upgrade docker (#292)

* Upgrade docker to 25.0.3
* Upgrade go to 1.21
* Fix deprecation

.travis.yml

@@ -3,7 +3,7 @@ language: go
 services:
   - docker
 go:
-  - 1.20.x
+  - 1.21.x
 env:
   global:
     - CGO_ENABLED=1

backend/backend.go

@@ -9,7 +9,7 @@ import (
 	"errors"
 	"strings"
 
-	"github.com/docker/distribution/reference"
+	"github.com/distribution/reference"
 )
 
 // Constants defining environment variables that a check expects.

backend/docker/docker.go

@@ -29,6 +29,7 @@ import (
 	"github.com/docker/docker/api/types/container"
 	"github.com/docker/docker/api/types/filters"
 	"github.com/docker/docker/api/types/network"
+	"github.com/docker/docker/api/types/registry"
 	"github.com/docker/docker/client"
 	"github.com/docker/docker/pkg/stdcopy"
 	"github.com/docker/go-connections/tlsconfig"
@@ -44,7 +45,7 @@ type RunConfig struct {
 	ContainerConfig       *container.Config
 	HostConfig            *container.HostConfig
 	NetConfig             *network.NetworkingConfig
-	ContainerStartOptions types.ContainerStartOptions
+	ContainerStartOptions container.StartOptions
 }
 
 // ConfigUpdater allows to update the docker configuration just before the container creation.
@@ -65,11 +66,11 @@ type Retryer interface {
 }
 
 type registryAuths struct {
-	auths map[string]*types.AuthConfig
+	auths map[string]*registry.AuthConfig
 	mu    sync.RWMutex
 }
 
-func (b *registryAuths) fetchAuth(domain string) (*types.AuthConfig, bool) {
+func (b *registryAuths) fetchAuth(domain string) (*registry.AuthConfig, bool) {
 	domain = getAuthDomain(domain)
 
 	b.mu.RLock()
@@ -78,7 +79,7 @@ func (b *registryAuths) fetchAuth(domain string) (*types.AuthConfig, bool) {
 	return auth, ok
 }
 
-func (b *registryAuths) storeAuth(domain string, auth *types.AuthConfig) {
+func (b *registryAuths) storeAuth(domain string, auth *registry.AuthConfig) {
 	domain = getAuthDomain(domain)
 
 	b.mu.Lock()
@@ -198,7 +199,7 @@ func NewBackend(log log.Logger, cfg config.Config, updater ConfigUpdater) (backe
 		retryer:   re,
 		updater:   updater,
 		auths: registryAuths{
-			auths: make(map[string]*types.AuthConfig),
+			auths: make(map[string]*registry.AuthConfig),
 		},
 	}
 
@@ -216,7 +217,7 @@ func NewBackend(log log.Logger, cfg config.Config, updater ConfigUpdater) (backe
 
 	// Eager validation of the configured registries.
 	for _, a := range b.config.Auths {
-		auth := &types.AuthConfig{
+		auth := &registry.AuthConfig{
 			Username:      a.User,
 			Password:      a.Pass,
 			ServerAddress: a.Server,
@@ -256,7 +257,7 @@ func defaultClientOptions() *flags.ClientOptions {
 }
 
 // addRegistryAuth adds the auth to the map only if valid.
-func (b *Docker) addRegistryAuth(domain string, auth *types.AuthConfig) error {
+func (b *Docker) addRegistryAuth(domain string, auth *registry.AuthConfig) error {
 	if domain == "" {
 		b.log.Debugf("skipping to validate empty auth")
 		return nil
@@ -283,7 +284,7 @@ func (b *Docker) addRegistryAuth(domain string, auth *types.AuthConfig) error {
 // getRegistryAuth tries to find an authentication for the domain
 // First it looks into the provided authenticated servers
 // If not avialiable it looks into the docker system stored credentials.
-func (b *Docker) getRegistryAuth(domain string) *types.AuthConfig {
+func (b *Docker) getRegistryAuth(domain string) *registry.AuthConfig {
 	auth, ok := b.auths.fetchAuth(domain)
 	if ok {
 		return auth
@@ -306,7 +307,7 @@ func (b *Docker) getRegistryAuth(domain string) *types.AuthConfig {
 	return auth
 }
 
-func (b *Docker) getStoredCredentials(domain string) *types.AuthConfig {
+func (b *Docker) getStoredCredentials(domain string) *registry.AuthConfig {
 	domain = getAuthDomain(domain)
 
 	buf := new(bytes.Buffer)
@@ -332,7 +333,7 @@ func (b *Docker) getStoredCredentials(domain string) *types.AuthConfig {
 	}
 
 	// Copy all the data (same struct in different packages).
-	return &types.AuthConfig{
+	return &registry.AuthConfig{
 		Username:      a.Username,
 		Password:      a.Password,
 		Auth:          a.Auth,
@@ -371,7 +372,7 @@ func (b *Docker) run(ctx context.Context, params backend.RunParams, res chan<- b
 		return
 	}
 	defer func() {
-		removeOpts := types.ContainerRemoveOptions{Force: true}
+		removeOpts := container.RemoveOptions{Force: true}
 		removeErr := b.cli.ContainerRemove(context.Background(), contID, removeOpts)
 		if removeErr != nil {
 			b.log.Errorf("error removing container %s: %v", params.CheckID, err)
@@ -435,7 +436,7 @@ func (b *Docker) run(ctx context.Context, params backend.RunParams, res chan<- b
 }
 
