vendor: github.com/docker/cli v24.0.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
pull/1806/head
Sebastiaan van Stijn 2 years ago
parent 75ad5d732b
commit 8c86c2242a
No known key found for this signature in database
GPG Key ID: 76698F39D527CE8C

@ -11,7 +11,7 @@ require (
github.com/containerd/continuity v0.3.0 github.com/containerd/continuity v0.3.0
github.com/containerd/typeurl/v2 v2.1.0 github.com/containerd/typeurl/v2 v2.1.0
github.com/distribution/distribution/v3 v3.0.0-20230214150026-36d8c594d7aa github.com/distribution/distribution/v3 v3.0.0-20230214150026-36d8c594d7aa
github.com/docker/cli v23.0.6+incompatible github.com/docker/cli v24.0.0+incompatible
github.com/docker/cli-docs-tool v0.5.1 github.com/docker/cli-docs-tool v0.5.1
github.com/docker/distribution v2.8.2+incompatible github.com/docker/distribution v2.8.2+incompatible
github.com/docker/docker v24.0.0+incompatible github.com/docker/docker v24.0.0+incompatible

@ -165,8 +165,8 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/distribution/distribution/v3 v3.0.0-20230214150026-36d8c594d7aa h1:L9Ay/slwQ4ERSPaurC+TVkZrM0K98GNrEEo1En3e8as= github.com/distribution/distribution/v3 v3.0.0-20230214150026-36d8c594d7aa h1:L9Ay/slwQ4ERSPaurC+TVkZrM0K98GNrEEo1En3e8as=
github.com/distribution/distribution/v3 v3.0.0-20230214150026-36d8c594d7aa/go.mod h1:WHNsWjnIn2V1LYOrME7e8KxSeKunYHsxEm4am0BUtcI= github.com/distribution/distribution/v3 v3.0.0-20230214150026-36d8c594d7aa/go.mod h1:WHNsWjnIn2V1LYOrME7e8KxSeKunYHsxEm4am0BUtcI=
github.com/docker/cli v23.0.6+incompatible h1:CScadyCJ2ZKUDpAMZta6vK8I+6/m60VIjGIV7Wg/Eu4= github.com/docker/cli v24.0.0+incompatible h1:0+1VshNwBQzQAx9lOl+OYCTCEAD8fKs/qeXMx3O0wqM=
github.com/docker/cli v23.0.6+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/cli v24.0.0+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
github.com/docker/cli-docs-tool v0.5.1 h1:jIk/cCZurZERhALPVKhqlNxTQGxn2kcI+56gE57PQXg= github.com/docker/cli-docs-tool v0.5.1 h1:jIk/cCZurZERhALPVKhqlNxTQGxn2kcI+56gE57PQXg=
github.com/docker/cli-docs-tool v0.5.1/go.mod h1:zMjqTFCU361PRh8apiXzeAZ1Q/xupbIwTusYpzCXS/o= github.com/docker/cli-docs-tool v0.5.1/go.mod h1:zMjqTFCU361PRh8apiXzeAZ1Q/xupbIwTusYpzCXS/o=
github.com/docker/distribution v2.8.2+incompatible h1:T3de5rq0dB1j30rp0sA2rER+m322EBzniBPB6ZIzuh8= github.com/docker/distribution v2.8.2+incompatible h1:T3de5rq0dB1j30rp0sA2rER+m322EBzniBPB6ZIzuh8=

@ -23,6 +23,7 @@ type Metadata struct {
// URL is a pointer to the plugin's homepage. // URL is a pointer to the plugin's homepage.
URL string `json:",omitempty"` URL string `json:",omitempty"`
// Experimental specifies whether the plugin is experimental. // Experimental specifies whether the plugin is experimental.
//
// Deprecated: experimental features are now always enabled in the CLI // Deprecated: experimental features are now always enabled in the CLI
Experimental bool `json:",omitempty"` Experimental bool `json:",omitempty"`
} }

@ -426,7 +426,7 @@ func invalidPluginReason(cmd *cobra.Command) string {
return cmd.Annotations[pluginmanager.CommandAnnotationPluginInvalid] return cmd.Annotations[pluginmanager.CommandAnnotationPluginInvalid]
} }
var usageTemplate = `Usage: const usageTemplate = `Usage:
{{- if not .HasSubCommands}} {{.UseLine}}{{end}} {{- if not .HasSubCommands}} {{.UseLine}}{{end}}
{{- if .HasSubCommands}} {{ .CommandPath}}{{- if .HasAvailableFlags}} [OPTIONS]{{end}} COMMAND{{end}} {{- if .HasSubCommands}} {{ .CommandPath}}{{- if .HasAvailableFlags}} [OPTIONS]{{end}} COMMAND{{end}}
@ -525,5 +525,5 @@ Run '{{.CommandPath}} COMMAND --help' for more information on a command.
{{- end}} {{- end}}
` `
var helpTemplate = ` const helpTemplate = `
{{if or .Runnable .HasSubCommands}}{{.UsageString}}{{end}}` {{if or .Runnable .HasSubCommands}}{{.UsageString}}{{end}}`

