Commit Graph

1535 Commits

Author SHA1 Message Date
Derek McGowan
aef409dfb2 Remove unused reference store in image api
The image api already defines the backend used and does
not directly use the reference store backend. It also should not
directly use the reference store backend.

Signed-off-by: Derek McGowan <derek@mcg.dev>
2025-05-03 21:59:55 -07:00
Matthieu MOREL
70139978d3 fix(ST1016): Use consistent method receiver names
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2025-05-01 14:30:52 +02:00
Matthieu MOREL
b0711d5fe9 fix(QF1001): Apply De Morgan’s law
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2025-05-01 14:16:44 +02:00
Sebastiaan van Stijn
4c57ffaca7 api/server/router/build: fix vars that shadowed (govet)
api/server/router/build/build_routes.go:212:6: shadow: declaration of "bs" shadows declaration at line 200 (govet)
            if bs, err := parseBytesFromFormValue("max-used-space"); err != nil {
               ^
    api/server/router/build/build_routes.go:218:6: shadow: declaration of "bs" shadows declaration at line 200 (govet)
            if bs, err := parseBytesFromFormValue("min-free-space"); err != nil {
               ^

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2025-04-28 15:36:30 +02:00
Sebastiaan van Stijn
eef5c75276 api/server/router/network: fix vars that shadowed (govet)
api/server/router/network/network_routes.go:148:14: shadow: declaration of "nwv" shadows declaration at line 146 (govet)
                } else if nwv, ok := listByFullName[nwk.ID]; ok {
                          ^

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2025-04-28 15:23:51 +02:00
Paweł Gronowski
9ee1716c41 Merge pull request #49874 from dmcgowan/container-types-to-api
Use container status values from api
2025-04-28 12:31:46 +00:00
Derek McGowan
100102108b Use container status values from api
Alias and deprecate the status types and constants from the root
container package. The root container package is intended for use
within the daemon and no the api package.

Signed-off-by: Derek McGowan <derek@mcg.dev>
2025-04-26 07:58:09 -07:00
Sebastiaan van Stijn
3f2296cfc1 api/server/router: remove named (err) returns
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2025-04-26 15:47:05 +02:00
Sebastiaan van Stijn
91473ce253 api/server/backend/build: sanitizeRepoAndTags: remove named err return
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2025-04-26 13:18:04 +02:00
Sebastiaan van Stijn
7c52c4d92e update go:build tags to go1.23 to align with vendor.mod
Go maintainers started to unconditionally update the minimum go version
for golang.org/x/ dependencies to go1.23, which means that we'll no longer
be able to support any version below that when updating those dependencies;

> all: upgrade go directive to at least 1.23.0 [generated]
>
> By now Go 1.24.0 has been released, and Go 1.22 is no longer supported
> per the Go Release Policy (https://go.dev/doc/devel/release#policy).
>
> For golang/go#69095.

This updates our minimum version to go1.23, as we won't be able to maintain
compatibility with older versions because of the above.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2025-04-17 15:43:19 +02:00
Sebastiaan van Stijn
eacbbdeec6 Revert "API: /info: remove BridgeNfIptables, BridgeNfIp6tables fields"
This reverts commit 5d2006256f, which
caused some issues in the docker/cli formatting code that needs some
investigating.

Let's (temporarily) revert this while we look what's wrong.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2025-04-11 14:47:10 +02:00
Paweł Gronowski
f3d6830d27 Merge pull request #49783 from thaJeztah/deprecate_bridgenfip_fields
API: /info: remove BridgeNfIptables, BridgeNfIp6tables fields
2025-04-11 10:46:59 +00:00
Sebastiaan van Stijn
511cd1c0a7 Merge pull request #49785 from thaJeztah/fix_debug_logs
api/server/middleware: fix debug-logs missing form-data
2025-04-10 21:54:00 +02:00
Sebastiaan van Stijn
5d2006256f API: /info: remove BridgeNfIptables, BridgeNfIp6tables fields
The `BridgeNfIptables` and `BridgeNfIp6tables` fields in the
`GET /info` response were deprecated in API v1.48, and are now omitted
in API v1.49.

