mirror of
https://github.com/moby/moby.git
synced 2026-01-12 03:01:38 +00:00
Compare commits
16 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
4e04130911 | ||
|
|
f5cacc257a | ||
|
|
89c5e8fd66 | ||
|
|
9b93878308 | ||
|
|
6178456763 | ||
|
|
0cae4e5c8f | ||
|
|
33cc06f616 | ||
|
|
d525277410 | ||
|
|
2fbc51b4f8 | ||
|
|
bd98008c07 | ||
|
|
19675151a3 | ||
|
|
44896604b8 | ||
|
|
d24eab928b | ||
|
|
b651c094e2 | ||
|
|
df58dd519b | ||
|
|
f822c9f39c |
2
.github/workflows/.test-unit.yml
vendored
2
.github/workflows/.test-unit.yml
vendored
@@ -16,7 +16,7 @@ on:
|
||||
workflow_call:
|
||||
|
||||
env:
|
||||
GO_VERSION: "1.24.8"
|
||||
GO_VERSION: "1.24.9"
|
||||
GOTESTLIST_VERSION: v0.3.1
|
||||
TESTSTAT_VERSION: v0.1.25
|
||||
SETUP_BUILDX_VERSION: edge
|
||||
|
||||
2
.github/workflows/.test.yml
vendored
2
.github/workflows/.test.yml
vendored
@@ -21,7 +21,7 @@ on:
|
||||
default: "graphdriver"
|
||||
|
||||
env:
|
||||
GO_VERSION: "1.24.8"
|
||||
GO_VERSION: "1.24.9"
|
||||
GOTESTLIST_VERSION: v0.3.1
|
||||
TESTSTAT_VERSION: v0.1.25
|
||||
ITG_CLI_MATRIX_SIZE: 6
|
||||
|
||||
2
.github/workflows/.windows.yml
vendored
2
.github/workflows/.windows.yml
vendored
@@ -28,7 +28,7 @@ on:
|
||||
default: false
|
||||
|
||||
env:
|
||||
GO_VERSION: "1.24.8"
|
||||
GO_VERSION: "1.24.9"
|
||||
GOTESTLIST_VERSION: v0.3.1
|
||||
TESTSTAT_VERSION: v0.1.25
|
||||
WINDOWS_BASE_IMAGE: mcr.microsoft.com/windows/servercore
|
||||
|
||||
2
.github/workflows/arm64.yml
vendored
2
.github/workflows/arm64.yml
vendored
@@ -23,7 +23,7 @@ on:
|
||||
pull_request:
|
||||
|
||||
env:
|
||||
GO_VERSION: "1.24.8"
|
||||
GO_VERSION: "1.24.9"
|
||||
TESTSTAT_VERSION: v0.1.25
|
||||
DESTDIR: ./build
|
||||
SETUP_BUILDX_VERSION: edge
|
||||
|
||||
2
.github/workflows/buildkit.yml
vendored
2
.github/workflows/buildkit.yml
vendored
@@ -23,7 +23,7 @@ on:
|
||||
pull_request:
|
||||
|
||||
env:
|
||||
GO_VERSION: "1.24.8"
|
||||
GO_VERSION: "1.24.9"
|
||||
DESTDIR: ./build
|
||||
SETUP_BUILDX_VERSION: edge
|
||||
SETUP_BUILDKIT_IMAGE: moby/buildkit:latest
|
||||
|
||||
2
.github/workflows/codeql.yml
vendored
2
.github/workflows/codeql.yml
vendored
@@ -33,7 +33,7 @@ on:
|
||||
- cron: '0 9 * * 4'
|
||||
|
||||
env:
|
||||
GO_VERSION: "1.24.8"
|
||||
GO_VERSION: "1.24.9"
|
||||
|
||||
jobs:
|
||||
codeql:
|
||||
|
||||
2
.github/workflows/test.yml
vendored
2
.github/workflows/test.yml
vendored
@@ -23,7 +23,7 @@ on:
|
||||
pull_request:
|
||||
|
||||
env:
|
||||
GO_VERSION: "1.24.8"
|
||||
GO_VERSION: "1.24.9"
|
||||
GIT_PAGER: "cat"
|
||||
PAGER: "cat"
|
||||
SETUP_BUILDX_VERSION: edge
|
||||
|
||||
@@ -3,7 +3,7 @@ version: "2"
|
||||
run:
