mirror of https://github.com/docker/compose.git
Enable variable substitution in config.secrets
Signed-off-by: Joffrey F <joffrey@docker.com>
This commit is contained in:
Joffrey F
parent
23b873c2ce
commit
a6db78e5d4
|
|
@ -218,6 +218,8 @@ class Config(namedtuple('_Config', 'version services volumes networks secrets'))
|
||||||
:type volumes: :class:`dict`
|
:type volumes: :class:`dict`
|
||||||
:param networks: Dictionary mapping network names to description dictionaries
|
:param networks: Dictionary mapping network names to description dictionaries
|
||||||
:type networks: :class:`dict`
|
:type networks: :class:`dict`
|
||||||
|
:param secrets: Dictionary mapping secret names to description dictionaries
|
||||||
|
:type secrets: :class:`dict`
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -491,6 +493,13 @@ def process_config_file(config_file, environment, service_name=None):
|
||||||
config_file.get_networks(),
|
config_file.get_networks(),
|
||||||
'network',
|
'network',
|
||||||
environment)
|
environment)
|
||||||
|
if config_file.version in (V3_1,):
|
||||||
|
processed_config['secrets'] = interpolate_config_section(
|
||||||
|
config_file,
|
||||||
|
config_file.get_secrets(),
|
||||||
|
'secrets',
|
||||||
|
environment
|
||||||
|
)
|
||||||
elif config_file.version == V1:
|
elif config_file.version == V1:
|
||||||
processed_config = services
|
processed_config = services
|
||||||
else:
|
else:
|
||||||
|
|
|
||||||
|
|
@ -1821,6 +1821,23 @@ class ConfigTest(unittest.TestCase):
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
def test_empty_environment_key_allowed(self):
|
||||||
|
service_dict = config.load(
|
||||||
|
build_config_details(
|
||||||
|
{
|
||||||
|
'web': {
|
||||||
|
'build': '.',
|
||||||
|
'environment': {
|
||||||
|
'POSTGRES_PASSWORD': ''
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
'.',
|
||||||
|
None,
|
||||||
|
)
|
||||||
|
).services[0]
|
||||||
|
self.assertEqual(service_dict['environment']['POSTGRES_PASSWORD'], '')
|
||||||
|
|
||||||
def test_merge_pid(self):
|
def test_merge_pid(self):
|
||||||
# Regression: https://github.com/docker/compose/issues/4184
|
# Regression: https://github.com/docker/compose/issues/4184
|
||||||
base = {
|
base = {
|
||||||
|
|
@ -2335,22 +2352,23 @@ class InterpolationTest(unittest.TestCase):
|
||||||
self.assertIn('in service "web"', cm.exception.msg)
|
self.assertIn('in service "web"', cm.exception.msg)
|
||||||
self.assertIn('"${"', cm.exception.msg)
|
self.assertIn('"${"', cm.exception.msg)
|
||||||
|
|
||||||
def test_empty_environment_key_allowed(self):
|
@mock.patch.dict(os.environ)
|
||||||
service_dict = config.load(
|
def test_interpolation_secrets_section(self):
|
||||||
build_config_details(
|
os.environ['FOO'] = 'baz.bar'
|
||||||
{
|
config_dict = config.load(build_config_details({
|
||||||
'web': {
|
'version': '3.1',
|
||||||
'build': '.',
|
'secrets': {
|
||||||
'environment': {
|
'secretdata': {
|
||||||
'POSTGRES_PASSWORD': ''
|
'external': {'name': '$FOO'}
|
||||||
},
|
}
|
||||||
},
|
}
|
||||||
},
|
}))
|
||||||
'.',
|
assert config_dict.secrets == {
|
||||||
None,
|
'secretdata': {
|
||||||
)
|
'external': {'name': 'baz.bar'},
|
||||||
).services[0]
|
'external_name': 'baz.bar'
|
||||||
self.assertEqual(service_dict['environment']['POSTGRES_PASSWORD'], '')
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
class VolumeConfigTest(unittest.TestCase):
|
class VolumeConfigTest(unittest.TestCase):
|
||||||
|
|
@ -3663,4 +3681,4 @@ class SerializeTest(unittest.TestCase):
|
||||||
serialized_config = yaml.load(serialize_config(config_dict))
|
serialized_config = yaml.load(serialize_config(config_dict))
|
||||||
serialized_service = serialized_config['services']['web']
|
serialized_service = serialized_config['services']['web']
|
||||||
assert secret_sort(serialized_service['secrets']) == secret_sort(service_dict['secrets'])
|
assert secret_sort(serialized_service['secrets']) == secret_sort(service_dict['secrets'])
|
||||||
assert serialized_config['secrets'] == secrets_dict
|
assert 'secrets' in serialized_config
|
||||||
|
|
|
||||||
|
|
@ -75,7 +75,32 @@ def test_interpolate_environment_variables_in_volumes(mock_env):
|
||||||
},
|
},
|
||||||
'other': {},
|
'other': {},
|
||||||
}
|
}
|
||||||
value = interpolate_environment_variables("2.0", volumes, 'volume', mock_env)
|
value = interpolate_environment_variables("2.0", volumes, 'volume', mock_env)
|
||||||
|
assert value == expected
|
||||||
|
|
||||||
|
|
||||||
|
def test_interpolate_environment_variables_in_secrets(mock_env):
|
||||||
|
secrets = {
|
||||||
|
'secretservice': {
|
||||||
|
'file': '$FOO',
|
||||||
|
'labels': {
|
||||||
|
'max': 2,
|
||||||
|
'user': '${USER}'
|
||||||
|
}
|
||||||
|
},
|
||||||
|
'other': None,
|
||||||
|
}
|
||||||
|
expected = {
|
||||||
|
'secretservice': {
|
||||||
|
'file': 'bar',
|
||||||
|
'labels': {
|
||||||
|
'max': 2,
|
||||||
|
'user': 'jenny'
|
||||||
|
}
|
||||||
|
},
|
||||||
|
'other': {},
|
||||||
|
}
|
||||||
|
value = interpolate_environment_variables("3.1", secrets, 'volume', mock_env)
|
||||||
assert value == expected
|
assert value == expected
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue