From aa6dcf6e27977cdccfdd8a0b112ffb7a95b62235 Mon Sep 17 00:00:00 2001
From: CentOS Sources <bugs@centos.org>
Date: Nov 30 2017 18:34:14 +0000
Subject: import docker-latest-1.13.1-36.git9a813fa.el7


---

diff --git a/.docker-latest.metadata b/.docker-latest.metadata
index 27c1800..91f6167 100644
--- a/.docker-latest.metadata
+++ b/.docker-latest.metadata
@@ -1,7 +1,7 @@
 a2a9f5deac1f258765a1840240f8d80c2767e99f SOURCES/container-storage-setup-f7a3746.tar.gz
-0b0730569b88b527d2265e79def8cb35e042cba3 SOURCES/containerd-89a5d2c.tar.gz
-b7a02b27dd6abb6130d58e57c69eea9bbd4a2a37 SOURCES/docker-1faa135.tar.gz
-e94778b0f3b61731bba467eb5588440c4a7fcb0b SOURCES/libnetwork-0f08d31.tar.gz
-5426e8d1e339d035efa81dcfaaa59be40a9fbcf3 SOURCES/runc-771c53e.tar.gz
+3dfa501d9be45ec3c3e4bdebf64e0999cccba29b SOURCES/containerd-89a5d2c.tar.gz
+227d4d559b96ebc4ee6f7ab43a5c2d4722b1ac5d SOURCES/docker-9a813fa.tar.gz
+ad7af9d5bdc942015d90ea28591fae7445bbfe2e SOURCES/libnetwork-460ac8f.tar.gz
+ec4747330f0c9c3de272b62c5b5f5ec06cd69172 SOURCES/runc-518736e.tar.gz
 22673281ea17a95f3f249f87ce3b4cda55d47966 SOURCES/tini-0effd37.tar.gz
-ea4b3d96c46fccb6781d66a6c53c087b179c80fe SOURCES/v1.10-migrator-c417a6a.tar.gz
+496f9927f4254508ea1cd94f473b5b9321d41245 SOURCES/v1.10-migrator-c417a6a.tar.gz
diff --git a/.gitignore b/.gitignore
index 6a3bcc6..6035d59 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,7 +1,7 @@
 SOURCES/container-storage-setup-f7a3746.tar.gz
 SOURCES/containerd-89a5d2c.tar.gz
-SOURCES/docker-1faa135.tar.gz
-SOURCES/libnetwork-0f08d31.tar.gz
-SOURCES/runc-771c53e.tar.gz
+SOURCES/docker-9a813fa.tar.gz
+SOURCES/libnetwork-460ac8f.tar.gz
+SOURCES/runc-518736e.tar.gz
 SOURCES/tini-0effd37.tar.gz
 SOURCES/v1.10-migrator-c417a6a.tar.gz
diff --git a/SOURCES/docker-latest.service b/SOURCES/docker-latest.service
index 464cea3..a40747a 100644
--- a/SOURCES/docker-latest.service
+++ b/SOURCES/docker-latest.service
@@ -1,12 +1,14 @@
 [Unit]
 Description=Docker Application Container Engine
 Documentation=http://docs.docker.com
-After=network.target
+After=network.target rhel-push-plugin.socket
 Wants=docker-latest-storage-setup.service
+Requires=rhel-push-plugin.socket registries.service
 
 [Service]
 Type=notify
 NotifyAccess=all
+EnvironmentFile=-/run/containers/registries.conf
 EnvironmentFile=-/etc/sysconfig/docker-latest
 EnvironmentFile=-/etc/sysconfig/docker-latest-storage
 EnvironmentFile=-/etc/sysconfig/docker-latest-network
@@ -16,6 +18,7 @@ Environment=PATH=/usr/libexec/docker:/usr/bin:/usr/sbin
 ExecStart=/usr/bin/dockerd-latest \
           --add-runtime docker-runc=/usr/libexec/docker/docker-runc-latest \
           --default-runtime=docker-runc \
+          --authorization-plugin=rhel-push-plugin \
           --exec-opt native.cgroupdriver=systemd \
           --userland-proxy-path=/usr/libexec/docker/docker-proxy-latest \
           --seccomp-profile=/etc/docker-latest/seccomp.json \
@@ -26,7 +29,8 @@ ExecStart=/usr/bin/dockerd-latest \
           $DOCKER_NETWORK_OPTIONS \
           $ADD_REGISTRY \
           $BLOCK_REGISTRY \
-          $INSECURE_REGISTRY
+          $INSECURE_REGISTRY \
+          $REGISTRIES
 ExecReload=/bin/kill -s HUP $MAINPID
 LimitNOFILE=1048576
 LimitNPROC=1048576
diff --git a/SOURCES/docker-latest.sysconfig b/SOURCES/docker-latest.sysconfig
index b240c20..e3b9721 100644
--- a/SOURCES/docker-latest.sysconfig
+++ b/SOURCES/docker-latest.sysconfig
@@ -1,24 +1,12 @@
 # /etc/sysconfig/docker-latest
 
