diff options
| author | Aditya Rajan <arajan@redhat.com> | 2021-11-15 14:39:26 +0530 |
|---|---|---|
| committer | Aditya Rajan <arajan@redhat.com> | 2021-11-15 23:19:27 +0530 |
| commit | 014cc4b9d9a15db6e61331a3be37a98235db8301 (patch) | |
| tree | 2bbde4f868821a6d92dca4edce2549b6c69d7871 /libpod/container_internal_linux.go | |
| parent | cca6df428cb9ce187ae1341740ac1137c7a67a75 (diff) | |
| download | podman-014cc4b9d9a15db6e61331a3be37a98235db8301.tar.gz podman-014cc4b9d9a15db6e61331a3be37a98235db8301.tar.bz2 podman-014cc4b9d9a15db6e61331a3be37a98235db8301.zip | |
secret: honor custom target for secrets with run
Honor custom `target` if specified while running or creating containers
with secret `type=mount`.
Example:
`podman run -it --secret token,type=mount,target=TOKEN ubi8/ubi:latest
bash`
Signed-off-by: Aditya Rajan <arajan@redhat.com>
Diffstat (limited to 'libpod/container_internal_linux.go')
| -rw-r--r-- | libpod/container_internal_linux.go | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go index 91453574e..3363ceb9b 100644 --- a/libpod/container_internal_linux.go +++ b/libpod/container_internal_linux.go @@ -1833,8 +1833,17 @@ rootless=%d return errors.Wrapf(err, "error creating secrets mount") } for _, secret := range c.Secrets() { + secretFileName := secret.Name + base := "/run/secrets" + if secret.Target != "" { + secretFileName = secret.Target + //If absolute path for target given remove base. + if filepath.IsAbs(secretFileName) { + base = "" + } + } src := filepath.Join(c.config.SecretsPath, secret.Name) - dest := filepath.Join("/run/secrets", secret.Name) + dest := filepath.Join(base, secretFileName) c.state.BindMounts[dest] = src } } |