Hello community, here is the log from the commit of package docker for openSUSE:Factory checked in at 2019-07-28 10:16:44 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/docker (Old) and /work/SRC/openSUSE:Factory/.docker.new.4126 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "docker" Sun Jul 28 10:16:44 2019 rev:92 rq:717727 version:19.03.0_ce Changes: -------- --- /work/SRC/openSUSE:Factory/docker/docker.changes 2019-06-30 10:19:15.499411120 +0200 +++ /work/SRC/openSUSE:Factory/.docker.new.4126/docker.changes 2019-07-28 10:16:57.940598564 +0200 @@ -1,0 +2,24 @@ +Mon Jul 22 22:13:30 UTC 2019 - Aleksa Sarai <[email protected]> + +- Update to Docker 19.03.0-ce. See upstream changelog in the packaged + /usr/share/doc/packages/docker/CHANGELOG.md. bsc#1142413 +- Remove upstreamed patches: + - bsc1001161-0001-oci-include-the-domainname-in-kernel.domainname.patch + - bsc1001161-0002-cli-add-a-separate-domainname-flag.patch + - bsc1047218-0001-man-obey-SOURCE_DATE_EPOCH-when-generating-man-pages.patch + - bsc1128746-0001-integration-cli-don-t-build-test-images-if-they-alre.patch +- Rebase pacthes: + * bsc1073877-0001-apparmor-clobber-docker-default-profile-on-start.patch + * packaging-0001-revert-Remove-docker-prefix-for-containerd-and-runc-.patch + * private-registry-0001-Add-private-registry-mirror-support.patch + * secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch + * secrets-0002-SUSE-implement-SUSE-container-secrets.patch + +------------------------------------------------------------------- +Wed Jul 17 23:15:33 UTC 2019 - Aleksa Sarai <[email protected]> + +- Move bash-completion to correct location. +- Update to Docker 18.09.8-ce. See upstream changelog in the packaged + /usr/share/doc/packages/docker/CHANGELOG.md. bsc#1142160 CVE-2019-13509 + +------------------------------------------------------------------- Old: ---- bsc1001161-0001-oci-include-the-domainname-in-kernel.domainname.patch bsc1001161-0002-cli-add-a-separate-domainname-flag.patch bsc1047218-0001-man-obey-SOURCE_DATE_EPOCH-when-generating-man-pages.patch bsc1128746-0001-integration-cli-don-t-build-test-images-if-they-alre.patch docker-18.09.7_ce_2d0083d657f8.tar.xz New: ---- docker-19.03.0_ce_aeac9490dc54.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ docker.spec ++++++ --- /var/tmp/diff_new_pack.4Wkis1/_old 2019-07-28 10:16:58.836598599 +0200 +++ /var/tmp/diff_new_pack.4Wkis1/_new 2019-07-28 10:16:58.836598599 +0200 @@ -42,17 +42,17 @@ # helpfully injects into our build environment from the changelog). If you want # to generate a new git_commit_epoch, use this: # $ date --date="$(git show --format=fuller --date=iso $COMMIT_ID | grep -oP '(?<=^CommitDate: ).*')" '+%s' -%define git_version 2d0083d657f8 -%define git_commit_epoch 1561655613 +%define git_version aeac9490dc54 +%define git_commit_epoch 1563384968 # These are the git commits required. We verify them against the source to make # sure we didn't miss anything important when doing upgrades. %define required_containerd 894b81a4b802e4eb2a91d1ce216b8817763c29fb %define required_dockerrunc 425e105d5a03fabd737a126ad93d62a9eeede87f -%define required_libnetwork e7933d41e7b206756115aa9df5e0599fc5169742 +%define required_libnetwork fc5a7d91d54cc98f64fc28f9e288b46a0bee756c Name: %{realname}%{name_suffix} -Version: 18.09.7_ce +Version: 