diff options
| author | Ashley Cui <acui@redhat.com> | 2021-05-14 16:29:44 -0400 |
|---|---|---|
| committer | Ashley Cui <acui@redhat.com> | 2021-05-17 14:35:55 -0400 |
| commit | cf30f160ad599cac0f3dc300f673d88f60128275 (patch) | |
| tree | 140d265481fc1b2e02a0f903729253e6c631dada /pkg/specgen/specgen.go | |
| parent | 2b0b97150a01c5a3c1706dd369a0caeb5cf6ec09 (diff) | |
| download | podman-cf30f160ad599cac0f3dc300f673d88f60128275.tar.gz podman-cf30f160ad599cac0f3dc300f673d88f60128275.tar.bz2 podman-cf30f160ad599cac0f3dc300f673d88f60128275.zip | |
Support uid,gid,mode options for secrets
Support UID, GID, Mode options for mount type secrets. Also, change
default secret permissions to 444 so all users can read secret.
Signed-off-by: Ashley Cui <acui@redhat.com>
Diffstat (limited to 'pkg/specgen/specgen.go')
| -rw-r--r-- | pkg/specgen/specgen.go | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/pkg/specgen/specgen.go b/pkg/specgen/specgen.go index 2e01d1535..2815bdebb 100644 --- a/pkg/specgen/specgen.go +++ b/pkg/specgen/specgen.go @@ -258,7 +258,7 @@ type ContainerStorageConfig struct { RootfsPropagation string `json:"rootfs_propagation,omitempty"` // Secrets are the secrets that will be added to the container // Optional. - Secrets []string `json:"secrets,omitempty"` + Secrets []Secret `json:"secrets,omitempty"` // Volatile specifies whether the container storage can be optimized // at the cost of not syncing all the dirty files in memory. Volatile bool `json:"volatile,omitempty"` @@ -521,6 +521,13 @@ type PortMapping struct { Protocol string `json:"protocol,omitempty"` } +type Secret struct { + Source string + UID uint32 + GID uint32 + Mode uint32 +} + var ( // ErrNoStaticIPRootless is used when a rootless user requests to assign a static IP address // to a pod or container |