Bump github.com/docker/docker
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.27-0.20230918140811-29a0e76e6495+incompatible to 24.0.7+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Commits](https://github.com/docker/docker/commits/v24.0.7) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>pull/496/head
dependabot[bot]
7 months ago
committed by
GitHub
parent
80af149b02
commit
4fce8eb54f
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@ -1,22 +1,7 @@
|
||||
package types // import "github.com/docker/docker/api/types"
|
||||
import "github.com/docker/docker/api/types/registry"
|
||||
|
||||
// AuthConfig contains authorization information for connecting to a Registry
|
||||
type AuthConfig struct {
|
||||
Username string `json:"username,omitempty"`
|
||||
Password string `json:"password,omitempty"`
|
||||
Auth string `json:"auth,omitempty"`
|
||||
|
||||
// Email is an optional value associated with the username.
|
||||
// This field is deprecated and will be removed in a later
|
||||
// version of docker.
|
||||
Email string `json:"email,omitempty"`
|
||||
|
||||
ServerAddress string `json:"serveraddress,omitempty"`
|
||||
|
||||
// IdentityToken is used to authenticate the user and get
|
||||
// an access token for the registry.
|
||||
IdentityToken string `json:"identitytoken,omitempty"`
|
||||
|
||||
// RegistryToken is a bearer token to be sent to a registry
|
||||
RegistryToken string `json:"registrytoken,omitempty"`
|
||||
}
|
||||
// AuthConfig contains authorization information for connecting to a Registry.
|
||||
//
|
||||
// Deprecated: use github.com/docker/docker/api/types/registry.AuthConfig
|
||||
type AuthConfig = registry.AuthConfig
|
||||
|
||||
6
vendor/github.com/docker/docker/api/types/container/change_response_deprecated.go
generated
vendored
6
vendor/github.com/docker/docker/api/types/container/change_response_deprecated.go
generated
vendored
@ -0,0 +1,6 @@
|
||||
package container
|
||||
|
||||
// ContainerChangeResponseItem change item in response to ContainerChanges operation
|
||||
//
|
||||
// Deprecated: use [FilesystemChange].
|
||||
type ContainerChangeResponseItem = FilesystemChange
|
||||
@ -0,0 +1,15 @@
|
||||
package container
|
||||
|
||||
// This file was generated by the swagger tool.
|
||||
// Editing this file might prove futile when you re-run the swagger generate command
|
||||
|
||||
// ChangeType Kind of change
|
||||
//
|
||||
// Can be one of:
|
||||
//
|
||||
// - `0`: Modified ("C")
|
||||
// - `1`: Added ("A")
|
||||
// - `2`: Deleted ("D")
|
||||
//
|
||||
// swagger:model ChangeType
|
||||
type ChangeType uint8
|
||||
@ -0,0 +1,23 @@
|
||||
package container
|
||||
|
||||
const (
|
||||
// ChangeModify represents the modify operation.
|
||||
ChangeModify ChangeType = 0
|
||||
// ChangeAdd represents the add operation.
|
||||
ChangeAdd ChangeType = 1
|
||||
// ChangeDelete represents the delete operation.
|
||||
ChangeDelete ChangeType = 2
|
||||
)
|
||||
|
||||
func (ct ChangeType) String() string {
|
||||
switch ct {
|
||||
case ChangeModify:
|
||||
return "C"
|
||||
case ChangeAdd:
|
||||
return "A"
|
||||
case ChangeDelete:
|
||||
return "D"
|
||||
default:
|
||||
return ""
|
||||
}
|
||||
}
|
||||
@ -1,20 +0,0 @@
|
||||
package container // import "github.com/docker/docker/api/types/container"
|
||||
|
||||
// ----------------------------------------------------------------------------
|
||||
// Code generated by `swagger generate operation`. DO NOT EDIT.
|
||||
//
|
||||
// See hack/generate-swagger-api.sh
|
||||
// ----------------------------------------------------------------------------
|
||||
|
||||
// ContainerChangeResponseItem change item in response to ContainerChanges operation
|
||||
// swagger:model ContainerChangeResponseItem
|
||||
type ContainerChangeResponseItem struct {
|
||||
|
||||
// Kind of change
|
||||
// Required: true
|
||||
Kind uint8 `json:"Kind"`
|
||||
|
||||
// Path to file that has changed
|
||||
// Required: true
|
||||
Path string `json:"Path"`
|
||||
}
|
||||
@ -1,20 +0,0 @@
|
||||
package container // import "github.com/docker/docker/api/types/container"
|
||||
|
||||
// ----------------------------------------------------------------------------
|
||||
// Code generated by `swagger generate operation`. DO NOT EDIT.
|
||||
//
|
||||
// See hack/generate-swagger-api.sh
|
||||
// ----------------------------------------------------------------------------
|
||||
|
||||
// ContainerCreateCreatedBody OK response to ContainerCreate operation
|
||||
// swagger:model ContainerCreateCreatedBody
|
||||
type ContainerCreateCreatedBody struct {
|
||||
|
||||
// The ID of the created container
|
||||
// Required: true
|
||||
ID string `json:"Id"`
|
||||
|
||||
// Warnings encountered when creating the container
|
||||
// Required: true
|
||||
Warnings []string `json:"Warnings"`
|
||||
}
|
||||
@ -1,28 +0,0 @@
|
||||
package container // import "github.com/docker/docker/api/types/container"
|
||||
|
||||
// ----------------------------------------------------------------------------
|
||||
// Code generated by `swagger generate operation`. DO NOT EDIT.
