update docker dependency

Tag: https://github.com/moby/moby/tree/v19.03.8 SHA: aa6a9891b09cce3d9004121294301a30d45d998d Signed-off-by: Davanum Srinivas <davanum@gmail.com>
2025-07-19 18:02:01 +00:00 · 2020-03-31 10:20:17 -04:00 · 2020-03-31 10:20:17 -04:00 · 8e8e15357b
commit 8e8e15357b
parent e551cf8a77
27 changed files with 448 additions and 266 deletions
--- a/go.mod
+++ b/go.mod
@ -42,7 +42,7 @@ require (
 	github.com/cyphar/filepath-securejoin v0.2.2 // indirect
 	github.com/davecgh/go-spew v1.1.1
 	github.com/docker/distribution v2.7.1+incompatible
-	github.com/docker/docker v0.7.3-0.20190327010347-be7ac8be2ae0
+	github.com/docker/docker v1.4.2-0.20200309214505-aa6a9891b09c
 	github.com/docker/go-connections v0.3.0
 	github.com/docker/go-units v0.4.0
 	github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153
@ -230,7 +230,7 @@ replace (
 	github.com/dgrijalva/jwt-go => github.com/dgrijalva/jwt-go v3.2.0+incompatible
 	github.com/dnaeon/go-vcr => github.com/dnaeon/go-vcr v1.0.1
 	github.com/docker/distribution => github.com/docker/distribution v2.7.1+incompatible
-	github.com/docker/docker => github.com/docker/docker v0.7.3-0.20190327010347-be7ac8be2ae0
+	github.com/docker/docker => github.com/docker/docker v1.4.2-0.20200309214505-aa6a9891b09c
 	github.com/docker/go-connections => github.com/docker/go-connections v0.3.0
 	github.com/docker/go-units => github.com/docker/go-units v0.4.0
 	github.com/docker/spdystream => github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96
--- a/go.sum
+++ b/go.sum
@ -134,8 +134,8 @@ github.com/dnaeon/go-vcr v1.0.1 h1:r8L/HqC0Hje5AXMu1ooW8oyQyOFv4GxqpL0nRP7SLLY=
 github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E=
 github.com/docker/distribution v2.7.1+incompatible h1:a5mlkVzth6W5A4fOsS3D2EO5BUmsJpcB+cRlLU7cSug=
 github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
-github.com/docker/docker v0.7.3-0.20190327010347-be7ac8be2ae0 h1:w3NnFcKR5241cfmQU5ZZAsf0xcpId6mWOupTvJlUX2U=
+github.com/docker/docker v1.4.2-0.20200309214505-aa6a9891b09c h1:zviRyz1SWO8+WVJbi9/jlJCkrsZ54r/lTRbgtcaQhLs=
-github.com/docker/docker v0.7.3-0.20190327010347-be7ac8be2ae0/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
+github.com/docker/docker v1.4.2-0.20200309214505-aa6a9891b09c/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
 github.com/docker/go-connections v0.3.0 h1:3lOnM9cSzgGwx8VfK/NGOW5fLQ0GjIlCkaktF+n1M6o=
 github.com/docker/go-connections v0.3.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec=
 github.com/docker/go-units v0.4.0 h1:3uh0PgVws3nIA0Q+MwDC8yjEPf9zjRfZZWXZYDct3Tw=
--- a/vendor/github.com/docker/docker/AUTHORS
+++ b/vendor/github.com/docker/docker/AUTHORS
@ -44,7 +44,7 @@ Ajey Charantimath <ajey.charantimath@gmail.com>
 ajneu <ajneu@users.noreply.github.com>
 Akash Gupta <akagup@microsoft.com>
 Akihiro Matsushima <amatsusbit@gmail.com>
-Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
+Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 Akim Demaille <akim.demaille@docker.com>
 Akira Koyasu <mail@akirakoyasu.net>
 Akshay Karle <akshay.a.karle@gmail.com>
@ -81,6 +81,7 @@ Alexandre Garnier <zigarn@gmail.com>
 Alexandre González <agonzalezro@gmail.com>
 Alexandre Jomin <alexandrejomin@gmail.com>
 Alexandru Sfirlogea <alexandru.sfirlogea@gmail.com>
 Alexei Margasov <alexei38@yandex.ru>
 Alexey Guskov <lexag@mail.ru>
 Alexey Kotlyarov <alexey@infoxchange.net.au>
 Alexey Shamrin <shamrin@gmail.com>
@ -153,6 +154,7 @@ Andy Wilson <wilson.andrew.j+github@gmail.com>
 Anes Hasicic <anes.hasicic@gmail.com>
 Anil Belur <askb23@gmail.com>
 Anil Madhavapeddy <anil@recoil.org>
 Ankit Jain <ajatkj@yahoo.co.in>
 Ankush Agarwal <ankushagarwal11@gmail.com>
 Anonmily <michelle@michelleliu.io>
 Anran Qiao <anran.qiao@daocloud.io>
@ -184,6 +186,7 @@ Asad Saeeduddin <masaeedu@gmail.com>
 Asbjørn Enge <asbjorn@hanafjedle.net>
 averagehuman <averagehuman@users.noreply.github.com>
 Avi Das <andas222@gmail.com>
 Avi Kivity <avi@scylladb.com>
 Avi Miller <avi.miller@oracle.com>
 Avi Vaid <avaid1996@gmail.com>
 ayoshitake <airandfingers@gmail.com>
@ -507,6 +510,7 @@ Dmitri Shuralyov <shurcooL@gmail.com>
 Dmitry Demeshchuk <demeshchuk@gmail.com>
 Dmitry Gusev <dmitry.gusev@gmail.com>
 Dmitry Kononenko <d@dm42.ru>
 Dmitry Sharshakov <d3dx12.xx@gmail.com>
 Dmitry Shyshkin <dmitry@shyshkin.org.ua>
 Dmitry Smirnov <onlyjob@member.fsf.org>
 Dmitry V. Krivenok <krivenok.dmitry@gmail.com>
@ -656,6 +660,7 @@ Frederik Loeffert <frederik@zitrusmedia.de>
 Frederik Nordahl Jul Sabroe <frederikns@gmail.com>
 Freek Kalter <freek@kalteronline.org>
 Frieder Bluemle <frieder.bluemle@gmail.com>
 Fu JinLin <withlin@yeah.net>
 Félix Baylac-Jacqué <baylac.felix@gmail.com>
 Félix Cantournet <felix.cantournet@cloudwatt.com>
 Gabe Rosenhouse <gabe@missionst.com>
@ -688,6 +693,7 @@ Ghislain Bourgeois <ghislain.bourgeois@gmail.com>
 Giampaolo Mancini <giampaolo@trampolineup.com>
 Gianluca Borello <g.borello@gmail.com>
 Gildas Cuisinier <gildas.cuisinier@gcuisinier.net>
 Giovan Isa Musthofa <giovanism@outlook.co.id>
 gissehel <public-devgit-dantus@gissehel.org>
 Giuseppe Mazzotta <gdm85@users.noreply.github.com>
 Gleb Fotengauer-Malinovskiy <glebfm@altlinux.org>
@ -898,6 +904,7 @@ Jimmy Cuadra <jimmy@jimmycuadra.com>
 Jimmy Puckett <jimmy.puckett@spinen.com>
 Jimmy Song <rootsongjc@gmail.com>
 Jinsoo Park <cellpjs@gmail.com>
 Jintao Zhang <zhangjintao9020@gmail.com>
 Jiri Appl <jiria@microsoft.com>
 Jiri Popelka <jpopelka@redhat.com>
 Jiuyue Ma <majiuyue@huawei.com>
@ -1079,6 +1086,7 @@ Kunal Kushwaha <kushwaha_kunal_v7@lab.ntt.co.jp>
 Kunal Tyagi <tyagi.kunal@live.com>
 Kyle Conroy <kyle.j.conroy@gmail.com>
 Kyle Linden <linden.kyle@gmail.com>
 Kyle Wuolle <kyle.wuolle@gmail.com>
 kyu <leehk1227@gmail.com>
 Lachlan Coote <lcoote@vmware.com>
 Lai Jiangshan <jiangshanlai@gmail.com>
@ -1255,6 +1263,7 @@ Maxim Kulkin <mkulkin@mirantis.com>
 Maxim Treskin <zerthurd@gmail.com>
 Maxime Petazzoni <max@signalfuse.com>
 Maximiliano Maccanti <maccanti@amazon.com>
 Maxwell <csuhp007@gmail.com>
 Meaglith Ma <genedna@gmail.com>
 meejah <meejah@meejah.ca>
 Megan Kostick <mkostick@us.ibm.com>
@ -1519,6 +1528,7 @@ Quentin Brossard <qbrossard@gmail.com>
 Quentin Perez <qperez@ocs.online.net>
 Quentin Tayssier <qtayssier@gmail.com>
 r0n22 <cameron.regan@gmail.com>
 Radostin Stoyanov <rstoyanov1@gmail.com>
 Rafal Jeczalik <rjeczalik@gmail.com>
 Rafe Colton <rafael.colton@gmail.com>
 Raghavendra K T <raghavendra.kt@linux.vnet.ibm.com>
@ -1976,6 +1986,7 @@ xamyzhao <x.amy.zhao@gmail.com>
 Xian Chaobo <xianchaobo@huawei.com>
 Xianglin Gao <xlgao@zju.edu.cn>
 Xianlu Bird <xianlubird@gmail.com>
 Xiao YongBiao <xyb4638@gmail.com>
 XiaoBing Jiang <s7v7nislands@gmail.com>
 Xiaodong Zhang <a4012017@sina.com>
 Xiaoxi He <xxhe@alauda.io>
--- a/vendor/github.com/docker/docker/NOTICE
+++ b/vendor/github.com/docker/docker/NOTICE
@ -3,7 +3,7 @@ Copyright 2012-2017 Docker, Inc.
