From b56b4b53744c59cad942278ff34a0b0616a7aa60 Mon Sep 17 00:00:00 2001
From: Tino Rusch <tino.rusch@gmail.com>
Date: Sun, 20 Jun 2021 16:11:54 +0200
Subject: read secret config from config file if no user data.

feat: read secret config from config file if the user hasn't entered
explicit config values

feat: allow to specify `--driver-opts opt1=val1,opt2=val2` in the secret
create command to allow overriding the default values

fix: show driver options in `podman secret inspect`

Signed-off-by: Tino Rusch <tino.rusch@gmail.com>
---
 pkg/domain/infra/abi/secrets.go | 26 +++++++++++++++++++++-----
 1 file changed, 21 insertions(+), 5 deletions(-)

(limited to 'pkg/domain/infra/abi')

diff --git a/pkg/domain/infra/abi/secrets.go b/pkg/domain/infra/abi/secrets.go
index 1e1cbc70f..fa28a9b51 100644
--- a/pkg/domain/infra/abi/secrets.go
+++ b/pkg/domain/infra/abi/secrets.go
@@ -17,15 +17,30 @@ func (ic *ContainerEngine) SecretCreate(ctx context.Context, name string, reader
 	if err != nil {
 		return nil, err
 	}
-	driverOptions := make(map[string]string)
 
+	// set defaults from config for the case they are not set by an upper layer
+	// (-> i.e. tests that talk directly to the api)
+	cfg, err := ic.Libpod.GetConfig()
+	if err != nil {
+		return nil, err
+	}
 	if options.Driver == "" {
-		options.Driver = "file"
+		options.Driver = cfg.Secrets.Driver
+	}
+	if len(options.Opts) == 0 {
+		options.Opts = cfg.Secrets.Opts
+	}
+	if options.Opts == nil {
+		options.Opts = make(map[string]string)
 	}
+
 	if options.Driver == "file" {
-		driverOptions["path"] = filepath.Join(secretsPath, "filedriver")
+		if _, ok := options.Opts["path"]; !ok {
+			options.Opts["path"] = filepath.Join(secretsPath, "filedriver")
+		}
 	}
-	secretID, err := manager.Store(name, data, options.Driver, driverOptions)
+
+	secretID, err := manager.Store(name, data, options.Driver, options.Opts)
 	if err != nil {
 		return nil, err
 	}
@@ -58,7 +73,8 @@ func (ic *ContainerEngine) SecretInspect(ctx context.Context, nameOrIDs []string
 			Spec: entities.SecretSpec{
 				Name: secret.Name,
 				Driver: entities.SecretDriverSpec{
-					Name: secret.Driver,
+					Name:    secret.Driver,
+					Options: secret.DriverOptions,
 				},
 			},
 		}
-- 
cgit v1.2.3-54-g00ecf


From e7507fe7cf2f35e332f58ae632882f29395e4c59 Mon Sep 17 00:00:00 2001
From: Tino Rusch <tino.rusch@gmail.com>
Date: Fri, 25 Jun 2021 08:33:15 +0200
Subject: make DriverOpts name consistent.

Signed-off-by: Tino Rusch <tino.rusch@gmail.com>
---
 cmd/podman/secrets/create.go       |  2 +-
 pkg/api/handlers/libpod/secrets.go |  2 +-
 pkg/domain/entities/secrets.go     |  4 ++--
 pkg/domain/infra/abi/secrets.go    | 14 +++++++-------
 pkg/domain/infra/tunnel/secrets.go |  2 +-
 5 files changed, 12 insertions(+), 12 deletions(-)