With this patch, old API version continue to return the field:

    curl -s --unix-socket /var/run/docker.sock http://localhost/v1.48/info | jq .BridgeNfIp6tables
    false

    curl -s --unix-socket /var/run/docker.sock http://localhost/v1.48/info | jq .BridgeNfIptables
    false

Omitting the field in API v1.49 and above

    curl -s --unix-socket /var/run/docker.sock http://localhost/v1.49/info | jq .BridgeNfIp6tables
    null

    curl -s --unix-socket /var/run/docker.sock http://localhost/v1.49/info | jq .BridgeNfIptables
    null

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2025-04-10 14:26:42 +02:00
Sebastiaan van Stijn
499e15d4ab api/server/middleware: fix debug-logs missing form-data
This was introduced in c817ea2159, but overlooked
that the logs were now produced before (for POST requests) the form-data was
handled and added to the "fields" variable.

This patch changes the logic to wrap the handler and make sure logs are
created before, and after the handler is called (the "form-data" is always
added before the handler is called).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2025-04-10 14:22:31 +02:00
Sebastiaan van Stijn
3e993060ee Merge pull request #48556 from thaJeztah/deprecate_info_expected_version_step2
api: info: omit deprecated "Commit.Expected" fields on API >= 1.49
2025-04-10 12:29:48 +02:00
Sebastiaan van Stijn
91ba210bc8 Merge pull request #49666 from thaJeztah/legacy_errors
api, client: produce human-readable errors for unsupported API versions (< v1.24)
2025-04-10 12:08:56 +02:00
Sebastiaan van Stijn
bcbcbb73fa Merge pull request #49743 from dmcgowan/update-archive-to-go-archive
Update archive to use github.com/moby/go-archive
2025-04-09 11:51:14 +02:00
Albin Kerouanton
489cd7edfc api, daemon, libnet: add a 'trigger' baggage member
Add an OTel span processor copying the 'trigger' baggage member
propagated through contexts to all children spans. It's used to identify
what triggered a trace / span (API call, libnet init, etc...)

All code paths that call libnet's `NewNetwork` set this baggage member
with a unique value.

For instance, this can be used to distinguish bridge's `createNetwork`
spans triggered by daemon / libnet initialization from custom network
creation triggerd by an API call.

Two util functions are added to wrap `baggage.New` and
`baggage.NewMemberRaw` to make it easier to deal with baggage and
members by panicking on error. These should not be used with dynamic
values.

Signed-off-by: Albin Kerouanton <albinker@gmail.com>
2025-04-09 08:45:33 +02:00
Albin Kerouanton
78be7ebad7 libnet/d/bridge: trace createNetwork
Plumb context from the API down to libnet driver method `CreateNetwork`,
and add an OTel span to the bridge driver's `createNetwork` method.
Include a few attributes describing the network configuration (e.g.
IPv4/IPv6, ICC, internal and MTU).

A new util function, `RecordStatus`, is added to the `otelutil` package
to easily record any error, and update the span status accordingly.

Signed-off-by: Albin Kerouanton <albinker@gmail.com>
2025-04-09 08:45:33 +02:00
Derek McGowan
d0154d3e59 Update to use github.com/moby/go-archive
Update use of idtools to moby/user for archive and other deprecated uses

Signed-off-by: Derek McGowan <derek@mcg.dev>
2025-04-08 17:35:05 -07:00
Sebastiaan van Stijn
564abf9157 api: info: omit deprecated "Commit.Expected" fields on API >= 1.49
These fields were deprecated in ff191c58f7,
and are now omitted.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2025-04-08 15:15:58 +02:00
Sebastiaan van Stijn
7d9c50db2b api: /info: omit non-distributable-artifacts fields for API >= 1.49
- registry.ServiceConfig: add a "ExtraFields" for outputting deprecated
  fields.
- remove uses of AllowNondistributableArtifactsCIDRs and AllowNondistributableArtifactsHostnames

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2025-04-07 19:12:09 +02:00
Rob Murray
a0a86d0982 Add Info.FirewallBackend
Report FirewallBackend in "docker info".

It's currently "iptables" or "iptables+firewalld" on Linux, and
omitted on Windows.

Signed-off-by: Rob Murray <rob.murray@docker.com>
2025-04-07 16:56:49 +01:00
Paweł Gronowski
59169d0f97 image/inspect: Add platform selection
`GET /image/{name}/json` now supports `platform` parameter allowing to
specify which platform variant of a multi-platform image to inspect.

