github.com/zhuohuang-hust/src-cbuild@v0.0.0-20230105071821-c7aab3e7c840/daemon/cluster/secrets.go (about) 1 package cluster 2 3 import ( 4 apitypes "github.com/docker/docker/api/types" 5 types "github.com/docker/docker/api/types/swarm" 6 "github.com/docker/docker/daemon/cluster/convert" 7 swarmapi "github.com/docker/swarmkit/api" 8 ) 9 10 // GetSecret returns a secret from a managed swarm cluster 11 func (c *Cluster) GetSecret(id string) (types.Secret, error) { 12 c.mu.RLock() 13 defer c.mu.RUnlock() 14 15 state := c.currentNodeState() 16 if !state.IsActiveManager() { 17 return types.Secret{}, c.errNoManager(state) 18 } 19 20 ctx, cancel := c.getRequestContext() 21 defer cancel() 22 23 r, err := state.controlClient.GetSecret(ctx, &swarmapi.GetSecretRequest{SecretID: id}) 24 if err != nil { 25 return types.Secret{}, err 26 } 27 28 return convert.SecretFromGRPC(r.Secret), nil 29 } 30 31 // GetSecrets returns all secrets of a managed swarm cluster. 32 func (c *Cluster) GetSecrets(options apitypes.SecretListOptions) ([]types.Secret, error) { 33 c.mu.RLock() 34 defer c.mu.RUnlock() 35 36 state := c.currentNodeState() 37 if !state.IsActiveManager() { 38 return nil, c.errNoManager(state) 39 } 40 41 filters, err := newListSecretsFilters(options.Filters) 42 if err != nil { 43 return nil, err 44 } 45 ctx, cancel := c.getRequestContext() 46 defer cancel() 47 48 r, err := state.controlClient.ListSecrets(ctx, 49 &swarmapi.ListSecretsRequest{Filters: filters}) 50 if err != nil { 51 return nil, err 52 } 53 54 secrets := []types.Secret{} 55 56 for _, secret := range r.Secrets { 57 secrets = append(secrets, convert.SecretFromGRPC(secret)) 58 } 59 60 return secrets, nil 61 } 62 63 // CreateSecret creates a new secret in a managed swarm cluster. 64 func (c *Cluster) CreateSecret(s types.SecretSpec) (string, error) { 65 c.mu.RLock() 66 defer c.mu.RUnlock() 67 68 state := c.currentNodeState() 69 if !state.IsActiveManager() { 70 return "", c.errNoManager(state) 71 } 72 73 ctx, cancel := c.getRequestContext() 74 defer cancel() 75 76 secretSpec := convert.SecretSpecToGRPC(s) 77 78 r, err := state.controlClient.CreateSecret(ctx, 79 &swarmapi.CreateSecretRequest{Spec: &secretSpec}) 80 if err != nil { 81 return "", err 82 } 83 84 return r.Secret.ID, nil 85 } 86 87 // RemoveSecret removes a secret from a managed swarm cluster. 88 func (c *Cluster) RemoveSecret(id string) error { 89 c.mu.RLock() 90 defer c.mu.RUnlock() 91 92 state := c.currentNodeState() 93 if !state.IsActiveManager() { 94 return c.errNoManager(state) 95 } 96 97 ctx, cancel := c.getRequestContext() 98 defer cancel() 99 100 req := &swarmapi.RemoveSecretRequest{ 101 SecretID: id, 102 } 103 104 if _, err := state.controlClient.RemoveSecret(ctx, req); err != nil { 105 return err 106 } 107 return nil 108 } 109 110 // UpdateSecret updates a secret in a managed swarm cluster. 111 // Note: this is not exposed to the CLI but is available from the API only 112 func (c *Cluster) UpdateSecret(id string, version uint64, spec types.SecretSpec) error { 113 c.mu.RLock() 114 defer c.mu.RUnlock() 115 116 state := c.currentNodeState() 117 if !state.IsActiveManager() { 118 return c.errNoManager(state) 119 } 120 121 ctx, cancel := c.getRequestContext() 122 defer cancel() 123 124 secretSpec := convert.SecretSpecToGRPC(spec) 125 126 if _, err := state.controlClient.UpdateSecret(ctx, 127 &swarmapi.UpdateSecretRequest{ 128 SecretID: id, 129 SecretVersion: &swarmapi.Version{ 130 Index: version, 131 }, 132 Spec: &secretSpec, 133 }); err != nil { 134 return err 135 } 136 137 return nil 138 }