 # Modify these options if you want to change the way the docker daemon runs
+# the --log-driver and --signature-verification options have moved to
+# /etc/docker-latest/daemon.json, selinux will be moved in the next release.
 OPTIONS='--selinux-enabled'
-DOCKER_CERT_PATH=/etc/docker
-
-# If you want to add your own registry to be used for docker search and docker
-# pull use the #ADD_REGISTRY option to list a set of registries, each prepended
-# with --add-registry flag. The first registry added will be the first registry
-# searched.
-#ADD_REGISTRY='--add-registry registry.access.redhat.com'
-
-# If you want to block registries from being used, uncomment the BLOCK_REGISTRY
-# option and give it a set of registries, each prepended with --block-registry
-# flag. For example adding docker.io will stop users from downloading images
-# from docker.io
-# BLOCK_REGISTRY='--block-registry'
-
-# Enable insecure registry communication by appending the registry URL
-# to the INSECURE_REGISTRY variable below and uncommenting it
-# INSECURE_REGISTRY='--insecure-registry '
+if [ -z "${DOCKER_CERT_PATH}" ]; then
+    DOCKER_CERT_PATH=/etc/docker-latest
+fi
 
 # On SELinux System, if you remove the --selinux-enabled option, you
 # also need to turn on the docker_transition_unconfined boolean.
diff --git a/SPECS/docker-latest.spec b/SPECS/docker-latest.spec
index 0392e75..4925cc5 100644
--- a/SPECS/docker-latest.spec
+++ b/SPECS/docker-latest.spec
@@ -22,11 +22,11 @@
 # macros for 'docker' package VR
 %global docker_epoch 2
 %global docker_ver 1.12.6
-%global docker_rel 50
+%global docker_rel 68
 
 # docker
 %global git_docker https://github.com/projectatomic/docker
-%global commit_docker 1faa13545a16754001734593b5901db82756b55e
+%global commit_docker 9a813fad75217ff3a3c1e0c1ecf5a9dd9dfbccf1
 %global shortcommit_docker %(c=%{commit_docker}; echo ${c:0:7})
 # docker_branch used in %%check
 %global docker_branch docker-1.13.1-rhel
@@ -46,7 +46,7 @@
 
 # docker-runc
 %global git_runc https://github.com/projectatomic/runc
-%global commit_runc 771c53eea0c8517e9edb02e7063f4b2e3ad72c57
+%global commit_runc 518736edd04da1dbd28a852d1b95a92ac5303fd8
 %global shortcommit_runc %(c=%{commit_runc}; echo ${c:0:7})
 
 # docker-containerd
@@ -61,12 +61,12 @@
 
 # docker-proxy
 %global git_libnetwork https://github.com/docker/libnetwork
-%global commit_libnetwork 0f08d31bf0e640e0cdc6d5161227f87602d605c5
+%global commit_libnetwork 460ac8fa0bcc888f28f6dec93cdd3bf8b58f975a
 %global shortcommit_libnetwork %(c=%{commit_libnetwork}; echo ${c:0:7})
 
 Name: %{repo}-latest
 Version: 1.13.1
-Release: 26.git%{shortcommit_docker}%{?dist}
+Release: 36.git%{shortcommit_docker}%{?dist}
 Summary: Automates deployment of containerized applications
 License: ASL 2.0
 URL: https://%{provider}.%{provider_tld}/projectatomic/%{repo}
@@ -170,6 +170,11 @@ Requires: %{repo}-common
 # here keep the new line above otherwise autosetup fails when applying patch
 cp %{SOURCE9} .
 
