summaryrefslogtreecommitdiff
path: root/pkg
diff options
context:
space:
mode:
authorAditya Rajan <arajan@redhat.com>2021-11-15 14:39:26 +0530
committerAditya Rajan <arajan@redhat.com>2021-11-15 23:19:27 +0530
commit014cc4b9d9a15db6e61331a3be37a98235db8301 (patch)
tree2bbde4f868821a6d92dca4edce2549b6c69d7871 /pkg
parentcca6df428cb9ce187ae1341740ac1137c7a67a75 (diff)
downloadpodman-014cc4b9d9a15db6e61331a3be37a98235db8301.tar.gz
podman-014cc4b9d9a15db6e61331a3be37a98235db8301.tar.bz2
podman-014cc4b9d9a15db6e61331a3be37a98235db8301.zip
secret: honor custom target for secrets with run
Honor custom `target` if specified while running or creating containers with secret `type=mount`. Example: `podman run -it --secret token,type=mount,target=TOKEN ubi8/ubi:latest bash` Signed-off-by: Aditya Rajan <arajan@redhat.com>
Diffstat (limited to 'pkg')
-rw-r--r--pkg/specgen/generate/container_create.go1
-rw-r--r--pkg/specgen/specgen.go1
-rw-r--r--pkg/specgenutil/specgen.go5
3 files changed, 4 insertions, 3 deletions
diff --git a/pkg/specgen/generate/container_create.go b/pkg/specgen/generate/container_create.go
index f3dc28b01..f90fef9e8 100644
--- a/pkg/specgen/generate/container_create.go
+++ b/pkg/specgen/generate/container_create.go
@@ -474,6 +474,7 @@ func createContainerOptions(ctx context.Context, rt *libpod.Runtime, s *specgen.
UID: s.UID,
GID: s.GID,
Mode: s.Mode,
+ Target: s.Target,
})
}
options = append(options, libpod.WithSecrets(secrs))
diff --git a/pkg/specgen/specgen.go b/pkg/specgen/specgen.go
index d777287d7..310695c3b 100644
--- a/pkg/specgen/specgen.go
+++ b/pkg/specgen/specgen.go
@@ -540,6 +540,7 @@ func (s *SpecGenerator) GetImage() (*libimage.Image, string) {
type Secret struct {
Source string
+ Target string
UID uint32
GID uint32
Mode uint32
diff --git a/pkg/specgenutil/specgen.go b/pkg/specgenutil/specgen.go
index 04d3add32..91f5165f2 100644
--- a/pkg/specgenutil/specgen.go
+++ b/pkg/specgenutil/specgen.go
@@ -874,6 +874,7 @@ func parseSecrets(secrets []string) ([]specgen.Secret, map[string]string, error)
if len(split) == 1 {
mountSecret := specgen.Secret{
Source: val,
+ Target: target,
UID: uid,
GID: gid,
Mode: mode,
@@ -939,11 +940,9 @@ func parseSecrets(secrets []string) ([]specgen.Secret, map[string]string, error)
return nil, nil, errors.Wrapf(secretParseError, "no source found %s", val)
}
if secretType == "mount" {
- if target != "" {
- return nil, nil, errors.Wrapf(secretParseError, "target option is invalid for mounted secrets")
- }
mountSecret := specgen.Secret{
Source: source,
+ Target: target,
UID: uid,
GID: gid,
Mode: mode,