From b860f8354c60c433fa45733492a0d2d72be5a2dd Mon Sep 17 00:00:00 2001 From: Sunny Date: Tue, 30 May 2017 00:30:10 +0530 Subject: [PATCH] Add --ca-cert & --ca-key flags to swarm init Signed-off-by: Sunny Gogoi --- cli/command/swarm/init.go | 2 ++ cli/command/swarm/opts.go | 8 ++++++++ 2 files changed, 10 insertions(+) diff --git a/cli/command/swarm/init.go b/cli/command/swarm/init.go index ea3189a0c713..7b4cdf95f6a9 100644 --- a/cli/command/swarm/init.go +++ b/cli/command/swarm/init.go @@ -45,6 +45,8 @@ func newInitCommand(dockerCli command.Cli) *cobra.Command { flags.BoolVar(&opts.forceNewCluster, "force-new-cluster", false, "Force create a new cluster from current state") flags.BoolVar(&opts.autolock, flagAutolock, false, "Enable manager autolocking (requiring an unlock key to start a stopped manager)") flags.StringVar(&opts.availability, flagAvailability, "active", `Availability of the node ("active"|"pause"|"drain")`) + flags.Var(&opts.rootCACert, flagCACert, "Path to the PEM-formatted root CA certificate to use for the new cluster") + flags.Var(&opts.rootCAKey, flagCAKey, "Path to the PEM-formatted root CA key to use for the new cluster") addSwarmFlags(flags, &opts.swarmOptions) return cmd } diff --git a/cli/command/swarm/opts.go b/cli/command/swarm/opts.go index 4625835055cc..23ed1d12737b 100644 --- a/cli/command/swarm/opts.go +++ b/cli/command/swarm/opts.go @@ -43,6 +43,8 @@ type swarmOptions struct { maxSnapshots uint64 snapshotInterval uint64 autolock bool + rootCACert PEMFile + rootCAKey PEMFile } // NodeAddrOption is a pflag.Value for listening addresses @@ -253,6 +255,12 @@ func (opts *swarmOptions) mergeSwarmSpec(spec *swarm.Spec, flags *pflag.FlagSet) if flags.Changed(flagAutolock) { spec.EncryptionConfig.AutoLockManagers = opts.autolock } + if flags.Changed(flagCACert) { + spec.CAConfig.SigningCACert = opts.rootCACert.Contents() + } + if flags.Changed(flagCAKey) { + spec.CAConfig.SigningCAKey = opts.rootCAKey.Contents() + } } func (opts *swarmOptions) ToSpec(flags *pflag.FlagSet) swarm.Spec {