[pull] master from moby:master #1404
Open
+1,936,990
−629,396
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add nil check before calling EventsService.Close() to prevent panic when daemon.EventsService is not initialized during shutdown. Signed-off-by: jinda.ljd <jinda.ljd@alibaba-inc.com>
…l-modules ci: run golangci-lint for each Go module
fix: prevent potential panic in Shutdown when EventsService is nil
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: majiayu000 <1835304752@qq.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
migrate TestAPIImageImportBadSrc to integration test
The "param" field was only used to generate the error-message, and the produced error-message was missing a space so we may as well just inline it. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Michael Smithhisler <smithhisler.mike@gmail.com>
daemon/server/httputils: remove badParameterError
…ut-kill docs: document healthcheck timeout termination behavior
daemon: minor cleanup and linting fixes
Signed-off-by: gsotelo <gsotelo.se@gmail.com>
client: use stop function to deregister context.AfterFunc
docs: fix reversed descriptions of version.Arch and info.Architecture
integration/container: TestStats: explicitly check zero-value
docs: fix typo in IPv6 constant comment
…roups-v2 docs: update stats API description for cgroups v2 compatibility
When attempting to read a (malformed) resolv.conf with a very long line,
a obscure error would be produced that didn't provide much context to
identify the problem;
Handler for POST /v1.51/containers/mariadb11/start returned error: bufio.Scanner: token too long
This patch adds some additional error-handling to detect this situation,
and includes the filename of the resolv.conf to help the user locating
the file that failed to be parsed.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Minor enhancement / follow-up to c8aaeea; make sure we never attempt to find `go.mod` files in other locations. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
libnet/internal/resolvconf: Parse: improve error message
…cription docs: improve description of image tag API endpoint
…4-description docs: fix base64 encoding description for secrets and configs
- rename vars that shadowed - suppress some unhandled errors Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The http.Client passed into client.WithHTTPClient() is modified by the constructor in-place: the value of its Transport field is mutated and wrapped in an OpenTelemetry decorator. This can lead to very surprising behaviour when a second client is constructed reusing the same http.Client value. If the http.Client is configured for TLS, the second client will fail to detect that and will incorrectly dial the Engine API socket as cleartext HTTP. Copy the provided http.Client so our modifications don't leak out to unexpected places. Signed-off-by: Cory Snider <csnider@mirantis.com>
Drop replace rules and cut API v1.53
full diff: https://github.com/moby/moby/api/compare/2d8289cbf32e...v1.53.0 Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
vendor: github.com/moby/moby/api v1.53.0
full diff: https://github.com/moby/moby/client/compare/2d8289cbf32e...v0.2.2 Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
vendor: github.com/moby/moby/client v0.2.2
When error during daemon initialization fails before the events manager
is created the daemon will panic instead of erroring out cleanly with
an actual error message.
```
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x20 pc=0x194fcec]
goroutine 1 [running, locked to thread]:
github.com/moby/moby/v2/daemon/events.(*Events).Close(...)
/go/src/github.com/docker/docker/daemon/events/events.go:157
github.com/moby/moby/v2/daemon.(*Daemon).Shutdown(0x40001bf908, {0x2d664f0, 0x44c87e0})
/go/src/github.com/docker/docker/daemon/daemon.go:1505 +0x3bc
github.com/moby/moby/v2/daemon.NewDaemon.func1()
/go/src/github.com/docker/docker/daemon/daemon.go:907 +0x44
github.com/moby/moby/v2/daemon.NewDaemon({0x2d66560, 0x4000051c20}, 0x40004a6108, 0x40006fe810, 0x4000318700)
/go/src/github.com/docker/docker/daemon/daemon.go:1371 +0x2130
github.com/moby/moby/v2/daemon/command.(*daemonCLI).start(0x4000051bd0, {0x2d664f0, 0x44c87e0})
/go/src/github.com/docker/docker/daemon/command/daemon.go:264 +0xb90
github.com/moby/moby/v2/daemon/command.runDaemon(...)