|
||||
# prevent golangci-lint from deducting the go version to lint for through go.mod,
|
||||
# which causes it to fallback to go1.17 semantics.
|
||||
go: "1.24.8"
|
||||
go: "1.24.9"
|
||||
concurrency: 2
|
||||
# Only supported with go modules enabled (build flag -mod=vendor only valid when using modules)
|
||||
# modules-download-mode: vendor
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# syntax=docker/dockerfile:1
|
||||
|
||||
ARG GO_VERSION=1.24.8
|
||||
ARG GO_VERSION=1.24.9
|
||||
ARG BASE_DEBIAN_DISTRO="bookworm"
|
||||
ARG GOLANG_IMAGE="golang:${GO_VERSION}-${BASE_DEBIAN_DISTRO}"
|
||||
ARG XX_VERSION=1.6.1
|
||||
@@ -171,7 +171,7 @@ RUN git init . && git remote add origin "https://github.com/containerd/container
|
||||
# When updating the binary version you may also need to update the vendor
|
||||
# version to pick up bug fixes or new APIs, however, usually the Go packages
|
||||
# are built from a commit from the master branch.
|
||||
ARG CONTAINERD_VERSION=v1.7.28
|
||||
ARG CONTAINERD_VERSION=v1.7.29
|
||||
RUN git fetch -q --depth 1 origin "${CONTAINERD_VERSION}" +refs/tags/*:refs/tags/* && git checkout -q FETCH_HEAD
|
||||
|
||||
FROM base AS containerd-build
|
||||
@@ -260,9 +260,8 @@ WORKDIR /usr/src/runc
|
||||
RUN git init . && git remote add origin "https://github.com/opencontainers/runc.git"
|
||||
# RUNC_VERSION should match the version that is used by the containerd version
|
||||
# that is used. If you need to update runc, open a pull request in the containerd
|
||||
# project first, and update both after that is merged. When updating RUNC_VERSION,
|
||||
# consider updating runc in vendor.mod accordingly.
|
||||
ARG RUNC_VERSION=v1.3.0
|
||||
# project first, and update both after that is merged.
|
||||
ARG RUNC_VERSION=v1.3.3
|
||||
RUN git fetch -q --depth 1 origin "${RUNC_VERSION}" +refs/tags/*:refs/tags/* && git checkout -q FETCH_HEAD
|
||||
|
||||
FROM base AS runc-build
|
||||
|
||||
@@ -5,7 +5,7 @@
|
||||
|
||||
# This represents the bare minimum required to build and test Docker.
|
||||
|
||||
ARG GO_VERSION=1.24.8
|
||||
ARG GO_VERSION=1.24.9
|
||||
|
||||
ARG BASE_DEBIAN_DISTRO="bookworm"
|
||||
ARG GOLANG_IMAGE="golang:${GO_VERSION}-${BASE_DEBIAN_DISTRO}"
|
||||
|
||||
@@ -161,14 +161,14 @@ FROM ${WINDOWS_BASE_IMAGE}:${WINDOWS_BASE_IMAGE_TAG}
|
||||
# Use PowerShell as the default shell
|
||||
SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
|
||||
|
||||
ARG GO_VERSION=1.24.8
|
||||
ARG GO_VERSION=1.24.9
|
||||
|
||||
# GOTESTSUM_VERSION is the version of gotest.tools/gotestsum to install.
|
||||
ARG GOTESTSUM_VERSION=v1.12.3
|
||||
|
||||
# GOWINRES_VERSION is the version of go-winres to install.
|
||||
ARG GOWINRES_VERSION=v0.3.3
|
||||
ARG CONTAINERD_VERSION=v1.7.28
|
||||
ARG CONTAINERD_VERSION=v1.7.29
|
||||
|
||||
# Environment variable notes:
|
||||
# - GO_VERSION must be consistent with 'Dockerfile' used by Linux.
|
||||
|
||||
@@ -2653,14 +2653,6 @@ definitions:
|
||||
description: |
|
||||
Unique ID of the build cache record.
|
||||
example: "ndlpt0hhvkqcdfkputsk4cq9c"
|
||||
Parent:
|
||||
description: |
|
||||
ID of the parent build cache record.
|
||||
|
||||
> **Deprecated**: This field is deprecated, and omitted if empty.
|
||||
type: "string"
|
||||
x-nullable: true
|
||||
example: ""
|
||||
Parents:
|
||||
description: |
|
||||
List of parent build cache record IDs.
