This type is only used by CLI code. It duplicates SecretReference in the
types/swarm package. Change the CLI code to use that type instead.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
... | ... |
@@ -4,7 +4,6 @@ import ( |
4 | 4 |
"bufio" |
5 | 5 |
"io" |
6 | 6 |
"net" |
7 |
- "os" |
|
8 | 7 |
|
9 | 8 |
"github.com/docker/docker/api/types/container" |
10 | 9 |
"github.com/docker/docker/api/types/filters" |
... | ... |
@@ -364,15 +363,6 @@ type PluginInstallOptions struct { |
364 | 364 |
Args []string |
365 | 365 |
} |
366 | 366 |
|
367 |
-// SecretRequestOption is a type for requesting secrets |
|
368 |
-type SecretRequestOption struct { |
|
369 |
- Source string |
|
370 |
- Target string |
|
371 |
- UID string |
|
372 |
- GID string |
|
373 |
- Mode os.FileMode |
|
374 |
-} |
|
375 |
- |
|
376 | 367 |
// SwarmUnlockKeyResponse contains the response for Engine API: |
377 | 368 |
// GET /swarm/unlockkey |
378 | 369 |
type SwarmUnlockKeyResponse struct { |
... | ... |
@@ -10,27 +10,19 @@ import ( |
10 | 10 |
"golang.org/x/net/context" |
11 | 11 |
) |
12 | 12 |
|
13 |
-// ParseSecrets retrieves the secrets from the requested names and converts |
|
14 |
-// them to secret references to use with the spec |
|
15 |
-func ParseSecrets(client client.SecretAPIClient, requestedSecrets []*types.SecretRequestOption) ([]*swarmtypes.SecretReference, error) { |
|
13 |
+// ParseSecrets retrieves the secrets with the requested names and fills |
|
14 |
+// secret IDs into the secret references. |
|
15 |
+func ParseSecrets(client client.SecretAPIClient, requestedSecrets []*swarmtypes.SecretReference) ([]*swarmtypes.SecretReference, error) { |
|
16 | 16 |
secretRefs := make(map[string]*swarmtypes.SecretReference) |
17 | 17 |
ctx := context.Background() |
18 | 18 |
|
19 | 19 |
for _, secret := range requestedSecrets { |
20 |
- if _, exists := secretRefs[secret.Target]; exists { |
|
21 |
- return nil, fmt.Errorf("duplicate secret target for %s not allowed", secret.Source) |
|
20 |
+ if _, exists := secretRefs[secret.File.Name]; exists { |
|
21 |
+ return nil, fmt.Errorf("duplicate secret target for %s not allowed", secret.SecretName) |
|
22 | 22 |
} |
23 |
- secretRef := &swarmtypes.SecretReference{ |
|
24 |
- File: &swarmtypes.SecretReferenceFileTarget{ |
|
25 |
- Name: secret.Target, |
|
26 |
- UID: secret.UID, |
|
27 |
- GID: secret.GID, |
|
28 |
- Mode: secret.Mode, |
|
29 |
- }, |
|
30 |
- SecretName: secret.Source, |
|
31 |
- } |
|
32 |
- |
|
33 |
- secretRefs[secret.Target] = secretRef |
|
23 |
+ secretRef := new(swarmtypes.SecretReference) |
|
24 |
+ *secretRef = *secret |
|
25 |
+ secretRefs[secret.File.Name] = secretRef |
|
34 | 26 |
} |
35 | 27 |
|
36 | 28 |
args := filters.NewArgs() |
... | ... |
@@ -7,7 +7,6 @@ import ( |
7 | 7 |
"strings" |
8 | 8 |
"time" |
9 | 9 |
|
10 |
- "github.com/docker/docker/api/types" |
|
11 | 10 |
"github.com/docker/docker/api/types/container" |
12 | 11 |
"github.com/docker/docker/api/types/swarm" |
13 | 12 |
servicecli "github.com/docker/docker/cli/command/service" |
... | ... |
@@ -196,7 +195,7 @@ func convertServiceSecrets( |
196 | 196 |
secrets []composetypes.ServiceSecretConfig, |
197 | 197 |
secretSpecs map[string]composetypes.SecretConfig, |
198 | 198 |
) ([]*swarm.SecretReference, error) { |
199 |
- opts := []*types.SecretRequestOption{} |
|
199 |
+ refs := []*swarm.SecretReference{} |
|
200 | 200 |
for _, secret := range secrets { |
201 | 201 |
target := secret.Target |
202 | 202 |
if target == "" { |
... | ... |
@@ -222,16 +221,18 @@ func convertServiceSecrets( |
