Add API documentation for plugable secret backends

Documents the API changes introduced in 0304c98d85404fe75a1b4a35d3c111931e062f41 and 08f7cf05268782a0dd8e4c41a4cc65fdf78d09f2 Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit c8dad44c326d9d2131f94babbc535e7f442db290) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-07-19 12:27:24 +02:00
parent 8c4be39ddd
commit bc27a5b53b
3 changed files with 81 additions and 9 deletions
--- a/components/engine/api/swagger.yaml
+++ b/components/engine/api/swagger.yaml
@ -2780,6 +2780,27 @@ definitions:
          type: "array"
          items:
            $ref: "#/definitions/Mount"
+
+  Driver:
+    description: "Driver represents a driver (network, logging, secrets)."
+    type: "object"
+    required: [Name]
+    properties:
+      Name:
+        description: "Name of the driver."
+        type: "string"
+        x-nullable: false
+        example: "some-driver"
+      Options:
+        description: "Key/value map of driver-specific options."
+        type: "object"
+        x-nullable: false
+        additionalProperties:
+          type: "string"
+        example:
+          OptionA: "value for driver-specific option A"
+          OptionB: "value for driver-specific option B"
+
  SecretSpec:
    type: "object"
    properties:
@ -2791,24 +2812,38 @@ definitions:
        type: "object"
        additionalProperties:
          type: "string"
+        example:
+          com.example.some-label: "some-value"
+          com.example.some-other-label: "some-other-value"
      Data:
-        description: "Base64-url-safe-encoded secret data"
-        type: "array"
-        items:
-          type: "string"
+        description: |
+          Base64-url-safe-encoded ([RFC 4648](https://tools.ietf.org/html/rfc4648#section-3.2))
+          data to store as secret.
+
+          This field is only used to _create_ a secret, and is not returned by
+          other endpoints.
+        type: "string"
+        example: ""
+      Driver:
+        description: "Name of the secrets driver used to fetch the secret's value from an external secret store"
+        $ref: "#/definitions/Driver"
+
  Secret:
    type: "object"
    properties:
      ID:
        type: "string"
+        example: "blt1owaxmitz71s9v5zh81zun"
      Version:
        $ref: "#/definitions/ObjectVersion"
      CreatedAt:
        type: "string"
        format: "dateTime"
+        example: "2017-07-20T13:55:28.678958722Z"
      UpdatedAt:
        type: "string"
        format: "dateTime"
+        example: "2017-07-20T13:55:28.678958722Z"
      Spec:
        $ref: "#/definitions/SecretSpec"
  ConfigSpec:
@ -2823,10 +2858,10 @@ definitions:
        additionalProperties:
          type: "string"
      Data:
-        description: "Base64-url-safe-encoded config data"
-        type: "array"
-        items:
-          type: "string"
+        description: |
+          Base64-url-safe-encoded ([RFC 4648](https://tools.ietf.org/html/rfc4648#section-3.2))
+          config data.
+        type: "string"
  Config:
    type: "object"
    properties:
@ -8416,6 +8451,20 @@ paths:
            items:
              $ref: "#/definitions/Secret"
            example:
+              - ID: "blt1owaxmitz71s9v5zh81zun"
+                Version:
+                  Index: 85
+                CreatedAt: "2017-07-20T13:55:28.678958722Z"
+                UpdatedAt: "2017-07-20T13:55:28.678958722Z"
+                Spec:
+                  Name: "mysql-passwd"
+                  Labels:
+                    some.label: "some.value"
+                  Driver:
+                    Name: "secret-bucket"
+                    Options:
+                      OptionA: "value for driver option A"
+                      OptionB: "value for driver option B"
              - ID: "ktnbjxoalbkvbvedmg1urrz8h"
                Version:
                  Index: 11
@ -8423,6 +8472,8 @@ paths:
                UpdatedAt: "2016-11-05T01:20:17.327670065Z"
                Spec:
                  Name: "app-dev.crt"
+                  Labels:
+                    foo: "bar"
        500:
          description: "server error"
          schema:
@ -8486,6 +8537,11 @@ paths:
                  Labels:
                    foo: "bar"
                  Data: "VEhJUyBJUyBOT1QgQSBSRUFMIENFUlRJRklDQVRFCg=="
+                  Driver:
+                    Name: "secret-bucket"
+                    Options:
+                      OptionA: "value for driver option A"
+                      OptionB: "value for driver option B"
      tags: ["Secret"]
  /secrets/{id}:
    get:
@ -8507,6 +8563,14 @@ paths:
              UpdatedAt: "2016-11-05T01:20:17.327670065Z"
              Spec:
                Name: "app-dev.crt"
+                Labels:
+                  foo: "bar"
+                Driver:
+                  Name: "secret-bucket"
+                  Options:
+                    OptionA: "value for driver option A"
+                    OptionB: "value for driver option B"
+
        404:
          description: "secret not found"
          schema:
--- a/components/engine/api/types/swarm/common.go
+++ b/components/engine/api/types/swarm/common.go
@ -20,7 +20,7 @@ type Annotations struct {
 	Labels map[string]string `json:"Labels"`
 }

-// Driver represents a driver (network, logging).
+// Driver represents a driver (network, logging, secrets backend).
 type Driver struct {
 	Name    string            `json:",omitempty"`
 	Options map[string]string `json:",omitempty"`