING: Access to the remote API is equivalent to root access to the // host where the daemon runs. Do not expose the API without protection, - // and only if needed. Make sure you are familiar with the "daemon attack - // surface" (https://docs.docker.com/go/attack-surface/). + // and only if needed. Make sure you are familiar with the ["daemon attack surface"]. // // For local access to the API, it is recommended to connect with the daemon // using the default local socket connection (on Linux), or the named pipe @@ -43,11 +42,14 @@ const ( // configuration if the host is accessible using ssh. // // If you cannot use the alternatives above, and you must expose the API over - // a TCP connection, refer to https://docs.docker.com/engine/security/protect-access/ + // a TCP connection. Refer to [Protect the Docker daemon socket] // to learn how to configure the daemon and client to use a TCP connection // with TLS client authentication. Make sure you know the differences between // a regular TLS connection and a TLS connection protected by TLS client // authentication, and verify that the API cannot be accessed by other clients. + // + // ["daemon attack surface"]: https://docs.docker.com/go/attack-surface/ + // [Protect the Docker daemon socket]: https://docs.docker.com/engine/security/protect-access/ EnvOverrideCertPath = "DOCKER_CERT_PATH" // EnvTLSVerify is the name of the environment variable that can be used to @@ -59,26 +61,26 @@ const ( // // WARNING: Access to the remote API is equivalent to root access to the // host where the daemon runs. Do not expose the API without protection, - // and only if needed. Make sure you are familiar with the "daemon attack - // surface" (https://docs.docker.com/go/attack-surface/). + // and only if needed. Make sure you are familiar with the ["daemon attack surface"]. // // Before setting up your client and daemon to use a TCP connection with TLS // client authentication, consider using one of the alternatives mentioned - // in EnvOverrideCertPath above. + // in [EnvOverrideCertPath]. // // Disabling TLS certificate verification (for testing purposes) // // TLS certificate verification is enabled by default if the Client is configured // to use a TLS connection, and it is highly recommended to keep verification - // enabled to prevent machine-in-the-middle attacks. Refer to the documentation - // at https://docs.docker.com/engine/security/protect-access/ and pages linked - // from that page to learn how to configure the daemon and client to use a - // TCP connection with TLS client authentication enabled. + // enabled to prevent machine-in-the-middle attacks. Refer to [Protect the Docker daemon socket] + // in the documentation and pages linked from that page to learn how to + // configure the daemon and client to use a TCP connection with TLS client + // authentication enabled. // // Set the "DOCKER_TLS_VERIFY" environment to an empty string ("") to // disable TLS certificate verification. Disabling verification is insecure, - // so should only be done for testing purposes. From the Go documentation - // (https://pkg.go.dev/crypto/tls#Config): + // so should only be done for testing purposes. + // + // From the[crypto/tls.Config] documentation: // // InsecureSkipVerify controls whether a client verifies the server's // certificate chain and host name. If InsecureSkipVerify is true, crypto/tls @@ -86,5 +88,8 @@ const ( // certificate. In this mode, TLS is susceptible to machine-in-the-middle // attacks unless custom verification is used. This should be used only for // testing or in combination with VerifyConnection or VerifyPeerCertificate. + // + // ["daemon attack surface"]: https://docs.docker.com/go/attack-surface/ + // [Protect the Docker daemon socket]: https://docs.docker.com/engine/security/protect-access/ EnvTLSVerify = "DOCKER_TLS_VERIFY" ) diff --git a/vendor/github.com/docker/docker/client/errors.go b/vendor/github.com/moby/moby/client/errors.go similarity index 76% rename from vendor/github.com/docker/docker/client/errors.go rename to vendor/github.com/moby/moby/client/errors.go index 9e3a2538f220..9fbfa7666ed0 100644 --- a/vendor/github.com/docker/docker/client/errors.go +++ b/vendor/github.com/moby/moby/client/errors.go @@ -8,7 +8,7 @@ import ( cerrdefs "github.com/containerd/errdefs" "github.com/containerd/errdefs/pkg/errhttp" - "github.com/docker/docker/api/types/versions" + "github.com/moby/moby/client/pkg/versions" ) // errConnectionFailed implements an error returned when connection failed. @@ -30,13 +30,6 @@ func IsErrConnectionFailed(err error) bool { return errors.As(err, &errConnectionFailed{}) } -// ErrorConnectionFailed returns an error with host in the error message when connection to docker daemon failed. -// -// Deprecated: this function was only used internally, and will be removed in the next release. -func ErrorConnectionFailed(host string) error { - return connectionFailed(host) -} - // connectionFailed returns an error with host in the error message when connection // to docker daemon failed. func connectionFailed(host string) error { @@ -49,14 +42,6 @@ func connectionFailed(host string) error { return errConnectionFailed{error: err} } -// IsErrNotFound returns true if the error is a NotFound error, which is returned -// by the API when some object is not found. It is an alias for [cerrdefs.IsNotFound]. -// -// Deprecated: use [cerrdefs.IsNotFound] instead. -func IsErrNotFound(err error) bool { - return cerrdefs.IsNotFound(err) -} - type objectNotFoundError struct { object string id string @@ -68,12 +53,12 @@ func (e objectNotFoundError) Error() string { return fmt.Sprintf("Error: No such %s: %s", e.object, e.id) } -// NewVersionError returns an error if the APIVersion required is less than the +// requiresVersion returns an error if the APIVersion required is less than the // current supported version. // // It performs API-version negotiation if the Client is configured with this // option, otherwise it assumes the latest API version is used. -func (cli *Client) NewVersionError(ctx context.Context, APIrequired, feature string) error { +func (cli *Client) requiresVersion(ctx context.Context, apiRequired, feature string) error { // Make sure we negotiated (if the client is configured to do so), // as code below contains API-version specific handling of options. // @@ -82,8 +67,8 @@ func (cli *Client) NewVersionError(ctx context.Context, APIrequired, feature str if err := cli.checkVersion(ctx); err != nil { return err } - if cli.version != "" && versions.LessThan(cli.version, APIrequired) { - return fmt.Errorf("%q requires API version %s, but the Docker daemon API version is %s", feature, APIrequired, cli.version) + if cli.version != "" && versions.LessThan(cli.version, apiRequired) { + return fmt.Errorf("%q requires API version %s, but the Docker daemon API version is %s", feature, apiRequired, cli.version) } return nil } diff --git a/vendor/github.com/moby/moby/client/filters.go b/vendor/github.com/moby/moby/client/filters.go new file mode 100644 index 000000000000..347ad5c689a8 --- /dev/null +++ b/vendor/github.com/moby/moby/client/filters.go @@ -0,0 +1,59 @@ +package client + +import ( + "encoding/json" + "net/url" +) + +// Filters describes a predicate for an API request. +// +// Each entry in the map is a filter term. +// Each term is evaluated against the set of values. +// A filter term is satisfied if any one of the values in the set is a match. +// An item matches the filters when all terms are satisfied. +// +// Like all other map types in Go, the zero value is empty and read-only. +type Filters map[string]map[string]bool + +// Add appends values to the value-set of term. +// +// The receiver f is returned for chaining. +// +// f := make(Filters).Add("name", "foo", "bar").Add("status", "exited") +func (f Filters) Add(term string, values ...string) Filters { + if _, ok := f[term]; !ok { + f[term] = make(map[string]bool) + } + for _, v := range values { + f[term][v] = true + } + return f +} + +// Clone returns a deep copy of f. +func (f Filters) Clone() Filters { + out := make(Filters, len(f)) + for term, values := range f { + inner := make(map[string]bool, len(values)) + for v, ok := range values { + inner[v] = ok + } + out[term] = inner + } + return out +} + +// updateURLValues sets the "filters" key in values to the marshalled value of +// f, replacing any existing values. When f is empty, any existing "filters" key +// is removed. +func (f Filters) updateURLValues(values url.Values) { + if len(f) > 0 { + b, err := json.Marshal(f) + if err != nil { + panic(err) // Marshaling builtin types should never fail + } + values.Set("filters", string(b)) + } else { + values.Del("filters") + } +} diff --git a/vendor/github.com/docker/docker/client/hijack.go b/vendor/github.com/moby/moby/client/hijack.go similarity index 65% rename from vendor/github.com/docker/docker/client/hijack.go rename to vendor/github.com/moby/moby/client/hijack.go index 01d121a62e71..31c44e598877 100644 --- a/vendor/github.com/docker/docker/client/hijack.go +++ b/vendor/github.com/moby/moby/client/hijack.go @@ -9,33 +9,25 @@ import ( "net/url" "time" - "github.com/docker/docker/api/types" - "github.com/docker/docker/api/types/versions" - "github.com/pkg/errors" "go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp" ) // postHijacked sends a POST request and hijacks the connection. -func (cli *Client) postHijacked(ctx context.Context, path string, query url.Values, body interface{}, headers map[string][]string) (types.HijackedResponse, error) { - bodyEncoded, err := encodeData(body) +func (cli *Client) postHijacked(ctx context.Context, path string, query url.Values, body any, headers map[string][]string) (HijackedResponse, error) { + jsonBody, err := jsonEncode(body) if err != nil { - return types.HijackedResponse{}, err + return HijackedResponse{}, err } - req, err := cli.buildRequest(ctx, http.MethodPost, cli.getAPIPath(ctx, path, query), bodyEncoded, headers) + req, err := cli.buildRequest(ctx, http.MethodPost, cli.getAPIPath(ctx, path, query), jsonBody, headers) if err != nil { - return types.HijackedResponse{}, err + return HijackedResponse{}, err } conn, mediaType, err := setupHijackConn(cli.dialer(), req, "tcp") if err != nil { - return types.HijackedResponse{}, err + return HijackedResponse{}, err } - if versions.LessThan(cli.ClientVersion(), "1.42") { - // Prior to 1.42, Content-Type is always set to raw-stream and not relevant - mediaType = "" - } - - return types.NewHijackedResponse(conn, mediaType), nil + return NewHijackedResponse(conn, mediaType), nil } // DialHijack returns a hijacked connection with negotiated protocol proto. @@ -57,18 +49,18 @@ func setupHijackConn(dialer func(context.Context) (net.Conn, error), req *http.R conn, err := dialer(ctx) if err != nil { - return nil, "", errors.Wrap(err, "cannot connect to the Docker daemon. Is 'docker daemon' running on this host?") + return nil, "", fmt.Errorf("cannot connect to the Docker daemon. Is 'docker daemon' running on this host?: %w", err) } defer func() { if retErr != nil { - conn.Close() + _ = conn.Close() } }() // When we set up a TCP connection for hijack, there could be long periods // of inactivity (a long running command with no output) that in certain // network setups may cause ECONNTIMEOUT, leaving the client in an unknown - // state. Setting TCP KeepAlive on the socket connection will prohibit + // state. Setting TCP KeepAlive on the socket connection prohibits // ECONNTIMEOUT unless the socket connection truly is broken if tcpConn, ok := conn.(*net.TCPConn); ok { _ = tcpConn.SetKeepAlive(true) @@ -91,7 +83,7 @@ func setupHijackConn(dialer func(context.Context) (net.Conn, error), req *http.R // If there is buffered content, wrap the connection. We return an // object that implements CloseWrite if the underlying connection // implements it. - if _, ok := hc.Conn.(types.CloseWriter); ok { + if _, ok := hc.Conn.(CloseWriter); ok { conn = &hijackedConnCloseWriter{hc} } else { conn = hc @@ -131,9 +123,50 @@ type hijackedConnCloseWriter struct { *hijackedConn } -var _ types.CloseWriter = &hijackedConnCloseWriter{} +var _ CloseWriter = &hijackedConnCloseWriter{} func (c *hijackedConnCloseWriter) CloseWrite() error { - conn := c.Conn.(types.CloseWriter) + conn := c.Conn.(CloseWriter) return conn.CloseWrite() } + +// NewHijackedResponse initializes a [HijackedResponse] type. +func NewHijackedResponse(conn net.Conn, mediaType string) HijackedResponse { + return HijackedResponse{Conn: conn, Reader: bufio.NewReader(conn), mediaType: mediaType} +} + +// HijackedResponse holds connection information for a hijacked request. +type HijackedResponse struct { + mediaType string + Conn net.Conn + Reader *bufio.Reader +} + +// Close closes the hijacked connection and reader. +func (h *HijackedResponse) Close() { + h.Conn.Close() +} + +// MediaType let client know if HijackedResponse hold a raw or multiplexed stream. +// returns false if HTTP Content-Type is not relevant, and the container must be +// inspected. +func (h *HijackedResponse) MediaType() (string, bool) { + if h.mediaType == "" { + return "", false + } + return h.mediaType, true +} + +// CloseWriter is an interface that implements structs +// that close input streams to prevent from writing. +type CloseWriter interface { + CloseWrite() error +} + +// CloseWrite closes a readWriter for writing. +func (h *HijackedResponse) CloseWrite() error { + if conn, ok := h.Conn.(CloseWriter); ok { + return conn.CloseWrite() + } + return nil +} diff --git a/vendor/github.com/docker/docker/client/image_build.go b/vendor/github.com/moby/moby/client/image_build.go similarity index 79% rename from vendor/github.com/docker/docker/client/image_build.go rename to vendor/github.com/moby/moby/client/image_build.go index 1ed0878bfdb2..5062ec5de12d 100644 --- a/vendor/github.com/docker/docker/client/image_build.go +++ b/vendor/github.com/moby/moby/client/image_build.go @@ -8,25 +8,24 @@ import ( "net/http" "net/url" "strconv" - "strings" - "github.com/docker/docker/api/types/build" - "github.com/docker/docker/api/types/container" - "github.com/docker/docker/api/types/network" + cerrdefs "github.com/containerd/errdefs" + "github.com/moby/moby/api/types/container" + "github.com/moby/moby/api/types/network" ) // ImageBuild sends a request to the daemon to build images. -// The Body in the response implements an io.ReadCloser and it's up to the caller to +// The Body in the response implements an [io.ReadCloser] and it's up to the caller to // close it. -func (cli *Client) ImageBuild(ctx context.Context, buildContext io.Reader, options build.ImageBuildOptions) (build.ImageBuildResponse, error) { +func (cli *Client) ImageBuild(ctx context.Context, buildContext io.Reader, options ImageBuildOptions) (ImageBuildResult, error) { query, err := cli.imageBuildOptionsToQuery(ctx, options) if err != nil { - return build.ImageBuildResponse{}, err + return ImageBuildResult{}, err } buf, err := json.Marshal(options.AuthConfigs) if err != nil { - return build.ImageBuildResponse{}, err + return ImageBuildResult{}, err } headers := http.Header{} @@ -35,16 +34,15 @@ func (cli *Client) ImageBuild(ctx context.Context, buildContext io.Reader, optio resp, err := cli.postRaw(ctx, "/build", query, buildContext, headers) if err != nil { - return build.ImageBuildResponse{}, err + return ImageBuildResult{}, err } - return build.ImageBuildResponse{ - Body: resp.Body, - OSType: resp.Header.Get("Ostype"), + return ImageBuildResult{ + Body: resp.Body, }, nil } -func (cli *Client) imageBuildOptionsToQuery(ctx context.Context, options build.ImageBuildOptions) (url.Values, error) { +func (cli *Client) imageBuildOptionsToQuery(_ context.Context, options ImageBuildOptions) (url.Values, error) { query := url.Values{} if len(options.Tags) > 0 { query["t"] = options.Tags @@ -81,9 +79,7 @@ func (cli *Client) imageBuildOptionsToQuery(ctx context.Context, options build.I } if options.Squash { - if err := cli.NewVersionError(ctx, "1.25", "squash"); err != nil { - return query, err - } + // TODO(thaJeztah): squash is experimental, and deprecated when using BuildKit? query.Set("squash", "1") } @@ -158,11 +154,12 @@ func (cli *Client) imageBuildOptionsToQuery(ctx context.Context, options build.I if options.SessionID != "" { query.Set("session", options.SessionID) } - if options.Platform != "" { - if err := cli.NewVersionError(ctx, "1.32", "platform"); err != nil { - return query, err + if len(options.Platforms) > 0 { + if len(options.Platforms) > 1 { + // TODO(thaJeztah): update API spec and add equivalent check on the daemon. We need this still for older daemons, which would ignore it. + return query, cerrdefs.ErrInvalidArgument.WithMessage("specifying multiple platforms is not yet supported") } - query.Set("platform", strings.ToLower(options.Platform)) + query.Set("platform", formatPlatform(options.Platforms[0])) } if options.BuildID != "" { query.Set("buildid", options.BuildID) diff --git a/vendor/github.com/docker/docker/api/types/build/build.go b/vendor/github.com/moby/moby/client/image_build_opts.go similarity index 75% rename from vendor/github.com/docker/docker/api/types/build/build.go rename to vendor/github.com/moby/moby/client/image_build_opts.go index c43a0e21ea74..f65ad0f2bf7c 100644 --- a/vendor/github.com/docker/docker/api/types/build/build.go +++ b/vendor/github.com/moby/moby/client/image_build_opts.go @@ -1,27 +1,14 @@ -package build +package client import ( "io" - "github.com/docker/docker/api/types/container" - "github.com/docker/docker/api/types/registry" + "github.com/moby/moby/api/types/build" + "github.com/moby/moby/api/types/container" + "github.com/moby/moby/api/types/registry" + ocispec "github.com/opencontainers/image-spec/specs-go/v1" ) -// BuilderVersion sets the version of underlying builder to use -type BuilderVersion string - -const ( - // BuilderV1 is the first generation builder in docker daemon - BuilderV1 BuilderVersion = "1" - // BuilderBuildKit is builder based on moby/buildkit project - BuilderBuildKit BuilderVersion = "2" -) - -// Result contains the image id of a successful build. -type Result struct { - ID string -} - // ImageBuildOptions holds the information // necessary to build images. type ImageBuildOptions struct { @@ -64,9 +51,11 @@ type ImageBuildOptions struct { ExtraHosts []string // List of extra hosts Target string SessionID string - Platform string + // Platforms selects the platforms to build the image for. Multiple platforms + // can be provided if the daemon supports multi-platform builds. + Platforms []ocispec.Platform // Version specifies the version of the underlying builder to use - Version BuilderVersion + Version build.BuilderVersion // BuildID is an optional identifier that can be passed together with the // build request. The same identifier can be used to gracefully cancel the // build with the cancel request. @@ -82,10 +71,9 @@ type ImageBuildOutput struct { Attrs map[string]string } -// ImageBuildResponse holds information +// ImageBuildResult holds information // returned by a server after building // an image. -type ImageBuildResponse struct { - Body io.ReadCloser - OSType string +type ImageBuildResult struct { + Body io.ReadCloser } diff --git a/vendor/github.com/docker/docker/client/image_history.go b/vendor/github.com/moby/moby/client/image_history.go similarity index 75% rename from vendor/github.com/docker/docker/client/image_history.go rename to vendor/github.com/moby/moby/client/image_history.go index fce8b80e1819..8618f1553eef 100644 --- a/vendor/github.com/docker/docker/client/image_history.go +++ b/vendor/github.com/moby/moby/client/image_history.go @@ -6,7 +6,6 @@ import ( "fmt" "net/url" - "github.com/docker/docker/api/types/image" ocispec "github.com/opencontainers/image-spec/specs-go/v1" ) @@ -22,24 +21,24 @@ func ImageHistoryWithPlatform(platform ocispec.Platform) ImageHistoryOption { } // ImageHistory returns the changes in an image in history format. -func (cli *Client) ImageHistory(ctx context.Context, imageID string, historyOpts ...ImageHistoryOption) ([]image.HistoryResponseItem, error) { +func (cli *Client) ImageHistory(ctx context.Context, imageID string, historyOpts ...ImageHistoryOption) (ImageHistoryResult, error) { query := url.Values{} var opts imageHistoryOpts for _, o := range historyOpts { if err := o.Apply(&opts); err != nil { - return nil, err + return ImageHistoryResult{}, err } } if opts.apiOptions.Platform != nil { - if err := cli.NewVersionError(ctx, "1.48", "platform"); err != nil { - return nil, err + if err := cli.requiresVersion(ctx, "1.48", "platform"); err != nil { + return ImageHistoryResult{}, err } p, err := encodePlatform(opts.apiOptions.Platform) if err != nil { - return nil, err + return ImageHistoryResult{}, err } query.Set("platform", p) } @@ -47,10 +46,10 @@ func (cli *Client) ImageHistory(ctx context.Context, imageID string, historyOpts resp, err := cli.get(ctx, "/images/"+imageID+"/history", query, nil) defer ensureReaderClosed(resp) if err != nil { - return nil, err + return ImageHistoryResult{}, err } - var history []image.HistoryResponseItem - err = json.NewDecoder(resp.Body).Decode(&history) + var history ImageHistoryResult + err = json.NewDecoder(resp.Body).Decode(&history.Items) return history, err } diff --git a/vendor/github.com/docker/docker/client/image_history_opts.go b/vendor/github.com/moby/moby/client/image_history_opts.go similarity index 53% rename from vendor/github.com/docker/docker/client/image_history_opts.go rename to vendor/github.com/moby/moby/client/image_history_opts.go index 6d3494dd0bfb..7fc57afd1cc7 100644 --- a/vendor/github.com/docker/docker/client/image_history_opts.go +++ b/vendor/github.com/moby/moby/client/image_history_opts.go @@ -1,7 +1,8 @@ package client import ( - "github.com/docker/docker/api/types/image" + "github.com/moby/moby/api/types/image" + ocispec "github.com/opencontainers/image-spec/specs-go/v1" ) // ImageHistoryOption is a type representing functional options for the image history operation. @@ -15,5 +16,14 @@ func (f imageHistoryOptionFunc) Apply(o *imageHistoryOpts) error { } type imageHistoryOpts struct { - apiOptions image.HistoryOptions + apiOptions imageHistoryOptions +} + +type imageHistoryOptions struct { + // Platform from the manifest list to use for history. + Platform *ocispec.Platform +} + +type ImageHistoryResult struct { + Items []image.HistoryResponseItem } diff --git a/vendor/github.com/moby/moby/client/image_import.go b/vendor/github.com/moby/moby/client/image_import.go new file mode 100644 index 000000000000..f383f76d49cb --- /dev/null +++ b/vendor/github.com/moby/moby/client/image_import.go @@ -0,0 +1,66 @@ +package client + +import ( + "context" + "io" + "net/url" + + "github.com/distribution/reference" +) + +// ImageImportResult holds the response body returned by the daemon for image import. +type ImageImportResult interface { + io.ReadCloser +} + +// ImageImport creates a new image based on the source options. It returns the +// JSON content in the [ImageImportResult]. +// +// The underlying [io.ReadCloser] is automatically closed if the context is canceled, +func (cli *Client) ImageImport(ctx context.Context, source ImageImportSource, ref string, options ImageImportOptions) (ImageImportResult, error) { + if ref != "" { + // Check if the given image name can be resolved + if _, err := reference.ParseNormalizedNamed(ref); err != nil { + return nil, err + } + } + + query := url.Values{} + if source.SourceName != "" { + query.Set("fromSrc", source.SourceName) + } + if ref != "" { + query.Set("repo", ref) + } + if options.Tag != "" { + query.Set("tag", options.Tag) + } + if options.Message != "" { + query.Set("message", options.Message) + } + if p := formatPlatform(options.Platform); p != "unknown" { + // TODO(thaJeztah): would we ever support mutiple platforms here? (would require multiple rootfs tars as well?) + query.Set("platform", p) + } + for _, change := range options.Changes { + query.Add("changes", change) + } + + resp, err := cli.postRaw(ctx, "/images/create", query, source.Source, nil) + if err != nil { + return nil, err + } + return &imageImportResult{ + ReadCloser: newCancelReadCloser(ctx, resp.Body), + }, nil +} + +// ImageImportResult holds the response body returned by the daemon for image import. +type imageImportResult struct { + io.ReadCloser +} + +var ( + _ io.ReadCloser = (*imageImportResult)(nil) + _ ImageImportResult = (*imageImportResult)(nil) +) diff --git a/vendor/github.com/moby/moby/client/image_import_opts.go b/vendor/github.com/moby/moby/client/image_import_opts.go new file mode 100644 index 000000000000..c70473bdd544 --- /dev/null +++ b/vendor/github.com/moby/moby/client/image_import_opts.go @@ -0,0 +1,21 @@ +package client + +import ( + "io" + + ocispec "github.com/opencontainers/image-spec/specs-go/v1" +) + +// ImageImportSource holds source information for ImageImport +type ImageImportSource struct { + Source io.Reader // Source is the data to send to the server to create this image from. You must set SourceName to "-" to leverage this. + SourceName string // SourceName is the name of the image to pull. Set to "-" to leverage the Source attribute. +} + +// ImageImportOptions holds information to import images from the client host. +type ImageImportOptions struct { + Tag string // Tag is the name to tag this image with. This attribute is deprecated. + Message string // Message is the message to tag the image with + Changes []string // Changes are the raw changes to apply to this image + Platform ocispec.Platform // Platform is the target platform of the image +} diff --git a/vendor/github.com/moby/moby/client/image_inspect.go