docker-py: skip PullImageTest::test_pull_invalid_platform and remove `PullImageTest::test_build_invalid_platform` from the list, which was a copy/paste error in f8cde0b32d86fa2df71ec65adc3d45f862b3ea33 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Dockerfile: use DEBIAN_FRONTEND=noninteractive Using a build-arg so that we don't have to specify it for each `apt-get install`, and to preserve that the `DEBIAN_FRONTEND` is preserved in the image itself (which changes the default behavior, and can be surprising if the image is run interactively).` With this patch, some (harmless, but possibly confusing) errors are no longer printed during build, for example: ```patch Unpacking libgcc1:armhf (1:6.3.0-18+deb9u1) ... Selecting previously unselected package libc6:armhf. Preparing to unpack .../04-libc6_2.24-11+deb9u4_armhf.deb ... -debconf: unable to initialize frontend: Dialog -debconf: (TERM is not set, so the dialog frontend is not usable.) -debconf: falling back to frontend: Readline Unpacking libc6:armhf (2.24-11+deb9u4) ... Selecting previously unselected package libgcc1:arm64. Preparing to unpack .../05-libgcc1_1%3a6.3.0-18+deb9u1_arm64.deb ... Unpacking libgcc1:arm64 (1:6.3.0-18+deb9u1) ... Selecting previously unselected package libc6:arm64. Preparing to unpack .../06-libc6_2.24-11+deb9u4_arm64.deb ... -debconf: unable to initialize frontend: Dialog -debconf: (TERM is not set, so the dialog frontend is not usable.) -debconf: falling back to frontend: Readline ``` Looks like some output is now also printed on stdout instead of stderr Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
add powerpc-master stage to Jenkinsfile The powerpc-master stage will just run the integration-cli tests. The existing powerpc stage will run the unit tests and the integration tests. In this way, PR check jobs will be shorter, but all integration tests will run after PR is merged to master. Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
add z-master stage to Jenkinsfile The z-master stage will just run the integration-cli tests. The existing z stage will run the unit tests and the integration tests. In this way, PR check jobs will be shorter, but all integration tests will run after PR is merged to master. Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
be more lenient on junit report gathering in Jenkinsfile In case a job fails before even generating a report file. Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
Jenkinsfile: send junit.xml in the stage that produced it This will send the results directly after the tests complete, and make the stage more atomic. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Jenkinsfile: collect junit.xml for all architectures Jenkins groups them per stage, so collecting them for all architectures is possible (without them conflicting or becoming ambiguous) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Bump golang 1.12.8 (CVE-2019-9512, CVE-2019-9514) go1.12.8 (released 2019/08/13) includes security fixes to the net/http and net/url packages. See the Go 1.12.8 milestone on our issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.12.8 - net/http: Denial of Service vulnerabilities in the HTTP/2 implementation net/http and golang.org/x/net/http2 servers that accept direct connections from untrusted clients could be remotely made to allocate an unlimited amount of memory, until the program crashes. Servers will now close connections if the send queue accumulates too many control messages. The issues are CVE-2019-9512 and CVE-2019-9514, and Go issue golang.org/issue/33606. Thanks to Jonathan Looney from Netflix for discovering and reporting these issues. This is also fixed in version v0.0.0-20190813141303-74dc4d7220e7 of golang.org/x/net/http2. net/url: parsing validation issue - url.Parse would accept URLs with malformed hosts, such that the Host field could have arbitrary suffixes that would appear in neither Hostname() nor Port(), allowing authorization bypasses in certain applications. Note that URLs with invalid, not numeric ports will now return an error from url.Parse. The issue is CVE-2019-14809 and Go issue golang.org/issue/29098. Thanks to Julian Hector and Nikolai Krein from Cure53, and Adi Cohen (adico.me) for discovering and reporting this issue. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Dockerfile: update CRIU to v3.12 New features - build CRIU with Android NDK - C/R of - IP RAW sockets - lsm: dump and restore any SELinux process label - support restoring ghost files on readonly mounts Bugfixes - Do not lock network if running in the host network namespace - Fix RPC configuration file handling - util: don't leak file descriptors to third-party tools - small fixes here and there Improvements - travis: switch to the Ubuntu Xenial - travis-ci: Enable ia32 tests - Many improvements and bug fixes in the libcriu - Changes in the API and ABI (SONAME increased from 1 to 2) full diff: https://github.com/checkpoint-restore/criu/compare/v3.11...v3.12 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Fixups for 39695 - edit comments, redundant lines 1. Modify comments added in 5858a99267822b93e2d304d876bab84d05b227c6 Windows Volume GUID path format is: \\?\Volume{<GUID Value>}\<path> Rewrote the example given in comments to conform to the format.. 2. Remove two redundant asserts[assert.NilError]. They are redundant because the last statement will not change the value of err. Signed-off-by: Vikram bir Singh <vikrambir.singh@docker.com>