vendor: update docker/cli to f1615fa

also needs to update docker/docker to a60b458 (22.06 branch) otherwise build breaks since docker/cli#3512 with: # github.com/docker/cli/cli/flags vendor/github.com/docker/cli/cli/flags/common.go:40:37: undefined: client.EnvOverrideCertPath vendor/github.com/docker/cli/cli/flags/common.go:41:37: undefined: client.EnvTLSVerify vendor/github.com/docker/cli/cli/flags/common.go:89:76: undefined: client.EnvOverrideHost needs also to update github.com/spf13/cobra to v1.5.0 otherwise build breaks with: # github.com/docker/cli/cli-plugins/plugin vendor/github.com/docker/cli/cli-plugins/plugin/plugin.go:130:4: unknown field 'HiddenDefaultCmd' in struct literal of type cobra.CompletionOptions Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-07-22 10:53:15 +02:00
parent 701c548e46
commit b0deb8bdd7
199 changed files with 4116 additions and 3933 deletions
--- a/vendor/github.com/docker/cli/cli/cobra.go
+++ b/vendor/github.com/docker/cli/cli/cobra.go
@@ -3,12 +3,17 @@ package cli
 import (
 	"fmt"
 	"os"
+	"path/filepath"
+	"sort"
 	"strings"

 	pluginmanager "github.com/docker/cli/cli-plugins/manager"
 	"github.com/docker/cli/cli/command"
-	cliconfig "github.com/docker/cli/cli/config"
+	"github.com/docker/cli/cli/config"
 	cliflags "github.com/docker/cli/cli/flags"
+	"github.com/docker/docker/pkg/homedir"
+	"github.com/docker/docker/registry"
+	"github.com/fvbommel/sortorder"
 	"github.com/moby/term"
 	"github.com/morikuni/aec"
 	"github.com/pkg/errors"
@@ -22,15 +27,21 @@ func setupCommonRootCommand(rootCmd *cobra.Command) (*cliflags.ClientOptions, *p
 	opts := cliflags.NewClientOptions()
 	flags := rootCmd.Flags()

-	flags.StringVar(&opts.ConfigDir, "config", cliconfig.Dir(), "Location of client config files")
+	flags.StringVar(&opts.ConfigDir, "config", config.Dir(), "Location of client config files")
 	opts.Common.InstallFlags(flags)

 	cobra.AddTemplateFunc("add", func(a, b int) int { return a + b })
+	cobra.AddTemplateFunc("hasAliases", hasAliases)
 	cobra.AddTemplateFunc("hasSubCommands", hasSubCommands)
+	cobra.AddTemplateFunc("hasTopCommands", hasTopCommands)
 	cobra.AddTemplateFunc("hasManagementSubCommands", hasManagementSubCommands)
+	cobra.AddTemplateFunc("hasSwarmSubCommands", hasSwarmSubCommands)
 	cobra.AddTemplateFunc("hasInvalidPlugins", hasInvalidPlugins)
+	cobra.AddTemplateFunc("topCommands", topCommands)
+	cobra.AddTemplateFunc("commandAliases", commandAliases)
 	cobra.AddTemplateFunc("operationSubCommands", operationSubCommands)
 	cobra.AddTemplateFunc("managementSubCommands", managementSubCommands)
+	cobra.AddTemplateFunc("orchestratorSubCommands", orchestratorSubCommands)
 	cobra.AddTemplateFunc("invalidPlugins", invalidPlugins)
 	cobra.AddTemplateFunc("wrappedFlagUsages", wrappedFlagUsages)
 	cobra.AddTemplateFunc("vendorAndVersion", vendorAndVersion)
@@ -52,6 +63,13 @@ func setupCommonRootCommand(rootCmd *cobra.Command) (*cliflags.ClientOptions, *p

 	rootCmd.Annotations = map[string]string{"additionalHelp": "To get more help with docker, check out our guides at https://docs.docker.com/go/guides/"}

+	// Configure registry.CertsDir() when running in rootless-mode
+	if os.Getenv("ROOTLESSKIT_STATE_DIR") != "" {
+		if configHome, err := homedir.GetConfigHome(); err == nil {
+			registry.SetCertsDir(filepath.Join(configHome, "docker/certs.d"))
+		}
+	}
+
 	return opts, flags, helpCommand
 }

@@ -222,6 +240,10 @@ func isPlugin(cmd *cobra.Command) bool {
 	return cmd.Annotations[pluginmanager.CommandAnnotationPlugin] == "true"
 }

+func hasAliases(cmd *cobra.Command) bool {
+	return len(cmd.Aliases) > 0 || cmd.Annotations["aliases"] != ""
+}
+
 func hasSubCommands(cmd *cobra.Command) bool {
 	return len(operationSubCommands(cmd)) > 0
 }
@@ -230,16 +252,69 @@ func hasManagementSubCommands(cmd *cobra.Command) bool {
 	return len(managementSubCommands(cmd)) > 0
 }

+func hasSwarmSubCommands(cmd *cobra.Command) bool {
+	return len(orchestratorSubCommands(cmd)) > 0
+}
+
 func hasInvalidPlugins(cmd *cobra.Command) bool {
 	return len(invalidPlugins(cmd)) > 0
 }

