1, Fix GoSec G404: Use of weak random number generator (math/rand instead of crypto/rand)
2, Fix Static check: ST1019: package "github.com/sirupsen/logrus" is being imported more than once
Signed-off-by: Wang Yan <wangyan@vmware.com>
Go 1.13 and up enforce import paths to be versioned if a project
contains a go.mod and has released v2 or up.
The current v2.x branches (and releases) do not yet have a go.mod,
and therefore are still allowed to be imported with a non-versioned
import path (go modules add a `+incompatible` annotation in that case).
However, now that this project has a `go.mod` file, incompatible
import paths will not be accepted by go modules, and attempting
to use code from this repository will fail.
This patch uses `v3` for the import-paths (not `v2`), because changing
import paths itself is a breaking change, which means that the
next release should increment the "major" version to comply with
SemVer (as go modules dictate).
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Unit test coverge was increased to cover the usages of crypto. This helps to ensure that everything is working fine with fips mode enabled.
Also updated sha1 to sha256 in registry/storage/driver/testsuites/testsuites.go because sha1 is not supported in fips mode.
Signed-off-by: Naveed Jamil <naveed.jamil@tenpearl.com>
This fixes registry endpoints to return the proper `application/json`
content-type for JSON content, also updating spec examples for that.
As per IETF specification and IANA registry [0], the `application/json`
type is a binary media, so the content-type label does not need any
text-charset selector. Additionally, the media type definition
explicitly states that it has no required nor optional parameters,
which makes the current registry headers non-compliant.
[0]: https://www.iana.org/assignments/media-types/application/json
Signed-off-by: Luca Bruno <lucab@debian.org>
Back in the before time, the best practices surrounding usage of Context
weren't quite worked out. We defined our own type to make usage easier.
As this packaged was used elsewhere, it make it more and more
challenging to integrate with the forked `Context` type. Now that it is
available in the standard library, we can just use that one directly.
To make usage more consistent, we now use `dcontext` when referring to
the distribution context package.
Signed-off-by: Stephen J Day <stephen.day@docker.com>
Context should use type values instead of strings.
Updated direct calls to WithValue, but still other uses of string keys.
Update Acl to ACL in s3 driver.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Updates the readme to mention running the tests using golem.
Also provides instructions for making test development easier.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Use registry example from golem repository.
Use the golem test runner for the docker integration environment
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Token server implementation currently functional with existing docker 1.9.x release and latest distribution release.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Since the daemon flag was deprecated and replaced by the daemon subcommand, the run engine should use the subcommand and only the flag for older versions
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Making metadata:
- more consistent
- more specific (fixed copy pasting)
- refine coverage
Insecure information cleanup
Removing no longer used files:
- mkdocs is gone
- the registry diagram is not used, and is a bit silly :)
Minor fixes
Fixing links
Recipes:
- harmonized code sections style to the rest of the docs
- harmonized recipe "style"
- listing new recipes
Enhance deploying
Signed-off-by: Olivier Gambier <olivier@docker.com>
When running a different version of docker outside of the default in the integration image, then commands will fail with mismatched version unless the docker binary is specified to the correct version.
Add various cleanups to run script.
Run all commands interacting with docker inside the container in an exec.
Remove port binding to outside of container since all commands run inside.
Trap docker rm to exit in case of failure which prevents final command from running.
Do no copy images when $DOCKER_VOLUME is specified, this allows for faster runs when mounting a volume with a warm image cache.
Move exec and graph driver defaulting into run engine script.
Remove duplicated update of /etc/hosts.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Previously, the strategy for avoiding lots of rebuilding and repulling
for each Docker version being tested was to use a mountpoint to persist
/var/lib/docker. This was pretty broken, and may not be a reliable
strategy. This commit changes the scripts to instead build/pull images
outside the innermost container, and copy them to the final test
environment with docker save/docker load.
This requires a fair amount of changes, since run.sh must now
communicate with the Docker engine that was formerly started by
test_runner.sh. The code that starts this engine has been broken out to
run_engine.sh so that starting the engine and running the tests under it
can be done separately (with the images loaded in between these steps).
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
- Upgrade docker-compose to 1.3.3 to work around
https://github.com/docker/compose/issues/1314
- Change run.sh to run the Docker container in the foreground so that
the exit code is propagated.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