222 | 222 |
mode = uint32Ptr(0444) |
223 | 223 |
} |
224 | 224 |
|
225 |
- opts = append(opts, &types.SecretRequestOption{ |
|
226 |
- Source: source, |
|
227 |
- Target: target, |
|
228 |
- UID: uid, |
|
229 |
- GID: gid, |
|
230 |
- Mode: os.FileMode(*mode), |
|
225 |
+ refs = append(refs, &swarm.SecretReference{ |
|
226 |
+ File: &swarm.SecretReferenceFileTarget{ |
|
227 |
+ Name: target, |
|
228 |
+ UID: uid, |
|
229 |
+ GID: gid, |
|
230 |
+ Mode: os.FileMode(*mode), |
|
231 |
+ }, |
|
232 |
+ SecretName: source, |
|
231 | 233 |
}) |
232 | 234 |
} |
233 | 235 |
|
234 |
- return servicecli.ParseSecrets(client, opts) |
|
236 |
+ return servicecli.ParseSecrets(client, refs) |
|
235 | 237 |
} |
236 | 238 |
|
237 | 239 |
func uint32Ptr(value uint32) *uint32 { |
... | ... |
@@ -8,12 +8,12 @@ import ( |
8 | 8 |
"strconv" |
9 | 9 |
"strings" |
10 | 10 |
|
11 |
- "github.com/docker/docker/api/types" |
|
11 |
+ swarmtypes "github.com/docker/docker/api/types/swarm" |
|
12 | 12 |
) |
13 | 13 |
|
14 | 14 |
// SecretOpt is a Value type for parsing secrets |
15 | 15 |
type SecretOpt struct { |
16 |
- values []*types.SecretRequestOption |
|
16 |
+ values []*swarmtypes.SecretReference |
|
17 | 17 |
} |
18 | 18 |
|
19 | 19 |
// Set a new secret value |
... | ... |
@@ -24,18 +24,18 @@ func (o *SecretOpt) Set(value string) error { |
24 | 24 |
return err |
25 | 25 |
} |
26 | 26 |
|
27 |
- options := &types.SecretRequestOption{ |
|
28 |
- Source: "", |
|
29 |
- Target: "", |
|
30 |
- UID: "0", |
|
31 |
- GID: "0", |
|
32 |
- Mode: 0444, |
|
27 |
+ options := &swarmtypes.SecretReference{ |
|
28 |
+ File: &swarmtypes.SecretReferenceFileTarget{ |
|
29 |
+ UID: "0", |
|
30 |
+ GID: "0", |
|
31 |
+ Mode: 0444, |
|
32 |
+ }, |
|
33 | 33 |
} |
34 | 34 |
|
35 | 35 |
// support a simple syntax of --secret foo |
36 | 36 |
if len(fields) == 1 { |
37 |
- options.Source = fields[0] |
|
38 |
- options.Target = fields[0] |
|
37 |
+ options.File.Name = fields[0] |
|
38 |
+ options.SecretName = fields[0] |
|
39 | 39 |
o.values = append(o.values, options) |
40 | 40 |
return nil |
41 | 41 |
} |
... | ... |
@@ -51,34 +51,30 @@ func (o *SecretOpt) Set(value string) error { |
51 | 51 |
value := parts[1] |
52 | 52 |
switch key { |
53 | 53 |
case "source", "src": |
54 |
- options.Source = value |
|
54 |
+ options.SecretName = value |
|
55 | 55 |
case "target": |
56 | 56 |
tDir, _ := filepath.Split(value) |
57 | 57 |
if tDir != "" { |
58 | 58 |
return fmt.Errorf("target must not be a path") |
59 | 59 |
} |
60 |
- options.Target = value |
|
60 |
+ options.File.Name = value |
|
61 | 61 |
case "uid": |
62 |
- options.UID = value |
|
62 |
+ options.File.UID = value |
|
63 | 63 |
case "gid": |
64 |
- options.GID = value |
|
64 |
+ options.File.GID = value |
|
65 | 65 |
case "mode": |
66 | 66 |
m, err := strconv.ParseUint(value, 0, 32) |
67 | 67 |
if err != nil { |
68 | 68 |
return fmt.Errorf("invalid mode specified: %v", err) |
69 | 69 |
} |
70 | 70 |
|
71 |
- options.Mode = os.FileMode(m) |
|
71 |
+ options.File.Mode = os.FileMode(m) |
|
72 | 72 |
default: |
73 |
- if len(fields) == 1 && value == "" { |
|
74 |
- |
|
75 |
- } else { |
|
76 |
- return fmt.Errorf("invalid field in secret request: %s", key) |
|
77 |
- } |
|
73 |
+ return fmt.Errorf("invalid field in secret request: %s", key) |
|
78 | 74 |
} |
79 | 75 |
} |
80 | 76 |
|
81 |
- if options.Source == "" { |
|
77 |
+ if options.SecretName == "" { |
|
82 | 78 |
return fmt.Errorf("source is required") |
83 | 79 |
} |
84 | 80 |
|
... | ... |