 func (b *Docker) getContainerlogs(ID string) ([]byte, error) {
-	logOpts := types.ContainerLogsOptions{
+	logOpts := container.LogsOptions{
 		ShowStdout: true,
 		ShowStderr: true,
 	}
@@ -557,7 +558,7 @@ func (b *Docker) getRunConfig(params backend.RunParams) RunConfig {
 		},
 		HostConfig:            &container.HostConfig{},
 		NetConfig:             &network.NetworkingConfig{},
-		ContainerStartOptions: types.ContainerStartOptions{},
+		ContainerStartOptions: container.StartOptions{},
 	}
 }
 

backend/docker/docker_test.go

@@ -17,7 +17,7 @@ import (
 	"github.com/adevinta/vulcan-agent/backend"
 	"github.com/adevinta/vulcan-agent/config"
 	"github.com/adevinta/vulcan-agent/log"
-	"github.com/docker/docker/api/types"
+	"github.com/docker/docker/api/types/container"
 	"github.com/docker/docker/api/types/filters"
 	"github.com/docker/docker/client"
 	"github.com/google/go-cmp/cmp"
@@ -162,7 +162,7 @@ func TestIntegrationDockerRunKillContainer(t *testing.T) {
 		Key:   "label",
 		Value: fmt.Sprintf("CheckID=%s", id.String()),
 	})
-	containers, err := cli.ContainerList(context.Background(), types.ContainerListOptions{Filters: filter})
+	containers, err := cli.ContainerList(context.Background(), container.ListOptions{Filters: filter})
 	if err != nil {
 		t.Errorf("error listing running containers: %+v", err)
 		return
@@ -274,7 +274,7 @@ func TestIntegrationDockerRunAbortGracefully(t *testing.T) {
 		Key:   "label",
 		Value: fmt.Sprintf("CheckID=%s", id.String()),
 	})
-	containers, err := cli.ContainerList(context.Background(), types.ContainerListOptions{Filters: filter})
+	containers, err := cli.ContainerList(context.Background(), container.ListOptions{Filters: filter})
 	if err != nil {
 		t.Errorf("error listing running containers: %+v", err)
 		return
@@ -443,7 +443,7 @@ func waitForContainer(cli client.APIClient, id string) (string, error) {
 	})
 	exit := false
 	for !exit {
-		containers, err := cli.ContainerList(context.Background(), types.ContainerListOptions{Filters: filter})
+		containers, err := cli.ContainerList(context.Background(), container.ListOptions{Filters: filter})
 		if err != nil {
 			err = fmt.Errorf("error listing running containers: %+v", err)
 			return "", err

go.mod

@@ -1,15 +1,15 @@
 module github.com/adevinta/vulcan-agent
 
-go 1.20
+go 1.21
 
 require (
 	github.com/BurntSushi/toml v1.3.2
 	github.com/adevinta/vulcan-metrics-client v1.0.1
 	github.com/adevinta/vulcan-report v1.0.0
 	github.com/aws/aws-sdk-go v1.50.19
-	github.com/docker/cli v24.0.5+incompatible
-	github.com/docker/distribution v2.8.3+incompatible
-	github.com/docker/docker v24.0.5+incompatible
+	github.com/distribution/reference v0.5.0
+	github.com/docker/cli v25.0.3+incompatible
+	github.com/docker/docker v25.0.3+incompatible
 	github.com/docker/go-connections v0.4.0
 	github.com/google/go-cmp v0.6.0
 	github.com/google/uuid v1.6.0
@@ -25,14 +25,18 @@ require (
 	github.com/Microsoft/go-winio v0.5.2 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/cespare/xxhash/v2 v2.1.1 // indirect
-	github.com/distribution/reference v0.5.0 // indirect
+	github.com/containerd/log v0.1.0 // indirect
+	github.com/docker/distribution v2.8.3+incompatible // indirect
 	github.com/docker/docker-credential-helpers v0.6.4 // indirect
 	github.com/docker/go v1.5.1-1.0.20160303222718-d30aec9fd63c // indirect
 	github.com/docker/go-metrics v0.0.1 // indirect
 	github.com/docker/go-units v0.4.0 // indirect
+	github.com/felixge/httpsnoop v1.0.4 // indirect
 	github.com/fvbommel/sortorder v1.1.0 // indirect
+	github.com/go-logr/logr v1.4.1 // indirect
+	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
-	github.com/golang/protobuf v1.4.3 // indirect
+	github.com/golang/protobuf v1.5.3 // indirect
 	github.com/gorilla/mux v1.8.0 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/jmespath/go-jmespath v0.4.0 // indirect
@@ -51,11 +55,17 @@ require (
 	github.com/spf13/cobra v1.7.0 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
 	github.com/theupdateframework/notary v0.7.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.48.0 // indirect
+	go.opentelemetry.io/otel v1.23.1 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.23.1 // indirect
+	go.opentelemetry.io/otel/metric v1.23.1 // indirect
+	go.opentelemetry.io/otel/sdk v1.23.1 // indirect
+	go.opentelemetry.io/otel/trace v1.23.1 // indirect
 	golang.org/x/crypto v0.17.0 // indirect
-	golang.org/x/net v0.17.0 // indirect
-	golang.org/x/sys v0.15.0 // indirect
+	golang.org/x/net v0.19.0 // indirect
+	golang.org/x/sys v0.16.0 // indirect
 	golang.org/x/term v0.15.0 // indirect
 	golang.org/x/time v0.0.0-20220411224347-583f2d630306 // indirect
-	google.golang.org/protobuf v1.26.0-rc.1 // indirect
+	google.golang.org/protobuf v1.32.0 // indirect
 	gotest.tools/v3 v3.2.0 // indirect
 )