198 Commits

Author SHA1 Message Date
Stephen Day
1a502e91c9
run: flag to include the Docker API socket
Adds a flag to the create and run command, `--use-api-socket`, that can
be used to start a container with the correctly configured parameters to
ensure that accessing the docker socket will work with out managing bind
mounts and authentication injection.

The implementation in this PR resolves the tokens for the current
credential set in the client and then copies it into a container at the
well know location of /run/secrets/docker/config.json, setting
DOCKER_CONFIG to ensure it is resolved by existing tooling. We use a
compose-compatible secret location with the hope that the CLI and
compose can work together seamlessly.

The bind mount for the socket is resolved from the current context,
erroring out if the flag is set and the provided socket is not a unix
socket.

There are a few drawbacks to this approach but it resolves a long
standing pain point. We'll continue to develop this as we understand
more use cases but it is marked as experimental for now.

Signed-off-by: Stephen Day <stephen.day@docker.com>
2025-04-15 10:57:44 -07:00
David Karlsson
dc22572e3e chore: regenerate docs
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2024-07-04 10:30:56 +02:00
Sebastiaan van Stijn
6d21372dbb
run, create: update "--rm" flag description to mention anonymous volumes
The "--rm" flag deletes both the container and any anonymous volumes
associated with the container when the container exits.

This patch updates the flag description to also mention volumes.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-05-21 13:52:56 +02:00
Sebastiaan van Stijn
f2e98f9a93
docs: regenerate markdown
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-02-21 10:40:13 +01:00
David Karlsson
b35361e8d2 docs: regenerate stubs for non-canonical commands
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2024-01-15 13:49:53 +01:00
David Karlsson
a6774de682 docs: rename cli reference aliases to canonical
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2024-01-15 11:29:30 +01:00
David Karlsson
909111b3ad docs: fix incorrect heading levels in docker run reference
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2024-01-05 16:41:26 +01:00
Sebastiaan van Stijn
6d0aa0a52d
cli/command/container: parseSecurityOpts: fix --security-opt seccomp=builtin
Docker v23.0 and up allow the daemon to be configured to have seccomp disabled
by default (using the "unconfined" profile as default), and introduced a new
"builtin" profile-name for the default (see [moby@f8795ed364586acd][1] and
[mnoby@ac449d6b5ad29a50][2]).

However, the CLI had no special handling for the "builtin" profile, which
resulted in it trying to load it as a file, which would fail;

    docker run -it --rm --security-opt seccomp=builtin busybox
    docker: opening seccomp profile (builtin) failed: open builtin: no such file or directory.
    See 'docker run --help'.

This patch adds a special case for the "builtin" profile, to allow using the
default profile on daemons with seccomp disabled (unconfined) by default.

[1]: f8795ed364
[2]: ac449d6b5a

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-01-05 12:19:00 +01:00
QQ喵
90a1887d3c
Fix wrong docker run command
It forgot the image name ubuntu

Signed-off-by: QQ喵 <gqqnb2005@gmail.com>
2023-12-21 00:58:20 +01:00
David Karlsson
6fd4cff1f7 docs: minor editorial improvements, typo fixes
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-19 17:15:38 +01:00
David Karlsson
f8dd8f074d docs: refresh --publish, add --publish-all
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-12 22:36:26 +01:00
David Karlsson
52716c813b docs: move --tmpfs to docker run reference
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-12 10:44:07 +01:00
David Karlsson
4a6cde8859 docs: move --log-driver to docker run reference
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-11 22:18:51 +01:00
David Karlsson
72df1960e1 docs: move --cgroup-parent to docker run reference
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-11 22:17:21 +01:00
David Karlsson
9e75a4cf61 docs: move --init to docker run reference
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-11 22:17:21 +01:00
David Karlsson
92c664b0dc docs: move info about --security-opt to docker run reference
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-11 22:17:21 +01:00
David Karlsson
f98444490f docs: move --rm to docker run reference
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-11 22:17:21 +01:00
David Karlsson
dbffa0d121 docs: move --restart to docker run reference
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-11 22:17:21 +01:00
David Karlsson
5dd6e9a4d4 docs: move --ipc to docker run reference
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-11 22:17:21 +01:00
David Karlsson
ff62bf47b0 docs: move --uts to docker run reference
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-11 22:17:21 +01:00
David Karlsson
d66fe78810 docs: move --pid to docker run reference
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-11 22:17:21 +01:00
David Karlsson
03dc8832ed docs: improve docs on container identification
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-11 22:17:21 +01:00
David Karlsson
fad227d3fd docs: move info about fg/bg flags to run reference
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-12-11 22:17:21 +01:00
robmry
a682b8e655 Permit '=' separator and '[ipv6]' in --add-host
Fixes #4648

