In python-docker-py-1.6, the error handling improved
significantly. When a docker object cannot be found,
say with client.inspect(), it now throws a specific
exception called NotFound instead of the old, generic
Docker error. We have now updated some of our functions
to use the specific error because it was 'covering' other
docker client failures such as API compatibilies.
Also added a new custom Error class to handle a common
error message we used repeatidly. The new class is
called 'DockerObjectNotFound' and will output a
consistent messages and takes the dockerobject as input.
This is most commonly used when we verify the users'
input for validity and is different that the docker
client NotFound error.
When an RPM diff was performed between two docker objects, we
previously only store the name, version, and epoch of the RPM for
comparision. It turns out versioning information is also done in
the release portion as well.
This addresses https://github.com/projectatomic/atomic/issues/315
When an RPM diff was performed between two docker objects, we
previously only store the name, version, and epoch of the RPM for
comparision. It turns out versioning information is also done in
the release portion as well.
This addresses https://github.com/projectatomic/atomic/issues/315
Atomic top was broken when you passed it valid container names
or ids. This is now fixed plus added a simple check for validate
that the names or ids are correct.
This addresses https://github.com/projectatomic/atomic/issues/314
In the case where the docker daemon is not running, each
Atomic subcommand was returning a different error message. This
PR unifies the errors messages for each subcommand.
This work was done for Bugzilla #1300187
Added a test case to test for failure when an image has
multiple repotags and is asked to be verified by image
id. This should result in a failure.
Also, turned verify debug off.
In the case where an image was tagged more than once, atomic
verify would sometimes resolve the wrong fully qualified name
due to an ordering issue in one of the supporting functions.
All uses of docker.Client() (docker-py) now should be using
the DockerClient definition in client.py. Any changes to the
client instantiation or function can now be changed in a
singular location.
Also, the DockerClient function has a fallback from
docker.AutoVersionClient to docker.Client using a try and
except condition. This fixes an issue raised in:
https://github.com/projectatomic/atomic/issues/302
where atomic cannot be built due to imports when dockerd is not
running.
We stopped carrying a patch in docker that allows for a RESTFUL
probe of remote registries. This function is being replaced
by a new package called skopeo.
The remote_inspection def was removed from the Docker.Client
class extension in atomic.py and is replaced by a def called
util.skopeo which returns the same json-based results.
400 Client Error: Bad Request ("client is newer than server (client API version: 1.21, server API version: 1.20)")
AutoVersionClient is in docker-py since 1.1:
https://github.com/docker/docker-py/blob/master/docs/change_log.md#110
Logic around features available in docker engine since version X is very
well defined in docker-py: it won't allow you to use a feature if it's
not available in docker daemon, e.g.:
9b3b096709/docker/api/exec_api.py (L12)
This addresses one of the two issues raised by bugzilla
1248038 where atomic is using shell=True on its subprocess
calls which exposes a security concern.
Two new functions were added to accomplish this. The
first is a util.chk_call which is similar to util.subp
but it uses the python function check call instead of
Popen.
The second function is atomic.sub_env_strings. Previously,
there was env variable substitution occuring with cmd_env and
the subprocess call. That was one upside of the shell=True
usage. Now, prior to calling util.chk_call, we pass the
intended command to sub_env_strings and use cmd_env to
perform the variable substitution.
We will address part 2 of the security concerns, which
is the handling of LABELS as strings, in a different
PR.
I noticed at least one spacing issue on the latest el7 build in those
outputs. This patch reworks the layout of the strings so that it's
easier to read in the source code and to make sure that there are no
spacing issues.
Text is exactly the same, other than fixing spacing and changing "hosts
network" to "host's network".