+func hasTopCommands(cmd *cobra.Command) bool {
+	return len(topCommands(cmd)) > 0
+}
+
+// commandAliases is a templating function to return aliases for the command,
+// formatted as the full command as they're called (contrary to the default
+// Aliases function, which only returns the subcommand).
+func commandAliases(cmd *cobra.Command) string {
+	if cmd.Annotations["aliases"] != "" {
+		return cmd.Annotations["aliases"]
+	}
+	var parentPath string
+	if cmd.HasParent() {
+		parentPath = cmd.Parent().CommandPath() + " "
+	}
+	aliases := cmd.CommandPath()
+	for _, alias := range cmd.Aliases {
+		aliases += ", " + parentPath + alias
+	}
+	return aliases
+}
+
+func topCommands(cmd *cobra.Command) []*cobra.Command {
+	cmds := []*cobra.Command{}
+	if cmd.Parent() != nil {
+		// for now, only use top-commands for the root-command, and skip
+		// for sub-commands
+		return cmds
+	}
+	for _, sub := range cmd.Commands() {
+		if isPlugin(sub) || !sub.IsAvailableCommand() {
+			continue
+		}
+		if _, ok := sub.Annotations["category-top"]; ok {
+			cmds = append(cmds, sub)
+		}
+	}
+	sort.SliceStable(cmds, func(i, j int) bool {
+		return sortorder.NaturalLess(cmds[i].Annotations["category-top"], cmds[j].Annotations["category-top"])
+	})
+	return cmds
+}
+
 func operationSubCommands(cmd *cobra.Command) []*cobra.Command {
 	cmds := []*cobra.Command{}
 	for _, sub := range cmd.Commands() {
 		if isPlugin(sub) {
 			continue
 		}
+		if _, ok := sub.Annotations["category-top"]; ok {
+			if cmd.Parent() == nil {
+				// for now, only use top-commands for the root-command
+				continue
+			}
+		}
 		if sub.IsAvailableCommand() && !sub.HasSubCommands() {
 			cmds = append(cmds, sub)
 		}
@@ -275,6 +350,27 @@ func vendorAndVersion(cmd *cobra.Command) string {
 }

 func managementSubCommands(cmd *cobra.Command) []*cobra.Command {
+	cmds := []*cobra.Command{}
+	for _, sub := range allManagementSubCommands(cmd) {
+		if _, ok := sub.Annotations["swarm"]; ok {
+			continue
+		}
+		cmds = append(cmds, sub)
+	}
+	return cmds
+}
+
+func orchestratorSubCommands(cmd *cobra.Command) []*cobra.Command {
+	cmds := []*cobra.Command{}
+	for _, sub := range allManagementSubCommands(cmd) {
+		if _, ok := sub.Annotations["swarm"]; ok {
+			cmds = append(cmds, sub)
+		}
+	}
+	return cmds
+}
+
+func allManagementSubCommands(cmd *cobra.Command) []*cobra.Command {
 	cmds := []*cobra.Command{}
 	for _, sub := range cmd.Commands() {
 		if isPlugin(sub) {
@@ -323,10 +419,10 @@ EXPERIMENTAL:
  https://docs.docker.com/go/experimental/

 {{- end}}
-{{- if gt .Aliases 0}}
+{{- if hasAliases . }}

 Aliases:
-  {{.NameAndAliases}}
+  {{ commandAliases . }}

 {{- end}}
 {{- if .HasExample}}
@@ -335,11 +431,20 @@ Examples:
 {{ .Example }}

 {{- end}}
+{{- if .HasParent}}
 {{- if .HasAvailableFlags}}

 Options:
 {{ wrappedFlagUsages . | trimRightSpace}}

+{{- end}}
+{{- end}}
+{{- if hasTopCommands .}}
+
+Common Commands:
+{{- range topCommands .}}
+  {{rpad (decoratedName .) (add .NamePadding 1)}}{{.Short}}
+{{- end}}
 {{- end}}
 {{- if hasManagementSubCommands . }}

@@ -349,6 +454,15 @@ Management Commands:
  {{rpad (decoratedName .) (add .NamePadding 1)}}{{.Short}}{{ if isPlugin .}} {{vendorAndVersion .}}{{ end}}
 {{- end}}

+{{- end}}
+{{- if hasSwarmSubCommands . }}
+
+Swarm Commands:
+
+{{- range orchestratorSubCommands . }}
+  {{rpad (decoratedName .) (add .NamePadding 1)}}{{.Short}}{{ if isPlugin .}} {{vendorAndVersion .}}{{ end}}
+{{- end}}
+
 {{- end}}
 {{- if hasSubCommands .}}

@@ -367,6 +481,14 @@ Invalid Plugins:
  {{rpad .Name .NamePadding }} {{invalidPluginReason .}}
 {{- end}}

+{{- end}}
+{{- if not .HasParent}}
+{{- if .HasAvailableFlags}}
+
+Global Options:
+{{ wrappedFlagUsages . | trimRightSpace}}
+
+{{- end}}
 {{- end}}

 {{- if .HasSubCommands }}
--- a/vendor/github.com/docker/cli/cli/command/cli.go
+++ b/vendor/github.com/docker/cli/cli/command/cli.go
@@ -11,7 +11,6 @@ import (
 	"time"

 	"github.com/docker/cli/cli/config"
-	cliconfig "github.com/docker/cli/cli/config"
 	"github.com/docker/cli/cli/config/configfile"
 	dcontext "github.com/docker/cli/cli/context"
 	"github.com/docker/cli/cli/context/docker"
@@ -26,7 +25,8 @@ import (
 	dopts "github.com/docker/cli/opts"
 	"github.com/docker/docker/api"
 	"github.com/docker/docker/api/types"
-	registrytypes "github.com/docker/docker/api/types/registry"
+	"github.com/docker/docker/api/types/registry"
+	"github.com/docker/docker/api/types/swarm"
 	"github.com/docker/docker/client"
 	"github.com/docker/go-connections/tlsconfig"
 	"github.com/moby/term"
@@ -52,7 +52,6 @@ type Cli interface {
 	Apply(ops ...DockerCliOption) error
 	ConfigFile() *configfile.ConfigFile
 	ServerInfo() ServerInfo
-	ClientInfo() ClientInfo
 	NotaryClient(imgRefAndAuth trust.ImageRefAndAuth, actions []string) (notaryclient.Repository, error)
 	DefaultVersion() string
 	ManifestStore() manifeststore.Store
@@ -73,7 +72,6 @@ type DockerCli struct {
 	err                io.Writer
 	client             client.APIClient
 	serverInfo         ServerInfo
-	clientInfo         *ClientInfo
 	contentTrust       bool
 	contextStore       store.Store
 	currentContext     string
@@ -81,9 +79,9 @@ type DockerCli struct {
 	contextStoreConfig store.Config
 }

-// DefaultVersion returns api.defaultVersion or DOCKER_API_VERSION if specified.
+// DefaultVersion returns api.defaultVersion.
 func (cli *DockerCli) DefaultVersion() string {
-	return cli.ClientInfo().DefaultVersion
+	return api.DefaultVersion
 }