@@ -95,13 +91,13 @@ func (o *SecretOpt) Type() string { |
95 | 95 |
func (o *SecretOpt) String() string { |
96 | 96 |
secrets := []string{} |
97 | 97 |
for _, secret := range o.values { |
98 |
- repr := fmt.Sprintf("%s -> %s", secret.Source, secret.Target) |
|
98 |
+ repr := fmt.Sprintf("%s -> %s", secret.SecretName, secret.File.Name) |
|
99 | 99 |
secrets = append(secrets, repr) |
100 | 100 |
} |
101 | 101 |
return strings.Join(secrets, ", ") |
102 | 102 |
} |
103 | 103 |
|
104 | 104 |
// Value returns the secret requests |
105 |
-func (o *SecretOpt) Value() []*types.SecretRequestOption { |
|
105 |
+func (o *SecretOpt) Value() []*swarmtypes.SecretReference { |
|
106 | 106 |
return o.values |
107 | 107 |
} |
... | ... |
@@ -16,10 +16,10 @@ func TestSecretOptionsSimple(t *testing.T) { |
16 | 16 |
reqs := opt.Value() |
17 | 17 |
assert.Equal(t, len(reqs), 1) |
18 | 18 |
req := reqs[0] |
19 |
- assert.Equal(t, req.Source, "app-secret") |
|
20 |
- assert.Equal(t, req.Target, "app-secret") |
|
21 |
- assert.Equal(t, req.UID, "0") |
|
22 |
- assert.Equal(t, req.GID, "0") |
|
19 |
+ assert.Equal(t, req.SecretName, "app-secret") |
|
20 |
+ assert.Equal(t, req.File.Name, "app-secret") |
|
21 |
+ assert.Equal(t, req.File.UID, "0") |
|
22 |
+ assert.Equal(t, req.File.GID, "0") |
|
23 | 23 |
} |
24 | 24 |
|
25 | 25 |
func TestSecretOptionsSourceTarget(t *testing.T) { |
... | ... |
@@ -31,8 +31,8 @@ func TestSecretOptionsSourceTarget(t *testing.T) { |
31 | 31 |
reqs := opt.Value() |
32 | 32 |
assert.Equal(t, len(reqs), 1) |
33 | 33 |
req := reqs[0] |
34 |
- assert.Equal(t, req.Source, "foo") |
|
35 |
- assert.Equal(t, req.Target, "testing") |
|
34 |
+ assert.Equal(t, req.SecretName, "foo") |
|
35 |
+ assert.Equal(t, req.File.Name, "testing") |
|
36 | 36 |
} |
37 | 37 |
|
38 | 38 |
func TestSecretOptionsShorthand(t *testing.T) { |
... | ... |
@@ -44,7 +44,7 @@ func TestSecretOptionsShorthand(t *testing.T) { |
44 | 44 |
reqs := opt.Value() |
45 | 45 |
assert.Equal(t, len(reqs), 1) |
46 | 46 |
req := reqs[0] |
47 |
- assert.Equal(t, req.Source, "foo") |
|
47 |
+ assert.Equal(t, req.SecretName, "foo") |
|
48 | 48 |
} |
49 | 49 |
|
50 | 50 |
func TestSecretOptionsCustomUidGid(t *testing.T) { |
... | ... |
@@ -56,10 +56,10 @@ func TestSecretOptionsCustomUidGid(t *testing.T) { |
56 | 56 |
reqs := opt.Value() |
57 | 57 |
assert.Equal(t, len(reqs), 1) |
58 | 58 |
req := reqs[0] |
59 |
- assert.Equal(t, req.Source, "foo") |
|
60 |
- assert.Equal(t, req.Target, "testing") |
|
61 |
- assert.Equal(t, req.UID, "1000") |
|
62 |
- assert.Equal(t, req.GID, "1001") |
|
59 |
+ assert.Equal(t, req.SecretName, "foo") |
|
60 |
+ assert.Equal(t, req.File.Name, "testing") |
|
61 |
+ assert.Equal(t, req.File.UID, "1000") |
|
62 |
+ assert.Equal(t, req.File.GID, "1001") |
|
63 | 63 |
} |
64 | 64 |
|
65 | 65 |
func TestSecretOptionsCustomMode(t *testing.T) { |
... | ... |
@@ -71,9 +71,9 @@ func TestSecretOptionsCustomMode(t *testing.T) { |
71 | 71 |
reqs := opt.Value() |
72 | 72 |
assert.Equal(t, len(reqs), 1) |
73 | 73 |
req := reqs[0] |
74 |
- assert.Equal(t, req.Source, "foo") |
|
75 |
- assert.Equal(t, req.Target, "testing") |
|
76 |
- assert.Equal(t, req.UID, "1000") |
|
77 |
- assert.Equal(t, req.GID, "1001") |
|
78 |
- assert.Equal(t, req.Mode, os.FileMode(0444)) |
|
74 |
+ assert.Equal(t, req.SecretName, "foo") |
|
75 |
+ assert.Equal(t, req.File.Name, "testing") |
|
76 |
+ assert.Equal(t, req.File.UID, "1000") |
|
77 |
+ assert.Equal(t, req.File.GID, "1001") |
|
78 |
+ assert.Equal(t, req.File.Mode, os.FileMode(0444)) |
|
79 | 79 |
} |