@ -48,9 +48,7 @@ type Streams interface {
// Cli represents the docker command line client. // Cli represents the docker command line client.
type Cli interface { type Cli interface {
Client() client.APIClient Client() client.APIClient
Out() *streams.Out Streams
Err() io.Writer
In() *streams.In
SetIn(in *streams.In) SetIn(in *streams.In)
Apply(ops ...DockerCliOption) error Apply(ops ...DockerCliOption) error
ConfigFile() *configfile.ConfigFile ConfigFile() *configfile.ConfigFile
@ -191,7 +189,7 @@ func (cli *DockerCli) ManifestStore() manifeststore.Store {
// RegistryClient returns a client for communicating with a Docker distribution // RegistryClient returns a client for communicating with a Docker distribution
// registry // registry
func (cli *DockerCli) RegistryClient(allowInsecure bool) registryclient.RegistryClient { func (cli *DockerCli) RegistryClient(allowInsecure bool) registryclient.RegistryClient {
resolver := func(ctx context.Context, index *registry.IndexInfo) types.AuthConfig { resolver := func(ctx context.Context, index *registry.IndexInfo) registry.AuthConfig {
return ResolveAuthConfig(ctx, cli, index) return ResolveAuthConfig(ctx, cli, index)
} }
return registryclient.NewRegistryClient(resolver, UserAgent(), allowInsecure) return registryclient.NewRegistryClient(resolver, UserAgent(), allowInsecure)

