d4d6f8c0d0
Implement notary-based digest lookup in the client when DOCKER_CONTENT_TRUST=1. Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
100 lines
3 KiB
Go
100 lines
3 KiB
Go
package service
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
"github.com/docker/docker/api/types"
|
|
"github.com/docker/docker/cli"
|
|
"github.com/docker/docker/cli/command"
|
|
"github.com/spf13/cobra"
|
|
"golang.org/x/net/context"
|
|
)
|
|
|
|
func newCreateCommand(dockerCli *command.DockerCli) *cobra.Command {
|
|
opts := newServiceOptions()
|
|
|
|
cmd := &cobra.Command{
|
|
Use: "create [OPTIONS] IMAGE [COMMAND] [ARG...]",
|
|
Short: "Create a new service",
|
|
Args: cli.RequiresMinArgs(1),
|
|
RunE: func(cmd *cobra.Command, args []string) error {
|
|
opts.image = args[0]
|
|
if len(args) > 1 {
|
|
opts.args = args[1:]
|
|
}
|
|
return runCreate(dockerCli, opts)
|
|
},
|
|
}
|
|
flags := cmd.Flags()
|
|
flags.StringVar(&opts.mode, flagMode, "replicated", "Service mode (replicated or global)")
|
|
flags.StringVar(&opts.name, flagName, "", "Service name")
|
|
|
|
addServiceFlags(cmd, opts)
|
|
|
|
flags.VarP(&opts.labels, flagLabel, "l", "Service labels")
|
|
flags.Var(&opts.containerLabels, flagContainerLabel, "Container labels")
|
|
flags.VarP(&opts.env, flagEnv, "e", "Set environment variables")
|
|
flags.Var(&opts.envFile, flagEnvFile, "Read in a file of environment variables")
|
|
flags.Var(&opts.mounts, flagMount, "Attach a filesystem mount to the service")
|
|
flags.Var(&opts.constraints, flagConstraint, "Placement constraints")
|
|
flags.Var(&opts.networks, flagNetwork, "Network attachments")
|
|
flags.Var(&opts.secrets, flagSecret, "Specify secrets to expose to the service")
|
|
flags.VarP(&opts.endpoint.publishPorts, flagPublish, "p", "Publish a port as a node port")
|
|
flags.Var(&opts.groups, flagGroup, "Set one or more supplementary user groups for the container")
|
|
flags.Var(&opts.dns, flagDNS, "Set custom DNS servers")
|
|
flags.Var(&opts.dnsOption, flagDNSOption, "Set DNS options")
|
|
flags.Var(&opts.dnsSearch, flagDNSSearch, "Set custom DNS search domains")
|
|
flags.Var(&opts.hosts, flagHost, "Set one or more custom host-to-IP mappings (host:ip)")
|
|
|
|
flags.SetInterspersed(false)
|
|
return cmd
|
|
}
|
|
|
|
func runCreate(dockerCli *command.DockerCli, opts *serviceOptions) error {
|
|
apiClient := dockerCli.Client()
|
|
createOpts := types.ServiceCreateOptions{}
|
|
|
|
service, err := opts.ToService()
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
specifiedSecrets := opts.secrets.Value()
|
|
if len(specifiedSecrets) > 0 {
|
|
// parse and validate secrets
|
|
secrets, err := parseSecrets(apiClient, specifiedSecrets)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
service.TaskTemplate.ContainerSpec.Secrets = secrets
|
|
|
|
}
|
|
|
|
ctx := context.Background()
|
|
|
|
if err := resolveServiceImageDigest(dockerCli, &service); err != nil {
|
|
return err
|
|
}
|
|
|
|
// only send auth if flag was set
|
|
if opts.registryAuth {
|
|
// Retrieve encoded auth token from the image reference
|
|
encodedAuth, err := command.RetrieveAuthTokenFromImage(ctx, dockerCli, opts.image)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
createOpts.EncodedRegistryAuth = encodedAuth
|
|
}
|
|
|
|
response, err := apiClient.ServiceCreate(ctx, service, createOpts)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
for _, warning := range response.Warnings {
|
|
fmt.Fprintln(dockerCli.Err(), warning)
|
|
}
|
|
|
|
fmt.Fprintf(dockerCli.Out(), "%s\n", response.ID)
|
|
return nil
|
|
}
|