+# rhel debranding for centos
+%if 0%{?centos}
+sed -i 's/ADD_REGISTRY/#ADD_REGISTRY/' %{SOURCE6}
+%endif
+
 # untar d-s-s
 tar zxf %{SOURCE1}
 pushd container-storage-setup-%{commit_dss}
@@ -333,18 +338,17 @@ install -p contrib/udev/80-%{repo}.rules %{buildroot}%{_udevrulesdir}/80-%{name}
 install -d %{buildroot}%{_sharedstatedir}/%{name}
 
 # install secret patch directory
-#install -d -p -m 750 %{buildroot}/%{_datadir}/rhel/secrets
+install -d -p -m 750 %{buildroot}/%{_datadir}/rhel/secrets
 # rhbz#1110876 - update symlinks for subscription management
-#ln -s %{_sysconfdir}/pki/entitlement %{buildroot}%{_datadir}/rhel/secrets/etc-pki-entitlement
-#ln -s %{_sysconfdir}/rhsm %{buildroot}%{_datadir}/rhel/secrets/rhsm
-#ln -s %{_sysconfdir}/yum.repos.d/redhat.repo %{buildroot}%{_datadir}/rhel/secrets/rhel7.repo
+ln -s %{_sysconfdir}/pki/entitlement %{buildroot}%{_datadir}/rhel/secrets/etc-pki-entitlement
+ln -s %{_sysconfdir}/rhsm %{buildroot}%{_datadir}/rhel/secrets/rhsm
+ln -s %{_sysconfdir}/yum.repos.d/redhat.repo %{buildroot}%{_datadir}/rhel/secrets/rhel7.repo
 
-#mkdir -p %{buildroot}%{_sysconfdir}/%{name}/certs.d/redhat.{com,io}
-#mkdir -p %{buildroot}/etc/%{name}/certs.d/registry.access.redhat.com
-#ln -s %{_sysconfdir}/rhsm/ca/redhat-uep.pem %{buildroot}%{_sysconfdir}/%{name}/certs.d/redhat.com/redhat-ca.crt
-#ln -s %{_sysconfdir}/rhsm/ca/redhat-uep.pem %{buildroot}%{_sysconfdir}/%{name}/certs.d/redhat.io/redhat-ca.crt
-#ln -s %{_sysconfdir}/rhsm/ca/redhat-uep.pem %{buildroot}%{_sysconfdir}/%{name}/certs.d/registry.access.redhat.com/redhat-ca.crt
-mkdir -p %{buildroot}%{_sysconfdir}/%{name}/certs.d/
+mkdir -p %{buildroot}%{_sysconfdir}/%{name}/certs.d/redhat.{com,io}
+mkdir -p %{buildroot}/etc/%{name}/certs.d/registry.access.redhat.com
+ln -s %{_sysconfdir}/rhsm/ca/redhat-uep.pem %{buildroot}%{_sysconfdir}/%{name}/certs.d/redhat.com/redhat-ca.crt
+ln -s %{_sysconfdir}/rhsm/ca/redhat-uep.pem %{buildroot}%{_sysconfdir}/%{name}/certs.d/redhat.io/redhat-ca.crt
+ln -s %{_sysconfdir}/rhsm/ca/redhat-uep.pem %{buildroot}%{_sysconfdir}/%{name}/certs.d/registry.access.redhat.com/redhat-ca.crt
 
 # install systemd/init scripts
 install -d %{buildroot}%{_unitdir}
@@ -460,14 +464,14 @@ exit 0
 %{_unitdir}/%{name}-cleanup.service
 %{_unitdir}/%{name}-cleanup.timer
 %{_datadir}/bash-completion/completions/%{name}
-#%dir %{_datadir}/rhel
-#%{_datadir}/rhel/*
+%dir %{_datadir}/rhel
+%{_datadir}/rhel/*
 %dir %{_sharedstatedir}/%{name}
 %{_udevrulesdir}/80-%{name}.rules
 %dir %{_sysconfdir}/%{name}
 %dir %{_sysconfdir}/%{name}/certs.d
-#%dir %{_sysconfdir}/%{name}/certs.d/redhat.*
-#%{_sysconfdir}/%{name}/certs.d/*
+%dir %{_sysconfdir}/%{name}/certs.d/redhat.*
+%{_sysconfdir}/%{name}/certs.d/*
 %{_datadir}/vim/vimfiles/doc/%{repo}file-latest.txt
 %{_datadir}/vim/vimfiles/ftdetect/%{repo}file-latest.vim
 %{_datadir}/vim/vimfiles/syntax/%{repo}file-latest.vim
@@ -512,8 +516,56 @@ exit 0
 %endif # with_migrator
 