 This product includes software developed at Docker, Inc. (https://www.docker.com).
-This product contains software (https://github.com/kr/pty) developed
+This product contains software (https://github.com/creack/pty) developed
 by Keith Rarick, licensed under the MIT License.
 The following is courtesy of our legal counsel:
--- a/vendor/github.com/docker/docker/api/swagger.yaml
+++ b/vendor/github.com/docker/docker/api/swagger.yaml
@ -65,7 +65,7 @@ info:
    # Authentication
-    Authentication for registries is handled client side. The client has to send authentication details to various endpoints that need to communicate with registries, such as `POST /images/(name)/push`. These are sent as `X-Registry-Auth` header as a Base64 encoded (JSON) string with the following structure:
+    Authentication for registries is handled client side. The client has to send authentication details to various endpoints that need to communicate with registries, such as `POST /images/(name)/push`. These are sent as `X-Registry-Auth` header as a [base64url encoded](https://tools.ietf.org/html/rfc4648#section-5) (JSON) string with the following structure:
    ```
    {
@ -463,10 +463,6 @@ definitions:
        type: "array"
        items:
          $ref: "#/definitions/DeviceRequest"
      DiskQuota:
        description: "Disk limit (in bytes)."
        type: "integer"
        format: "int64"
      KernelMemory:
        description: "Kernel memory limit in bytes."
        type: "integer"
@ -622,6 +618,71 @@ definitions:
        description: "Start period for the container to initialize before starting health-retries countdown in nanoseconds. It should be 0 or at least 1000000 (1 ms). 0 means inherit."
        type: "integer"
  Health:
    description: |
      Health stores information about the container's healthcheck results.
    type: "object"
    properties:
      Status:
        description: |
          Status is one of `none`, `starting`, `healthy` or `unhealthy`
          - "none"      Indicates there is no healthcheck
          - "starting"  Starting indicates that the container is not yet ready
          - "healthy"   Healthy indicates that the container is running correctly
          - "unhealthy" Unhealthy indicates that the container has a problem
        type: "string"
        enum:
          - "none"
          - "starting"
          - "healthy"
          - "unhealthy"
        example: "healthy"
      FailingStreak:
        description: "FailingStreak is the number of consecutive failures"
        type: "integer"
        example: 0
      Log:
        type: "array"
        description: |
          Log contains the last few results (oldest first)
        items:
          x-nullable: true
          $ref: "#/definitions/HealthcheckResult"
  HealthcheckResult:
    description: |
      HealthcheckResult stores information about a single run of a healthcheck probe
    type: "object"
    properties:
      Start:
        description: |
          Date and time at which this check started in
          [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds.
        type: "string"
        format: "date-time"
        example: "2020-01-04T10:44:24.496525531Z"
      End:
        description: |
          Date and time at which this check ended in
          [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format with nano-seconds.
        type: "string"
        format: "dateTime"
        example: "2020-01-04T10:45:21.364524523Z"
      ExitCode:
        description: |
          ExitCode meanings:
          - `0` healthy
          - `1` unhealthy
          - `2` reserved (considered unhealthy)
          - other values: error running probe
        type: "integer"
        example: 0
      Output:
        description: "Output from last check"
        type: "string"
  HostConfig:
    description: "Container configuration that depends on the host we are running on"
    allOf:
@ -632,12 +693,44 @@ definitions:
          Binds:
            type: "array"
            description: |
-              A list of volume bindings for this container. Each volume binding is a string in one of these forms:
+              A list of volume bindings for this container. Each volume binding
              is a string in one of these forms:
-              - `host-src:container-dest` to bind-mount a host path into the container. Both `host-src`, and `container-dest` must be an _absolute_ path.
+              - `host-src:container-dest[:options]` to bind-mount a host path
-              - `host-src:container-dest:ro` to make the bind mount read-only inside the container. Both `host-src`, and `container-dest` must be an _absolute_ path.
+                into the container. Both `host-src`, and `container-dest` must
-              - `volume-name:container-dest` to bind-mount a volume managed by a volume driver into the container. `container-dest` must be an _absolute_ path.
+                be an _absolute_ path.
-              - `volume-name:container-dest:ro` to mount the volume read-only inside the container.  `container-dest` must be an _absolute_ path.
+              - `volume-name:container-dest[:options]` to bind-mount a volume
                managed by a volume driver into the container. `container-dest`
                must be an _absolute_ path.
              `options` is an optional, comma-delimited list of:
              - `nocopy` disables automatic copying of data from the container
                path to the volume. The `nocopy` flag only applies to named volumes.
              - `[ro|rw]` mounts a volume read-only or read-write, respectively.
                If omitted or set to `rw`, volumes are mounted read-write.
              - `[z|Z]` applies SELinux labels to allow or deny multiple containers
                to read and write to the same volume.
                  - `z`: a _shared_ content label is applied to the content. This
                    label indicates that multiple containers can share the volume
                    content, for both reading and writing.
                  - `Z`: a _private unshared_ label is applied to the content.
                    This label indicates that only the current container can use
                    a private volume. Labeling systems such as SELinux require
                    proper labels to be placed on volume content that is mounted
                    into a container. Without a label, the security system can
                    prevent a container's processes from using the content. By
                    default, the labels set by the host operating system are not
                    modified.
              - `[[r]shared|[r]slave|[r]private]` specifies mount
                [propagation behavior](https://www.kernel.org/doc/Documentation/filesystems/sharedsubtree.txt).
                This only applies to bind-mounted volumes, not internal volumes
                or named volumes. Mount propagation requires the source mount
                point (the location where the source directory is mounted in the
                host operating system) to have the correct propagation properties.
                For shared volumes, the source mount point must be set to `shared`.
