|
@@ -9,6 +9,7 @@ import (
|
|
|
swarmtypes "github.com/docker/docker/api/types/swarm"
|
|
swarmtypes "github.com/docker/docker/api/types/swarm"
|
|
|
"github.com/docker/docker/client"
|
|
"github.com/docker/docker/client"
|
|
|
"github.com/docker/docker/integration/internal/swarm"
|
|
"github.com/docker/docker/integration/internal/swarm"
|
|
|
|
|
+ "github.com/docker/docker/internal/testutil"
|
|
|
"github.com/gotestyourself/gotestyourself/skip"
|
|
"github.com/gotestyourself/gotestyourself/skip"
|
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/assert"
|
|
|
"github.com/stretchr/testify/require"
|
|
"github.com/stretchr/testify/require"
|
|
@@ -35,7 +36,7 @@ func TestSecretInspect(t *testing.T) {
|
|
|
|
|
|
|
|
secret, _, err = client.SecretInspectWithRaw(context.Background(), testName)
|
|
secret, _, err = client.SecretInspectWithRaw(context.Background(), testName)
|
|
|
require.NoError(t, err)
|
|
require.NoError(t, err)
|
|
|
- assert.Equal(t, secret.ID, secretID)
|
|
|
|
|
|
|
+ assert.Equal(t, secretID, secretID)
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
func TestSecretList(t *testing.T) {
|
|
func TestSecretList(t *testing.T) {
|
|
@@ -124,3 +125,110 @@ func createSecret(ctx context.Context, t *testing.T, client client.APIClient, na
|
|
|
assert.NotEqual(t, secret.ID, "")
|
|
assert.NotEqual(t, secret.ID, "")
|
|
|
return secret.ID
|
|
return secret.ID
|
|
|
}
|
|
}
|
|
|
|
|
+
|
|
|
|
|
+func TestSecretsCreate(t *testing.T) {
|
|
|
|
|
+ skip.If(t, testEnv.DaemonInfo.OSType != "linux")
|
|
|
|
|
+
|
|
|
|
|
+ defer setupTest(t)()
|
|
|
|
|
+ d := swarm.NewSwarm(t, testEnv)
|
|
|
|
|
+ defer d.Stop(t)
|
|
|
|
|
+ client, err := client.NewClientWithOpts(client.WithHost((d.Sock())))
|
|
|
|
|
+ require.NoError(t, err)
|
|
|
|
|
+
|
|
|
|
|
+ ctx := context.Background()
|
|
|
|
|
+
|
|
|
|
|
+ testName := "test_secret"
|
|
|
|
|
+ createSecret(ctx, t, client, testName, []byte("TESTINGDATA"), nil)
|
|
|
|
|
+ require.NoError(t, err)
|
|
|
|
|
+
|
|
|
|
|
+ // create an already existin secret, daemon should return a status code of 409
|
|
|
|
|
+ _, err = client.SecretCreate(ctx, swarmtypes.SecretSpec{
|
|
|
|
|
+ Annotations: swarmtypes.Annotations{
|
|
|
|
|
+ Name: testName,
|
|
|
|
|
+ },
|
|
|
|
|
+ Data: []byte("TESTINGDATA"),
|
|
|
|
|
+ })
|
|
|
|
|
+ testutil.ErrorContains(t, err, "already exists")
|
|
|
|
|
+}
|
|
|
|
|
+
|
|
|
|
|
+func TestSecretsDelete(t *testing.T) {
|
|
|
|
|
+ skip.If(t, testEnv.DaemonInfo.OSType != "linux")
|
|
|
|
|
+
|
|
|
|
|
+ defer setupTest(t)()
|
|
|
|
|
+ d := swarm.NewSwarm(t, testEnv)
|
|
|
|
|
+ defer d.Stop(t)
|
|
|
|
|
+ client, err := client.NewClientWithOpts(client.WithHost((d.Sock())))
|
|
|
|
|
+ require.NoError(t, err)
|
|
|
|
|
+
|
|
|
|
|
+ ctx := context.Background()
|
|
|
|
|
+
|
|
|
|
|
+ testName := "test_secret"
|
|
|
|
|
+ secretID := createSecret(ctx, t, client, testName, []byte("TESTINGDATA"), nil)
|
|
|
|
|
+ require.NoError(t, err)
|
|