/go/src/github.com/docker/docker/daemon/command/docker_unix.go:13
github.com/moby/moby/v2/daemon/command.newDaemonCommand.func1(0x4000381808, {0x40006ac780?, 0x7?, 0x287f0b1?})
/go/src/github.com/docker/docker/daemon/command/docker.go:48 +0xb0
github.com/spf13/cobra.(*Command).execute(0x4000381808, {0x4000050060, 0x4, 0x4})
/go/src/github.com/docker/docker/vendor/github.com/spf13/cobra/command.go:1015 +0x7d4
github.com/spf13/cobra.(*Command).ExecuteC(0x4000381808)
/go/src/github.com/docker/docker/vendor/github.com/spf13/cobra/command.go:1148 +0x350
github.com/spf13/cobra.(*Command).Execute(...)
/go/src/github.com/docker/docker/vendor/github.com/spf13/cobra/command.go:1071
github.com/spf13/cobra.(*Command).ExecuteContext(...)
/go/src/github.com/docker/docker/vendor/github.com/spf13/cobra/command.go:1064
github.com/moby/moby/v2/daemon/command.daemonRunner.Run({0x2d35440?}, {0x2d664f0, 0x44c87e0})
/go/src/github.com/docker/docker/daemon/command/docker.go:97 +0x6c
main.main()
/go/src/github.com/docker/docker/cmd/dockerd/main.go:35 +0x108
```
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
daemon: Fix panic in shutdown after daemon init fails
This action has no tagged releases, so Renovate would open a PR for every new commit. The action is still experimental and frequently receives commits that would trigger unnecessary update PRs. Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
renovate: ignore docker/github-builder-experimental
daemon: ignore duplicate task exit events in daemon state
The Security Parameter Index value signals to the recipient which key to decrypt the packet with. The overlay driver derives the SPI value for a flow from a hash digest of the source and destination IP addresses. The source and destination need to derive the same digest given the same information as the SPI values are not signaled over the overlay driver's control plane. Refactoring the overlay driver to use netip types accidentally changed the hash function to digest IPv4 addresses in 4-byte form, causing newer engines to calculate a different SPI value for a flow than older engines would. Restore the original calculation by hashing IPv4 addresses in their 16-byte form, and refactor the buildSPI function to take netip.Addr parameters to prevent 16-byte vs 4-byte mixups from being possible in the future. Signed-off-by: Cory Snider <csnider@mirantis.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
daemon/pkg/plugin/v2: use namespace consts
- verifier: fix race when loadTrustRoot called in parallel full diff: moby/policy-helpers@9fcc1a9...eeebf1a Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
full diff: secure-systems-lab/go-securesystemslib@v0.9.1...v0.10.0 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
fixes CVE-2026-23992 / GHSA-fphv-w9fq-2525 full diff: theupdateframework/go-tuf@v2.3.0...v2.3.1 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Attempting to keep all the google.golang.org/genproto packages (which are from a mono-repo) at the same version. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Apparently "matchManagers: gomod" and "matchDepNames" are the preferred options as they match updates according to the package manager conventions (go mod). Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
ci: renovate: group google.golang.org/genproto packages
vendor: github.com/moby/policy-helpers eeebf1a0ab2b
Signed-off-by: Mend Renovate <bot@renovateapp.com>
vendor: github.com/theupdateframework/go-tuf/v2 v2.3.1
…n-0.x chore(deps): update docker/buildx-bin docker tag to v0.31.1
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
libn/d/overlay: calculate SPI like older engines
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
Check the serviceBinding's deleted flag to guard against the service getting deleted before we locked its mutex, which would make it futile to look up the load balancers. And guard against dereferencing a nil *loadBalancer in general. Signed-off-by: Cory Snider <csnider@mirantis.com>
ci: update docker/github-builder to v1
vendor: update buildkit v0.27.1
d/libnetwork: fix (*Controller).getLBIndex panic
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )