packages/docker
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
108 Commits 1 Branch 0 Tags
Commit Graph

108 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
openeuler-ci-bot
c7e892225d
!262 docker:add delay after freeze 
From: @zhong-jiawei-1 
Reviewed-by: @zhangsong234, @duguhaotian 
Signed-off-by: @duguhaotian
 2023-10-12 09:19:21 +00:00
zhongjiawei
2e48b57e25 docker:add delay after freeze 2023-10-12 15:12:06 +08:00
openeuler-ci-bot
a12b6bae29
!255 docker: fix COPY --from should preserve ownership 
From: @jingxiaolu 
Reviewed-by: @zhong-jiawei-1, @duguhaotian 
Signed-off-by: @duguhaotian
 2023-10-09 10:58:44 +00:00
Lu Jingxiao
84fd54726a docker: fix COPY --from should preserve ownership 
Fixes: #I86H6B

Signed-off-by: Lu Jingxiao <lujingxiao@huawei.com>
 2023-10-09 16:35:32 +08:00
openeuler-ci-bot
5ea594ae8b
!249 修复docker pull和restart dockerd并发操作,/var/lib/docker/devicemapper/mnt/目录资源残留问题 
From: @flyflyflypeng 
Reviewed-by: @duguhaotian 
Signed-off-by: @duguhaotian
 2023-08-28 06:17:43 +00:00
flyflyflypeng
e519069449 docker: remove useless mount point dir 
fix #I7UQ2Y

Signed-off-by: flyflyflypeng <jiangpengfei9@huawei.com>
 2023-08-28 10:22:46 +08:00
openeuler-ci-bot
26bff3a4ab
!237 docker: define a dummy hostname to use for local connections 
From: @jingxiaolu 
Reviewed-by: @jackchan8, @duguhaotian 
Signed-off-by: @duguhaotian
 2023-07-29 01:46:57 +00:00
jingxiaolu
f5527c508a docker: define a dummy hostname to use for local connections 
For local communications (npipe://, unix://), the hostname is not used,
but we need valid and meaningful hostname.

The current code used the client's `addr` as hostname in some cases, which
could contain the path for the unix-socket (`/var/run/docker.sock`), which
gets rejected by go1.20.6 and go1.19.11 because of a security fix for
[CVE-2023-29406 ][1], which was implemented in  https://go.dev/issue/60374.

Prior versions go Go would clean the host header, and strip slashes in the
process, but go1.20.6 and go1.19.11 no longer do, and reject the host
header.

This patch introduces a `DummyHost` const, and uses this dummy host for
cases where we don't need an actual hostname.

