diff options
| author | Ashley Cui <acui@redhat.com> | 2021-05-05 10:34:13 -0400 |
|---|---|---|
| committer | Ashley Cui <acui@redhat.com> | 2021-05-06 14:00:57 -0400 |
| commit | 2634cb234f1500b76a2fd89351b9ad8a737a24ea (patch) | |
| tree | 10fb9e9dc38ef35ecd9390b43effe5dc667578b0 /libpod/options.go | |
| parent | 476c76f580d5cd092ff958765af36857b2a68d6c (diff) | |
| download | podman-2634cb234f1500b76a2fd89351b9ad8a737a24ea.tar.gz podman-2634cb234f1500b76a2fd89351b9ad8a737a24ea.tar.bz2 podman-2634cb234f1500b76a2fd89351b9ad8a737a24ea.zip | |
Add support for environment variable secrets
Env var secrets are env vars that are set inside the container but not
commited to and image. Also support reading from env var when creating a
secret.
Signed-off-by: Ashley Cui <acui@redhat.com>
Diffstat (limited to 'libpod/options.go')
| -rw-r--r-- | libpod/options.go | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/libpod/options.go b/libpod/options.go index 103a9a80a..7c574df75 100644 --- a/libpod/options.go +++ b/libpod/options.go @@ -1703,6 +1703,28 @@ func WithSecrets(secretNames []string) CtrCreateOption { } } +// WithSecrets adds environment variable secrets to the container +func WithEnvSecrets(envSecrets map[string]string) CtrCreateOption { + return func(ctr *Container) error { + ctr.config.EnvSecrets = make(map[string]*secrets.Secret) + if ctr.valid { + return define.ErrCtrFinalized + } + manager, err := secrets.NewManager(ctr.runtime.GetSecretsStorageDir()) + if err != nil { + return err + } + for target, src := range envSecrets { + secr, err := manager.Lookup(src) + if err != nil { + return err + } + ctr.config.EnvSecrets[target] = secr + } + return nil + } +} + // WithPidFile adds pidFile to the container func WithPidFile(pidFile string) CtrCreateOption { return func(ctr *Container) error { |