                For slave volumes, the mount must be set to either `shared` or
                `slave`.
            items:
              type: "string"
          ContainerIDFile:
@ -1145,6 +1238,7 @@ definitions:
    type: "object"
    additionalProperties:
      type: "array"
      x-nullable: true
      items:
        $ref: "#/definitions/PortBinding"
    example:
@ -1169,7 +1263,6 @@ definitions:
      PortBinding represents a binding between a host IP address and a host
      port.
    type: "object"
    x-nullable: true
    properties:
      HostIp:
        description: "Host IP address that the container's port is mapped to."
@ -2928,7 +3021,27 @@ definitions:
        type: "object"
        properties:
          Constraints:
-            description: "An array of constraints."
+            description: |
              An array of constraint expressions to limit the set of nodes where
              a task can be scheduled. Constraint expressions can either use a
              _match_ (`==`) or _exclude_ (`!=`) rule. Multiple constraints find
              nodes that satisfy every expression (AND match). Constraints can
              match node or Docker Engine labels as follows:
              node attribute       | matches                        | example
              ---------------------|--------------------------------|-----------------------------------------------
              `node.id`            | Node ID                        | `node.id==2ivku8v2gvtg4`
              `node.hostname`      | Node hostname                  | `node.hostname!=node-2`
              `node.role`          | Node role (`manager`/`worker`) | `node.role==manager`
              `node.platform.os`   | Node operating system          | `node.platform.os==windows`
              `node.platform.arch` | Node architecture              | `node.platform.arch==x86_64`
              `node.labels`        | User-defined node labels       | `node.labels.security==high`
              `engine.labels`      | Docker Engine's labels         | `engine.labels.operatingsystem==ubuntu-14.04`
              `engine.labels` apply to Docker Engine labels like operating system,
              drivers, etc. Swarm administrators add `node.labels` for operational
              purposes by using the [`node update endpoint`](#operation/NodeUpdate).
            type: "array"
            items:
              type: "string"
@ -2936,6 +3049,8 @@ definitions:
              - "node.hostname!=node3.corp.example.com"
              - "node.role!=manager"
              - "node.labels.type==production"
              - "node.platform.os==linux"
              - "node.platform.arch==x86_64"
          Preferences:
            description: "Preferences provide a way to make the scheduler aware of factors such as topology. They are provided in order from highest to lowest precedence."
            type: "array"
@ -2974,16 +3089,10 @@ definitions:
        description: "Runtime is the type of runtime specified for the task executor."
        type: "string"
      Networks:
        description: "Specifies which networks the service should attach to."
        type: "array"
        items:
-          type: "object"
+          $ref: "#/definitions/NetworkAttachmentConfig"
          properties:
            Target:
              type: "string"
            Aliases:
              type: "array"
              items:
                type: "string"
      LogDriver:
        description: "Specifies the log driver to use for tasks created from this spec. If not present, the default one for the swarm will be used, finally falling back to the engine default if not specified."
        type: "object"
@ -3229,17 +3338,11 @@ definitions:
              - "stop-first"
              - "start-first"
      Networks:
-        description: "Array of network names or IDs to attach the service to."
+        description: "Specifies which networks the service should attach to."
        type: "array"
        items:
-          type: "object"
+          $ref: "#/definitions/NetworkAttachmentConfig"
-          properties:
+
            Target:
              type: "string"
            Aliases:
              type: "array"
              items:
                type: "string"
      EndpointSpec:
        $ref: "#/definitions/EndpointSpec"
@ -3266,7 +3369,7 @@ definitions:
          <p><br /></p>
-          - "ingress" makes the target port accessible on on every node,
+          - "ingress" makes the target port accessible on every node,
            regardless of whether there is a task for the service running on
            that node or not.
          - "host" bypasses the routing mesh and publish the port directly on
@ -3284,8 +3387,8 @@ definitions:
    type: "object"
    properties:
      Mode:
-        description: "The mode of resolution to use for internal load balancing
+        description: |
-      between tasks."
+          The mode of resolution to use for internal load balancing between tasks.
        type: "string"
        enum:
          - "vip"
@ -3536,7 +3639,7 @@ definitions:
          com.example.some-other-label: "some-other-value"
      Data:
        description: |
-          Base64-url-safe-encoded ([RFC 4648](https://tools.ietf.org/html/rfc4648#section-3.2))
+          Base64-url-safe-encoded ([RFC 4648](https://tools.ietf.org/html/rfc4648#section-5))
          data to store as secret.
          This field is only used to _create_ a secret, and is not returned by
@ -3586,7 +3689,7 @@ definitions:
          type: "string"
      Data:
        description: |
-          Base64-url-safe-encoded ([RFC 4648](https://tools.ietf.org/html/rfc4648#section-3.2))
+          Base64-url-safe-encoded ([RFC 4648](https://tools.ietf.org/html/rfc4648#section-5))
          config data.
        type: "string"
      Templating:
@ -3613,6 +3716,70 @@ definitions:
      Spec:
        $ref: "#/definitions/ConfigSpec"
  ContainerState:
    description: |
      ContainerState stores container's running state. It's part of ContainerJSONBase
      and will be returned by the "inspect" command.
    type: "object"
    properties:
      Status:
        description: |
          String representation of the container state. Can be one of "created",
          "running", "paused", "restarting", "removing", "exited", or "dead".
        type: "string"
        enum: ["created", "running", "paused", "restarting", "removing", "exited", "dead"]
        example: "running"
      Running:
        description: |
          Whether this container is running.
          Note that a running container can be _paused_. The `Running` and `Paused`
          booleans are not mutually exclusive:
          When pausing a container (on Linux), the freezer cgroup is used to suspend
          all processes in the container. Freezing the process requires the process to
          be running. As a result, paused containers are both `Running` _and_ `Paused`.
          Use the `Status` field instead to determine if a container's state is "running".
        type: "boolean"
        example: true
      Paused:
        description: "Whether this container is paused."
        type: "boolean"
        example: false
      Restarting:
        description: "Whether this container is restarting."
        type: "boolean"
        example: false
      OOMKilled:
        description: "Whether this container has been killed because it ran out of memory."
        type: "boolean"
        example: false
      Dead:
        type: "boolean"
        example: false
      Pid:
        description: "The process ID of this container"
        type: "integer"
        example: 1234
      ExitCode:
        description: "The last exit code of this container"
        type: "integer"
        example: 0
      Error:
        type: "string"
      StartedAt:
        description: "The time when this container was last started."
        type: "string"
        example: "2020-01-06T09:06:59.461876391Z"
      FinishedAt:
        description: "The time when this container last exited."
        type: "string"
        example: "2020-01-06T09:07:59.461876391Z"
      Health:
        x-nullable: true
        $ref: "#/definitions/Health"
  SystemInfo:
    type: "object"
    properties:
@ -3809,7 +3976,7 @@ definitions:
        description: |
          The driver to use for managing cgroups.
        type: "string"
-        enum: ["cgroupfs", "systemd"]
+        enum: ["cgroupfs", "systemd", "none"]
        default: "cgroupfs"
        example: "cgroupfs"
      NEventsListener:
@ -4044,7 +4211,7 @@ definitions:
      SecurityOptions:
        description: |
          List of security features that are enabled on the daemon, such as
-          apparmor, seccomp, SELinux, and user-namespaces (userns).
+          apparmor, seccomp, SELinux, user-namespaces (userns), and rootless.
          Additional configuration options for each security feature may
          be present, and are included as a comma-separated list of key/value
@ -4057,6 +4224,7 @@ definitions:
          - "name=seccomp,profile=default"
          - "name=selinux"
          - "name=userns"
          - "name=rootless"
      ProductLicense:
        description: |
          Reports a summary of the product license on the daemon.