|
||||
|
||||
@@ -9,13 +9,20 @@
|
||||
# * Either one of slirp4netns (>= v0.4.0), VPNKit, lxc-user-nic needs to be installed.
|
||||
#
|
||||
# Recognized environment variables:
|
||||
# * DOCKERD_ROOTLESS_ROOTLESSKIT_STATE_DIR=DIR: the rootlesskit state dir. Defaults to "$XDG_RUNTIME_DIR/dockerd-rootless".
|
||||
# * DOCKERD_ROOTLESS_ROOTLESSKIT_NET=(slirp4netns|vpnkit|pasta|lxc-user-nic): the rootlesskit network driver. Defaults to "slirp4netns" if slirp4netns (>= v0.4.0) is installed. Otherwise defaults to "vpnkit".
|
||||
# * DOCKERD_ROOTLESS_ROOTLESSKIT_MTU=NUM: the MTU value for the rootlesskit network driver. Defaults to 65520 for slirp4netns, 1500 for other drivers.
|
||||
# * DOCKERD_ROOTLESS_ROOTLESSKIT_PORT_DRIVER=(builtin|slirp4netns|implicit): the rootlesskit port driver. Defaults to "builtin".
|
||||
# * DOCKERD_ROOTLESS_ROOTLESSKIT_SLIRP4NETNS_SANDBOX=(auto|true|false): whether to protect slirp4netns with a dedicated mount namespace. Defaults to "auto".
|
||||
# * DOCKERD_ROOTLESS_ROOTLESSKIT_SLIRP4NETNS_SECCOMP=(auto|true|false): whether to protect slirp4netns with seccomp. Defaults to "auto".
|
||||
# * DOCKERD_ROOTLESS_ROOTLESSKIT_DISABLE_HOST_LOOPBACK=(true|false): prohibit connections to 127.0.0.1 on the host (including via 10.0.2.2, in the case of slirp4netns). Defaults to "true".
|
||||
# * DOCKERD_ROOTLESS_ROOTLESSKIT_STATE_DIR=DIR: the rootlesskit state dir.
|
||||
# * Defaults to "$XDG_RUNTIME_DIR/dockerd-rootless".
|
||||
# * DOCKERD_ROOTLESS_ROOTLESSKIT_NET=(slirp4netns|vpnkit|pasta|lxc-user-nic): the rootlesskit network driver.
|
||||
# * Defaults to "slirp4netns" if slirp4netns (>= v0.4.0) is installed, else "pasta", else "vpnkit".
|
||||
# * DOCKERD_ROOTLESS_ROOTLESSKIT_MTU=NUM: the MTU value for the rootlesskit network driver.
|
||||
# * Defaults to 65520 for slirp4netns and pasta, 1500 for other rootlesskit network drivers.
|
||||
# * DOCKERD_ROOTLESS_ROOTLESSKIT_PORT_DRIVER=(builtin|slirp4netns|implicit): the rootlesskit port driver.
|
||||
# * Defaults to "implicit" for "pasta", "builtin" for other rootlesskit network drivers.
|
||||
# * DOCKERD_ROOTLESS_ROOTLESSKIT_SLIRP4NETNS_SANDBOX=(auto|true|false): whether to protect slirp4netns with a dedicated mount namespace.
|
||||
# * Defaults to "auto".
|
||||
# * DOCKERD_ROOTLESS_ROOTLESSKIT_SLIRP4NETNS_SECCOMP=(auto|true|false): whether to protect slirp4netns with seccomp.
|
||||
# * Defaults to "auto".
|
||||
# * DOCKERD_ROOTLESS_ROOTLESSKIT_DISABLE_HOST_LOOPBACK=(true|false): prohibit connections to 127.0.0.1 on the host (including via 10.0.2.2, in the case of slirp4netns).
