Merge pull request #45523 from thaJeztah/24.0_backport_cleanup_reexec_inits
[24.0 backport] [chore] clean up reexec.Init() calls
diff --git a/.github/workflows/bin-image.yml b/.github/workflows/bin-image.yml
new file mode 100644
index 0000000..f899204
--- /dev/null
+++ b/.github/workflows/bin-image.yml
@@ -0,0 +1,72 @@
+name: bin-image
+
+concurrency:
+ group: ${{ github.workflow }}-${{ github.ref }}
+ cancel-in-progress: true
+
+on:
+ workflow_dispatch:
+ push:
+ branches:
+ - 'master'
+ - '[0-9]+.[0-9]+'
+ tags:
+ - 'v*'
+ pull_request:
+
+env:
+ PLATFORM: Moby Engine
+ PRODUCT: Moby
+ DEFAULT_PRODUCT_LICENSE: Moby
+ PACKAGER_NAME: Moby
+
+jobs:
+ validate-dco:
+ uses: ./.github/workflows/.dco.yml
+
+ build:
+ runs-on: ubuntu-20.04
+ needs:
+ - validate-dco
+ steps:
+ -
+ name: Checkout
+ uses: actions/checkout@v3
+ with:
+ fetch-depth: 0
+ -
+ name: Docker meta
+ id: meta
+ uses: docker/metadata-action@v4
+ with:
+ images: moby-bin
+ ### versioning strategy
+ ## push semver tag v23.0.0
+ # moby/moby-bin:23.0.0
+ # moby/moby-bin:latest
+ ## push semver prelease tag v23.0.0-beta.1
+ # moby/moby-bin:23.0.0-beta.1
+ ## push on master
+ # moby/moby-bin:master
+ ## push on 23.0 branch
+ # moby/moby-bin:23.0
+ tags: |
+ type=semver,pattern={{version}}
+ type=ref,event=branch
+ type=ref,event=pr
+ -
+ name: Set up QEMU
+ uses: docker/setup-qemu-action@v2
+ -
+ name: Set up Docker Buildx
+ uses: docker/setup-buildx-action@v2
+ -
+ name: Build
+ uses: docker/bake-action@v2
+ with:
+ files: |
+ ./docker-bake.hcl
+ ${{ steps.meta.outputs.bake-file }}
+ targets: bin-image-cross
+ set: |
+ *.output=type=cacheonly
diff --git a/daemon/containerd/resolver.go b/daemon/containerd/resolver.go
index 07c9ed9..5b2d1df 100644
--- a/daemon/containerd/resolver.go
+++ b/daemon/containerd/resolver.go
@@ -24,7 +24,15 @@
}), tracker
}
-func hostsWrapper(hostsFn docker.RegistryHosts, authConfig *registrytypes.AuthConfig, regService RegistryConfigProvider) docker.RegistryHosts {
+func hostsWrapper(hostsFn docker.RegistryHosts, optAuthConfig *registrytypes.AuthConfig, regService RegistryConfigProvider) docker.RegistryHosts {
+ var authorizer docker.Authorizer
+ if optAuthConfig != nil {
+ auth := *optAuthConfig
+ if auth != (registrytypes.AuthConfig{}) {
+ authorizer = docker.NewDockerAuthorizer(authorizationCredsFromAuthConfig(auth))
+ }
+ }
+
return func(n string) ([]docker.RegistryHost, error) {
hosts, err := hostsFn(n)
if err != nil {
@@ -33,12 +41,7 @@
for i := range hosts {
if hosts[i].Authorizer == nil {
- var opts []docker.AuthorizerOpt
- if authConfig != nil {
- opts = append(opts, authorizationCredsFromAuthConfig(*authConfig))
- }
- hosts[i].Authorizer = docker.NewDockerAuthorizer(opts...)