 // Client returns the APIClient
@@ -129,39 +127,16 @@ func (cli *DockerCli) ConfigFile() *configfile.ConfigFile {
 }

 func (cli *DockerCli) loadConfigFile() {
-	cli.configFile = cliconfig.LoadDefaultConfigFile(cli.err)
+	cli.configFile = config.LoadDefaultConfigFile(cli.err)
 }

 // ServerInfo returns the server version details for the host this client is
 // connected to
 func (cli *DockerCli) ServerInfo() ServerInfo {
+	// TODO(thaJeztah) make ServerInfo() lazily load the info (ping only when needed)
 	return cli.serverInfo
 }

-// ClientInfo returns the client details for the cli
-func (cli *DockerCli) ClientInfo() ClientInfo {
-	if cli.clientInfo == nil {
-		if err := cli.loadClientInfo(); err != nil {
-			panic(err)
-		}
-	}
-	return *cli.clientInfo
-}
-
-func (cli *DockerCli) loadClientInfo() error {
-	var v string
-	if cli.client != nil {
-		v = cli.client.ClientVersion()
-	} else {
-		v = api.DefaultVersion
-	}
-	cli.clientInfo = &ClientInfo{
-		DefaultVersion:  v,
-		HasExperimental: true,
-	}
-	return nil
-}
-
 // ContentTrustEnabled returns whether content trust has been enabled by an
 // environment variable.
 func (cli *DockerCli) ContentTrustEnabled() bool {
@@ -197,7 +172,7 @@ func (cli *DockerCli) ManifestStore() manifeststore.Store {
 // RegistryClient returns a client for communicating with a Docker distribution
 // registry
 func (cli *DockerCli) RegistryClient(allowInsecure bool) registryclient.RegistryClient {
-	resolver := func(ctx context.Context, index *registrytypes.IndexInfo) types.AuthConfig {
+	resolver := func(ctx context.Context, index *registry.IndexInfo) types.AuthConfig {
 		return ResolveAuthConfig(ctx, cli, index)
 	}
 	return registryclient.NewRegistryClient(resolver, UserAgent(), allowInsecure)
@@ -228,7 +203,7 @@ func (cli *DockerCli) Initialize(opts *cliflags.ClientOptions, ops ...Initialize
 	cliflags.SetLogLevel(opts.Common.LogLevel)

 	if opts.ConfigDir != "" {
-		cliconfig.SetDir(opts.ConfigDir)
+		config.SetDir(opts.ConfigDir)
 	}

 	if opts.Common.Debug {
@@ -237,7 +212,7 @@ func (cli *DockerCli) Initialize(opts *cliflags.ClientOptions, ops ...Initialize

 	cli.loadConfigFile()

-	baseContextStore := store.New(cliconfig.ContextStoreDir(), cli.contextStoreConfig)
+	baseContextStore := store.New(config.ContextStoreDir(), cli.contextStoreConfig)
 	cli.contextStore = &ContextStoreWithDefault{
 		Store: baseContextStore,
 		Resolver: func() (*DefaultContext, error) {
@@ -260,28 +235,23 @@ func (cli *DockerCli) Initialize(opts *cliflags.ClientOptions, ops ...Initialize
 		}
 	}
 	cli.initializeFromClient()
-
-	if err := cli.loadClientInfo(); err != nil {
-		return err
-	}
-
 	return nil
 }

 // NewAPIClientFromFlags creates a new APIClient from command line flags
 func NewAPIClientFromFlags(opts *cliflags.CommonOptions, configFile *configfile.ConfigFile) (client.APIClient, error) {
 	storeConfig := DefaultContextStoreConfig()
-	store := &ContextStoreWithDefault{
-		Store: store.New(cliconfig.ContextStoreDir(), storeConfig),
+	contextStore := &ContextStoreWithDefault{
+		Store: store.New(config.ContextStoreDir(), storeConfig),
 		Resolver: func() (*DefaultContext, error) {
 			return ResolveDefaultContext(opts, configFile, storeConfig, io.Discard)
 		},
 	}
-	contextName, err := resolveContextName(opts, configFile, store)
+	contextName, err := resolveContextName(opts, configFile, contextStore)
 	if err != nil {
 		return nil, err
 	}
-	endpoint, err := resolveDockerEndpoint(store, contextName)
+	endpoint, err := resolveDockerEndpoint(contextStore, contextName)
 	if err != nil {
 		return nil, errors.Wrap(err, "unable to resolve docker endpoint")
 	}
@@ -368,6 +338,7 @@ func (cli *DockerCli) initializeFromClient() {
 		HasExperimental: ping.Experimental,
 		OSType:          ping.OSType,
 		BuildkitVersion: ping.BuilderVersion,
+		SwarmStatus:     ping.SwarmStatus,
 	}
 	cli.client.NegotiateAPIVersionPing(ping)
 }
@@ -408,26 +379,28 @@ type ServerInfo struct {
 	HasExperimental bool
 	OSType          string
 	BuildkitVersion types.BuilderVersion
-}

-// ClientInfo stores details about the supported features of the client
-type ClientInfo struct {
-	// Deprecated: experimental CLI features always enabled. This field is kept
-	// for backward-compatibility, and is always "true".
-	HasExperimental bool
-	DefaultVersion  string
+	// SwarmStatus provides information about the current swarm status of the
+	// engine, obtained from the "Swarm" header in the API response.
+	//
+	// It can be a nil struct if the API version does not provide this header
+	// in the ping response, or if an error occurred, in which case the client
+	// should use other ways to get the current swarm status, such as the /swarm
+	// endpoint.
+	SwarmStatus *swarm.Status
 }

