diff --git a/utils/dockerd/Makefile b/utils/dockerd/Makefile index a83ac5d173..013cc836b9 100644 --- a/utils/dockerd/Makefile +++ b/utils/dockerd/Makefile @@ -1,30 +1,33 @@ include $(TOPDIR)/rules.mk PKG_NAME:=dockerd -PKG_VERSION:=27.3.1 -PKG_RELEASE:=4 +PKG_VERSION:=29.4.1 +PKG_RELEASE:=1 PKG_LICENSE:=Apache-2.0 PKG_LICENSE_FILES:=LICENSE PKG_CPE_ID:=cpe:/a:mobyproject:moby PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_GIT_URL:=github.com/moby/moby -PKG_GIT_REF:=v$(PKG_VERSION) +PKG_GIT_REF:=docker-v$(PKG_VERSION) PKG_SOURCE_URL:=https://codeload.$(PKG_GIT_URL)/tar.gz/$(PKG_GIT_REF)? -PKG_HASH:=d18208d9e0b6421307342cdef266193984c97c87177b9262b1113e6e9e7e020e -PKG_GIT_SHORT_COMMIT:=41ca978 # SHA1 used within the docker executables +PKG_HASH:=89ef4a0f681ae2c9f7449591243e1e932d86e6086ac3392a47da80c10b1a3d58 +PKG_GIT_SHORT_COMMIT:=6c91b92 # SHA1 used within the docker executables PKG_MAINTAINER:=Gerard Ryan PKG_BUILD_DEPENDS:=golang/host PKG_BUILD_PARALLEL:=1 -PKG_BUILD_FLAGS:=no-mips16 GO_PKG:=github.com/docker/docker include $(INCLUDE_DIR)/package.mk include ../../lang/golang/golang-package.mk +EMPTY:= +SPACE:= $(EMPTY) $(EMPTY) +ARCH_DEPENDS:=@($(subst $(SPACE),||,$(strip $(filter-out mips mips64 mipsel mips64el,$(subst ||,$(SPACE),$(patsubst @(%),%,$(GO_ARCH_DEPENDS))))))) + define Package/dockerd/config source "$(SOURCE)/Config.in" endef @@ -34,7 +37,7 @@ define Package/dockerd CATEGORY:=Utilities TITLE:=Docker Community Edition Daemon URL:=https://www.docker.com/ - DEPENDS:=$(GO_ARCH_DEPENDS) \ + DEPENDS:=$(ARCH_DEPENDS) \ +ca-certificates \ +containerd \ +iptables \ @@ -47,8 +50,7 @@ define Package/dockerd +kmod-nf-ipvs \ +kmod-veth \ +tini \ - +uci-firewall \ - @!(mips||mips64||mipsel) + +uci-firewall USERID:=docker:docker MENU:=1 endef @@ -58,65 +60,45 @@ define Package/dockerd/conffiles endef define Package/dockerd/description -The Docker CE Engine. + The Docker CE Engine. endef TAR_OPTIONS:=--strip-components 1 $(TAR_OPTIONS) TAR_CMD=$(HOST_TAR) -C $(1) $(TAR_OPTIONS) TARGET_LDFLAGS += $(if $(CONFIG_USE_GLIBC),-lc -lgcc_eh) -# $(1) = path to dependent package 'Makefile' -# $(2) = relevant dependency '.installer' file +# $(1) = OpenWrt dependent PKG_NAME define EnsureVendoredVersion - ( \ - DEP_VER=$$$$( grep --only-matching --perl-regexp '(?<=PKG_VERSION:=)(.*)' "$(1)" ); \ - VEN_VER=$$$$( grep --only-matching --perl-regexp '(?<=_VERSION:=v)(.*)(?=})' "$(PKG_BUILD_DIR)/hack/dockerfile/install/$(2)" ); \ - if [ "$$$${VEN_VER}" != "$$$${DEP_VER}" ]; then \ - echo "ERROR: $(PKG_NAME) Expected 'PKG_VERSION:=$$$${VEN_VER}' in '$(1)', found 'PKG_VERSION:=$$$${DEP_VER}'"; \ - exit 1; \ - fi \ - ) -endef - -# $(1) = path to dependent package 'Makefile' -# $(2) = relevant dependency '.installer' file -define EnsureVendoredCommit - ( \ - DEP_VER=$$$$( grep --only-matching --perl-regexp '(?<=PKG_SOURCE_VERSION:=)(.*)' "$(1)" ); \ - VEN_VER=$$$$( grep --only-matching --perl-regexp '(?<=_COMMIT:=)(.*)(?=})' "$(PKG_BUILD_DIR)/hack/dockerfile/install/$(2)" ); \ - if [ "$$$${VEN_VER}" != "$$$${DEP_VER}" ]; then \ - echo "ERROR: Expected 'PKG_SOURCE_VERSION:=$$$${VEN_VER}' in '$(1)', found 'PKG_SOURCE_VERSION:=$$$${DEP_VER}'"; \ - exit 1; \ - fi \ - ) + DEP_VER=$$$$( grep --only-matching --perl-regexp '(?<=PKG_VERSION:=)(.*)' "../$(1)/Makefile" ); \ + VEN_VER=$$$$( grep --only-matching --perl-regexp '(?<=$(call toupper,$(1))_VERSION=v)(.