Merge pull request #236 from glours/add-secrets-build

ndeloof · web-flow · commit ef73f5a9c311 · 2022-04-11T08:45:14.000+02:00
diff --git a/loader/full-example.yml b/loader/full-example.yml
@@ -15,6 +15,13 @@ services:
         - foo
         - bar
       labels: [FOO=BAR]
+      secrets:
+        - secret1
+        - source: secret2
+          target: my_secret
+          uid: '103'
+          gid: '103'
+          mode: 0440
 
 
     cap_add:
diff --git a/loader/full-struct_test.go b/loader/full-struct_test.go
@@ -58,6 +58,18 @@ func services(workingDir, homeDir string) []types.ServiceConfig {
 				Network:    "foo",
 				CacheFrom:  []string{"foo", "bar"},
 				Labels:     map[string]string{"FOO": "BAR"},
+				Secrets: []types.ServiceSecretConfig{
+					{
+						Source: "secret1",
+					},
+					{
+						Source: "secret2",
+						Target: "my_secret",
+						UID:    "103",
+						GID:    "103",
+						Mode:   uint32Ptr(0440),
+					},
+				},
 			},
 			CapAdd:       []string{"ALL"},
 			CapDrop:      []string{"NET_ADMIN", "SYS_ADMIN"},
@@ -579,6 +591,13 @@ services:
       - bar
       network: foo
       target: foo
+      secrets:
+      - source: secret1
+      - source: secret2
+        target: my_secret
+        uid: "103"
+        gid: "103"
+        mode: 288
     cap_add:
     - ALL
     cap_drop:
@@ -1096,7 +1115,19 @@ func fullExampleJSON(workingDir, homeDir string) string {
           "bar"
         ],
         "network": "foo",
-        "target": "foo"
+        "target": "foo",
+        "secrets": [
+          {
+            "source": "secret1"
+          },
+          {
+            "source": "secret2",
+            "target": "my_secret",
+            "uid": "103",
+            "gid": "103",
+            "mode": 288
+          }
+        ]
       },
       "cap_add": [
         "ALL"
diff --git a/schema/compose-spec.json b/schema/compose-spec.json
@@ -101,7 +101,8 @@
                 "target": {"type": "string"},
                 "shm_size": {"type": ["integer", "string"]},
                 "extra_hosts": {"$ref": "#/definitions/list_or_dict"},
-                "isolation": {"type": "string"}
+                "isolation": {"type": "string"},
+                "secrets": {"$ref": "#/definitions/service_config_or_secret"}
               },
               "additionalProperties": false,
               "patternProperties": {"^x-": {}}
@@ -144,26 +145,7 @@
             {"type": "array", "items": {"type": "string"}}
           ]
         },
-        "configs": {
-          "type": "array",
-          "items": {
-            "oneOf": [
-              {"type": "string"},
-              {
-                "type": "object",
-                "properties": {
-                  "source": {"type": "string"},
-                  "target": {"type": "string"},
-                  "uid": {"type": "string"},
-                  "gid": {"type": "string"},
-                  "mode": {"type": "number"}
-                },
-                "additionalProperties": false,
-                "patternProperties": {"^x-": {}}
-              }
-            ]
-          }
-        },
+        "configs": {"$ref": "#/definitions/service_config_or_secret"},
         "container_name": {"type": "string"},
         "cpu_count": {"type": "integer", "minimum": 0},
         "cpu_percent": {"type": "integer", "minimum": 0, "maximum": 100},
@@ -352,26 +334,7 @@
         },
         "security_opt": {"type": "array", "items": {"type": "string"}, "uniqueItems": true},
         "shm_size": {"type": ["number", "string"]},
-        "secrets": {
-          "type": "array",
-          "items": {
-            "oneOf": [
-              {"type": "string"},
-              {
-                "type": "object",
-                "properties": {
-                  "source": {"type": "string"},
-                  "target": {"type": "string"},
-                  "uid": {"type": "string"},
-                  "gid": {"type": "string"},
-                  "mode": {"type": "number"}
-                },
-                "additionalProperties": false,
-                "patternProperties": {"^x-": {}}
-              }
-            ]
-          }
-        },
+        "secrets": {"$ref": "#/definitions/service_config_or_secret"},
         "sysctls": {"$ref": "#/definitions/list_or_dict"},
         "stdin_open": {"type": "boolean"},
         "stop_grace_period": {"type": "string", "format": "duration"},
@@ -809,6 +772,27 @@
       "additionalProperties": false
     },
 
+    "service_config_or_secret": {
+      "type": "array",
+      "items": {
+        "oneOf": [
+          {"type": "string"},
+          {
+            "type": "object",
+            "properties": {
+              "source": {"type": "string"},
+              "target": {"type": "string"},
+              "uid": {"type": "string"},
+              "gid": {"type": "string"},
+              "mode": {"type": "number"}
+            },
+            "additionalProperties": false,
+            "patternProperties": {"^x-": {}}
+          }
+        ]
+      }
+    },
+
     "constraints": {
       "service": {
         "id": "#/definitions/constraints/service",
diff --git a/types/types.go b/types/types.go
@@ -304,6 +304,7 @@ type BuildConfig struct {
 	Isolation  string            `yaml:",omitempty" json:"isolation,omitempty"`
 	Network    string            `yaml:",omitempty" json:"network,omitempty"`
 	Target     string            `yaml:",omitempty" json:"target,omitempty"`
+	Secrets    []ServiceSecretConfig `yaml:",omitempty" json:"secrets,omitempty"`
 
 	Extensions map[string]interface{} `yaml:",inline" json:"-"`
 }

Original file line number	Diff line number	Diff line change
`@@ -304,6 +304,7 @@ type BuildConfig struct {`
`304`	`304`	Isolation string `yaml:",omitempty" json:"isolation,omitempty"`
`305`	`305`	Network string `yaml:",omitempty" json:"network,omitempty"`
`306`	`306`	Target string `yaml:",omitempty" json:"target,omitempty"`
	`307`	+ Secrets []ServiceSecretConfig `yaml:",omitempty" json:"secrets,omitempty"`
`307`	`308`
`308`	`309`	Extensions map[string]interface{} `yaml:",inline" json:"-"`
`309`	`310`	`}`