-
+ hosts[i].Authorizer = authorizer
isInsecure := regService.IsInsecureRegistry(hosts[i].Host)
if hosts[i].Client.Transport != nil && isInsecure {
hosts[i].Client.Transport = httpFallback{super: hosts[i].Client.Transport}
@@ -51,13 +54,16 @@
func authorizationCredsFromAuthConfig(authConfig registrytypes.AuthConfig) docker.AuthorizerOpt {
cfgHost := registry.ConvertToHostname(authConfig.ServerAddress)
- if cfgHost == registry.IndexHostname {
+ if cfgHost == "" || cfgHost == registry.IndexHostname {
cfgHost = registry.DefaultRegistryHost
}
return docker.WithAuthCreds(func(host string) (string, string, error) {
if cfgHost != host {
- logrus.WithField("host", host).WithField("cfgHost", cfgHost).Warn("Host doesn't match")
+ logrus.WithFields(logrus.Fields{
+ "host": host,
+ "cfgHost": cfgHost,
+ }).Warn("Host doesn't match")
return "", "", nil
}
if authConfig.IdentityToken != "" {
diff --git a/docker-bake.hcl b/docker-bake.hcl
index 899551f..0eb078a 100644
--- a/docker-bake.hcl
+++ b/docker-bake.hcl
@@ -59,6 +59,11 @@
default = ""
}
+# Special target: https://github.com/docker/metadata-action#bake-definition
+target "docker-metadata-action" {
+ tags = ["moby-bin:local"]
+}
+
# Defines the output folder
variable "DESTDIR" {
default = ""
@@ -153,6 +158,29 @@
}
#
+# bin image
+#
+
+target "bin-image" {
+ inherits = ["all", "docker-metadata-action"]
+ output = ["type=docker"]
+}
+
+target "bin-image-cross" {
+ inherits = ["bin-image"]
+ output = ["type=image"]
+ platforms = [
+ "linux/amd64",
+ "linux/arm/v6",
+ "linux/arm/v7",
+ "linux/arm64",
+ "linux/ppc64le",
+ "linux/s390x",
+ "windows/amd64"
+ ]
+}
+
+#
# dev
#
diff --git a/vendor.mod b/vendor.mod
index 17d7485..44d53f8 100644
--- a/vendor.mod
+++ b/vendor.mod
@@ -32,7 +32,7 @@
github.com/coreos/go-systemd/v22 v22.5.0
github.com/creack/pty v1.1.18
github.com/deckarep/golang-set/v2 v2.3.0
- github.com/docker/distribution v2.8.1+incompatible
+ github.com/docker/distribution v2.8.2+incompatible
github.com/docker/go-connections v0.4.0
github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c
github.com/docker/go-metrics v0.0.1
diff --git a/vendor.sum b/vendor.sum
index ac001bd..2d78b13 100644
--- a/vendor.sum
+++ b/vendor.sum
@@ -502,8 +502,8 @@
github.com/docker/distribution v2.6.0-rc.1.0.20180327202408-83389a148052+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
-github.com/docker/distribution v2.8.1+incompatible h1:Q50tZOPR6T/hjNsyc9g8/syEs6bk8XXApsHjKukMl68=
-github.com/docker/distribution v2.8.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
+github.com/docker/distribution v2.8.2+incompatible h1:T3de5rq0dB1j30rp0sA2rER+m322EBzniBPB6ZIzuh8=
+github.com/docker/distribution v2.8.2+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
github.com/docker/docker v0.0.0-20200511152416-a93e9eb0e95c/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
github.com/docker/docker v0.7.3-0.20190327010347-be7ac8be2ae0/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
github.com/docker/docker v1.4.2-0.20180531152204-71cd53e4a197/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
diff --git a/vendor/github.com/docker/distribution/.dockerignore b/vendor/github.com/docker/distribution/.dockerignore
new file mode 100644
index 0000000..e660fd9
--- /dev/null
+++ b/vendor/github.com/docker/distribution/.dockerignore
@@ -0,0 +1 @@
+bin/
diff --git a/vendor/github.com/docker/distribution/.golangci.yml b/vendor/github.com/docker/distribution/.golangci.yml
index 1ba6cb9..36c083b 100644
--- a/vendor/github.com/docker/distribution/.golangci.yml
+++ b/vendor/github.com/docker/distribution/.golangci.yml
@@ -18,3 +18,10 @@
deadline: 2m
skip-dirs:
- vendor
+
+issues:
+ exclude-rules:
+ # io/ioutil is deprecated, but won't be removed until Go v2. It's safe to ignore for the release/2.8 branch.