For servers that do not use containerd image store integration, this
option will cause an error if the requested platform doesn't match the
image's actual platform

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2025-04-03 13:57:51 +02:00
Sebastiaan van Stijn
d0b4bdbd25 api/router: postContainersAttach, wsContainersAttach: minor cleanups
- remove intermediate variables that were only used once
- move variables closer to where used

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2025-03-23 13:29:28 +01:00
Sebastiaan van Stijn
230f178f8b api: return plain-text errors for deprecated API versions
Docker 25.0 (08e4e88482) deprecated API versions
older than v1.24, and support was removed in Docker 26.0.

As part of this deprecation, support for plain-text errors was also removed
in commit ffd877f948.

So while we no longer support API versions older 1.24 [api.MinSupportedAPIVersion],
a client may try to connect using an older version and expect a plain-text error
instead of a JSON error. This would result in an "API version too old" error
formatted in JSON being printed as-is.

    DOCKER_API_VERSION=v1.10 docker info --format '{{.ID}}'
    Error response from daemon: {"message":"client version 1.10 is too old. Minimum supported API version is 1.24, please upgrade your client to a newer version"}

    curl --unix-socket /var/run/docker.sock http://localhost/v1.10/info
    {"message":"client version 1.10 is too old. Minimum supported API version is 1.24, please upgrade your client to a newer version"}

Note that this was only a problem for old API versions; unsupported API versions
that were higher than the maximum version were already handled as JSON;

    DOCKER_API_VERSION=v1.99 docker info --format '{{.ID}}'
    Error response from daemon: client version 1.99 is too new. Maximum supported API version is 1.48

    curl --unix-socket /var/run/docker.sock http://localhost/v1.99/info
    {"message":"client version 1.99 is too new. Maximum supported API version is 1.48"}

Let's be nice, and return errors in plain-text to provide a more readable error
to help the user understand the API version they're using is no longer supported.

With this patch applied:

    DOCKER_API_VERSION=v1.10 docker info --format '{{.ID}}'
    Error response from daemon: client version 1.10 is too old. Minimum supported API version is 1.24, please upgrade your client to a newer version

    curl --unix-socket /var/run/docker.sock http://localhost/v1.10/info
    client version 1.10 is too old. Minimum supported API version is 1.24, please upgrade your client to a newer version

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2025-03-20 20:25:05 +01:00
Sebastiaan van Stijn
b1c008c007 api/server/router/build: fix naked returns
api/server/router/build/build_routes.go:359:2: naked return in func `Write` with 5 lines of code (nakedret)
        return
        ^

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2025-03-04 13:56:16 +01:00
Sebastiaan van Stijn
6ee1558852 Merge pull request #49417 from thaJeztah/fix_linting_step1
Fix linting issues to allow enabling more linters
2025-02-13 23:58:24 +01:00
Sebastiaan van Stijn
3b8eb1ec2a Merge pull request #49407 from jsternberg/containers-platform-json
API: add Platform (OS and Architecture) to /containers/json
2025-02-13 23:35:55 +01:00
Jonathan A. Sternberg
927e07e46e API: add Platform (OS and Architecture) to /containers/json
Adds platform information to containers (for `docker ps`).

Signed-off-by: Jonathan A. Sternberg <jonathan.sternberg@docker.com>
2025-02-13 14:52:21 -06:00
Laurent Goderre
3e51818c5c Add ability to return warnings from host config
Signed-off-by: Laurent Goderre <laurent.goderre@docker.com>
2025-02-12 09:48:23 -05:00
Sebastiaan van Stijn
6856bdd5a6 Merge pull request #49444 from thaJeztah/commit_and_exect_response
api/types/container: introduce CommitResponse, ExecCreateResponse types
2025-02-11 12:53:09 +01:00
Sebastiaan van Stijn
9a20edf7b6 api/types/container: introduce ExecCreateResponse type
Introduce a container.ExecCreateResponse type as alias for IDResponse to allow
consumers to use ContainerCommit without having to import the "types" package,
and allows us to differentiate the response for container commit separate from
other endpoints currently using IDResponse.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2025-02-10 21:14:11 +01:00
Sebastiaan van Stijn
0df3a0047a api/types/container: introduce CommitResponse type
Move api/types.IDResponse to a "common" package (to prevent cyclic import
issues), and introduce a container.CommitResponse type as alias. This allows
consumers to use ContainerCommit without having to import the "types" package,
and allows us to differentiate the response for container commit separate from
other endpoints currently using IDResponse.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2025-02-10 21:14:03 +01:00
Sebastiaan van Stijn
be1ac5d8e5 api/types/container: rename ContainerTopOKBody to TopResponse
Deprecate ContainerTopOKBody, but keep an alias.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2025-02-10 18:58:31 +01:00
Sebastiaan van Stijn
f4dc38cd36 api/types/container: rename ContainerUpdateOKBody to UpdateResponse
Deprecate ContainerUpdateOKBody, but keep an alias.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2025-02-10 18:35:35 +01:00
Sebastiaan van Stijn
7dbceec8aa api/server/router/volume: fix unhandled errors in tests (errchkjson)
Also fixing some minor other linting issues.