|
||||
//
|
||||
// See hack/generate-swagger-api.sh
|
||||
// ----------------------------------------------------------------------------
|
||||
|
||||
// ContainerWaitOKBodyError container waiting error, if any
|
||||
// swagger:model ContainerWaitOKBodyError
|
||||
type ContainerWaitOKBodyError struct {
|
||||
|
||||
// Details of an error
|
||||
Message string `json:"Message,omitempty"`
|
||||
}
|
||||
|
||||
// ContainerWaitOKBody OK response to ContainerWait operation
|
||||
// swagger:model ContainerWaitOKBody
|
||||
type ContainerWaitOKBody struct {
|
||||
|
||||
// error
|
||||
// Required: true
|
||||
Error *ContainerWaitOKBodyError `json:"Error"`
|
||||
|
||||
// Exit code of the container
|
||||
// Required: true
|
||||
StatusCode int64 `json:"StatusCode"`
|
||||
}
|
||||
@ -0,0 +1,19 @@
|
||||
package container
|
||||
|
||||
// This file was generated by the swagger tool.
|
||||
// Editing this file might prove futile when you re-run the swagger generate command
|
||||
|
||||
// CreateResponse ContainerCreateResponse
|
||||
//
|
||||
// OK response to ContainerCreate operation
|
||||
// swagger:model CreateResponse
|
||||
type CreateResponse struct {
|
||||
|
||||
// The ID of the created container
|
||||
// Required: true
|
||||
ID string `json:"Id"`
|
||||
|
||||
// Warnings encountered when creating the container
|
||||
// Required: true
|
||||
Warnings []string `json:"Warnings"`
|
||||
}
|
||||
@ -0,0 +1,19 @@
|
||||
package container
|
||||
|
||||
// This file was generated by the swagger tool.
|
||||
// Editing this file might prove futile when you re-run the swagger generate command
|
||||
|
||||
// FilesystemChange Change in the container's filesystem.
|
||||
//
|
||||
// swagger:model FilesystemChange
|
||||
type FilesystemChange struct {
|
||||
|
||||
// kind
|
||||
// Required: true
|
||||
Kind ChangeType `json:"Kind"`
|
||||
|
||||
// Path to file or directory that has changed.
|
||||
//
|
||||
// Required: true
|
||||
Path string `json:"Path"`
|
||||
}
|
||||
@ -0,0 +1,12 @@
|
||||
package container
|
||||
|
||||
// This file was generated by the swagger tool.
|
||||
// Editing this file might prove futile when you re-run the swagger generate command
|
||||
|
||||
// WaitExitError container waiting error, if any
|
||||
// swagger:model WaitExitError
|
||||
type WaitExitError struct {
|
||||
|
||||
// Details of an error
|
||||
Message string `json:"Message,omitempty"`
|
||||
}
|
||||
@ -0,0 +1,18 @@
|
||||
package container
|
||||
|
||||
// This file was generated by the swagger tool.
|
||||
// Editing this file might prove futile when you re-run the swagger generate command
|
||||
|
||||
// WaitResponse ContainerWaitResponse
|
||||
//
|
||||
// OK response to ContainerWait operation
|
||||
// swagger:model WaitResponse
|
||||
type WaitResponse struct {
|
||||
|
||||
// error
|
||||
Error *WaitExitError `json:"Error,omitempty"`
|
||||
|
||||
// Exit code of the container
|
||||
// Required: true
|
||||
StatusCode int64 `json:"StatusCode"`
|
||||
}
|
||||
@ -0,0 +1,37 @@
|
||||
package filters
|
||||
|
||||
import "fmt"
|
||||
|
||||
// invalidFilter indicates that the provided filter or its value is invalid
|
||||
type invalidFilter struct {
|
||||
Filter string
|
||||
Value []string
|
||||
}
|
||||
|
||||
func (e invalidFilter) Error() string {
|
||||
msg := "invalid filter"
|
||||
if e.Filter != "" {
|
||||
msg += " '" + e.Filter
|
||||
if e.Value != nil {
|
||||
msg = fmt.Sprintf("%s=%s", msg, e.Value)
|
||||
}
|
||||
msg += "'"
|
||||
}
|
||||
return msg
|
||||
}
|
||||
|
||||
// InvalidParameter marks this error as ErrInvalidParameter
|
||||
func (e invalidFilter) InvalidParameter() {}
|
||||
|
||||
// unreachableCode is an error indicating that the code path was not expected to be reached.
|
||||
type unreachableCode struct {
|
||||
Filter string
|
||||
Value []string
|
||||
}
|
||||
|
||||
// System marks this error as ErrSystem
|
||||
func (e unreachableCode) System() {}
|
||||
|
||||
func (e unreachableCode) Error() string {
|
||||
return fmt.Sprintf("unreachable code reached for filter: %q with values: %s", e.Filter, e.Value)
|
||||
}
|
||||
@ -0,0 +1,9 @@
|
||||
package image
|
||||
|
||||
import ocispec "github.com/opencontainers/image-spec/specs-go/v1"
|
||||
|
||||
// GetImageOpts holds parameters to inspect an image.
|
||||
type GetImageOpts struct {
|
||||
Platform *ocispec.Platform
|
||||
Details bool
|
||||
}
|
||||
@ -0,0 +1,99 @@
|
||||
package registry // import "github.com/docker/docker/api/types/registry"
|
||||
import (
|
||||
"encoding/base64"
|
||||
"encoding/json"
|
||||
"io"
|
||||
"strings"
|
||||
|
||||
"github.com/pkg/errors"
|
||||
)
|
||||
|
||||
// AuthHeader is the name of the header used to send encoded registry
|
||||
// authorization credentials for registry operations (push/pull).
|
||||
const AuthHeader = "X-Registry-Auth"
|
||||
|
||||
// AuthConfig contains authorization information for connecting to a Registry.
|
||||
type AuthConfig struct {
|
||||
Username string `json:"username,omitempty"`
|
||||
Password string `json:"password,omitempty"`
|
||||
Auth string `json:"auth,omitempty"`
|
||||
|
||||
// Email is an optional value associated with the username.
|
||||
// This field is deprecated and will be removed in a later
|
||||
// version of docker.