@ -4410,6 +4578,24 @@ definitions:
          IP address and ports at which this node can be reached.
        type: "string"
  NetworkAttachmentConfig:
    description: "Specifies how a service should be attached to a particular network."
    type: "object"
    properties:
      Target:
        description: "The target network for attachment. Must be a network name or ID."
        type: "string"
      Aliases:
        description: "Discoverable alternate names for the service on this network."
        type: "array"
        items:
          type: "string"
      DriverOpts:
        description: "Driver attachment options for the network target"
        type: "object"
        additionalProperties:
          type: "string"
 paths:
  /containers/json:
    get:
@ -4611,9 +4797,9 @@ paths:
      parameters:
        - name: "name"
          in: "query"
-          description: "Assign the specified name to the container. Must match `/?[a-zA-Z0-9_-]+`."
+          description: "Assign the specified name to the container. Must match `/?[a-zA-Z0-9][a-zA-Z0-9_.-]+`."
          type: "string"
-          pattern: "/?[a-zA-Z0-9_-]+"
+          pattern: "^/?[a-zA-Z0-9][a-zA-Z0-9_.-]+$"
        - name: "body"
          in: "body"
          description: "Container to create"
@ -4825,52 +5011,8 @@ paths:
                items:
                  type: "string"
              State:
-                description: "The state of the container."
+                x-nullable: true
-                type: "object"
+                $ref: "#/definitions/ContainerState"
                properties:
                  Status:
                    description: |
                      The status of the container. For example, `"running"` or `"exited"`.
                    type: "string"
                    enum: ["created", "running", "paused", "restarting", "removing", "exited", "dead"]
                  Running:
                    description: |
                      Whether this container is running.
                      Note that a running container can be _paused_. The `Running` and `Paused`
                      booleans are not mutually exclusive:
                      When pausing a container (on Linux), the cgroups freezer is used to suspend
                      all processes in the container. Freezing the process requires the process to
                      be running. As a result, paused containers are both `Running` _and_ `Paused`.
                      Use the `Status` field instead to determine if a container's state is "running".
                    type: "boolean"
                  Paused:
                    description: "Whether this container is paused."
                    type: "boolean"
                  Restarting:
                    description: "Whether this container is restarting."
                    type: "boolean"
                  OOMKilled:
                    description: "Whether this container has been killed because it ran out of memory."
                    type: "boolean"
                  Dead:
                    type: "boolean"
                  Pid:
                    description: "The process ID of this container"
                    type: "integer"
                  ExitCode:
                    description: "The last exit code of this container"
                    type: "integer"
                  Error:
                    type: "string"
                  StartedAt:
                    description: "The time when this container was last started."
                    type: "string"
                  FinishedAt:
                    description: "The time when this container last exited."
                    type: "string"
              Image:
                description: "The container's image"
                type: "string"
@ -4891,6 +5033,8 @@ paths:
                type: "integer"
              Driver:
                type: "string"
              Platform:
                type: "string"
              MountLabel:
                type: "string"
              ProcessLabel:
@ -4940,6 +5084,8 @@ paths:
                Domainname: ""
                Env:
                  - "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
                Healthcheck:
                  Test: ["CMD-SHELL", "exit 0"]
                Hostname: "ba033ac44011"
                Image: "ubuntu"
                Labels:
@ -5051,6 +5197,14 @@ paths:
                Error: ""
                ExitCode: 9
                FinishedAt: "2015-01-06T15:47:32.080254511Z"
                Health:
                  Status: "healthy"
                  FailingStreak: 0
                  Log:
                    - Start: "2019-12-22T10:59:05.6385933Z"
                      End: "2019-12-22T10:59:05.8078452Z"
                      ExitCode: 0
                      Output: ""
                OOMKilled: false
                Dead: false
                Paused: false
@ -5177,15 +5331,15 @@ paths:
        Note: This endpoint works only for containers with the `json-file` or `journald` logging driver.
      operationId: "ContainerLogs"
      responses:
-        101:
+        200:
-          description: "logs returned as a stream"
+          description: |
                  logs returned as a stream in response body.
                  For the stream format, [see the documentation for the attach endpoint](#operation/ContainerAttach).
                  Note that unlike the attach endpoint, the logs endpoint does not upgrade the connection and does not
                  set Content-Type.
          schema:
            type: "string"
            format: "binary"
        200:
          description: "logs returned as a string in response body"
          schema:
            type: "string"
        404:
          description: "no such container"
          schema:
@ -5205,10 +5359,7 @@ paths:
          type: "string"
        - name: "follow"
          in: "query"
-          description: |
+          description: "Keep connection after returning logs."
            Return the logs as a stream.
            This will return a `101` HTTP response with a `Connection: upgrade` header, then hijack the HTTP connection to send raw output. For more information about hijacking and the stream format, [see the documentation for the attach endpoint](#operation/ContainerAttach).
          type: "boolean"
          default: false
        - name: "stdout"
@ -5469,7 +5620,7 @@ paths:
  /containers/{id}/resize:
    post:
      summary: "Resize a container TTY"
-      description: "Resize the TTY for a container. You must restart the container for the resize to take effect."
+      description: "Resize the TTY for a container."
      operationId: "ContainerResize"
      consumes:
        - "application/octet-stream"
@ -5513,8 +5664,6 @@ paths:
          description: "no error"
        304:
          description: "container already started"
          schema:
            $ref: "#/definitions/ErrorResponse"
        404:
          description: "no such container"
          schema:
@ -5546,8 +5695,6 @@ paths:
          description: "no error"
        304:
          description: "container already stopped"
          schema:
            $ref: "#/definitions/ErrorResponse"
        404:
          description: "no such container"
          schema:
@ -5738,9 +5885,9 @@ paths:
    post:
      summary: "Pause a container"
      description: |
-        Use the cgroups freezer to suspend all processes in a container.
+        Use the freezer cgroup to suspend all processes in a container.
-        Traditionally, when suspending a process the `SIGSTOP` signal is used, which is observable by the process being suspended. With the cgroups freezer the process is unaware, and unable to capture, that it is being suspended, and subsequently resumed.
+        Traditionally, when suspending a process the `SIGSTOP` signal is used, which is observable by the process being suspended. With the freezer cgroup the process is unaware, and unable to capture, that it is being suspended, and subsequently resumed.
      operationId: "ContainerPause"
      responses:
        204:
@ -6223,12 +6370,17 @@ paths:
          in: "query"
          description: "If “1”, “true”, or “True” then it will be an error if unpacking the given content would cause an existing directory to be replaced with a non-directory and vice versa."
          type: "string"
        - name: "copyUIDGID"
          in: "query"
          description: "If “1”, “true”, then it will copy UID/GID maps to the dest file or dir"
          type: "string"
        - name: "inputStream"
          in: "body"
          required: true
          description: "The input stream must be a tar archive compressed with one of the following algorithms: identity (no compression), gzip, bzip2, xz."
          schema:
            type: "string"
            format: "binary"
      tags: ["Container"]
  /containers/prune:
    post:
@ -6458,10 +6610,11 @@ paths:
          type: "string"
        - name: "networkmode"
          in: "query"
-          description: "Sets the networking mode for the run commands during
+          description: |
-        build. Supported standard values are: `bridge`, `host`, `none`, and
+            Sets the networking mode for the run commands during build. Supported
-        `container:<name|id>`. Any other value is taken as a custom network's
+            standard values are: `bridge`, `host`, `none`, and `container:<name|id>`.
-        name to which this container should connect to."