|
||||
# * Defaults to "true".
|
||||
|
||||
# To apply an environment variable via systemd, create ~/.config/systemd/user/docker.service.d/override.conf as follows,
|
||||
# and run `systemctl --user daemon-reload && systemctl --user restart docker`:
|
||||
@@ -93,35 +100,53 @@ fi
|
||||
: "${DOCKERD_ROOTLESS_ROOTLESSKIT_STATE_DIR:=$XDG_RUNTIME_DIR/dockerd-rootless}"
|
||||
: "${DOCKERD_ROOTLESS_ROOTLESSKIT_NET:=}"
|
||||
: "${DOCKERD_ROOTLESS_ROOTLESSKIT_MTU:=}"
|
||||
: "${DOCKERD_ROOTLESS_ROOTLESSKIT_PORT_DRIVER:=builtin}"
|
||||
: "${DOCKERD_ROOTLESS_ROOTLESSKIT_PORT_DRIVER:=}"
|
||||
: "${DOCKERD_ROOTLESS_ROOTLESSKIT_SLIRP4NETNS_SANDBOX:=auto}"
|
||||
: "${DOCKERD_ROOTLESS_ROOTLESSKIT_SLIRP4NETNS_SECCOMP:=auto}"
|
||||
: "${DOCKERD_ROOTLESS_ROOTLESSKIT_DISABLE_HOST_LOOPBACK:=}"
|
||||
net=$DOCKERD_ROOTLESS_ROOTLESSKIT_NET
|
||||
port_driver=$DOCKERD_ROOTLESS_ROOTLESSKIT_PORT_DRIVER
|
||||
mtu=$DOCKERD_ROOTLESS_ROOTLESSKIT_MTU
|
||||
if [ -z "$net" ]; then
|
||||
if command -v slirp4netns > /dev/null 2>&1; then
|
||||
# If --netns-type is present in --help, slirp4netns is >= v0.4.0.
|
||||
if slirp4netns --help | grep -qw -- --netns-type; then
|
||||
net=slirp4netns
|
||||
if [ -z "$mtu" ]; then
|
||||
mtu=65520
|
||||
fi
|
||||
else
|
||||
echo "slirp4netns found but seems older than v0.4.0. Falling back to VPNKit."
|
||||
echo "slirp4netns found but seems older than v0.4.0. Checking for other network drivers."
|
||||
fi
|
||||
fi
|
||||
if [ -z "$net" ]; then
|
||||
if command -v pasta > /dev/null 2>&1; then
|
||||
net=pasta
|
||||
fi
|
||||
fi
|
||||
if [ -z "$net" ]; then
|
||||
if command -v vpnkit > /dev/null 2>&1; then
|
||||
net=vpnkit
|
||||
else
|
||||
echo "Either slirp4netns (>= v0.4.0) or vpnkit needs to be installed"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
if [ -z "$net" ]; then
|
||||
echo "One of slirp4netns (>= v0.4.0), pasta (passt >= 2023_12_04), or vpnkit needs to be installed"
|
||||
fi
|
||||
fi
|
||||
if [ "$net" = host ]; then
|
||||
echo "Unsupported RootlessKit network driver: $net"
|
||||
exit 1
|
||||
fi
|
||||
if [ -z "$mtu" ]; then
|
||||
mtu=1500
|
||||
if [ "$net" = slirp4netns -o "$net" = pasta ]; then
|
||||
mtu=65520
|
||||
else
|
||||
mtu=1500
|
||||
fi
|
||||
fi
|
||||
if [ -z "$port_driver" ]; then
|
||||
if [ "$net" = pasta ]; then
|
||||
port_driver=implicit
|
||||
else
|
||||
port_driver=builtin
|
||||
fi
|
||||
fi
|
||||
|
||||
host_loopback="--disable-host-loopback"
|
||||
@@ -156,7 +181,7 @@ if [ -z "$_DOCKERD_ROOTLESS_CHILD" ]; then
|
||||
--net=$net --mtu=$mtu \
|
||||
--slirp4netns-sandbox=$DOCKERD_ROOTLESS_ROOTLESSKIT_SLIRP4NETNS_SANDBOX \
|
||||
--slirp4netns-seccomp=$DOCKERD_ROOTLESS_ROOTLESSKIT_SLIRP4NETNS_SECCOMP \
|
||||
$host_loopback --port-driver=$DOCKERD_ROOTLESS_ROOTLESSKIT_PORT_DRIVER \
|
||||
$host_loopback --port-driver=$port_driver \
|
||||
--copy-up=/etc --copy-up=/run \
|
||||
--propagation=rslave \
|
||||
$DOCKERD_ROOTLESS_ROOTLESSKIT_FLAGS \
|
||||
|
||||
@@ -2619,14 +2619,6 @@ definitions:
|
||||
description: |
|
||||
Unique ID of the build cache record.
|
||||
example: "ndlpt0hhvkqcdfkputsk4cq9c"
|
||||
Parent:
|
||||
description: |
|
||||
ID of the parent build cache record.
