Skip to content

Commit

Permalink
Address review comments
Browse files Browse the repository at this point in the history
Signed-off-by: cyli <ying.li@docker.com>
  • Loading branch information
cyli committed Sep 27, 2016
1 parent 930d873 commit aebced0
Show file tree
Hide file tree
Showing 11 changed files with 44 additions and 38 deletions.
10 changes: 5 additions & 5 deletions api/objects.pb.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions api/objects.proto
Original file line number Diff line number Diff line change
Expand Up @@ -246,8 +246,8 @@ message Secret {
string digest = 4;

// SecretSize represents the size (number of bytes) of the secret data, and is
// calculated from the data contained in `Secret.Spec.data`..
uint32 size = 5 [(gogoproto.customname) = "SecretSize"];
// calculated from the data contained in `Secret.Spec.data`.
int64 size = 5 [(gogoproto.customname) = "SecretSize"];

// Whether the secret is an internal secret (not set by a user) or not.
bool internal = 6;
Expand Down
4 changes: 2 additions & 2 deletions cmd/swarmctl/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ import (
"github.com/docker/swarmkit/cmd/swarmctl/cluster"
"github.com/docker/swarmkit/cmd/swarmctl/network"
"github.com/docker/swarmkit/cmd/swarmctl/node"
"github.com/docker/swarmkit/cmd/swarmctl/secrets"
"github.com/docker/swarmkit/cmd/swarmctl/secret"
"github.com/docker/swarmkit/cmd/swarmctl/service"
"github.com/docker/swarmkit/cmd/swarmctl/task"
"github.com/docker/swarmkit/version"
Expand Down Expand Up @@ -55,6 +55,6 @@ func init() {
version.Cmd,
network.Cmd,
cluster.Cmd,
secrets.Cmd,
secret.Cmd,
)
}
2 changes: 1 addition & 1 deletion cmd/swarmctl/secrets/cmd.go → cmd/swarmctl/secret/cmd.go
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package secrets
package secret

import "github.com/spf13/cobra"

Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package secrets
package secret

import (
"fmt"
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package secrets
package secret

import (
"errors"
Expand Down
Original file line number Diff line number Diff line change
@@ -1,14 +1,14 @@
package secrets
package secret

import (
"errors"
"fmt"
"os"
"text/tabwriter"
"time"

"github.com/docker/swarmkit/api"
"github.com/docker/swarmkit/cmd/swarmctl/common"
"github.com/docker/swarmkit/protobuf/ptypes"
"github.com/spf13/cobra"
)

Expand All @@ -27,8 +27,7 @@ func printSecretSummary(secret *api.Secret) {
common.FprintfIfNotEmpty(w, "Digest\t: %s\n", secret.Digest)
common.FprintfIfNotEmpty(w, "Size\t: %d\n", secret.SecretSize)

created := time.Unix(int64(secret.Meta.CreatedAt.Seconds), int64(secret.Meta.CreatedAt.Nanos))
common.FprintfIfNotEmpty(w, "Created\t: %s\n", created.Format(time.RFC822))
common.FprintfIfNotEmpty(w, "Created\t: %s\n", ptypes.TimestampString(secret.Meta.CreatedAt))
}

var (
Expand Down
19 changes: 14 additions & 5 deletions cmd/swarmctl/secrets/list.go → cmd/swarmctl/secret/list.go
Original file line number Diff line number Diff line change
@@ -1,15 +1,15 @@
package secrets
package secret

import (
"errors"
"fmt"
"os"
"sort"
"text/tabwriter"
"time"

"github.com/docker/swarmkit/api"
"github.com/docker/swarmkit/cmd/swarmctl/common"
"github.com/docker/swarmkit/protobuf/ptypes"
"github.com/dustin/go-humanize"
"github.com/spf13/cobra"
)
Expand All @@ -19,8 +19,14 @@ type secretSorter []*api.Secret
func (k secretSorter) Len() int { return len(k) }
func (k secretSorter) Swap(i, j int) { k[i], k[j] = k[j], k[i] }
func (k secretSorter) Less(i, j int) bool {
iTime := time.Unix(k[i].Meta.CreatedAt.Seconds, int64(k[i].Meta.CreatedAt.Nanos))
jTime := time.Unix(k[j].Meta.CreatedAt.Seconds, int64(k[j].Meta.CreatedAt.Nanos))
iTime, err := ptypes.Timestamp(k[i].Meta.CreatedAt)
if err != nil {
panic(err)
}
jTime, err := ptypes.Timestamp(k[j].Meta.CreatedAt)
if err != nil {
panic(err)
}
return jTime.Before(iTime)
}

Expand Down Expand Up @@ -59,7 +65,10 @@ var (
}()
common.PrintHeader(w, "ID", "Name", "Created", "Digest", "Size")
output = func(s *api.Secret) {
created := time.Unix(int64(s.Meta.CreatedAt.Seconds), int64(s.Meta.CreatedAt.Nanos))
created, err := ptypes.Timestamp(s.Meta.CreatedAt)
if err != nil {
panic(err)
}
fmt.Fprintf(w, "%s\t%s\t%s\t%s\t%d\n",
s.ID,
s.Spec.Annotations.Name,
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package secrets
package secret

import (
"errors"
Expand Down
19 changes: 8 additions & 11 deletions manager/controlapi/secret.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,14 +17,14 @@ import (
// MaxSecretSize is the maximum byte length of the `Secret.Spec.Data` field.
const MaxSecretSize = 500 * 1024 // 500KB

var isValidSecretName = regexp.MustCompile(`^[a-zA-Z0-9](?:[a-zA-Z0-9-_.]{0,62}[a-zA-Z0-9])*$`)
var validSecretNameRegexp = regexp.MustCompile(`^[a-zA-Z0-9]+(?:[a-zA-Z0-9-_.]*[a-zA-Z0-9])?$`)

// assumes spec is not nil
func secretFromSecretSpec(spec *api.SecretSpec) *api.Secret {
return &api.Secret{
ID: identity.NewID(),
Spec: *spec,
SecretSize: uint32(len(spec.Data)),
SecretSize: int64(len(spec.Data)),
Digest: digest.FromBytes(spec.Data).String(),
}
}
Expand All @@ -40,7 +40,6 @@ func (s *Server) GetSecret(ctx context.Context, request *api.GetSecretRequest) (
}

var secret *api.Secret

s.store.View(func(tx store.ReadTx) {
secret = store.GetSecret(tx, request.SecretID)
})
Expand All @@ -49,7 +48,7 @@ func (s *Server) GetSecret(ctx context.Context, request *api.GetSecretRequest) (
return nil, grpc.Errorf(codes.NotFound, "secret %s not found", request.SecretID)
}

secret.Spec.Data = nil
secret.Spec.Data = nil // clean the actual secret data so it's never returned
return &api.GetSecretResponse{Secret: secret}, nil
}

Expand Down Expand Up @@ -94,7 +93,6 @@ func (s *Server) ListSecrets(ctx context.Context, request *api.ListSecretsReques
s.store.View(func(tx store.ReadTx) {
secrets, err = store.FindSecrets(tx, by)
})

if err != nil {
return nil, err
}
Expand All @@ -104,7 +102,7 @@ func (s *Server) ListSecrets(ctx context.Context, request *api.ListSecretsReques
if secret.Internal || !filterMatchLabels(secret.Spec.Annotations.Labels, labels) {
continue
}
secret.Spec.Data = nil
secret.Spec.Data = nil // clean the actual secret data so it's never returned
respSecrets = append(respSecrets, secret)
}

Expand All @@ -130,7 +128,7 @@ func (s *Server) CreateSecret(ctx context.Context, request *api.CreateSecretRequ
case store.ErrNameConflict:
return nil, grpc.Errorf(codes.AlreadyExists, "secret %s already exists", request.Spec.Annotations.Name)
case nil:
secret.Spec.Data = nil
secret.Spec.Data = nil // clean the actual secret data so it's never returned
return &api.CreateSecretResponse{Secret: secret}, nil
default:
return nil, err
Expand All @@ -149,7 +147,6 @@ func (s *Server) RemoveSecret(ctx context.Context, request *api.RemoveSecretRequ
err := s.store.Update(func(tx store.Tx) error {
return store.DeleteSecret(tx, request.SecretID)
})

switch err {
case store.ErrNotExist:
return nil, grpc.Errorf(codes.NotFound, "secret %s not found", request.SecretID)
Expand All @@ -168,16 +165,16 @@ func validateSecretSpec(spec *api.SecretSpec) error {
return err
}

if len(spec.Data) > MaxSecretSize || len(spec.Data) == 0 {
return grpc.Errorf(codes.InvalidArgument, "secret data must be between 1 and %d bytes inclusive", MaxSecretSize)
if len(spec.Data) >= MaxSecretSize || len(spec.Data) < 1 {
return grpc.Errorf(codes.InvalidArgument, "secret data must be larger than 0 and less than %d bytes", MaxSecretSize)
}
return nil
}

func validateSecretAnnotations(m api.Annotations) error {
if m.Name == "" {
return grpc.Errorf(codes.InvalidArgument, "name must be provided")
} else if !isValidSecretName.MatchString(m.Name) {
} else if len(m.Name) > 64 || !validSecretNameRegexp.MatchString(m.Name) {
// if the name doesn't match the regex
return grpc.Errorf(codes.InvalidArgument,
"invalid name, only 64 [a-zA-Z0-9-_.] characters allowed, and the start and end character must be [a-zA-Z0-9]")
Expand Down
11 changes: 6 additions & 5 deletions manager/controlapi/secret_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import (
"crypto/sha256"
"encoding/hex"
"fmt"
"strings"
"testing"

"github.com/docker/swarmkit/api"
Expand Down Expand Up @@ -57,7 +58,7 @@ func TestValidateSecretSpec(t *testing.T) {
"with:colon",
"with;semicolon",
"snowman☃",
"o_______________________________________________________________o", // exactly 65 characters
strings.Repeat("a", 65),
} {
err := validateSecretSpec(createSecretSpec(badName, []byte("valid secret"), nil))
assert.Error(t, err)
Expand All @@ -77,12 +78,12 @@ func TestValidateSecretSpec(t *testing.T) {
"0",
"a",
"A",
"name-with-dashes",
"name.with.dots",
"name_with_underscores",
"name-with--dashes",
"name.with..dots",
"name_with__underscores",
"name.with-all_special",
"02624name035with1699numbers015125",
"o______________________________________________________________o", // exactly 64 characters
strings.Repeat("a", 64),
} {
err := validateSecretSpec(createSecretSpec(goodName, []byte("valid secret"), nil))
assert.NoError(t, err)
Expand Down

0 comments on commit aebced0

Please sign in to comment.