tyler.durden
/
compose
mirror of https://github.com/docker/compose.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,318 Commits 24 Branches 262 Tags 66 MiB
Commit Graph

4318 Commits

Author SHA1 Message Date
Guillaume Lours e88836ffbd
Merge pull request #10525 from thaJeztah/update_go1.20.4 
update go to go1.20.4
 2023-05-04 11:52:37 +02:00
Nicolas De Loof b45ca82791
let user declare build secret target (id) 
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
 2023-05-04 10:01:10 +02:00
Sebastiaan van Stijn d1c36c6e6b
update go to go1.20.4 
go1.20.4 (released 2023-05-02) includes three security fixes to the html/template
package, as well as bug fixes to the compiler, the runtime, and the crypto/subtle,
crypto/tls, net/http, and syscall packages. See the Go 1.20.4 milestone on our
issue tracker for details:

https://github.com/golang/go/issues?q=milestone%3AGo1.20.4+label%3ACherryPickApproved

release notes: https://go.dev/doc/devel/release#go1.20.4
full diff: https://github.com/golang/go/compare/go1.20.3...go1.20.4

from the announcement:

> These minor releases include 3 security fixes following the security policy:
>
> - html/template: improper sanitization of CSS values
>
>   Angle brackets (`<>`) were not considered dangerous characters when inserted
>   into CSS contexts. Templates containing multiple actions separated by a '/'
>   character could result in unexpectedly closing the CSS context and allowing
>   for injection of unexpected HMTL, if executed with untrusted input.
>
>   Thanks to Juho Nurminen of Mattermost for reporting this issue.
>
>   This is CVE-2023-24539 and Go issue https://go.dev/issue/59720.
>
> - html/template: improper handling of JavaScript whitespace
>
>   Not all valid JavaScript whitespace characters were considered to be
>   whitespace. Templates containing whitespace characters outside of the character
>   set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain
>   actions may not be properly sanitized during execution.
>
>   Thanks to Juho Nurminen of Mattermost for reporting this issue.
>
>   This is CVE-2023-24540 and Go issue https://go.dev/issue/59721.
>
> - html/template: improper handling of empty HTML attributes
>
>   Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}")
>   executed with empty input could result in output that would have unexpected
>   results when parsed due to HTML normalization rules. This may allow injection
>   of arbitrary attributes into tags.
>
>   Thanks to Juho Nurminen of Mattermost for reporting this issue.
>
>   This is CVE-2023-29400 and Go issue https://go.dev/issue/59722.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-05-03 21:38:19 +02:00
TP-O b304c4e154 stop containers after termination 
Signed-off-by: TP-O <letranphong2k1@gmail.com>
 2023-05-03 11:47:56 +02:00
Guillaume Lours eca1365d42
cli: dry run support for `build` (#10502) 
* add dry-run support for classic builder
* add dry-run support for buildkit

Signed-off-by: Guillaume Lours <705411+glours@users.noreply.github.com>
 2023-05-02 14:23:26 -04:00
Guillaume Lours 03f4c0e631
progress: make title configurable (#10507) 
Signed-off-by: Guillaume Lours <705411+glours@users.noreply.github.com>
 2023-05-02 14:15:35 -04:00
Guillaume Lours 2a0e83ad9a
Merge pull request #10519 from glours/revert-image-spec-upgrade 
Revert "build(deps): bump github.com/opencontainers/image-spec"
 2023-05-02 13:13:13 +02:00
Guillaume Lours 2df9919ece
Revert "build(deps): bump github.com/opencontainers/image-spec" 
This reverts commit d54a95fed7.