Make it easier to specify IPv6 addresses in the '--add-host' option by
permitting 'host=ip' in addition to 'host:ip', and allowing square
brackets around the address.

For example:

    --add-host=my-hostname:127.0.0.1
    --add-host=my-hostname:::1
    --add-host=my-hostname=::1
    --add-host=my-hostname:[::1]

To avoid compatibility problems, the CLI will replace an '=' separator
with ':', and strip brackets, before sending the request to the API.

Signed-off-by: Rob Murray <rob.murray@docker.com>
2023-12-07 18:29:19 +00:00
Sebastiaan van Stijn
174cbb588f
docs/man: fix -name flag with single hyphen
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-27 20:58:55 +01:00
saurabh
efc9236794 --env-file about comments doc updated
Signed-off-by: Saurabh Kumar <saurabhkumar0184@gmail.com>
2023-11-07 01:44:47 +05:30
Sebastiaan van Stijn
69dcccf5b6
Merge pull request #4399 from dvdksn/docs/host-gateway
docs: document special host-gateway value for add-host
2023-08-08 21:04:47 +02:00
David Karlsson
299925f4c3 docs: document special host-gateway value for add-host
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-08-08 17:37:44 +02:00
Brian Goff
125eeb7ab6 Add docs for health-start-interval
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2023-07-06 19:41:34 +00:00
David Karlsson
5936fd2a86 docs: fix static ip example, network needs a subnet
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-06-26 15:42:50 +02:00
Sebastiaan van Stijn
47951ff446
docs: add "--detach-keys" example to docker run reference
This is a copy of the section we have on the "docker attach" reference page.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-06-08 14:37:21 +02:00
Sebastiaan van Stijn
5d6612798a
docs: remove devicemapper
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-30 14:13:36 +02:00
Sebastiaan van Stijn
9f15ba0d13
Merge pull request #4156 from AkihiroSuda/docker-run-annotation
cli/command/container: implement `docker run --annotation`
2023-05-06 00:49:15 +02:00
Chris Chinchilla
e693e7f3b4
Docs freshness updates
Signed-off-by: Chris Chinchilla <chris.ward@docker.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-26 15:37:12 +02:00
Akihiro Suda
88be16cb5b
cli/command/container: implement docker run --annotation
For moby/moby PR 45025 (Docker v24, API v1.43).

`docker run --annotation foo=bar` is similar to `podman run --annotation foo=bar`,
however, unlike Podman, Docker implementation also accepts an annotation with an empty value.
(`docker run --annotation foo`)

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2023-04-14 12:59:12 +09:00
Kevin Alvarez
79c9e527a3
docs: generate markdown
Keep frontmatter for docker, dockerd and index markdown files.
Also needs to move cli.md > docker.md before generation and
then move it back because cli.md is needed for yaml generation on docs
website: https://github.com/docker/cli/pull/3924#discussion_r1059986605

Signed-off-by: Kevin Alvarez <crazy-max@users.noreply.github.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-01-06 22:36:47 +01:00
CrazyMax
186dcf30b1
docs: fix anchors
Signed-off-by: Kevin Alvarez <crazy-max@users.noreply.github.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-01-06 22:36:03 +01:00
David Karlsson
7c0d6ecf64 docs: update link to docker cp
Signed-off-by: David Karlsson <david.karlsson@docker.com>
2022-10-31 20:24:44 +01:00
Djordje Lukic
bfcadab0be docs: improved docker run cli reference
Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>
Signed-off-by: David Karlsson <david.karlsson@docker.com>
2022-10-31 13:54:50 +01:00
Sebastiaan van Stijn
aea2a8c410
docs/reference: run.md update confusing example name
This example was mounting `/dev/zero` as `/dev/nulo` inside the container.
The `nulo` name was intended to be a "made up / custom" name, but various
readers thought it to be a typo for `/dev/null`.