+            Any other value is taken as a custom network's name or ID to which this
            container should connect to.
          type: "string"
        - name: "Content-type"
          in: "header"
@ -6606,6 +6759,10 @@ paths:
          in: "query"
          description: "Tag or digest. If empty when pulling an image, this causes all tags for the given image to be pulled."
          type: "string"
        - name: "message"
          in: "query"
          description: "Set commit message for imported image."
          type: "string"
        - name: "inputImage"
          in: "body"
          description: "Image content if the value `-` has been specified in fromSrc query parameter"
@ -6614,7 +6771,7 @@ paths:
          required: false
        - name: "X-Registry-Auth"
          in: "header"
-          description: "A base64-encoded auth configuration. [See the authentication section for details.](#section/Authentication)"
+          description: "A base64url-encoded auth configuration. [See the authentication section for details.](#section/Authentication)"
          type: "string"
        - name: "platform"
          in: "query"
@ -6842,7 +6999,7 @@ paths:
          type: "string"
        - name: "X-Registry-Auth"
          in: "header"
-          description: "A base64-encoded auth configuration. [See the authentication section for details.](#section/Authentication)"
+          description: "A base64url-encoded auth configuration. [See the authentication section for details.](#section/Authentication)"
          type: "string"
          required: true
      tags: ["Image"]
@ -8548,7 +8705,7 @@ paths:
          type: "string"
        - name: "X-Registry-Auth"
          in: "header"
-          description: "A base64-encoded auth configuration to use when pulling a plugin from a registry. [See the authentication section for details.](#section/Authentication)"
+          description: "A base64url-encoded auth configuration to use when pulling a plugin from a registry. [See the authentication section for details.](#section/Authentication)"
          type: "string"
        - name: "body"
          in: "body"
@ -8713,7 +8870,7 @@ paths:
          type: "string"
        - name: "X-Registry-Auth"
          in: "header"
-          description: "A base64-encoded auth configuration to use when pulling a plugin from a registry. [See the authentication section for details.](#section/Authentication)"
+          description: "A base64url-encoded auth configuration to use when pulling a plugin from a registry. [See the authentication section for details.](#section/Authentication)"
          type: "string"
        - name: "body"
          in: "body"
@ -9113,7 +9270,9 @@ paths:
                type: "string"
              RemoteAddrs:
                description: "Addresses of manager nodes already participating in the swarm."
-                type: "string"
+                type: "array"
                items:
                  type: "string"
              JoinToken:
                description: "Secret token for joining this swarm."
                type: "string"
@ -9404,7 +9563,7 @@ paths:
                    foo: "bar"
        - name: "X-Registry-Auth"
          in: "header"
-          description: "A base64-encoded auth configuration for pulling from private registries. [See the authentication section for details.](#section/Authentication)"
+          description: "A base64url-encoded auth configuration for pulling from private registries. [See the authentication section for details.](#section/Authentication)"
          type: "string"
      tags: ["Service"]
  /services/{id}:
@ -9548,20 +9707,22 @@ paths:
          type: "integer"
        - name: "registryAuthFrom"
          in: "query"
          description: |
            If the `X-Registry-Auth` header is not specified, this parameter
            indicates where to find registry authorization credentials.
          type: "string"
-          description: "If the X-Registry-Auth header is not specified, this
+          enum: ["spec", "previous-spec"]
  parameter indicates where to find registry authorization credentials. The
  valid values are `spec` and `previous-spec`."
          default: "spec"
        - name: "rollback"
          in: "query"
          description: |
            Set to this parameter to `previous` to cause a server-side rollback
            to the previous service spec. The supplied spec will be ignored in
            this case.
          type: "string"
          description: "Set to this parameter to `previous` to cause a
  server-side rollback to the previous service spec. The supplied spec will be
  ignored in this case."
        - name: "X-Registry-Auth"
          in: "header"
-          description: "A base64-encoded auth configuration for pulling from private registries. [See the authentication section for details.](#section/Authentication)"
+          description: "A base64url-encoded auth configuration for pulling from private registries. [See the authentication section for details.](#section/Authentication)"
          type: "string"
      tags: ["Service"]
@ -9569,23 +9730,16 @@ paths:
    get:
      summary: "Get service logs"
      description: |
-        Get `stdout` and `stderr` logs from a service.
+        Get `stdout` and `stderr` logs from a service. See also [`/containers/{id}/logs`](#operation/ContainerLogs).
-        **Note**: This endpoint works only for services with the `json-file` or `journald` logging drivers.
+        **Note**: This endpoint works only for services with the `local`, `json-file` or `journald` logging drivers.
      operationId: "ServiceLogs"
      produces:
        - "application/vnd.docker.raw-stream"
        - "application/json"
      responses:
-        101:
+        200:
-          description: "logs returned as a stream"
+          description: "logs returned as a stream in response body"
          schema:
            type: "string"
            format: "binary"
        200:
          description: "logs returned as a string in response body"
          schema:
            type: "string"
        404:
          description: "no such service"
          schema:
@ -9614,10 +9768,7 @@ paths:
          default: false
        - name: "follow"
          in: "query"
-          description: |
+          description: "Keep connection after returning logs."
            Return the logs as a stream.
            This will return a `101` HTTP response with a `Connection: upgrade` header, then hijack the HTTP connection to send raw output. For more information about hijacking and the stream format, [see the documentation for the attach endpoint](#operation/ContainerAttach).
          type: "boolean"
          default: false
        - name: "stdout"
@ -9826,23 +9977,16 @@ paths:
    get:
      summary: "Get task logs"
      description: |
-        Get `stdout` and `stderr` logs from a task.
+        Get `stdout` and `stderr` logs from a task. See also [`/containers/{id}/logs`](#operation/ContainerLogs).
-        **Note**: This endpoint works only for services with the `json-file` or `journald` logging drivers.
+        **Note**: This endpoint works only for services with the `local`, `json-file` or `journald` logging drivers.
      operationId: "TaskLogs"
      produces:
        - "application/vnd.docker.raw-stream"
        - "application/json"
      responses:
-        101:
+        200:
-          description: "logs returned as a stream"
+          description: "logs returned as a stream in response body"
          schema:
            type: "string"
            format: "binary"
        200:
          description: "logs returned as a string in response body"
          schema:
            type: "string"
        404:
          description: "no such task"
          schema:
@ -9871,10 +10015,7 @@ paths:
          default: false
        - name: "follow"
          in: "query"
-          description: |
+          description: "Keep connection after returning logs."
            Return the logs as a stream.
            This will return a `101` HTTP response with a `Connection: upgrade` header, then hijack the HTTP connection to send raw output. For more information about hijacking and the stream format, [see the documentation for the attach endpoint](#operation/ContainerAttach).
          type: "boolean"
          default: false
        - name: "stdout"
@ -10398,9 +10539,6 @@ paths:
      description: |
        Start a new interactive session with a server. Session allows server to call back to the client for advanced capabilities.
        > **Note**: This endpoint is *experimental* and only available if the daemon is started with experimental
        > features enabled. The specifications for this endpoint may still change in a future version of the API.
        ### Hijacking
        This endpoint hijacks the HTTP connection to HTTP2 transport that allows the client to expose gPRC services on that connection.
