diff --git a/api/types/client.go b/api/types/client.go index ff0e46b6a4..e1e9553ed3 100644 --- a/api/types/client.go +++ b/api/types/client.go @@ -4,7 +4,6 @@ import ( "bufio" "io" "net" - "os" "github.com/docker/docker/api/types/container" "github.com/docker/docker/api/types/filters" @@ -364,15 +363,6 @@ type PluginInstallOptions struct { Args []string } -// SecretRequestOption is a type for requesting secrets -type SecretRequestOption struct { - Source string - Target string - UID string - GID string - Mode os.FileMode -} - // SwarmUnlockKeyResponse contains the response for Engine API: // GET /swarm/unlockkey type SwarmUnlockKeyResponse struct { diff --git a/cli/command/service/parse.go b/cli/command/service/parse.go index ce9b454edd..baf5e24547 100644 --- a/cli/command/service/parse.go +++ b/cli/command/service/parse.go @@ -10,27 +10,19 @@ import ( "golang.org/x/net/context" ) -// ParseSecrets retrieves the secrets from the requested names and converts -// them to secret references to use with the spec -func ParseSecrets(client client.SecretAPIClient, requestedSecrets []*types.SecretRequestOption) ([]*swarmtypes.SecretReference, error) { +// ParseSecrets retrieves the secrets with the requested names and fills +// secret IDs into the secret references. +func ParseSecrets(client client.SecretAPIClient, requestedSecrets []*swarmtypes.SecretReference) ([]*swarmtypes.SecretReference, error) { secretRefs := make(map[string]*swarmtypes.SecretReference) ctx := context.Background() for _, secret := range requestedSecrets { - if _, exists := secretRefs[secret.Target]; exists { - return nil, fmt.Errorf("duplicate secret target for %s not allowed", secret.Source) + if _, exists := secretRefs[secret.File.Name]; exists { + return nil, fmt.Errorf("duplicate secret target for %s not allowed", secret.SecretName) } - secretRef := &swarmtypes.SecretReference{ - File: &swarmtypes.SecretReferenceFileTarget{ - Name: secret.Target, - UID: secret.UID, - GID: secret.GID, - Mode: secret.Mode, - }, - SecretName: secret.Source, - } - - secretRefs[secret.Target] = secretRef + secretRef := new(swarmtypes.SecretReference) + *secretRef = *secret + secretRefs[secret.File.Name] = secretRef } args := filters.NewArgs() diff --git a/cli/compose/convert/service.go b/cli/compose/convert/service.go index ab90d7319a..f7e539ca62 100644 --- a/cli/compose/convert/service.go +++ b/cli/compose/convert/service.go @@ -7,7 +7,6 @@ import ( "strings" "time" - "github.com/docker/docker/api/types" "github.com/docker/docker/api/types/container" "github.com/docker/docker/api/types/swarm" servicecli "github.com/docker/docker/cli/command/service" @@ -196,7 +195,7 @@ func convertServiceSecrets( secrets []composetypes.ServiceSecretConfig, secretSpecs map[string]composetypes.SecretConfig, ) ([]*swarm.SecretReference, error) { - opts := []*types.SecretRequestOption{} + refs := []*swarm.SecretReference{} for _, secret := range secrets { target := secret.Target if target == "" { @@ -222,16 +221,18 @@ func convertServiceSecrets( mode = uint32Ptr(0444) } - opts = append(opts, &types.SecretRequestOption{ - Source: source, - Target: target, - UID: uid, - GID: gid, - Mode: os.FileMode(*mode), + refs = append(refs, &swarm.SecretReference{ + File: &swarm.SecretReferenceFileTarget{ + Name: target, + UID: uid, + GID: gid, + Mode: os.FileMode(*mode), + }, + SecretName: source, }) } - return servicecli.ParseSecrets(client, opts) + return servicecli.ParseSecrets(client, refs) } func uint32Ptr(value uint32) *uint32 { diff --git a/opts/secret.go b/opts/secret.go index 1fefcf8434..56ed29eb5b 100644 --- a/opts/secret.go +++ b/opts/secret.go @@ -8,12 +8,12 @@ import ( "strconv" "strings" - "github.com/docker/docker/api/types" + swarmtypes "github.com/docker/docker/api/types/swarm" ) // SecretOpt is a Value type for parsing secrets type SecretOpt struct { - values []*types.SecretRequestOption + values []*swarmtypes.SecretReference } // Set a new secret value @@ -24,18 +24,18 @@ func (o *SecretOpt) Set(value string) error { return err } - options := &types.SecretRequestOption{ - Source: "", - Target: "", - UID: "0", - GID: "0", - Mode: 0444, + options := &swarmtypes.SecretReference{ + File: &swarmtypes.SecretReferenceFileTarget{ + UID: "0", + GID: "0", + Mode: 0444, + }, } // support a simple syntax of --secret foo if len(fields) == 1 { - options.Source = fields[0] - options.Target = fields[0] + options.File.Name = fields[0] + options.SecretName = fields[0] o.values = append(o.values, options) return nil } @@ -51,34 +51,30 @@ func (o *SecretOpt) Set(value string) error { value := parts[1] switch key { case "source", "src": - options.Source = value + options.SecretName = value case "target": tDir, _ := filepath.Split(value) if tDir != "" { return fmt.Errorf("target must not be a path") } - options.Target = value + options.File.Name = value case "uid": - options.UID = value + options.File.UID = value case "gid": - options.GID = value + options.File.GID = value case "mode": m, err := strconv.ParseUint(value, 0, 32) if err != nil { return fmt.Errorf("invalid mode specified: %v", err) } - options.Mode = os.FileMode(m) + options.File.Mode = os.FileMode(m) default: - if len(fields) == 1 && value == "" { - - } else { - return fmt.Errorf("invalid field in secret request: %s", key) - } + return fmt.Errorf("invalid field in secret request: %s", key) } } - if options.Source == "" { + if options.SecretName == "" { return fmt.Errorf("source is required") } @@ -95,13 +91,13 @@ func (o *SecretOpt) Type() string { func (o *SecretOpt) String() string { secrets := []string{} for _, secret := range o.values { - repr := fmt.Sprintf("%s -> %s", secret.Source, secret.Target) + repr := fmt.Sprintf("%s -> %s", secret.SecretName, secret.File.Name) secrets = append(secrets, repr) } return strings.Join(secrets, ", ") } // Value returns the secret requests -func (o *SecretOpt) Value() []*types.SecretRequestOption { +func (o *SecretOpt) Value() []*swarmtypes.SecretReference { return o.values } diff --git a/opts/secret_test.go b/opts/secret_test.go index d978c86e22..5654c79f1f 100644 --- a/opts/secret_test.go +++ b/opts/secret_test.go @@ -16,10 +16,10 @@ func TestSecretOptionsSimple(t *testing.T) { reqs := opt.Value() assert.Equal(t, len(reqs), 1) req := reqs[0] - assert.Equal(t, req.Source, "app-secret") - assert.Equal(t, req.Target, "app-secret") - assert.Equal(t, req.UID, "0") - assert.Equal(t, req.GID, "0") + assert.Equal(t, req.SecretName, "app-secret") + assert.Equal(t, req.File.Name, "app-secret") + assert.Equal(t, req.File.UID, "0") + assert.Equal(t, req.File.GID, "0") } func TestSecretOptionsSourceTarget(t *testing.T) { @@ -31,8 +31,8 @@ func TestSecretOptionsSourceTarget(t *testing.T) { reqs := opt.Value() assert.Equal(t, len(reqs), 1) req := reqs[0] - assert.Equal(t, req.Source, "foo") - assert.Equal(t, req.Target, "testing") + assert.Equal(t, req.SecretName, "foo") + assert.Equal(t, req.File.Name, "testing") } func TestSecretOptionsShorthand(t *testing.T) { @@ -44,7 +44,7 @@ func TestSecretOptionsShorthand(t *testing.T) { reqs := opt.Value() assert.Equal(t, len(reqs), 1) req := reqs[0] - assert.Equal(t, req.Source, "foo") + assert.Equal(t, req.SecretName, "foo") } func TestSecretOptionsCustomUidGid(t *testing.T) { @@ -56,10 +56,10 @@ func TestSecretOptionsCustomUidGid(t *testing.T) { reqs := opt.Value() assert.Equal(t, len(reqs), 1) req := reqs[0] - assert.Equal(t, req.Source, "foo") - assert.Equal(t, req.Target, "testing") - assert.Equal(t, req.UID, "1000") - assert.Equal(t, req.GID, "1001") + assert.Equal(t, req.SecretName, "foo") + assert.Equal(t, req.File.Name, "testing") + assert.Equal(t, req.File.UID, "1000") + assert.Equal(t, req.File.GID, "1001") } func TestSecretOptionsCustomMode(t *testing.T) { @@ -71,9 +71,9 @@ func TestSecretOptionsCustomMode(t *testing.T) { reqs := opt.Value() assert.Equal(t, len(reqs), 1) req := reqs[0] - assert.Equal(t, req.Source, "foo") - assert.Equal(t, req.Target, "testing") - assert.Equal(t, req.UID, "1000") - assert.Equal(t, req.GID, "1001") - assert.Equal(t, req.Mode, os.FileMode(0444)) + assert.Equal(t, req.SecretName, "foo") + assert.Equal(t, req.File.Name, "testing") + assert.Equal(t, req.File.UID, "1000") + assert.Equal(t, req.File.GID, "1001") + assert.Equal(t, req.File.Mode, os.FileMode(0444)) }