+ - text: "SA1019: \"io/ioutil\" has been deprecated since Go 1.16"
+ linters:
+ - staticcheck
diff --git a/vendor/github.com/docker/distribution/.mailmap b/vendor/github.com/docker/distribution/.mailmap
index 8f3738f..d94c393 100644
--- a/vendor/github.com/docker/distribution/.mailmap
+++ b/vendor/github.com/docker/distribution/.mailmap
@@ -44,6 +44,8 @@
Samuel Karp <skarp@amazon.com> Samuel Karp <samuelkarp@users.noreply.github.com>
Justin Cormack <justin.cormack@docker.com>
sayboras <sayboras@yahoo.com>
-CrazyMax <github@crazymax.dev>
CrazyMax <github@crazymax.dev> <1951866+crazy-max@users.noreply.github.com>
-CrazyMax <github@crazymax.dev> <crazy-max@users.noreply.github.com>
+Hayley Swimelar <hswimelar@gmail.com>
+Jose D. Gomez R <jose.gomez@suse.com>
+Shengjing Zhu <zhsj@debian.org>
+Silvin Lubecki <31478878+silvin-lubecki@users.noreply.github.com>
diff --git a/vendor/github.com/docker/distribution/Dockerfile b/vendor/github.com/docker/distribution/Dockerfile
index ae8c040..fb54b68 100644
--- a/vendor/github.com/docker/distribution/Dockerfile
+++ b/vendor/github.com/docker/distribution/Dockerfile
@@ -1,49 +1,59 @@
-# syntax=docker/dockerfile:1.3
+# syntax=docker/dockerfile:1
-ARG GO_VERSION=1.16.15
-ARG GORELEASER_XX_VERSION=1.2.5
+ARG GO_VERSION=1.19.9
+ARG ALPINE_VERSION=3.16
+ARG XX_VERSION=1.2.1
-FROM --platform=$BUILDPLATFORM crazymax/goreleaser-xx:${GORELEASER_XX_VERSION} AS goreleaser-xx
-FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-alpine AS base
-COPY --from=goreleaser-xx / /
-RUN apk add --no-cache file git
-WORKDIR /go/src/github.com/docker/distribution
-
-FROM base AS build
+FROM --platform=$BUILDPLATFORM tonistiigi/xx:${XX_VERSION} AS xx
+FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-alpine${ALPINE_VERSION} AS base
+COPY --from=xx / /
+RUN apk add --no-cache bash coreutils file git
ENV GO111MODULE=auto
ENV CGO_ENABLED=0
-# GIT_REF is used by goreleaser-xx to handle the proper git ref when available.
-# It will fallback to the working tree info if empty and use "git tag --points-at"
-# or "git describe" to define the version info.
-ARG GIT_REF
-ARG TARGETPLATFORM
-ARG PKG="github.com/distribution/distribution"
-ARG BUILDTAGS="include_oss include_gcs"
-RUN --mount=type=bind,rw \
- --mount=type=cache,target=/root/.cache/go-build \
- --mount=target=/go/pkg/mod,type=cache \
- goreleaser-xx --debug \
- --name="registry" \
- --dist="/out" \
- --main="./cmd/registry" \
- --flags="-v" \
- --ldflags="-s -w -X '$PKG/version.Version={{.Version}}' -X '$PKG/version.Revision={{.Commit}}' -X '$PKG/version.Package=$PKG'" \
- --tags="$BUILDTAGS" \
- --files="LICENSE" \
- --files="README.md"
+WORKDIR /go/src/github.com/docker/distribution
-FROM scratch AS artifact
-COPY --from=build /out/*.tar.gz /
-COPY --from=build /out/*.zip /
-COPY --from=build /out/*.sha256 /
+FROM base AS version
+ARG PKG="github.com/docker/distribution"
+RUN --mount=target=. \
+ VERSION=$(git describe --match 'v[0-9]*' --dirty='.m' --always --tags) REVISION=$(git rev-parse HEAD)$(if ! git diff --no-ext-diff --quiet --exit-code; then echo .m; fi); \
+ echo "-X ${PKG}/version.Version=${VERSION#v} -X ${PKG}/version.Revision=${REVISION} -X ${PKG}/version.Package=${PKG}" | tee /tmp/.ldflags; \
+ echo -n "${VERSION}" | tee /tmp/.version;
+
+FROM base AS build
+ARG TARGETPLATFORM
+ARG LDFLAGS="-s -w"
+ARG BUILDTAGS="include_oss include_gcs"
+RUN --mount=type=bind,target=/go/src/github.com/docker/distribution,rw \
+ --mount=type=cache,target=/root/.cache/go-build \
+ --mount=target=/go/pkg/mod,type=cache \
+ --mount=type=bind,source=/tmp/.ldflags,target=/tmp/.ldflags,from=version \
+ set -x ; xx-go build -trimpath -ldflags "$(cat /tmp/.ldflags) ${LDFLAGS}" -o /usr/bin/registry ./cmd/registry \
+ && xx-verify --static /usr/bin/registry
FROM scratch AS binary
-COPY --from=build /usr/local/bin/registry* /
+COPY --from=build /usr/bin/registry /
