github.com/kaisenlinux/docker@v0.0.0-20230510090727-ea55db55fac7/swarmkit/manager/state/store/secrets.go (about) 1 package store 2 3 import ( 4 "strings" 5 6 "github.com/docker/swarmkit/api" 7 memdb "github.com/hashicorp/go-memdb" 8 ) 9 10 const tableSecret = "secret" 11 12 func init() { 13 register(ObjectStoreConfig{ 14 Table: &memdb.TableSchema{ 15 Name: tableSecret, 16 Indexes: map[string]*memdb.IndexSchema{ 17 indexID: { 18 Name: indexID, 19 Unique: true, 20 Indexer: api.SecretIndexerByID{}, 21 }, 22 indexName: { 23 Name: indexName, 24 Unique: true, 25 Indexer: api.SecretIndexerByName{}, 26 }, 27 indexCustom: { 28 Name: indexCustom, 29 Indexer: api.SecretCustomIndexer{}, 30 AllowMissing: true, 31 }, 32 }, 33 }, 34 Save: func(tx ReadTx, snapshot *api.StoreSnapshot) error { 35 var err error 36 snapshot.Secrets, err = FindSecrets(tx, All) 37 return err 38 }, 39 Restore: func(tx Tx, snapshot *api.StoreSnapshot) error { 40 toStoreObj := make([]api.StoreObject, len(snapshot.Secrets)) 41 for i, x := range snapshot.Secrets { 42 toStoreObj[i] = x 43 } 44 return RestoreTable(tx, tableSecret, toStoreObj) 45 }, 46 ApplyStoreAction: func(tx Tx, sa api.StoreAction) error { 47 switch v := sa.Target.(type) { 48 case *api.StoreAction_Secret: 49 obj := v.Secret 50 switch sa.Action { 51 case api.StoreActionKindCreate: 52 return CreateSecret(tx, obj) 53 case api.StoreActionKindUpdate: 54 return UpdateSecret(tx, obj) 55 case api.StoreActionKindRemove: 56 return DeleteSecret(tx, obj.ID) 57 } 58 } 59 return errUnknownStoreAction 60 }, 61 }) 62 } 63 64 // CreateSecret adds a new secret to the store. 65 // Returns ErrExist if the ID is already taken. 66 func CreateSecret(tx Tx, s *api.Secret) error { 67 // Ensure the name is not already in use. 68 if tx.lookup(tableSecret, indexName, strings.ToLower(s.Spec.Annotations.Name)) != nil { 69 return ErrNameConflict 70 } 71 72 return tx.create(tableSecret, s) 73 } 74 75 // UpdateSecret updates an existing secret in the store. 76 // Returns ErrNotExist if the secret doesn't exist. 77 func UpdateSecret(tx Tx, s *api.Secret) error { 78 // Ensure the name is either not in use or already used by this same Secret. 79 if existing := tx.lookup(tableSecret, indexName, strings.ToLower(s.Spec.Annotations.Name)); existing != nil { 80 if existing.GetID() != s.ID { 81 return ErrNameConflict 82 } 83 } 84 85 return tx.update(tableSecret, s) 86 } 87 88 // DeleteSecret removes a secret from the store. 89 // Returns ErrNotExist if the secret doesn't exist. 90 func DeleteSecret(tx Tx, id string) error { 91 return tx.delete(tableSecret, id) 92 } 93 94 // GetSecret looks up a secret by ID. 95 // Returns nil if the secret doesn't exist. 96 func GetSecret(tx ReadTx, id string) *api.Secret { 97 n := tx.get(tableSecret, id) 98 if n == nil { 99 return nil 100 } 101 return n.(*api.Secret) 102 } 103 104 // FindSecrets selects a set of secrets and returns them. 105 func FindSecrets(tx ReadTx, by By) ([]*api.Secret, error) { 106 checkType := func(by By) error { 107 switch by.(type) { 108 case byName, byNamePrefix, byIDPrefix, byCustom, byCustomPrefix: 109 return nil 110 default: 111 return ErrInvalidFindBy 112 } 113 } 114 115 secretList := []*api.Secret{} 116 appendResult := func(o api.StoreObject) { 117 secretList = append(secretList, o.(*api.Secret)) 118 } 119 120 err := tx.find(tableSecret, by, checkType, appendResult) 121 return secretList, err 122 }