|
||||
Email string `json:"email,omitempty"`
|
||||
|
||||
ServerAddress string `json:"serveraddress,omitempty"`
|
||||
|
||||
// IdentityToken is used to authenticate the user and get
|
||||
// an access token for the registry.
|
||||
IdentityToken string `json:"identitytoken,omitempty"`
|
||||
|
||||
// RegistryToken is a bearer token to be sent to a registry
|
||||
RegistryToken string `json:"registrytoken,omitempty"`
|
||||
}
|
||||
|
||||
// EncodeAuthConfig serializes the auth configuration as a base64url encoded
|
||||
// RFC4648, section 5) JSON string for sending through the X-Registry-Auth header.
|
||||
//
|
||||
// For details on base64url encoding, see:
|
||||
// - RFC4648, section 5: https://tools.ietf.org/html/rfc4648#section-5
|
||||
func EncodeAuthConfig(authConfig AuthConfig) (string, error) {
|
||||
buf, err := json.Marshal(authConfig)
|
||||
if err != nil {
|
||||
return "", errInvalidParameter{err}
|
||||
}
|
||||
return base64.URLEncoding.EncodeToString(buf), nil
|
||||
}
|
||||
|
||||
// DecodeAuthConfig decodes base64url encoded (RFC4648, section 5) JSON
|
||||
// authentication information as sent through the X-Registry-Auth header.
|
||||
//
|
||||
// This function always returns an AuthConfig, even if an error occurs. It is up
|
||||
// to the caller to decide if authentication is required, and if the error can
|
||||
// be ignored.
|
||||
//
|
||||
// For details on base64url encoding, see:
|
||||
// - RFC4648, section 5: https://tools.ietf.org/html/rfc4648#section-5
|
||||
func DecodeAuthConfig(authEncoded string) (*AuthConfig, error) {
|
||||
if authEncoded == "" {
|
||||
return &AuthConfig{}, nil
|
||||
}
|
||||
|
||||
authJSON := base64.NewDecoder(base64.URLEncoding, strings.NewReader(authEncoded))
|
||||
return decodeAuthConfigFromReader(authJSON)
|
||||
}
|
||||
|
||||
// DecodeAuthConfigBody decodes authentication information as sent as JSON in the
|
||||
// body of a request. This function is to provide backward compatibility with old
|
||||
// clients and API versions. Current clients and API versions expect authentication
|
||||
// to be provided through the X-Registry-Auth header.
|
||||
//
|
||||
// Like DecodeAuthConfig, this function always returns an AuthConfig, even if an
|
||||
// error occurs. It is up to the caller to decide if authentication is required,
|
||||
// and if the error can be ignored.
|
||||
func DecodeAuthConfigBody(rdr io.ReadCloser) (*AuthConfig, error) {
|
||||
return decodeAuthConfigFromReader(rdr)
|
||||
}
|
||||
|
||||
func decodeAuthConfigFromReader(rdr io.Reader) (*AuthConfig, error) {
|
||||
authConfig := &AuthConfig{}
|
||||
if err := json.NewDecoder(rdr).Decode(authConfig); err != nil {
|
||||
// always return an (empty) AuthConfig to increase compatibility with
|
||||
// the existing API.
|
||||
return &AuthConfig{}, invalid(err)
|
||||
}
|
||||
return authConfig, nil
|
||||
}
|
||||
|
||||
func invalid(err error) error {
|
||||
return errInvalidParameter{errors.Wrap(err, "invalid X-Registry-Auth header")}
|
||||
}
|
||||
|
||||
type errInvalidParameter struct{ error }
|
||||
|
||||
func (errInvalidParameter) InvalidParameter() {}
|
||||
|
||||
func (e errInvalidParameter) Cause() error { return e.error }
|
||||
|
||||
func (e errInvalidParameter) Unwrap() error { return e.error }
|
||||
@ -1,12 +0,0 @@
|
||||
package time // import "github.com/docker/docker/api/types/time"
|
||||
|
||||
import (
|
||||
"strconv"
|
||||
"time"
|
||||
)
|
||||
|
||||
// DurationToSecondsString converts the specified duration to the number
|
||||
// seconds it represents, formatted as a string.
|
||||
func DurationToSecondsString(duration time.Duration) string {
|
||||
return strconv.FormatFloat(duration.Seconds(), 'f', 0, 64)
|
||||
}
|
||||
@ -0,0 +1,420 @@
|
||||
package volume
|
||||
|
||||
import (
|
||||
"github.com/docker/docker/api/types/swarm"
|
||||
)
|
||||
|
||||
// ClusterVolume contains options and information specific to, and only present
|
||||
// on, Swarm CSI cluster volumes.
|
||||
type ClusterVolume struct {
|
||||
// ID is the Swarm ID of the volume. Because cluster volumes are Swarm
|
||||
// objects, they have an ID, unlike non-cluster volumes, which only have a
|
||||
// Name. This ID can be used to refer to the cluster volume.
|
||||
ID string
|
||||
|
||||
// Meta is the swarm metadata about this volume.
|
||||
swarm.Meta
|
||||
|
||||
// Spec is the cluster-specific options from which this volume is derived.
|
||||
Spec ClusterVolumeSpec
|
||||
|
||||
// PublishStatus contains the status of the volume as it pertains to its
|
||||
// publishing on Nodes.
|
||||
PublishStatus []*PublishStatus `json:",omitempty"`
|
||||
|
||||
// Info is information about the global status of the volume.
|
||||
Info *Info `json:",omitempty"`
|
||||
}
|
||||
|
||||
// ClusterVolumeSpec contains the spec used to create this volume.
|
||||
type ClusterVolumeSpec struct {
|
||||
// Group defines the volume group of this volume. Volumes belonging to the
|
||||
// same group can be referred to by group name when creating Services.
|
||||
// Referring to a volume by group instructs swarm to treat volumes in that
|
||||
// group interchangeably for the purpose of scheduling. Volumes with an
|
||||
// empty string for a group technically all belong to the same, emptystring
|
||||
// group.