b/vendor/github.com/moby/moby/client/image_inspect.go new file mode 100644 index 000000000000..635931fd030b --- /dev/null +++ b/vendor/github.com/moby/moby/client/image_inspect.go @@ -0,0 +1,62 @@ +package client + +import ( + "bytes" + "context" + "encoding/json" + "fmt" + "io" + "net/url" +) + +// ImageInspect returns the image information. +func (cli *Client) ImageInspect(ctx context.Context, imageID string, inspectOpts ...ImageInspectOption) (ImageInspectResult, error) { + if imageID == "" { + return ImageInspectResult{}, objectNotFoundError{object: "image", id: imageID} + } + + var opts imageInspectOpts + for _, opt := range inspectOpts { + if err := opt.Apply(&opts); err != nil { + return ImageInspectResult{}, fmt.Errorf("error applying image inspect option: %w", err) + } + } + + query := url.Values{} + if opts.apiOptions.Manifests { + if err := cli.requiresVersion(ctx, "1.48", "manifests"); err != nil { + return ImageInspectResult{}, err + } + query.Set("manifests", "1") + } + + if opts.apiOptions.Platform != nil { + if err := cli.requiresVersion(ctx, "1.49", "platform"); err != nil { + return ImageInspectResult{}, err + } + platform, err := encodePlatform(opts.apiOptions.Platform) + if err != nil { + return ImageInspectResult{}, err + } + query.Set("platform", platform) + } + + resp, err := cli.get(ctx, "/images/"+imageID+"/json", query, nil) + defer ensureReaderClosed(resp) + if err != nil { + return ImageInspectResult{}, err + } + + buf := opts.raw + if buf == nil { + buf = &bytes.Buffer{} + } + + if _, err := io.Copy(buf, resp.Body); err != nil { + return ImageInspectResult{}, err + } + + var response ImageInspectResult + err = json.Unmarshal(buf.Bytes(), &response) + return response, err +} diff --git a/vendor/github.com/docker/docker/client/image_inspect_opts.go b/vendor/github.com/moby/moby/client/image_inspect_opts.go similarity index 70% rename from vendor/github.com/docker/docker/client/image_inspect_opts.go rename to vendor/github.com/moby/moby/client/image_inspect_opts.go index 655cbf0b7af0..266c1fe8151e 100644 --- a/vendor/github.com/docker/docker/client/image_inspect_opts.go +++ b/vendor/github.com/moby/moby/client/image_inspect_opts.go @@ -3,7 +3,7 @@ package client import ( "bytes" - "github.com/docker/docker/api/types/image" + "github.com/moby/moby/api/types/image" ocispec "github.com/opencontainers/image-spec/specs-go/v1" ) @@ -28,8 +28,9 @@ func ImageInspectWithRawResponse(raw *bytes.Buffer) ImageInspectOption { // ImageInspectWithManifests sets manifests API option for the image inspect operation. // This option is only available for API version 1.48 and up. -// With this option set, the image inspect operation response will have the -// [image.InspectResponse.Manifests] field populated if the server is multi-platform capable. +// With this option set, the image inspect operation response includes +// the [image.InspectResponse.Manifests] field if the server is multi-platform +// capable. func ImageInspectWithManifests(manifests bool) ImageInspectOption { return imageInspectOptionFunc(func(clientOpts *imageInspectOpts) error { clientOpts.apiOptions.Manifests = manifests @@ -39,7 +40,7 @@ func ImageInspectWithManifests(manifests bool) ImageInspectOption { // ImageInspectWithPlatform sets platform API option for the image inspect operation. // This option is only available for API version 1.49 and up. -// With this option set, the image inspect operation will return information for the +// With this option set, the image inspect operation returns information for the // specified platform variant of the multi-platform image. func ImageInspectWithPlatform(platform *ocispec.Platform) ImageInspectOption { return imageInspectOptionFunc(func(clientOpts *imageInspectOpts) error { @@ -48,15 +49,21 @@ func ImageInspectWithPlatform(platform *ocispec.Platform) ImageInspectOption { }) } -// ImageInspectWithAPIOpts sets the API options for the image inspect operation. -func ImageInspectWithAPIOpts(opts image.InspectOptions) ImageInspectOption { - return imageInspectOptionFunc(func(clientOpts *imageInspectOpts) error { - clientOpts.apiOptions = opts - return nil - }) -} - type imageInspectOpts struct { raw *bytes.Buffer - apiOptions image.InspectOptions + apiOptions imageInspectOptions +} + +type imageInspectOptions struct { + // Manifests returns the image manifests. + Manifests bool + + // Platform selects the specific platform of a multi-platform image to inspect. + // + // This option is only available for API version 1.49 and up. + Platform *ocispec.Platform +} + +type ImageInspectResult struct { + image.InspectResponse } diff --git a/vendor/github.com/moby/moby/client/image_list.go b/vendor/github.com/moby/moby/client/image_list.go new file mode 100644 index 000000000000..6df3c66e1790 --- /dev/null +++ b/vendor/github.com/moby/moby/client/image_list.go @@ -0,0 +1,53 @@ +package client + +import ( + "context" + "encoding/json" + "net/url" + + "github.com/moby/moby/api/types/image" + "github.com/moby/moby/client/pkg/versions" +) + +// ImageList returns a list of images in the docker host. +// +// Experimental: Set the [image.ListOptions.Manifest] option +// to include [image.Summary.Manifests] with information about image manifests. +// This is experimental and might change in the future without any backward +// compatibility. +func (cli *Client) ImageList(ctx context.Context, options ImageListOptions) (ImageListResult, error) { + var images []image.Summary + + query := url.Values{} + + options.Filters.updateURLValues(query) + if options.All { + query.Set("all", "1") + } + if options.SharedSize { + query.Set("shared-size", "1") + } + if options.Manifests { + // Make sure we negotiated (if the client is configured to do so), + // as code below contains API-version specific handling of options. + // + // Normally, version-negotiation (if enabled) would not happen until + // the API request is made. + if err := cli.checkVersion(ctx); err != nil { + return ImageListResult{}, err + } + + if versions.GreaterThanOrEqualTo(cli.version, "1.47") { + query.Set("manifests", "1") + } + } + + resp, err := cli.get(ctx, "/images/json", query, nil) + defer ensureReaderClosed(resp) + if err != nil { + return ImageListResult{}, err + } + + err = json.NewDecoder(resp.Body).Decode(&images) + return ImageListResult{Items: images}, err +} diff --git a/vendor/github.com/moby/moby/client/image_list_opts.go b/vendor/github.com/moby/moby/client/image_list_opts.go new file mode 100644 index 000000000000..a497d5790e05 --- /dev/null +++ b/vendor/github.com/moby/moby/client/image_list_opts.go @@ -0,0 +1,24 @@ +package client + +import "github.com/moby/moby/api/types/image" + +// ImageListOptions holds parameters to list images with. +type ImageListOptions struct { + // All controls whether all images in the graph are filtered, or just + // the heads. + All bool + + // Filters is a JSON-encoded set of filter arguments. + Filters Filters + + // SharedSize indicates whether the shared size of images should be computed. + SharedSize bool + + // Manifests indicates whether the image manifests should be returned. + Manifests bool +} + +// ImageListResult holds the result from ImageList. +type ImageListResult struct { + Items []image.Summary +} diff --git a/vendor/github.com/moby/moby/client/image_load.go b/vendor/github.com/moby/moby/client/image_load.go new file mode 100644 index 000000000000..ec5fcae6ebfc --- /dev/null +++ b/vendor/github.com/moby/moby/client/image_load.go @@ -0,0 +1,64 @@ +package client + +import ( + "context" + "io" + "net/http" + "net/url" +) + +// ImageLoadResult returns information to the client about a load process. +// It implements [io.ReadCloser] and must be closed to avoid a resource leak. +type ImageLoadResult interface { + io.ReadCloser +} + +// ImageLoad loads an image in the docker host from the client host. It's up +// to the caller to close the [ImageLoadResult] returned by this function. +// +// The underlying [io.ReadCloser] is automatically closed if the context is canceled, +func (cli *Client) ImageLoad(ctx context.Context, input io.Reader, loadOpts ...ImageLoadOption) (ImageLoadResult, error) { + var opts imageLoadOpts + for _, opt := range loadOpts { + if err := opt.Apply(&opts); err != nil { + return nil, err + } + } + + query := url.Values{} + query.Set("quiet", "0") + if opts.apiOptions.Quiet { + query.Set("quiet", "1") + } + if len(opts.apiOptions.Platforms) > 0 { + if err := cli.requiresVersion(ctx, "1.48", "platform"); err != nil { + return nil, err + } + + p, err := encodePlatforms(opts.apiOptions.Platforms...) + if err != nil { + return nil, err + } + query["platform"] = p + } + + resp, err := cli.postRaw(ctx, "/images/load", query, input, http.Header{ + "Content-Type": {"application/x-tar"}, + }) + if err != nil { + return nil, err + } + return &imageLoadResult{ + ReadCloser: newCancelReadCloser(ctx, resp.Body), + }, nil +} + +// imageLoadResult returns information to the client about a load process. +type imageLoadResult struct { + io.ReadCloser +} + +var ( + _ io.ReadCloser = (*imageLoadResult)(nil) + _ ImageLoadResult = (*imageLoadResult)(nil) +) diff --git a/vendor/github.com/docker/docker/client/image_load_opts.go b/vendor/github.com/moby/moby/client/image_load_opts.go similarity index 69% rename from vendor/github.com/docker/docker/client/image_load_opts.go rename to vendor/github.com/moby/moby/client/image_load_opts.go index ebcedd41ff5a..aeb4fcf83972 100644 --- a/vendor/github.com/docker/docker/client/image_load_opts.go +++ b/vendor/github.com/moby/moby/client/image_load_opts.go @@ -3,7 +3,6 @@ package client import ( "fmt" - "github.com/docker/docker/api/types/image" ocispec "github.com/opencontainers/image-spec/specs-go/v1" ) @@ -18,7 +17,16 @@ func (f imageLoadOptionFunc) Apply(o *imageLoadOpts) error { } type imageLoadOpts struct { - apiOptions image.LoadOptions + apiOptions imageLoadOptions +} + +type imageLoadOptions struct { + // Quiet suppresses progress output + Quiet bool + + // Platforms selects the platforms to load if the image is a + // multi-platform image and has multiple variants. + Platforms []ocispec.Platform } // ImageLoadWithQuiet sets the quiet option for the image load operation. @@ -30,6 +38,10 @@ func ImageLoadWithQuiet(quiet bool) ImageLoadOption { } // ImageLoadWithPlatforms sets the platforms to be loaded from the image. +// +// Platform is an optional parameter that specifies the platform to load from +// the provided multi-platform image. Passing a platform only has an effect +// if the input image is a multi-platform image. func ImageLoadWithPlatforms(platforms ...ocispec.Platform) ImageLoadOption { return imageLoadOptionFunc(func(opt *imageLoadOpts) error { if opt.apiOptions.Platforms != nil { diff --git a/vendor/github.com/moby/moby/client/image_prune.go b/vendor/github.com/moby/moby/client/image_prune.go new file mode 100644 index 000000000000..7f3a25b89849 --- /dev/null +++ b/vendor/github.com/moby/moby/client/image_prune.go @@ -0,0 +1,39 @@ +package client + +import ( + "context" + "encoding/json" + "fmt" + "net/url" + + "github.com/moby/moby/api/types/image" +) + +// ImagePruneOptions holds parameters to prune images. +type ImagePruneOptions struct { + Filters Filters +} + +// ImagePruneResult holds the result from the [Client.ImagePrune] method. +type ImagePruneResult struct { + Report image.PruneReport +} + +// ImagePrune requests the daemon to delete unused data +func (cli *Client) ImagePrune(ctx context.Context, opts ImagePruneOptions) (ImagePruneResult, error) { + query := url.Values{} + opts.Filters.updateURLValues(query) + + resp, err := cli.post(ctx, "/images/prune", query, nil, nil) + defer ensureReaderClosed(resp) + if err != nil { + return ImagePruneResult{}, err + } + + var report image.PruneReport + if err := json.NewDecoder(resp.Body).Decode(&report); err != nil { + return ImagePruneResult{}, fmt.Errorf("Error retrieving disk usage: %v", err) + } + + return ImagePruneResult{Report: report}, nil +} diff --git a/vendor/github.com/moby/moby/client/image_pull.go b/vendor/github.com/moby/moby/client/image_pull.go new file mode 100644 index 000000000000..11c0afa41821 --- /dev/null +++ b/vendor/github.com/moby/moby/client/image_pull.go @@ -0,0 +1,93 @@ +package client + +import ( + "context" + "io" + "iter" + "net/http" + "net/url" + + cerrdefs "github.com/containerd/errdefs" + "github.com/distribution/reference" + "github.com/moby/moby/api/types/jsonstream" + "github.com/moby/moby/api/types/registry" + "github.com/moby/moby/client/internal" +) + +type ImagePullResponse interface { + io.ReadCloser + JSONMessages(ctx context.Context) iter.Seq2[jsonstream.Message, error] + Wait(ctx context.Context) error +} + +// ImagePull requests the docker host to pull an image from a remote registry. +// It executes the privileged function if the operation is unauthorized +// and it tries one more time. +// Callers can: +// - use [ImagePullResponse.Wait] to wait for pull to complete +// - use [ImagePullResponse.JSONMessages] to monitor pull progress as a sequence +// of JSONMessages, [ImagePullResponse.Close] does not need to be called in this case. +// - use the [io.Reader] interface and call [ImagePullResponse.Close] after processing. +func (cli *Client) ImagePull(ctx context.Context, refStr string, options ImagePullOptions) (ImagePullResponse, error) { + // FIXME(vdemeester): there is currently used in a few way in docker/docker + // - if not in trusted content, ref is used to pass the whole reference, and tag is empty + // - if in trusted content, ref is used to pass the reference name, and tag for the digest + // + // ref; https://github.com/docker-archive-public/docker.engine-api/pull/162 + + ref, err := reference.ParseNormalizedNamed(refStr) + if err != nil { + return nil, err + } + + query := url.Values{} + query.Set("fromImage", ref.Name()) + if !options.All { + query.Set("tag", getAPITagFromNamedRef(ref)) + } + if len(options.Platforms) > 0 { + if len(options.Platforms) > 1 { + // TODO(thaJeztah): update API spec and add equivalent check on the daemon. We need this still for older daemons, which would ignore it. + return nil, cerrdefs.ErrInvalidArgument.WithMessage("specifying multiple platforms is not yet supported") + } + query.Set("platform", formatPlatform(options.Platforms[0])) + } + resp, err := cli.tryImageCreate(ctx, query, staticAuth(options.RegistryAuth)) + if cerrdefs.IsUnauthorized(err) && options.PrivilegeFunc != nil { + resp, err = cli.tryImageCreate(ctx, query, options.PrivilegeFunc) + } + if err != nil { + return nil, err + } + + return internal.NewJSONMessageStream(resp.Body), nil +} + +// getAPITagFromNamedRef returns a tag from the specified reference. +// This function is necessary as long as the docker "server" api expects +// digests to be sent as tags and makes a distinction between the name +// and tag/digest part of a reference. +func getAPITagFromNamedRef(ref reference.Named) string { + if digested, ok := ref.(reference.Digested); ok { + return digested.Digest().String() + } + ref = reference.TagNameOnly(ref) + if tagged, ok := ref.(reference.Tagged); ok { + return tagged.Tag() + } + return "" +} + +func (cli *Client) tryImageCreate(ctx context.Context, query url.Values, resolveAuth registry.RequestAuthConfig) (*http.Response, error) { + hdr := http.Header{} + if resolveAuth != nil { + registryAuth, err := resolveAuth(ctx) + if err != nil { + return nil, err + } + if registryAuth != "" { + hdr.Set(registry.AuthHeader, registryAuth) + } + } + return cli.post(ctx, "/images/create", query, nil, hdr) +} diff --git a/vendor/github.com/moby/moby/client/image_pull_opts.go b/vendor/github.com/moby/moby/client/image_pull_opts.go new file mode 100644 index 000000000000..1b78185ddabf --- /dev/null +++ b/vendor/github.com/moby/moby/client/image_pull_opts.go @@ -0,0 +1,25 @@ +package client + +import ( + "context" + + ocispec "github.com/opencontainers/image-spec/specs-go/v1" +) + +// ImagePullOptions holds information to pull images. +type ImagePullOptions struct { + All bool + RegistryAuth string // RegistryAuth is the base64 encoded credentials for the registry + + // PrivilegeFunc is a function that clients can supply to retry operations + // after getting an authorization error. This function returns the registry + // authentication header value in base64 encoded format, or an error if the + // privilege request fails. + // + // For details, refer to [github.com/moby/moby/api/types/registry.RequestAuthConfig]. + PrivilegeFunc func(context.Context) (string, error) + + // Platforms selects the platforms to pull. Multiple platforms can be + // specified if the image ia a multi-platform image. + Platforms []ocispec.Platform +} diff --git a/vendor/github.com/docker/docker/client/image_push.go b/vendor/github.com/moby/moby/client/image_push.go similarity index 56% rename from vendor/github.com/docker/docker/client/image_push.go rename to vendor/github.com/moby/moby/client/image_push.go index 8dbe0b1e5caa..5dd8bc140752 100644 --- a/vendor/github.com/docker/docker/client/image_push.go +++ b/vendor/github.com/moby/moby/client/image_push.go @@ -6,26 +6,38 @@ import ( "errors" "fmt" "io" + "iter" "net/http" "net/url" cerrdefs "github.com/containerd/errdefs" "github.com/distribution/reference" - "github.com/docker/docker/api/types/image" - "github.com/docker/docker/api/types/registry" + "github.com/moby/moby/api/types/jsonstream" + "github.com/moby/moby/api/types/registry" + "github.com/moby/moby/client/internal" ) +type ImagePushResponse interface { + io.ReadCloser + JSONMessages(ctx context.Context) iter.Seq2[jsonstream.Message, error] + Wait(ctx context.Context) error +} + // ImagePush requests the docker host to push an image to a remote registry. // It executes the privileged function if the operation is unauthorized // and it tries one more time. -// It's up to the caller to handle the io.ReadCloser and close it properly. -func (cli *Client) ImagePush(ctx context.Context, image string, options image.PushOptions) (io.ReadCloser, error) { +// Callers can +// - use [ImagePushResponse.Wait] to wait for push to complete +// - use [ImagePushResponse.JSONMessages] to monitor pull progress as a sequence +// of JSONMessages, [ImagePushResponse.Close] does not need to be called in this case. +// - use the [io.Reader] interface and call [ImagePushResponse.Close] after processing. +func (cli *Client) ImagePush(ctx context.Context, image string, options ImagePushOptions) (ImagePushResponse, error) { ref, err := reference.ParseNormalizedNamed(image) if err != nil { return nil, err } - if _, isCanonical := ref.(reference.Canonical); isCanonical { + if _, ok := ref.(reference.Digested); ok { return nil, errors.New("cannot push a digest reference") } @@ -38,7 +50,7 @@ func (cli *Client) ImagePush(ctx context.Context, image string, options image.Pu } if options.Platform != nil { - if err := cli.NewVersionError(ctx, "1.46", "platform"); err != nil { + if err := cli.requiresVersion(ctx, "1.46", "platform"); err != nil { return nil, err } @@ -51,21 +63,28 @@ func (cli *Client) ImagePush(ctx context.Context, image string, options image.Pu query.Set("platform", string(pJson)) } - resp, err := cli.tryImagePush(ctx, ref.Name(), query, options.RegistryAuth) + resp, err := cli.tryImagePush(ctx, ref.Name(), query, staticAuth(options.RegistryAuth)) if cerrdefs.IsUnauthorized(err) && options.PrivilegeFunc != nil { - newAuthHeader, privilegeErr := options.PrivilegeFunc(ctx) - if privilegeErr != nil { - return nil, privilegeErr - } - resp, err = cli.tryImagePush(ctx, ref.Name(), query, newAuthHeader) + resp, err = cli.tryImagePush(ctx, ref.Name(), query, options.PrivilegeFunc) } if err != nil { return nil, err } - return resp.Body, nil + return internal.NewJSONMessageStream(resp.Body), nil } -func (cli *Client) tryImagePush(ctx context.Context, imageID string, query url.Values, registryAuth string) (*http.Response, error) { +func (cli *Client) tryImagePush(ctx context.Context, imageID string, query url.Values, resolveAuth registry.RequestAuthConfig) (*http.Response, error) { + hdr := http.Header{} + if resolveAuth != nil { + registryAuth, err := resolveAuth(ctx) + if err != nil { + return nil, err + } + if registryAuth != "" { + hdr.Set(registry.AuthHeader, registryAuth) + } + } + // Always send a body (which may be an empty JSON document ("{}")) to prevent // EOF errors on older daemons which had faulty fallback code for handling // authentication in the body when no auth-header was set, resulting in; @@ -75,7 +94,5 @@ func (cli *Client) tryImagePush(ctx context.Context, imageID string, query url.V // We use [http.NoBody], which gets marshaled to an empty JSON document. // // see: https://github.com/moby/moby/commit/ea29dffaa541289591aa44fa85d2a596ce860e16 - return cli.post(ctx, "/images/"+imageID+"/push", query, http.NoBody, http.Header{ - registry.AuthHeader: {registryAuth}, - }) + return cli.post(ctx, "/images/"+imageID+"/push", query, http.NoBody, hdr) } diff --git a/vendor/github.com/moby/moby/client/image_push_opts.go b/vendor/github.com/moby/moby/client/image_push_opts.go new file mode 100644 index 000000000000..591c6b605799 --- /dev/null +++ b/vendor/github.com/moby/moby/client/image_push_opts.go @@ -0,0 +1,26 @@ +package client + +import ( + "context" + + ocispec "github.com/opencontainers/image-spec/specs-go/v1" +) + +// ImagePushOptions holds information to push images. +type ImagePushOptions struct { + All bool + RegistryAuth string // RegistryAuth is the base64 encoded credentials for the registry + + // PrivilegeFunc is a function that clients can supply to retry operations + // after getting an authorization error. This function returns the registry + // authentication header value in base64 encoded format, or an error if the + // privilege request fails. + // + // For details, refer to [github.com/moby/moby/api/types/registry.RequestAuthConfig]. + PrivilegeFunc func(context.Context) (string, error) + + // Platform is an optional field that selects a specific platform to push + // when the image is a multi-platform image. + // Using this will only push a single platform-specific manifest. + Platform *ocispec.Platform `json:",omitempty"` +} diff --git a/vendor/github.com/docker/docker/client/image_remove.go b/vendor/github.com/moby/moby/client/image_remove.go similarity index 75% rename from vendor/github.com/docker/docker/client/image_remove.go rename to vendor/github.com/moby/moby/client/image_remove.go index 8f357c729a30..095b4f04c402 100644 --- a/vendor/github.com/docker/docker/client/image_remove.go +++ b/vendor/github.com/moby/moby/client/image_remove.go @@ -5,11 +5,11 @@ import ( "encoding/json" "net/url" - "github.com/docker/docker/api/types/image" + "github.com/moby/moby/api/types/image" ) // ImageRemove removes an image from the docker host. -func (cli *Client) ImageRemove(ctx context.Context, imageID string, options image.RemoveOptions) ([]image.DeleteResponse, error) { +func (cli *Client) ImageRemove(ctx context.Context, imageID string, options ImageRemoveOptions) (ImageRemoveResult, error) { query := url.Values{} if options.Force { @@ -22,7 +22,7 @@ func (cli *Client) ImageRemove(ctx context.Context, imageID string, options imag if len(options.Platforms) > 0 { p, err := encodePlatforms(options.Platforms...) if err != nil { - return nil, err + return ImageRemoveResult{}, err } query["platforms"] = p } @@ -30,10 +30,10 @@ func (cli *Client) ImageRemove(ctx context.Context, imageID string, options imag resp, err := cli.delete(ctx, "/images/"+imageID, query, nil) defer ensureReaderClosed(resp) if err != nil { - return nil, err + return ImageRemoveResult{}, err } var dels []image.DeleteResponse err = json.NewDecoder(resp.Body).Decode(&dels) - return dels, err + return ImageRemoveResult{Items: dels}, err } diff --git a/vendor/github.com/moby/moby/client/image_remove_opts.go b/vendor/github.com/moby/moby/client/image_remove_opts.go new file mode 100644 index 000000000000..3b5d8a77f7e2 --- /dev/null +++ b/vendor/github.com/moby/moby/client/image_remove_opts.go @@ -0,0 +1,18 @@ +package client + +import ( + "github.com/moby/moby/api/types/image" + ocispec "github.com/opencontainers/image-spec/specs-go/v1" +) + +// ImageRemoveOptions holds parameters to remove images. +type ImageRemoveOptions struct { + Platforms []ocispec.Platform + Force bool + PruneChildren bool +} + +// ImageRemoveResult holds the delete responses returned by the daemon. +type ImageRemoveResult struct { + Items []image.DeleteResponse +} diff --git a/vendor/github.com/docker/docker/client/image_save.go b/vendor/github.com/moby/moby/client/image_save.go similarity index 51% rename from vendor/github.com/docker/docker/client/image_save.go rename to vendor/github.com/moby/moby/client/image_save.go index d2102becf14c..508f88b7d2e6 100644 --- a/vendor/github.com/docker/docker/client/image_save.go +++ b/vendor/github.com/moby/moby/client/image_save.go @@ -6,11 +6,18 @@ import ( "net/url" ) -// ImageSave retrieves one or more images from the docker host as an io.ReadCloser. +type ImageSaveResult interface { + io.ReadCloser +} + +// ImageSave retrieves one or more images from the docker host as an +// [ImageSaveResult]. Callers should close the reader, but the underlying +// [io.ReadCloser] is automatically closed if the context is canceled, // -// Platforms is an optional parameter that specifies the platforms to save from the image. -// This is only has effect if the input image is a multi-platform image. -func (cli *Client) ImageSave(ctx context.Context, imageIDs []string, saveOpts ...ImageSaveOption) (io.ReadCloser, error) { +// Platforms is an optional parameter that specifies the platforms to save +// from the image. Passing a platform