Merge pull request #155 from thaJeztah/17.07-backport-plugable-secret-api-docs

[17.07] backport plugable secret api docs
2017-08-04 15:52:48 -07:00
parent 608cc09fab 1466b46335
commit e5b51b4933
3 changed files with 81 additions and 10 deletions
--- a/components/engine/api/swagger.yaml
+++ b/components/engine/api/swagger.yaml
@ -322,7 +322,6 @@ definitions:
      MaximumRetryCount:
        type: "integer"
        description: "If `on-failure` is used, the number of times to retry before giving up"
-    default: {}

  Resources:
    description: "A container's resources (cgroups config, ulimits, etc)"
@ -2785,6 +2784,27 @@ definitions:
          type: "array"
          items:
            $ref: "#/definitions/Mount"
+
+  Driver:
+    description: "Driver represents a driver (network, logging, secrets)."
+    type: "object"
+    required: [Name]
+    properties:
+      Name:
+        description: "Name of the driver."
+        type: "string"
+        x-nullable: false
+        example: "some-driver"
+      Options:
+        description: "Key/value map of driver-specific options."
+        type: "object"
+        x-nullable: false
+        additionalProperties:
+          type: "string"
+        example:
+          OptionA: "value for driver-specific option A"
+          OptionB: "value for driver-specific option B"
+
  SecretSpec:
    type: "object"
    properties:
@ -2796,24 +2816,38 @@ definitions:
        type: "object"
        additionalProperties:
          type: "string"
+        example:
+          com.example.some-label: "some-value"
+          com.example.some-other-label: "some-other-value"
      Data:
-        description: "Base64-url-safe-encoded secret data"
-        type: "array"
-        items:
-          type: "string"
+        description: |
+          Base64-url-safe-encoded ([RFC 4648](https://tools.ietf.org/html/rfc4648#section-3.2))
+          data to store as secret.
+
+          This field is only used to _create_ a secret, and is not returned by
+          other endpoints.
+        type: "string"
+        example: ""
+      Driver:
+        description: "Name of the secrets driver used to fetch the secret's value from an external secret store"
+        $ref: "#/definitions/Driver"
+
  Secret:
    type: "object"
    properties:
      ID:
        type: "string"
+        example: "blt1owaxmitz71s9v5zh81zun"
      Version:
        $ref: "#/definitions/ObjectVersion"
      CreatedAt:
        type: "string"
        format: "dateTime"
+        example: "2017-07-20T13:55:28.678958722Z"
      UpdatedAt:
        type: "string"
        format: "dateTime"
+        example: "2017-07-20T13:55:28.678958722Z"
      Spec:
        $ref: "#/definitions/SecretSpec"
  ConfigSpec:
@ -2828,10 +2862,10 @@ definitions:
        additionalProperties:
          type: "string"
      Data:
-        description: "Base64-url-safe-encoded config data"
-        type: "array"
-        items:
-          type: "string"
+        description: |
+          Base64-url-safe-encoded ([RFC 4648](https://tools.ietf.org/html/rfc4648#section-3.2))
+          config data.
+        type: "string"
  Config:
    type: "object"
    properties:
@ -8381,6 +8415,20 @@ paths:
            items:
              $ref: "#/definitions/Secret"
            example:
+              - ID: "blt1owaxmitz71s9v5zh81zun"
+                Version:
+                  Index: 85
+                CreatedAt: "2017-07-20T13:55:28.678958722Z"
+                UpdatedAt: "2017-07-20T13:55:28.678958722Z"
+                Spec:
+                  Name: "mysql-passwd"
+                  Labels:
+                    some.label: "some.value"
+                  Driver:
+                    Name: "secret-bucket"
+                    Options:
+                      OptionA: "value for driver option A"
+                      OptionB: "value for driver option B"
              - ID: "ktnbjxoalbkvbvedmg1urrz8h"
                Version:
                  Index: 11
@ -8388,6 +8436,8 @@ paths:
                UpdatedAt: "2016-11-05T01:20:17.327670065Z"
                Spec:
                  Name: "app-dev.crt"
+                  Labels:
+                    foo: "bar"
        500:
          description: "server error"
          schema:
@ -8451,6 +8501,11 @@ paths:
                  Labels:
                    foo: "bar"
                  Data: "VEhJUyBJUyBOT1QgQSBSRUFMIENFUlRJRklDQVRFCg=="
+                  Driver:
+                    Name: "secret-bucket"
+                    Options:
+                      OptionA: "value for driver option A"
+                      OptionB: "value for driver option B"
      tags: ["Secret"]
  /secrets/{id}:
    get:
@ -8472,6 +8527,14 @@ paths:
              UpdatedAt: "2016-11-05T01:20:17.327670065Z"
              Spec:
                Name: "app-dev.crt"
+                Labels:
+                  foo: "bar"
+                Driver:
+                  Name: "secret-bucket"
+                  Options:
+                    OptionA: "value for driver option A"
+                    OptionB: "value for driver option B"
+
        404:
          description: "secret not found"
          schema:
--- a/components/engine/api/types/swarm/common.go
+++ b/components/engine/api/types/swarm/common.go
@ -20,7 +20,7 @@ type Annotations struct {
 	Labels map[string]string `json:"Labels"`
 }

-// Driver represents a driver (network, logging).
+// Driver represents a driver (network, logging, secrets backend).
 type Driver struct {
 	Name    string            `json:",omitempty"`
 	Options map[string]string `json:",omitempty"`