Browse code
simplify secret lookup on service create
Signed-off-by: Evan Hazlett <ejhazlett@gmail.com>
Evan Hazlett authored on 2016/10/28 09:57:38Showing 1 changed files
| ... | ... |
@@ -43,11 +43,9 @@ func parseSecretString(secretString string) (string, string, error) {
|
| 43 | 43 |
// parseSecrets retrieves the secrets from the requested names and converts |
| 44 | 44 |
// them to secret references to use with the spec |
| 45 | 45 |
func parseSecrets(client client.APIClient, requestedSecrets []string) ([]*swarmtypes.SecretReference, error) {
|
| 46 |
- lookupSecretNames := []string{}
|
|
| 47 |
- neededSecrets := make(map[string]*swarmtypes.SecretReference) |
|
| 46 |
+ secretRefs := make(map[string]*swarmtypes.SecretReference) |
|
| 48 | 47 |
ctx := context.Background() |
| 49 | 48 |
|
| 50 |
- neededLookup := map[string]string{}
|
|
| 51 | 49 |
for _, secret := range requestedSecrets {
|
| 52 | 50 |
n, t, err := parseSecretString(secret) |
| 53 | 51 |
if err != nil {
|
| ... | ... |
@@ -60,14 +58,15 @@ func parseSecrets(client client.APIClient, requestedSecrets []string) ([]*swarmt |
| 60 | 60 |
Target: t, |
| 61 | 61 |
} |
| 62 | 62 |
|
| 63 |
- lookupSecretNames = append(lookupSecretNames, n) |
|
| 64 |
- neededLookup[t] = n |
|
| 65 |
- neededSecrets[t] = secretRef |
|
| 63 |
+ if _, exists := secretRefs[t]; exists {
|
|
| 64 |
+ return nil, fmt.Errorf("duplicate secret target for %s not allowed", n)
|
|
| 65 |
+ } |
|
| 66 |
+ secretRefs[t] = secretRef |
|
| 66 | 67 |
} |
| 67 | 68 |
|
| 68 | 69 |
args := filters.NewArgs() |
| 69 |
- for _, s := range lookupSecretNames {
|
|
| 70 |
- args.Add("names", s)
|
|
| 70 |
+ for _, s := range secretRefs {
|
|
| 71 |
+ args.Add("names", s.SecretName)
|
|
| 71 | 72 |
} |
| 72 | 73 |
|
| 73 | 74 |
secrets, err := client.SecretList(ctx, types.SecretListOptions{
|
| ... | ... |
@@ -84,21 +83,16 @@ func parseSecrets(client client.APIClient, requestedSecrets []string) ([]*swarmt |
| 84 | 84 |
|
| 85 | 85 |
addedSecrets := []*swarmtypes.SecretReference{}
|
| 86 | 86 |
|
| 87 |
- for target, secretName := range neededLookup {
|
|
| 88 |
- id, ok := foundSecrets[secretName] |
|
| 89 |
- if !ok {
|
|
| 90 |
- return nil, fmt.Errorf("secret not found: %s", secretName)
|
|
| 91 |
- } |
|
| 92 |
- |
|
| 93 |
- secretRef, ok := neededSecrets[target] |
|
| 87 |
+ for _, ref := range secretRefs {
|
|
| 88 |
+ id, ok := foundSecrets[ref.SecretName] |
|
| 94 | 89 |
if !ok {
|
| 95 |
- return nil, fmt.Errorf("secret reference not found: %s", secretName)
|
|
| 90 |
+ return nil, fmt.Errorf("secret not found: %s", ref.SecretName)
|
|
| 96 | 91 |
} |
| 97 | 92 |
|
| 98 | 93 |
// set the id for the ref to properly assign in swarm |
| 99 | 94 |
// since swarm needs the ID instead of the name |
| 100 |
- secretRef.SecretID = id |
|
| 101 |
- addedSecrets = append(addedSecrets, secretRef) |
|
| 95 |
+ ref.SecretID = id |
|
| 96 |
+ addedSecrets = append(addedSecrets, ref) |
|
| 102 | 97 |
} |
| 103 | 98 |
|
| 104 | 99 |
return addedSecrets, nil |