This patch updates the example to use `/dev/foobar` as name, which should
make it more clear that it's a custom name.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-10-11 00:34:49 +02:00
Sebastiaan van Stijn
80b1285fec cli: use custom annotation for aliases
Cobra allows for aliases to be defined for a command, but only allows these
to be defined at the same level (for example, `docker image ls` as alias for
`docker image list`). Our CLI has some commands that are available both as a
top-level shorthand as well as `docker <object> <verb>` subcommands. For example,
`docker ps` is a shorthand for `docker container ps` / `docker container ls`.

This patch introduces a custom "aliases" annotation that can be used to print
all available aliases for a command. While this requires these aliases to be
defined manually, in practice the list of aliases rarely changes, so maintenance
should be minimal.

As a convention, we could consider the first command in this list to be the
canonical command, so that we can use this information to add redirects in
our documentation in future.

Before this patch:

    docker images --help

    Usage:  docker images [OPTIONS] [REPOSITORY[:TAG]]

    List images

    Options:
      -a, --all             Show all images (default hides intermediate images)
      ...

With this patch:

    docker images --help

    Usage:  docker images [OPTIONS] [REPOSITORY[:TAG]]

    List images

    Aliases:
      docker image ls, docker image list, docker images

    Options:
      -a, --all             Show all images (default hides intermediate images)
      ...

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-06-28 17:32:09 +02:00
Sebastiaan van Stijn
fae3eb6ddb
Merge pull request #3509 from thaJeztah/docs_anchors
docs: add anchor tags for command-line flags
2022-04-01 20:40:16 +02:00
Sebastiaan van Stijn
6e6652b702
tweak description of "docker run" command
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-01 12:28:37 +02:00
Sebastiaan van Stijn
2b976720f4
docs: add anchor-tags for flags
This will generate "details_url" for options, so that the options
table on the pages at docs.docker.com link to the section describing
the option.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-30 15:05:29 +02:00
Sebastiaan van Stijn
8d91c1442c
Merge pull request #3377 from ch33hau/3181-add-quiet-for-run-and-create
cli/command: Add quiet option for create and run
2022-03-02 00:28:41 +01:00
Chee Hau Lim
1d4431c1e7
cli/command: Add quiet option for create and run
Signed-off-by: Chee Hau Lim <cheehau.lim@mobimeo.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-01 14:20:18 +01:00
Sebastiaan van Stijn
bdfeae899c
docs: daemon: remove LCOW configuration options
Support for LCOW has been removed from the daemon, so removing the
corresponding daemon configuration options.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-01 14:00:18 +01:00
Sebastiaan van Stijn
7dcd85007b
Merge pull request #3450 from thaJeztah/docs_unify_run_create
docs: unify "docker create" and "docker run" reference
2022-03-01 13:59:38 +01:00
Sebastiaan van Stijn
6c16afe1d4
docs: unify "docker create" and "docker run" reference
The `docker create` command shares most (all) of its options with `docker run`,
which uses `docker create` under the hood. The `docker create` reference docs
already referred users to the `docker run` sections for details, but some
flags were only documented on the `docker create` page.

This patch:

- moves those flags from the `docker create` to the `docker run` page
- does some minor rephrasing and touch-ups.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-01 12:45:40 +01:00
Chee Hau Lim
7eb61e2ffc
docs: add missing documentation for --pull flag
These options were added in 22cd418967f09179520dc61f49fa3697bea0daf8,
but did not update the documentation.

Signed-off-by: Chee Hau Lim <cheehau.lim@mobimeo.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-01 11:40:36 +01:00