You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mesos.apache.org by ka...@apache.org on 2017/05/22 21:28:04 UTC
[2/5] mesos git commit: Added default secret resolver module.

Added default secret resolver module.

Review: https://reviews.apache.org/r/58760


Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/d284a9ed
Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/d284a9ed
Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/d284a9ed

Branch: refs/heads/master
Commit: d284a9ed561ec4f8967114953febd5dd84c92006
Parents: 9430a3b
Author: Kapil Arya <ka...@mesosphere.io>
Authored: Wed Apr 26 10:59:01 2017 -0400
Committer: Kapil Arya <ka...@mesosphere.io>
Committed: Mon May 22 15:31:26 2017 -0400

----------------------------------------------------------------------
 src/CMakeLists.txt      |  5 +++
 src/Makefile.am         |  1 +
 src/secret/resolver.cpp | 85 ++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 91 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/mesos/blob/d284a9ed/src/CMakeLists.txt
----------------------------------------------------------------------
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index a038c0b..d71f1c6 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -400,6 +400,10 @@ set(SCHEDULER_SRC
   scheduler/scheduler.cpp
   )
 
+set(SECRET_SRC
+  secret/resolver.cpp
+  )
+
 set(STATE_SRC
   ${STATE_SRC}
   state/in_memory.cpp
@@ -480,6 +484,7 @@ set(MESOS_SRC
   ${MODULE_SRC}
   ${OCI_SRC}
   ${SCHEDULER_SRC}
+  ${SECRET_SRC}
   ${STATE_SRC}
   ${URI_SRC}
   ${USAGE_SRC}

http://git-wip-us.apache.org/repos/asf/mesos/blob/d284a9ed/src/Makefile.am
----------------------------------------------------------------------
diff --git a/src/Makefile.am b/src/Makefile.am
index a122a8b..e1fdda3 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -932,6 +932,7 @@ libmesos_no_3rdparty_la_SOURCES +=					\
   posix/rlimits.cpp							\
   sched/sched.cpp							\
   scheduler/scheduler.cpp						\
+  secret/resolver.cpp							\
   slave/constants.cpp							\
   slave/container_logger.cpp						\
   slave/flags.cpp							\

http://git-wip-us.apache.org/repos/asf/mesos/blob/d284a9ed/src/secret/resolver.cpp
----------------------------------------------------------------------
diff --git a/src/secret/resolver.cpp b/src/secret/resolver.cpp
new file mode 100644
index 0000000..13d45d0
--- /dev/null
+++ b/src/secret/resolver.cpp
@@ -0,0 +1,85 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include <string>
+
+#include <mesos/mesos.hpp>
+
+#include <mesos/module/secret_resolver.hpp>
+
+#include <mesos/secret/resolver.hpp>
+
+#include <process/future.hpp>
+
+#include <stout/try.hpp>
+
+#include "module/manager.hpp"
+
+using std::string;
+
+using process::Failure;
+using process::Future;
+using process::Shared;
+
+namespace mesos {
+namespace internal {
+
+// The default implementation verifies that the incoming secret
+// contains `value` but not `reference`. It then returns the value.
+class DefaultSecretResolver : public SecretResolver
+{
+public:
+  DefaultSecretResolver() {}
+
+  ~DefaultSecretResolver() {}
+
+  virtual process::Future<Secret::Value> resolve(const Secret& secret) const
+  {
+    if (secret.has_reference()) {
+      return Failure("Default secret resolver cannot resolve references");
+    }
+
+    if (!secret.has_value()) {
+      return Failure("Secret has no value");
+    }
+
+    return secret.value();
+  }
+};
+
+} // namespace internal {
+
+
+Try<SecretResolver*> SecretResolver::create(const Option<string>& moduleName)
+{
+  if (moduleName.isNone()) {
+    LOG(INFO) << "Creating default secret resolver";
+    return new internal::DefaultSecretResolver();
+  }
+
+  LOG(INFO) << "Creating secret resolver '" << moduleName.get() << "'";
+
+  Try<SecretResolver*> result =
+    modules::ModuleManager::create<SecretResolver>(moduleName.get());
+
+  if (result.isError()) {
+    return Error("Failed to initialize secret resolver: " + result.error());
+  }
+
+  return result;
+}
+
+} // namespace mesos {