|
||||
|
||||
> **Deprecated**: This field is deprecated, and omitted if empty.
|
||||
type: "string"
|
||||
x-nullable: true
|
||||
example: ""
|
||||
Parents:
|
||||
description: |
|
||||
List of parent build cache record IDs.
|
||||
|
||||
@@ -2650,14 +2650,6 @@ definitions:
|
||||
description: |
|
||||
Unique ID of the build cache record.
|
||||
example: "ndlpt0hhvkqcdfkputsk4cq9c"
|
||||
Parent:
|
||||
description: |
|
||||
ID of the parent build cache record.
|
||||
|
||||
> **Deprecated**: This field is deprecated, and omitted if empty.
|
||||
type: "string"
|
||||
x-nullable: true
|
||||
example: ""
|
||||
Parents:
|
||||
description: |
|
||||
List of parent build cache record IDs.
|
||||
|
||||
@@ -2661,14 +2661,6 @@ definitions:
|
||||
description: |
|
||||
Unique ID of the build cache record.
|
||||
example: "ndlpt0hhvkqcdfkputsk4cq9c"
|
||||
Parent:
|
||||
description: |
|
||||
ID of the parent build cache record.
|
||||
|
||||
> **Deprecated**: This field is deprecated, and omitted if empty.
|
||||
type: "string"
|
||||
x-nullable: true
|
||||
example: ""
|
||||
Parents:
|
||||
description: |
|
||||
List of parent build cache record IDs.
|
||||
|
||||
@@ -2647,14 +2647,6 @@ definitions:
|
||||
description: |
|
||||
Unique ID of the build cache record.
|
||||
example: "ndlpt0hhvkqcdfkputsk4cq9c"
|
||||
Parent:
|
||||
description: |
|
||||
ID of the parent build cache record.
|
||||
|
||||
> **Deprecated**: This field is deprecated, and omitted if empty.
|
||||
type: "string"
|
||||
x-nullable: true
|
||||
example: ""
|
||||
Parents:
|
||||
description: |
|
||||
List of parent build cache record IDs.
|
||||
|
||||
@@ -2693,14 +2693,6 @@ definitions:
|
||||
description: |
|
||||
Unique ID of the build cache record.
|
||||
example: "ndlpt0hhvkqcdfkputsk4cq9c"
|
||||
Parent:
|
||||
description: |
|
||||
ID of the parent build cache record.
|
||||
|
||||
> **Deprecated**: This field is deprecated, and omitted if empty.
|
||||
type: "string"
|
||||
x-nullable: true
|
||||
example: ""
|
||||
Parents:
|
||||
description: |
|
||||
List of parent build cache record IDs.
|
||||
|
||||
@@ -2711,14 +2711,6 @@ definitions:
|
||||
description: |
|
||||
Unique ID of the build cache record.
|
||||
example: "ndlpt0hhvkqcdfkputsk4cq9c"
|
||||
Parent:
|
||||
description: |
|
||||
ID of the parent build cache record.
|
||||
|
||||
> **Deprecated**: This field is deprecated, and omitted if empty.
|
||||
type: "string"
|
||||
x-nullable: true
|
||||
example: ""
|
||||
Parents:
|
||||
description: |
|
||||
List of parent build cache record IDs.
|
||||
|
||||
@@ -2812,14 +2812,6 @@ definitions:
|
||||
description: |
|
||||
Unique ID of the build cache record.
|
||||
example: "ndlpt0hhvkqcdfkputsk4cq9c"
|
||||
Parent:
|
||||
description: |
|
||||
ID of the parent build cache record.
|
||||
|
||||
> **Deprecated**: This field is deprecated, and omitted if empty.
|
||||
type: "string"
|
||||
x-nullable: true
|
||||
example: ""
|
||||
Parents:
|
||||
description: |
|
||||
List of parent build cache record IDs.
|
||||
|
||||
@@ -2812,14 +2812,6 @@ definitions:
|
||||
description: |
|
||||
Unique ID of the build cache record.
|
||||
example: "ndlpt0hhvkqcdfkputsk4cq9c"
|
||||
Parent:
|
||||
description: |
|
||||
ID of the parent build cache record.
|
||||
|
||||
> **Deprecated**: This field is deprecated, and omitted if empty.
|
||||
type: "string"
|
||||
x-nullable: true
|
||||
example: ""
|
||||
Parents:
|
||||
description: |
|
||||
List of parent build cache record IDs.