|
||||
Group string `json:",omitempty"`
|
||||
|
||||
// AccessMode defines how the volume is used by tasks.
|
||||
AccessMode *AccessMode `json:",omitempty"`
|
||||
|
||||
// AccessibilityRequirements specifies where in the cluster a volume must
|
||||
// be accessible from.
|
||||
//
|
||||
// This field must be empty if the plugin does not support
|
||||
// VOLUME_ACCESSIBILITY_CONSTRAINTS capabilities. If it is present but the
|
||||
// plugin does not support it, volume will not be created.
|
||||
//
|
||||
// If AccessibilityRequirements is empty, but the plugin does support
|
||||
// VOLUME_ACCESSIBILITY_CONSTRAINTS, then Swarmkit will assume the entire
|
||||
// cluster is a valid target for the volume.
|
||||
AccessibilityRequirements *TopologyRequirement `json:",omitempty"`
|
||||
|
||||
// CapacityRange defines the desired capacity that the volume should be
|
||||
// created with. If nil, the plugin will decide the capacity.
|
||||
CapacityRange *CapacityRange `json:",omitempty"`
|
||||
|
||||
// Secrets defines Swarm Secrets that are passed to the CSI storage plugin
|
||||
// when operating on this volume.
|
||||
Secrets []Secret `json:",omitempty"`
|
||||
|
||||
// Availability is the Volume's desired availability. Analogous to Node
|
||||
// Availability, this allows the user to take volumes offline in order to
|
||||
// update or delete them.
|
||||
Availability Availability `json:",omitempty"`
|
||||
}
|
||||
|
||||
// Availability specifies the availability of the volume.
|
||||
type Availability string
|
||||
|
||||
const (
|
||||
// AvailabilityActive indicates that the volume is active and fully
|
||||
// schedulable on the cluster.
|
||||
AvailabilityActive Availability = "active"
|
||||
|
||||
// AvailabilityPause indicates that no new workloads should use the
|
||||
// volume, but existing workloads can continue to use it.
|
||||
AvailabilityPause Availability = "pause"
|
||||
|
||||
// AvailabilityDrain indicates that all workloads using this volume
|
||||
// should be rescheduled, and the volume unpublished from all nodes.
|
||||
AvailabilityDrain Availability = "drain"
|
||||
)
|
||||
|
||||
// AccessMode defines the access mode of a volume.
|
||||
type AccessMode struct {
|
||||
// Scope defines the set of nodes this volume can be used on at one time.
|
||||
Scope Scope `json:",omitempty"`
|
||||
|
||||
// Sharing defines the number and way that different tasks can use this
|
||||
// volume at one time.
|
||||
Sharing SharingMode `json:",omitempty"`
|
||||
|
||||
// MountVolume defines options for using this volume as a Mount-type
|
||||
// volume.
|
||||
//
|
||||
// Either BlockVolume or MountVolume, but not both, must be present.
|
||||
MountVolume *TypeMount `json:",omitempty"`
|
||||
|
||||
// BlockVolume defines options for using this volume as a Block-type
|
||||
// volume.
|
||||
//
|
||||
// Either BlockVolume or MountVolume, but not both, must be present.
|
||||
BlockVolume *TypeBlock `json:",omitempty"`
|
||||
}
|
||||
|
||||
// Scope defines the Scope of a Cluster Volume. This is how many nodes a
|
||||
// Volume can be accessed simultaneously on.
|
||||
type Scope string
|
||||
|
||||
const (
|
||||
// ScopeSingleNode indicates the volume can be used on one node at a
|
||||
// time.
|
||||
ScopeSingleNode Scope = "single"
|
||||
|
||||
// ScopeMultiNode indicates the volume can be used on many nodes at
|
||||
// the same time.
|
||||
ScopeMultiNode Scope = "multi"
|
||||
)
|
||||
|
||||
// SharingMode defines the Sharing of a Cluster Volume. This is how Tasks using a
|
||||
// Volume at the same time can use it.
|
||||
type SharingMode string
|
||||
|
||||
const (
|
||||
// SharingNone indicates that only one Task may use the Volume at a
|
||||
// time.
|
||||
SharingNone SharingMode = "none"
|
||||
|
||||
// SharingReadOnly indicates that the Volume may be shared by any
|
||||
// number of Tasks, but they must be read-only.
|
||||
SharingReadOnly SharingMode = "readonly"
|
||||
|
||||
// SharingOneWriter indicates that the Volume may be shared by any
|
||||
// number of Tasks, but all after the first must be read-only.
|
||||
SharingOneWriter SharingMode = "onewriter"
|
||||
|
||||
// SharingAll means that the Volume may be shared by any number of
|
||||
// Tasks, as readers or writers.
|
||||
SharingAll SharingMode = "all"
|
||||
)
|
||||
|
||||
// TypeBlock defines options for using a volume as a block-type volume.
|
||||
//
|
||||
// Intentionally empty.
|
||||
type TypeBlock struct{}
|
||||
|
||||
// TypeMount contains options for using a volume as a Mount-type
|
||||
// volume.
|
||||
type TypeMount struct {
|
||||
// FsType specifies the filesystem type for the mount volume. Optional.
|
||||
FsType string `json:",omitempty"`
|
||||
|
||||
// MountFlags defines flags to pass when mounting the volume. Optional.
|
||||
MountFlags []string `json:",omitempty"`
|
||||
}
|
||||
|
||||
// TopologyRequirement expresses the user's requirements for a volume's
|
||||
// accessible topology.
|
||||
type TopologyRequirement struct {
|
||||
// Requisite specifies a list of Topologies, at least one of which the
|
||||
// volume must be accessible from.
|
||||
//
|
||||
// Taken verbatim from the CSI Spec:
|
||||
//
|
||||
// Specifies the list of topologies the provisioned volume MUST be
|
||||
// accessible from.