19.03.0_ce Release: 0 Summary: The Moby-project Linux container runtime License: Apache-2.0 @@ -79,19 +79,11 @@ Patch201: secrets-0002-SUSE-implement-SUSE-container-secrets.patch # SUSE-BACKPORT: Backport of https://github.com/docker/docker/pull/37353. bsc#1099277 Patch401: bsc1073877-0001-apparmor-clobber-docker-default-profile-on-start.patch -# SUSE-BACKPORT: Backport of https://github.com/docker/cli/pull/1306. boo#1047218 -Patch402: bsc1047218-0001-man-obey-SOURCE_DATE_EPOCH-when-generating-man-pages.patch # SUSE-ISSUE: Revert of https://github.com/docker/docker/pull/37907. -Patch403: packaging-0001-revert-Remove-docker-prefix-for-containerd-and-runc-.patch -# SUSE-BACKPORT: Backport of https://github.com/docker/docker/pull/37302. bsc#1001161 -Patch404: bsc1001161-0001-oci-include-the-domainname-in-kernel.domainname.patch -# SUSE-BACKPORT: Backport of https://github.com/docker/cli/pull/1130. bsc#1001161 -Patch405: bsc1001161-0002-cli-add-a-separate-domainname-flag.patch +Patch402: packaging-0001-revert-Remove-docker-prefix-for-containerd-and-runc-.patch # SUSE-FEATURE: Add support to mirror inofficial/private registries # (https://github.com/docker/docker/pull/34319) Patch500: private-registry-0001-Add-private-registry-mirror-support.patch -# SUSE-BACKPORT: Backport of test-only patch https://github.com/moby/moby/pull/38853. bsc1128746 -Patch900: bsc1128746-0001-integration-cli-don-t-build-test-images-if-they-alre.patch BuildRequires: audit BuildRequires: bash-completion BuildRequires: ca-certificates @@ -141,9 +133,8 @@ Recommends: git-core >= 1.7 Conflicts: lxc < 1.0 ExcludeArch: s390 ppc -# Make sure we build with go 1.10 BuildRequires: go-go-md2man -BuildRequires: golang(API) = 1.10 +BuildRequires: golang(API) >= 1.12 # KUBIC-SPECIFIC: This was required when upgrading from the original kubic # packaging, when everything was renamed to -kubic. It also is # used to ensure that nothing complains too much when using @@ -266,19 +257,12 @@ %endif # bsc#1099277 %patch401 -p1 -# boo#1047218 -%patch402 -p1 # revert upstream -%patch403 -p1 -# bsc#1001161 -%patch404 -p1 -%patch405 -p1 +%patch402 -p1 %if "%flavour" == "kubic" # PATCH-SUSE: Mirror patch. %patch500 -p1 %endif -# bsc#1128746 -%patch900 -p1 cp %{SOURCE7} . @@ -374,7 +358,7 @@ %{buildroot}%{_sysconfdir}/init.d \ %{buildroot}%{_sbindir} -install -D -m0644 components/cli/contrib/completion/bash/docker "%{buildroot}%{_sysconfdir}/bash_completion.d/%{realname}" +install -D -m0644 components/cli/contrib/completion/bash/docker "%{buildroot}%{_datarootdir}/bash-completion/completions/%{realname}" install -D -m0644 components/cli/contrib/completion/zsh/_docker "%{buildroot}%{_sysconfdir}/zsh_completion.d/%{realname}" # @@ -487,11 +471,11 @@ %files bash-completion %defattr(-,root,root) -%config %{_sysconfdir}/bash_completion.d/%{realname} +%{_datarootdir}/bash-completion/completions/%{realname} %files zsh-completion %defattr(-,root,root) -%config %{_sysconfdir}/zsh_completion.d/%{realname} +%{_sysconfdir}/zsh_completion.d/%{realname} %files test %defattr(-,root,root) ++++++ _service ++++++ --- /var/tmp/diff_new_pack.4Wkis1/_old 2019-07-28 10:16:58.932598603 +0200 +++ /var/tmp/diff_new_pack.4Wkis1/_new 2019-07-28 10:16:58.936598603 +0200 @@ -3,8 +3,8 @@ <param name="url">https://github.com/docker/docker-ce.git</param> <param