The update container command allows to update quite some properties.
From Docker's Swagger yaml it seems that all properties from the
Resource object are supported. Introduce a new API
update_container_from_resources similar to create_container_from_config
to support all properties supported by the Resources object.
Signed-off-by: Stefan Agner <stefan@agner.ch>
Introduce HostResources class to parse fields defined in Swagger's Resources
object. Let HostConfig extend this new HostResources class. Unchanged
functionality, but this will allow to use the HostResources class in other
use cases.
Signed-off-by: Stefan Agner <stefan@agner.ch>
While removing any usage of the deprecated `distutils` package,
("The distutils package is deprecated and slated for removal in Python 3.12.")
this internal utility can be removed straightaway because the
`shutil.which` replacement for `distutils.spawn.find_executable`
already honors the `PATHEXT` environment variable in windows systems.
See https://docs.python.org/3/library/shutil.html#shutil.which
Signed-off-by: Daniel Möller <n1ngu@riseup.net>
GitHub Actions workflow to create a release: will upload to PyPI
and create a GitHub release with the `sdist` and `bdist_wheel`
as well.
The version code is switched to `setuptools_scm` to work well
with this flow (e.g. avoid needing to write a script that does
a `sed` on the version file and commits as part of release).
Signed-off-by: Milas Bowman <milas.bowman@docker.com>
Allow an Image to be deleted by calling the remove() method on it,
just like a Volume.
Signed-off-by: Ahmon Dancy <dancy@dancysoft.com>
Signed-off-by: Milas Bowman <milas.bowman@docker.com>
Co-authored-by: Ahmon Dancy <dancy@dancysoft.com>
`rollback_config` was not in the list of `CREATE_SERVICE_KWARGS`
which prevented it from being an argument when creating services.
It has now been added and the problem fixed, allowing services to
have a rollback_config during creation and updating.
Fixes#2832.
Signed-off-by: Fraser Patten <pattenf00@gmail.com>
Signed-off-by: Milas Bowman <milas.bowman@docker.com>
Co-authored-by: Milas Bowman <milas.bowman@docker.com>
* Upgrade websocket-client to latest
* Add basic integration test for streaming logs via websocket
Signed-off-by: Milas Bowman <milas.bowman@docker.com>
Follow instructions at https://www.sphinx-doc.org/en/master/usage/markdown.html.
This switches from `recommonmark` (deprecated) to `myst-parser`
(recommended).
Only impacts the changelog page, which was broken after recent upgrades
to Sphinx for Python 3.10 compatibility.
Signed-off-by: Milas Bowman <milas.bowman@docker.com>
The `requirements.txt` and `setup.py` had a lot of extra transitive
dependencies to try and address various SSL shortcomings from the
Python ecosystem.
Thankfully, between modern Python versions (3.6+) and corresponding
`requests` versions (2.26+), this is all unnecessary now!
As a result, a bunch of transitive dependencies have been removed
from `requirements.txt`, the minimum version of `requests` increased,
and the `tls` extra made into a no-op.
Signed-off-by: Milas Bowman <milas.bowman@docker.com>
It's been a long time without a release, and we've included a
number of fixes as well as raised the minimum Python version,
so a major release seems in order.
Signed-off-by: Milas Bowman <milas.bowman@docker.com>
Fix & enable SSH integration test suite.
This also adds a new test for connecting to unknown hosts when
using the Python SSH implementation (Paramiko). See #2932 for
more info.
Because of the above, some of the config/static key files have been
moved around and adjusted.
Signed-off-by: Milas Bowman <milas.bowman@docker.com>
Set `daemon` attribute instead of using `setDaemon` method that
was deprecated in Python 3.10.
Signed-off-by: Karthikeyan Singaravelan <tir.karthi@gmail.com>
In the Secure Shell (SSH) protocol, host keys are used to verify the identity of remote hosts. Accepting unknown host keys may leave the connection open to man-in-the-middle attacks.
Do not accept unknown host keys. In particular, do not set the default missing host key policy for the Paramiko library to either AutoAddPolicy or WarningPolicy. Both of these policies continue even when the host key is unknown. The default setting of RejectPolicy is secure because it throws an exception when it encounters an unknown host key.
Reference: https://cwe.mitre.org/data/definitions/295.html
NOTE: This only affects SSH connections using the native Python SSH implementation (Paramiko), when `use_ssh_client=False` (default). If using the system SSH client (`use_ssh_client=True`), the host configuration
(e.g. `~/.ssh/config`) will apply.
Signed-off-by: Audun Nes <audun.nes@gmail.com>
This is no longer needed as it exists in every supported (non-EOL)
version of Python that we target.
Signed-off-by: Milas Bowman <milas.bowman@docker.com>
* Upgrade to latest Sphinx / recommonmark
* Small CSS fix for issue in new version of Alabaster theme
* Fix `Makefile` target for macOS
Signed-off-by: Milas Bowman <milas.bowman@docker.com>
* Fix integration tests race condition
* Run integration tests on CI
* Use existing DIND version
Signed-off-by: Leonard Kinday <leonard@kinday.ru>
Co-authored-by: Milas Bowman <milas.bowman@docker.com>
Specific TLS versions are deprecated in latest Python, which
causes test failures due to treating deprecation errors as
warnings.
Luckily, the fix here is straightforward: we can eliminate some
custom version selection logic by using `PROTOCOL_TLS_CLIENT`,
which is the recommended method and will select the highest TLS
version supported by both client and server.
Signed-off-by: Milas Bowman <milas.bowman@docker.com>
We want "The above exception was the direct cause of the following exception:" instead of "During handling of the above exception, another exception occurred:"
Signed-off-by: Maor Kleinberger <kmaork@gmail.com>
This test looks for some behavior on non-chunked HTTP requests.
It now fails because it looks like recent versions of Docker Engine
ALWAYS return chunked responses (or perhaps this specific response
changed somehow to now trigger chunking whereas it did not previously).
The actual logic it's trying to test is also unusual because it's
trying to hackily propagate errors under the assumption that it'd get
a non-chunked response on failure, which is...not reliable. Arguably,
the chunked reader should be refactored somehow but that's a refactor
we can't really commit to (and it's evidently been ok enough as is
up until now).
Signed-off-by: Milas Bowman <milas.bowman@docker.com>
Ensure the container has exited before attempting to grab the logs.
Since we are not streaming them, it's possible to attach + grab logs
before the output is processed, resulting in a test failure. If the
container has exited, it's guaranteed to have logged :)
Signed-off-by: Milas Bowman <milas.bowman@docker.com>
Stefan Agner
Ningú
q0w
Saurav Maheshkar
Thomas Gassmann
Milas Bowman
Max Fan
Hristo Georgiev
Ville Skyttä
Clément Loiselet
ercildoune
Till!
Peter Dave Hello
David
Felix Fontein
Ben Fasoli
Tim Gates
Vilhelm Prytz
Karthikeyan Singaravelan
Audun V. Nes
errorcode
Leonard Kinday
Francesco Casalegno
Guy Lichtman
Maor Kleinberger