|
||||
|
||||
@@ -2644,14 +2644,6 @@ definitions:
|
||||
description: |
|
||||
Unique ID of the build cache record.
|
||||
example: "ndlpt0hhvkqcdfkputsk4cq9c"
|
||||
Parent:
|
||||
description: |
|
||||
ID of the parent build cache record.
|
||||
|
||||
> **Deprecated**: This field is deprecated, and omitted if empty.
|
||||
type: "string"
|
||||
x-nullable: true
|
||||
example: ""
|
||||
Parents:
|
||||
description: |
|
||||
List of parent build cache record IDs.
|
||||
|
||||
@@ -2653,14 +2653,6 @@ definitions:
|
||||
description: |
|
||||
Unique ID of the build cache record.
|
||||
example: "ndlpt0hhvkqcdfkputsk4cq9c"
|
||||
Parent:
|
||||
description: |
|
||||
ID of the parent build cache record.
|
||||
|
||||
> **Deprecated**: This field is deprecated, and omitted if empty.
|
||||
type: "string"
|
||||
x-nullable: true
|
||||
example: ""
|
||||
Parents:
|
||||
description: |
|
||||
List of parent build cache record IDs.
|
||||
|
||||
@@ -19,9 +19,6 @@ if [[ "${buildkit_ref}" == *-*-* ]]; then
|
||||
buildkit_ref=$(curl -s "https://api.github.com/repos/${buildkit_repo}/commits/${buildkit_ref}" | jq -r .sha)
|
||||
fi
|
||||
|
||||
# https://github.com/moby/buildkit/pull/6278
|
||||
buildkit_ref="1030099b27bd3455bf7e5d5fe73b6be5dbec3c1f"
|
||||
|
||||
cat << EOF
|
||||
BUILDKIT_REPO=$buildkit_repo
|
||||
BUILDKIT_REF=$buildkit_ref
|
||||
|
||||
@@ -15,7 +15,7 @@ set -e
|
||||
# the binary version you may also need to update the vendor version to pick up
|
||||
# bug fixes or new APIs, however, usually the Go packages are built from a
|
||||
# commit from the master branch.
|
||||
: "${CONTAINERD_VERSION:=v1.7.28}"
|
||||
: "${CONTAINERD_VERSION:=v1.7.29}"
|
||||
|
||||
install_containerd() (
|
||||
echo "Install containerd version $CONTAINERD_VERSION"
|
||||
|
||||
@@ -7,9 +7,7 @@ set -e
|
||||
# The version of runc should match the version that is used by the containerd
|
||||
# version that is used. If you need to update runc, open a pull request in
|
||||
# the containerd project first, and update both after that is merged.
|
||||
#
|
||||
# When updating RUNC_VERSION, consider updating runc in vendor.mod accordingly
|
||||
: "${RUNC_VERSION:=v1.3.0}"
|
||||
: "${RUNC_VERSION:=v1.3.3}"
|
||||
|
||||
install_runc() {
|
||||
RUNC_BUILDTAGS="${RUNC_BUILDTAGS:-"seccomp"}"
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# syntax=docker/dockerfile:1
|
||||
|
||||
ARG GO_VERSION=1.24.8
|
||||
ARG GO_VERSION=1.24.9
|
||||
ARG BASE_DEBIAN_DISTRO="bookworm"
|
||||
ARG PROTOC_VERSION=3.11.4
|
||||
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# syntax=docker/dockerfile:1
|
||||
|
||||
ARG GO_VERSION=1.24.8
|
||||
ARG GO_VERSION=1.24.9
|
||||
ARG GOVULNCHECK_VERSION=v1.1.4
|
||||
ARG FORMAT=text
|
||||
|
||||
|
||||
@@ -33,7 +33,18 @@ func (s *DockerCLIBuildSuite) TestBuildResourceConstraintsAreUsed(c *testing.T)
|
||||
RUN ["/hello"]
|
||||
`))
|
||||
cli.Docker(
|
||||
cli.Args("build", "--no-cache", "--rm=false", "--memory=64m", "--memory-swap=-1", "--cpuset-cpus=0", "--cpuset-mems=0", "--cpu-shares=100", "--cpu-quota=8000", "--ulimit", "nofile=42", "--label="+buildLabel, "-t", name, "."),
|
||||