 // NewDockerCli returns a DockerCli instance with all operators applied on it.
 // It applies by default the standard streams, and the content trust from
 // environment.
 func NewDockerCli(ops ...DockerCliOption) (*DockerCli, error) {
-	cli := &DockerCli{}
 	defaultOps := []DockerCliOption{
 		WithContentTrustFromEnv(),
+		WithDefaultContextStoreConfig(),
 	}
-	cli.contextStoreConfig = DefaultContextStoreConfig()
 	ops = append(defaultOps, ops...)
+
+	cli := &DockerCli{}
 	if err := cli.Apply(ops...); err != nil {
 		return nil, err
 	}
@@ -450,7 +423,7 @@ func getServerHost(hosts []string, tlsOptions *tlsconfig.Options) (string, error
 	var host string
 	switch len(hosts) {
 	case 0:
-		host = os.Getenv("DOCKER_HOST")
+		host = os.Getenv(client.EnvOverrideHost)
 	case 1:
 		host = hosts[0]
 	default:
@@ -468,7 +441,7 @@ func UserAgent() string {
 // resolveContextName resolves the current context name with the following rules:
 // - setting both --context and --host flags is ambiguous
 // - if --context is set, use this value
-// - if --host flag or DOCKER_HOST is set, fallbacks to use the same logic as before context-store was added
+// - if --host flag or DOCKER_HOST (client.EnvOverrideHost) is set, fallbacks to use the same logic as before context-store was added
 // for backward compatibility with existing scripts
 // - if DOCKER_CONTEXT is set, use this value
 // - if Config file has a globally set "CurrentContext", use this value
@@ -483,7 +456,7 @@ func resolveContextName(opts *cliflags.CommonOptions, config *configfile.ConfigF
 	if len(opts.Hosts) > 0 {
 		return DefaultContextName, nil
 	}
-	if _, present := os.LookupEnv("DOCKER_HOST"); present {
+	if _, present := os.LookupEnv(client.EnvOverrideHost); present {
 		return DefaultContextName, nil
 	}
 	if ctxName, ok := os.LookupEnv("DOCKER_CONTEXT"); ok {
--- a/vendor/github.com/docker/cli/cli/command/cli_options.go
+++ b/vendor/github.com/docker/cli/cli/command/cli_options.go
@@ -94,3 +94,11 @@ func WithContextEndpointType(endpointName string, endpointType store.TypeGetter)
 		return nil
 	}
 }
+
+// WithDefaultContextStoreConfig configures the cli to use the default context store configuration.
+func WithDefaultContextStoreConfig() DockerCliOption {
+	return func(cli *DockerCli) error {
+		cli.contextStoreConfig = DefaultContextStoreConfig()
+		return nil
+	}
+}
--- a/vendor/github.com/docker/cli/cli/command/registry.go
+++ b/vendor/github.com/docker/cli/cli/command/registry.go
@@ -12,7 +12,6 @@ import (
 	"strings"

 	configtypes "github.com/docker/cli/cli/config/types"
-	"github.com/docker/cli/cli/debug"
 	"github.com/docker/cli/cli/streams"
 	"github.com/docker/distribution/reference"
 	"github.com/docker/docker/api/types"
@@ -22,28 +21,10 @@ import (
 	"github.com/pkg/errors"
 )

-// ElectAuthServer returns the default registry to use (by asking the daemon)
-func ElectAuthServer(ctx context.Context, cli Cli) string {
-	// The daemon `/info` endpoint informs us of the default registry being
-	// used. This is essential in cross-platforms environment, where for
-	// example a Linux client might be interacting with a Windows daemon, hence
-	// the default registry URL might be Windows specific.
-	info, err := cli.Client().Info(ctx)
-	if err != nil {
-		// Daemon is not responding so use system default.
-		if debug.IsEnabled() {
-			// Only report the warning if we're in debug mode to prevent nagging during engine initialization workflows
-			fmt.Fprintf(cli.Err(), "Warning: failed to get default registry endpoint from daemon (%v). Using system default: %s\n", err, registry.IndexServer)
-		}
-		return registry.IndexServer
-	}
-	if info.IndexServerAddress == "" {
-		if debug.IsEnabled() {
-			fmt.Fprintf(cli.Err(), "Warning: Empty registry endpoint from daemon. Using system default: %s\n", registry.IndexServer)
-		}
-		return registry.IndexServer
-	}
-	return info.IndexServerAddress
+// ElectAuthServer returns the default registry to use
+// Deprecated: use registry.IndexServer instead
+func ElectAuthServer(_ context.Context, _ Cli) string {
+	return registry.IndexServer
 }

 // EncodeAuthToBase64 serializes the auth configuration as JSON base64 payload
@@ -61,7 +42,7 @@ func RegistryAuthenticationPrivilegedFunc(cli Cli, index *registrytypes.IndexInf
 	return func() (string, error) {
 		fmt.Fprintf(cli.Out(), "\nPlease login prior to %s:\n", cmdName)
 		indexServer := registry.GetAuthConfigKey(index)
-		isDefaultRegistry := indexServer == ElectAuthServer(context.Background(), cli)
+		isDefaultRegistry := indexServer == registry.IndexServer
 		authConfig, err := GetDefaultAuthConfig(cli, true, indexServer, isDefaultRegistry)
 		if err != nil {
 			fmt.Fprintf(cli.Err(), "Unable to retrieve stored credentials for %s, error: %s.\n", indexServer, err)
@@ -77,10 +58,10 @@ func RegistryAuthenticationPrivilegedFunc(cli Cli, index *registrytypes.IndexInf
 // ResolveAuthConfig is like registry.ResolveAuthConfig, but if using the
 // default index, it uses the default index name for the daemon's platform,
 // not the client's platform.
-func ResolveAuthConfig(ctx context.Context, cli Cli, index *registrytypes.IndexInfo) types.AuthConfig {
+func ResolveAuthConfig(_ context.Context, cli Cli, index *registrytypes.IndexInfo) types.AuthConfig {
 	configKey := index.Name
 	if index.Official {
-		configKey = ElectAuthServer(ctx, cli)
+		configKey = registry.IndexServer
 	}

 	a, _ := cli.ConfigFile().GetAuthConfig(configKey)
--- a/vendor/github.com/docker/cli/cli/command/utils.go
+++ b/vendor/github.com/docker/cli/cli/command/utils.go
@@ -19,7 +19,7 @@ import (
 // CopyToFile writes the content of the reader to the specified file
 func CopyToFile(outfile string, r io.Reader) error {
 	// We use sequential file access here to avoid depleting the standby list
-	// on Windows. On Linux, this is a call directly to ioutil.TempFile
+	// on Windows. On Linux, this is a call directly to os.CreateTemp
 	tmpFile, err := system.TempFileSequential(filepath.Dir(outfile), ".docker_temp_")
 	if err != nil {
 		return err
--- a/vendor/github.com/docker/cli/cli/config/config.go
+++ b/vendor/github.com/docker/cli/cli/config/config.go
@@ -19,7 +19,7 @@ const (
 	// ConfigFileName is the name of config file
 	ConfigFileName = "config.json"
 	configFileDir  = ".docker"
-	oldConfigfile  = ".dockercfg"
+	oldConfigfile  = ".dockercfg" // Deprecated: remove once we stop printing deprecation warning
 	contextsDir    = "contexts"
 )