name="scm">git</param> <param name="exclude">.git</param> - <param name="versionformat">18.09.7_ce_%h</param> - <param name="revision">v18.09.7</param> + <param name="versionformat">19.03.0_ce_%h</param> + <param name="revision">v19.03.0</param> <param name="filename">docker</param> </service> <service name="recompress" mode="disabled"> ++++++ bsc1073877-0001-apparmor-clobber-docker-default-profile-on-start.patch ++++++ --- /var/tmp/diff_new_pack.4Wkis1/_old 2019-07-28 10:16:58.944598604 +0200 +++ /var/tmp/diff_new_pack.4Wkis1/_new 2019-07-28 10:16:58.948598604 +0200 @@ -1,4 +1,4 @@ -From 66a84fc12ea9c9a4a9805550b3cd2055862ef1c6 Mon Sep 17 00:00:00 2001 +From a67925f5d977db2b5a1b0162149cbd0de2b20598 Mon Sep 17 00:00:00 2001 From: Aleksa Sarai <[email protected]> Date: Fri, 29 Jun 2018 17:59:30 +1000 Subject: [PATCH] apparmor: clobber docker-default profile on start @@ -17,8 +17,8 @@ --- components/engine/daemon/apparmor_default.go | 14 ++++++++++---- .../engine/daemon/apparmor_default_unsupported.go | 4 ++++ - components/engine/daemon/daemon.go | 4 +++- - 3 files changed, 17 insertions(+), 5 deletions(-) + components/engine/daemon/daemon.go | 5 +++-- + 3 files changed, 17 insertions(+), 6 deletions(-) diff --git a/components/engine/daemon/apparmor_default.go b/components/engine/daemon/apparmor_default.go index 461f5c7f96b2..8f21c5c0c566 100644 @@ -68,13 +68,14 @@ return nil } diff --git a/components/engine/daemon/daemon.go b/components/engine/daemon/daemon.go -index a307863017ab..67cd286002bf 100644 +index f049b0d2a41f..7bd89e76b32f 100644 --- a/components/engine/daemon/daemon.go +++ b/components/engine/daemon/daemon.go -@@ -735,7 +735,9 @@ func NewDaemon(ctx context.Context, config *config.Config, pluginStore *plugin.S +@@ -807,8 +807,9 @@ func NewDaemon(ctx context.Context, config *config.Config, pluginStore *plugin.S logrus.Warnf("Failed to configure golang's threads limit: %v", err) } +- // ensureDefaultAppArmorProfile does nothing if apparmor is disabled - if err := ensureDefaultAppArmorProfile(); err != nil { + // Make sure we clobber any pre-existing docker-default profile to ensure + // that upgrades to the profile actually work smoothly. @@ -83,5 +84,5 @@ } -- -2.21.0 +2.22.0 ++++++ docker-18.09.7_ce_2d0083d657f8.tar.xz -> docker-19.03.0_ce_aeac9490dc54.tar.xz ++++++ /work/SRC/openSUSE:Factory/docker/docker-18.09.7_ce_2d0083d657f8.tar.xz /work/SRC/openSUSE:Factory/.docker.new.4126/docker-19.03.0_ce_aeac9490dc54.tar.xz differ: char 26, line 1 ++++++ packaging-0001-revert-Remove-docker-prefix-for-containerd-and-runc-.patch ++++++ --- /var/tmp/diff_new_pack.4Wkis1/_old 2019-07-28 10:16:59.028598607 +0200 +++ /var/tmp/diff_new_pack.4Wkis1/_new 2019-07-28 10:16:59.028598607 +0200 @@ -1,4 +1,4 @@ -From 6d022d4e08225c2fda686fc0d5febecee2efa864 Mon Sep 17 00:00:00 2001 +From 33d18d20a806e2541292acb55338dea2065d2501 Mon Sep 17 00:00:00 2001 From: Aleksa Sarai <[email protected]> Date: Thu, 29 Nov 2018 20:53:16 +1100 Subject: [PATCH] revert "Remove 'docker-' prefix for containerd and runc @@ -11,20 +11,19 @@ Signed-off-by: Aleksa Sarai <[email protected]> --- - components/engine/api/swagger.yaml | 4 +-- - .../builder/builder-next/executor_unix.go | 2 +- - components/engine/cmd/dockerd/daemon.go | 36 +++++++------------ - components/engine/daemon/daemon_unix.go | 6 ++-- - .../libcontainerd/supervisor/remote_daemon.go | 4 +-- - .../supervisor/remote_daemon_linux.go | 4 +-- - .../supervisor/remote_daemon_windows.go | 4 +-- - 7 files changed, 25 insertions(+), 35 deletions(-) + components/engine/api/swagger.yaml | 4 ++-- + components/engine/builder/builder-next/executor_unix.go | 2 +- + components/engine/daemon/daemon_unix.go | 6 +++--- + components/engine/libcontainerd/supervisor/remote_daemon.go | 4 ++-- + .../engine/libcontainerd/supervisor/remote_daemon_linux.go | 4 ++-- + .../libcontainerd/supervisor/remote_daemon_windows.go | 4 ++-- + 6 files changed, 12 insertions(+), 12 deletions(-) diff --git a/components/engine/api/swagger.yaml b/components/engine/api/swagger.yaml -index ca9d29e021de..082e5783ff1f 100644 +index 6e0bc25b52d6..58f860d22a49 100644 --- a/components/engine/api/swagger.yaml +++ b/components/engine/api/swagger.yaml -@@ -3866,10 +3866,10 @@ definitions: +@@ -3980,10 +3980,10 @@ definitions: $ref: "#/definitions/Runtime" default: runc: @@ -38,80 +37,20 @@ path: "/go/bin/runc" custom: diff --git a/components/engine/builder/builder-next/executor_unix.go b/components/engine/builder/builder-next/executor_unix.go -index 3a11f8588144..ce4d2d937f9f 100644 +index 620ffb401de7..dd63779a27d2 100644 --- a/components/engine/builder/builder-next/executor_unix.go +++ b/components/engine/builder/builder-next/executor_unix.go -@@ -28,7 +28,7 @@ func newExecutor(root, cgroupParent string, net libnetwork.NetworkController) (e +@@ -28,7 +28,7 @@ func newExecutor(root, cgroupParent string, net libnetwork.NetworkController, ro } return runcexecutor.New(runcexecutor.Opt{ Root: filepath.Join(root, "executor"), - CommandCandidates: []string{"runc"}, + CommandCandidates: []string{"docker-runc", "runc"}, DefaultCgroupParent: cgroupParent, - }, networkProviders) - } -diff --git a/components/engine/cmd/dockerd/daemon.go b/components/engine/cmd/dockerd/daemon.go -index 839537316af4..05922e6418d0 100644 ---- a/components/engine/cmd/dockerd/daemon.go -+++ b/components/engine/cmd/dockerd/daemon.go -@@ -10,7 +10,6 @@ import ( - "strings" - "time" - -- containerddefaults "github.com/containerd/containerd/defaults" - "github.com/docker/distribution/uuid" - "github.com/docker/docker/api" - apiserver "github.com/docker/docker/api/server" -@@ -141,25 +140,21 @@ func (cli *DaemonCli) start(opts *daemonOptions) (err error) { - - ctx, cancel := context.WithCancel(context.Background()) - if cli.Config.ContainerdAddr == "" && runtime.GOOS != "windows" { -- if !systemContainerdRunning() { -- opts, err := cli.getContainerdDaemonOpts() -- if err != nil { -- cancel() -- return fmt.Errorf("Failed to generate containerd options: %v", err) -- } -- -- r, err := supervisor.Start(ctx, filepath.Join(cli.Config.Root, "containerd"), filepath.Join(cli.Config.ExecRoot, "containerd"), opts...) -- if err != nil { -- cancel() -- return fmt.Errorf("Failed to start containerd: %v", err) -- } -- cli.Config.ContainerdAddr = r.Address() -+ opts, err := cli.getContainerdDaemonOpts() -+ if err != nil { -+ cancel() -+ return fmt.Errorf("Failed to generate containerd options: %v", err) -+ } - -- // Try to wait for containerd to shutdown -- defer r.WaitTimeout(10 * time.Second) -- } else { -- cli.Config.ContainerdAddr = containerddefaults.DefaultAddress -+ r, err := supervisor.Start(ctx, filepath.Join(cli.Config.Root, "containerd"), filepath.Join(cli.Config.ExecRoot, "containerd"), opts...) -+ if err != nil { -+ cancel() -+ return fmt.Errorf("Failed to start containerd: %v", err) - } -+ cli.Config.ContainerdAddr = r.Address() -+ -+ // Try to wait for containerd to shutdown -+ defer r.WaitTimeout(10 * time.Second) - } - defer cancel() - -@@ -665,8 +660,3 @@ func validateAuthzPlugins(requestedPlugins []string, pg plugingetter.PluginGette - } - return nil - } -- --func systemContainerdRunning() bool { -- _, err := os.Lstat(containerddefaults.DefaultAddress) -- return err == nil --} + Rootless: rootless, + NoPivot: os.Getenv("DOCKER_RAMDISK") != "", diff --git a/components/engine/daemon/daemon_unix.go b/components/engine/daemon/daemon_unix.go -index 5234201c828f..c40d11bc85c2 100644 +index df64de6edf13..fa9bfb528414 100644 --- a/components/engine/daemon/daemon_unix.go +++ b/components/engine/daemon/daemon_unix.go @@ -54,11 +54,11 @@ import ( @@ -128,7 +67,7 @@ // See https://git.kernel.org/cgit/linux/kernel/git/tip/tip.git/tree/kernel/sched/sched.h?id=8cd9234c64c584432f6992fe944ca9e46ca8ea76#n269 linuxMinCPUShares = 2 -@@ -76,7 +76,7 @@ const ( +@@ -77,7 +77,7 @@ const ( // DefaultRuntimeName is the default runtime to be used by // containerd if none is specified @@ -138,7 +77,7 @@ type containerGetter interface { diff --git a/components/engine/libcontainerd/supervisor/remote_daemon.go b/components/engine/libcontainerd/supervisor/remote_daemon.go -index eb9a2bdd8198..309f50f26bb2 100644 +index 31b93f11f0b1..5fba7f29eff9 100644 --- a/components/engine/libcontainerd/supervisor/remote_daemon.go +++ b/components/engine/libcontainerd/supervisor/remote_daemon.go @@ -27,8 +27,8 @@ const ( @@ -183,5 +122,5 @@ func (r *remote) setDefaults() { -- -2.21.0 +2.22.0 ++++++ private-registry-0001-Add-private-registry-mirror-support.patch ++++++ --- /var/tmp/diff_new_pack.4Wkis1/_old 2019-07-28 10:16:59.036598608 +0200 +++ /var/tmp/diff_new_pack.4Wkis1/_new 2019-07-28 10:16:59.036598608 +0200 @@ -1,4 +1,4 @@ -From 2a00f998e1e081a9f72f0ba81403dceea252c6a1 Mon Sep 17 00:00:00 2001 +From 69d43a9550cdedf86b0d4b29e9d737af90221109 Mon Sep 17 00:00:00 2001 From: Valentin Rothberg <[email protected]> Date: Mon, 2 Jul 2018 13:37:34 +0200 Subject: [PATCH] Add private-registry mirror support @@ -72,12 +72,12 @@ components/engine/distribution/pull.go | 2 +- components/engine/distribution/pull_v2.go | 2 +- components/engine/distribution/push.go | 2 +- - components/engine/registry/config.go | 120 ++++++++++++++- + components/engine/registry/config.go | 124 ++++++++++++++- components/engine/registry/config_test.go | 136 +++++++++++++++++ components/engine/registry/registry_test.go | 91 ++++++++++- - components/engine/registry/service.go | 56 ++++--- + components/engine/registry/service.go | 45 ++++-- components/engine/registry/service_v2.go | 66 +++++--- - 12 files changed, 705 insertions(+), 46 deletions(-) + 12 files changed, 697 insertions(+), 47 deletions(-) diff --git a/components/engine/api/types/registry/registry.go b/components/engine/api/types/registry/registry.go index 8789ad3b3210..c663fec7d881 100644 @@ -243,10 +243,10 @@ // NetIPNet is the net.IPNet type, which can be marshalled and diff --git a/components/engine/daemon/config/config.go b/components/engine/daemon/config/config.go -index 8b2c844a579f..e61940661c70 