Golang AllocDir.GetSecretDir Examples

Programming Language: Golang

Namespace/Package Name: github.com/hashicorp/nomad/client/allocdir

Class/Type: AllocDir

Method/Function: GetSecretDir

Examples at hotexamples.com: 2

Golang AllocDir.GetSecretDir - 2 examples found. These are the top rated real world Golang examples of github.com/hashicorp/nomad/client/allocdir.AllocDir.GetSecretDir extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

Embed(2)

GetSecretDir(2)

MountSharedDir(2)

Example #1

Show file

File: docker.go Project: zanella/nomad

func (d *DockerDriver) containerBinds(driverConfig *DockerDriverConfig, alloc *allocdir.AllocDir,
	task *structs.Task) ([]string, error) {

	shared := alloc.SharedDir
	taskDir, ok := alloc.TaskDirs[task.Name]
	if !ok {
		return nil, fmt.Errorf("Failed to find task local directory: %v", task.Name)
	}
	local := filepath.Join(taskDir, allocdir.TaskLocal)

	secret, err := alloc.GetSecretDir(task.Name)
	if err != nil {
		return nil, err
	}

	allocDirBind := fmt.Sprintf("%s:%s", shared, allocdir.SharedAllocContainerPath)
	taskLocalBind := fmt.Sprintf("%s:%s", local, allocdir.TaskLocalContainerPath)
	secretDirBind := fmt.Sprintf("%s:%s", secret, allocdir.TaskSecretsContainerPath)
	binds := []string{allocDirBind, taskLocalBind, secretDirBind}

	volumesEnabled := d.config.ReadBoolDefault(dockerVolumesConfigOption, dockerVolumesConfigDefault)

	for _, userbind := range driverConfig.Volumes {
		parts := strings.Split(userbind, ":")
		if len(parts) < 2 {
			return nil, fmt.Errorf("invalid docker volume: %q", userbind)
		}

		// Resolve dotted path segments
		parts[0] = filepath.Clean(parts[0])

		// Absolute paths aren't always supported
		if filepath.IsAbs(parts[0]) {
			if !volumesEnabled {
				// Disallow mounting arbitrary absolute paths
				return nil, fmt.Errorf("%s is false; cannot mount host paths: %+q", dockerVolumesConfigOption, userbind)
			}
			binds = append(binds, userbind)
			continue
		}

		// Relative paths are always allowed as they mount within a container
		// Expand path relative to alloc dir
		parts[0] = filepath.Join(taskDir, parts[0])
		binds = append(binds, strings.Join(parts, ":"))
	}

	if selinuxLabel := d.config.Read(dockerSELinuxLabelConfigOption); selinuxLabel != "" {
		// Apply SELinux Label to each volume
		for i := range binds {
			binds[i] = fmt.Sprintf("%s:%s", binds[i], selinuxLabel)
		}
	}

	return binds, nil
}

Example #2

Show file

File: docker.go Project: nak3/nomad

func (d *DockerDriver) containerBinds(driverConfig *DockerDriverConfig, alloc *allocdir.AllocDir,
	task *structs.Task) ([]string, error) {

	shared := alloc.SharedDir
	taskDir, ok := alloc.TaskDirs[task.Name]
	if !ok {
		return nil, fmt.Errorf("Failed to find task local directory: %v", task.Name)
	}
	local := filepath.Join(taskDir, allocdir.TaskLocal)

	secret, err := alloc.GetSecretDir(task.Name)
	if err != nil {
		return nil, err
	}

	allocDirBind := fmt.Sprintf("%s:%s", shared, allocdir.SharedAllocContainerPath)
	taskLocalBind := fmt.Sprintf("%s:%s", local, allocdir.TaskLocalContainerPath)
	secretDirBind := fmt.Sprintf("%s:%s", secret, allocdir.TaskSecretsContainerPath)
	binds := []string{allocDirBind, taskLocalBind, secretDirBind}

	volumesEnabled := d.config.ReadBoolDefault(dockerVolumesConfigOption, false)
	if len(driverConfig.Volumes) > 0 && !volumesEnabled {
		return nil, fmt.Errorf("%s is false; cannot use Docker Volumes: %+q", dockerVolumesConfigOption, driverConfig.Volumes)
	}

	if len(driverConfig.Volumes) > 0 {
		binds = append(binds, driverConfig.Volumes...)
	}

	if selinuxLabel := d.config.Read(dockerSELinuxLabelConfigOption); selinuxLabel != "" {
		// Apply SELinux Label to each volume
		for i := range binds {
			binds[i] = fmt.Sprintf("%s:%s", binds[i], selinuxLabel)
		}
	}

	return binds, nil
}