moby/cli/command/service/create.go
Aaron Lehmann d4d6f8c0d0 cli: Pin image to digest using content trust
Implement notary-based digest lookup in the client when
DOCKER_CONTENT_TRUST=1.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2016-12-14 10:49:33 -08:00

100 lines
3 KiB
Go

package service
import (
"fmt"
"github.com/docker/docker/api/types"
"github.com/docker/docker/cli"
"github.com/docker/docker/cli/command"
"github.com/spf13/cobra"
"golang.org/x/net/context"
)
func newCreateCommand(dockerCli *command.DockerCli) *cobra.Command {
opts := newServiceOptions()
cmd := &cobra.Command{
Use: "create [OPTIONS] IMAGE [COMMAND] [ARG...]",
Short: "Create a new service",
Args: cli.RequiresMinArgs(1),
RunE: func(cmd *cobra.Command, args []string) error {
opts.image = args[0]
if len(args) > 1 {
opts.args = args[1:]
}
return runCreate(dockerCli, opts)
},
}
flags := cmd.Flags()
flags.StringVar(&opts.mode, flagMode, "replicated", "Service mode (replicated or global)")
flags.StringVar(&opts.name, flagName, "", "Service name")
addServiceFlags(cmd, opts)
flags.VarP(&opts.labels, flagLabel, "l", "Service labels")
flags.Var(&opts.containerLabels, flagContainerLabel, "Container labels")
flags.VarP(&opts.env, flagEnv, "e", "Set environment variables")
flags.Var(&opts.envFile, flagEnvFile, "Read in a file of environment variables")
flags.Var(&opts.mounts, flagMount, "Attach a filesystem mount to the service")
flags.Var(&opts.constraints, flagConstraint, "Placement constraints")
flags.Var(&opts.networks, flagNetwork, "Network attachments")
flags.Var(&opts.secrets, flagSecret, "Specify secrets to expose to the service")
flags.VarP(&opts.endpoint.publishPorts, flagPublish, "p", "Publish a port as a node port")
flags.Var(&opts.groups, flagGroup, "Set one or more supplementary user groups for the container")
flags.Var(&opts.dns, flagDNS, "Set custom DNS servers")
flags.Var(&opts.dnsOption, flagDNSOption, "Set DNS options")
flags.Var(&opts.dnsSearch, flagDNSSearch, "Set custom DNS search domains")
flags.Var(&opts.hosts, flagHost, "Set one or more custom host-to-IP mappings (host:ip)")
flags.SetInterspersed(false)
return cmd
}
func runCreate(dockerCli *command.DockerCli, opts *serviceOptions) error {
apiClient := dockerCli.Client()
createOpts := types.ServiceCreateOptions{}
service, err := opts.ToService()
if err != nil {
return err
}
specifiedSecrets := opts.secrets.Value()
if len(specifiedSecrets) > 0 {
// parse and validate secrets
secrets, err := parseSecrets(apiClient, specifiedSecrets)
if err != nil {
return err
}
service.TaskTemplate.ContainerSpec.Secrets = secrets
}
ctx := context.Background()
if err := resolveServiceImageDigest(dockerCli, &service); err != nil {
return err
}
// only send auth if flag was set
if opts.registryAuth {
// Retrieve encoded auth token from the image reference
encodedAuth, err := command.RetrieveAuthTokenFromImage(ctx, dockerCli, opts.image)
if err != nil {
return err
}
createOpts.EncodedRegistryAuth = encodedAuth
}
response, err := apiClient.ServiceCreate(ctx, service, createOpts)
if err != nil {
return err
}
for _, warning := range response.Warnings {
fmt.Fprintln(dockerCli.Err(), warning)
}
fmt.Fprintf(dockerCli.Out(), "%s\n", response.ID)
return nil
}