From d494d4c8b46c576d8792cac0de5ffc4e640b94a4 Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 3 Aug 2021 16:46:18 +0200
Subject: [PATCH] info: skip client-side warning about seccomp profile on API
 >= 1.42

This warning will be moved to the daemon-side, similar to how it returns
other warnings. There's work in progress to change the name of the default
profile, so we may need to backport this change to prevent existing clients
from printing an incorrect warning if they're connecting to a newer daemon.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 cli/command/system/info.go | 31 ++++++++++++++++++++++++++++---
 1 file changed, 28 insertions(+), 3 deletions(-)

diff --git a/cli/command/system/info.go b/cli/command/system/info.go
index dfa90702c306..481d2319ad7b 100644
--- a/cli/command/system/info.go
+++ b/cli/command/system/info.go
@@ -9,6 +9,8 @@ import (
 	"sort"
 	"strings"
 
+	"github.com/docker/docker/api/types/versions"
+
 	"github.com/docker/cli/cli"
 	pluginmanager "github.com/docker/cli/cli-plugins/manager"
 	"github.com/docker/cli/cli/command"
@@ -254,9 +256,6 @@ func prettyPrintServerInfo(dockerCli command.Cli, info types.Info) []error {
 					for _, o := range so.Options {
 						switch o.Key {
 						case "profile":
-							if o.Value != "default" {
-								fmt.Fprintln(dockerCli.Err(), "  WARNING: You're not using the default seccomp profile")
-							}
 							fmt.Fprintln(dockerCli.Out(), "   Profile:", o.Value)
 						}
 					}
@@ -421,6 +420,9 @@ func printSwarmInfo(dockerCli command.Cli, info types.Info) {
 }
 
 func printServerWarnings(dockerCli command.Cli, info types.Info) {
+	if versions.LessThan(dockerCli.Client().ClientVersion(), "1.42") {
+		printSecurityOptionsWarnings(dockerCli, info)
+	}
 	if len(info.Warnings) > 0 {
 		fmt.Fprintln(dockerCli.Err(), strings.Join(info.Warnings, "\n"))
 		return
@@ -430,6 +432,29 @@ func printServerWarnings(dockerCli command.Cli, info types.Info) {
 	printServerWarningsLegacy(dockerCli, info)
 }
 
+// printSecurityOptionsWarnings prints warnings based on the security options
+// returned by the daemon.
+// DEPRECATED: warnings are now generated by the daemon, and returned in
+// info.Warnings. This function is used to provide backward compatibility with
+// daemons that do not provide these warnings. No new warnings should be added
+// here.
+func printSecurityOptionsWarnings(dockerCli command.Cli, info types.Info) {
+	if info.OSType == "windows" {
+		return
+	}
+	kvs, _ := types.DecodeSecurityOptions(info.SecurityOptions)
+	for _, so := range kvs {
+		if so.Name != "seccomp" {
+			continue
+		}
+		for _, o := range so.Options {
+			if o.Key == "profile" && o.Value != "default" && o.Value != "builtin" {
+				_, _ = fmt.Fprintln(dockerCli.Err(), "WARNING: You're not using the default seccomp profile")
+			}
+		}
+	}
+}
+
 // printServerWarningsLegacy generates warnings based on information returned by the daemon.
 // DEPRECATED: warnings are now generated by the daemon, and returned in
 // info.Warnings. This function is used to provide backward compatibility with