Documentation
¶
Overview ¶
Package dockerclient provides a Docker client factory that mirrors the Docker CLI's endpoint discovery order. client.FromEnv alone only honors explicit environment variables (DOCKER_HOST) and does NOT read Docker's context store (~/.docker/contexts/meta), which is how Docker Desktop, colima, and Podman set their socket on macOS/Linux. Without this resolver, a daemon/pack process that inherits an environment without DOCKER_HOST cannot reach a context-backed Docker daemon even though `docker ps` works.
Resolution order (matches `docker context show` semantics):
- DOCKER_HOST environment variable (explicit override — highest priority).
- Docker context store: ~/.docker/config.json "currentContext" → ~/.docker/contexts/meta/<digest>/meta.json "Endpoints.docker.Host".
- Platform default socket.
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ErrDaemonUnreachable = errors.New("docker daemon unreachable")
ErrDaemonUnreachable is returned when the Docker daemon cannot be reached.
Functions ¶
func ExportHostToEnv ¶
func ExportHostToEnv() error
ExportHostToEnv resolves the Docker endpoint (same order as New) and, if it was discovered from the Docker context store rather than an explicit DOCKER_HOST env var, writes it to os.Setenv("DOCKER_HOST", ...). This makes the resolved endpoint visible to child processes that only honor DOCKER_HOST (syft, cosign, buildx, docker CLI itself). It is a no-op when DOCKER_HOST is already set in the environment or the resolved host equals the platform default socket. Call this once at daemon startup before spawning any Docker-dependent external tool.
func New ¶
New returns a Docker client configured with the resolved endpoint, plus API version negotiation. TLS settings are applied when the resolved host uses TLS (tcp:// with certs configured in the context). It is safe to call from both the CLI process and the daemon subprocess.
func Ping ¶
Ping verifies that the Docker daemon at the resolved endpoint is reachable within the given timeout. Returns a descriptive error if not. Used by the daemon startup and `agent doctor` to give the user actionable feedback.
func ResolvedDockerHost ¶
ResolvedDockerHost returns the Docker daemon endpoint using the same resolution order as New. Child processes (syft, cosign) only honor DOCKER_HOST and do not read the Docker context store.
Types ¶
This section is empty.