@ -10434,4 +10572,4 @@ paths:
          description: "server error"
          schema:
            $ref: "#/definitions/ErrorResponse"
-      tags: ["Session (experimental)"]
+      tags: ["Session"]
--- a/vendor/github.com/docker/docker/api/types/client.go
+++ b/vendor/github.com/docker/docker/api/types/client.go
@ -50,7 +50,7 @@ type ContainerCommitOptions struct {
 // ContainerExecInspect holds information returned by exec inspect.
 type ContainerExecInspect struct {
-	ExecID      string
+	ExecID      string `json:"ID"`
 	ContainerID string
 	Running     bool
 	ExitCode    int
--- a/vendor/github.com/docker/docker/api/types/container/container_changes.go
+++ b/vendor/github.com/docker/docker/api/types/container/container_changes.go
@ -1,4 +1,4 @@
-package container
+package container // import "github.com/docker/docker/api/types/container"
 // ----------------------------------------------------------------------------
 // DO NOT EDIT THIS FILE
--- a/vendor/github.com/docker/docker/api/types/container/container_create.go
+++ b/vendor/github.com/docker/docker/api/types/container/container_create.go
@ -1,4 +1,4 @@
-package container
+package container // import "github.com/docker/docker/api/types/container"
 // ----------------------------------------------------------------------------
 // DO NOT EDIT THIS FILE
--- a/vendor/github.com/docker/docker/api/types/container/container_top.go
+++ b/vendor/github.com/docker/docker/api/types/container/container_top.go
@ -1,4 +1,4 @@
-package container
+package container // import "github.com/docker/docker/api/types/container"
 // ----------------------------------------------------------------------------
 // DO NOT EDIT THIS FILE
--- a/vendor/github.com/docker/docker/api/types/container/container_update.go
+++ b/vendor/github.com/docker/docker/api/types/container/container_update.go
@ -1,4 +1,4 @@
-package container
+package container // import "github.com/docker/docker/api/types/container"
 // ----------------------------------------------------------------------------
 // DO NOT EDIT THIS FILE
--- a/vendor/github.com/docker/docker/api/types/container/container_wait.go
+++ b/vendor/github.com/docker/docker/api/types/container/container_wait.go
@ -1,4 +1,4 @@
-package container
+package container // import "github.com/docker/docker/api/types/container"
 // ----------------------------------------------------------------------------
 // DO NOT EDIT THIS FILE
--- a/vendor/github.com/docker/docker/api/types/container/host_config.go
+++ b/vendor/github.com/docker/docker/api/types/container/host_config.go
@ -338,7 +338,6 @@ type Resources struct {
 	Devices              []DeviceMapping // List of devices to map inside the container
 	DeviceCgroupRules    []string        // List of rule to be added to the device cgroup
 	DeviceRequests       []DeviceRequest // List of device requests for device drivers
 	DiskQuota            int64           // Disk limit (in bytes)
 	KernelMemory         int64           // Kernel memory limit (in bytes)
 	KernelMemoryTCP      int64           // Hard limit for kernel TCP buffer memory (in bytes)
 	MemoryReservation    int64           // Memory soft limit (in bytes)
--- a/vendor/github.com/docker/docker/api/types/filters/parse.go
+++ b/vendor/github.com/docker/docker/api/types/filters/parse.go
@ -5,7 +5,6 @@ package filters // import "github.com/docker/docker/api/types/filters"
 import (
 	"encoding/json"
 	"errors"
 	"regexp"
 	"strings"
@ -37,39 +36,13 @@ func NewArgs(initialArgs ...KeyValuePair) Args {
 	return args
 }
-// ParseFlag parses a key=value string and adds it to an Args.
+// Keys returns all the keys in list of Args
-//
+func (args Args) Keys() []string {
-// Deprecated: Use Args.Add()
+	keys := make([]string, 0, len(args.fields))
-func ParseFlag(arg string, prev Args) (Args, error) {
+	for k := range args.fields {
-	filters := prev
+		keys = append(keys, k)
 	if len(arg) == 0 {
 		return filters, nil
 	}
-
+	return keys
 	if !strings.Contains(arg, "=") {
 		return filters, ErrBadFormat
 	}
 	f := strings.SplitN(arg, "=", 2)
 	name := strings.ToLower(strings.TrimSpace(f[0]))
 	value := strings.TrimSpace(f[1])
 	filters.Add(name, value)
 	return filters, nil
 }
 // ErrBadFormat is an error returned when a filter is not in the form key=value
 //
 // Deprecated: this error will be removed in a future version
 var ErrBadFormat = errors.New("bad format of filter (expected name=value)")
 // ToParam encodes the Args as args JSON encoded string
 //
 // Deprecated: use ToJSON
 func ToParam(a Args) (string, error) {
 	return ToJSON(a)
 }
 // MarshalJSON returns a JSON byte representation of the Args
@ -107,13 +80,6 @@ func ToParamWithVersion(version string, a Args) (string, error) {
 	return ToJSON(a)
 }
 // FromParam decodes a JSON encoded string into Args
 //
 // Deprecated: use FromJSON
 func FromParam(p string) (Args, error) {
 	return FromJSON(p)
 }
 // FromJSON decodes a JSON encoded string into Args
 func FromJSON(p string) (Args, error) {
 	args := NewArgs()
@ -275,14 +241,6 @@ func (args Args) FuzzyMatch(key, source string) bool {
 	return false
 }
 // Include returns true if the key exists in the mapping
 //
 // Deprecated: use Contains
 func (args Args) Include(field string) bool {
 	_, ok := args.fields[field]
 	return ok
 }
 // Contains returns true if the key exists in the mapping
 func (args Args) Contains(field string) bool {
 	_, ok := args.fields[field]
--- a/vendor/github.com/docker/docker/api/types/image/image_history.go
+++ b/vendor/github.com/docker/docker/api/types/image/image_history.go
@ -1,4 +1,4 @@
-package image
+package image // import "github.com/docker/docker/api/types/image"
 // ----------------------------------------------------------------------------
 // DO NOT EDIT THIS FILE
--- a/vendor/github.com/docker/docker/api/types/volume/volume_create.go
+++ b/vendor/github.com/docker/docker/api/types/volume/volume_create.go
@ -1,4 +1,4 @@
-package volume
+package volume // import "github.com/docker/docker/api/types/volume"
 // ----------------------------------------------------------------------------
 // DO NOT EDIT THIS FILE
--- a/vendor/github.com/docker/docker/api/types/volume/volume_list.go
+++ b/vendor/github.com/docker/docker/api/types/volume/volume_list.go
@ -1,4 +1,4 @@
-package volume
+package volume // import "github.com/docker/docker/api/types/volume"
 // ----------------------------------------------------------------------------
 // DO NOT EDIT THIS FILE
--- a/vendor/github.com/docker/docker/client/BUILD
+++ b/vendor/github.com/docker/docker/client/BUILD
@ -100,7 +100,6 @@ go_library(
        "service_logs.go",
        "service_remove.go",
        "service_update.go",
        "session.go",
        "swarm_get_unlock_key.go",
        "swarm_init.go",
        "swarm_inspect.go",
--- a/vendor/github.com/docker/docker/client/client.go
+++ b/vendor/github.com/docker/docker/client/client.go
@ -81,6 +81,15 @@ type Client struct {
 	customHTTPHeaders map[string]string
 	// manualOverride is set to true when the version was set by users.
 	manualOverride bool
 	// negotiateVersion indicates if the client should automatically negotiate
 	// the API version to use when making requests. API version negotiation is
 	// performed on the first request, after which negotiated is set to "true"
 	// so that subsequent requests do not re-negotiate.
 	negotiateVersion bool
 	// negotiated indicates that API version negotiation took place
 	negotiated bool
 }
 // CheckRedirect specifies the policy for dealing with redirect responses:
@ -107,7 +116,7 @@ func CheckRedirect(req *http.Request, via []*http.Request) error {
 // It won't send any version information if the version number is empty. It is
 // highly recommended that you set a version or your client may break if the
 // server is upgraded.
-func NewClientWithOpts(ops ...func(*Client) error) (*Client, error) {
+func NewClientWithOpts(ops ...Opt) (*Client, error) {
 	client, err := defaultHTTPClient(DefaultDockerHost)
 	if err != nil {
 		return nil, err
@ -169,8 +178,11 @@ func (cli *Client) Close() error {
 // getAPIPath returns the versioned request path to call the api.
 // It appends the query parameters to the path if they are not empty.