cli.Args("build",
|
||||
"--no-cache",
|
||||
"--rm=false",
|
||||
"--memory=64m",
|
||||
"--memory-swap=-1",
|
||||
"--cpuset-cpus=0",
|
||||
"--cpuset-mems=0",
|
||||
"--cpu-shares=100",
|
||||
"--cpu-quota=8000",
|
||||
"--ulimit", "nofile=50",
|
||||
"--label="+buildLabel,
|
||||
"-t", name, "."),
|
||||
cli.InDir(ctx.Dir),
|
||||
).Assert(c, icmd.Success)
|
||||
|
||||
@@ -63,7 +74,7 @@ func (s *DockerCLIBuildSuite) TestBuildResourceConstraintsAreUsed(c *testing.T)
|
||||
assert.Equal(c, c1.CPUShares, int64(100), "resource constraints not set properly for CPUShares")
|
||||
assert.Equal(c, c1.CPUQuota, int64(8000), "resource constraints not set properly for CPUQuota")
|
||||
assert.Equal(c, c1.Ulimits[0].Name, "nofile", "resource constraints not set properly for Ulimits")
|
||||
assert.Equal(c, c1.Ulimits[0].Hard, int64(42), "resource constraints not set properly for Ulimits")
|
||||
assert.Equal(c, c1.Ulimits[0].Hard, int64(50), "resource constraints not set properly for Ulimits")
|
||||
|
||||
// Make sure constraints aren't saved to image
|
||||
cli.DockerCmd(c, "run", "--name=test", name)
|
||||
|
||||
@@ -391,7 +391,7 @@ func deleteInterface(t *testing.T, ifName string) {
|
||||
}
|
||||
|
||||
func (s *DockerDaemonSuite) TestDaemonUlimitDefaults(c *testing.T) {
|
||||
s.d.StartWithBusybox(testutil.GetContext(c), c, "--default-ulimit", "nofile=42:42", "--default-ulimit", "nproc=1024:1024")
|
||||
s.d.StartWithBusybox(testutil.GetContext(c), c, "--default-ulimit", "nofile=50:50", "--default-ulimit", "nproc=1024:1024")
|
||||
|
||||
out, err := s.d.Cmd("run", "--ulimit", "nproc=2048", "--name=test", "busybox", "/bin/sh", "-c", "echo $(ulimit -n); echo $(ulimit -u)")
|
||||
if err != nil {
|
||||
@@ -405,15 +405,15 @@ func (s *DockerDaemonSuite) TestDaemonUlimitDefaults(c *testing.T) {
|
||||
nofile := strings.TrimSpace(outArr[0])
|
||||
nproc := strings.TrimSpace(outArr[1])
|
||||
|
||||
if nofile != "42" {
|
||||
c.Fatalf("expected `ulimit -n` to be `42`, got: %s", nofile)
|
||||
if nofile != "50" {
|
||||
c.Fatalf("expected `ulimit -n` to be `50`, got: %s", nofile)
|
||||
}
|
||||
if nproc != "2048" {
|
||||
c.Fatalf("expected `ulimit -u` to be 2048, got: %s", nproc)
|
||||
}
|
||||
|
||||
// Now restart daemon with a new default
|
||||
s.d.Restart(c, "--default-ulimit", "nofile=43")
|
||||
s.d.Restart(c, "--default-ulimit", "nofile=50")
|
||||
|
||||
out, err = s.d.Cmd("start", "-a", "test")
|
||||
if err != nil {
|
||||
@@ -427,8 +427,8 @@ func (s *DockerDaemonSuite) TestDaemonUlimitDefaults(c *testing.T) {
|
||||
nofile = strings.TrimSpace(outArr[0])
|
||||
nproc = strings.TrimSpace(outArr[1])
|
||||
|
||||
if nofile != "43" {
|
||||
c.Fatalf("expected `ulimit -n` to be `43`, got: %s", nofile)
|
||||
if nofile != "50" {
|
||||
c.Fatalf("expected `ulimit -n` to be `50`, got: %s", nofile)
|
||||
}
|
||||
if nproc != "2048" {
|
||||
c.Fatalf("expected `ulimit -u` to be 2048, got: %s", nproc)
|
||||
|
||||
@@ -3099,10 +3099,10 @@ func (s *DockerCLIRunSuite) TestRunWithUlimits(c *testing.T) {
|
||||
// Not applicable on Windows as uses Unix specific functionality
|
||||
testRequires(c, DaemonIsLinux)
|
||||