    api/server/router/volume/volume_routes_test.go:193:2: Error return value of `(*encoding/json.Encoder).Encode` is not checked (errchkjson)
        e.Encode(volumeCreate)
        ^
    api/server/router/volume/volume_routes_test.go:231:2: Error return value of `(*encoding/json.Encoder).Encode` is not checked (errchkjson)
        json.NewEncoder(&buf).Encode(volumeCreate)
        ^
    api/server/router/volume/volume_routes_test.go:260:2: Error return value of `(*encoding/json.Encoder).Encode` is not checked (errchkjson)
        json.NewEncoder(&buf).Encode(volumeCreate)
        ^
    api/server/router/volume/volume_routes_test.go:292:2: Error return value of `(*encoding/json.Encoder).Encode` is not checked (errchkjson)
        json.NewEncoder(&buf).Encode(volumeCreate)
        ^
    api/server/router/volume/volume_routes_test.go:339:2: Error return value of `(*encoding/json.Encoder).Encode` is not checked (errchkjson)
        json.NewEncoder(&buf).Encode(volumeUpdate)
        ^
    api/server/router/volume/volume_routes_test.go:366:2: Error return value of `(*encoding/json.Encoder).Encode` is not checked (errchkjson)
        json.NewEncoder(&buf).Encode(volumeUpdate)
        ^
    api/server/router/volume/volume_routes_test.go:396:2: Error return value of `(*encoding/json.Encoder).Encode` is not checked (errchkjson)
        json.NewEncoder(&buf).Encode(volumeUpdate)
        ^

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2025-02-09 13:22:49 +01:00
Paweł Gronowski
3d37537f75 c8d/inspect: Add Manifests field
Add `Manifests` field to image inspect (`/images/{name}/json`) response.
This is the same as in `/images/json`.

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2025-02-06 13:30:24 +01:00
Paweł Gronowski
02563f2805 Merge pull request #48798 from LaurentGoderre/implement-30449-image-mount
Implement mount from image
2025-02-05 18:04:22 +00:00
Paweł Gronowski
72b835151a Merge pull request #48720 from jsternberg/buildkit-gc-options
builder: wire up new gc types for buildkit prune functionality
2025-02-03 16:55:46 +00:00
Laurent Goderre
8c58934106 Implement mount from image
Signed-off-by: Laurent Goderre <laurent.goderre@docker.com>
2025-01-31 10:34:27 -05:00
Jonathan A. Sternberg
8e529682af builder: wire up new gc types for buildkit prune functionality
This wires up the new gc types that buildkit exposes in version 0.17.
The previous flag, `KeepBytes`, was renamed to `ReservedBytes` and two
new options, `MaxUsed` and `MinFree` were added.

`MaxUsed` corresponds to the maximum amount of space that buildkit will
use for the build cache and `MinFree` amount of free disk space for the
system to prevent the cache from using that space. This allows greater
configuration of the cache storage usage when used in situations where
docker is not the only service on the system using disk space.

Signed-off-by: Jonathan A. Sternberg <jonathan.sternberg@docker.com>
2025-01-30 09:54:12 -06:00
Sebastiaan van Stijn
e8c6e7ceb0 build: don't print warning when connection was terminated
A terminated connection is not an error on the daemon-side, and expected
if the client disconnects. This patch detects if the error is because of
a broken pipe, and skips the warning in that case.