100644 +index 80ecbbd9550d..8ce69714d9bf 100644 --- a/components/engine/daemon/config/config.go +++ b/components/engine/daemon/config/config.go -@@ -470,6 +470,10 @@ func findConfigurationConflicts(config map[string]interface{}, flags *pflag.Flag +@@ -467,6 +467,10 @@ func findConfigurationConflicts(config map[string]interface{}, flags *pflag.Flag // 1. Search keys from the file that we don't recognize as flags. unknownKeys := make(map[string]interface{}) for key, value := range config { @@ -258,7 +258,7 @@ unknownKeys[key] = value } diff --git a/components/engine/daemon/reload.go b/components/engine/daemon/reload.go -index 026d7dd517f7..924c3982cd2a 100644 +index a31dd0cb87c1..99cc4a65a79d 100644 --- a/components/engine/daemon/reload.go +++ b/components/engine/daemon/reload.go @@ -21,8 +21,14 @@ import ( @@ -286,7 +286,7 @@ return daemon.reloadNetworkDiagnosticPort(conf, attributes) } -@@ -294,6 +303,30 @@ func (daemon *Daemon) reloadRegistryMirrors(conf *config.Config, attributes map[ +@@ -295,6 +304,30 @@ func (daemon *Daemon) reloadRegistryMirrors(conf *config.Config, attributes map[ return nil } @@ -314,7 +314,7 @@ + return nil +} + - // reloadLiveRestore updates configuration with live retore option + // reloadLiveRestore updates configuration with live restore option // and updates the passed attributes func (daemon *Daemon) reloadLiveRestore(conf *config.Config, attributes map[string]string) error { diff --git a/components/engine/daemon/reload_test.go b/components/engine/daemon/reload_test.go @@ -431,10 +431,10 @@ daemon := &Daemon{ imageService: images.NewImageService(images.ImageServiceConfig{}), diff --git a/components/engine/distribution/pull.go b/components/engine/distribution/pull.go -index 5de73ae99ac3..8e78c49273dd 100644 +index be366ce4a99b..49e0d0352778 100644 --- a/components/engine/distribution/pull.go +++ b/components/engine/distribution/pull.go -@@ -63,7 +63,7 @@ func Pull(ctx context.Context, ref reference.Named, imagePullConfig *ImagePullCo +@@ -58,7 +58,7 @@ func Pull(ctx context.Context, ref reference.Named, imagePullConfig *ImagePullCo return err } @@ -444,7 +444,7 @@ return err } diff --git a/components/engine/distribution/pull_v2.go b/components/engine/distribution/pull_v2.go -index 8f05cfa0b289..a562477ea6cd 100644 +index dd91ff2157b1..2640f6134e5d 100644 --- a/components/engine/distribution/pull_v2.go +++ b/components/engine/distribution/pull_v2.go @@ -379,7 +379,7 @@ func (p *v2Puller) pullV2Tag(ctx context.Context, ref reference.Named, platform @@ -457,10 +457,10 @@ var ( diff --git a/components/engine/distribution/push.go b/components/engine/distribution/push.go -index eb3bc5597462..a4624dee9482 100644 +index 5617a4c95f49..0a24aebed968 100644 --- a/components/engine/distribution/push.go +++ b/components/engine/distribution/push.go -@@ -64,7 +64,7 @@ func Push(ctx context.Context, ref reference.Named, imagePushConfig *ImagePushCo +@@ -58,7 +58,7 @@ func Push(ctx context.Context, ref reference.Named, imagePushConfig *ImagePushCo return err } @@ -470,29 +470,27 @@ return err } diff --git a/components/engine/registry/config.go b/components/engine/registry/config.go -index de5a526b694d..cf90abb8be04 100644 +index 6bb9258c9b6f..f1945237d235 100644 --- a/components/engine/registry/config.go +++ b/components/engine/registry/config.go -@@ -14,7 +14,7 @@ import ( +@@ -14,11 +14,12 @@ import ( "github.com/sirupsen/logrus" ) -// ServiceOptions holds command line options. +// ServiceOptions holds the user-specified configuration options. type ServiceOptions struct { - AllowNondistributableArtifacts []string `json:"allow-nondistributable-artifacts,omitempty"` - Mirrors []string `json:"registry-mirrors,omitempty"` -@@ -23,6 +23,9 @@ type ServiceOptions struct { - // V2Only controls access to legacy registries. If it is set to true via the - // command line flag the daemon will not attempt to contact v1 legacy registries - V2Only bool `json:"disable-legacy-registry,omitempty"` -+ -+ // Registries holds information associated with the specified registries. -+ Registries []registrytypes.Registry `json:"registries,omitempty"` +- AllowNondistributableArtifacts []string `json:"allow-nondistributable-artifacts,omitempty"` +- Mirrors []string `json:"registry-mirrors,omitempty"` +- InsecureRegistries []string `json:"insecure-registries,omitempty"` ++ AllowNondistributableArtifacts []string `json:"allow-nondistributable-artifacts,omitempty"` ++ Mirrors []string `json:"registry-mirrors,omitempty"` ++ InsecureRegistries []string `json:"insecure-registries,omitempty"` ++ Registries []registrytypes.Registry `json:"registries,omitempty"` } // serviceConfig holds daemon configuration for the registry service. -@@ -67,8 +70,21 @@ var ( +@@ -62,8 +63,21 @@ var ( // for mocking in unit tests var lookupIP = net.LookupIP @@ -514,7 +512,7 @@ config := &serviceConfig{ ServiceConfig: registrytypes.ServiceConfig{ InsecureRegistryCIDRs: make([]*registrytypes.NetIPNet, 0), -@@ -87,10 +103,104 @@ func newServiceConfig(options ServiceOptions) (*serviceConfig, error) { +@@ -81,10 +95,104 @@ func newServiceConfig(options ServiceOptions) (*serviceConfig, error) { if err := config.LoadInsecureRegistries(options.InsecureRegistries); err != nil { return nil, err } @@ -619,7 +617,7 @@ // LoadAllowNondistributableArtifacts loads allow-nondistributable-artifacts registries into config. func (config *serviceConfig) LoadAllowNondistributableArtifacts(registries []string) error { cidrs := map[string]*registrytypes.NetIPNet{} -@@ -131,6 +241,10 @@ func (config *serviceConfig) LoadAllowNondistributableArtifacts(registries []str +@@ -125,6 +233,10 @@ func (config *serviceConfig) LoadAllowNondistributableArtifacts(registries []str // LoadMirrors loads mirrors to config, after removing duplicates. // Returns an error if mirrors contains an invalid mirror. func (config *serviceConfig) LoadMirrors(mirrors []string) error { @@ -630,7 +628,7 @@ mMap := map[string]struct{}{} unique := []string{} -@@ -160,6 +274,10 @@ func (config *serviceConfig) LoadMirrors(mirrors []string) error { +@@ -154,6 +266,10 @@ func (config *serviceConfig) LoadMirrors(mirrors []string) error { // LoadInsecureRegistries loads insecure registries to config func (config *serviceConfig) LoadInsecureRegistries(registries []string) error { @@ -921,7 +919,7 @@ func TestPushRegistryTag(t *testing.T) { diff --git a/components/engine/registry/service.go b/components/engine/registry/service.go -index b441970ff170..b3c1ee21f383 100644 +index 08f5c7a4e12c..ee0c97a8a21b 100644 --- a/components/engine/registry/service.go +++ b/components/engine/registry/service.go @@ -8,7 +8,7 @@ import ( @@ -1031,33 +1029,8 @@ if err == nil { for _, endpoint := range allEndpoints { if !endpoint.Mirror { -@@ -308,8 +323,8 @@ func (s *DefaultService) LookupPushEndpoints(hostname string) (endpoints []APIEn - return endpoints, err - } - --func (s *DefaultService) lookupEndpoints(hostname string) (endpoints []APIEndpoint, err error) { -- endpoints, err = s.lookupV2Endpoints(hostname) -+func (s *DefaultService) lookupEndpoints(reference string) (endpoints []APIEndpoint, err error) { -+ endpoints, err = s.lookupV2Endpoints(reference) - if err != nil { - return nil, err - } -@@ -318,6 +333,13 @@ func (s *DefaultService) lookupEndpoints(hostname string) (endpoints []APIEndpoi - return endpoints, nil - } - -+ // When falling back to V1 endpoints, switch to the hostname -+ ref, err := dref.ParseNamed(reference) -+ if err != nil { -+ return nil, err -+ } -+ hostname := dref.Domain(ref) -+ - legacyEndpoints, err := s.lookupV1Endpoints(hostname) - if err != nil { - return nil, err diff --git a/components/engine/registry/service_v2.go b/components/engine/registry/service_v2.go -index 3a56dc91145a..9de221cf2aa0 100644 +index 1a4c9e310547..efebb4f41486 100644 --- a/components/engine/registry/service_v2.go +++ b/components/engine/registry/service_v2.go @@ -1,30 +1,51 @@ @@ -1160,5 +1133,5 @@ endpoints = []APIEndpoint{ -- -2.21.0 +2.22.0 ++++++ secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch ++++++ --- /var/tmp/diff_new_pack.4Wkis1/_old 2019-07-28 10:16:59.044598608 +0200 +++ /var/tmp/diff_new_pack.4Wkis1/_new 2019-07-28 10:16:59.044598608 +0200 @@ -1,4 +1,4 @@ -From 6603582112f42cd00b84d62a5412f2380e55d7e3 Mon Sep 17 00:00:00 2001 +From 47b241f184e61474957c4ffb8a3dcbaa543eadb9 Mon Sep 17 00:00:00 2001 From: Aleksa Sarai <[email protected]> Date: Wed, 8 Mar 2017 12:41:54 +1100 Subject: [PATCH 1/2] daemon: allow directory creation in /run/secrets @@ -14,7 +14,7 @@ 1 file changed, 21 insertions(+), 3 deletions(-) diff --git a/components/engine/daemon/container_operations_unix.go b/components/engine/daemon/container_operations_unix.go -index c0aab7234269..8d8b13d26cff 100644 +index 3fcdc1913bed..4920def81a7e 100644 --- a/components/engine/daemon/container_operations_unix.go +++ b/components/engine/daemon/container_operations_unix.go @@ -3,6 +3,7 @@ @@ -70,5 +70,5 @@ return errors.Wrap(err, "error setting ownership for secret") } -- -2.21.0 +2.22.0 ++++++ secrets-0002-SUSE-implement-SUSE-container-secrets.patch ++++++ --- /var/tmp/diff_new_pack.4Wkis1/_old 2019-07-28 10:16:59.052598608 +0200 +++ /var/tmp/diff_new_pack.4Wkis1/_new 2019-07-28 10:16:59.052598608 +0200 @@ -1,4 +1,4 @@ -From 3eabc382912eeb475013b5514412968dfa300d63 Mon Sep 17 00:00:00 2001 +From 80072183953f8cf6fcef6b5e65e609e833dd9fb8 Mon Sep 17 00:00:00 2001 From: Aleksa Sarai <[email protected]> Date: Wed, 8 Mar 2017 11:43:29 +1100 Subject: [PATCH 2/2] SUSE: implement SUSE container secrets @@ -19,7 +19,7 @@ create mode 100644 components/engine/daemon/suse_secrets.go diff --git a/components/engine/daemon/start.go b/components/engine/daemon/start.go -index e2265a4faeca..31b60e5621c6 100644 +index 57a7267b7cbb..46c3a603554f 100644 --- a/components/engine/daemon/start.go +++ b/components/engine/daemon/start.go @@ -151,6 +151,11 @@ func (daemon *Daemon) containerStart(container *container.Container, checkpoint @@ -437,5 +437,5 @@ + return nil +} -- -2.21.0 +2.22.0
