summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorOpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>2021-03-17 02:27:54 -0700
committerGitHub <noreply@github.com>2021-03-17 02:27:54 -0700
commit9439b699b8940e2caf84cc29026b0beb70a5a2bb (patch)
tree6cf7ce947a9d9a325f713038e672e18850e32bc9
parent604459b404ed190f51e8b368c619323317078232 (diff)
parent3d01d42f26166cb9c5ae524cf80979d82a9f2ebd (diff)
downloadpodman-9439b699b8940e2caf84cc29026b0beb70a5a2bb.tar.gz
podman-9439b699b8940e2caf84cc29026b0beb70a5a2bb.tar.bz2
podman-9439b699b8940e2caf84cc29026b0beb70a5a2bb.zip
Merge pull request #9728 from ashley-cui/secretdocs
[CI:DOCS] removing secrets is safe for in-use secrets
-rw-r--r--docs/source/markdown/podman-create.1.md5
-rw-r--r--docs/source/markdown/podman-run.1.md5
-rw-r--r--docs/source/markdown/podman-secret-rm.1.md6
3 files changed, 16 insertions, 0 deletions
diff --git a/docs/source/markdown/podman-create.1.md b/docs/source/markdown/podman-create.1.md
index d6b90e17a..5c53f8601 100644
--- a/docs/source/markdown/podman-create.1.md
+++ b/docs/source/markdown/podman-create.1.md
@@ -833,6 +833,11 @@ A secret is a blob of sensitive data which a container needs at runtime but
should not be stored in the image or in source control, such as usernames and passwords,
TLS certificates and keys, SSH keys or other important generic strings or binary content (up to 500 kb in size).
+Secrets are copied and mounted into the container when a container is created. If a secret is deleted using
+`podman secret rm`, the container will still have access to the secret. If a secret is deleted and
+another secret is created with the same name, the secret inside the container will not change; the old
+secret value will still remain.
+
Secrets are managed using the `podman secret` command.
#### **--security-opt**=*option*
diff --git a/docs/source/markdown/podman-run.1.md b/docs/source/markdown/podman-run.1.md
index 78b036cee..f61344099 100644
--- a/docs/source/markdown/podman-run.1.md
+++ b/docs/source/markdown/podman-run.1.md
@@ -885,6 +885,11 @@ A secret is a blob of sensitive data which a container needs at runtime but
should not be stored in the image or in source control, such as usernames and passwords,
TLS certificates and keys, SSH keys or other important generic strings or binary content (up to 500 kb in size).
+Secrets are copied and mounted into the container when a container is created. If a secret is deleted using
+`podman secret rm`, the container will still have access to the secret. If a secret is deleted and
+another secret is created with the same name, the secret inside the container will not change; the old
+secret value will still remain.
+
Secrets are managed using the `podman secret` command
#### **--security-opt**=*option*
diff --git a/docs/source/markdown/podman-secret-rm.1.md b/docs/source/markdown/podman-secret-rm.1.md
index 5169626dc..c6f5079ba 100644
--- a/docs/source/markdown/podman-secret-rm.1.md
+++ b/docs/source/markdown/podman-secret-rm.1.md
@@ -10,6 +10,12 @@ podman\-secret\-rm - Remove one or more secrets
Removes one or more secrets.
+`podman secret rm` is safe to use on secrets that are in use by a container.
+The created container will still have access to the secret data because secrets are
+copied and mounted into the container when a container is created. If a secret is deleted and
+another secret is created with the same name, the secret inside the container will not change;
+the old secret value will still remain.
+
## OPTIONS
#### **--all**, **-a**