-func (cli *Client) getAPIPath(p string, query url.Values) string {
+func (cli *Client) getAPIPath(ctx context.Context, p string, query url.Values) string {
 	var apiPath string
 	if cli.negotiateVersion && !cli.negotiated {
 		cli.NegotiateAPIVersion(ctx)
 	}
 	if cli.version != "" {
 		v := strings.TrimPrefix(cli.version, "v")
 		apiPath = path.Join(cli.basePath, "/v"+v, p)
@ -186,19 +198,31 @@ func (cli *Client) ClientVersion() string {
 }
 // NegotiateAPIVersion queries the API and updates the version to match the
-// API version. Any errors are silently ignored.
+// API version. Any errors are silently ignored. If a manual override is in place,
 // either through the `DOCKER_API_VERSION` environment variable, or if the client
 // was initialized with a fixed version (`opts.WithVersion(xx)`), no negotiation
 // will be performed.
 func (cli *Client) NegotiateAPIVersion(ctx context.Context) {
-	ping, _ := cli.Ping(ctx)
+	if !cli.manualOverride {
-	cli.NegotiateAPIVersionPing(ping)
+		ping, _ := cli.Ping(ctx)
 		cli.negotiateAPIVersionPing(ping)
 	}
 }
 // NegotiateAPIVersionPing updates the client version to match the Ping.APIVersion
-// if the ping version is less than the default version.
+// if the ping version is less than the default version.  If a manual override is
 // in place, either through the `DOCKER_API_VERSION` environment variable, or if
 // the client was initialized with a fixed version (`opts.WithVersion(xx)`), no
 // negotiation is performed.
 func (cli *Client) NegotiateAPIVersionPing(p types.Ping) {
-	if cli.manualOverride {
+	if !cli.manualOverride {
-		return
+		cli.negotiateAPIVersionPing(p)
 	}
 }
 // negotiateAPIVersionPing queries the API and updates the version to match the
 // API version. Any errors are silently ignored.
 func (cli *Client) negotiateAPIVersionPing(p types.Ping) {
 	// try the latest version before versioning headers existed
 	if p.APIVersion == "" {
 		p.APIVersion = "1.24"
@ -213,6 +237,12 @@ func (cli *Client) NegotiateAPIVersionPing(p types.Ping) {
 	if versions.LessThan(p.APIVersion, cli.version) {
 		cli.version = p.APIVersion
 	}
 	// Store the results, so that automatic API version negotiation (if enabled)
 	// won't be performed on the next request.
 	if cli.negotiateVersion {
 		cli.negotiated = true
 	}
 }
 // DaemonHost returns the host address used by the client
--- a/vendor/github.com/docker/docker/client/hijack.go
+++ b/vendor/github.com/docker/docker/client/hijack.go
@ -23,7 +23,7 @@ func (cli *Client) postHijacked(ctx context.Context, path string, query url.Valu
 		return types.HijackedResponse{}, err
 	}
-	apiPath := cli.getAPIPath(path, query)
+	apiPath := cli.getAPIPath(ctx, path, query)
 	req, err := http.NewRequest("POST", apiPath, bodyEncoded)
 	if err != nil {
 		return types.HijackedResponse{}, err
@ -38,6 +38,17 @@ func (cli *Client) postHijacked(ctx context.Context, path string, query url.Valu
 	return types.HijackedResponse{Conn: conn, Reader: bufio.NewReader(conn)}, err
 }
 // DialHijack returns a hijacked connection with negotiated protocol proto.
 func (cli *Client) DialHijack(ctx context.Context, url, proto string, meta map[string][]string) (net.Conn, error) {
 	req, err := http.NewRequest("POST", url, nil)
 	if err != nil {
 		return nil, err
 	}
 	req = cli.addHeaders(req, meta)
 	return cli.setupHijackConn(ctx, req, proto)
 }
 // fallbackDial is used when WithDialer() was not called.
 // See cli.Dialer().
 func fallbackDial(proto, addr string, tlsConfig *tls.Config) (net.Conn, error) {
--- a/vendor/github.com/docker/docker/client/interface.go
+++ b/vendor/github.com/docker/docker/client/interface.go
@ -38,7 +38,7 @@ type CommonAPIClient interface {
 	ServerVersion(ctx context.Context) (types.Version, error)
 	NegotiateAPIVersion(ctx context.Context)
 	NegotiateAPIVersionPing(types.Ping)
-	DialSession(ctx context.Context, proto string, meta map[string][]string) (net.Conn, error)
+	DialHijack(ctx context.Context, url, proto string, meta map[string][]string) (net.Conn, error)
 	Dialer() func(context.Context) (net.Conn, error)
 	Close() error
 }
--- a/vendor/github.com/docker/docker/client/options.go
+++ b/vendor/github.com/docker/docker/client/options.go
@ -6,12 +6,16 @@ import (
 	"net/http"
 	"os"
 	"path/filepath"
 	"time"
 	"github.com/docker/go-connections/sockets"
 	"github.com/docker/go-connections/tlsconfig"
 	"github.com/pkg/errors"
 )
 // Opt is a configuration option to initialize a client
 type Opt func(*Client) error
 // FromEnv configures the client with values from environment variables.
 //
 // Supported environment variables:
@ -55,13 +59,13 @@ func FromEnv(c *Client) error {
 // WithDialer applies the dialer.DialContext to the client transport. This can be
 // used to set the Timeout and KeepAlive settings of the client.
 // Deprecated: use WithDialContext
-func WithDialer(dialer *net.Dialer) func(*Client) error {
+func WithDialer(dialer *net.Dialer) Opt {
 	return WithDialContext(dialer.DialContext)
 }
 // WithDialContext applies the dialer to the client transport. This can be
 // used to set the Timeout and KeepAlive settings of the client.
-func WithDialContext(dialContext func(ctx context.Context, network, addr string) (net.Conn, error)) func(*Client) error {
+func WithDialContext(dialContext func(ctx context.Context, network, addr string) (net.Conn, error)) Opt {
 	return func(c *Client) error {
 		if transport, ok := c.client.Transport.(*http.Transport); ok {
 			transport.DialContext = dialContext
@ -72,7 +76,7 @@ func WithDialContext(dialContext func(ctx context.Context, network, addr string)
 }
 // WithHost overrides the client host with the specified one.
-func WithHost(host string) func(*Client) error {
+func WithHost(host string) Opt {
 	return func(c *Client) error {
 		hostURL, err := ParseHostURL(host)
 		if err != nil {
@ -90,7 +94,7 @@ func WithHost(host string) func(*Client) error {
 }
 // WithHTTPClient overrides the client http client with the specified one
-func WithHTTPClient(client *http.Client) func(*Client) error {
+func WithHTTPClient(client *http.Client) Opt {
 	return func(c *Client) error {
 		if client != nil {
 			c.client = client
@ -99,8 +103,16 @@ func WithHTTPClient(client *http.Client) func(*Client) error {
 	}
 }
 // WithTimeout configures the time limit for requests made by the HTTP client
 func WithTimeout(timeout time.Duration) Opt {
 	return func(c *Client) error {
 		c.client.Timeout = timeout
 		return nil
 	}
 }
 // WithHTTPHeaders overrides the client default http headers
-func WithHTTPHeaders(headers map[string]string) func(*Client) error {
+func WithHTTPHeaders(headers map[string]string) Opt {
 	return func(c *Client) error {
 		c.customHTTPHeaders = headers
 		return nil
@ -108,7 +120,7 @@ func WithHTTPHeaders(headers map[string]string) func(*Client) error {
 }
 // WithScheme overrides the client scheme with the specified one
-func WithScheme(scheme string) func(*Client) error {
+func WithScheme(scheme string) Opt {
 	return func(c *Client) error {
 		c.scheme = scheme
 		return nil
@ -116,7 +128,7 @@ func WithScheme(scheme string) func(*Client) error {
 }
 // WithTLSClientConfig applies a tls config to the client transport.
-func WithTLSClientConfig(cacertPath, certPath, keyPath string) func(*Client) error {
+func WithTLSClientConfig(cacertPath, certPath, keyPath string) Opt {
 	return func(c *Client) error {
 		opts := tlsconfig.Options{
 			CAFile:             cacertPath,
@ -136,11 +148,25 @@ func WithTLSClientConfig(cacertPath, certPath, keyPath string) func(*Client) err
 	}
 }
-// WithVersion overrides the client version with the specified one
+// WithVersion overrides the client version with the specified one. If an empty
-func WithVersion(version string) func(*Client) error {
+// version is specified, the value will be ignored to allow version negotiation.
 func WithVersion(version string) Opt {
 	return func(c *Client) error {
-		c.version = version
+		if version != "" {
-		c.manualOverride = true
+			c.version = version
 			c.manualOverride = true
 		}
 		return nil
 	}
 }
 // WithAPIVersionNegotiation enables automatic API version negotiation for the client.
 // With this option enabled, the client automatically negotiates the API version
 // to use when making requests. API version negotiation is performed on the first
 // request; subsequent requests will not re-negotiate.
 func WithAPIVersionNegotiation() Opt {
 	return func(c *Client) error {
 		c.negotiateVersion = true
 		return nil
 	}
 }
--- a/vendor/github.com/docker/docker/client/ping.go
+++ b/vendor/github.com/docker/docker/client/ping.go
@ -31,6 +31,8 @@ func (cli *Client) Ping(ctx context.Context) (types.Ping, error) {
 			// Server handled the request, so parse the response
 			return parsePingResponse(cli, serverResp)
 		}
 	} else if IsErrConnectionFailed(err) {
 		return ping, err
 	}
 	req, err = cli.buildRequest("GET", path.Join(cli.basePath, "/_ping"), nil, nil)
--- a/vendor/github.com/docker/docker/client/request.go
+++ b/vendor/github.com/docker/docker/client/request.go
@ -115,7 +115,7 @@ func (cli *Client) buildRequest(method, path string, body io.Reader, headers hea
 }
 func (cli *Client) sendRequest(ctx context.Context, method, path string, query url.Values, body io.Reader, headers headers) (serverResponse, error) {
-	req, err := cli.buildRequest(method, cli.getAPIPath(path, query), body, headers)
+	req, err := cli.buildRequest(method, cli.getAPIPath(ctx, path, query), body, headers)
 	if err != nil {
 		return serverResponse{}, err
 	}
@ -178,7 +178,13 @@ func (cli *Client) doRequest(ctx context.Context, req *http.Request) (serverResp
 		// this is localised - for example in French the error would be
 		// `open //./pipe/docker_engine: Le fichier spécifié est introuvable.`
 		if strings.Contains(err.Error(), `open //./pipe/docker_engine`) {
-			err = errors.New(err.Error() + " In the default daemon configuration on Windows, the docker client must be run elevated to connect. This error may also indicate that the docker daemon is not running.")
+			// Checks if client is running with elevated privileges
 			if f, elevatedErr := os.Open("\\\\.\\PHYSICALDRIVE0"); elevatedErr == nil {
 				err = errors.Wrap(err, "In the default daemon configuration on Windows, the docker client must be run with elevated privileges to connect.")
 			} else {
 				f.Close()
 				err = errors.Wrap(err, "This error may indicate that the docker daemon is not running.")
 			}
 		}
 		return serverResp, errors.Wrap(err, "error during connect")
--- a/vendor/github.com/docker/docker/client/session.go
+++ b/vendor/github.com/docker/docker/client/session.go
@ -1,18 +0,0 @@
 package client // import "github.com/docker/docker/client"
 import (
 	"context"
 	"net"
 	"net/http"
 )
 // DialSession returns a connection that can be used communication with daemon
 func (cli *Client) DialSession(ctx context.Context, proto string, meta map[string][]string) (net.Conn, error) {
 	req, err := http.NewRequest("POST", "/session", nil)
 	if err != nil {
 		return nil, err
 	}
 	req = cli.addHeaders(req, meta)
 	return cli.setupHijackConn(ctx, req, proto)
 }
--- a/vendor/github.com/docker/docker/errdefs/BUILD
+++ b/vendor/github.com/docker/docker/errdefs/BUILD
@ -13,6 +13,7 @@ go_library(
    importpath = "github.com/docker/docker/errdefs",
    visibility = ["//visibility:public"],
    deps = [
        "//vendor/github.com/containerd/containerd/errdefs:go_default_library",
        "//vendor/github.com/docker/distribution/registry/api/errcode:go_default_library",
        "//vendor/github.com/sirupsen/logrus:go_default_library",
        "//vendor/google.golang.org/grpc/codes:go_default_library",
--- a/vendor/github.com/docker/docker/errdefs/http_helpers.go
+++ b/vendor/github.com/docker/docker/errdefs/http_helpers.go
@ -4,6 +4,7 @@ import (
 	"fmt"
 	"net/http"
 	containerderrors "github.com/containerd/containerd/errdefs"
 	"github.com/docker/distribution/registry/api/errcode"
 	"github.com/sirupsen/logrus"
 	"google.golang.org/grpc/codes"
@ -47,6 +48,10 @@ func GetHTTPErrorStatusCode(err error) int {
 		if statusCode != http.StatusInternalServerError {
 			return statusCode
 		}
 		statusCode = statusCodeFromContainerdError(err)
 		if statusCode != http.StatusInternalServerError {
 			return statusCode
 		}
 		statusCode = statusCodeFromDistributionError(err)
 		if statusCode != http.StatusInternalServerError {
 			return statusCode
@ -136,9 +141,6 @@ func statusCodeFromGRPCError(err error) int {
 	case codes.Unavailable: // code 14
 		return http.StatusServiceUnavailable
 	default:
 		if e, ok := err.(causer); ok {
 			return statusCodeFromGRPCError(e.Cause())
 		}
 		// codes.Canceled(1)
 		// codes.Unknown(2)
 		// codes.DeadlineExceeded(4)
@ -163,10 +165,27 @@ func statusCodeFromDistributionError(err error) int {
 		}
 	case errcode.ErrorCoder:
 		return errs.ErrorCode().Descriptor().HTTPStatusCode
 	default:
 		if e, ok := err.(causer); ok {
 			return statusCodeFromDistributionError(e.Cause())
 		}
 	}
 	return http.StatusInternalServerError
 }
 // statusCodeFromContainerdError returns status code for containerd errors when
 // consumed directly (not through gRPC)
 func statusCodeFromContainerdError(err error) int {
 	switch {
 	case containerderrors.IsInvalidArgument(err):
 		return http.StatusBadRequest
 	case containerderrors.IsNotFound(err):
 		return http.StatusNotFound
 	case containerderrors.IsAlreadyExists(err):
 		return http.StatusConflict
 	case containerderrors.IsFailedPrecondition(err):
 		return http.StatusPreconditionFailed
 	case containerderrors.IsUnavailable(err):
 		return http.StatusServiceUnavailable
 	case containerderrors.IsNotImplemented(err):
 		return http.StatusNotImplemented
 	default:
 		return http.StatusInternalServerError
 	}
 }
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@ -217,7 +217,7 @@ github.com/dgrijalva/jwt-go
 github.com/docker/distribution/digestset
 github.com/docker/distribution/reference
 github.com/docker/distribution/registry/api/errcode
-# github.com/docker/docker v0.7.3-0.20190327010347-be7ac8be2ae0 => github.com/docker/docker v0.7.3-0.20190327010347-be7ac8be2ae0
+# github.com/docker/docker v1.4.2-0.20200309214505-aa6a9891b09c => github.com/docker/docker v1.4.2-0.20200309214505-aa6a9891b09c
 github.com/docker/docker/api
 github.com/docker/docker/api/types
 github.com/docker/docker/api/types/blkiodev