diff options
| author | Ashley Cui <acui@redhat.com> | 2021-05-14 16:29:44 -0400 |
|---|---|---|
| committer | Ashley Cui <acui@redhat.com> | 2021-07-12 17:00:50 -0400 |
| commit | 6f9d9636a23cf19a619c04d38e5efd524b846534 (patch) | |
| tree | 921ab1cbfe058d9dde258141aa905ed03a24e44c /pkg/specgen/specgen.go | |
| parent | 60d12f72b972d44ee20e95eb99c64a233069bf73 (diff) | |
| download | podman-6f9d9636a23cf19a619c04d38e5efd524b846534.tar.gz podman-6f9d9636a23cf19a619c04d38e5efd524b846534.tar.bz2 podman-6f9d9636a23cf19a619c04d38e5efd524b846534.zip | |
Support uid,gid,mode options for secrets
Support UID, GID, Mode options for mount type secrets. Also, change
default secret permissions to 444 so all users can read secret.
Signed-off-by: Ashley Cui <acui@redhat.com>
Diffstat (limited to 'pkg/specgen/specgen.go')
| -rw-r--r-- | pkg/specgen/specgen.go | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/pkg/specgen/specgen.go b/pkg/specgen/specgen.go index 2e01d1535..2815bdebb 100644 --- a/pkg/specgen/specgen.go +++ b/pkg/specgen/specgen.go @@ -258,7 +258,7 @@ type ContainerStorageConfig struct { RootfsPropagation string `json:"rootfs_propagation,omitempty"` // Secrets are the secrets that will be added to the container // Optional. - Secrets []string `json:"secrets,omitempty"` + Secrets []Secret `json:"secrets,omitempty"` // Volatile specifies whether the container storage can be optimized // at the cost of not syncing all the dirty files in memory. Volatile bool `json:"volatile,omitempty"` @@ -521,6 +521,13 @@ type PortMapping struct { Protocol string `json:"protocol,omitempty"` } +type Secret struct { + Source string + UID uint32 + GID uint32 + Mode uint32 +} + var ( // ErrNoStaticIPRootless is used when a rootless user requests to assign a static IP address // to a pod or container |