summaryrefslogtreecommitdiff
path: root/cmd/podman/secrets/inspect.go
diff options
context:
space:
mode:
authorAshley Cui <acui@redhat.com>2021-01-15 01:27:23 -0500
committerAshley Cui <acui@redhat.com>2021-02-09 09:13:21 -0500
commit832a69b0bee6ec289521fbd59ddd480372493ee3 (patch)
tree4c8a14b7fad879dc454c37f8b59120cf74ceafd1 /cmd/podman/secrets/inspect.go
parent2aaf631586e82192e6b7b992e6b5c8717eb792d7 (diff)
downloadpodman-832a69b0bee6ec289521fbd59ddd480372493ee3.tar.gz
podman-832a69b0bee6ec289521fbd59ddd480372493ee3.tar.bz2
podman-832a69b0bee6ec289521fbd59ddd480372493ee3.zip
Implement Secrets
Implement podman secret create, inspect, ls, rm Implement podman run/create --secret Secrets are blobs of data that are sensitive. Currently, the only secret driver supported is filedriver, which means creating a secret stores it in base64 unencrypted in a file. After creating a secret, a user can use the --secret flag to expose the secret inside the container at /run/secrets/[secretname] This secret will not be commited to an image on a podman commit Signed-off-by: Ashley Cui <acui@redhat.com>
Diffstat (limited to 'cmd/podman/secrets/inspect.go')
-rw-r--r--cmd/podman/secrets/inspect.go82
1 files changed, 82 insertions, 0 deletions
diff --git a/cmd/podman/secrets/inspect.go b/cmd/podman/secrets/inspect.go
new file mode 100644
index 000000000..f38ba7f65
--- /dev/null
+++ b/cmd/podman/secrets/inspect.go
@@ -0,0 +1,82 @@
+package secrets
+
+import (
+ "context"
+ "encoding/json"
+ "fmt"
+ "html/template"
+ "os"
+ "text/tabwriter"
+
+ "github.com/containers/common/pkg/report"
+ "github.com/containers/podman/v2/cmd/podman/common"
+ "github.com/containers/podman/v2/cmd/podman/parse"
+ "github.com/containers/podman/v2/cmd/podman/registry"
+ "github.com/containers/podman/v2/pkg/domain/entities"
+ "github.com/pkg/errors"
+ "github.com/spf13/cobra"
+)
+
+var (
+ inspectCmd = &cobra.Command{
+ Use: "inspect [options] SECRET [SECRET...]",
+ Short: "Inspect a secret",
+ Long: "Display detail information on one or more secrets",
+ RunE: inspect,
+ Example: "podman secret inspect MYSECRET",
+ Args: cobra.MinimumNArgs(1),
+ ValidArgsFunction: common.AutocompleteSecrets,
+ }
+)
+
+var format string
+
+func init() {
+ registry.Commands = append(registry.Commands, registry.CliCommand{
+ Mode: []entities.EngineMode{entities.ABIMode, entities.TunnelMode},
+ Command: inspectCmd,
+ Parent: secretCmd,
+ })
+ flags := inspectCmd.Flags()
+ formatFlagName := "format"
+ flags.StringVar(&format, formatFlagName, "", "Format volume output using Go template")
+ _ = inspectCmd.RegisterFlagCompletionFunc(formatFlagName, common.AutocompleteJSONFormat)
+}
+
+func inspect(cmd *cobra.Command, args []string) error {
+ inspected, errs, _ := registry.ContainerEngine().SecretInspect(context.Background(), args)
+
+ // always print valid list
+ if len(inspected) == 0 {
+ inspected = []*entities.SecretInfoReport{}
+ }
+
+ if cmd.Flags().Changed("format") {
+ row := report.NormalizeFormat(format)
+ formatted := parse.EnforceRange(row)
+
+ tmpl, err := template.New("inspect secret").Parse(formatted)
+ if err != nil {
+ return err
+ }
+ w := tabwriter.NewWriter(os.Stdout, 12, 2, 2, ' ', 0)
+ defer w.Flush()
+ tmpl.Execute(w, inspected)
+ } else {
+ buf, err := json.MarshalIndent(inspected, "", " ")
+ if err != nil {
+ return err
+ }
+ fmt.Println(string(buf))
+ }
+
+ if len(errs) > 0 {
+ if len(errs) > 1 {
+ for _, err := range errs[1:] {
+ fmt.Fprintf(os.Stderr, "error inspecting secret: %v\n", err)
+ }
+ }
+ return errors.Errorf("error inspecting secret: %v", errs[0])
+ }
+ return nil
+}