@ -3,8 +3,6 @@ package command
import ( import (
"bufio" "bufio"
"context" "context"
"encoding/base64"
"encoding/json"
"fmt" "fmt"
"io" "io"
"os" "os"
@ -21,20 +19,11 @@ import (
"github.com/pkg/errors" "github.com/pkg/errors"
) )
// ElectAuthServer returns the default registry to use. // EncodeAuthToBase64 serializes the auth configuration as JSON base64 payload.
// //
// Deprecated: use [registry.IndexServer] instead. // Deprecated: use [registrytypes.EncodeAuthConfig] instead.
func ElectAuthServer(_ context.Context, _ Cli) string { func EncodeAuthToBase64(authConfig registrytypes.AuthConfig) (string, error) {
return registry.IndexServer return registrytypes.EncodeAuthConfig(authConfig)
}
// EncodeAuthToBase64 serializes the auth configuration as JSON base64 payload
func EncodeAuthToBase64(authConfig types.AuthConfig) (string, error) {
buf, err := json.Marshal(authConfig)
if err != nil {
return "", err
}
return base64.URLEncoding.EncodeToString(buf), nil
} }
// RegistryAuthenticationPrivilegedFunc returns a RequestPrivilegeFunc from the specified registry index info // RegistryAuthenticationPrivilegedFunc returns a RequestPrivilegeFunc from the specified registry index info
@ -52,7 +41,7 @@ func RegistryAuthenticationPrivilegedFunc(cli Cli, index *registrytypes.IndexInf
if err != nil { if err != nil {
return "", err return "", err
} }
return EncodeAuthToBase64(authConfig) return registrytypes.EncodeAuthConfig(authConfig)
} }
} }
@ -62,19 +51,19 @@ func RegistryAuthenticationPrivilegedFunc(cli Cli, index *registrytypes.IndexInf
// //
// It is similar to [registry.ResolveAuthConfig], but uses the credentials- // It is similar to [registry.ResolveAuthConfig], but uses the credentials-
// store, instead of looking up credentials from a map. // store, instead of looking up credentials from a map.
func ResolveAuthConfig(_ context.Context, cli Cli, index *registrytypes.IndexInfo) types.AuthConfig { func ResolveAuthConfig(_ context.Context, cli Cli, index *registrytypes.IndexInfo) registrytypes.AuthConfig {
configKey := index.Name configKey := index.Name
if index.Official { if index.Official {
configKey = registry.IndexServer configKey = registry.IndexServer
} }
a, _ := cli.ConfigFile().GetAuthConfig(configKey) a, _ := cli.ConfigFile().GetAuthConfig(configKey)
return types.AuthConfig(a) return registrytypes.AuthConfig(a)
} }
// GetDefaultAuthConfig gets the default auth config given a serverAddress // GetDefaultAuthConfig gets the default auth config given a serverAddress
// If credentials for given serverAddress exists in the credential store, the configuration will be populated with values in it // If credentials for given serverAddress exists in the credential store, the configuration will be populated with values in it
func GetDefaultAuthConfig(cli Cli, checkCredStore bool, serverAddress string, isDefaultRegistry bool) (types.AuthConfig, error) { func GetDefaultAuthConfig(cli Cli, checkCredStore bool, serverAddress string, isDefaultRegistry bool) (registrytypes.AuthConfig, error) {
if !isDefaultRegistry { if !isDefaultRegistry {
serverAddress = registry.ConvertToHostname(serverAddress) serverAddress = registry.ConvertToHostname(serverAddress)
} }
@ -83,20 +72,27 @@ func GetDefaultAuthConfig(cli Cli, checkCredStore bool, serverAddress string, is
if checkCredStore { if checkCredStore {
authconfig, err = cli.ConfigFile().GetAuthConfig(serverAddress) authconfig, err = cli.ConfigFile().GetAuthConfig(serverAddress)
if err != nil { if err != nil {
return types.AuthConfig{ return registrytypes.AuthConfig{
ServerAddress: serverAddress, ServerAddress: serverAddress,
}, err }, err
} }
} }
authconfig.ServerAddress = serverAddress authconfig.ServerAddress = serverAddress
authconfig.IdentityToken = "" authconfig.IdentityToken = ""
res := types.AuthConfig(authconfig) res := registrytypes.AuthConfig(authconfig)
return res, nil return res, nil
} }
// ConfigureAuth handles prompting of user's username and password if needed // ConfigureAuth handles prompting of user's username and password if needed
func ConfigureAuth(cli Cli, flUser, flPassword string, authconfig *types.AuthConfig, isDefaultRegistry bool) error { func ConfigureAuth(cli Cli, flUser, flPassword string, authconfig *registrytypes.AuthConfig, isDefaultRegistry bool) error {
// On Windows, force the use of the regular OS stdin stream. Fixes #14336/#14210 // On Windows, force the use of the regular OS stdin stream.
//
// See:
// - https://github.com/moby/moby/issues/14336
// - https://github.com/moby/moby/issues/14210
// - https://github.com/moby/moby/pull/17738
//
// TODO(thaJeztah): we need to confirm if this special handling is still needed, as we may not be doing this in other places.
if runtime.GOOS == "windows" { if runtime.GOOS == "windows" {
cli.SetIn(streams.NewIn(os.Stdin)) cli.SetIn(streams.NewIn(os.Stdin))
} }
@ -120,8 +116,11 @@ func ConfigureAuth(cli Cli, flUser, flPassword string, authconfig *types.AuthCon
fmt.Fprintln(cli.Out(), "Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one.") fmt.Fprintln(cli.Out(), "Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one.")
} }
promptWithDefault(cli.Out(), "Username", authconfig.Username) promptWithDefault(cli.Out(), "Username", authconfig.Username)
flUser = readInput(cli.In(), cli.Out()) var err error
flUser = strings.TrimSpace(flUser) flUser, err = readInput(cli.In())
if err != nil {
return err
}
if flUser == "" { if flUser == "" {
flUser = authconfig.Username flUser = authconfig.Username
} }
@ -135,12 +134,15 @@ func ConfigureAuth(cli Cli, flUser, flPassword string, authconfig *types.AuthCon
return err return err
} }
fmt.Fprintf(cli.Out(), "Password: ") fmt.Fprintf(cli.Out(), "Password: ")
term.DisableEcho(cli.In().FD(), oldState) _ = term.DisableEcho(cli.In().FD(), oldState)
defer func() {
flPassword = readInput(cli.In(), cli.Out()) _ = term.RestoreTerminal(cli.In().FD(), oldState)
}()
flPassword, err = readInput(cli.In())
if err != nil {
return err
}
fmt.Fprint(cli.Out(), "\n") fmt.Fprint(cli.Out(), "\n")
term.RestoreTerminal(cli.In().FD(), oldState)
if flPassword == "" { if flPassword == "" {
return errors.Errorf("Error: Password Required") return errors.Errorf("Error: Password Required")
} }
@ -152,14 +154,15 @@ func ConfigureAuth(cli Cli, flUser, flPassword string, authconfig *types.AuthCon
return nil return nil
} }
func readInput(in io.Reader, out io.Writer) string { // readInput reads, and returns user input from in. It tries to return a
reader := bufio.NewReader(in) // single line, not including the end-of-line bytes, and trims leading
line, _, err := reader.ReadLine() // and trailing whitespace.
func readInput(in io.Reader) (string, error) {
line, _, err := bufio.NewReader(in).ReadLine()
if err != nil { if err != nil {
fmt.Fprintln(out, err.Error()) return "", errors.Wrap(err, "error while reading input")
os.Exit(1)
} }
return string(line) return strings.TrimSpace(string(line)), nil
} }
func promptWithDefault(out io.Writer, prompt string, configDefault string) { func promptWithDefault(out io.Writer, prompt string, configDefault string) {
@ -170,14 +173,19 @@ func promptWithDefault(out io.Writer, prompt string, configDefault string) {
} }
} }
// RetrieveAuthTokenFromImage retrieves an encoded auth token given a complete image // RetrieveAuthTokenFromImage retrieves an encoded auth token given a complete
// image. The auth configuration is serialized as a base64url encoded RFC4648,
// section 5) JSON string for sending through the X-Registry-Auth header.
//
// For details on base64url encoding, see:
// - RFC4648, section 5: https://tools.ietf.org/html/rfc4648#section-5
func RetrieveAuthTokenFromImage(ctx context.Context, cli Cli, image string) (string, error) { func RetrieveAuthTokenFromImage(ctx context.Context, cli Cli, image string) (string, error) {
// Retrieve encoded auth token from the image reference // Retrieve encoded auth token from the image reference
authConfig, err := resolveAuthConfigFromImage(ctx, cli, image) authConfig, err := resolveAuthConfigFromImage(ctx, cli, image)
if err != nil { if err != nil {
return "", err return "", err
} }
encodedAuth, err := EncodeAuthToBase64(authConfig) encodedAuth, err := registrytypes.EncodeAuthConfig(authConfig)
if err != nil { if err != nil {
return "", err return "", err
} }
@ -185,14 +193,14 @@ func RetrieveAuthTokenFromImage(ctx context.Context, cli Cli, image string) (str
} }
// resolveAuthConfigFromImage retrieves that AuthConfig using the image string // resolveAuthConfigFromImage retrieves that AuthConfig using the image string
func resolveAuthConfigFromImage(ctx context.Context, cli Cli, image string) (types.AuthConfig, error) { func resolveAuthConfigFromImage(ctx context.Context, cli Cli, image string) (registrytypes.AuthConfig, error) {
registryRef, err := reference.ParseNormalizedNamed(image) registryRef, err := reference.ParseNormalizedNamed(image)
if err != nil { if err != nil {
return types.AuthConfig{}, err return registrytypes.AuthConfig{}, err
} }
repoInfo, err := registry.ParseRepositoryInfo(registryRef) repoInfo, err := registry.ParseRepositoryInfo(registryRef)
if err != nil { if err != nil {
return types.AuthConfig{}, err return registrytypes.AuthConfig{}, err
} }
return ResolveAuthConfig(ctx, cli, repoInfo.Index), nil return ResolveAuthConfig(ctx, cli, repoInfo.Index), nil
} }