@@ -84,16 +84,6 @@ func Path(p ...string) (string, error) {
 	return path, nil
 }

-// LegacyLoadFromReader is a convenience function that creates a ConfigFile object from
-// a non-nested reader
-func LegacyLoadFromReader(configData io.Reader) (*configfile.ConfigFile, error) {
-	configFile := configfile.ConfigFile{
-		AuthConfigs: make(map[string]types.AuthConfig),
-	}
-	err := configFile.LegacyLoadFromReader(configData)
-	return &configFile, err
-}
-
 // LoadFromReader is a convenience function that creates a ConfigFile object from
 // a reader
 func LoadFromReader(configData io.Reader) (*configfile.ConfigFile, error) {
@@ -140,12 +130,8 @@ func load(configDir string) (*configfile.ConfigFile, bool, error) {

 	// Can't find latest config file so check for the old one
 	filename = filepath.Join(getHomeDir(), oldConfigfile)
-	if file, err := os.Open(filename); err == nil {
+	if _, err := os.Stat(filename); err == nil {
 		printLegacyFileWarning = true
-		defer file.Close()
-		if err := configFile.LegacyLoadFromReader(file); err != nil {
-			return configFile, printLegacyFileWarning, errors.Wrap(err, filename)
-		}
 	}
 	return configFile, printLegacyFileWarning, nil
 }
@@ -158,7 +144,7 @@ func LoadDefaultConfigFile(stderr io.Writer) *configfile.ConfigFile {
 		fmt.Fprintf(stderr, "WARNING: Error loading config file: %v\n", err)
 	}
 	if printLegacyFileWarning {
-		_, _ = fmt.Fprintln(stderr, "WARNING: Support for the legacy ~/.dockercfg configuration file and file-format is deprecated and will be removed in an upcoming release")
+		_, _ = fmt.Fprintln(stderr, "WARNING: Support for the legacy ~/.dockercfg configuration file and file-format has been removed and the configuration file will be ignored")
 	}
 	if !configFile.ContainsAuth() {
 		configFile.CredentialsStore = credentials.DetectDefaultStore(configFile.CredentialsStore)
--- a/vendor/github.com/docker/cli/cli/config/configfile/file.go
+++ b/vendor/github.com/docker/cli/cli/config/configfile/file.go
@@ -14,13 +14,6 @@ import (
 	"github.com/sirupsen/logrus"
 )

-const (
-	// This constant is only used for really old config files when the
-	// URL wasn't saved as part of the config file and it was just
-	// assumed to be this value.
-	defaultIndexServer = "https://index.docker.io/v1/"
-)
-
 // ConfigFile ~/.docker/config.json file info
 type ConfigFile struct {
 	AuthConfigs          map[string]types.AuthConfig  `json:"auths"`
@@ -71,44 +64,6 @@ func New(fn string) *ConfigFile {
 	}
 }

-// LegacyLoadFromReader reads the non-nested configuration data given and sets up the
-// auth config information with given directory and populates the receiver object
-func (configFile *ConfigFile) LegacyLoadFromReader(configData io.Reader) error {
-	b, err := io.ReadAll(configData)
-	if err != nil {
-		return err
-	}
-
-	if err := json.Unmarshal(b, &configFile.AuthConfigs); err != nil {
-		arr := strings.Split(string(b), "\n")
-		if len(arr) < 2 {
-			return errors.Errorf("The Auth config file is empty")
-		}
-		authConfig := types.AuthConfig{}
-		origAuth := strings.Split(arr[0], " = ")
-		if len(origAuth) != 2 {
-			return errors.Errorf("Invalid Auth config file")
-		}
-		authConfig.Username, authConfig.Password, err = decodeAuth(origAuth[1])
-		if err != nil {
-			return err
-		}
-		authConfig.ServerAddress = defaultIndexServer
-		configFile.AuthConfigs[defaultIndexServer] = authConfig
-	} else {
-		for k, authConfig := range configFile.AuthConfigs {
-			authConfig.Username, authConfig.Password, err = decodeAuth(authConfig.Auth)
-			if err != nil {
-				return err
-			}
-			authConfig.Auth = ""
-			authConfig.ServerAddress = k
-			configFile.AuthConfigs[k] = authConfig
-		}
-	}
-	return nil
-}
-
 // LoadFromReader reads the configuration data given and sets up the auth config
 // information with given directory and populates the receiver object
 func (configFile *ConfigFile) LoadFromReader(configData io.Reader) error {
--- a/vendor/github.com/docker/cli/cli/config/configfile/file_unix.go
+++ b/vendor/github.com/docker/cli/cli/config/configfile/file_unix.go
@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows

 package configfile
--- a/vendor/github.com/docker/cli/cli/config/credentials/default_store_unsupported.go
+++ b/vendor/github.com/docker/cli/cli/config/credentials/default_store_unsupported.go
@@ -1,3 +1,4 @@
+//go:build !windows && !darwin && !linux
 // +build !windows,!darwin,!linux

 package credentials
--- a/vendor/github.com/docker/cli/cli/config/credentials/native_store.go
+++ b/vendor/github.com/docker/cli/cli/config/credentials/native_store.go
@@ -7,7 +7,7 @@ import (
 )

 const (
-	remoteCredentialsPrefix = "docker-credential-"
+	remoteCredentialsPrefix = "docker-credential-" //nolint:gosec // ignore G101: Potential hardcoded credentials
 	tokenUsername           = "<token>"
 )