|
||||
// This field is OPTIONAL. If TopologyRequirement is specified either
|
||||
// requisite or preferred or both MUST be specified.
|
||||
//
|
||||
// If requisite is specified, the provisioned volume MUST be
|
||||
// accessible from at least one of the requisite topologies.
|
||||
//
|
||||
// Given
|
||||
// x = number of topologies provisioned volume is accessible from
|
||||
// n = number of requisite topologies
|
||||
// The CO MUST ensure n >= 1. The SP MUST ensure x >= 1
|
||||
// If x==n, then the SP MUST make the provisioned volume available to
|
||||
// all topologies from the list of requisite topologies. If it is
|
||||
// unable to do so, the SP MUST fail the CreateVolume call.
|
||||
// For example, if a volume should be accessible from a single zone,
|
||||
// and requisite =
|
||||
// {"region": "R1", "zone": "Z2"}
|
||||
// then the provisioned volume MUST be accessible from the "region"
|
||||
// "R1" and the "zone" "Z2".
|
||||
// Similarly, if a volume should be accessible from two zones, and
|
||||
// requisite =
|
||||
// {"region": "R1", "zone": "Z2"},
|
||||
// {"region": "R1", "zone": "Z3"}
|
||||
// then the provisioned volume MUST be accessible from the "region"
|
||||
// "R1" and both "zone" "Z2" and "zone" "Z3".
|
||||
//
|
||||
// If x<n, then the SP SHALL choose x unique topologies from the list
|
||||
// of requisite topologies. If it is unable to do so, the SP MUST fail
|
||||
// the CreateVolume call.
|
||||
// For example, if a volume should be accessible from a single zone,
|
||||
// and requisite =
|
||||
// {"region": "R1", "zone": "Z2"},
|
||||
// {"region": "R1", "zone": "Z3"}
|
||||
// then the SP may choose to make the provisioned volume available in
|
||||
// either the "zone" "Z2" or the "zone" "Z3" in the "region" "R1".
|
||||
// Similarly, if a volume should be accessible from two zones, and
|
||||
// requisite =
|
||||
// {"region": "R1", "zone": "Z2"},
|
||||
// {"region": "R1", "zone": "Z3"},
|
||||
// {"region": "R1", "zone": "Z4"}
|
||||
// then the provisioned volume MUST be accessible from any combination
|
||||
// of two unique topologies: e.g. "R1/Z2" and "R1/Z3", or "R1/Z2" and
|
||||
// "R1/Z4", or "R1/Z3" and "R1/Z4".
|
||||
//
|
||||
// If x>n, then the SP MUST make the provisioned volume available from
|
||||
// all topologies from the list of requisite topologies and MAY choose
|
||||
// the remaining x-n unique topologies from the list of all possible
|
||||
// topologies. If it is unable to do so, the SP MUST fail the
|
||||
// CreateVolume call.
|
||||
// For example, if a volume should be accessible from two zones, and
|
||||
// requisite =
|
||||
// {"region": "R1", "zone": "Z2"}
|
||||
// then the provisioned volume MUST be accessible from the "region"
|
||||
// "R1" and the "zone" "Z2" and the SP may select the second zone
|
||||
// independently, e.g. "R1/Z4".
|
||||
Requisite []Topology `json:",omitempty"`
|
||||
|
||||
// Preferred is a list of Topologies that the volume should attempt to be
|
||||
// provisioned in.
|
||||
//
|
||||
// Taken from the CSI spec:
|
||||
//
|
||||
// Specifies the list of topologies the CO would prefer the volume to
|
||||
// be provisioned in.
|
||||
//
|
||||
// This field is OPTIONAL. If TopologyRequirement is specified either
|
||||
// requisite or preferred or both MUST be specified.
|
||||
//
|
||||
// An SP MUST attempt to make the provisioned volume available using
|
||||
// the preferred topologies in order from first to last.
|
||||
//
|
||||
// If requisite is specified, all topologies in preferred list MUST
|
||||
// also be present in the list of requisite topologies.
|
||||
//
|
||||
// If the SP is unable to to make the provisioned volume available
|
||||
// from any of the preferred topologies, the SP MAY choose a topology
|
||||
// from the list of requisite topologies.
|
||||
// If the list of requisite topologies is not specified, then the SP
|
||||
// MAY choose from the list of all possible topologies.
|
||||
// If the list of requisite topologies is specified and the SP is
|
||||
// unable to to make the provisioned volume available from any of the
|
||||
// requisite topologies it MUST fail the CreateVolume call.
|
||||
//
|
||||
// Example 1:
|
||||
// Given a volume should be accessible from a single zone, and
|
||||
// requisite =
|
||||
// {"region": "R1", "zone": "Z2"},
|
||||
// {"region": "R1", "zone": "Z3"}
|
||||
// preferred =
|
||||
// {"region": "R1", "zone": "Z3"}
|
||||
// then the the SP SHOULD first attempt to make the provisioned volume
|
||||
// available from "zone" "Z3" in the "region" "R1" and fall back to
|
||||
// "zone" "Z2" in the "region" "R1" if that is not possible.
|
||||
//
|
||||
// Example 2:
|
||||
// Given a volume should be accessible from a single zone, and
|
||||
// requisite =
|
||||
// {"region": "R1", "zone": "Z2"},
|
||||
// {"region": "R1", "zone": "Z3"},
|
||||
// {"region": "R1", "zone": "Z4"},
|
||||
// {"region": "R1", "zone": "Z5"}
|
||||
// preferred =
|
||||
// {"region": "R1", "zone": "Z4"},
|
||||
// {"region": "R1", "zone": "Z2"}
|
||||
// then the the SP SHOULD first attempt to make the provisioned volume
|
||||
// accessible from "zone" "Z4" in the "region" "R1" and fall back to
|
||||
// "zone" "Z2" in the "region" "R1" if that is not possible. If that
|
||||
// is not possible, the SP may choose between either the "zone"
|
||||
// "Z3" or "Z5" in the "region" "R1".