@ -1,32 +0,0 @@
package command
import (
"io"
"github.com/docker/cli/cli/streams"
)
// InStream is an input stream used by the DockerCli to read user input
//
// Deprecated: Use [streams.In] instead.
type InStream = streams.In
// OutStream is an output stream used by the DockerCli to write normal program
// output.
//
// Deprecated: Use [streams.Out] instead.
type OutStream = streams.Out
// NewInStream returns a new [streams.In] from an [io.ReadCloser].
//
// Deprecated: Use [streams.NewIn] instead.
func NewInStream(in io.ReadCloser) *streams.In {
return streams.NewIn(in)
}
// NewOutStream returns a new [streams.Out] from an [io.Writer].
//
// Deprecated: Use [streams.NewOut] instead.
func NewOutStream(out io.Writer) *streams.Out {
return streams.NewOut(out)
}

@ -37,7 +37,6 @@ type ConfigFile struct {
PruneFilters []string `json:"pruneFilters,omitempty"` PruneFilters []string `json:"pruneFilters,omitempty"`
Proxies map[string]ProxyConfig `json:"proxies,omitempty"` Proxies map[string]ProxyConfig `json:"proxies,omitempty"`
Experimental string `json:"experimental,omitempty"` Experimental string `json:"experimental,omitempty"`
StackOrchestrator string `json:"stackOrchestrator,omitempty"` // Deprecated: swarm is now the default orchestrator, and this option is ignored.
CurrentContext string `json:"currentContext,omitempty"` CurrentContext string `json:"currentContext,omitempty"`
CLIPluginsExtraDirs []string `json:"cliPluginsExtraDirs,omitempty"` CLIPluginsExtraDirs []string `json:"cliPluginsExtraDirs,omitempty"`
Plugins map[string]map[string]string `json:"plugins,omitempty"` Plugins map[string]map[string]string `json:"plugins,omitempty"`

@ -32,7 +32,7 @@ import (
) )
// New returns net.Conn // New returns net.Conn
func New(ctx context.Context, cmd string, args ...string) (net.Conn, error) { func New(_ context.Context, cmd string, args ...string) (net.Conn, error) {
var ( var (
c commandConn c commandConn
err error err error

@ -47,7 +47,12 @@ func getConnectionHelper(daemonURL string, sshFlags []string) (*ConnectionHelper
} }
return &ConnectionHelper{ return &ConnectionHelper{
Dialer: func(ctx context.Context, network, addr string) (net.Conn, error) { Dialer: func(ctx context.Context, network, addr string) (net.Conn, error) {
return commandconn.New(ctx, "ssh", append(sshFlags, sp.Args("docker", "system", "dial-stdio")...)...) args := []string{"docker"}
if sp.Path != "" {
args = append(args, "--host", "unix://"+sp.Path)
}
args = append(args, "system", "dial-stdio")
return commandconn.New(ctx, "ssh", append(sshFlags, sp.Args(args...)...)...)
}, },
Host: "http://docker.example.com", Host: "http://docker.example.com",
}, nil }, nil

@ -30,9 +30,7 @@ func ParseURL(daemonURL string) (*Spec, error) {
return nil, errors.Errorf("no host specified") return nil, errors.Errorf("no host specified")
} }
sp.Port = u.Port() sp.Port = u.Port()
if u.Path != "" { sp.Path = u.Path
return nil, errors.Errorf("extra path after the host: %q", u.Path)
}
if u.RawQuery != "" { if u.RawQuery != "" {
return nil, errors.Errorf("extra query after the host: %q", u.RawQuery) return nil, errors.Errorf("extra query after the host: %q", u.RawQuery)
} }
@ -47,6 +45,7 @@ type Spec struct {
User string User string
Host string Host string
Port string Port string
Path string
} }
// Args returns args except "ssh" itself combined with optional additional command args // Args returns args except "ssh" itself combined with optional additional command args

@ -25,12 +25,6 @@ type EndpointMeta = context.EndpointMetaBase
type Endpoint struct { type Endpoint struct {
EndpointMeta EndpointMeta
TLSData *context.TLSData TLSData *context.TLSData
// Deprecated: Use of encrypted TLS private keys has been deprecated, and
// will be removed in a future release. Golang has deprecated support for
// legacy PEM encryption (as specified in RFC 1423), as it is insecure by
// design (see https://go-review.googlesource.com/c/go/+/264159).
TLSPassword string
} }
// WithTLSData loads TLS materials for the endpoint // WithTLSData loads TLS materials for the endpoint

@ -494,20 +494,6 @@ func importEndpointTLS(tlsData *ContextTLSData, path string, data []byte) error
return nil return nil
} }
// IsErrContextDoesNotExist checks if the given error is a "context does not exist" condition.
//
// Deprecated: use github.com/docker/docker/errdefs.IsNotFound()
func IsErrContextDoesNotExist(err error) bool {
return errdefs.IsNotFound(err)
}
// IsErrTLSDataDoesNotExist checks if the given error is a "context does not exist" condition
//
// Deprecated: use github.com/docker/docker/errdefs.IsNotFound()
func IsErrTLSDataDoesNotExist(err error) bool {
return errdefs.IsNotFound(err)
}
type contextdir string type contextdir string
func contextdirOf(name string) contextdir { func contextdirOf(name string) contextdir {

@ -83,7 +83,7 @@ func (o *ClientOptions) InstallFlags(flags *pflag.FlagSet) {
// opts.ValidateHost is not used here, so as to allow connection helpers // opts.ValidateHost is not used here, so as to allow connection helpers
hostOpt := opts.NewNamedListOptsRef("hosts", &o.Hosts, nil) hostOpt := opts.NewNamedListOptsRef("hosts", &o.Hosts, nil)
flags.VarP(hostOpt, "host", "H", "Daemon socket(s) to connect to") flags.VarP(hostOpt, "host", "H", "Daemon socket to connect to")
flags.StringVarP(&o.Context, "context", "c", "", flags.StringVarP(&o.Context, "context", "c", "",
`Name of the context to use to connect to the daemon (overrides `+client.EnvOverrideHost+` env var and default context set with "docker context use")`) `Name of the context to use to connect to the daemon (overrides `+client.EnvOverrideHost+` env var and default context set with "docker context use")`)
} }

@ -1,11 +0,0 @@
package flags
// CommonOptions are options common to both the client and the daemon.
//
// Deprecated: use [ClientOptions].
type CommonOptions = ClientOptions
// NewCommonOptions returns a new CommonOptions
//
// Deprecated: use [NewClientOptions].
var NewCommonOptions = NewClientOptions

@ -10,7 +10,6 @@ import (
"github.com/docker/distribution" "github.com/docker/distribution"
"github.com/docker/distribution/reference" "github.com/docker/distribution/reference"
distributionclient "github.com/docker/distribution/registry/client" distributionclient "github.com/docker/distribution/registry/client"
"github.com/docker/docker/api/types"
registrytypes "github.com/docker/docker/api/types/registry" registrytypes "github.com/docker/docker/api/types/registry"
"github.com/opencontainers/go-digest" "github.com/opencontainers/go-digest"
"github.com/pkg/errors" "github.com/pkg/errors"
@ -36,7 +35,7 @@ func NewRegistryClient(resolver AuthConfigResolver, userAgent string, insecure b
} }
// AuthConfigResolver returns Auth Configuration for an index // AuthConfigResolver returns Auth Configuration for an index
type AuthConfigResolver func(ctx context.Context, index *registrytypes.IndexInfo) types.AuthConfig type AuthConfigResolver func(ctx context.Context, index *registrytypes.IndexInfo) registrytypes.AuthConfig
// PutManifestOptions is the data sent to push a manifest // PutManifestOptions is the data sent to push a manifest
type PutManifestOptions struct { type PutManifestOptions struct {

@ -9,7 +9,7 @@ import (
"github.com/docker/distribution/reference" "github.com/docker/distribution/reference"
"github.com/docker/distribution/registry/client/auth" "github.com/docker/distribution/registry/client/auth"
"github.com/docker/distribution/registry/client/transport" "github.com/docker/distribution/registry/client/transport"
authtypes "github.com/docker/docker/api/types" registrytypes "github.com/docker/docker/api/types/registry"
"github.com/docker/docker/registry" "github.com/docker/docker/registry"
"github.com/pkg/errors" "github.com/pkg/errors"
) )
@ -74,7 +74,7 @@ func getDefaultEndpointFromRepoInfo(repoInfo *registry.RepositoryInfo) (registry
} }
// getHTTPTransport builds a transport for use in communicating with a registry // getHTTPTransport builds a transport for use in communicating with a registry
func getHTTPTransport(authConfig authtypes.AuthConfig, endpoint registry.APIEndpoint, repoName string, userAgent string) (http.RoundTripper, error) { func getHTTPTransport(authConfig registrytypes.AuthConfig, endpoint registry.APIEndpoint, repoName string, userAgent string) (http.RoundTripper, error) {
// get the http transport, this will be used in a client to upload manifest // get the http transport, this will be used in a client to upload manifest
base := &http.Transport{ base := &http.Transport{
Proxy: http.ProxyFromEnvironment, Proxy: http.ProxyFromEnvironment,
@ -120,7 +120,7 @@ type existingTokenHandler struct {
token string token string
} }
func (th *existingTokenHandler) AuthorizeRequest(req *http.Request, params map[string]string) error { func (th *existingTokenHandler) AuthorizeRequest(req *http.Request, _ map[string]string) error {
req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", th.token)) req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", th.token))
return nil return nil
} }