only has an effect if the input image +// is a multi-platform image. +func (cli *Client) ImageSave(ctx context.Context, imageIDs []string, saveOpts ...ImageSaveOption) (ImageSaveResult, error) { var opts imageSaveOpts for _, opt := range saveOpts { if err := opt.Apply(&opts); err != nil { @@ -23,7 +30,7 @@ func (cli *Client) ImageSave(ctx context.Context, imageIDs []string, saveOpts .. } if len(opts.apiOptions.Platforms) > 0 { - if err := cli.NewVersionError(ctx, "1.48", "platform"); err != nil { + if err := cli.requiresVersion(ctx, "1.48", "platform"); err != nil { return nil, err } p, err := encodePlatforms(opts.apiOptions.Platforms...) @@ -37,5 +44,16 @@ func (cli *Client) ImageSave(ctx context.Context, imageIDs []string, saveOpts .. if err != nil { return nil, err } - return resp.Body, nil + return &imageSaveResult{ + ReadCloser: newCancelReadCloser(ctx, resp.Body), + }, nil +} + +type imageSaveResult struct { + io.ReadCloser } + +var ( + _ io.ReadCloser = (*imageSaveResult)(nil) + _ ImageSaveResult = (*imageSaveResult)(nil) +) diff --git a/vendor/github.com/docker/docker/client/image_save_opts.go b/vendor/github.com/moby/moby/client/image_save_opts.go similarity index 60% rename from vendor/github.com/docker/docker/client/image_save_opts.go rename to vendor/github.com/moby/moby/client/image_save_opts.go index acd8f282b3d9..9c0b3b74a4ef 100644 --- a/vendor/github.com/docker/docker/client/image_save_opts.go +++ b/vendor/github.com/moby/moby/client/image_save_opts.go @@ -3,7 +3,6 @@ package client import ( "fmt" - "github.com/docker/docker/api/types/image" ocispec "github.com/opencontainers/image-spec/specs-go/v1" ) @@ -17,8 +16,11 @@ func (f imageSaveOptionFunc) Apply(o *imageSaveOpts) error { return f(o) } -// ImageSaveWithPlatforms sets the platforms to be saved from the image. +// ImageSaveWithPlatforms sets the platforms to be saved from the image. It +// produces an error if platforms are already set. This option only has an +// effect if the input image is a multi-platform image. func ImageSaveWithPlatforms(platforms ...ocispec.Platform) ImageSaveOption { + // TODO(thaJeztah): verify the GoDoc; do we produce an error for a single-platform image without the given platform? return imageSaveOptionFunc(func(opt *imageSaveOpts) error { if opt.apiOptions.Platforms != nil { return fmt.Errorf("platforms already set to %v", opt.apiOptions.Platforms) @@ -29,5 +31,11 @@ func ImageSaveWithPlatforms(platforms ...ocispec.Platform) ImageSaveOption { } type imageSaveOpts struct { - apiOptions image.SaveOptions + apiOptions imageSaveOptions +} + +type imageSaveOptions struct { + // Platforms selects the platforms to save if the image is a + // multi-platform image and has multiple variants. + Platforms []ocispec.Platform } diff --git a/vendor/github.com/docker/docker/client/image_search.go b/vendor/github.com/moby/moby/client/image_search.go similarity index 73% rename from vendor/github.com/docker/docker/client/image_search.go rename to vendor/github.com/moby/moby/client/image_search.go index 8f5343b9dae1..6e280906a2fe 100644 --- a/vendor/github.com/docker/docker/client/image_search.go +++ b/vendor/github.com/moby/moby/client/image_search.go @@ -8,13 +8,12 @@ import ( "strconv" cerrdefs "github.com/containerd/errdefs" - "github.com/docker/docker/api/types/filters" - "github.com/docker/docker/api/types/registry" + "github.com/moby/moby/api/types/registry" ) // ImageSearch makes the docker host search by a term in a remote registry. // The list of results is not sorted in any fashion. -func (cli *Client) ImageSearch(ctx context.Context, term string, options registry.SearchOptions) ([]registry.SearchResult, error) { +func (cli *Client) ImageSearch(ctx context.Context, term string, options ImageSearchOptions) (ImageSearchResult, error) { var results []registry.SearchResult query := url.Values{} query.Set("term", term) @@ -22,29 +21,23 @@ func (cli *Client) ImageSearch(ctx context.Context, term string, options registr query.Set("limit", strconv.Itoa(options.Limit)) } - if options.Filters.Len() > 0 { - filterJSON, err := filters.ToJSON(options.Filters) - if err != nil { - return results, err - } - query.Set("filters", filterJSON) - } + options.Filters.updateURLValues(query) resp, err := cli.tryImageSearch(ctx, query, options.RegistryAuth) defer ensureReaderClosed(resp) if cerrdefs.IsUnauthorized(err) && options.PrivilegeFunc != nil { newAuthHeader, privilegeErr := options.PrivilegeFunc(ctx) if privilegeErr != nil { - return results, privilegeErr + return ImageSearchResult{}, privilegeErr } resp, err = cli.tryImageSearch(ctx, query, newAuthHeader) } if err != nil { - return results, err + return ImageSearchResult{}, err } err = json.NewDecoder(resp.Body).Decode(&results) - return results, err + return ImageSearchResult{Items: results}, err } func (cli *Client) tryImageSearch(ctx context.Context, query url.Values, registryAuth string) (*http.Response, error) { diff --git a/vendor/github.com/moby/moby/client/image_search_opts.go b/vendor/github.com/moby/moby/client/image_search_opts.go new file mode 100644 index 000000000000..95a7d41fa0e9 --- /dev/null +++ b/vendor/github.com/moby/moby/client/image_search_opts.go @@ -0,0 +1,27 @@ +package client + +import ( + "context" + + "github.com/moby/moby/api/types/registry" +) + +// ImageSearchResult wraps results returned by ImageSearch. +type ImageSearchResult struct { + Items []registry.SearchResult +} + +// ImageSearchOptions holds parameters to search images with. +type ImageSearchOptions struct { + RegistryAuth string + + // PrivilegeFunc is a function that clients can supply to retry operations + // after getting an authorization error. This function returns the registry + // authentication header value in base64 encoded format, or an error if the + // privilege request fails. + // + // For details, refer to [github.com/moby/moby/api/types/registry.RequestAuthConfig]. + PrivilegeFunc func(context.Context) (string, error) + Filters Filters + Limit int +} diff --git a/vendor/github.com/moby/moby/client/image_tag.go b/vendor/github.com/moby/moby/client/image_tag.go new file mode 100644 index 000000000000..5566f4624f40 --- /dev/null +++ b/vendor/github.com/moby/moby/client/image_tag.go @@ -0,0 +1,48 @@ +package client + +import ( + "context" + "errors" + "fmt" + "net/url" + + "github.com/distribution/reference" +) + +type ImageTagOptions struct { + Source string + Target string +} + +type ImageTagResult struct{} + +// ImageTag tags an image in the docker host +func (cli *Client) ImageTag(ctx context.Context, options ImageTagOptions) (ImageTagResult, error) { + source := options.Source + target := options.Target + + if _, err := reference.ParseAnyReference(source); err != nil { + return ImageTagResult{}, fmt.Errorf("error parsing reference: %q is not a valid repository/tag: %w", source, err) + } + + ref, err := reference.ParseNormalizedNamed(target) + if err != nil { + return ImageTagResult{}, fmt.Errorf("error parsing reference: %q is not a valid repository/tag: %w", target, err) + } + + if _, ok := ref.(reference.Digested); ok { + return ImageTagResult{}, errors.New("refusing to create a tag with a digest reference") + } + + ref = reference.TagNameOnly(ref) + + query := url.Values{} + query.Set("repo", ref.Name()) + if tagged, ok := ref.(reference.Tagged); ok { + query.Set("tag", tagged.Tag()) + } + + resp, err := cli.post(ctx, "/images/"+source+"/tag", query, nil, nil) + defer ensureReaderClosed(resp) + return ImageTagResult{}, err +} diff --git a/vendor/github.com/moby/moby/client/internal/json-stream.go b/vendor/github.com/moby/moby/client/internal/json-stream.go new file mode 100644 index 000000000000..552978f9a183 --- /dev/null +++ b/vendor/github.com/moby/moby/client/internal/json-stream.go @@ -0,0 +1,50 @@ +package internal + +import ( + "encoding/json" + "io" + "slices" + + "github.com/moby/moby/api/types" +) + +const rs = 0x1E + +type DecoderFn func(v any) error + +// NewJSONStreamDecoder builds adequate DecoderFn to read json records formatted with specified content-type +func NewJSONStreamDecoder(r io.Reader, contentType string) DecoderFn { + switch contentType { + case types.MediaTypeJSONSequence: + return json.NewDecoder(NewRSFilterReader(r)).Decode + case types.MediaTypeJSON, types.MediaTypeNDJSON: + fallthrough + default: + return json.NewDecoder(r).Decode + } +} + +// RSFilterReader wraps an io.Reader and filters out ASCII RS characters +type RSFilterReader struct { + reader io.Reader + buffer []byte +} + +// NewRSFilterReader creates a new RSFilterReader that filters out RS characters +func NewRSFilterReader(r io.Reader) *RSFilterReader { + return &RSFilterReader{ + reader: r, + buffer: make([]byte, 4096), // Internal buffer for reading chunks + } +} + +// Read implements the io.Reader interface, filtering out RS characters +func (r *RSFilterReader) Read(p []byte) (n int, err error) { + if len(p) == 0 { + return 0, nil + } + + n, err = r.reader.Read(p) + filtered := slices.DeleteFunc(p[:n], func(b byte) bool { return b == rs }) + return len(filtered), err +} diff --git a/vendor/github.com/moby/moby/client/internal/jsonmessages.go b/vendor/github.com/moby/moby/client/internal/jsonmessages.go new file mode 100644 index 000000000000..ebbb5faa39c1 --- /dev/null +++ b/vendor/github.com/moby/moby/client/internal/jsonmessages.go @@ -0,0 +1,79 @@ +package internal + +import ( + "context" + "encoding/json" + "errors" + "io" + "iter" + "sync" + + "github.com/moby/moby/api/types/jsonstream" +) + +func NewJSONMessageStream(rc io.ReadCloser) stream { + if rc == nil { + panic("nil io.ReadCloser") + } + return stream{ + rc: rc, + close: sync.OnceValue(rc.Close), + } +} + +type stream struct { + rc io.ReadCloser + close func() error +} + +// Read implements io.ReadCloser +func (r stream) Read(p []byte) (n int, err error) { + if r.rc == nil { + return 0, io.EOF + } + return r.rc.Read(p) +} + +// Close implements io.ReadCloser +func (r stream) Close() error { + if r.close == nil { + return nil + } + return r.close() +} + +// JSONMessages decodes the response stream as a sequence of JSONMessages. +// if stream ends or context is cancelled, the underlying [io.Reader] is closed. +func (r stream) JSONMessages(ctx context.Context) iter.Seq2[jsonstream.Message, error] { + context.AfterFunc(ctx, func() { + _ = r.Close() + }) + dec := json.NewDecoder(r) + return func(yield func(jsonstream.Message, error) bool) { + defer r.Close() + for { + var jm jsonstream.Message + err := dec.Decode(&jm) + if errors.Is(err, io.EOF) { + break + } + if ctx.Err() != nil { + yield(jm, ctx.Err()) + return + } + if !yield(jm, err) { + return + } + } + } +} + +// Wait waits for operation to complete and detects errors reported as JSONMessage +func (r stream) Wait(ctx context.Context) error { + for _, err := range r.JSONMessages(ctx) { + if err != nil { + return err + } + } + return nil +} diff --git a/vendor/github.com/docker/docker/api/types/time/timestamp.go b/vendor/github.com/moby/moby/client/internal/timestamp/timestamp.go similarity index 99% rename from vendor/github.com/docker/docker/api/types/time/timestamp.go rename to vendor/github.com/moby/moby/client/internal/timestamp/timestamp.go index 0e1df38a43f8..7b175f0c93b4 100644 --- a/vendor/github.com/docker/docker/api/types/time/timestamp.go +++ b/vendor/github.com/moby/moby/client/internal/timestamp/timestamp.go @@ -1,4 +1,4 @@ -package time +package timestamp import ( "fmt" diff --git a/vendor/github.com/moby/moby/client/login.go b/vendor/github.com/moby/moby/client/login.go new file mode 100644 index 000000000000..b295080ab7dc --- /dev/null +++ b/vendor/github.com/moby/moby/client/login.go @@ -0,0 +1,45 @@ +package client + +import ( + "context" + "encoding/json" + "net/url" + + "github.com/moby/moby/api/types/registry" +) + +type RegistryLoginOptions struct { + Username string + Password string + ServerAddress string + IdentityToken string + RegistryToken string +} + +// RegistryLoginResult holds the result of a RegistryLogin query. +type RegistryLoginResult struct { + Auth registry.AuthResponse +} + +// RegistryLogin authenticates the docker server with a given docker registry. +// It returns unauthorizedError when the authentication fails. +func (cli *Client) RegistryLogin(ctx context.Context, options RegistryLoginOptions) (RegistryLoginResult, error) { + auth := registry.AuthConfig{ + Username: options.Username, + Password: options.Password, + ServerAddress: options.ServerAddress, + IdentityToken: options.IdentityToken, + RegistryToken: options.RegistryToken, + } + + resp, err := cli.post(ctx, "/auth", url.Values{}, auth, nil) + defer ensureReaderClosed(resp) + + if err != nil { + return RegistryLoginResult{}, err + } + + var response registry.AuthResponse + err = json.NewDecoder(resp.Body).Decode(&response) + return RegistryLoginResult{Auth: response}, err +} diff --git a/vendor/github.com/moby/moby/client/network_connect.go b/vendor/github.com/moby/moby/client/network_connect.go new file mode 100644 index 000000000000..40db955a90b1 --- /dev/null +++ b/vendor/github.com/moby/moby/client/network_connect.go @@ -0,0 +1,40 @@ +package client + +import ( + "context" + + "github.com/moby/moby/api/types/network" +) + +// NetworkConnectOptions represents the data to be used to connect a container to the +// network. +type NetworkConnectOptions struct { + Container string + EndpointConfig *network.EndpointSettings +} + +// NetworkConnectResult represents the result of a NetworkConnect operation. +type NetworkConnectResult struct { + // Currently empty; placeholder for future fields. +} + +// NetworkConnect connects a container to an existent network in the docker host. +func (cli *Client) NetworkConnect(ctx context.Context, networkID string, options NetworkConnectOptions) (NetworkConnectResult, error) { + networkID, err := trimID("network", networkID) + if err != nil { + return NetworkConnectResult{}, err + } + + containerID, err := trimID("container", options.Container) + if err != nil { + return NetworkConnectResult{}, err + } + + nc := network.ConnectRequest{ + Container: containerID, + EndpointConfig: options.EndpointConfig, + } + resp, err := cli.post(ctx, "/networks/"+networkID+"/connect", nil, nc, nil) + defer ensureReaderClosed(resp) + return NetworkConnectResult{}, err +} diff --git a/vendor/github.com/moby/moby/client/network_create.go b/vendor/github.com/moby/moby/client/network_create.go new file mode 100644 index 000000000000..25ea32af451b --- /dev/null +++ b/vendor/github.com/moby/moby/client/network_create.go @@ -0,0 +1,69 @@ +package client + +import ( + "context" + "encoding/json" + + "github.com/moby/moby/api/types/network" +) + +// NetworkCreateOptions holds options to create a network. +type NetworkCreateOptions struct { + Driver string // Driver is the driver-name used to create the network (e.g. `bridge`, `overlay`) + Scope string // Scope describes the level at which the network exists (e.g. `swarm` for cluster-wide or `local` for machine level). + EnableIPv4 *bool // EnableIPv4 represents whether to enable IPv4. + EnableIPv6 *bool // EnableIPv6 represents whether to enable IPv6. + IPAM *network.IPAM // IPAM is the network's IP Address Management. + Internal bool // Internal represents if the network is used internal only. + Attachable bool // Attachable represents if the global scope is manually attachable by regular containers from workers in swarm mode. + Ingress bool // Ingress indicates the network is providing the routing-mesh for the swarm cluster. + ConfigOnly bool // ConfigOnly creates a config-only network. Config-only networks are place-holder networks for network configurations to be used by other networks. ConfigOnly networks cannot be used directly to run containers or services. + ConfigFrom string // ConfigFrom specifies the source which will provide the configuration for this network. The specified network must be a config-only network; see [CreateOptions.ConfigOnly]. + Options map[string]string // Options specifies the network-specific options to use for when creating the network. + Labels map[string]string // Labels holds metadata specific to the network being created. +} + +// NetworkCreateResult represents the result of a network create operation. +type NetworkCreateResult struct { + ID string + + Warning []string +} + +// NetworkCreate creates a new network in the docker host. +func (cli *Client) NetworkCreate(ctx context.Context, name string, options NetworkCreateOptions) (NetworkCreateResult, error) { + req := network.CreateRequest{ + Name: name, + Driver: options.Driver, + Scope: options.Scope, + EnableIPv4: options.EnableIPv4, + EnableIPv6: options.EnableIPv6, + IPAM: options.IPAM, + Internal: options.Internal, + Attachable: options.Attachable, + Ingress: options.Ingress, + ConfigOnly: options.ConfigOnly, + Options: options.Options, + Labels: options.Labels, + } + + if options.ConfigFrom != "" { + req.ConfigFrom = &network.ConfigReference{Network: options.ConfigFrom} + } + + resp, err := cli.post(ctx, "/networks/create", nil, req, nil) + defer ensureReaderClosed(resp) + if err != nil { + return NetworkCreateResult{}, err + } + + var response network.CreateResponse + err = json.NewDecoder(resp.Body).Decode(&response) + + var warnings []string + if response.Warning != "" { + warnings = []string{response.Warning} + } + + return NetworkCreateResult{ID: response.ID, Warning: warnings}, err +} diff --git a/vendor/github.com/moby/moby/client/network_disconnect.go b/vendor/github.com/moby/moby/client/network_disconnect.go new file mode 100644 index 000000000000..64a1796b8de6 --- /dev/null +++ b/vendor/github.com/moby/moby/client/network_disconnect.go @@ -0,0 +1,40 @@ +package client + +import ( + "context" + + "github.com/moby/moby/api/types/network" +) + +// NetworkDisconnectOptions represents the data to be used to disconnect a container +// from the network. +type NetworkDisconnectOptions struct { + Container string + Force bool +} + +// NetworkDisconnectResult represents the result of a NetworkDisconnect operation. +type NetworkDisconnectResult struct { + // Currently empty; placeholder for future fields. +} + +// NetworkDisconnect disconnects a container from an existent network in the docker host. +func (cli *Client) NetworkDisconnect(ctx context.Context, networkID string, options NetworkDisconnectOptions) (NetworkDisconnectResult, error) { + networkID, err := trimID("network", networkID) + if err != nil { + return NetworkDisconnectResult{}, err + } + + containerID, err := trimID("container", options.Container) + if err != nil { + return NetworkDisconnectResult{}, err + } + + req := network.DisconnectRequest{ + Container: containerID, + Force: options.Force, + } + resp, err := cli.post(ctx, "/networks/"+networkID+"/disconnect", nil, req, nil) + defer ensureReaderClosed(resp) + return NetworkDisconnectResult{}, err +} diff --git a/vendor/github.com/moby/moby/client/network_inspect.go b/vendor/github.com/moby/moby/client/network_inspect.go new file mode 100644 index 000000000000..775780527685 --- /dev/null +++ b/vendor/github.com/moby/moby/client/network_inspect.go @@ -0,0 +1,39 @@ +package client + +import ( + "context" + "encoding/json" + "net/url" + + "github.com/moby/moby/api/types/network" +) + +// NetworkInspectResult contains the result of a network inspection. +type NetworkInspectResult struct { + Network network.Inspect + Raw json.RawMessage +} + +// NetworkInspect returns the information for a specific network configured in the docker host. +func (cli *Client) NetworkInspect(ctx context.Context, networkID string, options NetworkInspectOptions) (NetworkInspectResult, error) { + networkID, err := trimID("network", networkID) + if err != nil { + return NetworkInspectResult{}, err + } + query := url.Values{} + if options.Verbose { + query.Set("verbose", "true") + } + if options.Scope != "" { + query.Set("scope", options.Scope) + } + + resp, err := cli.get(ctx, "/networks/"+networkID, query, nil) + if err != nil { + return NetworkInspectResult{}, err + } + + var out NetworkInspectResult + out.Raw, err = decodeWithRaw(resp, &out.Network) + return out, err +} diff --git a/vendor/github.com/moby/moby/client/network_inspect_opts.go b/vendor/github.com/moby/moby/client/network_inspect_opts.go new file mode 100644 index 000000000000..d83f113e17b4 --- /dev/null +++ b/vendor/github.com/moby/moby/client/network_inspect_opts.go @@ -0,0 +1,7 @@ +package client + +// NetworkInspectOptions holds parameters to inspect network. +type NetworkInspectOptions struct { + Scope string + Verbose bool +} diff --git a/vendor/github.com/moby/moby/client/network_list.go b/vendor/github.com/moby/moby/client/network_list.go new file mode 100644 index 000000000000..d65f560974e4 --- /dev/null +++ b/vendor/github.com/moby/moby/client/network_list.go @@ -0,0 +1,28 @@ +package client + +import ( + "context" + "encoding/json" + "net/url" + + "github.com/moby/moby/api/types/network" +) + +// NetworkListResult holds the result from the [Client.NetworkList] method. +type NetworkListResult struct { + Items []network.Summary +} + +// NetworkList returns the list of networks configured in the docker host. +func (cli *Client) NetworkList(ctx context.Context, options NetworkListOptions) (NetworkListResult, error) { + query := url.Values{} + options.Filters.updateURLValues(query) + resp, err := cli.get(ctx, "/networks", query, nil) + defer ensureReaderClosed(resp) + if err != nil { + return NetworkListResult{}, err + } + var res NetworkListResult + err = json.NewDecoder(resp.Body).Decode(&res.Items) + return res, err +} diff --git a/vendor/github.com/moby/moby/client/network_list_opts.go b/vendor/github.com/moby/moby/client/network_list_opts.go new file mode 100644 index 000000000000..0d21ab31382d --- /dev/null +++ b/vendor/github.com/moby/moby/client/network_list_opts.go @@ -0,0 +1,6 @@ +package client + +// NetworkListOptions holds parameters to filter the list of networks with. +type NetworkListOptions struct { + Filters Filters +} diff --git a/vendor/github.com/moby/moby/client/network_prune.go b/vendor/github.com/moby/moby/client/network_prune.go new file mode 100644 index 000000000000..55f7cac029b2 --- /dev/null +++ b/vendor/github.com/moby/moby/client/network_prune.go @@ -0,0 +1,39 @@ +package client + +import ( + "context" + "encoding/json" + "fmt" + "net/url" + + "github.com/moby/moby/api/types/network" +) + +// NetworkPruneOptions holds parameters to prune networks. +type NetworkPruneOptions struct { + Filters Filters +} + +// NetworkPruneResult holds the result from the [Client.NetworkPrune] method. +type NetworkPruneResult struct { + Report network.PruneReport +} + +// NetworkPrune requests the daemon to delete unused networks +func (cli *Client) NetworkPrune(ctx context.Context, opts NetworkPruneOptions) (NetworkPruneResult, error) { + query := url.Values{} + opts.Filters.updateURLValues(query) + + resp, err := cli.post(ctx, "/networks/prune", query, nil, nil) + defer ensureReaderClosed(resp) + if err != nil { + return NetworkPruneResult{}, err + } + + var report network.PruneReport + if err := json.NewDecoder(resp.Body).Decode(&report); err != nil { + return NetworkPruneResult{}, fmt.Errorf("Error retrieving network prune report: %v", err) + } + + return NetworkPruneResult{Report: report}, nil +} diff --git a/vendor/github.com/moby/moby/client/network_remove.go b/vendor/github.com/moby/moby/client/network_remove.go new file mode 100644 index 000000000000..2bceb0d93403 --- /dev/null +++ b/vendor/github.com/moby/moby/client/network_remove.go @@ -0,0 +1,26 @@ +package client + +import ( + "context" +) + +// NetworkRemoveOptions specifies options for removing a network. +type NetworkRemoveOptions struct { + // No options currently; placeholder for future use. +} + +// NetworkRemoveResult represents the result of a network removal operation. +type NetworkRemoveResult struct { + // No fields currently; placeholder for future use. +} + +// NetworkRemove removes an existent network from the docker host. +func (cli *Client) NetworkRemove(ctx context.Context, networkID string, options NetworkRemoveOptions) (NetworkRemoveResult, error) { + networkID, err := trimID("network", networkID) + if err != nil { + return NetworkRemoveResult{}, err + } + resp, err := cli.delete(ctx, "/networks/"+networkID, nil, nil) + defer ensureReaderClosed(resp) + return NetworkRemoveResult{}, err +} diff --git a/vendor/github.com/moby/moby/client/node_inspect.go b/vendor/github.com/moby/moby/client/node_inspect.go new file mode 100644 index 000000000000..cd4ce0119f36 --- /dev/null +++ b/vendor/github.com/moby/moby/client/node_inspect.go @@ -0,0 +1,41 @@ +package client + +import ( + "bytes" + "context" + "encoding/json" + "io" + + "github.com/moby/moby/api/types/swarm" +) + +// NodeInspectOptions holds parameters to inspect nodes with. +type NodeInspectOptions struct{} + +type NodeInspectResult struct { + Node swarm.Node + Raw json.RawMessage +} + +// NodeInspect returns the node information. +func (cli *Client) NodeInspect(ctx context.Context, nodeID string, options NodeInspectOptions) (NodeInspectResult, error) { + nodeID, err := trimID("node", nodeID) + if err != nil { + return NodeInspectResult{}, err + } + resp, err := cli.get(ctx, "/nodes/"+nodeID, nil, nil) + defer ensureReaderClosed(resp) + if err != nil { + return NodeInspectResult{}, err + } + + body, err := io.ReadAll(resp.Body) + if err != nil { + return NodeInspectResult{}, err + } + + var response swarm.Node + rdr := bytes.NewReader(body) + err = json.NewDecoder(rdr).Decode(&response) + return NodeInspectResult{Node: response, Raw: body}, err +} diff --git a/vendor/github.com/moby/moby/client/node_list.go b/vendor/github.com/moby/moby/client/node_list.go new