|
||||
out := cli.DockerCmd(c, "run", "--name=testulimits", "--ulimit", "nofile=42", "busybox", "/bin/sh", "-c", "ulimit -n").Combined()
|
||||
out := cli.DockerCmd(c, "run", "--name=testulimits", "--ulimit", "nofile=50", "busybox", "/bin/sh", "-c", "ulimit -n").Combined()
|
||||
ul := strings.TrimSpace(out)
|
||||
if ul != "42" {
|
||||
c.Fatalf("expected `ulimit -n` to be 42, got %s", ul)
|
||||
if ul != "50" {
|
||||
c.Fatalf("expected `ulimit -n` to be 50, got %s", ul)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -3924,13 +3924,13 @@ func (s *DockerDaemonSuite) TestRunWithUlimitAndDaemonDefault(c *testing.T) {
|
||||
assert.NilError(c, err)
|
||||
assert.Assert(c, is.Contains(out, "[nofile=65535:65535]"))
|
||||
name = "test-B"
|
||||
_, err = d.Cmd("run", "--name", name, "--ulimit=nofile=42", "-d", "busybox", "top")
|
||||
_, err = d.Cmd("run", "--name", name, "--ulimit=nofile=50", "-d", "busybox", "top")
|
||||
assert.NilError(c, err)
|
||||
assert.NilError(c, d.WaitRun(name))
|
||||
|
||||
out, err = d.Cmd("inspect", "--format", "{{.HostConfig.Ulimits}}", name)
|
||||
assert.NilError(c, err)
|
||||
assert.Assert(c, is.Contains(out, "[nofile=42:42]"))
|
||||
assert.Assert(c, is.Contains(out, "[nofile=50:50]"))
|
||||
}
|
||||
|
||||
func (s *DockerCLIRunSuite) TestRunStoppedLoggingDriverNoLeak(c *testing.T) {
|
||||
|
||||
@@ -62,7 +62,7 @@ require (
|
||||
github.com/miekg/dns v1.1.66
|
||||
github.com/mistifyio/go-zfs/v3 v3.0.1
|
||||
github.com/mitchellh/copystructure v1.2.0
|
||||
github.com/moby/buildkit v0.25.1
|
||||
github.com/moby/buildkit v0.25.2
|
||||
github.com/moby/docker-image-spec v1.3.1
|
||||
github.com/moby/go-archive v0.1.0
|
||||
github.com/moby/ipvs v1.1.0
|
||||
|
||||
@@ -383,8 +383,8 @@ github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:F
|
||||
github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ=
|
||||
github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw=
|
||||
github.com/mndrix/tap-go v0.0.0-20171203230836-629fa407e90b/go.mod h1:pzzDgJWZ34fGzaAZGFW22KVZDfyrYW+QABMrWnJBnSs=
|
||||
github.com/moby/buildkit v0.25.1 h1:j7IlVkeNbEo+ZLoxdudYCHpmTsbwKvhgc/6UJ/mY/o8=
|
||||
github.com/moby/buildkit v0.25.1/go.mod h1:phM8sdqnvgK2y1dPDnbwI6veUCXHOZ6KFSl6E164tkc=
|
||||
github.com/moby/buildkit v0.25.2 h1:mReLKDPv05cqk6o/u3ixq2/iTsWGHoUO5Zg3lojrQTk=
|
||||
github.com/moby/buildkit v0.25.2/go.mod h1:phM8sdqnvgK2y1dPDnbwI6veUCXHOZ6KFSl6E164tkc=
|
||||
github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0=
|
||||
github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo=
|
||||
github.com/moby/go-archive v0.1.0 h1:Kk/5rdW/g+H8NHdJW2gsXyZ7UnzvJNOy6VKJqueWdcQ=
|
||||
|
||||
2
vendor/modules.txt
vendored
2
vendor/modules.txt
vendored
@@ -757,7 +757,7 @@ github.com/mitchellh/hashstructure/v2
|
||||
# github.com/mitchellh/reflectwalk v1.0.2
|
||||
## explicit
|
||||
github.com/mitchellh/reflectwalk
|
||||
# github.com/moby/buildkit v0.25.1
|
||||
# github.com/moby/buildkit v0.25.2
|
||||
## explicit; go 1.24.0
|
||||
github.com/moby/buildkit/api/services/control
|
||||
github.com/moby/buildkit/api/types
|
||||
|
||||
Reference in New Issue
Block a user