--- a/vendor/github.com/docker/cli/cli/connhelper/commandconn/commandconn.go
+++ b/vendor/github.com/docker/cli/cli/connhelper/commandconn/commandconn.go
@@ -4,13 +4,13 @@
 // For example, to provide an http.Client that can connect to a Docker daemon
 // running in a Docker container ("DIND"):
 //
-//  httpClient := &http.Client{
-//  	Transport: &http.Transport{
-//  		DialContext: func(ctx context.Context, _network, _addr string) (net.Conn, error) {
-//  			return commandconn.New(ctx, "docker", "exec", "-it", containerID, "docker", "system", "dial-stdio")
-//  		},
-//  	},
-//  }
+//	httpClient := &http.Client{
+//		Transport: &http.Transport{
+//			DialContext: func(ctx context.Context, _network, _addr string) (net.Conn, error) {
+//				return commandconn.New(ctx, "docker", "exec", "-it", containerID, "docker", "system", "dial-stdio")
+//			},
+//		},
+//	}
 package commandconn

 import (
--- a/vendor/github.com/docker/cli/cli/connhelper/commandconn/pdeathsig_nolinux.go
+++ b/vendor/github.com/docker/cli/cli/connhelper/commandconn/pdeathsig_nolinux.go
@@ -1,3 +1,4 @@
+//go:build !linux
 // +build !linux

 package commandconn
--- a/vendor/github.com/docker/cli/cli/connhelper/commandconn/session_unix.go
+++ b/vendor/github.com/docker/cli/cli/connhelper/commandconn/session_unix.go
@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows

 package commandconn
--- a/vendor/github.com/docker/cli/cli/context/docker/load.go
+++ b/vendor/github.com/docker/cli/cli/context/docker/load.go
@@ -6,7 +6,6 @@ import (
 	"encoding/pem"
 	"net"
 	"net/http"
-	"os"
 	"time"

 	"github.com/docker/cli/cli/connhelper"
@@ -68,7 +67,7 @@ func (c *Endpoint) tlsConfig() (*tls.Config, error) {
 		if pemBlock == nil {
 			return nil, errors.New("no valid private key found")
 		}
-		if x509.IsEncryptedPEMBlock(pemBlock) { //nolint: staticcheck // SA1019: x509.IsEncryptedPEMBlock is deprecated, and insecure by design
+		if x509.IsEncryptedPEMBlock(pemBlock) { //nolint:staticcheck // SA1019: x509.IsEncryptedPEMBlock is deprecated, and insecure by design
 			return nil, errors.New("private key is encrypted - support for encrypted private keys has been removed, see https://docs.docker.com/go/deprecated/")
 		}

@@ -122,12 +121,7 @@ func (c *Endpoint) ClientOpts() ([]client.Opt, error) {
 		}
 	}

-	version := os.Getenv("DOCKER_API_VERSION")
-	if version != "" {
-		result = append(result, client.WithVersion(version))
-	} else {
-		result = append(result, client.WithAPIVersionNegotiation())
-	}
+	result = append(result, client.WithVersionFromEnv(), client.WithAPIVersionNegotiation())
 	return result, nil
 }

--- a/vendor/github.com/docker/cli/cli/context/store/doc.go
+++ b/vendor/github.com/docker/cli/cli/context/store/doc.go
@@ -1,20 +1,32 @@
-// Package store provides a generic way to store credentials to connect to virtually any kind of remote system.
-// The term `context` comes from the similar feature in Kubernetes kubectl config files.
+// Package store provides a generic way to store credentials to connect to
+// virtually any kind of remote system.
+// The term `context` comes from the similar feature in Kubernetes kubectl
+// config files.
 //
-// Conceptually, a context is a set of metadata and TLS data, that can be used to connect to various endpoints
-// of a remote system. TLS data and metadata are stored separately, so that in the future, we will be able to store sensitive
-// information in a more secure way, depending on the os we are running on (e.g.: on Windows we could use the user Certificate Store, on Mac OS the user Keychain...).
+// Conceptually, a context is a set of metadata and TLS data, that can be used
+// to connect to various endpoints of a remote system. TLS data and metadata
+// are stored separately, so that in the future, we will be able to store
+// sensitive information in a more secure way, depending on the os we are running
+// on (e.g.: on Windows we could use the user Certificate Store, on macOS the
+// user Keychain...).
 //
 // Current implementation is purely file based with the following structure:
-// ${CONTEXT_ROOT}
-//   - meta/
-//     - <context id>/meta.json: contains context medata (key/value pairs) as well as a list of endpoints (themselves containing key/value pair metadata)
-//   - tls/
-//     - <context id>/endpoint1/: directory containing TLS data for the endpoint1 in the corresponding context
 //
-// The context store itself has absolutely no knowledge about what a docker endpoint should contain in term of metadata or TLS config.
-// Client code is responsible for generating and parsing endpoint metadata and TLS files.
-// The multi-endpoints approach of this package allows to combine many different endpoints in the same "context".
+//	${CONTEXT_ROOT}
+//	  meta/
+//	    <context id>/meta.json: contains context medata (key/value pairs) as
+//	                            well as a list of endpoints (themselves containing
+//	                            key/value pair metadata).
+//	  tls/
+//	    <context id>/endpoint1/: directory containing TLS data for the endpoint1
+//	                             in the corresponding context.
 //
-// Context IDs are actually SHA256 hashes of the context name, and are there only to avoid dealing with special characters in context names.
+// The context store itself has absolutely no knowledge about what a docker
+// endpoint should contain in term of metadata or TLS config. Client code is
+// responsible for generating and parsing endpoint metadata and TLS files. The
+// multi-endpoints approach of this package allows to combine many different
+// endpoints in the same "context".
+//
+// Context IDs are actually SHA256 hashes of the context name, and are there
+// only to avoid dealing with special characters in context names.
 package store
--- a/vendor/github.com/docker/cli/cli/context/store/store.go
+++ b/vendor/github.com/docker/cli/cli/context/store/store.go
@@ -16,7 +16,7 @@ import (
 	"strings"

 	"github.com/docker/docker/errdefs"
-	digest "github.com/opencontainers/go-digest"
+	"github.com/opencontainers/go-digest"
 	"github.com/pkg/errors"
 )

@@ -118,6 +118,19 @@ func (s *store) List() ([]Metadata, error) {
 	return s.meta.list()
 }

