Update `DockerApi` so that calls are made using a fixed version. For
most calls this will be `v1.24`, however, for calls with a platform
we must use the `v1.41`.
When possible, we check that the Docker version in use meets the
required minimum, however, if we can't detect the running version
we now proceed and let the actual API call fail. This is due to the
fact that the `/_ping` endpoint may not always be available. For
example, it is restricted when building from a BitBucket CI pipeline.
Fixes gh-43452
Update jar mode launchers to catch all exceptions and return a non-zero
exit code. This refinement also allows us to consolidate the existing
error reporting logic to a central locations. Modes that wish to report
a simple error rather than a full stacktrace can throw the newly
introduced `JarModeErrorException`.
Fixes gh-43435
Update `ExportedImageTar` media type detection to support `tar+gzip`
as well as `tar.gzip`. Recent updates to Docker Desktop appear to have
changed the format.
Fixes gh-43126
Update `ExportedImageTar.IndexLayerArchiveFactory` to support nested
indexes. Nested indexes support a layer of interaction where the
`index.json` file points to a blob that contains the read index to use.
Prior to this commit, we only supported indexes provided directly by
the `index.json` file. This missing support results in "buildpack.toml:
no such file or directory" errors when referencing specific buildpacks
and using Docker Engine 27.3.1 or above.
See gh-43126
Update `NamedPipeSocket` so that `connect` methods are now no-ops. This
restores the behavior of Spring Boot 3.3 which previously handled the
case by overriding `ConnectionSocketFactory.connectSocket`. The newer
HTTP client code uses the `DetachedSocketFactory` interface which
doesn't offer a method that we can override, so instead we must change
the socket implementation itself.
Fixes gh-42952
This commit reworks the support for enabling and disabling endpoints,
replacing the on/off support that it provided with a finer-grained
access model that supports only allowing read-only access to endpoint
operations in addition to disabling an endpoint (access of none) and
fully enabling it (access of unrestricted).
The following properties are deprecated:
- management.endpoints.enabled-by-default
- management.endpoint.<id>.enabled
Their replacements are:
- management.endpoints.access.default
- management.endpoint.<id>.access
Similarly, the enableByDefault attribute on @Endpoint has been
deprecated with a new defaultAccess attribute replacing it.
Additionally, a new property has been introduced that allows an
operator to control the level of access to Actuator endpoints
that is permitted:
- management.endpoints.access.max-permitted
This property caps any access that may has been configured for
an endpoint. For example, if
management.endpoints.access.max-permitted is set to read-only and
management.endpoint.loggers.access is set to unrestricted, only
read-only access to the loggers endpoint will be allowed.
Closes gh-39046
This commit review the original upgrade to retain compatiblity with the
deprecated Cassandra and ConfluentKafka containers.
This commit also fixes the SSL Cassandra tests. The new container uses
a custom wait strategy that uses plain text and does not work with an
SSL container.
Closes gh-42670
Co-authored-by: Moritz Halbritter <moritz.halbritter@broadcom.com>
This commit adapts d44e7c9 to transforms plugin repositories using the
correct root tag. Previously, they were transformed with the regular
<repository> tag, which is invalid.
Closes gh-42687
Johnny Lim
Phillip Webb
Moritz Halbritter
Leonid Bogdanov
Wolfgang Kronberg
Stéphane Nicoll
Andy Wilkinson
Tran Ngoc Nhan
Andreas Höhmann
YiXuan Ding
Yanming Zhou
Anthony Dahanne