[WIP] Initial secrets protobuf changes and dispatcher support#1377
[WIP] Initial secrets protobuf changes and dispatcher support#1377aaronlehmann wants to merge 4 commits intomoby:masterfrom
Conversation
api/dispatcher.proto
Outdated
| // starts at 0 and increments. If a sequence number is skipped, the | ||
| // consumer of the stream should start a new Assignments stream to | ||
| // re-sync. | ||
| int64 sequence = 2; |
There was a problem hiding this comment.
Just make this an opaque string.
There was a problem hiding this comment.
Should there be two opaque strings - one identifying the current message and another to match with the previous message?
There was a problem hiding this comment.
That will sure make it easier to debug if there is an "applies to" and "results in" field.
|
This is a fantastic looking start. |
|
Thanks for the comments. I will make some changes tomorrow. |
Current coverage is 53.76% (diff: 11.95%)@@ master #1377 diff @@
==========================================
Files 81 82 +1
Lines 12850 13199 +349
Methods 0 0
Messages 0 0
Branches 0 0
==========================================
+ Hits 7074 7096 +22
- Misses 4793 5115 +322
- Partials 983 988 +5
|
7bb96cb to
bc16473
Compare
api/types.proto
Outdated
| string target = 2; | ||
|
|
||
| // SecretName is the name of the secret that this reference. | ||
| string secret_name = 3; |
There was a problem hiding this comment.
I think we can just call this "name" or "reference" and maybe it comes first.
bc16473 to
bdcbabb
Compare
|
Made some of the updates such as |
| } | ||
|
|
||
| // SecretReference is the linkage between a service and a secret that it uses. | ||
| message SecretReference { |
There was a problem hiding this comment.
Any way to reference a group or tag here?
There was a problem hiding this comment.
We should probably support that... ping @diogomonica
There was a problem hiding this comment.
Why? The resolution of what secrets go down always happens manager-side. Don't see the need for that.
There was a problem hiding this comment.
Should it be possible to attach a group of secrets to a task or not?
There was a problem hiding this comment.
You're right, we need it.
bdcbabb to
93b423f
Compare
Add a Secret top-level object type. Add a SecretReference that allows a service to reference the secrets it needs. Add dispatcher Assignments method which will replace Tasks going forward. This provides a stream with incremental task and secret updates. Additional object types can be supported in the assignment set in the future. The first message returned from the Assignments stream is the complete set of tasks and secrets for the node, and this is used to synchronize the node's view with the manager's. Additional messages returned by the stream are incremental updates that add, update, or remove one or more tasks or secrets. If the agent gets out of sync with the manager, it can reinitiate the Assignments stream to sync up. Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
93b423f to
2fc73c8
Compare
Signed-off-by: Diogo Monica <diogo.monica@gmail.com>
7873aad to
44110aa
Compare
Signed-off-by: Diogo Monica <diogo.monica@gmail.com>
44110aa to
4ca53f8
Compare
Add a Secret top-level object type. Add a SecretReference that allows a
service to reference the secrets it needs.
Add dispatcher Assignments method which will replace Tasks going
forward. This provides a stream with incremental task and secret
updates. Additional object types can be supported in the assignment set
in the future. The first message returned from the Assignments stream is
the complete set of tasks and secrets for the node, and this is used to
synchronize the node's view with the manager's. Additional messages
returned by the stream are incremental updates that add, update, or
remove one or more tasks or secrets. If the agent gets out of sync with
the manager, it can reinitiate the Assignments stream to sync up.