Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove opts.QuotedString implementation #43250

Merged
merged 1 commit into from
Mar 16, 2022
Merged

Remove opts.QuotedString implementation #43250

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 4 additions & 8 deletions cmd/dockerd/options.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,15 +67,11 @@ func (o *daemonOptions) InstallFlags(flags *pflag.FlagSet) {

// TODO use flag flags.String("identity"}, "i", "", "Path to libtrust key file")

o.TLSOptions = &tlsconfig.Options{
CAFile: filepath.Join(dockerCertPath, DefaultCaFile),
CertFile: filepath.Join(dockerCertPath, DefaultCertFile),
KeyFile: filepath.Join(dockerCertPath, DefaultKeyFile),
}
o.TLSOptions = &tlsconfig.Options{}
tlsOptions := o.TLSOptions
flags.Var(opts.NewQuotedString(&tlsOptions.CAFile), "tlscacert", "Trust certs signed only by this CA")
flags.Var(opts.NewQuotedString(&tlsOptions.CertFile), "tlscert", "Path to TLS certificate file")
flags.Var(opts.NewQuotedString(&tlsOptions.KeyFile), "tlskey", "Path to TLS key file")
flags.StringVar(&tlsOptions.CAFile, "tlscacert", filepath.Join(dockerCertPath, DefaultCaFile), "Trust certs signed only by this CA")
flags.StringVar(&tlsOptions.CertFile, "tlscert", filepath.Join(dockerCertPath, DefaultCertFile), "Path to TLS certificate file")
flags.StringVar(&tlsOptions.KeyFile, "tlskey", filepath.Join(dockerCertPath, DefaultKeyFile), "Path to TLS key file")

hostOpt := opts.NewNamedListOptsRef("hosts", &o.Hosts, opts.ValidateHost)
flags.VarP(hostOpt, "host", "H", "Daemon socket(s) to connect to")
Expand Down
6 changes: 3 additions & 3 deletions cmd/dockerd/options_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,9 +17,9 @@ func TestCommonOptionsInstallFlags(t *testing.T) {
opts.InstallFlags(flags)

err := flags.Parse([]string{
"--tlscacert=\"/foo/cafile\"",
"--tlscert=\"/foo/cert\"",
"--tlskey=\"/foo/key\"",
"--tlscacert=/foo/cafile",
"--tlscert=/foo/cert",
"--tlskey=/foo/key",
Comment on lines +20 to +22
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can the other format still be parsed? I wouldn't expect to see a unit test change if there's no change in behavior.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry, I guess I should back up and explain this in more detail:

In #29761, it was discovered that after Docker changed from one flag parsing library to another, it lost a minor "feature" where it would strip quotes (outside whatever quote parsing the shell provides). In shell syntax, we're talking about docker '--flag="value"' ... (note the extra double quotes inside that get passed verbatim). The old flag library would quietly strip those, but the new flag library did not.

It turned out that docker-machine was relying on that double stripping for how it was passing the three --tls* options to the Docker CLI, so this file was created as a wrapper to strip the quotes, but only from those three CLI flags. In that original implementation, the CLI and Daemon were both sharing the same parsing code for those three TLS-related flags, so the daemon got support for stripping these quotes even though it wasn't actually needed on the daemon (docker-machine only passed them to the client).

Eventually, the CLI moved to a separate repository, and this code was copied over there, but stayed here as well even though it's not necessary in the daemon for the original bug, so I'm arguing that we should remove it.

The reason there's a unit test change here is because this test appears to be intended to make sure setting options works, but was also double-purposed to test that they would strip these extra double quotes. So for this change to move forward, either this test needs to strip the extra double quotes or validate that the value that comes in includes them (which if this PR goes forward would instead mean a relative path that literally starts with a double quote, so I don't think is terribly useful and I'd close this instead if that's the consensus).

})
assert.Check(t, err)
assert.Check(t, is.Equal("/foo/cafile", opts.TLSOptions.CAFile))
Expand Down
41 changes: 0 additions & 41 deletions opts/quotedstring.go
View file
Open in desktop

This file was deleted.

34 changes: 0 additions & 34 deletions opts/quotedstring_test.go
View file
Open in desktop

This file was deleted.