+// Names return Metadata names for a Lister
+func Names(s Lister) ([]string, error) {
+	list, err := s.List()
+	if err != nil {
+		return nil, err
+	}
+	var names []string
+	for _, item := range list {
+		names = append(names, item.Name)
+	}
+	return names, nil
+}
+
 func (s *store) CreateOrUpdate(meta Metadata) error {
 	return s.meta.createOrUpdate(meta)
 }
--- a/vendor/github.com/docker/cli/cli/context/store/tlsstore.go
+++ b/vendor/github.com/docker/cli/cli/context/store/tlsstore.go
@@ -43,7 +43,7 @@ func (s *tlsStore) getData(contextID contextdir, endpointName, filename string)
 	return data, nil
 }

-func (s *tlsStore) remove(contextID contextdir, endpointName, filename string) error { // nolint:unused
+func (s *tlsStore) remove(contextID contextdir, endpointName, filename string) error { //nolint:unused
 	err := os.Remove(s.filePath(contextID, endpointName, filename))
 	if os.IsNotExist(err) {
 		return nil
--- a/vendor/github.com/docker/cli/cli/flags/common.go
+++ b/vendor/github.com/docker/cli/cli/flags/common.go
@@ -5,8 +5,9 @@ import (
 	"os"
 	"path/filepath"

-	cliconfig "github.com/docker/cli/cli/config"
+	"github.com/docker/cli/cli/config"
 	"github.com/docker/cli/opts"
+	"github.com/docker/docker/client"
 	"github.com/docker/go-connections/tlsconfig"
 	"github.com/sirupsen/logrus"
 	"github.com/spf13/pflag"
@@ -21,12 +22,25 @@ const (
 	DefaultCertFile = "cert.pem"
 	// FlagTLSVerify is the flag name for the TLS verification option
 	FlagTLSVerify = "tlsverify"
+	// FormatHelp describes the --format flag behavior for list commands
+	FormatHelp = `Format output using a custom template:
+'table':            Print output in table format with column headers (default)
+'table TEMPLATE':   Print output in table format using the given Go template
+'json':             Print in JSON format
+'TEMPLATE':         Print output using the given Go template.
+Refer to https://docs.docker.com/go/formatting/ for more information about formatting output with templates`
+	// InspectFormatHelp describes the --format flag behavior for inspect commands
+	InspectFormatHelp = `Format output using a custom template:
+'json':             Print in JSON format
+'TEMPLATE':         Print output using the given Go template.
+Refer to https://docs.docker.com/go/formatting/ for more information about formatting output with templates`
 )

 var (
-	dockerCertPath  = os.Getenv("DOCKER_CERT_PATH")
-	dockerTLSVerify = os.Getenv("DOCKER_TLS_VERIFY") != ""
-	dockerTLS       = os.Getenv("DOCKER_TLS") != ""
+	dockerCertPath  = os.Getenv(client.EnvOverrideCertPath)
+	dockerTLSVerify = os.Getenv(client.EnvTLSVerify) != ""
+	// TODO(thaJeztah) the 'DOCKER_TLS' environment variable is not documented, and does not have a const.
+	dockerTLS = os.Getenv("DOCKER_TLS") != ""
 )

 // CommonOptions are options common to both the client and the daemon.
@@ -48,7 +62,7 @@ func NewCommonOptions() *CommonOptions {
 // InstallFlags adds flags for the common options on the FlagSet
 func (commonOpts *CommonOptions) InstallFlags(flags *pflag.FlagSet) {
 	if dockerCertPath == "" {
-		dockerCertPath = cliconfig.Dir()
+		dockerCertPath = config.Dir()
 	}

 	flags.BoolVarP(&commonOpts.Debug, "debug", "D", false, "Enable debug mode")
@@ -72,7 +86,7 @@ func (commonOpts *CommonOptions) InstallFlags(flags *pflag.FlagSet) {
 	hostOpt := opts.NewNamedListOptsRef("hosts", &commonOpts.Hosts, nil)
 	flags.VarP(hostOpt, "host", "H", "Daemon socket(s) to connect to")
 	flags.StringVarP(&commonOpts.Context, "context", "c", "",
-		`Name of the context to use to connect to the daemon (overrides DOCKER_HOST env var and default context set with "docker context use")`)
+		`Name of the context to use to connect to the daemon (overrides `+client.EnvOverrideHost+` env var and default context set with "docker context use")`)
 }

 // SetDefaultOptions sets default values for options after flag parsing is
--- a/vendor/github.com/docker/cli/cli/manifest/store/store.go
+++ b/vendor/github.com/docker/cli/cli/manifest/store/store.go
@@ -10,7 +10,7 @@ import (
 	"github.com/docker/cli/cli/manifest/types"
 	"github.com/docker/distribution/manifest/manifestlist"
 	"github.com/docker/distribution/reference"
-	digest "github.com/opencontainers/go-digest"
+	"github.com/opencontainers/go-digest"
 	ocispec "github.com/opencontainers/image-spec/specs-go/v1"
 	"github.com/pkg/errors"
 )
--- a/vendor/github.com/docker/cli/cli/registry/client/client.go
+++ b/vendor/github.com/docker/cli/cli/registry/client/client.go
@@ -7,7 +7,6 @@ import (
 	"strings"

 	manifesttypes "github.com/docker/cli/cli/manifest/types"
-	"github.com/docker/cli/cli/trust"
 	"github.com/docker/distribution"
 	"github.com/docker/distribution/reference"
 	distributionclient "github.com/docker/distribution/registry/client"
@@ -25,7 +24,6 @@ type RegistryClient interface {
 	GetManifestList(ctx context.Context, ref reference.Named) ([]manifesttypes.ImageManifest, error)
 	MountBlob(ctx context.Context, source reference.Canonical, target reference.Named) error
 	PutManifest(ctx context.Context, ref reference.Named, manifest distribution.Manifest) (digest.Digest, error)
-	GetTags(ctx context.Context, ref reference.Named) ([]string, error)
 }

 // NewRegistryClient returns a new RegistryClient with a resolver
@@ -124,19 +122,6 @@ func (c *client) PutManifest(ctx context.Context, ref reference.Named, manifest
 	return dgst, errors.Wrapf(err, "failed to put manifest %s", ref)
 }

-func (c *client) GetTags(ctx context.Context, ref reference.Named) ([]string, error) {
-	repoEndpoint, err := newDefaultRepositoryEndpoint(ref, c.insecureRegistry)
-	if err != nil {
-		return nil, err
-	}
-
-	repo, err := c.getRepositoryForReference(ctx, ref, repoEndpoint)
-	if err != nil {
-		return nil, err
-	}
-	return repo.Tags(ctx).All(ctx)
-}
-
 func (c *client) getRepositoryForReference(ctx context.Context, ref reference.Named, repoEndpoint repositoryEndpoint) (distribution.Repository, error) {
 	repoName, err := reference.WithName(repoEndpoint.Name())
 	if err != nil {
@@ -207,16 +192,3 @@ func getManifestOptionsFromReference(ref reference.Named) (digest.Digest, []dist
 	}
 	return "", nil, errors.Errorf("%s no tag or digest", ref)
 }
-
-// GetRegistryAuth returns the auth config given an input image
-func GetRegistryAuth(ctx context.Context, resolver AuthConfigResolver, imageName string) (*types.AuthConfig, error) {
-	distributionRef, err := reference.ParseNormalizedNamed(imageName)
-	if err != nil {
-		return nil, fmt.Errorf("Failed to parse image name: %s: %s", imageName, err)
-	}
-	imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, nil, resolver, distributionRef.String())
-	if err != nil {
-		return nil, fmt.Errorf("Failed to get imgRefAndAuth: %s", err)
-	}
-	return imgRefAndAuth.AuthConfig(), nil
-}
--- a/vendor/github.com/docker/cli/cli/registry/client/fetcher.go
+++ b/vendor/github.com/docker/cli/cli/registry/client/fetcher.go
@@ -3,7 +3,6 @@ package client
 import (
 	"context"
 	"encoding/json"
-	"fmt"

 	"github.com/docker/cli/cli/manifest/types"
 	"github.com/docker/distribution"
@@ -14,7 +13,7 @@ import (
 	v2 "github.com/docker/distribution/registry/api/v2"
 	distclient "github.com/docker/distribution/registry/client"
 	"github.com/docker/docker/registry"
-	digest "github.com/opencontainers/go-digest"
+	"github.com/opencontainers/go-digest"
 	ocispec "github.com/opencontainers/image-spec/specs-go/v1"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
@@ -128,7 +127,7 @@ func validateManifestDigest(ref reference.Named, mfst distribution.Manifest) (oc
 	// If pull by digest, then verify the manifest digest.
 	if digested, isDigested := ref.(reference.Canonical); isDigested {
 		if digested.Digest() != desc.Digest {
-			err := fmt.Errorf("manifest verification failed for digest %s", digested.Digest())
+			err := errors.Errorf("manifest verification failed for digest %s", digested.Digest())
 			return ocispec.Descriptor{}, err
 		}
 	}
@@ -156,7 +155,7 @@ func pullManifestList(ctx context.Context, ref reference.Named, repo distributio
 		}
 		v, ok := manifest.(*schema2.DeserializedManifest)
 		if !ok {
-			return nil, fmt.Errorf("unsupported manifest format: %v", v)
+			return nil, errors.Errorf("unsupported manifest format: %v", v)
 		}

 		manifestRef, err := reference.WithDigest(ref, manifestDescriptor.Digest)
@@ -278,27 +277,17 @@ func allEndpoints(namedRef reference.Named, insecure bool) ([]registry.APIEndpoi
 	return endpoints, err
 }

-type notFoundError struct {
-	object string
+func newNotFoundError(ref string) *notFoundError {
+	return &notFoundError{err: errors.New("no such manifest: " + ref)}
 }

-func newNotFoundError(ref string) *notFoundError {
-	return &notFoundError{object: ref}
+type notFoundError struct {
+	err error
 }

 func (n *notFoundError) Error() string {
-	return fmt.Sprintf("no such manifest: %s", n.object)
+	return n.err.Error()
 }

-// NotFound interface
+// NotFound satisfies interface github.com/docker/docker/errdefs.ErrNotFound
 func (n *notFoundError) NotFound() {}
-
-// IsNotFound returns true if the error is a not found error
-func IsNotFound(err error) bool {
-	_, ok := err.(notFound)
-	return ok
-}
-
-type notFound interface {
-	NotFound()
-}
--- a/vendor/github.com/docker/cli/cli/required.go
+++ b/vendor/github.com/docker/cli/cli/required.go
@@ -99,7 +99,7 @@ func ExactArgs(number int) cobra.PositionalArgs {
 	}
 }

-//nolint: unparam
+//nolint:unparam
 func pluralize(word string, number int) string {
 	if number == 1 {
 		return word
--- a/vendor/github.com/docker/cli/cli/trust/trust.go
+++ b/vendor/github.com/docker/cli/cli/trust/trust.go
@@ -12,7 +12,7 @@ import (
 	"path/filepath"
 	"time"

-	cliconfig "github.com/docker/cli/cli/config"
+	"github.com/docker/cli/cli/config"
 	"github.com/docker/distribution/reference"
 	"github.com/docker/distribution/registry/client/auth"
 	"github.com/docker/distribution/registry/client/auth/challenge"
@@ -21,7 +21,7 @@ import (
 	registrytypes "github.com/docker/docker/api/types/registry"
 	"github.com/docker/docker/registry"
 	"github.com/docker/go-connections/tlsconfig"
-	digest "github.com/opencontainers/go-digest"
+	"github.com/opencontainers/go-digest"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
 	"github.com/theupdateframework/notary"
@@ -47,7 +47,7 @@ var (

 // GetTrustDirectory returns the base trust directory name
 func GetTrustDirectory() string {
-	return filepath.Join(cliconfig.Dir(), "trust")
+	return filepath.Join(config.Dir(), "trust")
 }

 // certificateDirectory returns the directory containing
@@ -59,7 +59,7 @@ func certificateDirectory(server string) (string, error) {
 		return "", err
 	}

-	return filepath.Join(cliconfig.Dir(), "tls", u.Host), nil
+	return filepath.Join(config.Dir(), "tls", u.Host), nil
 }

 // Server returns the base URL for the trust server.