Before this patch:

    WARN[2025-01-18T12:38:04.115298341Z] could not write error response: write unix /var/run/docker.sock->@: write: broken pipe

After this patch, no warning is logged. This patch also changes the log
format to use structured logs.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2025-01-18 16:24:54 +01:00
Sebastiaan van Stijn
81a2acdd23 Merge pull request #48696 from thaJeztah/build_log_cancelled
build: log when build is cancelled
2025-01-18 16:20:38 +01:00
Sebastiaan van Stijn
c817ea2159 api/server/middleware: log before, not after the request
commit 1701bce9e0 updated the debug logs
to use structured logs, and to include more information in the logs, such
as the form-data used and the status-code, and combining them into a
single log.

However, for the status-code, we need to wait for the handler to do its
thing and (ahum) this was staring me right in the face, and crossed my
mind, but then I didn't act on it; the handler may take some time to
run, and produce logs, which now means that our nice "handling request"
log will be logged _after_ the request, which is obviously confusing.

This patch splits the log into two;

- a log entry when starting to handle the request
- a log entry if a non-200 status is returned (assuming 200 status
  codes are less interesting to log).

Before this patch:

    DEBU[2024-10-23T15:23:31.677184128Z] handling HEAD request                         method=HEAD module=api request-url=/_ping spanID=8180b03fa17f9783 status=200 traceID=a5dfa9b86445467889274145ad31bb9a vars="map[]"
    DEBU[2024-10-23T15:23:31.712833045Z] resolving                                     host=registry-1.docker.io spanID=97e231483c8d4d9a traceID=3c01e6c2cf19cf82237fdd01c0294fb4
    DEBU[2024-10-23T15:23:31.712883670Z] do request                                    host=registry-1.docker.io request.header.accept="application/vnd.docker.distribution.manifest.v2+json, application/vnd.docker.distribution.manifest.list.v2+json, application/vnd.oci.image.manifest.v1+json, application/vnd.oci.image.index.v1+json, */*" request.header.user-agent="docker/dev go/go1.22.8 git-commit/06c2ba1fa02626e242dc8dfe888f022bcd247c52 kernel/6.10.11-linuxkit os/linux arch/arm64 containerd-client/1.7.22+unknown storage-driver/overlayfs UpstreamClient(Docker-Client/27.3.1 \\(darwin\\))" request.method=HEAD spanID=97e231483c8d4d9a traceID=3c01e6c2cf19cf82237fdd01c0294fb4 url="https://registry-1.docker.io/v2/library/nosuchimage/manifests/latest"
    DEBU[2024-10-23T15:23:32.051728378Z] fetch response received                       host=registry-1.docker.io response.header.content-length=162 response.header.content-type=application/json response.header.date="Wed, 23 Oct 2024 15:23:32 GMT" response.header.docker-distribution-api-version=registry/2.0 response.header.docker-ratelimit-source=94.210.180.92 response.header.strict-transport-security="max-age=31536000" response.header.www-authenticate="Bearer realm=\"https://auth.docker.io/token\",service=\"registry.docker.io\",scope=\"repository:library/nosuchimage:pull\"" response.status="401 Unauthorized" spanID=97e231483c8d4d9a traceID=3c01e6c2cf19cf82237fdd01c0294fb4 url="https://registry-1.docker.io/v2/library/nosuchimage/manifests/latest"
    DEBU[2024-10-23T15:23:32.051830920Z] Unauthorized                                  header="Bearer realm=\"https://auth.docker.io/token\",service=\"registry.docker.io\",scope=\"repository:library/nosuchimage:pull\"" host=registry-1.docker.io spanID=97e231483c8d4d9a traceID=3c01e6c2cf19cf82237fdd01c0294fb4
    DEBU[2024-10-23T15:23:32.051909045Z] do request                                    host=registry-1.docker.io request.header.accept="application/vnd.docker.distribution.manifest.v2+json, application/vnd.docker.distribution.manifest.list.v2+json, application/vnd.oci.image.manifest.v1+json, application/vnd.oci.image.index.v1+json, */*" request.header.user-agent="docker/dev go/go1.22.8 git-commit/06c2ba1fa02626e242dc8dfe888f022bcd247c52 kernel/6.10.11-linuxkit os/linux arch/arm64 containerd-client/1.7.22+unknown storage-driver/overlayfs UpstreamClient(Docker-Client/27.3.1 \\(darwin\\))" request.method=HEAD spanID=97e231483c8d4d9a traceID=3c01e6c2cf19cf82237fdd01c0294fb4 url="https://registry-1.docker.io/v2/library/nosuchimage/manifests/latest"
    DEBU[2024-10-23T15:23:32.544987920Z] fetch response received                       host=registry-1.docker.io response.header.content-length=162 response.header.content-type=application/json response.header.date="Wed, 23 Oct 2024 15:23:32 GMT" response.header.docker-distribution-api-version=registry/2.0 response.header.docker-ratelimit-source=4203339e-74c0-11e4-bea4-0242ac11001b response.header.strict-transport-security="max-age=31536000" response.header.www-authenticate="Bearer realm=\"https://auth.docker.io/token\",service=\"registry.docker.io\",scope=\"repository:library/nosuchimage:pull\",error=\"insufficient_scope\"" response.status="401 Unauthorized" spanID=97e231483c8d4d9a traceID=3c01e6c2cf19cf82237fdd01c0294fb4 url="https://registry-1.docker.io/v2/library/nosuchimage/manifests/latest"
    DEBU[2024-10-23T15:23:32.545112212Z] Unauthorized                                  header="Bearer realm=\"https://auth.docker.io/token\",service=\"registry.docker.io\",scope=\"repository:library/nosuchimage:pull\",error=\"insufficient_scope\"" host=registry-1.docker.io spanID=97e231483c8d4d9a traceID=3c01e6c2cf19cf82237fdd01c0294fb4
    INFO[2024-10-23T15:23:32.545270087Z] trying next host                              error="pull access denied, repository does not exist or may require authorization: server message: insufficient_scope: authorization failed" host=registry-1.docker.io spanID=97e231483c8d4d9a traceID=3c01e6c2cf19cf82237fdd01c0294fb4
    DEBU[2024-10-23T15:23:32.550666962Z] handling POST request                         error-response="pull access denied for nosuchimage, repository does not exist or may require 'docker login'" method=POST module=api request-url="/v1.47/images/create?fromImage=nosuchimage&tag=latest" spanID=38286e48a07445ef status=404 traceID=3c01e6c2cf19cf82237fdd01c0294fb4 vars="map[version:1.47]"

