The image usage drift is fixed at the source, so the disk usage test no
longer needs to tolerate a one-block difference on rootless.
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
The legacy integration-cli coverage skipped this host PID kill path on
Windows GitHub Actions because process-isolated Windows containers can
fail with access denied when the test process tries to kill the
container process directly.
Keep the migrated test aligned with that compatibility guard while
preserving coverage for local process-isolated Windows runs and
non-Windows daemons.
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
Migrate test api images search json content type from integration cli to integration tests
Signed-off-by: Abubacarr Ceesay <abubacarr671@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Move the useful Mounts API create coverage out of integration-cli and
into the container integration tests that own the behavior.
Add volume mount inspect assertions to TestContainerVolumeAnonymous for
destination normalization, read-only named volumes, explicit driver
configuration, and NoCopy mounts.
Add a focused bind mount inspect test for read-only bind mounts and
shared propagation.
Do not port the full integration-cli matrix. Existing integration tests
already cover anonymous volume creation and labeling, anonymous volume
removal with RemoveVolumes, and generic bind propagation handling.
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
Try to deflake:
- TestStopContainerWithTimeoutCancel
- TestContainerRestartWithCancelledRequest
- TestWaitBlocked
- TestWaitRestartedContainer
Several container integration tests rely on shell TERM traps to produce
specific stop, restart, or wait behavior.
They issue stop or restart requests immediately after container
creation, so dockerd can signal the process before the shell installs
its trap.
When that happens, the process uses default signal behavior and tests
can miss the expected log line or observe the wrong exit status.
Emit a readiness log after installing each trap and wait for it before
issuing stop or restart. Move logsContains into a shared helper so the
readiness check can be reused by the affected tests.
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
Replace flaky legacy CLI restart-policy tests with container API
integration coverage.
The CLI tests poll inspect output after short-lived detached containers
exit, which can observe transient daemon monitor state while cleanup or
restart-policy handling is still settling.
On Windows this can race a manual restart against an `on-failure:3`
container that has not exhausted its automatic retries.
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
The POST /containers/{id}/update API accepts BlkioWeightDevice,
BlkioDeviceReadBps, BlkioDeviceWriteBps, BlkioDeviceReadIOps, and
BlkioDeviceWriteIOps in its Resources body, but these five fields were
silently ignored when updating a running container.
The root cause was in toContainerdResources (daemon/update_linux.go):
only BlkioWeight was mapped into specs.LinuxBlockIO; the per-device
fields were never converted, so tsk.UpdateResources never wrote to
cgroupv2 io.max or the cgroupv1 blkio throttle files.
Fix by calling the existing getBlkioWeightDevices and
getBlkioThrottleDevices helpers (already used in oci_linux.go for
container creation) to populate all five fields. The function signature
is extended to return an error so that stat(2) failures on invalid
device paths are surfaced to the caller instead of being silently
dropped.
The API makes distinction between nil and zero-length slices while
doing. A nil per-device blkio field means the caller did not request an
update for that setting, while a non-nil empty slice means the caller
explicitly requested the setting to be cleared.
The Windows stub is updated to match the new signature.
Signed-off-by: Alexis Couvreur <alexiscouvreur.pro@gmail.com>
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
Rootless snapshotter mode can report image TotalSize one filesystem
block above the per-image and reclaimable sizes after loading BusyBox.
The empty disk usage case already accepts this overlayfs accounting
artifact.
Allow the same bounded 4096-byte positive drift in the
after_LoadBusybox assertions while keeping strict equality for other
daemon modes.
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
Both query parameters are now collectionFormat: multi arrays in the
swagger so they can accept multiple values later without an API
version bump. The server still operates on a single platform and
rejects requests passing more than one; type is read directly as a
list of repeated values instead of a comma-separated string.
Signed-off-by: Sopho Merkviladze <smerkviladze@mirantis.com>
Add a new Engine API endpoint that returns the in-toto attestation
statements attached to an image for a given platform. The endpoint
locates the attestation manifest(s) referencing the requested platform's
image manifest, enumerates the statement layers, and returns each
layer's OCI descriptor (including media type, digest, size, and
annotations) together with its in-toto predicate type.
Query parameters:
- platform: JSON-encoded OCI platform; defaults to the daemon's host
platform if omitted.
- type: comma-separated list of in-toto predicate type URIs; if
omitted, all statements are returned.
- statement: boolean, defaults to false. When true, the daemon reads
each matching statement blob and includes the verbatim in-toto JSON
in the response. When false (or omitted), statement blobs are not
read and the Statement field is absent from each entry.
The manifest-chain walk (locating the platform image manifest and its
associated attestation manifest) is delegated to policy-helpers'
image.ResolveSignatureChain so that moby and BuildKit agree on how to
interpret the attestation storage format. The statement-layer iteration
and blob reading is inlined: when statement bodies are requested it
fails fast on the first unreadable blob and reads matching blobs
eagerly into memory; otherwise statement-layer blobs are never read
from the content store.
The endpoint is implemented for the containerd image store. The legacy
graphdriver store returns errdefs.NotImplemented (HTTP 501).