Signed-off-by: jingxiaolu <lujingxiao@huawei.com>
 2023-07-28 17:47:05 +08:00
openeuler-ci-bot
4fdaecd0d5
!225 docker:remove invalid libcgroup dependencies 
From: @zhong-jiawei-1 
Reviewed-by: @zhangsong234, @duguhaotian 
Signed-off-by: @duguhaotian
 2023-07-12 03:20:37 +00:00
zhongjiawei
76ef69817e docker:remove invalid libcgroup dependencies 2023-07-12 09:53:04 +08:00
openeuler-ci-bot
9f26733d3b
!223 docker: repalce unix.Rmdir with os.RemoveAll when remove mount point dir 
From: @jackchan8 
Reviewed-by: @zhangsong234, @duguhaotian 
Signed-off-by: @duguhaotian
 2023-07-03 02:12:03 +00:00
chenjiankun
2e888b9837 docker: repalce unix.Rmdir with os.RemoveAll when remove mount point dir 
fix #I7G1LL
 2023-06-29 16:16:05 +08:00
openeuler-ci-bot
f8a9392395
!219 docker: fix blockThreshold full bug 
From: @jackchan8 
Reviewed-by: @duguhaotian, @zhangsong234 
Signed-off-by: @duguhaotian
 2023-06-29 07:28:33 +00:00
chenjiankun
9b293e9221 docker: fix blockThreshold full bug 
Reference:dcfe23a038
 2023-06-27 16:59:43 +08:00
openeuler-ci-bot
6528f2e40e
!210 docker: thinpool full because docker daemon restart when docker pull 
From: @zhong-jiawei-1 
Reviewed-by: @jackchan8, @duguhaotian 
Signed-off-by: @duguhaotian
 2023-06-09 02:53:48 +00:00
zhongjiawei
2e483250b2 docker:thinpool full because docker daemon restart when docker pull 
Signed-off-by: zhongjiawei <zhongjiawei1@huawei.com>
 2023-06-08 16:32:46 +08:00
openeuler-ci-bot
222bb3dc21
!202 docker:fix CVE-2023-28840 CVE-2023-28841 CVE-2023-28842 
From: @zhong-jiawei-1 
Reviewed-by: @zhangsong234, @duguhaotian 
Signed-off-by: @duguhaotian
 2023-04-06 11:59:59 +00:00
zhongjiawei
3b459012b6 docker:fix CVE-2023-28840 CVE-2023-28841 CVE-2023-28842 2023-04-06 16:19:21 +08:00
openeuler-ci-bot
639d314f97
!194 docker:backport upstream patches 
From: @zhong-jiawei-1 
Reviewed-by: @zhangsong234, @duguhaotian 
Signed-off-by: @duguhaotian
 2023-03-30 02:02:24 +00:00
zhongjiawei
59f6a66701 docker:sync some patches 2023-03-29 15:16:12 +08:00
openeuler-ci-bot
8d2afe5ace
!193 Add loongarch64 support for docker 
From: @zhaozhen-zz 
Reviewed-by: @wonleing 
Signed-off-by: @wonleing
 2023-03-20 06:09:41 +00:00
zhaozhen
9cd20b596b add loongarch64 support for docker 2023-03-16 20:03:19 +08:00
openeuler-ci-bot
5da7375d6f
!186 docker:try http for docker manifest insecure 
From: @zhong-jiawei-1 
Reviewed-by: @duguhaotian, @jackchan8, @zhangsong234 
Signed-off-by: @duguhaotian
 2023-03-16 06:27:18 +00:00
zhongjiawei
ff3bcc697b docker: try http for docker manifest insecure 2023-03-15 17:24:08 +08:00
openeuler-ci-bot
b67fad397a
!181 docker: fix container missing after restarting dockerd twice 
From: @jackchan8 
Reviewed-by: @duguhaotian 
Signed-off-by: @duguhaotian
 2023-03-14 13:31:55 +00:00
JackChan8
5ecf0ca3e7 docker: fix container missing after restarting dockerd twice 
fix #I6MJ4X
 2023-03-14 19:27:35 +08:00
openeuler-ci-bot
e27fa15f52
!176 docker stats: fix 'panic: close of closed channel' 
From: @zhangsong234 
Reviewed-by: @zhong-jiawei-1, @duguhaotian 
Signed-off-by: @duguhaotian
 2023-03-10 08:39:37 +00:00
Song Zhang
8ed0a65d0b docker stats: fix 'panic: close of closed channel' 
bugfix: https://gitee.com/src-openeuler/docker/issues/I6LNNW?from=project-issue