With this patch applied:

    DEBU[2024-10-23T15:18:18.876346178Z] handling HEAD request                         method=HEAD module=api request-url=/_ping spanID=7fd5eb011140f546 traceID=80ffd75a39de78a1f51ffda89fc4f227 vars="map[]"
    DEBU[2024-10-23T15:18:18.878006428Z] handling POST request                         method=POST module=api request-url="/v1.47/images/create?fromImage=nosuchimage&tag=latest" spanID=40dea95727e38394 traceID=2f901d99f1cf2105e2614d6929d53d3b vars="map[version:1.47]"
    DEBU[2024-10-23T15:18:18.919686136Z] resolving                                     host=registry-1.docker.io spanID=74f65a3accb19ad3 traceID=2f901d99f1cf2105e2614d6929d53d3b
    DEBU[2024-10-23T15:18:18.919748094Z] do request                                    host=registry-1.docker.io request.header.accept="application/vnd.docker.distribution.manifest.v2+json, application/vnd.docker.distribution.manifest.list.v2+json, application/vnd.oci.image.manifest.v1+json, application/vnd.oci.image.index.v1+json, */*" request.header.user-agent="docker/dev go/go1.22.8 git-commit/06c2ba1fa02626e242dc8dfe888f022bcd247c52 kernel/6.10.11-linuxkit os/linux arch/arm64 containerd-client/1.7.22+unknown storage-driver/overlayfs UpstreamClient(Docker-Client/27.3.1 \\(darwin\\))" request.method=HEAD spanID=74f65a3accb19ad3 traceID=2f901d99f1cf2105e2614d6929d53d3b url="https://registry-1.docker.io/v2/library/nosuchimage/manifests/latest"
    DEBU[2024-10-23T15:18:19.258132303Z] fetch response received                       host=registry-1.docker.io response.header.content-length=162 response.header.content-type=application/json response.header.date="Wed, 23 Oct 2024 15:18:19 GMT" response.header.docker-distribution-api-version=registry/2.0 response.header.docker-ratelimit-source=94.210.180.92 response.header.strict-transport-security="max-age=31536000" response.header.www-authenticate="Bearer realm=\"https://auth.docker.io/token\",service=\"registry.docker.io\",scope=\"repository:library/nosuchimage:pull\"" response.status="401 Unauthorized" spanID=74f65a3accb19ad3 traceID=2f901d99f1cf2105e2614d6929d53d3b url="https://registry-1.docker.io/v2/library/nosuchimage/manifests/latest"
    DEBU[2024-10-23T15:18:19.258219803Z] Unauthorized                                  header="Bearer realm=\"https://auth.docker.io/token\",service=\"registry.docker.io\",scope=\"repository:library/nosuchimage:pull\"" host=registry-1.docker.io spanID=74f65a3accb19ad3 traceID=2f901d99f1cf2105e2614d6929d53d3b
    DEBU[2024-10-23T15:18:19.258406886Z] do request                                    host=registry-1.docker.io request.header.accept="application/vnd.docker.distribution.manifest.v2+json, application/vnd.docker.distribution.manifest.list.v2+json, application/vnd.oci.image.manifest.v1+json, application/vnd.oci.image.index.v1+json, */*" request.header.user-agent="docker/dev go/go1.22.8 git-commit/06c2ba1fa02626e242dc8dfe888f022bcd247c52 kernel/6.10.11-linuxkit os/linux arch/arm64 containerd-client/1.7.22+unknown storage-driver/overlayfs UpstreamClient(Docker-Client/27.3.1 \\(darwin\\))" request.method=HEAD spanID=74f65a3accb19ad3 traceID=2f901d99f1cf2105e2614d6929d53d3b url="https://registry-1.docker.io/v2/library/nosuchimage/manifests/latest"