|
||||
//
|
||||
// Example 3:
|
||||
// Given a volume should be accessible from TWO zones (because an
|
||||
// opaque parameter in CreateVolumeRequest, for example, specifies
|
||||
// the volume is accessible from two zones, aka synchronously
|
||||
// replicated), and
|
||||
// requisite =
|
||||
// {"region": "R1", "zone": "Z2"},
|
||||
// {"region": "R1", "zone": "Z3"},
|
||||
// {"region": "R1", "zone": "Z4"},
|
||||
// {"region": "R1", "zone": "Z5"}
|
||||
// preferred =
|
||||
// {"region": "R1", "zone": "Z5"},
|
||||
// {"region": "R1", "zone": "Z3"}
|
||||
// then the the SP SHOULD first attempt to make the provisioned volume
|
||||
// accessible from the combination of the two "zones" "Z5" and "Z3" in
|
||||
// the "region" "R1". If that's not possible, it should fall back to
|
||||
// a combination of "Z5" and other possibilities from the list of
|
||||
// requisite. If that's not possible, it should fall back to a
|
||||
// combination of "Z3" and other possibilities from the list of
|
||||
// requisite. If that's not possible, it should fall back to a
|
||||
// combination of other possibilities from the list of requisite.
|
||||
Preferred []Topology `json:",omitempty"`
|
||||
}
|
||||
|
||||
// Topology is a map of topological domains to topological segments.
|
||||
//
|
||||
// This description is taken verbatim from the CSI Spec:
|
||||
//
|
||||
// A topological domain is a sub-division of a cluster, like "region",
|
||||
// "zone", "rack", etc.
|
||||
// A topological segment is a specific instance of a topological domain,
|
||||
// like "zone3", "rack3", etc.
|
||||
// For example {"com.company/zone": "Z1", "com.company/rack": "R3"}
|
||||
// Valid keys have two segments: an OPTIONAL prefix and name, separated
|
||||
// by a slash (/), for example: "com.company.example/zone".
|
||||
// The key name segment is REQUIRED. The prefix is OPTIONAL.
|
||||
// The key name MUST be 63 characters or less, begin and end with an
|
||||
// alphanumeric character ([a-z0-9A-Z]), and contain only dashes (-),
|
||||
// underscores (_), dots (.), or alphanumerics in between, for example
|
||||
// "zone".
|
||||
// The key prefix MUST be 63 characters or less, begin and end with a
|
||||
// lower-case alphanumeric character ([a-z0-9]), contain only
|
||||
// dashes (-), dots (.), or lower-case alphanumerics in between, and
|
||||
// follow domain name notation format
|
||||
// (https://tools.ietf.org/html/rfc1035#section-2.3.1).
|
||||
// The key prefix SHOULD include the plugin's host company name and/or
|
||||
// the plugin name, to minimize the possibility of collisions with keys
|
||||
// from other plugins.
|
||||
// If a key prefix is specified, it MUST be identical across all
|
||||
// topology keys returned by the SP (across all RPCs).
|
||||
// Keys MUST be case-insensitive. Meaning the keys "Zone" and "zone"
|
||||
// MUST not both exist.
|
||||
// Each value (topological segment) MUST contain 1 or more strings.
|
||||
// Each string MUST be 63 characters or less and begin and end with an
|
||||
// alphanumeric character with '-', '_', '.', or alphanumerics in
|
||||
// between.
|
||||
type Topology struct {
|
||||
Segments map[string]string `json:",omitempty"`
|
||||
}
|
||||
|
||||
// CapacityRange describes the minimum and maximum capacity a volume should be
|
||||
// created with
|
||||
type CapacityRange struct {
|
||||
// RequiredBytes specifies that a volume must be at least this big. The
|
||||
// value of 0 indicates an unspecified minimum.
|
||||
RequiredBytes int64
|
||||
|
||||
// LimitBytes specifies that a volume must not be bigger than this. The
|
||||
// value of 0 indicates an unspecified maximum
|
||||
LimitBytes int64
|
||||
}
|
||||
|
||||
// Secret represents a Swarm Secret value that must be passed to the CSI
|
||||
// storage plugin when operating on this Volume. It represents one key-value
|
||||
// pair of possibly many.
|
||||
type Secret struct {
|
||||
// Key is the name of the key of the key-value pair passed to the plugin.
|
||||
Key string
|
||||
|
||||
// Secret is the swarm Secret object from which to read data. This can be a
|
||||
// Secret name or ID. The Secret data is retrieved by Swarm and used as the
|
||||
// value of the key-value pair passed to the plugin.
|
||||
Secret string
|
||||
}
|
||||
|
||||
// PublishState represents the state of a Volume as it pertains to its
|
||||
// use on a particular Node.
|
||||
type PublishState string
|
||||
|
||||
const (
|
||||
// StatePending indicates that the volume should be published on
|
||||
// this node, but the call to ControllerPublishVolume has not been
|
||||
// successfully completed yet and the result recorded by swarmkit.
|
||||
StatePending PublishState = "pending-publish"
|
||||
|
||||
// StatePublished means the volume is published successfully to the node.
|
||||
StatePublished PublishState = "published"
|
||||
|
||||
// StatePendingNodeUnpublish indicates that the Volume should be
|
||||
// unpublished on the Node, and we're waiting for confirmation that it has
|
||||
// done so. After the Node has confirmed that the Volume has been
|
||||
// unpublished, the state will move to StatePendingUnpublish.
|
||||
StatePendingNodeUnpublish PublishState = "pending-node-unpublish"
|
||||
|
||||
// StatePendingUnpublish means the volume is still published to the node
|
||||
// by the controller, awaiting the operation to unpublish it.
|
||||
StatePendingUnpublish PublishState = "pending-controller-unpublish"
|
||||
)
|
||||
|
||||
// PublishStatus represents the status of the volume as published to an
|
||||
// individual node
|
||||
type PublishStatus struct {
|
||||
// NodeID is the ID of the swarm node this Volume is published to.
