github.com/kaisenlinux/docker@v0.0.0-20230510090727-ea55db55fac7/swarmkit/template/getter.go (about) 1 package template 2 3 import ( 4 "github.com/docker/swarmkit/agent/exec" 5 "github.com/docker/swarmkit/api" 6 "github.com/pkg/errors" 7 ) 8 9 type templatedSecretGetter struct { 10 dependencies exec.DependencyGetter 11 t *api.Task 12 node *api.NodeDescription 13 } 14 15 // NewTemplatedSecretGetter returns a SecretGetter that evaluates templates. 16 func NewTemplatedSecretGetter(dependencies exec.DependencyGetter, t *api.Task, node *api.NodeDescription) exec.SecretGetter { 17 return templatedSecretGetter{dependencies: dependencies, t: t, node: node} 18 } 19 20 func (t templatedSecretGetter) Get(secretID string) (*api.Secret, error) { 21 if t.dependencies == nil { 22 return nil, errors.New("no secret provider available") 23 } 24 25 secrets := t.dependencies.Secrets() 26 if secrets == nil { 27 return nil, errors.New("no secret provider available") 28 } 29 30 secret, err := secrets.Get(secretID) 31 if err != nil { 32 return secret, err 33 } 34 35 newSpec, err := ExpandSecretSpec(secret, t.node, t.t, t.dependencies) 36 if err != nil { 37 return secret, errors.Wrapf(err, "failed to expand templated secret %s", secretID) 38 } 39 40 secretCopy := *secret 41 secretCopy.Spec = *newSpec 42 return &secretCopy, nil 43 } 44 45 // TemplatedConfigGetter is a ConfigGetter with an additional method to expose 46 // whether a config contains sensitive data. 47 type TemplatedConfigGetter interface { 48 exec.ConfigGetter 49 50 // GetAndFlagSecretData returns the interpolated config, and also 51 // returns true if the config has been interpolated with data from a 52 // secret. In this case, the config should be handled specially and 53 // should not be written to disk. 54 GetAndFlagSecretData(configID string) (*api.Config, bool, error) 55 } 56 57 type templatedConfigGetter struct { 58 dependencies exec.DependencyGetter 59 t *api.Task 60 node *api.NodeDescription 61 } 62 63 // NewTemplatedConfigGetter returns a ConfigGetter that evaluates templates. 64 func NewTemplatedConfigGetter(dependencies exec.DependencyGetter, t *api.Task, node *api.NodeDescription) TemplatedConfigGetter { 65 return templatedConfigGetter{dependencies: dependencies, t: t, node: node} 66 } 67 68 func (t templatedConfigGetter) Get(configID string) (*api.Config, error) { 69 config, _, err := t.GetAndFlagSecretData(configID) 70 return config, err 71 } 72 73 func (t templatedConfigGetter) GetAndFlagSecretData(configID string) (*api.Config, bool, error) { 74 if t.dependencies == nil { 75 return nil, false, errors.New("no config provider available") 76 } 77 78 configs := t.dependencies.Configs() 79 if configs == nil { 80 return nil, false, errors.New("no config provider available") 81 } 82 83 config, err := configs.Get(configID) 84 if err != nil { 85 return config, false, err 86 } 87 88 newSpec, sensitive, err := ExpandConfigSpec(config, t.node, t.t, t.dependencies) 89 if err != nil { 90 return config, false, errors.Wrapf(err, "failed to expand templated config %s", configID) 91 } 92 93 configCopy := *config 94 configCopy.Spec = *newSpec 95 return &configCopy, sensitive, nil 96 } 97 98 type templatedDependencyGetter struct { 99 secrets exec.SecretGetter 100 configs TemplatedConfigGetter 101 } 102 103 // NewTemplatedDependencyGetter returns a DependencyGetter that evaluates templates. 104 func NewTemplatedDependencyGetter(dependencies exec.DependencyGetter, t *api.Task, node *api.NodeDescription) exec.DependencyGetter { 105 return templatedDependencyGetter{ 106 secrets: NewTemplatedSecretGetter(dependencies, t, node), 107 configs: NewTemplatedConfigGetter(dependencies, t, node), 108 } 109 } 110 111 func (t templatedDependencyGetter) Secrets() exec.SecretGetter { 112 return t.secrets 113 } 114 115 func (t templatedDependencyGetter) Configs() exec.ConfigGetter { 116 return t.configs 117 }