summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAditya Rajan <arajan@redhat.com>2021-11-25 17:10:50 +0530
committerAditya Rajan <arajan@redhat.com>2021-11-30 14:19:17 +0530
commitbfcaf538bb000d7eb72975d234a95f566da54715 (patch)
treeb29573ec5d5bad840e794969b2a387c0a2f76622
parentd51ebca0c17cb69d2e5dfa45a5e2392e0afbd05e (diff)
downloadpodman-bfcaf538bb000d7eb72975d234a95f566da54715.tar.gz
podman-bfcaf538bb000d7eb72975d234a95f566da54715.tar.bz2
podman-bfcaf538bb000d7eb72975d234a95f566da54715.zip
api: allow build api to accept secrets
Following commit makes sure that `build` api can accept external secret and allows currently `NOOP` `podman-remote build -t tag --secret id=mysecret,src=/path/on/remote` to become functional. Just like `docker` following api is a hidden field and only exposed to `podman-remote` but could document it if it needs exposed on `swagger`. Signed-off-by: Aditya Rajan <arajan@redhat.com>
-rw-r--r--pkg/api/handlers/compat/images_build.go12
-rw-r--r--pkg/bindings/images/build.go7
2 files changed, 19 insertions, 0 deletions
diff --git a/pkg/api/handlers/compat/images_build.go b/pkg/api/handlers/compat/images_build.go
index ac5934c13..18f9dc98b 100644
--- a/pkg/api/handlers/compat/images_build.go
+++ b/pkg/api/handlers/compat/images_build.go
@@ -122,6 +122,7 @@ func BuildImage(w http.ResponseWriter, r *http.Request) {
Target string `schema:"target"`
Timestamp int64 `schema:"timestamp"`
Ulimits string `schema:"ulimits"`
+ Secrets string `schema:"secrets"`
}{
Dockerfile: "Dockerfile",
Registry: "docker.io",
@@ -239,6 +240,16 @@ func BuildImage(w http.ResponseWriter, r *http.Request) {
dnssearch = m
}
+ var secrets = []string{}
+ if _, found := r.URL.Query()["secrets"]; found {
+ var m = []string{}
+ if err := json.Unmarshal([]byte(query.Secrets), &m); err != nil {
+ utils.BadRequest(w, "secrets", query.Secrets, err)
+ return
+ }
+ secrets = m
+ }
+
var output string
if len(query.Tag) > 0 {
output = query.Tag[0]
@@ -447,6 +458,7 @@ func BuildImage(w http.ResponseWriter, r *http.Request) {
SeccompProfilePath: seccomp,
ShmSize: strconv.Itoa(query.ShmSize),
Ulimit: ulimits,
+ Secrets: secrets,
},
CNIConfigDir: rtc.Network.CNIPluginDirs[0],
CNIPluginPath: util.DefaultCNIPluginPath,
diff --git a/pkg/bindings/images/build.go b/pkg/bindings/images/build.go
index 3b0bebe9f..9c2e3e6b2 100644
--- a/pkg/bindings/images/build.go
+++ b/pkg/bindings/images/build.go
@@ -116,6 +116,13 @@ func Build(ctx context.Context, containerFiles []string, options entities.BuildO
}
params.Add("dnsservers", c)
}
+ if secrets := options.CommonBuildOpts.Secrets; len(secrets) > 0 {
+ c, err := jsoniter.MarshalToString(secrets)
+ if err != nil {
+ return nil, err
+ }
+ params.Add("secrets", c)
+ }
if dnsoptions := options.CommonBuildOpts.DNSOptions; len(dnsoptions) > 0 {
c, err := jsoniter.MarshalToString(dnsoptions)
if err != nil {