2016-10-19 12:22:02 -04:00
|
|
|
package secret
|
|
|
|
|
|
|
|
import (
|
|
|
|
"fmt"
|
2016-11-19 20:41:11 -05:00
|
|
|
"io"
|
2016-10-19 12:22:02 -04:00
|
|
|
"io/ioutil"
|
|
|
|
|
2017-04-17 18:07:56 -04:00
|
|
|
"github.com/docker/cli/cli"
|
|
|
|
"github.com/docker/cli/cli/command"
|
2017-05-15 08:45:19 -04:00
|
|
|
"github.com/docker/cli/opts"
|
2016-10-19 12:22:02 -04:00
|
|
|
"github.com/docker/docker/api/types/swarm"
|
2016-11-19 20:41:11 -05:00
|
|
|
"github.com/docker/docker/pkg/system"
|
2017-03-09 13:23:45 -05:00
|
|
|
"github.com/pkg/errors"
|
2016-10-19 12:22:02 -04:00
|
|
|
"github.com/spf13/cobra"
|
2016-11-09 19:59:01 -05:00
|
|
|
"golang.org/x/net/context"
|
2016-10-19 12:22:02 -04:00
|
|
|
)
|
|
|
|
|
|
|
|
type createOptions struct {
|
2016-11-03 17:01:54 -04:00
|
|
|
name string
|
2017-07-30 07:01:39 -04:00
|
|
|
driver string
|
2016-11-19 20:41:11 -05:00
|
|
|
file string
|
2016-11-03 17:01:54 -04:00
|
|
|
labels opts.ListOpts
|
2016-10-19 12:22:02 -04:00
|
|
|
}
|
|
|
|
|
2017-04-01 03:07:22 -04:00
|
|
|
func newSecretCreateCommand(dockerCli command.Cli) *cobra.Command {
|
2017-05-15 08:45:19 -04:00
|
|
|
options := createOptions{
|
2016-12-23 14:09:12 -05:00
|
|
|
labels: opts.NewListOpts(opts.ValidateEnv),
|
2016-11-03 17:01:54 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
cmd := &cobra.Command{
|
2017-07-30 07:01:39 -04:00
|
|
|
Use: "create [OPTIONS] SECRET [file|-]",
|
2016-11-19 20:41:11 -05:00
|
|
|
Short: "Create a secret from a file or STDIN as content",
|
2017-07-30 07:01:39 -04:00
|
|
|
Args: cli.RequiresRangeArgs(1, 2),
|
2016-10-19 12:22:02 -04:00
|
|
|
RunE: func(cmd *cobra.Command, args []string) error {
|
2017-05-15 08:45:19 -04:00
|
|
|
options.name = args[0]
|
2017-07-30 07:01:39 -04:00
|
|
|
if len(args) == 2 {
|
|
|
|
options.file = args[1]
|
|
|
|
}
|
2017-05-15 08:45:19 -04:00
|
|
|
return runSecretCreate(dockerCli, options)
|
2016-10-19 12:22:02 -04:00
|
|
|
},
|
|
|
|
}
|
2016-11-03 17:01:54 -04:00
|
|
|
flags := cmd.Flags()
|
2017-05-15 08:45:19 -04:00
|
|
|
flags.VarP(&options.labels, "label", "l", "Secret labels")
|
2017-07-30 07:01:39 -04:00
|
|
|
flags.StringVarP(&options.driver, "driver", "d", "", "Secret driver")
|
|
|
|
flags.SetAnnotation("driver", "version", []string{"1.31"})
|
2016-11-03 17:01:54 -04:00
|
|
|
|
|
|
|
return cmd
|
2016-10-19 12:22:02 -04:00
|
|
|
}
|
|
|
|
|
2017-04-01 03:07:22 -04:00
|
|
|
func runSecretCreate(dockerCli command.Cli, options createOptions) error {
|
2016-10-19 12:22:02 -04:00
|
|
|
client := dockerCli.Client()
|
|
|
|
ctx := context.Background()
|
|
|
|
|
2017-07-30 07:01:39 -04:00
|
|
|
if options.driver != "" && options.file != "" {
|
|
|
|
return errors.Errorf("When using secret driver secret data must be empty")
|
2016-11-19 20:41:11 -05:00
|
|
|
}
|
|
|
|
|
2017-07-30 07:01:39 -04:00
|
|
|
secretData, err := readSecretData(dockerCli.In(), options.file)
|
2016-10-19 12:22:02 -04:00
|
|
|
if err != nil {
|
2017-03-09 13:23:45 -05:00
|
|
|
return errors.Errorf("Error reading content from %q: %v", options.file, err)
|
2016-10-19 12:22:02 -04:00
|
|
|
}
|
|
|
|
spec := swarm.SecretSpec{
|
|
|
|
Annotations: swarm.Annotations{
|
2016-11-03 17:01:54 -04:00
|
|
|
Name: options.name,
|
2017-06-05 18:23:21 -04:00
|
|
|
Labels: opts.ConvertKVStringsToMap(options.labels.GetAll()),
|
2016-10-19 12:22:02 -04:00
|
|
|
},
|
|
|
|
Data: secretData,
|
|
|
|
}
|
2017-07-30 07:01:39 -04:00
|
|
|
if options.driver != "" {
|
|
|
|
spec.Driver = &swarm.Driver{
|
|
|
|
Name: options.driver,
|
|
|
|
}
|
|
|
|
}
|
2016-10-19 12:22:02 -04:00
|
|
|
|
|
|
|
r, err := client.SecretCreate(ctx, spec)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
fmt.Fprintln(dockerCli.Out(), r.ID)
|
|
|
|
return nil
|
|
|
|
}
|
2017-07-30 07:01:39 -04:00
|
|
|
|
|
|
|
func readSecretData(in io.ReadCloser, file string) ([]byte, error) {
|
|
|
|
// Read secret value from external driver
|
|
|
|
if file == "" {
|
|
|
|
return nil, nil
|
|
|
|
}
|
|
|
|
if file != "-" {
|
|
|
|
var err error
|
|
|
|
in, err = system.OpenSequential(file)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
defer in.Close()
|
|
|
|
}
|
|
|
|
data, err := ioutil.ReadAll(in)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return data, nil
|
|
|
|
}
|