@ -9,38 +9,42 @@ import (
"github.com/moby/term" "github.com/moby/term"
) )
// In is an input stream used by the DockerCli to read user input // In is an input stream to read user input. It implements [io.ReadCloser]
// with additional utilities, such as putting the terminal in raw mode.
type In struct { type In struct {
commonStream commonStream
in io.ReadCloser in io.ReadCloser
} }
// Read implements the [io.Reader] interface.
func (i *In) Read(p []byte) (int, error) { func (i *In) Read(p []byte) (int, error) {
return i.in.Read(p) return i.in.Read(p)
} }
// Close implements the Closer interface // Close implements the [io.Closer] interface.
func (i *In) Close() error { func (i *In) Close() error {
return i.in.Close() return i.in.Close()
} }
// SetRawTerminal sets raw mode on the input terminal // SetRawTerminal sets raw mode on the input terminal. It is a no-op if In
// is not a TTY, or if the "NORAW" environment variable is set to a non-empty
// value.
func (i *In) SetRawTerminal() (err error) { func (i *In) SetRawTerminal() (err error) {
if os.Getenv("NORAW") != "" || !i.commonStream.isTerminal { if !i.isTerminal || os.Getenv("NORAW") != "" {
return nil return nil
} }
i.commonStream.state, err = term.SetRawTerminal(i.commonStream.fd) i.state, err = term.SetRawTerminal(i.fd)
return err return err
} }
// CheckTty checks if we are trying to attach to a container tty // CheckTty checks if we are trying to attach to a container TTY
// from a non-tty client input stream, and if so, returns an error. // from a non-TTY client input stream, and if so, returns an error.
func (i *In) CheckTty(attachStdin, ttyMode bool) error { func (i *In) CheckTty(attachStdin, ttyMode bool) error {
// In order to attach to a container tty, input stream for the client must // In order to attach to a container tty, input stream for the client must
// be a tty itself: redirecting or piping the client standard input is // be a tty itself: redirecting or piping the client standard input is
// incompatible with `docker run -t`, `docker exec -t` or `docker attach`. // incompatible with `docker run -t`, `docker exec -t` or `docker attach`.
if ttyMode && attachStdin && !i.isTerminal { if ttyMode && attachStdin && !i.isTerminal {
eText := "the input device is not a TTY" const eText = "the input device is not a TTY"
if runtime.GOOS == "windows" { if runtime.GOOS == "windows" {
return errors.New(eText + ". If you are using mintty, try prefixing the command with 'winpty'") return errors.New(eText + ". If you are using mintty, try prefixing the command with 'winpty'")
} }
@ -49,8 +53,9 @@ func (i *In) CheckTty(attachStdin, ttyMode bool) error {
return nil return nil
} }
// NewIn returns a new In object from a ReadCloser // NewIn returns a new [In] from an [io.ReadCloser].
func NewIn(in io.ReadCloser) *In { func NewIn(in io.ReadCloser) *In {
fd, isTerminal := term.GetFdInfo(in) i := &In{in: in}
return &In{commonStream: commonStream{fd: fd, isTerminal: isTerminal}, in: in} i.fd, i.isTerminal = term.GetFdInfo(in)
return i
} }

@ -8,8 +8,9 @@ import (
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
) )
// Out is an output stream used by the DockerCli to write normal program // Out is an output stream to write normal program output. It implements
// output. // an [io.Writer], with additional utilities for detecting whether a terminal
// is connected, getting the TTY size, and putting the terminal in raw mode.
type Out struct { type Out struct {
commonStream commonStream
out io.Writer out io.Writer
@ -19,23 +20,29 @@ func (o *Out) Write(p []byte) (int, error) {
return o.out.Write(p) return o.out.Write(p)
} }
// SetRawTerminal sets raw mode on the input terminal // SetRawTerminal puts the output of the terminal connected to the stream
// into raw mode.
//
// On UNIX, this does nothing. On Windows, it disables LF -> CRLF/ translation.
// It is a no-op if Out is not a TTY, or if the "NORAW" environment variable is
// set to a non-empty value.
func (o *Out) SetRawTerminal() (err error) { func (o *Out) SetRawTerminal() (err error) {
if os.Getenv("NORAW") != "" || !o.commonStream.isTerminal { if !o.isTerminal || os.Getenv("NORAW") != "" {
return nil return nil
} }
o.commonStream.state, err = term.SetRawTerminalOutput(o.commonStream.fd) o.state, err = term.SetRawTerminalOutput(o.fd)
return err return err
} }
// GetTtySize returns the height and width in characters of the tty // GetTtySize returns the height and width in characters of the TTY, or
func (o *Out) GetTtySize() (uint, uint) { // zero for both if no TTY is connected.
func (o *Out) GetTtySize() (height uint, width uint) {
if !o.isTerminal { if !o.isTerminal {
return 0, 0 return 0, 0
} }
ws, err := term.GetWinsize(o.fd) ws, err := term.GetWinsize(o.fd)
if err != nil { if err != nil {
logrus.Debugf("Error getting size: %s", err) logrus.WithError(err).Debug("Error getting TTY size")
if ws == nil { if ws == nil {
return 0, 0 return 0, 0
} }
@ -43,8 +50,9 @@ func (o *Out) GetTtySize() (uint, uint) {
return uint(ws.Height), uint(ws.Width) return uint(ws.Height), uint(ws.Width)
} }
// NewOut returns a new Out object from a Writer // NewOut returns a new [Out] from an [io.Writer].
func NewOut(out io.Writer) *Out { func NewOut(out io.Writer) *Out {
fd, isTerminal := term.GetFdInfo(out) o := &Out{out: out}
return &Out{commonStream: commonStream{fd: fd, isTerminal: isTerminal}, out: out} o.fd, o.isTerminal = term.GetFdInfo(out)
return o
} }

