def get_updated_ref(self, ref, candidate):
# type: (SecretReference, Secret) -> None
"""Attempt to renew a SecretReference with a Secret.
:param SecretReference ref: The old SecretReference.
:param Secret candidate: The new Secret candidate.
:return: A new SecretReference or 'old' if renewal was not possible.
:rtype: SecretReference
"""
old = self.docker_client.secrets.get(ref.get("SecretID"))
if SecretUtils.secret_renews(old, candidate):
logger.info("--> Update %s: %s -> %s",
ref.get("File").get("Name"), old.name, candidate.name)
return SecretReference(candidate.id, candidate.name,
ref.get("File").get("Name"),
ref.get("File").get("UID"),
ref.get("File").get("GID"),
ref.get("File").get("Mode"))
return ref
def test_secret_renews(self, secrets):
a, b, c, d = [secrets[x] for x in sorted(secrets)]
assert SecretUtils.secret_renews(a, b) is False
assert SecretUtils.secret_renews(a, c) is False
assert SecretUtils.secret_renews(a, d) is False
assert SecretUtils.secret_renews(b, a) is False
assert SecretUtils.secret_renews(b, c) is True
assert SecretUtils.secret_renews(b, d) is False
assert SecretUtils.secret_renews(c, a) is False
assert SecretUtils.secret_renews(c, b) is False
assert SecretUtils.secret_renews(c, d) is False
assert SecretUtils.secret_renews(d, a) is False
assert SecretUtils.secret_renews(d, b) is False
assert SecretUtils.secret_renews(d, c) is False