Merge pull request #1798 from docker/unlock_swarm_support

Unlock swarm support

Merge pull request #1798 from docker/unlock_swarm_support
Unlock swarm support
58c02ca9 · Joffrey F · GitHub · 1d6b5b20 · 3bd053a4 · 58c02ca9
Unverified Kaydet (Commit) 58c02ca9 authored Kas 21, 2017 tarafından Joffrey F Kaydeden (comit) GitHub Kas 21, 2017
Hide whitespace changes
Inline Side-by-side

Showing with 70 additions and 1 deletion

swarm.py docker/api/swarm.py +49 -1

swarm.py docker/models/swarm.py +8 -0

swarm.rst docs/swarm.rst +2 -0

api_swarm_test.py tests/integration/api_swarm_test.py +11 -0

No files found.
--- a/docker/api/swarm.py
+++ b/docker/api/swarm.py
 import logging
 from six.moves import http_client
+from .. import errors
 from .. import types
 from .. import utils
+
 log = logging.getLogger(__name__)


@@ -68,6 +70,16 @@ class SwarmApiMixin(object):
            kwargs['external_cas'] = [ext_ca]
        return types.SwarmSpec(self._version, *args, **kwargs)

+    @utils.minimum_version('1.24')
+    def get_unlock_key(self):
+        """
+            Get the unlock key for this Swarm manager.
+
+            Returns:
+                A ``dict`` containing an ``UnlockKey`` member
+        """
+        return self._result(self._get(self._url('/swarm/unlockkey')), True)
+
    @utils.minimum_version('1.24')
    def init_swarm(self, advertise_addr=None, listen_addr='0.0.0.0:2377',
                   force_new_cluster=False, swarm_spec=None):
@@ -270,10 +282,46 @@ class SwarmApiMixin(object):
        self._raise_for_status(res)
        return True

+    @utils.minimum_version('1.24')
+    def unlock_swarm(self, key):
+        """
+            Unlock a locked swarm.
+
+            Args:
+                key (string): The unlock key as provided by
+                    :py:meth:`get_unlock_key`
+
+            Raises:
+                :py:class:`docker.errors.InvalidArgument`
+                    If the key argument is in an incompatible format
+
+                :py:class:`docker.errors.APIError`
+                    If the server returns an error.
+
+            Returns:
+                `True` if the request was successful.
+
+            Example:
+
+                >>> key = client.get_unlock_key()
+                >>> client.unlock_node(key)
+
+        """
+        if isinstance(key, dict):
+            if 'UnlockKey' not in key:
+                raise errors.InvalidArgument('Invalid unlock key format')
+        else:
+            key = {'UnlockKey': key}
+
+        url = self._url('/swarm/unlock')
+        res = self._post_json(url, data=key)
+        self._raise_for_status(res)
+        return True
+
    @utils.minimum_version('1.24')
    def update_node(self, node_id, version, node_spec=None):
        """
-        Update the Node's configuration
+        Update the node's configuration

        Args:


--- a/docker/models/swarm.py
+++ b/docker/models/swarm.py
@@ -29,6 +29,10 @@ class Swarm(Model):
        """
        return self.attrs.get('Version').get('Index')

+    def get_unlock_key(self):
+        return self.client.api.get_unlock_key()
+    get_unlock_key.__doc__ = APIClient.get_unlock_key.__doc__
+
    def init(self, advertise_addr=None, listen_addr='0.0.0.0:2377',
             force_new_cluster=False, **kwargs):
        """
@@ -128,6 +132,10 @@ class Swarm(Model):
        """
        self.attrs = self.client.api.inspect_swarm()

+    def unlock(self, key):
+        return self.client.api.unlock_swarm(key)
+    unlock.__doc__ = APIClient.unlock_swarm.__doc__
+
    def update(self, rotate_worker_token=False, rotate_manager_token=False,
               **kwargs):
        """

--- a/docs/swarm.rst
+++ b/docs/swarm.rst
@@ -12,9 +12,11 @@ These methods are available on ``client.swarm``:
 .. rst-class:: hide-signature
 .. py:class:: Swarm

+  .. automethod:: get_unlock_key()
  .. automethod:: init()
  .. automethod:: join()
  .. automethod:: leave()
+  .. automethod:: unlock()
  .. automethod:: update()
  .. automethod:: reload()


--- a/tests/integration/api_swarm_test.py
+++ b/tests/integration/api_swarm_test.py
@@ -10,9 +10,16 @@ class SwarmTest(BaseAPIIntegrationTest):
    def setUp(self):
        super(SwarmTest, self).setUp()
        force_leave_swarm(self.client)
+        self._unlock_key = None

    def tearDown(self):
        super(SwarmTest, self).tearDown()
+        try:
+            if self._unlock_key:
+                self.client.unlock_swarm(self._unlock_key)
+        except docker.errors.APIError:
+            pass
+
        force_leave_swarm(self.client)

    @requires_api_version('1.24')
@@ -64,12 +71,16 @@ class SwarmTest(BaseAPIIntegrationTest):
    def test_init_swarm_with_autolock_managers(self):
        spec = self.client.create_swarm_spec(autolock_managers=True)
        assert self.init_swarm(swarm_spec=spec)
+        # save unlock key for tearDown
+        self._unlock_key = self.client.get_unlock_key()
        swarm_info = self.client.inspect_swarm()

        assert (
            swarm_info['Spec']['EncryptionConfig']['AutoLockManagers'] is True
        )

+        assert self._unlock_key.get('UnlockKey')
+
    @requires_api_version('1.25')
    @pytest.mark.xfail(
        reason="This doesn't seem to be taken into account by the engine"