github.com/demonoid81/moby@v0.0.0-20200517203328-62dd8e17c460/daemon/cluster/secrets.go (about) 1 package cluster // import "github.com/demonoid81/moby/daemon/cluster" 2 3 import ( 4 "context" 5 6 apitypes "github.com/demonoid81/moby/api/types" 7 types "github.com/demonoid81/moby/api/types/swarm" 8 "github.com/demonoid81/moby/daemon/cluster/convert" 9 swarmapi "github.com/docker/swarmkit/api" 10 "google.golang.org/grpc" 11 ) 12 13 // GetSecret returns a secret from a managed swarm cluster 14 func (c *Cluster) GetSecret(input string) (types.Secret, error) { 15 var secret *swarmapi.Secret 16 17 if err := c.lockedManagerAction(func(ctx context.Context, state nodeState) error { 18 s, err := getSecret(ctx, state.controlClient, input) 19 if err != nil { 20 return err 21 } 22 secret = s 23 return nil 24 }); err != nil { 25 return types.Secret{}, err 26 } 27 return convert.SecretFromGRPC(secret), nil 28 } 29 30 // GetSecrets returns all secrets of a managed swarm cluster. 31 func (c *Cluster) GetSecrets(options apitypes.SecretListOptions) ([]types.Secret, error) { 32 c.mu.RLock() 33 defer c.mu.RUnlock() 34 35 state := c.currentNodeState() 36 if !state.IsActiveManager() { 37 return nil, c.errNoManager(state) 38 } 39 40 filters, err := newListSecretsFilters(options.Filters) 41 if err != nil { 42 return nil, err 43 } 44 ctx, cancel := c.getRequestContext() 45 defer cancel() 46 47 r, err := state.controlClient.ListSecrets(ctx, 48 &swarmapi.ListSecretsRequest{Filters: filters}, 49 grpc.MaxCallRecvMsgSize(defaultRecvSizeForListResponse), 50 ) 51 if err != nil { 52 return nil, err 53 } 54 55 secrets := make([]types.Secret, 0, len(r.Secrets)) 56 57 for _, secret := range r.Secrets { 58 secrets = append(secrets, convert.SecretFromGRPC(secret)) 59 } 60 61 return secrets, nil 62 } 63 64 // CreateSecret creates a new secret in a managed swarm cluster. 65 func (c *Cluster) CreateSecret(s types.SecretSpec) (string, error) { 66 var resp *swarmapi.CreateSecretResponse 67 if err := c.lockedManagerAction(func(ctx context.Context, state nodeState) error { 68 secretSpec := convert.SecretSpecToGRPC(s) 69 70 r, err := state.controlClient.CreateSecret(ctx, 71 &swarmapi.CreateSecretRequest{Spec: &secretSpec}) 72 if err != nil { 73 return err 74 } 75 resp = r 76 return nil 77 }); err != nil { 78 return "", err 79 } 80 return resp.Secret.ID, nil 81 } 82 83 // RemoveSecret removes a secret from a managed swarm cluster. 84 func (c *Cluster) RemoveSecret(input string) error { 85 return c.lockedManagerAction(func(ctx context.Context, state nodeState) error { 86 secret, err := getSecret(ctx, state.controlClient, input) 87 if err != nil { 88 return err 89 } 90 91 req := &swarmapi.RemoveSecretRequest{ 92 SecretID: secret.ID, 93 } 94 95 _, err = state.controlClient.RemoveSecret(ctx, req) 96 return err 97 }) 98 } 99 100 // UpdateSecret updates a secret in a managed swarm cluster. 101 // Note: this is not exposed to the CLI but is available from the API only 102 func (c *Cluster) UpdateSecret(input string, version uint64, spec types.SecretSpec) error { 103 return c.lockedManagerAction(func(ctx context.Context, state nodeState) error { 104 secret, err := getSecret(ctx, state.controlClient, input) 105 if err != nil { 106 return err 107 } 108 109 secretSpec := convert.SecretSpecToGRPC(spec) 110 111 _, err = state.controlClient.UpdateSecret(ctx, 112 &swarmapi.UpdateSecretRequest{ 113 SecretID: secret.ID, 114 SecretVersion: &swarmapi.Version{ 115 Index: version, 116 }, 117 Spec: &secretSpec, 118 }) 119 return err 120 }) 121 }