tyler.durden
/
compose
mirror of https://github.com/docker/compose.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add test and implementation for secret added after container has been created 

The issue is that if a secret is added to the compose file, then it will
not notice that containers have diverged since last run, because secrets
are not part of the config_hash, which determines if the configuration of
a service is the same or not.

Signed-off-by: Henke Adolfsson <catears13@gmail.com>
This commit is contained in:
Henke Adolfsson 2019-03-02 15:02:47 +01:00 committed by Henke
parent a1f3cb6d89
commit 76d0406fab
No known key found for this signature in database
GPG Key ID: 8469D4DA7E5DDBB7
2 changed files with 43 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
compose/service.py
View File

@ -685,6 +685,7 @@ class Service(object):
'links': self.get_link_names(), 'links': self.get_link_names(),
'net': self.network_mode.id, 'net': self.network_mode.id,
'networks': self.networks, 'networks': self.networks,
'secrets': self.secrets,
'volumes_from': [ 'volumes_from': [
(v.source.name, v.mode) (v.source.name, v.mode)
for v in self.volumes_from if isinstance(v.source, Service) for v in self.volumes_from if isinstance(v.source, Service)

42
tests/integration/project_test.py
View File

@ -1496,6 +1496,48 @@ class ProjectTest(DockerClientTestCase):
output = container.logs() output = container.logs()
assert output == b"This is the secret\n" assert output == b"This is the secret\n"
@v3_only()
def test_project_up_with_added_secrets(self):
node = create_host_file(self.client, os.path.abspath('tests/fixtures/secrets/default'))
config_data = build_config(
version=V3_1,
services=[{
'name': 'web',
'image': 'busybox:latest',
'command': 'cat /run/secrets/special',
# 'secrets': [
# types.ServiceSecret.parse({'source': 'super', 'target': 'special'}),
# ],
'environment': ['constraint:node=={}'.format(node if node is not None else '*')]
}],
secrets={
'super': {
'file': os.path.abspath('tests/fixtures/secrets/default'),
},
},
)
project = Project.from_config(
client=self.client,
name='composetest',
config_data=config_data,
)
project.up()
project.stop()
project.services[0].secrets = [
types.ServiceSecret.parse({'source': 'super', 'target': 'special'})
]
project.up()
project.stop()
containers = project.containers(stopped=True)
assert len(containers) == 1
container, = containers
output = container.logs()
assert output == b"This is the secret\n"
@v2_only() @v2_only()
def test_initialize_volumes_invalid_volume_driver(self): def test_initialize_volumes_invalid_volume_driver(self):
vol_name = '{0:x}'.format(random.getrandbits(32)) vol_name = '{0:x}'.format(random.getrandbits(32))