@ -4,31 +4,32 @@ import (
"github.com/moby/term" "github.com/moby/term"
) )
// commonStream is an input stream used by the DockerCli to read user input
type commonStream struct { type commonStream struct {
fd uintptr fd uintptr
isTerminal bool isTerminal bool
state *term.State state *term.State
} }
// FD returns the file descriptor number for this stream // FD returns the file descriptor number for this stream.
func (s *commonStream) FD() uintptr { func (s *commonStream) FD() uintptr {
return s.fd return s.fd
} }
// IsTerminal returns true if this stream is connected to a terminal // IsTerminal returns true if this stream is connected to a terminal.
func (s *commonStream) IsTerminal() bool { func (s *commonStream) IsTerminal() bool {
return s.isTerminal return s.isTerminal
} }
// RestoreTerminal restores normal mode to the terminal // RestoreTerminal restores normal mode to the terminal.
func (s *commonStream) RestoreTerminal() { func (s *commonStream) RestoreTerminal() {
if s.state != nil { if s.state != nil {
term.RestoreTerminal(s.fd, s.state) _ = term.RestoreTerminal(s.fd, s.state)
} }
} }
// SetIsTerminal sets the boolean used for isTerminal // SetIsTerminal overrides whether a terminal is connected. It is used to
// override this property in unit-tests, and should not be depended on for
// other purposes.
func (s *commonStream) SetIsTerminal(isTerminal bool) { func (s *commonStream) SetIsTerminal(isTerminal bool) {
s.isTerminal = isTerminal s.isTerminal = isTerminal
} }

