Add "name" field to secrets and configs to allow interpolation in Compose files#668
Conversation
Codecov Report
@@ Coverage Diff @@
## master #668 +/- ##
==========================================
+ Coverage 51.28% 51.34% +0.06%
==========================================
Files 216 216
Lines 17743 17761 +18
==========================================
+ Hits 9099 9120 +21
+ Misses 8175 8172 -3
Partials 469 469 |
ilyasotkov
changed the title
dnephin
left a comment
dnephin
left a comment
There was a problem hiding this comment.
Thanks!
Left some comments. I'm going to open a PR to fix some existing issues with the volume implementation of this. I'll also look at see if we can remove some duplication between secrets/configs.
| for name, secret := range secrets { | ||
| if secret.Name != "" { | ||
| name = secret.Name | ||
| } |
There was a problem hiding this comment.
This is not used if secret.External.External evaluates to true, so I think this block should move after the next if secret.External.External block.
Also, this name should not be scoped using namespace.Scope(name) (which is done below). So there needs to be an else for doing the namespace.Scope()
Same for configs below (I wish these two types shared more code...)
| secret.External.Name = name | ||
| secrets[name] = secret | ||
| } else { | ||
| logrus.Warnf("secret %s: secret.external.name is deprecated in favor of secret.name", name) |
There was a problem hiding this comment.
There's an issue open for this warning with volumes #608
This has the same problem, we'll need to pass in a version here so that we only warn if version >= 3.5
|
|
||
| if secretSpec.Name != "" { | ||
| source = namespace.Scope(secretSpec.Name) | ||
| } |
There was a problem hiding this comment.
If the name is specified it shouldn't be scoped.
There was a problem hiding this comment.
I feel like all internal / stack objects should be scoped. It would be more consistent if everything that gets created via docker stack deploy (or wiped via docker stack rm) is namespaced. That would break compatibility with how it's already implemented with volumes though 🤔
There was a problem hiding this comment.
ya, I think it's by design that the name field is not scoped. Only the default names get scoped.
You can use a variable in the name: field to provide the scope to these explicitly named objects.
|
So I rewrote the PR on top of #671 to remove some of the duplication between configs / secrets and fixed some issues the original PR had as well. I also added a couple of tests for the functionality, but I wasn't sure if duplicating secrets and configs there is the right way to go. |
| name = secret.Name | ||
| } else { | ||
| name = namespace.Scope(name) | ||
| } |
There was a problem hiding this comment.
This if/else block can be moved into fileObjectConfig() to remove the duplication.
| // if not "external: true" | ||
| } else { | ||
| if obj.File == "" { | ||
| return obj, errors.Errorf("%[1]s %[2]s: specify a file or \"external: true\"", objType, name) |
There was a problem hiding this comment.
It is, although I definitely should've written a test on it 🙃
It doesn't work,secrets.<secret-name> must be a mapping is being called before this one. I'll remove it for now, but it's probably a good idea to make all such errors a bit more specific in the future.
|
Updated. |
|
So, what else needs to be done to get this merged? 👋 |
vdemeester
left a comment
vdemeester
left a comment
There was a problem hiding this comment.
LGTM 🐯
@ilyasotkov needs a rebase though
Signed-off-by: Ilya Sotkov <[email protected]>
Signed-off-by: Ilya Sotkov <[email protected]>
…emove extraneous error call, regenerate schema correctly Signed-off-by: Ilya Sotkov <[email protected]>
|
Rebased ✅ |
|
Question: Why |
7 participants
See issue #667
In Compose file version 3.4, volumes gained the "name" field which allowed the volumes' names to be interpolated for simple version bumps using environmental variables.
That feature is also needed for secrets and configs. Proposed usage:
What I did: I just followed the way the feature is already implemented for volumes. I also bumped the Compose file schema version to 3.5.