|
|
|
+
|
|
|
|
|
+ insp, _, err := client.SecretInspectWithRaw(ctx, secretID)
|
|
|
|
|
+ require.NoError(t, err)
|
|
|
|
|
+ assert.Equal(t, insp.ID, secretID)
|
|
|
|
|
+
|
|
|
|
|
+ err = client.SecretRemove(ctx, secretID)
|
|
|
|
|
+ require.NoError(t, err)
|
|
|
|
|
+
|
|
|
|
|
+ _, _, err = client.SecretInspectWithRaw(ctx, secretID)
|
|
|
|
|
+ testutil.ErrorContains(t, err, "No such secret")
|
|
|
|
|
+
|
|
|
|
|
+ err = client.SecretRemove(ctx, "non-existin")
|
|
|
|
|
+ testutil.ErrorContains(t, err, "No such secret: non-existin")
|
|
|
|
|
+}
|
|
|
|
|
+
|
|
|
|
|
+func TestSecretsUpdate(t *testing.T) {
|
|
|
|
|
+ skip.If(t, testEnv.DaemonInfo.OSType != "linux")
|
|
|
|
|
+
|
|
|
|
|
+ defer setupTest(t)()
|
|
|
|
|
+ d := swarm.NewSwarm(t, testEnv)
|
|
|
|
|
+ defer d.Stop(t)
|
|
|
|
|
+ client, err := client.NewClientWithOpts(client.WithHost((d.Sock())))
|
|
|
|
|
+ require.NoError(t, err)
|
|
|
|
|
+
|
|
|
|
|
+ ctx := context.Background()
|
|
|
|
|
+
|
|
|
|
|
+ testName := "test_secret"
|
|
|
|
|
+ secretID := createSecret(ctx, t, client, testName, []byte("TESTINGDATA"), nil)
|
|
|
|
|
+ require.NoError(t, err)
|
|
|
|
|
+
|
|
|
|
|
+ insp, _, err := client.SecretInspectWithRaw(ctx, secretID)
|
|
|
|
|
+ require.NoError(t, err)
|
|
|
|
|
+ assert.Equal(t, insp.ID, secretID)
|
|
|
|
|
+
|
|
|
|
|
+ // test UpdateSecret with full ID
|
|
|
|
|
+ insp.Spec.Labels = map[string]string{"test": "test1"}
|
|
|
|
|
+ err = client.SecretUpdate(ctx, secretID, insp.Version, insp.Spec)
|
|
|
|
|
+ require.NoError(t, err)
|
|
|
|
|
+
|
|
|
|
|
+ insp, _, err = client.SecretInspectWithRaw(ctx, secretID)
|
|
|
|
|
+ require.NoError(t, err)
|
|
|
|
|
+ assert.Equal(t, insp.Spec.Labels["test"], "test1")
|
|
|
|
|
+
|
|
|
|
|
+ // test UpdateSecret with full name
|
|
|
|
|
+ insp.Spec.Labels = map[string]string{"test": "test2"}
|
|
|
|
|
+ err = client.SecretUpdate(ctx, testName, insp.Version, insp.Spec)
|
|
|
|
|
+ require.NoError(t, err)
|
|
|
|
|
+
|
|
|
|
|
+ insp, _, err = client.SecretInspectWithRaw(ctx, secretID)
|
|
|
|
|
+ require.NoError(t, err)
|
|
|
|
|
+ assert.Equal(t, insp.Spec.Labels["test"], "test2")
|
|
|
|
|
+
|
|
|
|
|
+ // test UpdateSecret with prefix ID
|
|
|
|
|
+ insp.Spec.Labels = map[string]string{"test": "test3"}
|
|
|
|
|
+ err = client.SecretUpdate(ctx, secretID[:1], insp.Version, insp.Spec)
|
|
|
|
|
+ require.NoError(t, err)
|
|
|
|
|
+
|
|
|
|
|
+ insp, _, err = client.SecretInspectWithRaw(ctx, secretID)
|
|
|
|
|
+ require.NoError(t, err)
|
|
|
|
|
+ assert.Equal(t, insp.Spec.Labels["test"], "test3")
|
|
|
|
|
+
|
|
|
|
|
+ // test UpdateSecret in updating Data which is not supported in daemon
|
|
|
|
|
+ // this test will produce an error in func UpdateSecret
|
|
|
|
|
+ insp.Spec.Data = []byte("TESTINGDATA2")
|
|
|
|
|
+ err = client.SecretUpdate(ctx, secretID, insp.Version, insp.Spec)
|
|
|
|
|
+ testutil.ErrorContains(t, err, "only updates to Labels are allowed")
|
|
|
|
|
+}
|
Yong Tang