    DEBU[2024-10-23T15:18:19.755911762Z] fetch response received                       host=registry-1.docker.io response.header.content-length=162 response.header.content-type=application/json response.header.date="Wed, 23 Oct 2024 15:18:19 GMT" response.header.docker-distribution-api-version=registry/2.0 response.header.docker-ratelimit-source=4203339e-74c0-11e4-bea4-0242ac11001b response.header.strict-transport-security="max-age=31536000" response.header.www-authenticate="Bearer realm=\"https://auth.docker.io/token\",service=\"registry.docker.io\",scope=\"repository:library/nosuchimage:pull\",error=\"insufficient_scope\"" response.status="401 Unauthorized" spanID=74f65a3accb19ad3 traceID=2f901d99f1cf2105e2614d6929d53d3b url="https://registry-1.docker.io/v2/library/nosuchimage/manifests/latest"
    DEBU[2024-10-23T15:18:19.757501928Z] Unauthorized                                  header="Bearer realm=\"https://auth.docker.io/token\",service=\"registry.docker.io\",scope=\"repository:library/nosuchimage:pull\",error=\"insufficient_scope\"" host=registry-1.docker.io spanID=74f65a3accb19ad3 traceID=2f901d99f1cf2105e2614d6929d53d3b
    INFO[2024-10-23T15:18:19.757689387Z] trying next host                              error="pull access denied, repository does not exist or may require authorization: server message: insufficient_scope: authorization failed" host=registry-1.docker.io spanID=74f65a3accb19ad3 traceID=2f901d99f1cf2105e2614d6929d53d3b
    DEBU[2024-10-23T15:18:19.763826095Z] error response for POST request               error-response="pull access denied for nosuchimage, repository does not exist or may require 'docker login'" method=POST module=api request-url="/v1.47/images/create?fromImage=nosuchimage&tag=latest" spanID=40dea95727e38394 status=404 traceID=2f901d99f1cf2105e2614d6929d53d3b vars="map[version:1.47]"

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2025-01-17 11:00:17 +01:00
Derek McGowan
0aa8fe0bf9 Update to containerd v2.0.2, buildkit v0.19.0-rc2
Update buildkit version to commit which uses 2.0

Signed-off-by: Derek McGowan <derek@mcg.dev>
2025-01-15 14:09:30 +01:00
Sebastiaan van Stijn
818a180fce pkg/ioutils: deprecate NopFlusher
Apart from being used internally for NewWriteFlusher, it's only used
in a single location outside of this package. Copy the implementation
where it's used, and mark it deprecated.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2025-01-09 17:56:34 +01:00
Paweł Gronowski
7e9a5064dc api: Remove unused imageStore and layerStore
Commit 8fb71ce208 moved access to these to
the image service directly, so they are no longer used in the router.

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2024-12-19 14:50:50 +01:00
Sebastiaan van Stijn
01b98afeb6 Merge pull request #49054 from maggie44/apiversion
Accurately reflect the canonical casing of `API-Version` and `OS-Type` headers
2024-12-16 13:06:31 +01:00