(limited to 'pkg/domain/infra/abi')

diff --git a/cmd/podman/secrets/create.go b/cmd/podman/secrets/create.go
index 8c268615c..f9846f9fb 100644
--- a/cmd/podman/secrets/create.go
+++ b/cmd/podman/secrets/create.go
@@ -47,7 +47,7 @@ func init() {
 	cfg := registry.PodmanConfig()
 
 	flags.StringVar(&createOpts.Driver, driverFlagName, cfg.Secrets.Driver, "Specify secret driver")
-	flags.StringToStringVar(&createOpts.Opts, optsFlagName, cfg.Secrets.Opts, "Specify driver specific options")
+	flags.StringToStringVar(&createOpts.DriverOpts, optsFlagName, cfg.Secrets.Opts, "Specify driver specific options")
 	_ = createCmd.RegisterFlagCompletionFunc(driverFlagName, completion.AutocompleteNone)
 	_ = createCmd.RegisterFlagCompletionFunc(optsFlagName, completion.AutocompleteNone)
 
diff --git a/pkg/api/handlers/libpod/secrets.go b/pkg/api/handlers/libpod/secrets.go
index 867a0b957..7086d9e38 100644
--- a/pkg/api/handlers/libpod/secrets.go
+++ b/pkg/api/handlers/libpod/secrets.go
@@ -40,7 +40,7 @@ func CreateSecret(w http.ResponseWriter, r *http.Request) {
 	}
 
 	opts.Driver = query.Driver
-	opts.Opts = query.DriverOpts
+	opts.DriverOpts = query.DriverOpts
 
 	ic := abi.ContainerEngine{Libpod: runtime}
 	report, err := ic.SecretCreate(r.Context(), query.Name, r.Body, opts)
diff --git a/pkg/domain/entities/secrets.go b/pkg/domain/entities/secrets.go
index e69b0a07c..56a1465b7 100644
--- a/pkg/domain/entities/secrets.go
+++ b/pkg/domain/entities/secrets.go
@@ -11,8 +11,8 @@ type SecretCreateReport struct {
 }
 
 type SecretCreateOptions struct {
-	Driver string
-	Opts   map[string]string
+	Driver     string
+	DriverOpts map[string]string
 }
 
 type SecretListRequest struct {
diff --git a/pkg/domain/infra/abi/secrets.go b/pkg/domain/infra/abi/secrets.go
index fa28a9b51..0bdb4ce60 100644
--- a/pkg/domain/infra/abi/secrets.go
+++ b/pkg/domain/infra/abi/secrets.go
@@ -27,20 +27,20 @@ func (ic *ContainerEngine) SecretCreate(ctx context.Context, name string, reader
 	if options.Driver == "" {
 		options.Driver = cfg.Secrets.Driver
 	}
-	if len(options.Opts) == 0 {
-		options.Opts = cfg.Secrets.Opts
+	if len(options.DriverOpts) == 0 {
+		options.DriverOpts = cfg.Secrets.Opts
 	}
-	if options.Opts == nil {
-		options.Opts = make(map[string]string)
+	if options.DriverOpts == nil {
+		options.DriverOpts = make(map[string]string)
 	}
 
 	if options.Driver == "file" {
-		if _, ok := options.Opts["path"]; !ok {
-			options.Opts["path"] = filepath.Join(secretsPath, "filedriver")
+		if _, ok := options.DriverOpts["path"]; !ok {
+			options.DriverOpts["path"] = filepath.Join(secretsPath, "filedriver")
 		}
 	}
 
-	secretID, err := manager.Store(name, data, options.Driver, options.Opts)
+	secretID, err := manager.Store(name, data, options.Driver, options.DriverOpts)
 	if err != nil {
 		return nil, err
 	}
diff --git a/pkg/domain/infra/tunnel/secrets.go b/pkg/domain/infra/tunnel/secrets.go
index 8cdc220a4..ecbb80931 100644
--- a/pkg/domain/infra/tunnel/secrets.go
+++ b/pkg/domain/infra/tunnel/secrets.go
@@ -13,7 +13,7 @@ import (
 func (ic *ContainerEngine) SecretCreate(ctx context.Context, name string, reader io.Reader, options entities.SecretCreateOptions) (*entities.SecretCreateReport, error) {
 	opts := new(secrets.CreateOptions).
 		WithDriver(options.Driver).
-		WithDriverOpts(options.Opts).
+		WithDriverOpts(options.DriverOpts).
 		WithName(name)
 	created, err := secrets.Create(ic.ClientCtx, reader, opts)
 	if err != nil {
-- 
cgit v1.2.3-54-g00ecf