-FROM alpine:3.14
+FROM base AS releaser
+ARG TARGETOS
+ARG TARGETARCH
+ARG TARGETVARIANT
+WORKDIR /work
+RUN --mount=from=binary,target=/build \
+ --mount=type=bind,target=/src \
+ --mount=type=bind,source=/tmp/.version,target=/tmp/.version,from=version \
+ VERSION=$(cat /tmp/.version) \
+ && mkdir -p /out \
+ && cp /build/registry /src/README.md /src/LICENSE . \
+ && tar -czvf "/out/registry_${VERSION#v}_${TARGETOS}_${TARGETARCH}${TARGETVARIANT}.tar.gz" * \
+ && sha256sum -z "/out/registry_${VERSION#v}_${TARGETOS}_${TARGETARCH}${TARGETVARIANT}.tar.gz" | awk '{ print $1 }' > "/out/registry_${VERSION#v}_${TARGETOS}_${TARGETARCH}${TARGETVARIANT}.tar.gz.sha256"
+
+FROM scratch AS artifact
+COPY --from=releaser /out /
+
+FROM alpine:${ALPINE_VERSION}
RUN apk add --no-cache ca-certificates
COPY cmd/registry/config-dev.yml /etc/docker/registry/config.yml
-COPY --from=build /usr/local/bin/registry /bin/registry
+COPY --from=binary /registry /bin/registry
VOLUME ["/var/lib/registry"]
EXPOSE 5000
ENTRYPOINT ["registry"]
diff --git a/vendor/github.com/docker/distribution/Makefile b/vendor/github.com/docker/distribution/Makefile
index 331da27..75e1182 100644
--- a/vendor/github.com/docker/distribution/Makefile
+++ b/vendor/github.com/docker/distribution/Makefile
@@ -50,7 +50,7 @@
check: ## run all linters (TODO: enable "unused", "varcheck", "ineffassign", "unconvert", "staticheck", "goimports", "structcheck")
@echo "$(WHALE) $@"
- golangci-lint run
+ @GO111MODULE=off golangci-lint run
test: ## run tests, except integration test with test.short
@echo "$(WHALE) $@"
diff --git a/vendor/github.com/docker/distribution/docker-bake.hcl b/vendor/github.com/docker/distribution/docker-bake.hcl
index 4dd5a10..91686e6 100644
--- a/vendor/github.com/docker/distribution/docker-bake.hcl
+++ b/vendor/github.com/docker/distribution/docker-bake.hcl
@@ -1,15 +1,3 @@
-// GITHUB_REF is the actual ref that triggers the workflow
-// https://docs.github.com/en/actions/learn-github-actions/environment-variables#default-environment-variables
-variable "GITHUB_REF" {
- default = ""
-}
-
-target "_common" {
- args = {
- GIT_REF = GITHUB_REF
- }
-}
-
group "default" {
targets = ["image-local"]
}
@@ -20,13 +8,11 @@
}
target "binary" {
- inherits = ["_common"]
target = "binary"
output = ["./bin"]
}
target "artifact" {
- inherits = ["_common"]
target = "artifact"
output = ["./bin"]
}
@@ -43,8 +29,13 @@
]
}
+// Special target: https://github.com/docker/metadata-action#bake-definition
+target "docker-metadata-action" {
+ tags = ["registry:local"]
+}
+
target "image" {
- inherits = ["_common", "docker-metadata-action"]
+ inherits = ["docker-metadata-action"]
}
target "image-local" {
diff --git a/vendor/github.com/docker/distribution/reference/reference.go b/vendor/github.com/docker/distribution/reference/reference.go
index 8c0c23b..b7cd00b 100644
--- a/vendor/github.com/docker/distribution/reference/reference.go
+++ b/vendor/github.com/docker/distribution/reference/reference.go
@@ -3,13 +3,13 @@
//
// Grammar
//
-// reference := name [ ":" tag ] [ "@" digest ]
+// reference := name [ ":" tag ] [ "@" digest ]
// name := [domain '/'] path-component ['/' path-component]*
// domain := domain-component ['.' domain-component]* [':' port-number]
// domain-component := /([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])/
// port-number := /[0-9]+/
// path-component := alpha-numeric [separator alpha-numeric]*
-// alpha-numeric := /[a-z0-9]+/
+// alpha-numeric := /[a-z0-9]+/
// separator := /[_.]|__|[-]*/
//
// tag := /[\w][\w.-]{0,127}/
diff --git a/vendor/github.com/docker/distribution/registry/api/v2/descriptors.go b/vendor/github.com/docker/distribution/registry/api/v2/descriptors.go
index a9616c5..c3bf90f 100644
--- a/vendor/github.com/docker/distribution/registry/api/v2/descriptors.go
+++ b/vendor/github.com/docker/distribution/registry/api/v2/descriptors.go
@@ -134,6 +134,19 @@