file mode 100644 index 000000000000..1a1b57922e72 --- /dev/null +++ b/vendor/github.com/moby/moby/client/node_list.go @@ -0,0 +1,33 @@ +package client + +import ( + "context" + "encoding/json" + "net/url" + + "github.com/moby/moby/api/types/swarm" +) + +// NodeListOptions holds parameters to list nodes with. +type NodeListOptions struct { + Filters Filters +} + +type NodeListResult struct { + Items []swarm.Node +} + +// NodeList returns the list of nodes. +func (cli *Client) NodeList(ctx context.Context, options NodeListOptions) (NodeListResult, error) { + query := url.Values{} + options.Filters.updateURLValues(query) + resp, err := cli.get(ctx, "/nodes", query, nil) + defer ensureReaderClosed(resp) + if err != nil { + return NodeListResult{}, err + } + + var nodes []swarm.Node + err = json.NewDecoder(resp.Body).Decode(&nodes) + return NodeListResult{Items: nodes}, err +} diff --git a/vendor/github.com/docker/docker/client/node_remove.go b/vendor/github.com/moby/moby/client/node_remove.go similarity index 58% rename from vendor/github.com/docker/docker/client/node_remove.go rename to vendor/github.com/moby/moby/client/node_remove.go index 644fe138108b..56c39d67a616 100644 --- a/vendor/github.com/docker/docker/client/node_remove.go +++ b/vendor/github.com/moby/moby/client/node_remove.go @@ -3,15 +3,19 @@ package client import ( "context" "net/url" - - "github.com/docker/docker/api/types/swarm" ) +// NodeRemoveOptions holds parameters to remove nodes with. +type NodeRemoveOptions struct { + Force bool +} +type NodeRemoveResult struct{} + // NodeRemove removes a Node. -func (cli *Client) NodeRemove(ctx context.Context, nodeID string, options swarm.NodeRemoveOptions) error { +func (cli *Client) NodeRemove(ctx context.Context, nodeID string, options NodeRemoveOptions) (NodeRemoveResult, error) { nodeID, err := trimID("node", nodeID) if err != nil { - return err + return NodeRemoveResult{}, err } query := url.Values{} @@ -21,5 +25,5 @@ func (cli *Client) NodeRemove(ctx context.Context, nodeID string, options swarm. resp, err := cli.delete(ctx, "/nodes/"+nodeID, query, nil) defer ensureReaderClosed(resp) - return err + return NodeRemoveResult{}, err } diff --git a/vendor/github.com/moby/moby/client/node_update.go b/vendor/github.com/moby/moby/client/node_update.go new file mode 100644 index 000000000000..4bc7c3b69827 --- /dev/null +++ b/vendor/github.com/moby/moby/client/node_update.go @@ -0,0 +1,30 @@ +package client + +import ( + "context" + "net/url" + + "github.com/moby/moby/api/types/swarm" +) + +// NodeUpdateOptions holds parameters to update nodes with. +type NodeUpdateOptions struct { + Version swarm.Version + Spec swarm.NodeSpec +} + +type NodeUpdateResult struct{} + +// NodeUpdate updates a Node. +func (cli *Client) NodeUpdate(ctx context.Context, nodeID string, options NodeUpdateOptions) (NodeUpdateResult, error) { + nodeID, err := trimID("node", nodeID) + if err != nil { + return NodeUpdateResult{}, err + } + + query := url.Values{} + query.Set("version", options.Version.String()) + resp, err := cli.post(ctx, "/nodes/"+nodeID+"/update", query, options.Spec, nil) + defer ensureReaderClosed(resp) + return NodeUpdateResult{}, err +} diff --git a/vendor/github.com/docker/docker/client/options.go b/vendor/github.com/moby/moby/client/options.go similarity index 66% rename from vendor/github.com/docker/docker/client/options.go rename to vendor/github.com/moby/moby/client/options.go index 6f68fc2b8966..1b1e92bbbaca 100644 --- a/vendor/github.com/docker/docker/client/options.go +++ b/vendor/github.com/moby/moby/client/options.go @@ -2,6 +2,7 @@ package client import ( "context" + "fmt" "net" "net/http" "os" @@ -11,13 +12,47 @@ import ( "github.com/docker/go-connections/sockets" "github.com/docker/go-connections/tlsconfig" - "github.com/pkg/errors" "go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp" "go.opentelemetry.io/otel/trace" ) +type clientConfig struct { + // scheme sets the scheme for the client + scheme string + // host holds the server address to connect to + host string + // proto holds the client protocol i.e. unix. + proto string + // addr holds the client address. + addr string + // basePath holds the path to prepend to the requests. + basePath string + // client used to send and receive http requests. + client *http.Client + // version of the server to talk to. + version string + // userAgent is the User-Agent header to use for HTTP requests. It takes + // precedence over User-Agent headers set in customHTTPHeaders, and other + // header variables. When set to an empty string, the User-Agent header + // is removed, and no header is sent. + userAgent *string + // custom HTTP headers configured by users. + customHTTPHeaders map[string]string + // manualOverride is set to true when the version was set by users. + manualOverride bool + + // negotiateVersion indicates if the client should automatically negotiate + // the API version to use when making requests. API version negotiation is + // performed on the first request, after which negotiated is set to "true" + // so that subsequent requests do not re-negotiate. + negotiateVersion bool + + // traceOpts is a list of options to configure the tracing span. + traceOpts []otelhttp.Option +} + // Opt is a configuration option to initialize a [Client]. -type Opt func(*Client) error +type Opt func(*clientConfig) error // FromEnv configures the client with values from environment variables. It // is the equivalent of using the [WithTLSClientConfigFromEnv], [WithHostFromEnv], @@ -32,7 +67,7 @@ type Opt func(*Client) error // which to load the TLS certificates ("ca.pem", "cert.pem", "key.pem'). // - DOCKER_TLS_VERIFY ([EnvTLSVerify]) to enable or disable TLS verification // (off by default). -func FromEnv(c *Client) error { +func FromEnv(c *clientConfig) error { ops := []Opt{ WithTLSClientConfigFromEnv(), WithHostFromEnv(), @@ -50,18 +85,18 @@ func FromEnv(c *Client) error { // used to set the Timeout and KeepAlive settings of the client. It returns // an error if the client does not have a [http.Transport] configured. func WithDialContext(dialContext func(ctx context.Context, network, addr string) (net.Conn, error)) Opt { - return func(c *Client) error { + return func(c *clientConfig) error { if transport, ok := c.client.Transport.(*http.Transport); ok { transport.DialContext = dialContext return nil } - return errors.Errorf("cannot apply dialer to transport: %T", c.client.Transport) + return fmt.Errorf("cannot apply dialer to transport: %T", c.client.Transport) } } // WithHost overrides the client host with the specified one. func WithHost(host string) Opt { - return func(c *Client) error { + return func(c *clientConfig) error { hostURL, err := ParseHostURL(host) if err != nil { return err @@ -73,15 +108,30 @@ func WithHost(host string) Opt { if transport, ok := c.client.Transport.(*http.Transport); ok { return sockets.ConfigureTransport(transport, c.proto, c.addr) } - return errors.Errorf("cannot apply host to transport: %T", c.client.Transport) + // For test transports, we skip transport configuration but still + // set the host fields so that the client can use them for headers + if _, ok := c.client.Transport.(testRoundTripper); ok { + return nil + } + return fmt.Errorf("cannot apply host to transport: %T", c.client.Transport) } } +// testRoundTripper allows us to inject a mock-transport for testing. We define it +// here so we can detect the tlsconfig and return nil for only this type. +type testRoundTripper func(*http.Request) (*http.Response, error) + +func (tf testRoundTripper) RoundTrip(req *http.Request) (*http.Response, error) { + return tf(req) +} + +func (testRoundTripper) skipConfigureTransport() bool { return true } + // WithHostFromEnv overrides the client host with the host specified in the // DOCKER_HOST ([EnvOverrideHost]) environment variable. If DOCKER_HOST is not set, // or set to an empty value, the host is not modified. func WithHostFromEnv() Opt { - return func(c *Client) error { + return func(c *clientConfig) error { if host := os.Getenv(EnvOverrideHost); host != "" { return WithHost(host)(c) } @@ -91,7 +141,7 @@ func WithHostFromEnv() Opt { // WithHTTPClient overrides the client's HTTP client with the specified one. func WithHTTPClient(client *http.Client) Opt { - return func(c *Client) error { + return func(c *clientConfig) error { if client != nil { c.client = client } @@ -101,7 +151,7 @@ func WithHTTPClient(client *http.Client) Opt { // WithTimeout configures the time limit for requests made by the HTTP client. func WithTimeout(timeout time.Duration) Opt { - return func(c *Client) error { + return func(c *clientConfig) error { c.client.Timeout = timeout return nil } @@ -111,7 +161,7 @@ func WithTimeout(timeout time.Duration) Opt { // It overrides any User-Agent set in headers. When set to an empty string, // the User-Agent header is removed, and no header is sent. func WithUserAgent(ua string) Opt { - return func(c *Client) error { + return func(c *clientConfig) error { c.userAgent = &ua return nil } @@ -121,7 +171,7 @@ func WithUserAgent(ua string) Opt { // It does not allow for built-in headers (such as "User-Agent", if set) to // be overridden. Also see [WithUserAgent]. func WithHTTPHeaders(headers map[string]string) Opt { - return func(c *Client) error { + return func(c *clientConfig) error { c.customHTTPHeaders = headers return nil } @@ -129,7 +179,7 @@ func WithHTTPHeaders(headers map[string]string) Opt { // WithScheme overrides the client scheme with the specified one. func WithScheme(scheme string) Opt { - return func(c *Client) error { + return func(c *clientConfig) error { c.scheme = scheme return nil } @@ -137,10 +187,10 @@ func WithScheme(scheme string) Opt { // WithTLSClientConfig applies a TLS config to the client transport. func WithTLSClientConfig(cacertPath, certPath, keyPath string) Opt { - return func(c *Client) error { + return func(c *clientConfig) error { transport, ok := c.client.Transport.(*http.Transport) if !ok { - return errors.Errorf("cannot apply tls config to transport: %T", c.client.Transport) + return fmt.Errorf("cannot apply tls config to transport: %T", c.client.Transport) } config, err := tlsconfig.Client(tlsconfig.Options{ CAFile: cacertPath, @@ -149,7 +199,7 @@ func WithTLSClientConfig(cacertPath, certPath, keyPath string) Opt { ExclusiveRootPools: true, }) if err != nil { - return errors.Wrap(err, "failed to create tls config") + return fmt.Errorf("failed to create tls config: %w", err) } transport.TLSClientConfig = config return nil @@ -168,7 +218,7 @@ func WithTLSClientConfig(cacertPath, certPath, keyPath string) Opt { // - DOCKER_TLS_VERIFY ([EnvTLSVerify]) to enable or disable TLS verification // (off by default). func WithTLSClientConfigFromEnv() Opt { - return func(c *Client) error { + return func(c *clientConfig) error { dockerCertPath := os.Getenv(EnvOverrideCertPath) if dockerCertPath == "" { return nil @@ -194,8 +244,12 @@ func WithTLSClientConfigFromEnv() Opt { // WithVersion overrides the client version with the specified one. If an empty // version is provided, the value is ignored to allow version negotiation // (see [WithAPIVersionNegotiation]). +// +// WithVersion does not validate if the client supports the given version, +// and callers should verify if the version is in the correct format and +// lower than the maximum supported version as defined by [MaxAPIVersion]. func WithVersion(version string) Opt { - return func(c *Client) error { + return func(c *clientConfig) error { if v := strings.TrimPrefix(version, "v"); v != "" { c.version = v c.manualOverride = true @@ -208,8 +262,12 @@ func WithVersion(version string) Opt { // the DOCKER_API_VERSION ([EnvOverrideAPIVersion]) environment variable. // If DOCKER_API_VERSION is not set, or set to an empty value, the version // is not modified. +// +// WithVersion does not validate if the client supports the given version, +// and callers should verify if the version is in the correct format and +// lower than the maximum supported version as defined by [MaxAPIVersion]. func WithVersionFromEnv() Opt { - return func(c *Client) error { + return func(c *clientConfig) error { return WithVersion(os.Getenv(EnvOverrideAPIVersion))(c) } } @@ -219,21 +277,21 @@ func WithVersionFromEnv() Opt { // to use when making requests. API version negotiation is performed on the first // request; subsequent requests do not re-negotiate. func WithAPIVersionNegotiation() Opt { - return func(c *Client) error { + return func(c *clientConfig) error { c.negotiateVersion = true return nil } } // WithTraceProvider sets the trace provider for the client. -// If this is not set then the global trace provider will be used. +// If this is not set then the global trace provider is used. func WithTraceProvider(provider trace.TracerProvider) Opt { return WithTraceOptions(otelhttp.WithTracerProvider(provider)) } // WithTraceOptions sets tracing span options for the client. func WithTraceOptions(opts ...otelhttp.Option) Opt { - return func(c *Client) error { + return func(c *clientConfig) error { c.traceOpts = append(c.traceOpts, opts...) return nil } diff --git a/vendor/github.com/moby/moby/client/ping.go b/vendor/github.com/moby/moby/client/ping.go new file mode 100644 index 000000000000..15c54faa0c8f --- /dev/null +++ b/vendor/github.com/moby/moby/client/ping.go @@ -0,0 +1,151 @@ +package client + +import ( + "context" + "net/http" + "path" + "strings" + + "github.com/moby/moby/api/types/build" + "github.com/moby/moby/api/types/swarm" +) + +// PingOptions holds options for [client.Ping]. +type PingOptions struct { + // NegotiateAPIVersion queries the API and updates the version to match the API + // version. NegotiateAPIVersion downgrades the client's API version to match the + // APIVersion if the ping version is lower than the default version. If the API + // version reported by the server is higher than the maximum version supported + // by the client, it uses the client's maximum version. + // + // If a manual override is in place, either through the "DOCKER_API_VERSION" + // ([EnvOverrideAPIVersion]) environment variable, or if the client is initialized + // with a fixed version ([WithVersion]), no negotiation is performed. + // + // If the API server's ping response does not contain an API version, or if the + // client did not get a successful ping response, it assumes it is connected with + // an old daemon that does not support API version negotiation, in which case it + // downgrades to the lowest supported API version. + NegotiateAPIVersion bool + + // ForceNegotiate forces the client to re-negotiate the API version, even if + // API-version negotiation already happened. This option cannot be + // used if the client is configured with a fixed version using (using + // [WithVersion] or [WithVersionFromEnv]). + // + // This option has no effect if NegotiateAPIVersion is not set. + ForceNegotiate bool +} + +// PingResult holds the result of a [Client.Ping] API call. +type PingResult struct { + APIVersion string + OSType string + Experimental bool + BuilderVersion build.BuilderVersion + + // SwarmStatus provides information about the current swarm status of the + // engine, obtained from the "Swarm" header in the API response. + // + // It can be a nil struct if the API version does not provide this header + // in the ping response, or if an error occurred, in which case the client + // should use other ways to get the current swarm status, such as the /swarm + // endpoint. + SwarmStatus *SwarmStatus +} + +// SwarmStatus provides information about the current swarm status and role, +// obtained from the "Swarm" header in the API response. +type SwarmStatus struct { + // NodeState represents the state of the node. + NodeState swarm.LocalNodeState + + // ControlAvailable indicates if the node is a swarm manager. + ControlAvailable bool +} + +// Ping pings the server and returns the value of the "Docker-Experimental", +// "Builder-Version", "OS-Type" & "API-Version" headers. It attempts to use +// a HEAD request on the endpoint, but falls back to GET if HEAD is not supported +// by the daemon. It ignores internal server errors returned by the API, which +// may be returned if the daemon is in an unhealthy state, but returns errors +// for other non-success status codes, failing to connect to the API, or failing +// to parse the API response. +func (cli *Client) Ping(ctx context.Context, options PingOptions) (PingResult, error) { + if cli.manualOverride { + return cli.ping(ctx) + } + if !options.NegotiateAPIVersion && !cli.negotiateVersion { + return cli.ping(ctx) + } + + // Ensure exclusive write access to version and negotiated fields + cli.negotiateLock.Lock() + defer cli.negotiateLock.Unlock() + + ping, err := cli.ping(ctx) + if err != nil { + return cli.ping(ctx) + } + + if cli.negotiated.Load() && !options.ForceNegotiate { + return ping, nil + } + + return ping, cli.negotiateAPIVersion(ping.APIVersion) +} + +func (cli *Client) ping(ctx context.Context) (PingResult, error) { + // Using cli.buildRequest() + cli.doRequest() instead of cli.sendRequest() + // because ping requests are used during API version negotiation, so we want + // to hit the non-versioned /_ping endpoint, not /v1.xx/_ping + req, err := cli.buildRequest(ctx, http.MethodHead, path.Join(cli.basePath, "/_ping"), nil, nil) + if err != nil { + return PingResult{}, err + } + resp, err := cli.doRequest(req) + defer ensureReaderClosed(resp) + if err == nil && resp.StatusCode == http.StatusOK { + // Fast-path; successfully connected using a HEAD request and + // we got a "OK" (200) status. For non-200 status-codes, we fall + // back to doing a GET request, as a HEAD request won't have a + // response-body to get error details from. + return newPingResult(resp), nil + } + + // HEAD failed or returned a non-OK status; fallback to GET. + req.Method = http.MethodGet + resp, err = cli.doRequest(req) + defer ensureReaderClosed(resp) + if err != nil { + // Failed to connect. + return PingResult{}, err + } + + // GET request succeeded but may have returned a non-200 status. + // Return a Ping response, together with any error returned by + // the API server. + return newPingResult(resp), checkResponseErr(resp) +} + +func newPingResult(resp *http.Response) PingResult { + if resp == nil { + return PingResult{} + } + var swarmStatus *SwarmStatus + if si := resp.Header.Get("Swarm"); si != "" { + state, role, _ := strings.Cut(si, "/") + swarmStatus = &SwarmStatus{ + NodeState: swarm.LocalNodeState(state), + ControlAvailable: role == "manager", + } + } + + return PingResult{ + APIVersion: resp.Header.Get("Api-Version"), + OSType: resp.Header.Get("Ostype"), + Experimental: resp.Header.Get("Docker-Experimental") == "true", + BuilderVersion: build.BuilderVersion(resp.Header.Get("Builder-Version")), + SwarmStatus: swarmStatus, + } +} diff --git a/vendor/github.com/moby/moby/client/pkg/jsonmessage/jsonmessage.go b/vendor/github.com/moby/moby/client/pkg/jsonmessage/jsonmessage.go new file mode 100644 index 000000000000..9e949c5e2688 --- /dev/null +++ b/vendor/github.com/moby/moby/client/pkg/jsonmessage/jsonmessage.go @@ -0,0 +1,245 @@ +package jsonmessage + +import ( + "encoding/json" + "errors" + "fmt" + "io" + "iter" + "strings" + "time" + + "github.com/docker/go-units" + "github.com/moby/moby/api/types/jsonstream" + "github.com/moby/term" +) + +var timeNow = time.Now // For overriding in tests. + +// RFC3339NanoFixed is time.RFC3339Nano with nanoseconds padded using zeros to +// ensure the formatted time isalways the same number of characters. +const RFC3339NanoFixed = "2006-01-02T15:04:05.000000000Z07:00" + +func RenderTUIProgress(p jsonstream.Progress, width uint16) string { + var ( + pbBox string + numbersBox string + ) + if p.Current <= 0 && p.Total <= 0 { + return "" + } + if p.Total <= 0 { + switch p.Units { + case "": + return fmt.Sprintf("%8v", units.HumanSize(float64(p.Current))) + default: + return fmt.Sprintf("%d %s", p.Current, p.Units) + } + } + + percentage := int(float64(p.Current)/float64(p.Total)*100) / 2 + if percentage > 50 { + percentage = 50 + } + if width > 110 { + // this number can't be negative gh#7136 + numSpaces := 0 + if 50-percentage > 0 { + numSpaces = 50 - percentage + } + pbBox = fmt.Sprintf("[%s>%s] ", strings.Repeat("=", percentage), strings.Repeat(" ", numSpaces)) + } + + switch { + case p.HideCounts: + case p.Units == "": // no units, use bytes + current := units.HumanSize(float64(p.Current)) + total := units.HumanSize(float64(p.Total)) + + numbersBox = fmt.Sprintf("%8v/%v", current, total) + + if p.Current > p.Total { + // remove total display if the reported current is wonky. + numbersBox = fmt.Sprintf("%8v", current) + } + default: + numbersBox = fmt.Sprintf("%d/%d %s", p.Current, p.Total, p.Units) + + if p.Current > p.Total { + // remove total display if the reported current is wonky. + numbersBox = fmt.Sprintf("%d %s", p.Current, p.Units) + } + } + + // Show approximation of remaining time if there's enough width. + var timeLeftBox string + if width > 50 { + if p.Current > 0 && p.Start > 0 && percentage < 50 { + fromStart := timeNow().UTC().Sub(time.Unix(p.Start, 0)) + perEntry := fromStart / time.Duration(p.Current) + left := time.Duration(p.Total-p.Current) * perEntry + timeLeftBox = " " + left.Round(time.Second).String() + } + } + return pbBox + numbersBox + timeLeftBox +} + +// We can probably use [aec.EmptyBuilder] for managing the output, but +// currently we're doing it all manually, so defining some consts for +// the basics we use. +// +// [aec.EmptyBuilder]: https://pkg.go.dev/github.com/morikuni/aec#EmptyBuilder +const ( + ansiEraseLine = "\x1b[2K" // Erase entire line + ansiCursorUpFmt = "\x1b[%dA" // Move cursor up N lines + ansiCursorDownFmt = "\x1b[%dB" // Move cursor down N lines +) + +func clearLine(out io.Writer) { + _, _ = out.Write([]byte(ansiEraseLine)) +} + +func cursorUp(out io.Writer, l uint) { + if l == 0 { + return + } + _, _ = fmt.Fprintf(out, ansiCursorUpFmt, l) +} + +func cursorDown(out io.Writer, l uint) { + if l == 0 { + return + } + _, _ = fmt.Fprintf(out, ansiCursorDownFmt, l) +} + +// Display prints the JSONMessage to out. If isTerminal is true, it erases +// the entire current line when displaying the progressbar. It returns an +// error if the [JSONMessage.Error] field is non-nil. +func Display(jm jsonstream.Message, out io.Writer, isTerminal bool, width uint16) error { + if jm.Error != nil { + return jm.Error + } + var endl string + if isTerminal && jm.Stream == "" && jm.Progress != nil { + clearLine(out) + endl = "\r" + _, _ = fmt.Fprint(out, endl) + } else if jm.Progress != nil && (jm.Progress.Current > 0 || jm.Progress.Total > 0) { // disable progressbar in non-terminal + return nil + } + if jm.ID != "" { + _, _ = fmt.Fprintf(out, "%s: ", jm.ID) + } + if jm.Progress != nil && isTerminal { + if width == 0 { + width = 200 + } + _, _ = fmt.Fprintf(out, "%s %s%s", jm.Status, RenderTUIProgress(*jm.Progress, width), endl) + } else if jm.Stream != "" { + _, _ = fmt.Fprintf(out, "%s%s", jm.Stream, endl) + } else { + _, _ = fmt.Fprintf(out, "%s%s\n", jm.Status, endl) + } + return nil +} + +type JSONMessagesStream iter.Seq2[jsonstream.Message, error] + +// DisplayJSONMessagesStream reads a JSON message stream from in, and writes +// each [JSONMessage] to out. +// see DisplayJSONMessages for details +func DisplayJSONMessagesStream(in io.Reader, out io.Writer, terminalFd uintptr, isTerminal bool, auxCallback func(jsonstream.Message)) error { + dec := json.NewDecoder(in) + var f JSONMessagesStream = func(yield func(jsonstream.Message, error) bool) { + for { + var jm jsonstream.Message + err := dec.Decode(&jm) + if errors.Is(err, io.EOF) { + break + } + if !yield(jm, err) { + return + } + } + } + + return DisplayJSONMessages(f, out, terminalFd, isTerminal, auxCallback) +} + +// DisplayJSONMessages writes each [JSONMessage] from stream to out. +// It returns an error if an invalid JSONMessage is received, or if +// a JSONMessage containers a non-zero [JSONMessage.Error]. +// +// Presentation of the JSONMessage depends on whether a terminal is attached, +// and on the terminal width. Progress bars ([JSONProgress]) are suppressed +// on narrower terminals (< 110 characters). +// +// - isTerminal describes if out is a terminal, in which case it prints +// a newline ("\n") at the end of each line and moves the cursor while +// displaying. +// - terminalFd is the fd of the current terminal (if any), and used +// to get the terminal width. +// - auxCallback allows handling the [JSONMessage.Aux] field. It is +// called if a JSONMessage contains an Aux field, in which case +// DisplayJSONMessagesStream does not present the JSONMessage. +func DisplayJSONMessages(messages JSONMessagesStream, out io.Writer, terminalFd uintptr, isTerminal bool, auxCallback func(jsonstream.Message)) error { + ids := make(map[string]uint) + var width uint16 = 200 + if isTerminal { + ws, err := term.GetWinsize(terminalFd) + if err == nil { + width = ws.Width + } + } + + for jm, err := range messages { + var diff uint + if err != nil { + return err + } + + if jm.Aux != nil { + if auxCallback != nil { + auxCallback(jm) + } + continue + } + + if jm.ID != "" && jm.Progress != nil { + line, ok := ids[jm.ID] + if !ok { + // NOTE: This approach of using len(id) to + // figure out the number of lines of history + // only works as long as we clear the history + // when we output something that's not + // accounted for in the map, such as a line + // with no ID. + line = uint(len(ids)) + ids[jm.ID] = line + if isTerminal { + _, _ = fmt.Fprintf(out, "\n") + } + } + diff = uint(len(ids)) - line + if isTerminal { + cursorUp(out, diff) + } + } else { + // When outputting something that isn't progress + // output, clear the history of previous lines. We + // don't want progress entries from some previous + // operation to be updated (for example, pull -a + // with multiple tags). + ids = make(map[string]uint) + } + err := Display(jm, out, isTerminal, width) + if jm.ID != "" && isTerminal { + cursorDown(out, diff) + } + if err != nil { + return err + } + } + return nil +} diff --git a/vendor/github.com/moby/moby/client/pkg/security/security_opts.go b/vendor/github.com/moby/moby/client/pkg/security/security_opts.go new file mode 100644 index 000000000000..b123919c1106 --- /dev/null +++ b/vendor/github.com/moby/moby/client/pkg/security/security_opts.go @@ -0,0 +1,40 @@ +package security + +import ( + "strings" +) + +// Option contains the name and options of a security option +type Option struct { + Name string + Options []KeyValue +} + +// KeyValue holds a key/value pair. +type KeyValue struct { + Key, Value string +} + +// DecodeOptions decodes a security options string slice to a +// type-safe [Option]. +func DecodeOptions(opts []string) []Option { + so := make([]Option, 0, len(opts)) + for _, opt := range opts { + secopt := Option{} + for _, s := range strings.Split(opt, ",") { + k, v, _ := strings.Cut(s, "=") + if k == "" { + continue + } + if k == "name" { + secopt.Name = v + continue + } + secopt.Options = append(secopt.Options, KeyValue{Key: k, Value: v}) + } + if secopt.Name != "" { + so = append(so, secopt) + } + } + return so +} diff --git a/vendor/github.com/moby/moby/client/pkg/stringid/stringid.go b/vendor/github.com/moby/moby/client/pkg/stringid/stringid.go new file mode 100644 index 000000000000..030e0708532d --- /dev/null +++ b/vendor/github.com/moby/moby/client/pkg/stringid/stringid.go @@ -0,0 +1,47 @@ +// Package stringid provides helper functions for dealing with string identifiers. +// +// It is similar to the package used by the daemon, but for presentational +// purposes in the client. +package stringid + +import ( + "crypto/rand" + "encoding/hex" + "strings" +) + +const ( + shortLen = 12 + fullLen = 64 +) + +// TruncateID returns a shorthand version of a string identifier for presentation. +// For convenience, it accepts both digests ("sha256:xxxx") and IDs without an +// algorithm prefix. It truncates the algorithm (if any) before truncating the +// ID. The length of the truncated ID is currently fixed, but users should make +// no assumptions of this to not change; it is merely a prefix of the ID that +// provides enough uniqueness for common scenarios. +// +// Truncated IDs ("ID-prefixes") usually can be used to uniquely identify an +// object (such as a container or network), but collisions may happen, in +// which case an "ambiguous result" error is produced. In case of a collision, +// the caller should try with a longer prefix or the full-length ID. +func TruncateID(id string) string { + if i := strings.IndexRune(id, ':'); i >= 0 { + id = id[i+1:] + } + if len(id) > shortLen { + id = id[:shortLen] + } + return id +} + +// GenerateRandomID returns a unique, 64-character ID consisting of a-z, 0-9. +func GenerateRandomID() string { + b := make([]byte, 32) + if _, err := rand.Read(b); err != nil { + panic(err) // This shouldn't happen + } + id := hex.EncodeToString(b) + return id +} diff --git a/vendor/github.com/docker/docker/api/types/versions/compare.go b/vendor/github.com/moby/moby/client/pkg/versions/compare.go similarity index 100% rename from vendor/github.com/docker/docker/api/types/versions/compare.go rename to vendor/github.com/moby/moby/client/pkg/versions/compare.go diff --git a/vendor/github.com/moby/moby/client/plugin_create.go b/vendor/github.com/moby/moby/client/plugin_create.go new file mode 100644 index 000000000000..c1a2dd5a6c21 --- /dev/null +++ b/vendor/github.com/moby/moby/client/plugin_create.go @@ -0,0 +1,31 @@ +package client + +import ( + "context" + "io" + "net/http" + "net/url" +) + +// PluginCreateOptions hold all options to plugin create. +type PluginCreateOptions struct { + RepoName string +} + +// PluginCreateResult represents the result of a plugin create operation. +type PluginCreateResult struct { + // Currently empty; can be extended in the future if needed. +} + +// PluginCreate creates a plugin +func (cli *Client) PluginCreate(ctx context.Context, createContext io.Reader, createOptions PluginCreateOptions) (PluginCreateResult, error) { + headers := http.Header(make(map[string][]string)) + headers.Set("Content-Type", "application/x-tar") + + query := url.Values{} + query.Set("name", createOptions.RepoName) + + resp, err := cli.postRaw(ctx, "/plugins/create", query, createContext, headers) + defer ensureReaderClosed(resp) + return PluginCreateResult{}, err +} diff --git a/vendor/github.com/moby/moby/client/plugin_disable.go b/vendor/github.com/moby/moby/client/plugin_disable.go new file mode 100644 index 000000000000..65ab0aa00487 --- /dev/null +++ b/vendor/github.com/moby/moby/client/plugin_disable.go @@ -0,0 +1,31 @@ +package client + +import ( + "context" + "net/url" +) + +// PluginDisableOptions holds parameters to disable plugins. +type PluginDisableOptions struct { + Force bool +} + +// PluginDisableResult represents the result of a plugin disable operation. +type PluginDisableResult struct { + // Currently empty; can be extended in the future if needed. +} + +// PluginDisable disables a plugin +func (cli *Client) PluginDisable(ctx context.Context, name string, options PluginDisableOptions) (PluginDisableResult, error) { + name, err := trimID("plugin", name) + if err != nil { + return PluginDisableResult{}, err + } + query := url.Values{} + if options.Force { + query.Set("force", "1") + } + resp, err := cli.post(ctx, "/plugins/"+name+"/disable", query, nil, nil) + defer ensureReaderClosed(resp) + return PluginDisableResult{}, err +} diff --git a/vendor/github.com/moby/moby/client/plugin_enable.go b/vendor/github.com/moby/moby/client/plugin_enable.go new file mode 100644 index 000000000000..7c3e26b67a72 --- /dev/null +++ b/vendor/github.com/moby/moby/client/plugin_enable.go @@ -0,0 +1,31 @@ +package client + +import ( + "context" + "net/url" + "strconv" +) + +// PluginEnableOptions holds parameters to enable plugins. +type PluginEnableOptions struct { + Timeout int +} + +// PluginEnableResult represents the result of a plugin enable operation. +type PluginEnableResult struct { + // Currently empty; can be extended in the future if needed. +} + +// PluginEnable enables a plugin +func (cli *Client) PluginEnable(ctx context.Context, name string, options PluginEnableOptions) (PluginEnableResult, error) { + name, err := trimID("plugin", name) + if err != nil { + return PluginEnableResult{}, err + } + query := url.Values{} + query.Set("timeout", strconv.Itoa(options.Timeout)) + + resp, err := cli.post(ctx, "/plugins/"+name+"/enable", query, nil, nil) + defer ensureReaderClosed(resp) + return PluginEnableResult{}, err +} diff --git a/vendor/github.com/moby/moby/client/plugin_inspect.go b/vendor/github.com/moby/moby/client/plugin_inspect.go new file mode 100644 index 000000000000..8caf06a8e055 --- /dev/null +++ b/vendor/github.com/moby/moby/client/plugin_inspect.go @@ -0,0 +1,35 @@ +package client + +import ( + "context" + "encoding/json" + + "github.com/moby/moby/api/types/plugin" +) + +// PluginInspectOptions holds parameters to inspect a plugin. +type PluginInspectOptions struct { + // Add future optional parameters here +} + +// PluginInspectResult holds the result from the [Client.PluginInspect] method. +type PluginInspectResult struct { + Plugin plugin.Plugin + Raw json.RawMessage +} + +// PluginInspect inspects an existing plugin +func (cli *Client) PluginInspect(ctx context.Context, name string, options PluginInspectOptions) (PluginInspectResult, error) { + name, err := trimID("plugin", name) + if err != nil { + return PluginInspectResult{}, err + } + resp, err := cli.get(ctx, "/plugins/"+name+"/json", nil, nil) + if err != nil { + return PluginInspectResult{}, err + } + + var out PluginInspectResult + out.Raw, err = decodeWithRaw(resp, &out.Plugin) + return out, err +} diff --git a/vendor/github.com/moby/moby/client/plugin_install.go b/vendor/github.com/moby/moby/client/plugin_install.go new file mode 100644 index 000000000000..a589b2e1fd36 --- /dev/null +++ b/vendor/github.com/moby/moby/client/plugin_install.go @@ -0,0 +1,175 @@ +package client + +import ( + "context" + "encoding/json" + "errors" + "fmt" + "io" + "net/http" + "net/url" + + cerrdefs "github.com/containerd/errdefs" + "github.com/distribution/reference" + "github.com/moby/moby/api/types/plugin" + "github.com/moby/moby/api/types/registry" +) + +// PluginInstallOptions holds parameters to install a plugin. +type PluginInstallOptions struct { + Disabled bool + AcceptAllPermissions bool + RegistryAuth string // RegistryAuth is the base64 encoded credentials for the registry + RemoteRef string // RemoteRef is the plugin name on the registry + + // PrivilegeFunc is a function that clients can supply to retry operations + // after getting an authorization error. This function returns the registry + // authentication header value in base64 encoded format, or an error if the + // privilege request fails. + // + // For details, refer to [github.com/moby/moby/api/types/registry.RequestAuthConfig]. + PrivilegeFunc func(context.Context) (string, error) + AcceptPermissionsFunc func(context.Context, plugin.Privileges) (bool, error) + Args []string +} + +// PluginInstallResult holds the result of a plugin install operation. +// It is an io.ReadCloser from which the caller can read installation progress or result. +type PluginInstallResult struct { + io.ReadCloser +} + +// PluginInstall installs a plugin +func (cli *Client) PluginInstall(ctx context.Context, name string, options PluginInstallOptions) (_ PluginInstallResult, retErr error) { + query := url.Values{} + if _, err := reference.ParseNormalizedNamed(options.RemoteRef); err != nil { + return PluginInstallResult{}, fmt.Errorf("invalid remote reference: %w", err) + } + query.Set("remote", options.RemoteRef) + + privileges, err := cli.checkPluginPermissions(ctx, query, &options) + if err != nil { + return PluginInstallResult{}, err + } + + // set name for plugin pull, if empty should default to remote reference + query.Set("name", name) + + resp, err := cli.tryPluginPull(ctx, query, privileges, options.RegistryAuth) + if err != nil { + return PluginInstallResult{}, err + } + + name = resp.Header.Get("Docker-Plugin-Name") + + pr, pw := io.Pipe() + go func() { // todo: the client should probably be designed more around the actual api + _, err := io.Copy(pw, resp.Body) + if err != nil { + _ = pw.CloseWithError(err) + return + } + defer func() { + if retErr != nil { + delResp, _ := cli.delete(ctx, "/plugins/"+name, nil, nil) + ensureReaderClosed(delResp) + } + }() + if len(options.Args) > 0 { + if _, err := cli.PluginSet(ctx, name, PluginSetOptions{Args: options.Args}); err != nil { + _ = pw.CloseWithError(err) + return + } + } + + if options.Disabled { + _ = pw.Close() + return + } + + _, enableErr := cli.PluginEnable(ctx, name, PluginEnableOptions{Timeout: 0}) + _ = pw.CloseWithError(enableErr) + }() + return PluginInstallResult{pr}, nil +} + +func (cli *Client) tryPluginPrivileges(ctx context.Context, query url.Values, registryAuth string) (*http.Response, error) { + return cli.get(ctx, "/plugins/privileges", query, http.Header{ + registry.AuthHeader: {registryAuth}, + }) +} + +func (cli *Client) tryPluginPull(ctx context.Context, query url.Values, privileges plugin.Privileges, registryAuth string) (*http.Response, error) { + return cli.post(ctx, "/plugins/pull", query, privileges, http.Header{ + registry.AuthHeader: {registryAuth}, + }) +} + +func (cli *Client) checkPluginPermissions(ctx context.Context, query url.Values, options pluginOptions) (plugin.Privileges, error) { + resp, err := cli.tryPluginPrivileges(ctx, query, options.getRegistryAuth()) + if cerrdefs.IsUnauthorized(err) && options.getPrivilegeFunc() != nil { + // TODO: do inspect before to check existing name before checking privileges + newAuthHeader, privilegeErr := options.getPrivilegeFunc()(ctx) + if privilegeErr != nil { + ensureReaderClosed(resp) + return nil, privilegeErr + } + options.setRegistryAuth(newAuthHeader) + resp, err = cli.tryPluginPrivileges(ctx, query, options.getRegistryAuth()) + } + if err != nil { + ensureReaderClosed(resp) + return nil, err + } + + var privileges plugin.Privileges + if err := json.NewDecoder(resp.Body).Decode(&privileges); err != nil { + ensureReaderClosed(resp) + return nil, err + } + ensureReaderClosed(resp) + + if !options.getAcceptAllPermissions() && options.getAcceptPermissionsFunc() != nil && len(privileges) > 0 { + accept, err := options.getAcceptPermissionsFunc()(ctx, privileges) + if err != nil { + return nil, err + } + if !accept { + return nil, errors.New("permission denied while installing plugin " + options.getRemoteRef()) + } + } + return privileges, nil +} + +type pluginOptions interface { + getRegistryAuth() string + setRegistryAuth(string) + getPrivilegeFunc() func(context.Context) (string, error) + getAcceptAllPermissions() bool + getAcceptPermissionsFunc() func(context.Context, plugin.Privileges) (bool, error) + getRemoteRef() string +} + +func (o *PluginInstallOptions) getRegistryAuth() string { + return o.RegistryAuth +} + +func (o *PluginInstallOptions) setRegistryAuth(auth string) { + o.RegistryAuth = auth +} + +func (o *PluginInstallOptions) getPrivilegeFunc() func(context.Context) (string, error) { + return o.PrivilegeFunc +} + +func (o *PluginInstallOptions) getAcceptAllPermissions() bool { + return o.AcceptAllPermissions +} + +func (o *PluginInstallOptions) getAcceptPermissionsFunc() func(context.Context, plugin.Privileges) (bool, error) { + return o.AcceptPermissionsFunc +} + +func (o *PluginInstallOptions) getRemoteRef() string { + return o.RemoteRef +} diff --git a/vendor/github.com/moby/moby/client/plugin_list.go b/vendor/github.com/moby/moby/client/plugin_list.go new file mode 100644 index 000000000000..cbd90b407a4b --- /dev/null +++ b/vendor/github.com/moby/moby/client/plugin_list.go @@ -0,0 +1,35 @@ +package client + +import ( + "context" + "encoding/json" + "net/url" + + "github.com/moby/moby/api/types/plugin" +) + +// PluginListOptions holds parameters to list plugins. +type PluginListOptions struct { + Filters Filters +} + +// PluginListResult represents the result of a plugin list operation. +type PluginListResult struct { + Items []plugin.Plugin +} + +// PluginList returns the installed plugins +func (cli *Client) PluginList(ctx context.Context, options PluginListOptions) (PluginListResult, error) { + query := url.Values{} + + options.Filters.updateURLValues(query) + resp, err := cli.get(ctx, "/plugins", query, nil) + defer ensureReaderClosed(resp) + if err != nil { + return PluginListResult{}, err + } + + var plugins plugin.ListResponse + err = json.NewDecoder(resp.Body).Decode(&plugins) + return PluginListResult{Items: plugins}, err +} diff --git a/vendor/github.com/moby/moby/client/plugin_push.go b/vendor/github.com/moby/moby/client/plugin_push.go new file mode 100644 index 000000000000..4ba25d1336ee --- /dev/null +++ b/vendor/github.com/moby/moby/client/plugin_push.go @@ -0,0 +1,34 @@ +package client + +import ( + "context" + "io" + "net/http" + + "github.com/moby/moby/api/types/registry" +) + +// PluginPushOptions holds parameters to push a plugin. +type PluginPushOptions struct { + RegistryAuth string // RegistryAuth is the base64 encoded credentials for the registry +} + +// PluginPushResult is the result of a plugin push operation +type PluginPushResult struct { + io.ReadCloser +} + +// PluginPush pushes a plugin to a registry +func (cli *Client) PluginPush(ctx context.Context, name string, options PluginPushOptions) (PluginPushResult, error) { + name, err := trimID("plugin", name) + if err != nil { + return PluginPushResult{}, err + } + resp, err := cli.post(ctx, "/plugins/"+name+"/push", nil, nil, http.Header{ + registry.AuthHeader: {options.RegistryAuth}, + }) + if err != nil { + return PluginPushResult{}, err + } + return PluginPushResult{resp.Body}, nil +} diff --git a/vendor/github.com/moby/moby/client/plugin_remove.go b/vendor/github.com/moby/moby/client/plugin_remove.go new file mode 100644 index 000000000000..229f40858244 --- /dev/null +++ b/vendor/github.com/moby/moby/client/plugin_remove.go @@ -0,0 +1,33 @@ +package client + +import ( + "context" + "net/url" +) + +// PluginRemoveOptions holds parameters to remove plugins. +type PluginRemoveOptions struct { + Force bool +} + +// PluginRemoveResult represents the result of a plugin removal. +type PluginRemoveResult struct { + // Currently empty; can be extended in the future if needed. +} + +// PluginRemove removes a plugin +func (cli *Client) PluginRemove(ctx context.Context, name string, options PluginRemoveOptions) (PluginRemoveResult, error) { + name, err := trimID("plugin", name) + if err != nil { + return PluginRemoveResult{}, err + } + + query := url.Values{} + if options.Force { + query.Set("force", "1") + } + + resp, err := cli.delete(ctx, "/plugins/"+name, query, nil) + defer ensureReaderClosed(resp) + return PluginRemoveResult{}, err +} diff --git a/vendor/github.com/moby/moby/client/plugin_set.go b/vendor/github.com/moby/moby/client/plugin_set.go new file mode 100644 index 000000000000..c1f6bb5fac83 --- /dev/null +++ b/vendor/github.com/moby/moby/client/plugin_set.go @@ -0,0 +1,27 @@ +package client + +import ( + "context" +) + +// PluginSetOptions defines options for modifying a plugin's settings. +type PluginSetOptions struct { + Args []string +} + +// PluginSetResult represents the result of a plugin set operation. +type PluginSetResult struct { + // Currently empty; can be extended in the future if needed. +} + +// PluginSet modifies settings for an existing plugin +func (cli *Client) PluginSet(ctx context.Context, name string, options PluginSetOptions) (PluginSetResult, error) { + name, err := trimID("plugin", name) + if err != nil { + return PluginSetResult{}, err + } + + resp, err := cli.post(ctx, "/plugins/"+name+"/set", nil, options.Args, nil) + defer ensureReaderClosed(resp) + return PluginSetResult{}, err +} diff --git a/vendor/github.com/moby/moby/client/plugin_upgrade.go b/vendor/github.com/moby/moby/client/plugin_upgrade.go new file mode 100644 index 000000000000..f9df6e5843d9 --- /dev/null +++ b/vendor/github.com/moby/moby/client/plugin_upgrade.go @@ -0,0 +1,89 @@ +package client + +import ( + "context" + "fmt" + "io" + "net/http" + "net/url" + + "github.com/distribution/reference" + "github.com/moby/moby/api/types/plugin" + "github.com/moby/moby/api/types/registry" +) + +// PluginUpgradeOptions holds parameters to upgrade a plugin. +type PluginUpgradeOptions struct { + Disabled bool + AcceptAllPermissions bool + RegistryAuth string // RegistryAuth is the base64 encoded credentials for the registry + RemoteRef string // RemoteRef is the plugin name on the registry + + // PrivilegeFunc is a function that clients can supply to retry operations + // after getting an authorization error. This function returns the registry + // authentication header value in base64 encoded format, or an error if the + // privilege request fails. + // + // For details, refer to [github.com/moby/moby/api/types/registry.RequestAuthConfig]. + PrivilegeFunc func(context.Context) (string, error) + AcceptPermissionsFunc func(context.Context, plugin.Privileges) (bool, error) + Args []string +} + +// PluginUpgradeResult holds the result of a plugin upgrade operation. +type PluginUpgradeResult io.ReadCloser + +// PluginUpgrade upgrades a plugin +func (cli *Client) PluginUpgrade(ctx context.Context, name string, options PluginUpgradeOptions) (PluginUpgradeResult, error) { + name, err := trimID("plugin", name) + if err != nil { + return nil, err + } + + query := url.Values{} + if _, err := reference.ParseNormalizedNamed(options.RemoteRef); err != nil { + return nil, fmt.Errorf("invalid remote reference: %w", err) + } + query.Set("remote", options.RemoteRef) + + privileges, err := cli.checkPluginPermissions(ctx, query, &options) + if err != nil { + return nil, err + } + + resp, err := cli.tryPluginUpgrade(ctx, query, privileges, name, options.RegistryAuth) + if err != nil { + return nil, err + } + return resp.Body, nil +} + +func (cli *Client) tryPluginUpgrade(ctx context.Context, query url.Values, privileges plugin.Privileges, name, registryAuth string) (*http.Response, error) { + return cli.post(ctx, "/plugins/"+name+"/upgrade", query, privileges, http.Header{ + registry.AuthHeader: {registryAuth}, + }) +} + +func (o *PluginUpgradeOptions) getRegistryAuth() string { + return o.RegistryAuth +} + +func (o *PluginUpgradeOptions) setRegistryAuth(auth string) { + o.RegistryAuth = auth +} + +func (o *PluginUpgradeOptions) getPrivilegeFunc() func(context.Context) (string, error) { + return o.PrivilegeFunc +} + +func (o *PluginUpgradeOptions) getAcceptAllPermissions() bool { + return o.AcceptAllPermissions +} + +func (o *PluginUpgradeOptions) getAcceptPermissionsFunc() func(context.Context, plugin.Privileges) (bool, error) { + return o.AcceptPermissionsFunc +} + +func (o *PluginUpgradeOptions) getRemoteRef() string { + return o.RemoteRef +} diff --git a/vendor/github.com/docker/docker/client/request.go b/vendor/github.com/moby/moby/client/request.go similarity index 52% rename from vendor/github.com/docker/docker/client/request.go rename to vendor/github.com/moby/moby/client/request.go index 254138fc22f6..f5c2b956a09d 100644 --- a/vendor/github.com/docker/docker/client/request.go +++ b/vendor/github.com/moby/moby/client/request.go @@ -4,6 +4,7 @@ import ( "bytes" "context" "encoding/json" + "errors" "fmt" "io" "net" @@ -13,9 +14,7 @@ import ( "reflect" "strings" - "github.com/docker/docker/api/types" - "github.com/docker/docker/api/types/versions" - "github.com/pkg/errors" + "github.com/moby/moby/api/types/common" ) // head sends an http request to the docker API using the method HEAD. @@ -28,25 +27,25 @@ func (cli *Client) get(ctx context.Context, path string, query url.Values, heade return cli.sendRequest(ctx, http.MethodGet, path, query, nil, headers) } -// post sends an http request to the docker API using the method POST with a specific Go context. -func (cli *Client) post(ctx context.Context, path string, query url.Values, obj interface{}, headers http.Header) (*http.Response, error) { - body, headers, err := encodeBody(obj, headers) +// post sends an http POST request to the API. +func (cli *Client) post(ctx context.Context, path string, query url.Values, body any, headers http.Header) (*http.Response, error) { + jsonBody, headers, err := prepareJSONRequest(body, headers) if err != nil { return nil, err } - return cli.sendRequest(ctx, http.MethodPost, path, query, body, headers) + return cli.sendRequest(ctx, http.MethodPost, path, query, jsonBody, headers) } func (cli *Client) postRaw(ctx context.Context, path string, query url.Values, body io.Reader, headers http.Header) (*http.Response, error) { return cli.sendRequest(ctx, http.MethodPost, path, query, body, headers) } -func (cli *Client) put(ctx context.Context, path string, query url.Values, obj interface{}, headers http.Header) (*http.Response, error) { - body, headers, err := encodeBody(obj, headers) +func (cli *Client) put(ctx context.Context, path string, query url.Values, body any, headers http.Header) (*http.Response, error) { + jsonBody, headers, err := prepareJSONRequest(body, headers) if err != nil { return nil, err } - return cli.putRaw(ctx, path, query, body, headers) + return cli.putRaw(ctx, path, query, jsonBody, headers) } // putRaw sends an http request to the docker API using the method PUT. @@ -65,26 +64,36 @@ func (cli *Client) delete(ctx context.Context, path string, query url.Values, he return cli.sendRequest(ctx, http.MethodDelete, path, query, nil, headers) } -func encodeBody(obj interface{}, headers http.Header) (io.Reader, http.Header, error) { - if obj == nil { +// prepareJSONRequest encodes the given body to JSON and returns it as an [io.Reader], and sets the Content-Type +// header. If body is nil, or a nil-interface, a "nil" body is returned without +// error. +// +// TODO(thaJeztah): should this return an error if a different Content-Type is already set? +// TODO(thaJeztah): is "nil" the appropriate approach for an empty body, or should we use [http.NoBody] (or similar)? +func prepareJSONRequest(body any, headers http.Header) (io.Reader, http.Header, error) { + if body == nil { return nil, headers, nil } // encoding/json encodes a nil pointer as the JSON document `null`, // irrespective of whether the type implements json.Marshaler or encoding.TextMarshaler. // That is almost certainly not what the caller intended as the request body. - if reflect.TypeOf(obj).Kind() == reflect.Ptr && reflect.ValueOf(obj).IsNil() { + // + // TODO(thaJeztah): consider moving this to jsonEncode, which would also allow returning an (empty) reader instead of nil. + if reflect.TypeOf(body).Kind() == reflect.Ptr && reflect.ValueOf(body).IsNil() { return nil, headers, nil } - body, err := encodeData(obj) + jsonBody, err := jsonEncode(body) if err != nil { return nil, headers, err } - if headers == nil { - headers = make(map[string][]string) + hdr := http.Header{} + if headers != nil { + hdr = headers.Clone() } - headers["Content-Type"] = []string{"application/json"} - return body, headers, nil + + hdr.Set("Content-Type", "application/json") + return jsonBody, hdr, nil } func (cli *Client) buildRequest(ctx context.Context, method, path string, body io.Reader, headers http.Header) (*http.Request, error) { @@ -114,81 +123,111 @@ func (cli *Client) sendRequest(ctx context.Context, method, path string, query u } resp, err := cli.doRequest(req) - switch { - case errors.Is(err, context.Canceled), errors.Is(err, context.DeadlineExceeded): - return nil, err - case err == nil: - return resp, cli.checkResponseErr(resp) - default: + if err != nil { + // Failed to connect or context error. return resp, err } + + // Successfully made a request; return the response and handle any + // API HTTP response errors. + return resp, checkResponseErr(resp) } +// doRequest sends an HTTP request and returns an HTTP response. It is a +// wrapper around [http.Client.Do] with extra handling to decorate errors. +// +// Otherwise, it behaves identical to [http.Client.Do]; an error is returned +// when failing to make a connection, On error, any Response can be ignored. +// A non-2xx status code doesn't cause an error. func (cli *Client) doRequest(req *http.Request) (*http.Response, error) { resp, err := cli.client.Do(req) - if err != nil { - if cli.scheme != "https" && strings.Contains(err.Error(), "malformed HTTP response") { - return nil, errConnectionFailed{fmt.Errorf("%v.\n* Are you trying to connect to a TLS-enabled daemon without TLS?", err)} - } + if err == nil { + return resp, nil + } - if cli.scheme == "https" && strings.Contains(err.Error(), "bad certificate") { - return nil, errConnectionFailed{errors.Wrap(err, "the server probably has client authentication (--tlsverify) enabled; check your TLS client certification settings")} - } + if cli.scheme != "https" && strings.Contains(err.Error(), "malformed HTTP response") { + return nil, errConnectionFailed{fmt.Errorf("%w.\n* Are you trying to connect to a TLS-enabled daemon without TLS?", err)} + } - // Don't decorate context sentinel errors; users may be comparing to - // them directly. - if errors.Is(err, context.Canceled) || errors.Is(err, context.DeadlineExceeded) { - return nil, err - } + const ( + // Go 1.25 / TLS 1.3 may produce a generic "handshake failure" + // whereas TLS 1.2 may produce a "bad certificate" TLS alert. + // See https://github.com/golang/go/issues/56371 + // + // > https://tip.golang.org/doc/go1.12#tls_1_3 + // > + // > In TLS 1.3 the client is the last one to speak in the handshake, so if + // > it causes an error to occur on the server, it will be returned on the + // > client by the first Read, not by Handshake. For example, that will be + // > the case if the server rejects the client certificate. + // + // https://github.com/golang/go/blob/go1.25.1/src/crypto/tls/alert.go#L71-L72 + alertBadCertificate = "bad certificate" // go1.24 / TLS 1.2 + alertHandshakeFailure = "handshake failure" // go1.25 / TLS 1.3 + ) + + // TODO(thaJeztah): see if we can use errors.As for a [crypto/tls.AlertError] instead of bare string matching. + if cli.scheme == "https" && (strings.Contains(err.Error(), alertHandshakeFailure) || strings.Contains(err.Error(), alertBadCertificate)) { + return nil, errConnectionFailed{fmt.Errorf("the server probably has client authentication (--tlsverify) enabled; check your TLS client certification settings: %w", err)} + } - var uErr *url.Error - if errors.As(err, &uErr) { - var nErr *net.OpError - if errors.As(uErr.Err, &nErr) { - if os.IsPermission(nErr.Err) { - return nil, errConnectionFailed{errors.Wrapf(err, "permission denied while trying to connect to the Docker daemon socket at %v", cli.host)} - } - } - } + // Don't decorate context sentinel errors; users may be comparing to + // them directly. + if errors.Is(err, context.Canceled) || errors.Is(err, context.DeadlineExceeded) { + return nil, err + } - var nErr net.Error - if errors.As(err, &nErr) { - // FIXME(thaJeztah): any net.Error should be considered a connection error (but we should include the original error)? - if nErr.Timeout() { - return nil, connectionFailed(cli.host) - } - if strings.Contains(nErr.Error(), "connection refused") || strings.Contains(nErr.Error(), "dial unix") { - return nil, connectionFailed(cli.host) - } - } + if errors.Is(err, os.ErrPermission) { + // Don't include request errors ("Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.51/version"), + // which are irrelevant if we weren't able to connect. + return nil, errConnectionFailed{fmt.Errorf("permission denied while trying to connect to the docker API at %v", cli.host)} + } + if errors.Is(err, os.ErrNotExist) { + // Unwrap the error to remove request errors ("Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.51/version"), + // which are irrelevant if we weren't able to connect. + err = errors.Unwrap(err) + return nil, errConnectionFailed{fmt.Errorf("failed to connect to the docker API at %v; check if the path is correct and if the daemon is running: %w", cli.host, err)} + } + var dnsErr *net.DNSError + if errors.As(err, &dnsErr) { + return nil, errConnectionFailed{fmt.Errorf("failed to connect to the docker API at %v: %w", cli.host, dnsErr)} + } - // Although there's not a strongly typed error for this in go-winio, - // lots of people are using the default configuration for the docker - // daemon on Windows where the daemon is listening on a named pipe - // `//./pipe/docker_engine, and the client must be running elevated. - // Give users a clue rather than the not-overly useful message - // such as `error during connect: Get http://%2F%2F.%2Fpipe%2Fdocker_engine/v1.26/info: - // open //./pipe/docker_engine: The system cannot find the file specified.`. - // Note we can't string compare "The system cannot find the file specified" as - // this is localised - for example in French the error would be - // `open //./pipe/docker_engine: Le fichier spécifié est introuvable.` - if strings.Contains(err.Error(), `open //./pipe/docker_engine`) { - // Checks if client is running with elevated privileges - if f, elevatedErr := os.Open(`\\.\PHYSICALDRIVE0`); elevatedErr != nil { - err = errors.Wrap(err, "in the default daemon configuration on Windows, the docker client must be run with elevated privileges to connect") - } else { - _ = f.Close() - err = errors.Wrap(err, "this error may indicate that the docker daemon is not running") - } + var nErr net.Error + if errors.As(err, &nErr) { + // FIXME(thaJeztah): any net.Error should be considered a connection error (but we should include the original error)? + if nErr.Timeout() { + return nil, connectionFailed(cli.host) + } + if strings.Contains(nErr.Error(), "connection refused") || strings.Contains(nErr.Error(), "dial unix") { + return nil, connectionFailed(cli.host) } + } - return nil, errConnectionFailed{errors.Wrap(err, "error during connect")} + // Although there's not a strongly typed error for this in go-winio, + // lots of people are using the default configuration for the docker + // daemon on Windows where the daemon is listening on a named pipe + // `//./pipe/docker_engine, and the client must be running elevated. + // Give users a clue rather than the not-overly useful message + // such as `error during connect: Get http://%2F%2F.%2Fpipe%2Fdocker_engine/v1.26/info: + // open //./pipe/docker_engine: The system cannot find the file specified.`. + // Note we can't string compare "The system cannot find the file specified" as + // this is localised - for example in French the error would be + // `open //./pipe/docker_engine: Le fichier spécifié est introuvable.` + if strings.Contains(err.Error(), `open //./pipe/docker_engine`) { + // Checks if client is running with elevated privileges + if f, elevatedErr := os.Open(`\\.\PHYSICALDRIVE0`); elevatedErr != nil { + err = fmt.Errorf("in the default daemon configuration on Windows, the docker client must be run with elevated privileges to connect: %w", err) + } else { + _ = f.Close() + err = fmt.Errorf("this error may indicate that the docker daemon is not running: %w", err) + } } - return resp, nil + return nil, errConnectionFailed{fmt.Errorf("error during connect: %w", err)} } -func (cli *Client) checkResponseErr(serverResp *http.Response) (retErr error) { +func checkResponseErr(serverResp *http.Response) (retErr error) { if serverResp == nil { return nil } @@ -235,20 +274,20 @@ func (cli *Client) checkResponseErr(serverResp *http.Response) (retErr error) { var daemonErr error if serverResp.Header.Get("Content-Type") == "application/json" { - var errorResponse types.ErrorResponse + var errorResponse common.ErrorResponse if err := json.Unmarshal(body, &errorResponse); err != nil { - return errors.Wrap(err, "Error reading JSON") + return fmt.Errorf("error reading JSON: %w", err) } if errorResponse.Message == "" { // Error-message is empty, which means that we successfully parsed the // JSON-response (no error produced), but it didn't contain an error // message. This could either be because the response was empty, or // the response was valid JSON, but not with the expected schema - // ([types.ErrorResponse]). + // ([common.ErrorResponse]). // // We cannot use "strict" JSON handling (json.NewDecoder with DisallowUnknownFields) // due to the API using an open schema (we must anticipate fields - // being added to [types.ErrorResponse] in the future, and not + // being added to [common.ErrorResponse] in the future, and not // reject those responses. // // For these cases, we construct an error with the status-code @@ -264,22 +303,18 @@ func (cli *Client) checkResponseErr(serverResp *http.Response) (retErr error) { daemonErr = errors.New(strings.TrimSpace(errorResponse.Message)) } } else { - // Fall back to returning the response as-is for API versions < 1.24 - // that didn't support JSON error responses, and for situations - // where a plain text error is returned. This branch may also catch + // Fall back to returning the response as-is for situations where a + // plain text error is returned. This branch may also catch // situations where a proxy is involved, returning a HTML response. daemonErr = errors.New(strings.TrimSpace(string(body))) } - return errors.Wrap(daemonErr, "Error response from daemon") + return fmt.Errorf("Error response from daemon: %w", daemonErr) } func (cli *Client) addHeaders(req *http.Request, headers http.Header) *http.Request { // Add CLI Config's HTTP Headers BEFORE we set the Docker headers // then the user can't change OUR headers for k, v := range cli.customHTTPHeaders { - if versions.LessThan(cli.version, "1.25") && http.CanonicalHeaderKey(k) == "User-Agent" { - continue - } req.Header.Set(k, v) } @@ -297,14 +332,14 @@ func (cli *Client) addHeaders(req *http.Request, headers http.Header) *http.Requ return req } -func encodeData(data interface{}) (*bytes.Buffer, error) { - params := bytes.NewBuffer(nil) +func jsonEncode(data any) (io.Reader, error) { + var params bytes.Buffer if data != nil { - if err := json.NewEncoder(params).Encode(data); err != nil { + if err := json.NewEncoder(¶ms).Encode(data); err != nil { return nil, err } } - return params, nil + return ¶ms, nil } func ensureReaderClosed(response *http.Response) { diff --git a/vendor/github.com/moby/moby/client/secret_create.go b/vendor/github.com/moby/moby/client/secret_create.go new file mode 100644 index 000000000000..8e59a42ce705 --- /dev/null +++ b/vendor/github.com/moby/moby/client/secret_create.go @@ -0,0 +1,34 @@ +package client + +import ( + "context" + "encoding/json" + + "github.com/moby/moby/api/types/swarm" +) + +// SecretCreateOptions holds options for creating a secret. +type SecretCreateOptions struct { + Spec swarm.SecretSpec +} + +// SecretCreateResult holds the result from the [Client.SecretCreate] method. +type SecretCreateResult struct { + ID string +} + +// SecretCreate creates a new secret. +func (cli *Client) SecretCreate(ctx context.Context, options SecretCreateOptions) (SecretCreateResult, error) { + resp, err := cli.post(ctx, "/secrets/create", nil, options.Spec, nil) + defer ensureReaderClosed(resp) + if err != nil { + return SecretCreateResult{}, err + } + + var out swarm.ConfigCreateResponse + err = json.NewDecoder(resp.Body).Decode(&out) + if err != nil { + return SecretCreateResult{}, err + } + return SecretCreateResult{ID: out.ID}, nil +} diff --git a/vendor/github.com/moby/moby/client/secret_inspect.go b/vendor/github.com/moby/moby/client/secret_inspect.go new file mode 100644 index 000000000000..fefd4cd23dfc --- /dev/null +++ b/vendor/github.com/moby/moby/client/secret_inspect.go @@ -0,0 +1,35 @@ +package client + +import ( + "context" + "encoding/json" + + "github.com/moby/moby/api/types/swarm" +) + +// SecretInspectOptions holds options for inspecting a secret. +type SecretInspectOptions struct { + // Add future optional parameters here +} + +// SecretInspectResult holds the result from the [Client.SecretInspect]. method. +type SecretInspectResult struct { + Secret swarm.Secret + Raw json.RawMessage +} + +// SecretInspect returns the secret information with raw data. +func (cli *Client) SecretInspect(ctx context.Context, id string, options SecretInspectOptions) (SecretInspectResult, error) { + id, err := trimID("secret", id) + if err != nil { + return SecretInspectResult{}, err + } + resp, err := cli.get(ctx, "/secrets/"+id, nil, nil) + if err != nil { + return SecretInspectResult{}, err + } + + var out SecretInspectResult + out.Raw, err = decodeWithRaw(resp, &out.Secret) + return out, err +} diff --git a/vendor/github.com/moby/moby/client/secret_list.go b/vendor/github.com/moby/moby/client/secret_list.go new file mode 100644 index 000000000000..be36955757e7 --- /dev/null +++ b/vendor/github.com/moby/moby/client/secret_list.go @@ -0,0 +1,38 @@ +package client + +import ( + "context" + "encoding/json" + "net/url" + + "github.com/moby/moby/api/types/swarm" +) + +// SecretListOptions holds parameters to list secrets +type SecretListOptions struct { + Filters Filters +} + +// SecretListResult holds the result from the [client.SecretList] method. +type SecretListResult struct { + Items []swarm.Secret +} + +// SecretList returns the list of secrets. +func (cli *Client) SecretList(ctx context.Context, options SecretListOptions) (SecretListResult, error) { + query := url.Values{} + options.Filters.updateURLValues(query) + + resp, err := cli.get(ctx, "/secrets", query, nil) + defer ensureReaderClosed(resp) + if err != nil { + return SecretListResult{}, err + } + + var out SecretListResult + err = json.NewDecoder(resp.Body).Decode(&out.Items) + if err != nil { + return SecretListResult{}, err + } + return out, nil +} diff --git a/vendor/github.com/moby/moby/client/secret_remove.go b/vendor/github.com/moby/moby/client/secret_remove.go new file mode 100644 index 000000000000..8554f3f215c5 --- /dev/null +++ b/vendor/github.com/moby/moby/client/secret_remove.go @@ -0,0 +1,25 @@ +package client + +import "context" + +type SecretRemoveOptions struct { + // Add future optional parameters here +} + +type SecretRemoveResult struct { + // Add future fields here +} + +// SecretRemove removes a secret. +func (cli *Client) SecretRemove(ctx context.Context, id string, options SecretRemoveOptions) (SecretRemoveResult, error) { + id, err := trimID("secret", id) + if err != nil { + return SecretRemoveResult{}, err + } + resp, err := cli.delete(ctx, "/secrets/"+id, nil, nil) + defer ensureReaderClosed(resp) + if err != nil { + return SecretRemoveResult{}, err + } + return SecretRemoveResult{}, nil +} diff --git a/vendor/github.com/moby/moby/client/secret_update.go b/vendor/github.com/moby/moby/client/secret_update.go new file mode 100644 index 000000000000..c88ad110604e --- /dev/null +++ b/vendor/github.com/moby/moby/client/secret_update.go @@ -0,0 +1,32 @@ +package client + +import ( + "context" + "net/url" + + "github.com/moby/moby/api/types/swarm" +) + +// SecretUpdateOptions holds options for updating a secret. +type SecretUpdateOptions struct { + Version swarm.Version + Spec swarm.SecretSpec +} + +type SecretUpdateResult struct{} + +// SecretUpdate attempts to update a secret. +func (cli *Client) SecretUpdate(ctx context.Context, id string, options SecretUpdateOptions) (SecretUpdateResult, error) { + id, err := trimID("secret", id) + if err != nil { + return SecretUpdateResult{}, err + } + query := url.Values{} + query.Set("version", options.Version.String()) + resp, err := cli.post(ctx, "/secrets/"+id+"/update", query, options.Spec, nil) + defer ensureReaderClosed(resp) + if err != nil { + return SecretUpdateResult{}, err + } + return SecretUpdateResult{}, nil +} diff --git a/vendor/github.com/docker/docker/client/service_create.go b/vendor/github.com/moby/moby/client/service_create.go similarity index 64% rename from vendor/github.com/docker/docker/client/service_create.go rename to vendor/github.com/moby/moby/client/service_create.go index db7566a85dbd..204d21816c7c 100644 --- a/vendor/github.com/docker/docker/client/service_create.go +++ b/vendor/github.com/moby/moby/client/service_create.go @@ -3,86 +3,93 @@ package client import ( "context" "encoding/json" + "errors" "fmt" "net/http" "strings" "github.com/distribution/reference" - "github.com/docker/docker/api/types/registry" - "github.com/docker/docker/api/types/swarm" - "github.com/docker/docker/api/types/versions" + "github.com/moby/moby/api/types/registry" + "github.com/moby/moby/api/types/swarm" "github.com/opencontainers/go-digest" - "github.com/pkg/errors" ) -// ServiceCreate creates a new service. -func (cli *Client) ServiceCreate(ctx context.Context, service swarm.ServiceSpec, options swarm.ServiceCreateOptions) (swarm.ServiceCreateResponse, error) { - var response swarm.ServiceCreateResponse +// ServiceCreateOptions contains the options to use when creating a service. +type ServiceCreateOptions struct { + Spec swarm.ServiceSpec - // Make sure we negotiated (if the client is configured to do so), - // as code below contains API-version specific handling of options. + // EncodedRegistryAuth is the encoded registry authorization credentials to + // use when updating the service. // - // Normally, version-negotiation (if enabled) would not happen until - // the API request is made. - if err := cli.checkVersion(ctx); err != nil { - return response, err - } + // This field follows the format of the X-Registry-Auth header. + EncodedRegistryAuth string + + // QueryRegistry indicates whether the service update requires + // contacting a registry. A registry may be contacted to retrieve + // the image digest and manifest, which in turn can be used to update + // platform or other information about the service. + QueryRegistry bool +} + +// ServiceCreateResult represents the result of creating a service. +type ServiceCreateResult struct { + // ID is the ID of the created service. + ID string + // Warnings is a list of warnings that occurred during service creation. + Warnings []string +} + +// ServiceCreate creates a new service. +func (cli *Client) ServiceCreate(ctx context.Context, options ServiceCreateOptions) (ServiceCreateResult, error) { // Make sure containerSpec is not nil when no runtime is set or the runtime is set to container - if service.TaskTemplate.ContainerSpec == nil && (service.TaskTemplate.Runtime == "" || service.TaskTemplate.Runtime == swarm.RuntimeContainer) { - service.TaskTemplate.ContainerSpec = &swarm.ContainerSpec{} + if options.Spec.TaskTemplate.ContainerSpec == nil && (options.Spec.TaskTemplate.Runtime == "" || options.Spec.TaskTemplate.Runtime == swarm.RuntimeContainer) { + options.Spec.TaskTemplate.ContainerSpec = &swarm.ContainerSpec{} } - if err := validateServiceSpec(service); err != nil { - return response, err - } - if versions.LessThan(cli.version, "1.30") { - if err := validateAPIVersion(service, cli.version); err != nil { - return response, err - } + if err := validateServiceSpec(options.Spec); err != nil { + return ServiceCreateResult{}, err } // ensure that the image is tagged - var resolveWarning string + var warnings []string switch { - case service.TaskTemplate.ContainerSpec != nil: - if taggedImg := imageWithTagString(service.TaskTemplate.ContainerSpec.Image); taggedImg != "" { - service.TaskTemplate.ContainerSpec.Image = taggedImg + case options.Spec.TaskTemplate.ContainerSpec != nil: + if taggedImg := imageWithTagString(options.Spec.TaskTemplate.ContainerSpec.Image); taggedImg != "" { + options.Spec.TaskTemplate.ContainerSpec.Image = taggedImg } if options.QueryRegistry { - resolveWarning = resolveContainerSpecImage(ctx, cli, &service.TaskTemplate, options.EncodedRegistryAuth) + resolveWarning := resolveContainerSpecImage(ctx, cli, &options.Spec.TaskTemplate, options.EncodedRegistryAuth) + warnings = append(warnings, resolveWarning) } - case service.TaskTemplate.PluginSpec != nil: - if taggedImg := imageWithTagString(service.TaskTemplate.PluginSpec.Remote); taggedImg != "" { - service.TaskTemplate.PluginSpec.Remote = taggedImg + case options.Spec.TaskTemplate.PluginSpec != nil: + if taggedImg := imageWithTagString(options.Spec.TaskTemplate.PluginSpec.Remote); taggedImg != "" { + options.Spec.TaskTemplate.PluginSpec.Remote = taggedImg } if options.QueryRegistry { - resolveWarning = resolvePluginSpecRemote(ctx, cli, &service.TaskTemplate, options.EncodedRegistryAuth) + resolveWarning := resolvePluginSpecRemote(ctx, cli, &options.Spec.TaskTemplate, options.EncodedRegistryAuth) + warnings = append(warnings, resolveWarning) } } headers := http.Header{} - if versions.LessThan(cli.version, "1.30") { - // the custom "version" header was used by engine API before 20.10 - // (API 1.30) to switch between client- and server-side lookup of - // image digests. - headers["version"] = []string{cli.version} - } if options.EncodedRegistryAuth != "" { headers[registry.AuthHeader] = []string{options.EncodedRegistryAuth} } - resp, err := cli.post(ctx, "/services/create", nil, service, headers) + resp, err := cli.post(ctx, "/services/create", nil, options.Spec, headers) defer ensureReaderClosed(resp) if err != nil { - return response, err + return ServiceCreateResult{}, err } + var response swarm.ServiceCreateResponse err = json.NewDecoder(resp.Body).Decode(&response) - if resolveWarning != "" { - response.Warnings = append(response.Warnings, resolveWarning) - } + warnings = append(warnings, response.Warnings...) - return response, err + return ServiceCreateResult{ + ID: response.ID, + Warnings: warnings, + }, err } func resolveContainerSpecImage(ctx context.Context, cli DistributionAPIClient, taskSpec *swarm.TaskSpec, encodedAuth string) string { @@ -118,7 +125,9 @@ func resolvePluginSpecRemote(ctx context.Context, cli DistributionAPIClient, tas } func imageDigestAndPlatforms(ctx context.Context, cli DistributionAPIClient, image, encodedAuth string) (string, []swarm.Platform, error) { - distributionInspect, err := cli.DistributionInspect(ctx, image, encodedAuth) + distributionInspect, err := cli.DistributionInspect(ctx, image, DistributionInspectOptions{ + EncodedRegistryAuth: encodedAuth, + }) var platforms []swarm.Platform if err != nil { return "", nil, err @@ -154,7 +163,7 @@ func imageDigestAndPlatforms(ctx context.Context, cli DistributionAPIClient, ima func imageWithDigestString(image string, dgst digest.Digest) string { namedRef, err := reference.ParseNormalizedNamed(image) if err == nil { - if _, isCanonical := namedRef.(reference.Canonical); !isCanonical { + if _, hasDigest := namedRef.