Signed-off-by: Sopho Merkviladze <smerkviladze@mirantis.com>
In rootless mode, ChildHostIP maps every IPv4 host address to 127.0.0.1
in the child network namespace. Port bindings on the same port but
distinct loopback addresses (e.g. 127.0.1.2:80 and 127.0.1.3:80) were
therefore both reserved as 127.0.0.1:80 by the port allocator in the
child namespace, and the second binding failed with "Bind for
127.0.0.1:8080 failed: port is already allocated" even though the
requested addresses do not conflict.
Preserve IPv4 loopback host addresses as the child host IP instead. The
child namespace's lo interface covers all of 127.0.0.0/8, so the
addresses are bindable as-is, and RootlessKit's builtin port driver
both listens on the requested parent address and dials the requested
child address verbatim. Port drivers that disallow loopback child IPs
(slirp4netns) are unaffected: their forced non-loopback childIP is
selected before the loopback fallback.
Signed-off-by: Andrew Liu <andrewjliu22@gmail.com>
Keep the cross-platform image history regression coverage focused on
non-native image metadata by using a COPY step instead of RUN.
This avoids requiring QEMU/binfmt support when the test builds an image
for a non-native platform.
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
The Synchronize method on the integration-test plugin closed
p.synchronized inside a select/default block that is not safe under
concurrent invocation: two goroutines can both observe the channel as
still open and panic on the second close. Use sync.Once so the channel
is closed exactly once.
Signed-off-by: Takumi Akasaka <takumiakasaka1231@gmail.com>
The security fix in GHSA-vp62-88p7-qqf5 switched openContainerFS to
os.Root for mount-destination operations, but stopped walking the
destination through in-container symlinks.
os.Root refuses to follow absolute symlinks, so any container whose
image had an absolute symlink along the mount target's path (e.g. the
common /var/run -> /run in ubuntu/alpine/busybox) broke `docker cp`.
Walk m.Destination through ctr.GetResourcePath first which follows
symlinks to get a path relative to BaseFS, then keep using os.Root for
the actual MkdirAll/OpenFile/Open calls.
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
Implement a `dPath()` utility function that converts paths to Windows paths
(add `c:` drive-letter, and convert to backslashes) if the daemon is running
on Windows.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Move decompression outside RunInFS to prevent executing
attacker-controlled binaries from within the container filesystem.
When dockerd handles `PUT /containers/{id}/archive`, it switches root
into the container's filesystem before extracting the archive.
Previously, archive.Untar was called inside RunInFS, which meant
decompression binaries (xz, unpigz) were resolved via PATH inside the
container's filesystem. A malicious binary at /usr/bin/xz in the
container would be executed as host root.
Fix by calling decompressing the archive before entering the container
filesystem, then using unpacking the uncompressed tar stream inside
RunInFS.
This ensures decompression binaries are always resolved from the host
filesystem.
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
Add assertion to check for build errors in JSON messages during image
building.
When a JSON message contains an error, the test will now fail with the
error details.
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
Tests that use the build helper currently cannot influence the build
beyond providing the context (e.g. they cannot set Tags, BuildArgs, or
Version).
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
When a volume subpath pointing to a single file was mounted onto a
target path that already existed as a file in the container image, the
container creation failed with "open /var/lib/docker/tmp/safe-mountXXX:
not a directory".
Skip the volume population step when the volume mount path is a file,
since directory content copying is not applicable to single-file mounts.
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
Fix NRI tests racing plugin registration by blocking the test until the
plugin has been synchronized at least once, signifying that it has
completed registration with the NRI infrastructure.
Signed-off-by: Cory Snider <csnider@mirantis.com>
The reference filter on the image list endpoint only matched against
the "familiar" (shortened) form of image names via FamiliarMatch,
which strips the "docker.io/library/" prefix. Filtering with a full
canonical reference like "docker.io/library/alpine" never matched.
Match the filter pattern against both the familiar and canonical
forms of the image reference (with and without tag), so e.g.
"alpine" and "docker.io/library/alpine" (and their glob variants)
both match. This preserves the long-standing path.Match-based glob
behavior introduced in 2013 (b44d113120 "filter image listing using
path.Match"), including patterns that span the familiar / canonical
boundary like "*5000*/*".
The same fix is applied to the legacy (graphdriver) backend so
filter behavior is consistent across storage backends.
Adds integration test cases in TestAPIImagesFilters covering
canonical name matching.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Signed-off-by: Stefan Agner <stefan@agner.ch>
Seccomp cannot filter socketcall(2) arguments because the address
family is behind a userspace pointer that BPF cannot dereference.
Only an LSM (AppArmor or SELinux) can deny AF_ALG via the
security_socket_create hook in the socketcall path.
Skip the socketcall_int80 subtest when neither AppArmor nor SELinux
is reported by the daemon, since the test would always fail without
an LSM to enforce the deny rule.
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
Add a positive test that creates an AF_INET socket via int $0x80
socketcall to ensure the AppArmor "deny network alg" rule only
blocks AF_ALG and does not break legitimate socketcall usage.
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
