chore(deps)!: migrate from docker/docker to moby/moby v29#3617
Closed
appleboy wants to merge 9 commits intotestcontainers:mainfrom
Closed
chore(deps)!: migrate from docker/docker to moby/moby v29#3617appleboy wants to merge 9 commits intotestcontainers:mainfrom
appleboy wants to merge 9 commits intotestcontainers:mainfrom
Conversation
- Replace github.com/docker/docker v28.5.2 with github.com/moby/moby/api v1.54.0 and github.com/moby/moby/client v0.3.0 - Migrate all import paths from docker/docker to moby/moby submodules - Replace nat.Port string type with network.Port struct type across all modules - Remove NetworkSettingsBase and DefaultNetworkSettings from container inspection - Update all Docker client method calls to new option/result struct pattern - Replace filters.NewArgs with client.Filters map type - Convert string IP addresses to netip.Addr where required by new API - Add local stdWriter implementation in ollama module to replace removed stdcopy.NewStdWriter - Update all 65+ submodule go.mod files BREAKING CHANGE: The Docker client dependency has moved from github.com/docker/docker to github.com/moby/moby/api and github.com/moby/moby/client. Port types changed from nat.Port (string) to network.Port (struct). Container inspection NetworkSettings structure changed. All client method signatures now use option/result struct patterns. Fixes CVE-2026-34040 (HIGH) and CVE-2026-33997 (MEDIUM).
✅ Deploy Preview for testcontainers-go ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
|
Important Review skippedToo many files! This PR contains 232 files, which is 82 over the limit of 150. ⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Run ID: ⛔ Files ignored due to path filters (66)
📒 Files selected for processing (232)
You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
- Separate moby imports from testcontainers imports with blank line - Fix MustParsePort missing /tcp protocol suffix
Member
|
Hi @appleboy thanks for this! Would you mind taking a look at the lint phase of the modules, as Forjego failed? I'm not at the keyboard ATM but will take a look on this today. @thaJeztah this work is probably related to your other PR, isn't it? |
- Separate moby/moby imports from testcontainers imports with blank line - Required by gci linter config (standard, default, testcontainers prefix groups)
- Fix gci import grouping (separate moby from testcontainers) - Replace deprecated client.NewClientWithOpts with client.New - Remove deprecated client.WithAPIVersionNegotiation (now default) - Replace deprecated client.WithVersion with client.WithAPIVersion - Replace deprecated strslice.StrSlice with []string - Fix unlambda gocritic warnings in lifecycle_test.go - Fix unused-parameter revive warnings - Fix indent-error-flow revive warning in wait testdata - Fix missing strconv imports in test files - Fix ContainerInspect/VolumeRemove/ServerVersion API calls in tests
- Update strategytarget_mock_test.go from make generate - Fix import ordering and PortMap type alias expansion
Contributor
|
Oh! missed this one; yes, this is probably doing the same as #3591 I kept it in draft, pending moby/moby@19ef53a (moby/moby#52165) to be in a release. w.r.t. this;
Those ONLY impact the daemon binaries, and any scanner warnings about a CVE are false positives, so can be ignored (unless you're building the docker daemon binaries). |
- Move moby/moby/api from indirect to direct require since pinecone.go imports moby/moby/api/types/network
- Move moby/moby/api from indirect to direct require since nebulagraph.go and options.go import moby/moby/api/types/network
- Import ordering changed due to new moby/moby/api module paths
- Move moby/moby/client from indirect to direct in etcd, dockermodelrunner, and k6 modules that import it in source/test files
Contributor
Author
|
Hi, I noticed that this PR seems to duplicate the work in #3617. Could we clarify which PR should be the one to move forward? I'm also wondering if @thaJeztah would like to take ownership of this. I'm happy to either close this PR or continue depending on what the maintainers prefer. |
Member
|
@appleboy I added some commits on top of @thaJeztah's PR, as that PR was failing less tests in the CI. If you agree, we are continue the work in that PR, which I want to merge it ASAP, so that unblocks you (and more people in the community) BTW I'm interested in learning more about how you use testcontainers-go, could you share a bit of that? 🙏 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
github.com/docker/docker v28.5.2+incompatibletogithub.com/moby/moby/api v1.54.0+github.com/moby/moby/client v0.3.0nat.Port(string) withnetwork.Port(struct) across all 65+ modulesNetworkSettingsBase/DefaultNetworkSettingsfrom container inspectionfilters.NewArgswithclient.Filtersmap typenetip.Addrwhere requiredMotivation
Fixes CVE-2026-34040 (HIGH): Moby AuthZ plugin bypass when provided oversized request bodies
Fixes CVE-2026-33997 (MEDIUM): Moby off-by-one error in plugin privilege validation
Both CVEs are fixed in Docker/Moby v29.3.1, which is available via the new
github.com/moby/moby/apiandgithub.com/moby/moby/clientsubmodules.Breaking Changes
github.com/docker/dockertogithub.com/moby/moby/{api,client}nat.Port(string type) replaced bynetwork.Port(struct type) — callers must usenetwork.MustParsePort("80/tcp")instead ofnat.Port("80/tcp")NetworkSettingsstructure changed (no moreNetworkSettingsBase/DefaultNetworkSettings)filterspackage removed, replaced byclient.FiltersTest plan
go build ./...passes for root modulego vet ./...passes for root module🤖 Generated with Claude Code