*)' "$(PKG_BUILD_DIR)/Dockerfile" ); \ + if [ "$$$${VEN_VER}" != "$$$${DEP_VER}" ]; then \ + echo "ERROR: $(PKG_NAME) Expected 'PKG_VERSION:=$$$${VEN_VER}' in '$(1)', found 'PKG_VERSION:=$$$${DEP_VER}'"; \ + exit 1; \ + fi endef define Build/Prepare $(Build/Prepare/Default) # Verify dependencies are the vendored version - $(call EnsureVendoredVersion,../containerd/Makefile,containerd.installer) - $(call EnsureVendoredVersion,../runc/Makefile,runc.installer) - $(call EnsureVendoredVersion,../tini/Makefile,tini.installer) + $(call EnsureVendoredVersion,containerd) + $(call EnsureVendoredVersion,runc) + $(call EnsureVendoredVersion,tini) # Verify CLI is the same version - ( \ - CLI_MAKEFILE="../docker/Makefile"; \ - CLI_VERSION=$$$$( grep --only-matching --perl-regexp '(?<=PKG_VERSION:=)(.*)' "$$$${CLI_MAKEFILE}" ); \ - if [ "$$$${CLI_VERSION}" != "$(PKG_VERSION)" ]; then \ - echo "ERROR: Expected 'PKG_VERSION:=$(PKG_VERSION)' in '$$$${CLI_MAKEFILE}', found 'PKG_VERSION:=$$$${CLI_VERSION}'"; \ - exit 1; \ - fi \ - ) + CLI_MAKEFILE="../docker/Makefile"; \ + CLI_VERSION=$$$$( grep --only-matching --perl-regexp '(?<=PKG_VERSION:=)(.*)' "$$$${CLI_MAKEFILE}" ); \ + if [ "$$$${CLI_VERSION}" != "$(PKG_VERSION)" ]; then \ + echo "ERROR: Expected 'PKG_VERSION:=$(PKG_VERSION)' in '$$$${CLI_MAKEFILE}', found 'PKG_VERSION:=$$$${CLI_VERSION}'"; \ + exit 1; \ + fi # Verify PKG_GIT_SHORT_COMMIT - ( \ - EXPECTED_PKG_GIT_SHORT_COMMIT=$$$$( $(CURDIR)/git-short-commit.sh '$(PKG_GIT_URL)' '$(PKG_GIT_REF)' '$(TMP_DIR)/git-short-commit/$(PKG_NAME)-$(PKG_VERSION)' ); \ - if [ "$$$${EXPECTED_PKG_GIT_SHORT_COMMIT}" != "$(strip $(PKG_GIT_SHORT_COMMIT))" ]; then \ - echo "ERROR: Expected 'PKG_GIT_SHORT_COMMIT:=$$$${EXPECTED_PKG_GIT_SHORT_COMMIT}', found 'PKG_GIT_SHORT_COMMIT:=$(strip $(PKG_GIT_SHORT_COMMIT))'"; \ - exit 1; \ - fi \ - ) + EXPECTED_PKG_GIT_SHORT_COMMIT=$$$$( $(CURDIR)/git-short-commit.sh '$(PKG_GIT_URL)' '$(PKG_GIT_REF)' '$(TMP_DIR)/git-short-commit/$(PKG_NAME)-$(PKG_VERSION)' ); \ + if [ "$$$${EXPECTED_PKG_GIT_SHORT_COMMIT}" != "$(strip $(PKG_GIT_SHORT_COMMIT))" ]; then \ + echo "ERROR: Expected 'PKG_GIT_SHORT_COMMIT:=$$$${EXPECTED_PKG_GIT_SHORT_COMMIT}', found 'PKG_GIT_SHORT_COMMIT:=$(strip $(PKG_GIT_SHORT_COMMIT))'"; \ + exit 1; \ + fi endef BUILDTAGS:= @@ -128,14 +110,12 @@ BUILDTAGS += selinux endif define Build/Compile - ( \ - cd $(PKG_BUILD_DIR); \ - $(GO_PKG_VARS) \ - DOCKER_GITCOMMIT=$(PKG_GIT_SHORT_COMMIT) \ - DOCKER_BUILDTAGS='$(BUILDTAGS)' \ - VERSION=$(PKG_VERSION) \ - ./hack/make.sh binary; \ - ) + cd $(PKG_BUILD_DIR); \ + $(GO_PKG_VARS) \ + DOCKER_GITCOMMIT=$(PKG_GIT_SHORT_COMMIT) \ + DOCKER_BUILDTAGS='$(BUILDTAGS)' \ + VERSION=$(PKG_VERSION) \ + ./hack/make.sh binary endef define Package/dockerd/install diff --git a/utils/dockerd/files/etc/config/dockerd b/utils/dockerd/files/etc/config/dockerd index e3fde7caf4..3d87fa2c12 100644 --- a/utils/dockerd/files/etc/config/dockerd +++ b/utils/dockerd/files/etc/config/dockerd @@ -31,8 +31,8 @@ config proxies 'proxies' # Docker doesn't work well out of the box with fw4. This is because Docker relies on a compatibility layer that # naively translates iptables rules. For the best compatibility replace the following dependencies: # `firewall4` -> `firewall` -# `iptables-nft` -> `iptables-legacy` -# `ip6tables-nft` -> `ip6tables-legacy` +# `iptables-nft` -> `iptables-zz-legacy` +# `ip6tables-nft` -> `ip6tables-zz-legacy` # Docker undermines the fw3 rules. By default all external source IPs are allowed to connect to the Docker host. # See https://docs.docker.com/network/iptables/ for more details.