 %changelog
-* Tue Oct 24 2017 Johnny Hughes <johnny@centos.org> - 1.13.1-26.git1faa135
-- Manual CentOS Debranding
+* Mon Nov 27 2017 Lokesh Mandvekar <lsm5@redhat.com> - 1.13.1-36.git9a813fa
+- fix unitfile RE: #1517985
+
+* Mon Nov 27 2017 Lokesh Mandvekar <lsm5@redhat.com> - 1.13.1-35.git9a813fa
+- Resolves: #1517985 - use registries.conf from atomic-registries
+- use docker-common >= 2:1.12.6-68
+
+* Wed Nov 22 2017 Lokesh Mandvekar <lsm5@redhat.com> - 1.13.1-34.git9a813fa
+- correct previous bogus date
+
+* Wed Nov 22 2017 Lokesh Mandvekar <lsm5@redhat.com> - 1.13.1-33.git9a813fa
+- use docker-common >= 2:1.12.6-69
+
+* Thu Nov 16 2017 Lokesh Mandvekar <lsm5@redhat.com> - 1.13.1-32.git9a813fa
+- do not set DOCKER_CERT_PATH if already set
+- DOCKER_CERT_PATH in /etc/sysconfig/docker-latest should be /etc/docker-latest
+and not /etc/docker
+- document in docker-latest.sysconfig where some options have moved
+
+* Thu Nov 16 2017 Lokesh Mandvekar <lsm5@redhat.com> - 1.13.1-31.git9a813fa
+- Resolves: #1510170
+- built docker @projectatomic/docker-1.13.1-rhel commit 9a813fa
+- built docker-runc @projectatomic/docker-1.13.1-rhel commit 518736e
+- built docker-containerd @projectatomic/docker-1.13.1-rhel commit 89a5d2c
+- built docker-init commit 0effd37
+- built libnetwork commit 460ac8f
+
+* Thu Nov 09 2017 Lokesh Mandvekar <lsm5@redhat.com> - 1.13.1-30.gitcd75a45
+- built docker @projectatomic/docker-1.13.1-rhel commit cd75a45
+- built docker-runc @projectatomic/docker-1.13.1-rhel commit 771c53e
+- built docker-containerd @projectatomic/docker-1.13.1-rhel commit 89a5d2c
+- built docker-init commit 0effd37
+- built libnetwork commit 460ac8f
+
+* Thu Nov 09 2017 Lokesh Mandvekar <lsm5@redhat.com> - 1.13.1-29.gitf4b0767
+- built docker @projectatomic/docker-1.13.1-rhel commit f4b0767
+- built docker-runc @projectatomic/docker-1.13.1-rhel commit 771c53e
+- built docker-containerd @projectatomic/docker-1.13.1-rhel commit 89a5d2c
+- built docker-init commit 0effd37
+- built libnetwork commit 460ac8f
+
+* Tue Nov 07 2017 Lokesh Mandvekar <lsm5@redhat.com> - 1.13.1-28.gita87d43a
+- adjust sources
+
+* Tue Nov 07 2017 Lokesh Mandvekar <lsm5@redhat.com> - 1.13.1-27.gita87d43a
+- built docker @projectatomic/docker-1.13.1-rhel commit a87d43a
+- built docker-runc @projectatomic/docker-1.13.1-rhel commit 771c53e
+- built docker-containerd @projectatomic/docker-1.13.1-rhel commit 89a5d2c
+- built docker-init commit 0effd37
+- built libnetwork commit 6bbcd1b
 
 * Tue Sep 26 2017 Lokesh Mandvekar <lsm5@redhat.com> - 1.13.1-26.git1faa135
 - reverted sources, the same file shouldn't have a different hash