Guest24897
/
DockerCLI
mirror of https://github.com/docker/cli.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add unlock key rotation 

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
This commit is contained in:
Aaron Lehmann 2016-10-28 16:35:49 -07:00
parent 56b7ad90b1
commit 65e1e166ee
1 changed files with 23 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
command/swarm/unlock_key.go
View File

@ -5,6 +5,7 @@ import (
"github.com/spf13/cobra" "github.com/spf13/cobra"
"github.com/docker/docker/api/types/swarm"
"github.com/docker/docker/cli" "github.com/docker/docker/cli"
"github.com/docker/docker/cli/command" "github.com/docker/docker/cli/command"
"github.com/pkg/errors" "github.com/pkg/errors"
@ -23,7 +24,24 @@ func newUnlockKeyCommand(dockerCli *command.DockerCli) *cobra.Command {
ctx := context.Background() ctx := context.Background()
if rotate { if rotate {
// FIXME(aaronl) flags := swarm.UpdateFlags{RotateManagerUnlockKey: true}
swarm, err := client.SwarmInspect(ctx)
if err != nil {
return err
}
if !swarm.Spec.EncryptionConfig.AutoLockManagers {
return errors.New("cannot rotate because autolock is not turned on")
}
err = client.SwarmUpdate(ctx, swarm.Version, swarm.Spec, flags)
if err != nil {
return err
}
if !quiet {
fmt.Fprintf(dockerCli.Out(), "Successfully rotated manager unlock key.\n\n")
}
} }
unlockKeyResp, err := client.SwarmGetUnlockKey(ctx) unlockKeyResp, err := client.SwarmGetUnlockKey(ctx)
@ -31,6 +49,10 @@ func newUnlockKeyCommand(dockerCli *command.DockerCli) *cobra.Command {
return errors.Wrap(err, "could not fetch unlock key") return errors.Wrap(err, "could not fetch unlock key")
} }
if unlockKeyResp.UnlockKey == "" {
return errors.New("no unlock key is set")
}
if quiet { if quiet {
fmt.Fprintln(dockerCli.Out(), unlockKeyResp.UnlockKey) fmt.Fprintln(dockerCli.Out(), unlockKeyResp.UnlockKey)
} else { } else {