(reference.Digested); !hasDigest { // ensure that image gets a default tag if none is provided img, err := reference.WithDigest(namedRef, dgst) if err == nil { @@ -195,18 +204,3 @@ func validateServiceSpec(s swarm.ServiceSpec) error { } return nil } - -func validateAPIVersion(c swarm.ServiceSpec, apiVersion string) error { - for _, m := range c.TaskTemplate.ContainerSpec.Mounts { - if m.BindOptions != nil { - if m.BindOptions.NonRecursive && versions.LessThan(apiVersion, "1.40") { - return errors.Errorf("bind-recursive=disabled requires API v1.40 or later") - } - // ReadOnlyNonRecursive can be safely ignored when API < 1.44 - if m.BindOptions.ReadOnlyForceRecursive && versions.LessThan(apiVersion, "1.44") { - return errors.Errorf("bind-recursive=readonly requires API v1.44 or later") - } - } - } - return nil -} diff --git a/vendor/github.com/moby/moby/client/service_inspect.go b/vendor/github.com/moby/moby/client/service_inspect.go new file mode 100644 index 000000000000..9bda43f86164 --- /dev/null +++ b/vendor/github.com/moby/moby/client/service_inspect.go @@ -0,0 +1,40 @@ +package client + +import ( + "context" + "encoding/json" + "fmt" + "net/url" + + "github.com/moby/moby/api/types/swarm" +) + +// ServiceInspectOptions holds parameters related to the service inspect operation. +type ServiceInspectOptions struct { + InsertDefaults bool +} + +// ServiceInspectResult represents the result of a service inspect operation. +type ServiceInspectResult struct { + Service swarm.Service + Raw json.RawMessage +} + +// ServiceInspect retrieves detailed information about a specific service by its ID. +func (cli *Client) ServiceInspect(ctx context.Context, serviceID string, options ServiceInspectOptions) (ServiceInspectResult, error) { + serviceID, err := trimID("service", serviceID) + if err != nil { + return ServiceInspectResult{}, err + } + + query := url.Values{} + query.Set("insertDefaults", fmt.Sprintf("%v", options.InsertDefaults)) + resp, err := cli.get(ctx, "/services/"+serviceID, query, nil) + if err != nil { + return ServiceInspectResult{}, err + } + + var out ServiceInspectResult + out.Raw, err = decodeWithRaw(resp, &out.Service) + return out, err +} diff --git a/vendor/github.com/moby/moby/client/service_list.go b/vendor/github.com/moby/moby/client/service_list.go new file mode 100644 index 000000000000..94b5204be337 --- /dev/null +++ b/vendor/github.com/moby/moby/client/service_list.go @@ -0,0 +1,44 @@ +package client + +import ( + "context" + "encoding/json" + "net/url" + + "github.com/moby/moby/api/types/swarm" +) + +// ServiceListOptions holds parameters to list services with. +type ServiceListOptions struct { + Filters Filters + + // Status indicates whether the server should include the service task + // count of running and desired tasks. + Status bool +} + +// ServiceListResult represents the result of a service list operation. +type ServiceListResult struct { + Items []swarm.Service +} + +// ServiceList returns the list of services. +func (cli *Client) ServiceList(ctx context.Context, options ServiceListOptions) (ServiceListResult, error) { + query := url.Values{} + + options.Filters.updateURLValues(query) + + if options.Status { + query.Set("status", "true") + } + + resp, err := cli.get(ctx, "/services", query, nil) + defer ensureReaderClosed(resp) + if err != nil { + return ServiceListResult{}, err + } + + var services []swarm.Service + err = json.NewDecoder(resp.Body).Decode(&services) + return ServiceListResult{Items: services}, err +} diff --git a/vendor/github.com/moby/moby/client/service_logs.go b/vendor/github.com/moby/moby/client/service_logs.go new file mode 100644 index 000000000000..fd565db5a09b --- /dev/null +++ b/vendor/github.com/moby/moby/client/service_logs.go @@ -0,0 +1,91 @@ +package client + +import ( + "context" + "fmt" + "io" + "net/url" + "time" + + "github.com/moby/moby/client/internal/timestamp" +) + +// ServiceLogsOptions holds parameters to filter logs with. +type ServiceLogsOptions struct { + ShowStdout bool + ShowStderr bool + Since string + Until string + Timestamps bool + Follow bool + Tail string + Details bool +} + +// ServiceLogsResult holds the result of a service logs operation. +// It implements [io.ReadCloser]. +// It's up to the caller to close the stream. +type ServiceLogsResult interface { + io.ReadCloser +} + +// ServiceLogs returns the logs generated by a service in a [ServiceLogsResult]. +// as an [io.ReadCloser]. Callers should close the stream. +// +// The underlying [io.ReadCloser] is automatically closed if the context is canceled, +func (cli *Client) ServiceLogs(ctx context.Context, serviceID string, options ServiceLogsOptions) (ServiceLogsResult, error) { + // TODO(thaJeztah): this function needs documentation about the format of ths stream (similar to for container logs) + // TODO(thaJeztah): migrate CLI utilities to the client where suitable; https://github.com/docker/cli/blob/v29.0.0-rc.1/cli/command/service/logs.go#L73-L348 + + serviceID, err := trimID("service", serviceID) + if err != nil { + return nil, err + } + + query := url.Values{} + if options.ShowStdout { + query.Set("stdout", "1") + } + + if options.ShowStderr { + query.Set("stderr", "1") + } + + if options.Since != "" { + ts, err := timestamp.GetTimestamp(options.Since, time.Now()) + if err != nil { + return nil, fmt.Errorf(`invalid value for "since": %w`, err) + } + query.Set("since", ts) + } + + if options.Timestamps { + query.Set("timestamps", "1") + } + + if options.Details { + query.Set("details", "1") + } + + if options.Follow { + query.Set("follow", "1") + } + query.Set("tail", options.Tail) + + resp, err := cli.get(ctx, "/services/"+serviceID+"/logs", query, nil) + if err != nil { + return nil, err + } + return &serviceLogsResult{ + ReadCloser: newCancelReadCloser(ctx, resp.Body), + }, nil +} + +type serviceLogsResult struct { + io.ReadCloser +} + +var ( + _ io.ReadCloser = (*serviceLogsResult)(nil) + _ ServiceLogsResult = (*serviceLogsResult)(nil) +) diff --git a/vendor/github.com/moby/moby/client/service_remove.go b/vendor/github.com/moby/moby/client/service_remove.go new file mode 100644 index 000000000000..163689b693e1 --- /dev/null +++ b/vendor/github.com/moby/moby/client/service_remove.go @@ -0,0 +1,25 @@ +package client + +import "context" + +// ServiceRemoveOptions contains options for removing a service. +type ServiceRemoveOptions struct { + // No options currently; placeholder for future use +} + +// ServiceRemoveResult contains the result of removing a service. +type ServiceRemoveResult struct { + // No fields currently; placeholder for future use +} + +// ServiceRemove kills and removes a service. +func (cli *Client) ServiceRemove(ctx context.Context, serviceID string, options ServiceRemoveOptions) (ServiceRemoveResult, error) { + serviceID, err := trimID("service", serviceID) + if err != nil { + return ServiceRemoveResult{}, err + } + + resp, err := cli.delete(ctx, "/services/"+serviceID, nil, nil) + defer ensureReaderClosed(resp) + return ServiceRemoveResult{}, err +} diff --git a/vendor/github.com/moby/moby/client/service_update.go b/vendor/github.com/moby/moby/client/service_update.go new file mode 100644 index 000000000000..9e6b52781ee0 --- /dev/null +++ b/vendor/github.com/moby/moby/client/service_update.go @@ -0,0 +1,112 @@ +package client + +import ( + "context" + "encoding/json" + "net/http" + "net/url" + + "github.com/moby/moby/api/types/registry" + "github.com/moby/moby/api/types/swarm" +) + +// ServiceUpdateOptions contains the options to be used for updating services. +type ServiceUpdateOptions struct { + Version swarm.Version + Spec swarm.ServiceSpec + + // EncodedRegistryAuth is the encoded registry authorization credentials to + // use when updating the service. + // + // This field follows the format of the X-Registry-Auth header. + EncodedRegistryAuth string + + // TODO(stevvooe): Consider moving the version parameter of ServiceUpdate + // into this field. While it does open API users up to racy writes, most + // users may not need that level of consistency in practice. + + // RegistryAuthFrom specifies where to find the registry authorization + // credentials if they are not given in EncodedRegistryAuth. Valid + // values are "spec" and "previous-spec". + RegistryAuthFrom swarm.RegistryAuthSource + + // Rollback indicates whether a server-side rollback should be + // performed. When this is set, the provided spec will be ignored. + // The valid values are "previous" and "none". An empty value is the + // same as "none". + Rollback string + + // QueryRegistry indicates whether the service update requires + // contacting a registry. A registry may be contacted to retrieve + // the image digest and manifest, which in turn can be used to update + // platform or other information about the service. + QueryRegistry bool +} + +// ServiceUpdateResult represents the result of a service update. +type ServiceUpdateResult struct { + // Warnings contains any warnings that occurred during the update. + Warnings []string +} + +// ServiceUpdate updates a Service. The version number is required to avoid +// conflicting writes. It must be the value as set *before* the update. +// You can find this value in the [swarm.Service.Meta] field, which can +// be found using [Client.ServiceInspectWithRaw]. +func (cli *Client) ServiceUpdate(ctx context.Context, serviceID string, options ServiceUpdateOptions) (ServiceUpdateResult, error) { + serviceID, err := trimID("service", serviceID) + if err != nil { + return ServiceUpdateResult{}, err + } + + if err := validateServiceSpec(options.Spec); err != nil { + return ServiceUpdateResult{}, err + } + + query := url.Values{} + if options.RegistryAuthFrom != "" { + query.Set("registryAuthFrom", string(options.RegistryAuthFrom)) + } + + if options.Rollback != "" { + query.Set("rollback", options.Rollback) + } + + query.Set("version", options.Version.String()) + + // ensure that the image is tagged + var warnings []string + switch { + case options.Spec.TaskTemplate.ContainerSpec != nil: + if taggedImg := imageWithTagString(options.Spec.TaskTemplate.ContainerSpec.Image); taggedImg != "" { + options.Spec.TaskTemplate.ContainerSpec.Image = taggedImg + } + if options.QueryRegistry { + resolveWarning := resolveContainerSpecImage(ctx, cli, &options.Spec.TaskTemplate, options.EncodedRegistryAuth) + warnings = append(warnings, resolveWarning) + } + case options.Spec.TaskTemplate.PluginSpec != nil: + if taggedImg := imageWithTagString(options.Spec.TaskTemplate.PluginSpec.Remote); taggedImg != "" { + options.Spec.TaskTemplate.PluginSpec.Remote = taggedImg + } + if options.QueryRegistry { + resolveWarning := resolvePluginSpecRemote(ctx, cli, &options.Spec.TaskTemplate, options.EncodedRegistryAuth) + warnings = append(warnings, resolveWarning) + } + } + + headers := http.Header{} + if options.EncodedRegistryAuth != "" { + headers.Set(registry.AuthHeader, options.EncodedRegistryAuth) + } + resp, err := cli.post(ctx, "/services/"+serviceID+"/update", query, options.Spec, headers) + defer ensureReaderClosed(resp) + if err != nil { + return ServiceUpdateResult{}, err + } + + var response swarm.ServiceUpdateResponse + err = json.NewDecoder(resp.Body).Decode(&response) + warnings = append(warnings, response.Warnings...) + return ServiceUpdateResult{Warnings: warnings}, err +} diff --git a/vendor/github.com/moby/moby/client/swarm_get_unlock_key.go b/vendor/github.com/moby/moby/client/swarm_get_unlock_key.go new file mode 100644 index 000000000000..03ecce4094a9 --- /dev/null +++ b/vendor/github.com/moby/moby/client/swarm_get_unlock_key.go @@ -0,0 +1,26 @@ +package client + +import ( + "context" + "encoding/json" + + "github.com/moby/moby/api/types/swarm" +) + +// SwarmGetUnlockKeyResult contains the swarm unlock key. +type SwarmGetUnlockKeyResult struct { + Key string +} + +// SwarmGetUnlockKey retrieves the swarm's unlock key. +func (cli *Client) SwarmGetUnlockKey(ctx context.Context) (SwarmGetUnlockKeyResult, error) { + resp, err := cli.get(ctx, "/swarm/unlockkey", nil, nil) + defer ensureReaderClosed(resp) + if err != nil { + return SwarmGetUnlockKeyResult{}, err + } + + var response swarm.UnlockKeyResponse + err = json.NewDecoder(resp.Body).Decode(&response) + return SwarmGetUnlockKeyResult{Key: response.UnlockKey}, err +} diff --git a/vendor/github.com/moby/moby/client/swarm_init.go b/vendor/github.com/moby/moby/client/swarm_init.go new file mode 100644 index 000000000000..caad560856b5 --- /dev/null +++ b/vendor/github.com/moby/moby/client/swarm_init.go @@ -0,0 +1,54 @@ +package client + +import ( + "context" + "encoding/json" + "net/netip" + + "github.com/moby/moby/api/types/swarm" +) + +// SwarmInitOptions contains options for initializing a new swarm. +type SwarmInitOptions struct { + ListenAddr string + AdvertiseAddr string + DataPathAddr string + DataPathPort uint32 + ForceNewCluster bool + Spec swarm.Spec + AutoLockManagers bool + Availability swarm.NodeAvailability + DefaultAddrPool []netip.Prefix + SubnetSize uint32 +} + +// SwarmInitResult contains the result of a SwarmInit operation. +type SwarmInitResult struct { + NodeID string +} + +// SwarmInit initializes the swarm. +func (cli *Client) SwarmInit(ctx context.Context, options SwarmInitOptions) (SwarmInitResult, error) { + req := swarm.InitRequest{ + ListenAddr: options.ListenAddr, + AdvertiseAddr: options.AdvertiseAddr, + DataPathAddr: options.DataPathAddr, + DataPathPort: options.DataPathPort, + ForceNewCluster: options.ForceNewCluster, + Spec: options.Spec, + AutoLockManagers: options.AutoLockManagers, + Availability: options.Availability, + DefaultAddrPool: options.DefaultAddrPool, + SubnetSize: options.SubnetSize, + } + + resp, err := cli.post(ctx, "/swarm/init", nil, req, nil) + defer ensureReaderClosed(resp) + if err != nil { + return SwarmInitResult{}, err + } + + var nodeID string + err = json.NewDecoder(resp.Body).Decode(&nodeID) + return SwarmInitResult{NodeID: nodeID}, err +} diff --git a/vendor/github.com/moby/moby/client/swarm_inspect.go b/vendor/github.com/moby/moby/client/swarm_inspect.go new file mode 100644 index 000000000000..40e1d018a811 --- /dev/null +++ b/vendor/github.com/moby/moby/client/swarm_inspect.go @@ -0,0 +1,31 @@ +package client + +import ( + "context" + "encoding/json" + + "github.com/moby/moby/api/types/swarm" +) + +// SwarmInspectOptions holds options for inspecting a swarm. +type SwarmInspectOptions struct { + // Add future optional parameters here +} + +// SwarmInspectResult represents the result of a SwarmInspect operation. +type SwarmInspectResult struct { + Swarm swarm.Swarm +} + +// SwarmInspect inspects the swarm. +func (cli *Client) SwarmInspect(ctx context.Context, options SwarmInspectOptions) (SwarmInspectResult, error) { + resp, err := cli.get(ctx, "/swarm", nil, nil) + defer ensureReaderClosed(resp) + if err != nil { + return SwarmInspectResult{}, err + } + + var s swarm.Swarm + err = json.NewDecoder(resp.Body).Decode(&s) + return SwarmInspectResult{Swarm: s}, err +} diff --git a/vendor/github.com/moby/moby/client/swarm_join.go b/vendor/github.com/moby/moby/client/swarm_join.go new file mode 100644 index 000000000000..66a7544821ed --- /dev/null +++ b/vendor/github.com/moby/moby/client/swarm_join.go @@ -0,0 +1,38 @@ +package client + +import ( + "context" + + "github.com/moby/moby/api/types/swarm" +) + +// SwarmJoinOptions specifies options for joining a swarm. +type SwarmJoinOptions struct { + ListenAddr string + AdvertiseAddr string + DataPathAddr string + RemoteAddrs []string + JoinToken string // accept by secret + Availability swarm.NodeAvailability +} + +// SwarmJoinResult contains the result of joining a swarm. +type SwarmJoinResult struct { + // No fields currently; placeholder for future use +} + +// SwarmJoin joins the swarm. +func (cli *Client) SwarmJoin(ctx context.Context, options SwarmJoinOptions) (SwarmJoinResult, error) { + req := swarm.JoinRequest{ + ListenAddr: options.ListenAddr, + AdvertiseAddr: options.AdvertiseAddr, + DataPathAddr: options.DataPathAddr, + RemoteAddrs: options.RemoteAddrs, + JoinToken: options.JoinToken, + Availability: options.Availability, + } + + resp, err := cli.post(ctx, "/swarm/join", nil, req, nil) + defer ensureReaderClosed(resp) + return SwarmJoinResult{}, err +} diff --git a/vendor/github.com/moby/moby/client/swarm_leave.go b/vendor/github.com/moby/moby/client/swarm_leave.go new file mode 100644 index 000000000000..a65a13de3f4c --- /dev/null +++ b/vendor/github.com/moby/moby/client/swarm_leave.go @@ -0,0 +1,25 @@ +package client + +import ( + "context" + "net/url" +) + +// SwarmLeaveOptions contains options for leaving a swarm. +type SwarmLeaveOptions struct { + Force bool +} + +// SwarmLeaveResult represents the result of a SwarmLeave operation. +type SwarmLeaveResult struct{} + +// SwarmLeave leaves the swarm. +func (cli *Client) SwarmLeave(ctx context.Context, options SwarmLeaveOptions) (SwarmLeaveResult, error) { + query := url.Values{} + if options.Force { + query.Set("force", "1") + } + resp, err := cli.post(ctx, "/swarm/leave", query, nil, nil) + defer ensureReaderClosed(resp) + return SwarmLeaveResult{}, err +} diff --git a/vendor/github.com/moby/moby/client/swarm_unlock.go b/vendor/github.com/moby/moby/client/swarm_unlock.go new file mode 100644 index 000000000000..92335afb5467 --- /dev/null +++ b/vendor/github.com/moby/moby/client/swarm_unlock.go @@ -0,0 +1,25 @@ +package client + +import ( + "context" + + "github.com/moby/moby/api/types/swarm" +) + +// SwarmUnlockOptions specifies options for unlocking a swarm. +type SwarmUnlockOptions struct { + Key string +} + +// SwarmUnlockResult represents the result of unlocking a swarm. +type SwarmUnlockResult struct{} + +// SwarmUnlock unlocks locked swarm. +func (cli *Client) SwarmUnlock(ctx context.Context, options SwarmUnlockOptions) (SwarmUnlockResult, error) { + req := &swarm.UnlockRequest{ + UnlockKey: options.Key, + } + resp, err := cli.post(ctx, "/swarm/unlock", nil, req, nil) + defer ensureReaderClosed(resp) + return SwarmUnlockResult{}, err +} diff --git a/vendor/github.com/moby/moby/client/swarm_update.go b/vendor/github.com/moby/moby/client/swarm_update.go new file mode 100644 index 000000000000..81f62b2c0249 --- /dev/null +++ b/vendor/github.com/moby/moby/client/swarm_update.go @@ -0,0 +1,33 @@ +package client + +import ( + "context" + "net/url" + "strconv" + + "github.com/moby/moby/api/types/swarm" +) + +// SwarmUpdateOptions contains options for updating a swarm. +type SwarmUpdateOptions struct { + Version swarm.Version + Spec swarm.Spec + RotateWorkerToken bool + RotateManagerToken bool + RotateManagerUnlockKey bool +} + +// SwarmUpdateResult represents the result of a SwarmUpdate operation. +type SwarmUpdateResult struct{} + +// SwarmUpdate updates the swarm. +func (cli *Client) SwarmUpdate(ctx context.Context, options SwarmUpdateOptions) (SwarmUpdateResult, error) { + query := url.Values{} + query.Set("version", options.Version.String()) + query.Set("rotateWorkerToken", strconv.FormatBool(options.RotateWorkerToken)) + query.Set("rotateManagerToken", strconv.FormatBool(options.RotateManagerToken)) + query.Set("rotateManagerUnlockKey", strconv.FormatBool(options.RotateManagerUnlockKey)) + resp, err := cli.post(ctx, "/swarm/update", query, options.Spec, nil) + defer ensureReaderClosed(resp) + return SwarmUpdateResult{}, err +} diff --git a/vendor/github.com/moby/moby/client/system_disk_usage.go b/vendor/github.com/moby/moby/client/system_disk_usage.go new file mode 100644 index 000000000000..64a369df8f92 --- /dev/null +++ b/vendor/github.com/moby/moby/client/system_disk_usage.go @@ -0,0 +1,332 @@ +package client + +import ( + "context" + "encoding/json" + "fmt" + "net/url" + "slices" + + "github.com/moby/moby/api/types/build" + "github.com/moby/moby/api/types/container" + "github.com/moby/moby/api/types/image" + "github.com/moby/moby/api/types/system" + "github.com/moby/moby/api/types/volume" + "github.com/moby/moby/client/pkg/versions" +) + +// DiskUsageOptions holds parameters for [Client.DiskUsage] operations. +type DiskUsageOptions struct { + // Containers controls whether container disk usage should be computed. + Containers bool + + // Images controls whether image disk usage should be computed. + Images bool + + // BuildCache controls whether build cache disk usage should be computed. + BuildCache bool + + // Volumes controls whether volume disk usage should be computed. + Volumes bool + + // Verbose enables more detailed disk usage information. + Verbose bool +} + +// DiskUsageResult is the result of [Client.DiskUsage] operations. +type DiskUsageResult struct { + // Containers holds container disk usage information. + Containers ContainersDiskUsage + + // Images holds image disk usage information. + Images ImagesDiskUsage + + // BuildCache holds build cache disk usage information. + BuildCache BuildCacheDiskUsage + + // Volumes holds volume disk usage information. + Volumes VolumesDiskUsage +} + +// ContainersDiskUsage contains disk usage information for containers. +type ContainersDiskUsage struct { + // ActiveCount is the number of active containers. + ActiveCount int64 + + // TotalCount is the total number of containers. + TotalCount int64 + + // Reclaimable is the amount of disk space that can be reclaimed. + Reclaimable int64 + + // TotalSize is the total disk space used by all containers. + TotalSize int64 + + // Items holds detailed information about each container. + Items []container.Summary +} + +// ImagesDiskUsage contains disk usage information for images. +type ImagesDiskUsage struct { + // ActiveCount is the number of active images. + ActiveCount int64 + + // TotalCount is the total number of images. + TotalCount int64 + + // Reclaimable is the amount of disk space that can be reclaimed. + Reclaimable int64 + + // TotalSize is the total disk space used by all images. + TotalSize int64 + + // Items holds detailed information about each image. + Items []image.Summary +} + +// VolumesDiskUsage contains disk usage information for volumes. +type VolumesDiskUsage struct { + // ActiveCount is the number of active volumes. + ActiveCount int64 + + // TotalCount is the total number of volumes. + TotalCount int64 + + // Reclaimable is the amount of disk space that can be reclaimed. + Reclaimable int64 + + // TotalSize is the total disk space used by all volumes. + TotalSize int64 + + // Items holds detailed information about each volume. + Items []volume.Volume +} + +// BuildCacheDiskUsage contains disk usage information for build cache. +type BuildCacheDiskUsage struct { + // ActiveCount is the number of active build cache records. + ActiveCount int64 + + // TotalCount is the total number of build cache records. + TotalCount int64 + + // Reclaimable is the amount of disk space that can be reclaimed. + Reclaimable int64 + + // TotalSize is the total disk space used by all build cache records. + TotalSize int64 + + // Items holds detailed information about each build cache record. + Items []build.CacheRecord +} + +// DiskUsage requests the current data usage from the daemon. +func (cli *Client) DiskUsage(ctx context.Context, options DiskUsageOptions) (DiskUsageResult, error) { + query := url.Values{} + + for _, t := range []struct { + flag bool + sysObj system.DiskUsageObject + }{ + {options.Containers, system.ContainerObject}, + {options.Images, system.ImageObject}, + {options.Volumes, system.VolumeObject}, + {options.BuildCache, system.BuildCacheObject}, + } { + if t.flag { + query.Add("type", string(t.sysObj)) + } + } + + if options.Verbose { + query.Set("verbose", "1") + } + + resp, err := cli.get(ctx, "/system/df", query, nil) + defer ensureReaderClosed(resp) + if err != nil { + return DiskUsageResult{}, err + } + + if versions.LessThan(cli.version, "1.52") { + // Generate result from a legacy response. + var du legacyDiskUsage + if err := json.NewDecoder(resp.Body).Decode(&du); err != nil { + return DiskUsageResult{}, fmt.Errorf("retrieving disk usage: %v", err) + } + + return diskUsageResultFromLegacyAPI(&du), nil + } + + var du system.DiskUsage + if err := json.NewDecoder(resp.Body).Decode(&du); err != nil { + return DiskUsageResult{}, fmt.Errorf("retrieving disk usage: %v", err) + } + + var r DiskUsageResult + if idu := du.ImageUsage; idu != nil { + r.Images = ImagesDiskUsage{ + ActiveCount: idu.ActiveCount, + Reclaimable: idu.Reclaimable, + TotalCount: idu.TotalCount, + TotalSize: idu.TotalSize, + } + + if options.Verbose { + r.Images.Items = slices.Clone(idu.Items) + } + } + + if cdu := du.ContainerUsage; cdu != nil { + r.Containers = ContainersDiskUsage{ + ActiveCount: cdu.ActiveCount, + Reclaimable: cdu.Reclaimable, + TotalCount: cdu.TotalCount, + TotalSize: cdu.TotalSize, + } + + if options.Verbose { + r.Containers.Items = slices.Clone(cdu.Items) + } + } + + if bdu := du.BuildCacheUsage; bdu != nil { + r.BuildCache = BuildCacheDiskUsage{ + ActiveCount: bdu.ActiveCount, + Reclaimable: bdu.Reclaimable, + TotalCount: bdu.TotalCount, + TotalSize: bdu.TotalSize, + } + + if options.Verbose { + r.BuildCache.Items = slices.Clone(bdu.Items) + } + } + + if vdu := du.VolumeUsage; vdu != nil { + r.Volumes = VolumesDiskUsage{ + ActiveCount: vdu.ActiveCount, + Reclaimable: vdu.Reclaimable, + TotalCount: vdu.TotalCount, + TotalSize: vdu.TotalSize, + } + + if options.Verbose { + r.Volumes.Items = slices.Clone(vdu.Items) + } + } + + return r, nil +} + +// legacyDiskUsage is the response as was used by API < v1.52. +type legacyDiskUsage struct { + LayersSize int64 `json:"LayersSize,omitempty"` + Images []image.Summary `json:"Images,omitzero"` + Containers []container.Summary `json:"Containers,omitzero"` + Volumes []volume.Volume `json:"Volumes,omitzero"` + BuildCache []build.CacheRecord `json:"BuildCache,omitzero"` +} + +func diskUsageResultFromLegacyAPI(du *legacyDiskUsage) DiskUsageResult { + return DiskUsageResult{ + Images: imageDiskUsageFromLegacyAPI(du), + Containers: containerDiskUsageFromLegacyAPI(du), + BuildCache: buildCacheDiskUsageFromLegacyAPI(du), + Volumes: volumeDiskUsageFromLegacyAPI(du), + } +} + +func imageDiskUsageFromLegacyAPI(du *legacyDiskUsage) ImagesDiskUsage { + idu := ImagesDiskUsage{ + TotalSize: du.LayersSize, + TotalCount: int64(len(du.Images)), + Items: du.Images, + } + + var used int64 + for _, i := range idu.Items { + if i.Containers > 0 { + idu.ActiveCount++ + + if i.Size == -1 || i.SharedSize == -1 { + continue + } + used += (i.Size - i.SharedSize) + } + } + + if idu.TotalCount > 0 { + idu.Reclaimable = idu.TotalSize - used + } + + return idu +} + +func containerDiskUsageFromLegacyAPI(du *legacyDiskUsage) ContainersDiskUsage { + cdu := ContainersDiskUsage{ + TotalCount: int64(len(du.Containers)), + Items: du.Containers, + } + + var used int64 + for _, c := range cdu.Items { + cdu.TotalSize += c.SizeRw + switch c.State { + case container.StateRunning, container.StatePaused, container.StateRestarting: + cdu.ActiveCount++ + used += c.SizeRw + } + } + + cdu.Reclaimable = cdu.TotalSize - used + return cdu +} + +func buildCacheDiskUsageFromLegacyAPI(du *legacyDiskUsage) BuildCacheDiskUsage { + bdu := BuildCacheDiskUsage{ + TotalCount: int64(len(du.BuildCache)), + Items: du.BuildCache, + } + + var used int64 + for _, b := range du.BuildCache { + if !b.Shared { + bdu.TotalSize += b.Size + } + + if b.InUse { + bdu.ActiveCount++ + if !b.Shared { + used += b.Size + } + } + } + + bdu.Reclaimable = bdu.TotalSize - used + return bdu +} + +func volumeDiskUsageFromLegacyAPI(du *legacyDiskUsage) VolumesDiskUsage { + vdu := VolumesDiskUsage{ + TotalCount: int64(len(du.Volumes)), + Items: du.Volumes, + } + + var used int64 + for _, v := range vdu.Items { + // Ignore volumes with no usage data + if v.UsageData != nil { + if v.UsageData.RefCount > 0 { + vdu.ActiveCount++ + used += v.UsageData.Size + } + if v.UsageData.Size > 0 { + vdu.TotalSize += v.UsageData.Size + } + } + } + + vdu.Reclaimable = vdu.TotalSize - used + return vdu +} diff --git a/vendor/github.com/moby/moby/client/system_events.go b/vendor/github.com/moby/moby/client/system_events.go new file mode 100644 index 000000000000..748e01208626 --- /dev/null +++ b/vendor/github.com/moby/moby/client/system_events.go @@ -0,0 +1,114 @@ +package client + +import ( + "context" + "net/http" + "net/url" + "time" + + "github.com/moby/moby/api/types" + "github.com/moby/moby/api/types/events" + "github.com/moby/moby/client/internal" + "github.com/moby/moby/client/internal/timestamp" +) + +// EventsListOptions holds parameters to filter events with. +type EventsListOptions struct { + Since string + Until string + Filters Filters +} + +// EventsResult holds the result of an Events query. +type EventsResult struct { + Messages <-chan events.Message + Err <-chan error +} + +// Events returns a stream of events in the daemon. It's up to the caller to close the stream +// by cancelling the context. Once the stream has been completely read an [io.EOF] error is +// sent over the error channel. If an error is sent, all processing is stopped. It's up +// to the caller to reopen the stream in the event of an error by reinvoking this method. +func (cli *Client) Events(ctx context.Context, options EventsListOptions) EventsResult { + messages := make(chan events.Message) + errs := make(chan error, 1) + + started := make(chan struct{}) + go func() { + defer close(errs) + + query, err := buildEventsQueryParams(options) + if err != nil { + close(started) + errs <- err + return + } + + headers := http.Header{} + headers.Add("Accept", types.MediaTypeJSONSequence) + headers.Add("Accept", types.MediaTypeNDJSON) + resp, err := cli.get(ctx, "/events", query, headers) + if err != nil { + close(started) + errs <- err + return + } + defer resp.Body.Close() + + contentType := resp.Header.Get("Content-Type") + decoder := internal.NewJSONStreamDecoder(resp.Body, contentType) + + close(started) + for { + select { + case <-ctx.Done(): + errs <- ctx.Err() + return + default: + var event events.Message + if err := decoder(&event); err != nil { + errs <- err + return + } + + select { + case messages <- event: + case <-ctx.Done(): + errs <- ctx.Err() + return + } + } + } + }() + <-started + + return EventsResult{ + Messages: messages, + Err: errs, + } +} + +func buildEventsQueryParams(options EventsListOptions) (url.Values, error) { + query := url.Values{} + ref := time.Now() + + if options.Since != "" { + ts, err := timestamp.GetTimestamp(options.Since, ref) + if err != nil { + return nil, err + } + query.Set("since", ts) + } + + if options.Until != "" { + ts, err := timestamp.GetTimestamp(options.Until, ref) + if err != nil { + return nil, err + } + query.Set("until", ts) + } + + options.Filters.updateURLValues(query) + + return query, nil +} diff --git a/vendor/github.com/moby/moby/client/system_info.go b/vendor/github.com/moby/moby/client/system_info.go new file mode 100644 index 000000000000..4c0a2238e17e --- /dev/null +++ b/vendor/github.com/moby/moby/client/system_info.go @@ -0,0 +1,34 @@ +package client + +import ( + "context" + "encoding/json" + "fmt" + "net/url" + + "github.com/moby/moby/api/types/system" +) + +type InfoOptions struct { + // No options currently; placeholder for future use +} + +type SystemInfoResult struct { + Info system.Info +} + +// Info returns information about the docker server. +func (cli *Client) Info(ctx context.Context, options InfoOptions) (SystemInfoResult, error) { + resp, err := cli.get(ctx, "/info", url.Values{}, nil) + defer ensureReaderClosed(resp) + if err != nil { + return SystemInfoResult{}, err + } + + var info system.Info + if err := json.NewDecoder(resp.Body).Decode(&info); err != nil { + return SystemInfoResult{}, fmt.Errorf("Error reading remote info: %v", err) + } + + return SystemInfoResult{Info: info}, nil +} diff --git a/vendor/github.com/moby/moby/client/task_inspect.go b/vendor/github.com/moby/moby/client/task_inspect.go new file mode 100644 index 000000000000..96edcb09f20e --- /dev/null +++ b/vendor/github.com/moby/moby/client/task_inspect.go @@ -0,0 +1,36 @@ +package client + +import ( + "context" + "encoding/json" + + "github.com/moby/moby/api/types/swarm" +) + +// TaskInspectOptions contains options for inspecting a task. +type TaskInspectOptions struct { + // Currently no options are defined. +} + +// TaskInspectResult contains the result of a task inspection. +type TaskInspectResult struct { + Task swarm.Task + Raw json.RawMessage +} + +// TaskInspect returns the task information and its raw representation. +func (cli *Client) TaskInspect(ctx context.Context, taskID string, options TaskInspectOptions) (TaskInspectResult, error) { + taskID, err := trimID("task", taskID) + if err != nil { + return TaskInspectResult{}, err + } + + resp, err := cli.get(ctx, "/tasks/"+taskID, nil, nil) + if err != nil { + return TaskInspectResult{}, err + } + + var out TaskInspectResult + out.Raw, err = decodeWithRaw(resp, &out.Task) + return out, err +} diff --git a/vendor/github.com/moby/moby/client/task_list.go b/vendor/github.com/moby/moby/client/task_list.go new file mode 100644 index 000000000000..5f7c41bb9dcb --- /dev/null +++ b/vendor/github.com/moby/moby/client/task_list.go @@ -0,0 +1,36 @@ +package client + +import ( + "context" + "encoding/json" + "net/url" + + "github.com/moby/moby/api/types/swarm" +) + +// TaskListOptions holds parameters to list tasks with. +type TaskListOptions struct { + Filters Filters +} + +// TaskListResult contains the result of a task list operation. +type TaskListResult struct { + Items []swarm.Task +} + +// TaskList returns the list of tasks. +func (cli *Client) TaskList(ctx context.Context, options TaskListOptions) (TaskListResult, error) { + query := url.Values{} + + options.Filters.updateURLValues(query) + + resp, err := cli.get(ctx, "/tasks", query, nil) + defer ensureReaderClosed(resp) + if err != nil { + return TaskListResult{}, err + } + + var tasks []swarm.Task + err = json.NewDecoder(resp.Body).Decode(&tasks) + return TaskListResult{Items: tasks}, err +} diff --git a/vendor/github.com/moby/moby/client/task_logs.go b/vendor/github.com/moby/moby/client/task_logs.go new file mode 100644 index 000000000000..e4de019f3082 --- /dev/null +++ b/vendor/github.com/moby/moby/client/task_logs.go @@ -0,0 +1,84 @@ +package client + +import ( + "context" + "io" + "net/url" + "time" + + "github.com/moby/moby/client/internal/timestamp" +) + +// TaskLogsOptions holds parameters to filter logs with. +type TaskLogsOptions struct { + ShowStdout bool + ShowStderr bool + Since string + Until string + Timestamps bool + Follow bool + Tail string + Details bool +} + +// TaskLogsResult holds the result of a task logs operation. +// It implements [io.ReadCloser]. +type TaskLogsResult interface { + io.ReadCloser +} + +// TaskLogs returns the logs generated by a service in a [TaskLogsResult]. +// as an [io.ReadCloser]. Callers should close the stream. +// +// The underlying [io.ReadCloser] is automatically closed if the context is canceled, +func (cli *Client) TaskLogs(ctx context.Context, taskID string, options TaskLogsOptions) (TaskLogsResult, error) { + // TODO(thaJeztah): this function needs documentation about the format of ths stream (similar to for container logs) + // TODO(thaJeztah): migrate CLI utilities to the client where suitable; https://github.com/docker/cli/blob/v29.0.0-rc.1/cli/command/service/logs.go#L73-L348 + + query := url.Values{} + if options.ShowStdout { + query.Set("stdout", "1") + } + + if options.ShowStderr { + query.Set("stderr", "1") + } + + if options.Since != "" { + ts, err := timestamp.GetTimestamp(options.Since, time.Now()) + if err != nil { + return nil, err + } + query.Set("since", ts) + } + + if options.Timestamps { + query.Set("timestamps", "1") + } + + if options.Details { + query.Set("details", "1") + } + + if options.Follow { + query.Set("follow", "1") + } + query.Set("tail", options.Tail) + + resp, err := cli.get(ctx, "/tasks/"+taskID+"/logs", query, nil) + if err != nil { + return nil, err + } + return &taskLogsResult{ + ReadCloser: newCancelReadCloser(ctx, resp.Body), + }, nil +} + +type taskLogsResult struct { + io.ReadCloser +} + +var ( + _ io.ReadCloser = (*taskLogsResult)(nil) + _ ContainerLogsResult = (*taskLogsResult)(nil) +) diff --git a/vendor/github.com/docker/docker/client/utils.go b/vendor/github.com/moby/moby/client/utils.go similarity index 62% rename from vendor/github.com/docker/docker/client/utils.go rename to vendor/github.com/moby/moby/client/utils.go index 7b82f185ac58..6a5fc46ea112 100644 --- a/vendor/github.com/docker/docker/client/utils.go +++ b/vendor/github.com/moby/moby/client/utils.go @@ -1,13 +1,17 @@ package client import ( + "bytes" + "context" "encoding/json" + "errors" "fmt" - "net/url" + "io" + "net/http" "strings" + "sync" cerrdefs "github.com/containerd/errdefs" - "github.com/docker/docker/api/types/filters" ocispec "github.com/opencontainers/image-spec/specs-go/v1" ) @@ -28,20 +32,6 @@ func trimID(objType, id string) (string, error) { return id, nil } -// getFiltersQuery returns a url query with "filters" query term, based on the -// filters provided. -func getFiltersQuery(f filters.Args) (url.Values, error) { - query := url.Values{} - if f.Len() > 0 { - filterJSON, err := filters.ToJSON(f) - if err != nil { - return query, err - } - query.Set("filters", filterJSON) - } - return query, nil -} - // encodePlatforms marshals the given platform(s) to JSON format, to // be used for query-parameters for filtering / selecting platforms. func encodePlatforms(platform ...ocispec.Platform) ([]string, error) { @@ -81,3 +71,37 @@ func encodePlatform(platform *ocispec.Platform) (string, error) { } return string(p), nil } + +func decodeWithRaw[T any](resp *http.Response, out *T) (raw json.RawMessage, _ error) { + if resp == nil || resp.Body == nil { + return nil, errors.New("empty response") + } + defer ensureReaderClosed(resp) + + var buf bytes.Buffer + tr := io.TeeReader(resp.Body, &buf) + err := json.NewDecoder(tr).Decode(out) + if err != nil { + return nil, err + } + return buf.Bytes(), nil +} + +// newCancelReadCloser wraps rc so it's automatically closed when ctx is canceled. +// Close is idempotent and returns the first error from rc.Close. +func newCancelReadCloser(ctx context.Context, rc io.ReadCloser) io.ReadCloser { + crc := &cancelReadCloser{ + rc: rc, + close: sync.OnceValue(rc.Close), + } + context.AfterFunc(ctx, func() { _ = crc.Close() }) + return crc +} + +type cancelReadCloser struct { + rc io.ReadCloser + close func() error +} + +func (c *cancelReadCloser) Read(p []byte) (int, error) { return c.rc.Read(p) } +func (c *cancelReadCloser) Close() error { return c.close() } diff --git a/vendor/github.com/moby/moby/client/version.go b/vendor/github.com/moby/moby/client/version.go new file mode 100644 index 000000000000..7fa5a3fa0926 --- /dev/null +++ b/vendor/github.com/moby/moby/client/version.go @@ -0,0 +1,81 @@ +package client + +import ( + "context" + "encoding/json" + + "github.com/moby/moby/api/types/system" +) + +// ServerVersionOptions specifies options for the server version request. +type ServerVersionOptions struct { + // Currently no options are supported. +} + +// ServerVersionResult contains information about the Docker server host. +type ServerVersionResult struct { + // Platform is the platform (product name) the server is running on. + Platform PlatformInfo + + // Version is the version of the daemon. + Version string + + // APIVersion is the highest API version supported by the server. + APIVersion string + + // MinAPIVersion is the minimum API version the server supports. + MinAPIVersion string + + // Os is the operating system the server runs on. + Os string + + // Arch is the hardware architecture the server runs on. + Arch string + + // Experimental indicates that the daemon runs with experimental + // features enabled. + // + // Deprecated: this field will be removed in the next version. + Experimental bool + + // Components contains version information for the components making + // up the server. Information in this field is for informational + // purposes, and not part of the API contract. + Components []system.ComponentVersion +} + +// PlatformInfo holds information about the platform (product name) the +// server is running on. +type PlatformInfo struct { + // Name is the name of the platform (for example, "Docker Engine - Community", + // or "Docker Desktop 4.49.0 (208003)") + Name string +} + +// ServerVersion returns information of the Docker server host. +func (cli *Client) ServerVersion(ctx context.Context, _ ServerVersionOptions) (ServerVersionResult, error) { + resp, err := cli.get(ctx, "/version", nil, nil) + defer ensureReaderClosed(resp) + if err != nil { + return ServerVersionResult{}, err + } + + var v system.VersionResponse + err = json.NewDecoder(resp.Body).Decode(&v) + if err != nil { + return ServerVersionResult{}, err + } + + return ServerVersionResult{ + Platform: PlatformInfo{ + Name: v.Platform.Name, + }, + Version: v.Version, + APIVersion: v.APIVersion, + MinAPIVersion: v.MinAPIVersion, + Os: v.Os, + Arch: v.Arch, + Experimental: v.Experimental, //nolint:staticcheck // ignore deprecated field. + Components: v.Components, + }, nil +} diff --git a/vendor/github.com/moby/moby/client/volume_create.go b/vendor/github.com/moby/moby/client/volume_create.go new file mode 100644 index 000000000000..674e06335727 --- /dev/null +++ b/vendor/github.com/moby/moby/client/volume_create.go @@ -0,0 +1,42 @@ +package client + +import ( + "context" + "encoding/json" + + "github.com/moby/moby/api/types/volume" +) + +// VolumeCreateOptions specifies the options to create a volume. +type VolumeCreateOptions struct { + Name string + Driver string + DriverOpts map[string]string + Labels map[string]string + ClusterVolumeSpec *volume.ClusterVolumeSpec +} + +// VolumeCreateResult is the result of a volume creation. +type VolumeCreateResult struct { + Volume volume.Volume +} + +// VolumeCreate creates a volume in the docker host. +func (cli *Client) VolumeCreate(ctx context.Context, options VolumeCreateOptions) (VolumeCreateResult, error) { + createRequest := volume.CreateRequest{ + Name: options.Name, + Driver: options.Driver, + DriverOpts: options.DriverOpts, + Labels: options.Labels, + ClusterVolumeSpec: options.ClusterVolumeSpec, + } + resp, err := cli.post(ctx, "/volumes/create", nil, createRequest, nil) + defer ensureReaderClosed(resp) + if err != nil { + return VolumeCreateResult{}, err + } + + var v volume.Volume + err = json.NewDecoder(resp.Body).Decode(&v) + return VolumeCreateResult{Volume: v}, err +} diff --git a/vendor/github.com/moby/moby/client/volume_inspect.go b/vendor/github.com/moby/moby/client/volume_inspect.go new file mode 100644 index 000000000000..cf00236a2a88 --- /dev/null +++ b/vendor/github.com/moby/moby/client/volume_inspect.go @@ -0,0 +1,36 @@ +package client + +import ( + "context" + "encoding/json" + + "github.com/moby/moby/api/types/volume" +) + +// VolumeInspectOptions holds options for inspecting a volume. +type VolumeInspectOptions struct { + // Add future optional parameters here +} + +// VolumeInspectResult holds the result from the [Client.VolumeInspect] method. +type VolumeInspectResult struct { + Volume volume.Volume + Raw json.RawMessage +} + +// VolumeInspect returns the information about a specific volume in the docker host. +func (cli *Client) VolumeInspect(ctx context.Context, volumeID string, options VolumeInspectOptions) (VolumeInspectResult, error) { + volumeID, err := trimID("volume", volumeID) + if err != nil { + return VolumeInspectResult{}, err + } + + resp, err := cli.get(ctx, "/volumes/"+volumeID, nil, nil) + if err != nil { + return VolumeInspectResult{}, err + } + + var out VolumeInspectResult + out.Raw, err = decodeWithRaw(resp, &out.Volume) + return out, err +} diff --git a/vendor/github.com/moby/moby/client/volume_list.go b/vendor/github.com/moby/moby/client/volume_list.go new file mode 100644 index 000000000000..989a0292ec29 --- /dev/null +++ b/vendor/github.com/moby/moby/client/volume_list.go @@ -0,0 +1,46 @@ +package client + +import ( + "context" + "encoding/json" + "net/url" + + "github.com/moby/moby/api/types/volume" +) + +// VolumeListOptions holds parameters to list volumes. +type VolumeListOptions struct { + Filters Filters +} + +// VolumeListResult holds the result from the [Client.VolumeList] method. +type VolumeListResult struct { + // List of volumes. + Items []volume.Volume + + // Warnings that occurred when fetching the list of volumes. + Warnings []string +} + +// VolumeList returns the volumes configured in the docker host. +func (cli *Client) VolumeList(ctx context.Context, options VolumeListOptions) (VolumeListResult, error) { + query := url.Values{} + + options.Filters.updateURLValues(query) + resp, err := cli.get(ctx, "/volumes", query, nil) + defer ensureReaderClosed(resp) + if err != nil { + return VolumeListResult{}, err + } + + var apiResp volume.ListResponse + err = json.NewDecoder(resp.Body).Decode(&apiResp) + if err != nil { + return VolumeListResult{}, err + } + + return VolumeListResult{ + Items: apiResp.Volumes, + Warnings: apiResp.Warnings, + }, nil +} diff --git a/vendor/github.com/moby/moby/client/volume_prune.go b/vendor/github.com/moby/moby/client/volume_prune.go new file mode 100644 index 000000000000..561e328d7367 --- /dev/null +++ b/vendor/github.com/moby/moby/client/volume_prune.go @@ -0,0 +1,55 @@ +package client + +import ( + "context" + "encoding/json" + "fmt" + "net/url" + + "github.com/containerd/errdefs" + "github.com/moby/moby/api/types/volume" +) + +// VolumePruneOptions holds parameters to prune volumes. +type VolumePruneOptions struct { + // All controls whether named volumes should also be pruned. By + // default, only anonymous volumes are pruned. + All bool + + // Filters to apply when pruning. + Filters Filters +} + +// VolumePruneResult holds the result from the [Client.VolumePrune] method. +type VolumePruneResult struct { + Report volume.PruneReport +} + +// VolumePrune requests the daemon to delete unused data +func (cli *Client) VolumePrune(ctx context.Context, options VolumePruneOptions) (VolumePruneResult, error) { + if options.All { + if _, ok := options.Filters["all"]; ok { + return VolumePruneResult{}, errdefs.ErrInvalidArgument.WithMessage(`conflicting options: cannot specify both "all" and "all" filter`) + } + if options.Filters == nil { + options.Filters = Filters{} + } + options.Filters.Add("all", "true") + } + + query := url.Values{} + options.Filters.updateURLValues(query) + + resp, err := cli.post(ctx, "/volumes/prune", query, nil, nil) + defer ensureReaderClosed(resp) + if err != nil { + return VolumePruneResult{}, err + } + + var report volume.PruneReport + if err := json.NewDecoder(resp.Body).Decode(&report); err != nil { + return VolumePruneResult{}, fmt.Errorf("error retrieving volume prune report: %v", err) + } + + return VolumePruneResult{Report: report}, nil +} diff --git a/vendor/github.com/moby/moby/client/volume_remove.go b/vendor/github.com/moby/moby/client/volume_remove.go new file mode 100644 index 000000000000..0449e08d4a27 --- /dev/null +++ b/vendor/github.com/moby/moby/client/volume_remove.go @@ -0,0 +1,36 @@ +package client + +import ( + "context" + "net/url" +) + +// VolumeRemoveOptions holds options for [Client.VolumeRemove]. +type VolumeRemoveOptions struct { + // Force the removal of the volume + Force bool +} + +// VolumeRemoveResult holds the result of [Client.VolumeRemove], +type VolumeRemoveResult struct { + // Add future fields here. +} + +// VolumeRemove removes a volume from the docker host. +func (cli *Client) VolumeRemove(ctx context.Context, volumeID string, options VolumeRemoveOptions) (VolumeRemoveResult, error) { + volumeID, err := trimID("volume", volumeID) + if err != nil { + return VolumeRemoveResult{}, err + } + + query := url.Values{} + if options.Force { + query.Set("force", "1") + } + resp, err := cli.delete(ctx, "/volumes/"+volumeID, query, nil) + defer ensureReaderClosed(resp) + if err != nil { + return VolumeRemoveResult{}, err + } + return VolumeRemoveResult{}, nil +} diff --git a/vendor/github.com/moby/moby/client/volume_update.go b/vendor/github.com/moby/moby/client/volume_update.go new file mode 100644 index 000000000000..5aa2a0aa170b --- /dev/null +++ b/vendor/github.com/moby/moby/client/volume_update.go @@ -0,0 +1,40 @@ +package client + +import ( + "context" + "net/url" + + "github.com/moby/moby/api/types/swarm" + "github.com/moby/moby/api/types/volume" +) + +// VolumeUpdateOptions holds options for [Client.VolumeUpdate]. +type VolumeUpdateOptions struct { + Version swarm.Version + // Spec is the ClusterVolumeSpec to update the volume to. + Spec *volume.ClusterVolumeSpec `json:"Spec,omitempty"` +} + +// VolumeUpdateResult holds the result of [Client.VolumeUpdate], +type VolumeUpdateResult struct { + // Add future fields here. +} + +// VolumeUpdate updates a volume. This only works for Cluster Volumes, and +// only some fields can be updated. +func (cli *Client) VolumeUpdate(ctx context.Context, volumeID string, options VolumeUpdateOptions) (VolumeUpdateResult, error) { + volumeID, err := trimID("volume", volumeID) + if err != nil { + return VolumeUpdateResult{}, err + } + + query := url.Values{} + query.Set("version", options.Version.String()) + + resp, err := cli.put(ctx, "/volumes/"+volumeID, query, options, nil) + defer ensureReaderClosed(resp) + if err != nil { + return VolumeUpdateResult{}, err + } + return VolumeUpdateResult{}, nil +} diff --git a/vendor/modules.txt b/vendor/modules.txt index 66fd3e7b3c7f..9e162f81ee52 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -219,7 +219,7 @@ github.com/davecgh/go-spew/spew # github.com/distribution/reference v0.6.0 ## explicit; go 1.20 github.com/distribution/reference -# github.com/docker/cli v28.5.1+incompatible +# github.com/docker/cli v29.0.0+incompatible ## explicit github.com/docker/cli/cli github.com/docker/cli/cli-plugins/metadata @@ -257,38 +257,14 @@ github.com/docker/cli-docs-tool github.com/docker/cli-docs-tool/annotation # github.com/docker/distribution v2.8.3+incompatible ## explicit -# github.com/docker/docker v28.5.1+incompatible +# github.com/docker/docker v28.5.2+incompatible ## explicit -github.com/docker/docker/api -github.com/docker/docker/api/types -github.com/docker/docker/api/types/blkiodev -github.com/docker/docker/api/types/build -github.com/docker/docker/api/types/checkpoint -github.com/docker/docker/api/types/common -github.com/docker/docker/api/types/container -github.com/docker/docker/api/types/events -github.com/docker/docker/api/types/filters -github.com/docker/docker/api/types/image -github.com/docker/docker/api/types/mount -github.com/docker/docker/api/types/network -github.com/docker/docker/api/types/registry -github.com/docker/docker/api/types/storage -github.com/docker/docker/api/types/strslice -github.com/docker/docker/api/types/swarm -github.com/docker/docker/api/types/swarm/runtime -github.com/docker/docker/api/types/system -github.com/docker/docker/api/types/time -github.com/docker/docker/api/types/versions -github.com/docker/docker/api/types/volume -github.com/docker/docker/client -github.com/docker/docker/pkg/jsonmessage github.com/docker/docker/pkg/namesgenerator -github.com/docker/docker/pkg/stdcopy # github.com/docker/docker-credential-helpers v0.9.3 ## explicit; go 1.21 github.com/docker/docker-credential-helpers/client github.com/docker/docker-credential-helpers/credentials -# github.com/docker/go-connections v0.5.0 +# github.com/docker/go-connections v0.6.0 ## explicit; go 1.18 github.com/docker/go-connections/nat github.com/docker/go-connections/sockets @@ -303,7 +279,7 @@ github.com/emicklei/go-restful/v3/log # github.com/felixge/httpsnoop v1.0.4 ## explicit; go 1.13 github.com/felixge/httpsnoop -# github.com/fvbommel/sortorder v1.0.1 +# github.com/fvbommel/sortorder v1.1.0 ## explicit; go 1.13 github.com/fvbommel/sortorder # github.com/fxamacker/cbor/v2 v2.9.0 @@ -366,6 +342,8 @@ github.com/google/shlex # github.com/google/uuid v1.6.0 ## explicit github.com/google/uuid +# github.com/gorilla/mux v1.7.0 +## explicit # github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674 ## explicit; go 1.20 github.com/gorilla/websocket @@ -544,6 +522,36 @@ github.com/moby/go-archive/tarheader # github.com/moby/locker v1.0.1 ## explicit; go 1.13 github.com/moby/locker +# github.com/moby/moby/api v1.52.0 +## explicit; go 1.24.0 +github.com/moby/moby/api/pkg/authconfig +github.com/moby/moby/api/pkg/stdcopy +github.com/moby/moby/api/types +github.com/moby/moby/api/types/blkiodev +github.com/moby/moby/api/types/build +github.com/moby/moby/api/types/checkpoint +github.com/moby/moby/api/types/common +github.com/moby/moby/api/types/container +github.com/moby/moby/api/types/events +github.com/moby/moby/api/types/image +github.com/moby/moby/api/types/jsonstream +github.com/moby/moby/api/types/mount +github.com/moby/moby/api/types/network +github.com/moby/moby/api/types/plugin +github.com/moby/moby/api/types/registry +github.com/moby/moby/api/types/storage +github.com/moby/moby/api/types/swarm +github.com/moby/moby/api/types/system +github.com/moby/moby/api/types/volume +# github.com/moby/moby/client v0.1.0 +## explicit; go 1.24.0 +github.com/moby/moby/client +github.com/moby/moby/client/internal +github.com/moby/moby/client/internal/timestamp +github.com/moby/moby/client/pkg/jsonmessage +github.com/moby/moby/client/pkg/security +github.com/moby/moby/client/pkg/stringid +github.com/moby/moby/client/pkg/versions # github.com/moby/patternmatcher v0.6.0 ## explicit; go 1.19 github.com/moby/patternmatcher @@ -659,8 +667,6 @@ github.com/spf13/pflag github.com/stretchr/testify/assert github.com/stretchr/testify/assert/yaml github.com/stretchr/testify/require -# github.com/theupdateframework/notary v0.7.0 -## explicit; go 1.12 # github.com/tonistiigi/dchapes-mode v0.0.0-20250318174251-73d941a28323 ## explicit; go 1.21 github.com/tonistiigi/dchapes-mode