@ -17,7 +17,6 @@ import (
"github.com/docker/distribution/registry/client/auth" "github.com/docker/distribution/registry/client/auth"
"github.com/docker/distribution/registry/client/auth/challenge" "github.com/docker/distribution/registry/client/auth/challenge"
"github.com/docker/distribution/registry/client/transport" "github.com/docker/distribution/registry/client/transport"
"github.com/docker/docker/api/types"
registrytypes "github.com/docker/docker/api/types/registry" registrytypes "github.com/docker/docker/api/types/registry"
"github.com/docker/docker/registry" "github.com/docker/docker/registry"
"github.com/docker/go-connections/tlsconfig" "github.com/docker/go-connections/tlsconfig"
@ -79,24 +78,23 @@ func Server(index *registrytypes.IndexInfo) (string, error) {
} }
type simpleCredentialStore struct { type simpleCredentialStore struct {
auth types.AuthConfig auth registrytypes.AuthConfig
} }
func (scs simpleCredentialStore) Basic(u *url.URL) (string, string) { func (scs simpleCredentialStore) Basic(*url.URL) (string, string) {
return scs.auth.Username, scs.auth.Password return scs.auth.Username, scs.auth.Password
} }
func (scs simpleCredentialStore) RefreshToken(u *url.URL, service string) string { func (scs simpleCredentialStore) RefreshToken(*url.URL, string) string {
return scs.auth.IdentityToken return scs.auth.IdentityToken
} }
func (scs simpleCredentialStore) SetRefreshToken(*url.URL, string, string) { func (scs simpleCredentialStore) SetRefreshToken(*url.URL, string, string) {}
}
// GetNotaryRepository returns a NotaryRepository which stores all the // GetNotaryRepository returns a NotaryRepository which stores all the
// information needed to operate on a notary repository. // information needed to operate on a notary repository.
// It creates an HTTP transport providing authentication support. // It creates an HTTP transport providing authentication support.
func GetNotaryRepository(in io.Reader, out io.Writer, userAgent string, repoInfo *registry.RepositoryInfo, authConfig *types.AuthConfig, actions ...string) (client.Repository, error) { func GetNotaryRepository(in io.Reader, out io.Writer, userAgent string, repoInfo *registry.RepositoryInfo, authConfig *registrytypes.AuthConfig, actions ...string) (client.Repository, error) {
server, err := Server(repoInfo.Index) server, err := Server(repoInfo.Index)
if err != nil { if err != nil {
return nil, err return nil, err
@ -160,7 +158,7 @@ func GetNotaryRepository(in io.Reader, out io.Writer, userAgent string, repoInfo
scope := auth.RepositoryScope{ scope := auth.RepositoryScope{
Repository: repoInfo.Name.Name(), Repository: repoInfo.Name.Name(),
Actions: actions, Actions: actions,
Class: repoInfo.Class, Class: repoInfo.Class, // TODO(thaJeztah): Class is no longer needed for plugins and can likely be removed; see https://github.com/docker/cli/pull/4114#discussion_r1145430825
} }
creds := simpleCredentialStore{auth: *authConfig} creds := simpleCredentialStore{auth: *authConfig}
tokenHandlerOptions := auth.TokenHandlerOptions{ tokenHandlerOptions := auth.TokenHandlerOptions{
@ -292,7 +290,7 @@ func GetSignableRoles(repo client.Repository, target *client.Target) ([]data.Rol
// ImageRefAndAuth contains all reference information and the auth config for an image request // ImageRefAndAuth contains all reference information and the auth config for an image request
type ImageRefAndAuth struct { type ImageRefAndAuth struct {
original string original string
authConfig *types.AuthConfig authConfig *registrytypes.AuthConfig
reference reference.Named reference reference.Named
repoInfo *registry.RepositoryInfo repoInfo *registry.RepositoryInfo
tag string tag string
@ -301,8 +299,8 @@ type ImageRefAndAuth struct {
// GetImageReferencesAndAuth retrieves the necessary reference and auth information for an image name // GetImageReferencesAndAuth retrieves the necessary reference and auth information for an image name
// as an ImageRefAndAuth struct // as an ImageRefAndAuth struct
func GetImageReferencesAndAuth(ctx context.Context, rs registry.Service, func GetImageReferencesAndAuth(ctx context.Context,
authResolver func(ctx context.Context, index *registrytypes.IndexInfo) types.AuthConfig, authResolver func(ctx context.Context, index *registrytypes.IndexInfo) registrytypes.AuthConfig,
imgName string, imgName string,
) (ImageRefAndAuth, error) { ) (ImageRefAndAuth, error) {
ref, err := reference.ParseNormalizedNamed(imgName) ref, err := reference.ParseNormalizedNamed(imgName)
@ -311,13 +309,7 @@ func GetImageReferencesAndAuth(ctx context.Context, rs registry.Service,
} }
// Resolve the Repository name from fqn to RepositoryInfo // Resolve the Repository name from fqn to RepositoryInfo
var repoInfo *registry.RepositoryInfo repoInfo, err := registry.ParseRepositoryInfo(ref)
if rs != nil {
repoInfo, err = rs.ResolveRepository(ref)
} else {
repoInfo, err = registry.ParseRepositoryInfo(ref)
}
if err != nil { if err != nil {
return ImageRefAndAuth{}, err return ImageRefAndAuth{}, err
} }
@ -356,7 +348,7 @@ func getDigest(ref reference.Named) digest.Digest {
} }
// AuthConfig returns the auth information (username, etc) for a given ImageRefAndAuth // AuthConfig returns the auth information (username, etc) for a given ImageRefAndAuth
func (imgRefAuth *ImageRefAndAuth) AuthConfig() *types.AuthConfig { func (imgRefAuth *ImageRefAndAuth) AuthConfig() *registrytypes.AuthConfig {
return imgRefAuth.authConfig return imgRefAuth.authConfig
} }

@ -21,15 +21,15 @@ const (
// This function only handles rudimentary formatting; no validation is performed, // This function only handles rudimentary formatting; no validation is performed,
// as the list of available capabilities can be updated over time, thus should be // as the list of available capabilities can be updated over time, thus should be
// handled by the daemon. // handled by the daemon.
func NormalizeCapability(cap string) string { func NormalizeCapability(capability string) string {
cap = strings.ToUpper(strings.TrimSpace(cap)) capability = strings.ToUpper(strings.TrimSpace(capability))
if cap == AllCapabilities || cap == ResetCapabilities { if capability == AllCapabilities || capability == ResetCapabilities {
return cap return capability
} }
if !strings.HasPrefix(cap, "CAP_") { if !strings.HasPrefix(capability, "CAP_") {
cap = "CAP_" + cap capability = "CAP_" + capability
} }
return cap return capability
} }
// CapabilitiesMap normalizes the given capabilities and converts them to a map. // CapabilitiesMap normalizes the given capabilities and converts them to a map.

@ -228,7 +228,7 @@ github.com/davecgh/go-spew/spew
# github.com/distribution/distribution/v3 v3.0.0-20230214150026-36d8c594d7aa # github.com/distribution/distribution/v3 v3.0.0-20230214150026-36d8c594d7aa
## explicit; go 1.18 ## explicit; go 1.18
github.com/distribution/distribution/v3/reference github.com/distribution/distribution/v3/reference
# github.com/docker/cli v23.0.6+incompatible # github.com/docker/cli v24.0.0+incompatible
## explicit ## explicit
github.com/docker/cli/cli github.com/docker/cli/cli
github.com/docker/cli/cli-plugins/manager github.com/docker/cli/cli-plugins/manager

Loading…
Cancel
Save