github.com/fabiokung/docker@v0.11.2-0.20170222101415-4534dcd49497/daemon/cluster/secrets.go (about) 1 package cluster 2 3 import ( 4 apitypes "github.com/docker/docker/api/types" 5 types "github.com/docker/docker/api/types/swarm" 6 "github.com/docker/docker/daemon/cluster/convert" 7 swarmapi "github.com/docker/swarmkit/api" 8 ) 9 10 // GetSecret returns a secret from a managed swarm cluster 11 func (c *Cluster) GetSecret(input string) (types.Secret, error) { 12 c.mu.RLock() 13 defer c.mu.RUnlock() 14 15 state := c.currentNodeState() 16 if !state.IsActiveManager() { 17 return types.Secret{}, c.errNoManager(state) 18 } 19 20 ctx, cancel := c.getRequestContext() 21 defer cancel() 22 23 secret, err := getSecret(ctx, state.controlClient, input) 24 if err != nil { 25 return types.Secret{}, err 26 } 27 return convert.SecretFromGRPC(secret), nil 28 } 29 30 // GetSecrets returns all secrets of a managed swarm cluster. 31 func (c *Cluster) GetSecrets(options apitypes.SecretListOptions) ([]types.Secret, error) { 32 c.mu.RLock() 33 defer c.mu.RUnlock() 34 35 state := c.currentNodeState() 36 if !state.IsActiveManager() { 37 return nil, c.errNoManager(state) 38 } 39 40 filters, err := newListSecretsFilters(options.Filters) 41 if err != nil { 42 return nil, err 43 } 44 ctx, cancel := c.getRequestContext() 45 defer cancel() 46 47 r, err := state.controlClient.ListSecrets(ctx, 48 &swarmapi.ListSecretsRequest{Filters: filters}) 49 if err != nil { 50 return nil, err 51 } 52 53 secrets := []types.Secret{} 54 55 for _, secret := range r.Secrets { 56 secrets = append(secrets, convert.SecretFromGRPC(secret)) 57 } 58 59 return secrets, nil 60 } 61 62 // CreateSecret creates a new secret in a managed swarm cluster. 63 func (c *Cluster) CreateSecret(s types.SecretSpec) (string, error) { 64 c.mu.RLock() 65 defer c.mu.RUnlock() 66 67 state := c.currentNodeState() 68 if !state.IsActiveManager() { 69 return "", c.errNoManager(state) 70 } 71 72 ctx, cancel := c.getRequestContext() 73 defer cancel() 74 75 secretSpec := convert.SecretSpecToGRPC(s) 76 77 r, err := state.controlClient.CreateSecret(ctx, 78 &swarmapi.CreateSecretRequest{Spec: &secretSpec}) 79 if err != nil { 80 return "", err 81 } 82 83 return r.Secret.ID, nil 84 } 85 86 // RemoveSecret removes a secret from a managed swarm cluster. 87 func (c *Cluster) RemoveSecret(input string) error { 88 c.mu.RLock() 89 defer c.mu.RUnlock() 90 91 state := c.currentNodeState() 92 if !state.IsActiveManager() { 93 return c.errNoManager(state) 94 } 95 96 ctx, cancel := c.getRequestContext() 97 defer cancel() 98 99 secret, err := getSecret(ctx, state.controlClient, input) 100 if err != nil { 101 return err 102 } 103 104 req := &swarmapi.RemoveSecretRequest{ 105 SecretID: secret.ID, 106 } 107 108 _, err = state.controlClient.RemoveSecret(ctx, req) 109 return err 110 } 111 112 // UpdateSecret updates a secret in a managed swarm cluster. 113 // Note: this is not exposed to the CLI but is available from the API only 114 func (c *Cluster) UpdateSecret(id string, version uint64, spec types.SecretSpec) error { 115 c.mu.RLock() 116 defer c.mu.RUnlock() 117 118 state := c.currentNodeState() 119 if !state.IsActiveManager() { 120 return c.errNoManager(state) 121 } 122 123 ctx, cancel := c.getRequestContext() 124 defer cancel() 125 126 secretSpec := convert.SecretSpecToGRPC(spec) 127 128 _, err := state.controlClient.UpdateSecret(ctx, 129 &swarmapi.UpdateSecretRequest{ 130 SecretID: id, 131 SecretVersion: &swarmapi.Version{ 132 Index: version, 133 }, 134 Spec: &secretSpec, 135 }) 136 return err 137 }