},
}
+ invalidPaginationResponseDescriptor = ResponseDescriptor{
+ Name: "Invalid pagination number",
+ Description: "The received parameter n was invalid in some way, as described by the error code. The client should resolve the issue and retry the request.",
+ StatusCode: http.StatusBadRequest,
+ Body: BodyDescriptor{
+ ContentType: "application/json",
+ Format: errorsBody,
+ },
+ ErrorCodes: []errcode.ErrorCode{
+ ErrorCodePaginationNumberInvalid,
+ },
+ }
+
repositoryNotFoundResponseDescriptor = ResponseDescriptor{
Name: "No Such Repository Error",
StatusCode: http.StatusNotFound,
@@ -490,6 +503,7 @@
},
},
Failures: []ResponseDescriptor{
+ invalidPaginationResponseDescriptor,
unauthorizedResponseDescriptor,
repositoryNotFoundResponseDescriptor,
deniedResponseDescriptor,
@@ -1578,6 +1592,9 @@
},
},
},
+ Failures: []ResponseDescriptor{
+ invalidPaginationResponseDescriptor,
+ },
},
},
},
diff --git a/vendor/github.com/docker/distribution/registry/api/v2/errors.go b/vendor/github.com/docker/distribution/registry/api/v2/errors.go
index 97d6923..87e9f3c 100644
--- a/vendor/github.com/docker/distribution/registry/api/v2/errors.go
+++ b/vendor/github.com/docker/distribution/registry/api/v2/errors.go
@@ -133,4 +133,13 @@
longer proceed.`,
HTTPStatusCode: http.StatusNotFound,
})
+
+ ErrorCodePaginationNumberInvalid = errcode.Register(errGroup, errcode.ErrorDescriptor{
+ Value: "PAGINATION_NUMBER_INVALID",
+ Message: "invalid number of results requested",
+ Description: `Returned when the "n" parameter (number of results
+ to return) is not an integer, "n" is negative or "n" is bigger than
+ the maximum allowed.`,
+ HTTPStatusCode: http.StatusBadRequest,
+ })
)
diff --git a/vendor/github.com/docker/distribution/registry/client/errors.go b/vendor/github.com/docker/distribution/registry/client/errors.go
index 52d49d5..024df43 100644
--- a/vendor/github.com/docker/distribution/registry/client/errors.go
+++ b/vendor/github.com/docker/distribution/registry/client/errors.go
@@ -55,6 +55,8 @@
switch statusCode {
case http.StatusUnauthorized:
return errcode.ErrorCodeUnauthorized.WithMessage(detailsErr.Details)
+ case http.StatusForbidden:
+ return errcode.ErrorCodeDenied.WithMessage(detailsErr.Details)
case http.StatusTooManyRequests:
return errcode.ErrorCodeTooManyRequests.WithMessage(detailsErr.Details)
default:
diff --git a/vendor/github.com/docker/distribution/registry/client/repository.go b/vendor/github.com/docker/distribution/registry/client/repository.go
index 3e2ae66..04e5a3b 100644
--- a/vendor/github.com/docker/distribution/registry/client/repository.go
+++ b/vendor/github.com/docker/distribution/registry/client/repository.go
@@ -114,9 +114,7 @@
return 0, err
}
- for cnt := range ctlg.Repositories {
- entries[cnt] = ctlg.Repositories[cnt]
- }
+ copy(entries, ctlg.Repositories)
numFilled = len(ctlg.Repositories)
link := resp.Header.Get("Link")
diff --git a/vendor/github.com/docker/distribution/registry/client/transport/http_reader.go b/vendor/github.com/docker/distribution/registry/client/transport/http_reader.go
index 1d0b382..9120dbe 100644
--- a/vendor/github.com/docker/distribution/registry/client/transport/http_reader.go
+++ b/vendor/github.com/docker/distribution/registry/client/transport/http_reader.go
@@ -180,7 +180,6 @@
// context.GetLogger(hrs.context).Infof("Range: %s", req.Header.Get("Range"))
}
- req.Header.Add("Accept-Encoding", "identity")
resp, err := hrs.client.Do(req)
if err != nil {
return nil, err
diff --git a/vendor/modules.txt b/vendor/modules.txt
index e4f7cff..d8e17fb 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -362,7 +362,7 @@
# github.com/dimchansky/utfbom v1.1.1
## explicit
github.com/dimchansky/utfbom
-# github.com/docker/distribution v2.8.1+incompatible
+# github.com/docker/distribution v2.8.2+incompatible
## explicit
github.com/docker/distribution
github.com/docker/distribution/digestset