|
||||
NodeID string `json:",omitempty"`
|
||||
|
||||
// State is the publish state of the volume.
|
||||
State PublishState `json:",omitempty"`
|
||||
|
||||
// PublishContext is the PublishContext returned by the CSI plugin when
|
||||
// a volume is published.
|
||||
PublishContext map[string]string `json:",omitempty"`
|
||||
}
|
||||
|
||||
// Info contains information about the Volume as a whole as provided by
|
||||
// the CSI storage plugin.
|
||||
type Info struct {
|
||||
// CapacityBytes is the capacity of the volume in bytes. A value of 0
|
||||
// indicates that the capacity is unknown.
|
||||
CapacityBytes int64 `json:",omitempty"`
|
||||
|
||||
// VolumeContext is the context originating from the CSI storage plugin
|
||||
// when the Volume is created.
|
||||
VolumeContext map[string]string `json:",omitempty"`
|
||||
|
||||
// VolumeID is the ID of the Volume as seen by the CSI storage plugin. This
|
||||
// is distinct from the Volume's Swarm ID, which is the ID used by all of
|
||||
// the Docker Engine to refer to the Volume. If this field is blank, then
|
||||
// the Volume has not been successfully created yet.
|
||||
VolumeID string `json:",omitempty"`
|
||||
|
||||
// AccessibleTopolgoy is the topology this volume is actually accessible
|
||||
// from.
|
||||
AccessibleTopology []Topology `json:",omitempty"`
|
||||
}
|
||||
@ -0,0 +1,29 @@
|
||||
package volume
|
||||
|
||||
// This file was generated by the swagger tool.
|
||||
// Editing this file might prove futile when you re-run the swagger generate command
|
||||
|
||||
// CreateOptions VolumeConfig
|
||||
//
|
||||
// Volume configuration
|
||||
// swagger:model CreateOptions
|
||||
type CreateOptions struct {
|
||||
|
||||
// cluster volume spec
|
||||
ClusterVolumeSpec *ClusterVolumeSpec `json:"ClusterVolumeSpec,omitempty"`
|
||||
|
||||
// Name of the volume driver to use.
|
||||
Driver string `json:"Driver,omitempty"`
|
||||
|
||||
// A mapping of driver options and values. These options are
|
||||
// passed directly to the driver and are driver specific.
|
||||
//
|
||||
DriverOpts map[string]string `json:"DriverOpts,omitempty"`
|
||||
|
||||
// User-defined key/value metadata.
|
||||
Labels map[string]string `json:"Labels,omitempty"`
|
||||
|
||||
// The new volume's name. If not specified, Docker generates a name.
|
||||
//
|
||||
Name string `json:"Name,omitempty"`
|
||||
}
|
||||
@ -0,0 +1,18 @@
|
||||
package volume
|
||||
|
||||
// This file was generated by the swagger tool.
|
||||
// Editing this file might prove futile when you re-run the swagger generate command
|
||||
|
||||
// ListResponse VolumeListResponse
|
||||
//
|
||||
// Volume list response
|
||||
// swagger:model ListResponse
|
||||
type ListResponse struct {
|
||||
|
||||
// List of volumes
|
||||
Volumes []*Volume `json:"Volumes"`
|
||||
|
||||
// Warnings that occurred when fetching the list of volumes.
|
||||
//
|
||||
Warnings []string `json:"Warnings"`
|
||||
}
|
||||
@ -0,0 +1,8 @@
|
||||
package volume // import "github.com/docker/docker/api/types/volume"
|
||||
|
||||
import "github.com/docker/docker/api/types/filters"
|
||||
|
||||
// ListOptions holds parameters to list volumes.
|
||||
type ListOptions struct {
|
||||
Filters filters.Args
|
||||
}
|
||||
@ -1,31 +0,0 @@
|
||||
package volume // import "github.com/docker/docker/api/types/volume"
|
||||
|
||||
// ----------------------------------------------------------------------------
|
||||
// Code generated by `swagger generate operation`. DO NOT EDIT.
|
||||
//
|
||||
// See hack/generate-swagger-api.sh
|
||||
// ----------------------------------------------------------------------------
|
||||
|
||||
// VolumeCreateBody Volume configuration
|
||||
// swagger:model VolumeCreateBody
|
||||
type VolumeCreateBody struct {
|
||||
|
||||
// Name of the volume driver to use.
|
||||
// Required: true
|
||||
Driver string `json:"Driver"`
|
||||
|
||||
// A mapping of driver options and values. These options are
|
||||
// passed directly to the driver and are driver specific.
|
||||
//
|
||||
// Required: true
|
||||
DriverOpts map[string]string `json:"DriverOpts"`
|
||||
|
||||
// User-defined key/value metadata.
|
||||
// Required: true
|
||||
Labels map[string]string `json:"Labels"`
|
||||
|
||||
// The new volume's name. If not specified, Docker generates a name.
|
||||
//
|
||||
// Required: true
|
||||
Name string `json:"Name"`
|
||||
}
|
||||
@ -1,23 +0,0 @@
|
||||
package volume // import "github.com/docker/docker/api/types/volume"
|
||||
|
||||
// ----------------------------------------------------------------------------
|
||||
// Code generated by `swagger generate operation`. DO NOT EDIT.
|
||||
//
|
||||
// See hack/generate-swagger-api.sh
|
||||
// ----------------------------------------------------------------------------
|
||||
|
||||
import "github.com/docker/docker/api/types"
|
||||
|
||||
// VolumeListOKBody Volume list response
|
||||
// swagger:model VolumeListOKBody
|
||||
type VolumeListOKBody struct {
|
||||
|
||||
// List of volumes
|
||||
// Required: true
|
||||
Volumes []*types.Volume `json:"Volumes"`
|
||||
|
||||
// Warnings that occurred when fetching the list of volumes.