Signed-off-by: Guillaume Lours <705411+glours@users.noreply.github.com>
 2023-05-02 12:31:27 +02:00
Guillaume Lours 74fc40d895
Merge pull request #10518 from docker/dependabot/go_modules/github.com/opencontainers/image-spec-1.1.0-rc.3 
build(deps): bump github.com/opencontainers/image-spec from 1.1.0-rc2.0.20221005185240-3a7f492d3f1b to 1.1.0-rc.3
 2023-05-02 12:11:16 +02:00
dependabot[bot] d54a95fed7
build(deps): bump github.com/opencontainers/image-spec 
Bumps [github.com/opencontainers/image-spec](https://github.com/opencontainers/image-spec) from 1.1.0-rc2.0.20221005185240-3a7f492d3f1b to 1.1.0-rc.3.
- [Release notes](https://github.com/opencontainers/image-spec/releases)
- [Changelog](https://github.com/opencontainers/image-spec/blob/main/RELEASES.md)
- [Commits](https://github.com/opencontainers/image-spec/commits/v1.1.0-rc3)

---
updated-dependencies:
- dependency-name: github.com/opencontainers/image-spec
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-05-02 09:58:57 +00:00
Guillaume Lours c1369869f5
Merge pull request #10515 from docker/dependabot/go_modules/go.opentelemetry.io/otel-1.15.0 
build(deps): bump go.opentelemetry.io/otel from 1.14.0 to 1.15.0
 2023-05-02 11:32:07 +02:00
dependabot[bot] f5ff40a2f3 build(deps): bump go.opentelemetry.io/otel from 1.14.0 to 1.15.0 
Bumps [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go) from 1.14.0 to 1.15.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.14.0...v1.15.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-05-02 10:51:17 +02:00
Guillaume Lours 6347b49f9c
Merge pull request #10516 from docker/dependabot/go_modules/github.com/moby/buildkit-0.11.6 
build(deps): bump github.com/moby/buildkit from 0.11.5 to 0.11.6
 2023-05-02 10:50:09 +02:00
dependabot[bot] c072a6f5f5
build(deps): bump github.com/moby/buildkit from 0.11.5 to 0.11.6 
Bumps [github.com/moby/buildkit](https://github.com/moby/buildkit) from 0.11.5 to 0.11.6.
- [Release notes](https://github.com/moby/buildkit/releases)
- [Commits](https://github.com/moby/buildkit/compare/v0.11.5...v0.11.6)

---
updated-dependencies:
- dependency-name: github.com/moby/buildkit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-05-01 10:05:25 +00:00
Guillaume Lours a06d32e7b6
Merge pull request #10506 from docker/dependabot/go_modules/github.com/opencontainers/image-spec-1.1.0-rc.3 
build(deps): bump github.com/opencontainers/image-spec from 1.1.0-rc2.0.20221005185240-3a7f492d3f1b to 1.1.0-rc.3
 2023-04-28 12:41:15 +02:00
dependabot[bot] 28fa309c23 build(deps): bump github.com/opencontainers/image-spec 
Bumps [github.com/opencontainers/image-spec](https://github.com/opencontainers/image-spec) from 1.1.0-rc2.0.20221005185240-3a7f492d3f1b to 1.1.0-rc.3.
- [Release notes](https://github.com/opencontainers/image-spec/releases)
- [Changelog](https://github.com/opencontainers/image-spec/blob/main/RELEASES.md)
- [Commits](https://github.com/opencontainers/image-spec/commits/v1.1.0-rc.3)

---
updated-dependencies:
- dependency-name: github.com/opencontainers/image-spec
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-04-28 12:26:50 +02:00
Laura Brehm 4f2c933f78
Merge pull request #10501 from docker/dependabot/go_modules/github.com/docker/cli-23.0.5incompatible 
build(deps): bump github.com/docker/cli from 23.0.4+incompatible to 23.0.5+incompatible
 2023-04-28 10:59:34 +01:00
dependabot[bot] e22c8964b9
build(deps): bump github.com/docker/cli 
Bumps [github.com/docker/cli](https://github.com/docker/cli) from 23.0.4+incompatible to 23.0.5+incompatible.
- [Release notes](https://github.com/docker/cli/releases)
- [Commits](https://github.com/docker/cli/compare/v23.0.4...v23.0.5)

---
updated-dependencies:
- dependency-name: github.com/docker/cli
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-04-28 09:49:02 +00:00
Nicolas De Loof 07c4849cb9 TailMsgf must format with args 
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
 2023-04-27 22:12:12 +02:00
Guillaume Lours e606701d9f
Merge pull request #10500 from docker/dependabot/go_modules/github.com/docker/docker-23.0.5incompatible 
build(deps): bump github.com/docker/docker from 23.0.4+incompatible to 23.0.5+incompatible
 2023-04-27 12:12:33 +02:00
dependabot[bot] 114e5c6425
build(deps): bump github.com/docker/docker 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 23.0.4+incompatible to 23.0.5+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v23.0.4...v23.0.5)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-04-27 10:00:06 +00:00
dependabot[bot] 37dfb5bf26
build(deps): bump github.com/moby/buildkit from 0.11.5 to 0.11.6 (#10489) 
Bumps [github.com/moby/buildkit](https://github.com/moby/buildkit) from 0.11.5 to 0.11.6.
- [Release notes](https://github.com/moby/buildkit/releases)
- [Commits](https://github.com/moby/buildkit/compare/v0.11.5...v0.11.6)

---
updated-dependencies:
- dependency-name: github.com/moby/buildkit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-04-25 13:34:18 -04:00
Nicolas De Loof d01ef5887a restore support for `--memory` 
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
 2023-04-25 15:41:08 +02:00
Nicolas De Loof dec608f3cd don't block events loop collecting logs 
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
 2023-04-25 15:20:05 +02:00
Guillaume Lours eb0632b1d8
Merge pull request #10494 from milas/e2e-dd-419 
test: fix E2E tests under Engine v23 / DD 4.19
 2023-04-25 08:37:24 +02:00
Milas Bowman 1383ab09ec test: fix E2E tests under Engine v23 / DD 4.19 
Some error messages have been tweaked slightly, this adapts the
assertions to work on both Engine v20.10.x and v23.x.

Signed-off-by: Milas Bowman <milas.bowman@docker.com>
 2023-04-25 08:27:42 +02:00
Benjamín Guzmán 5eaafe4237 Fixed issue when project name contains dashes (`-`) 
Signed-off-by: Benjamín Guzmán <bg@benjaminguzman.dev>
 2023-04-24 12:18:37 +02:00
Benjamín Guzmán 7840a92c40 Added tests to `viz` subcommand 
Signed-off-by: Benjamín Guzmán <bg@benjaminguzman.dev>
 2023-04-24 12:18:37 +02:00
Benjamín Guzmán 3751c3074b Added docs 
Signed-off-by: Benjamín Guzmán <bg@benjaminguzman.dev>
 2023-04-24 12:18:37 +02:00
Benjamín Guzmán 2bc6a45c0b Replaced calls to WriteRune with WriteByte and reformatted imports 
Signed-off-by: Benjamín Guzmán <bg@benjaminguzman.dev>
 2023-04-24 12:18:37 +02:00
Benjamín Guzmán 2268d1e573 Started working on `viz` subcommand 
Signed-off-by: Benjamín Guzmán <bg@benjaminguzman.dev>
 2023-04-24 12:18:37 +02:00
Nicolas De Loof 7b0ed13209 bump compose-go to v1.13.4 
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
 2023-04-20 11:12:07 +02:00
Laura Brehm d4441efe1e
Merge pull request #10474 from docker/dependabot/go_modules/github.com/docker/docker-23.0.4incompatible 
build(deps): bump github.com/docker/docker from 23.0.3+incompatible to 23.0.4+incompatible
 2023-04-18 19:44:16 +01:00
dependabot[bot] 58368f69e9
build(deps): bump github.com/docker/docker 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 23.0.3+incompatible to 23.0.4+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v23.0.3...v23.0.4)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-04-18 18:29:07 +00:00
Laura Brehm bc2b2e52e5
Merge pull request #10475 from docker/dependabot/go_modules/github.com/docker/cli-23.0.4incompatible 
build(deps): bump github.com/docker/cli from 23.0.3+incompatible to 23.0.4+incompatible
 2023-04-18 19:27:54 +01:00
dependabot[bot] 7723d11930
build(deps): bump github.com/docker/cli 
Bumps [github.com/docker/cli](https://github.com/docker/cli) from 23.0.3+incompatible to 23.0.4+incompatible.
- [Release notes](https://github.com/docker/cli/releases)
- [Commits](https://github.com/docker/cli/compare/v23.0.3...v23.0.4)

---
updated-dependencies:
- dependency-name: github.com/docker/cli
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-04-18 09:59:33 +00:00
Nicolas De Loof 65fda18821 bump compose-go 
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
 2023-04-17 17:19:56 +02:00
Tran Phong 0e7e1b940b
Remove redundant goroutine while removing containers (#10449) 
don't use goroutine to stop container while removing

Signed-off-by: TP-O <letranphong2k1@gmail.com>
 2023-04-17 10:57:29 -04:00
Milas Bowman af6f0ffb9e
Merge pull request #10458 from thaJeztah/simplify_auth 
Don't use "info.IndexServerAddress" for authentication
 2023-04-12 12:19:04 -04:00
Milas Bowman 9ef173a3ac
log: fix race on container kill (#10459) 
If we go to inspect a container that we got an event for and it
no longer exists on the server, handle clean up without erroring
out.

Fixes #10373.

Signed-off-by: Milas Bowman <milas.bowman@docker.com>
 2023-04-12 12:15:58 -04:00
Guillaume Lours 1fb0c03e8b
Merge pull request #10457 from thaJeztah/mod_tidy 
go.mod: fix grouping of dependencies, and tidy
 2023-04-11 23:36:19 +02:00
Sebastiaan van Stijn 1892be8c70
Don't use "info.IndexServerAddress" for authentication 
The IndexServerAddress field was  as part of the initial Windows implementation
of the engine. For legal reasons, Microsoft Windows (and thus Docker images
based on Windows) were not allowed to be distributed through non-Microsoft
infrastructure. As a temporary solution, a dedicated "registry-win-tp3.docker.io"
registry was created to serve Windows images.

Using separate registries was not an ideal solution, and a more permanent
solution was created by introducing "foreign image layers" in the distribution
spec, after which the "registry-win-tp3.docker.io" ceased to exist, and
removed from the engine.

This replaces the code that calls out to the "/info" endpoint to use the
GetAuthConfigKey() function instead.

Related PR in docker/cli:
b4ca1c7368

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-04-11 23:10:22 +02:00
Sebastiaan van Stijn 37068a700f
go.mod: fix grouping of dependencies, and tidy 
go mod tidy sometimes messes up grouping of imports, and may
need a bit of hand-holding in those cases :)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-04-11 22:32:53 +02:00
Guillaume Lours a4af5e229d
Merge pull request #10455 from docker/dependabot/go_modules/github.com/opencontainers/runc-1.1.5 
build(deps): bump github.com/opencontainers/runc from 1.1.3 to 1.1.5
 2023-04-10 20:59:28 +02:00
dependabot[bot] 87da6c1470
build(deps): bump github.com/opencontainers/runc from 1.1.3 to 1.1.5 
Bumps [github.com/opencontainers/runc](https://github.com/opencontainers/runc) from 1.1.3 to 1.1.5.
- [Release notes](https://github.com/opencontainers/runc/releases)
- [Changelog](https://github.com/opencontainers/runc/blob/main/CHANGELOG.md)
- [Commits](https://github.com/opencontainers/runc/compare/v1.1.3...v1.1.5)

---
updated-dependencies:
- dependency-name: github.com/opencontainers/runc
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-04-10 18:47:06 +00:00
Guillaume Lours a99acd940a
Merge pull request #10444 from glours/dry-run-down-support 
add dry-run support to down command
 2023-04-07 15:46:39 +02:00
Guillaume Lours 7fb87856aa add dry-run support to down command 
Signed-off-by: Guillaume Lours <705411+glours@users.noreply.github.com>
 2023-04-07 10:41:51 +02:00
Guillaume Lours eb933adde0
Merge pull request #10451 from glours/fix-gocyclo-ci-issue 
fix gocyclo lint error which currently block Compose CI
 2023-04-07 10:41:36 +02:00
Guillaume Lours cb688b5fd4
fix gocyclo lint error which currently block Compose CI 
Signed-off-by: Guillaume Lours <705411+glours@users.noreply.github.com>
 2023-04-07 10:19:06 +02:00
Nicolas De Loof 8b5b78fbb6 can't watch a service without a build section 
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
 2023-04-06 08:55:49 +02:00