Signed-off-by: Song Zhang <zhangsong34@huawei.com>
 2023-03-10 15:42:11 +08:00
openeuler-ci-bot
dc31905870
!170 docker: set freezer.state to Thawed to increase freeze chances 
From: @jackchan8 
Reviewed-by: @zhangsong234, @duguhaotian 
Signed-off-by: @duguhaotian
 2023-02-17 08:50:22 +00:00
chenjiankun
b78a50c378 docker: set freezer.state to Thawed to increase freeze chances 
docker pause/unpause with parallel docker exec can lead to freezing
state, set freezer.state to Thawed to increase freeze chances
 2023-02-17 16:39:45 +08:00
openeuler-ci-bot
d561557d97
!160 docker:do not stop health check before sending signal 
From: @zhong-jiawei-1 
Reviewed-by: @jackchan8, @duguhaotian 
Signed-off-by: @duguhaotian
 2022-12-01 08:28:35 +00:00
zhongjiawei
365eb0b196 docker:do not stop health check before sending signal 2022-12-01 15:19:28 +08:00
openeuler-ci-bot
2ff1c05189
!154 docker: using VERSION-vendor to record version 
From: @jackchan8 
Reviewed-by: @zhangsong234, @duguhaotian 
Signed-off-by: @duguhaotian
 2022-11-24 06:29:44 +00:00
chenjiankun
3cc77fa02d docker: using VERSION-vendor to record version 2022-11-24 11:46:52 +08:00
openeuler-ci-bot
52367f1665
!148 docker: fix dockerd core when release network 
From: @jackchan8 
Reviewed-by: @zhangsong234, @duguhaotian 
Signed-off-by: @duguhaotian
 2022-11-22 12:37:43 +00:00
chenjiankun
07ce32f65f docker: fix dockerd core when release network 
fix #I627ON
 2022-11-22 20:49:27 +08:00
openeuler-ci-bot
8f09263541
!142 docker: cleanup netns file when stop docker daemon 
From: @jackchan8 
Reviewed-by: @zhangsong234, @duguhaotian 
Signed-off-by: @duguhaotian
 2022-11-22 08:13:40 +00:00
chenjiankun
6a3861c8c1 docker: cleanup netns file when stop docker daemon 
fix #I5W2XY
 2022-11-22 14:50:42 +08:00
openeuler-ci-bot
05e1f1370a
!139 docker: fix compile problem 
From: @jackchan8 
Reviewed-by: @duguhaotian 
Signed-off-by: @duguhaotian
 2022-10-19 01:55:28 +00:00
chenjiankun
0044b4982f docker: fix compile problem 2022-10-17 17:57:01 +08:00
openeuler-ci-bot
5eb470f8b2
!131 docker: add epoch for easy upgrade 
From: @jackchan8 
Reviewed-by: @zhangsong234, @duguhaotian 
Signed-off-by: @duguhaotian
 2022-09-21 03:28:50 +00:00
chenjiankun
7e4ff1bd42 docker: add epoch for easy upgrade 2022-09-21 11:31:26 +08:00
openeuler-ci-bot
f3d48fe017
!125 docker: ensure layer digest folder removed if ls.driver.Remove fails 
From: @jackchan8 
Reviewed-by: @zhangsong234, @duguhaotian 
Signed-off-by: @duguhaotian
 2022-09-16 01:21:43 +00:00
chenjiankun
54c9d1260f docker: ensure layer digest folder removed if ls.driver.Remove fails 
If image pull fails of context canceled, image layer will perform a
rollback operation. When image layer is released, the diff folder of layer
will be removed first, and then the digest folder will be removed.
If the diff folder fails to be removed, such as operation not permitted or
interrupted by others, both the digest folder and diff folder will remain
on the disk, this will cause image not be complete and not repairable.

So we should remove the digest folder first for image layers rollback
and ensure image can be re-pulled completely.
 2022-09-15 17:31:01 +08:00
openeuler-ci-bot
b0813e64ca
!110 docker: fix CVE-2022-36109 
From: @jackchan8 
Reviewed-by: @duguhaotian, @zhangsong234 
Signed-off-by: @duguhaotian
 2022-09-15 07:03:35 +00:00
chenjiankun
fc3bc485d1 docker: fix CVE-2022-36109 
fix #I5QLCS
 2022-09-15 11:24:04 +08:00
openeuler-ci-bot
bd7a10544c
!109 docker: Add an ExitPid field for State struct to record exit process id 
From: @jackchan8 
Reviewed-by: @duguhaotian, @zhangsong234 
Signed-off-by: @duguhaotian
 2022-09-13 12:18:58 +00:00
chenjiankun
214570099c docker: Add an ExitPid field for State struct to record exit process id 
fix #I5OBUW
 2022-09-13 20:38:42 +08:00
openeuler-ci-bot
72ff37aec5
!108 docker: fix terminal abnormal after docker run 
From: @jackchan8 
Reviewed-by: @zhangsong234, @duguhaotian 
Signed-off-by: @duguhaotian
 2022-09-13 11:51:50 +00:00
chenjiankun
542207bf0a docker: fix terminal abnormal after docker run 
fix #I5OBZ9
fix #I5LDB4
fix #I5FTB4
 2022-09-13 19:58:50 +08:00