|
||||
//
|
||||
// Required: true
|
||||
Warnings []string `json:"Warnings"`
|
||||
}
|
||||
@ -0,0 +1,7 @@
|
||||
package volume // import "github.com/docker/docker/api/types/volume"
|
||||
|
||||
// UpdateOptions is configuration to update a Volume with.
|
||||
type UpdateOptions struct {
|
||||
// Spec is the ClusterVolumeSpec to update the volume to.
|
||||
Spec *ClusterVolumeSpec `json:"Spec,omitempty"`
|
||||
}
|
||||
@ -0,0 +1,90 @@
|
||||
package client // import "github.com/docker/docker/client"
|
||||
|
||||
const (
|
||||
// EnvOverrideHost is the name of the environment variable that can be used
|
||||
// to override the default host to connect to (DefaultDockerHost).
|
||||
//
|
||||
// This env-var is read by FromEnv and WithHostFromEnv and when set to a
|
||||
// non-empty value, takes precedence over the default host (which is platform
|
||||
// specific), or any host already set.
|
||||
EnvOverrideHost = "DOCKER_HOST"
|
||||
|
||||
// EnvOverrideAPIVersion is the name of the environment variable that can
|
||||
// be used to override the API version to use. Value should be
|
||||
// formatted as MAJOR.MINOR, for example, "1.19".
|
||||
//
|
||||
// This env-var is read by FromEnv and WithVersionFromEnv and when set to a
|
||||
// non-empty value, takes precedence over API version negotiation.
|
||||
//
|
||||
// This environment variable should be used for debugging purposes only, as
|
||||
// it can set the client to use an incompatible (or invalid) API version.
|
||||
EnvOverrideAPIVersion = "DOCKER_API_VERSION"
|
||||
|
||||
// EnvOverrideCertPath is the name of the environment variable that can be
|
||||
// used to specify the directory from which to load the TLS certificates
|
||||
// (ca.pem, cert.pem, key.pem) from. These certificates are used to configure
|
||||
// the Client for a TCP connection protected by TLS client authentication.
|
||||
//
|
||||
// TLS certificate verification is enabled by default if the Client is configured
|
||||
// to use a TLS connection. Refer to EnvTLSVerify below to learn how to
|
||||
// disable verification for testing purposes.
|
||||
//
|
||||
// WARNING: Access to the remote API is equivalent to root access to the
|
||||
// host where the daemon runs. Do not expose the API without protection,
|
||||
// and only if needed. Make sure you are familiar with the "daemon attack
|
||||
// surface" (https://docs.docker.com/go/attack-surface/).
|
||||
//
|
||||
// For local access to the API, it is recommended to connect with the daemon
|
||||
// using the default local socket connection (on Linux), or the named pipe
|
||||
// (on Windows).
|
||||
//
|
||||
// If you need to access the API of a remote daemon, consider using an SSH
|
||||
// (ssh://) connection, which is easier to set up, and requires no additional
|
||||
// configuration if the host is accessible using ssh.
|
||||
//
|
||||
// If you cannot use the alternatives above, and you must expose the API over
|
||||
// a TCP connection, refer to https://docs.docker.com/engine/security/protect-access/
|
||||
// to learn how to configure the daemon and client to use a TCP connection
|
||||
// with TLS client authentication. Make sure you know the differences between
|
||||
// a regular TLS connection and a TLS connection protected by TLS client
|
||||
// authentication, and verify that the API cannot be accessed by other clients.
|
||||
EnvOverrideCertPath = "DOCKER_CERT_PATH"
|
||||
|
||||
// EnvTLSVerify is the name of the environment variable that can be used to
|
||||
// enable or disable TLS certificate verification. When set to a non-empty
|
||||
// value, TLS certificate verification is enabled, and the client is configured
|
||||
// to use a TLS connection, using certificates from the default directories
|
||||
// (within `~/.docker`); refer to EnvOverrideCertPath above for additional
|
||||
// details.
|
||||
//
|
||||
// WARNING: Access to the remote API is equivalent to root access to the
|
||||
// host where the daemon runs. Do not expose the API without protection,
|
||||
// and only if needed. Make sure you are familiar with the "daemon attack
|
||||
// surface" (https://docs.docker.com/go/attack-surface/).
|
||||
//
|
||||
// Before setting up your client and daemon to use a TCP connection with TLS
|
||||
// client authentication, consider using one of the alternatives mentioned
|
||||
// in EnvOverrideCertPath above.
|
||||
//
|
||||
// Disabling TLS certificate verification (for testing purposes)
|
||||
//
|
||||
// TLS certificate verification is enabled by default if the Client is configured
|
||||
// to use a TLS connection, and it is highly recommended to keep verification
|
||||
// enabled to prevent machine-in-the-middle attacks. Refer to the documentation
|
||||
// at https://docs.docker.com/engine/security/protect-access/ and pages linked
|
||||
// from that page to learn how to configure the daemon and client to use a
|
||||
// TCP connection with TLS client authentication enabled.
|
||||
//
|
||||
// Set the "DOCKER_TLS_VERIFY" environment to an empty string ("") to
|
||||
// disable TLS certificate verification. Disabling verification is insecure,
|
||||
// so should only be done for testing purposes. From the Go documentation
|
||||
// (https://pkg.go.dev/crypto/tls#Config):
|
||||
//
|
||||
// InsecureSkipVerify controls whether a client verifies the server's
|
||||
// certificate chain and host name. If InsecureSkipVerify is true, crypto/tls
|
||||
// accepts any certificate presented by the server and any host name in that
|
||||
// certificate. In this mode, TLS is susceptible to machine-in-the-middle
|
||||
// attacks unless custom verification is used. This should be used only for
|
||||
// testing or in combination with VerifyConnection or VerifyPeerCertificate.
|
||||
EnvTLSVerify = "DOCKER_TLS_VERIFY"
|
||||
)
|
||||
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue