diff options
author | Aditya Rajan <arajan@redhat.com> | 2021-11-15 14:39:26 +0530 |
---|---|---|
committer | Aditya Rajan <arajan@redhat.com> | 2021-11-15 23:19:27 +0530 |
commit | 014cc4b9d9a15db6e61331a3be37a98235db8301 (patch) | |
tree | 2bbde4f868821a6d92dca4edce2549b6c69d7871 /pkg | |
parent | cca6df428cb9ce187ae1341740ac1137c7a67a75 (diff) | |
download | podman-014cc4b9d9a15db6e61331a3be37a98235db8301.tar.gz podman-014cc4b9d9a15db6e61331a3be37a98235db8301.tar.bz2 podman-014cc4b9d9a15db6e61331a3be37a98235db8301.zip |
secret: honor custom target for secrets with run
Honor custom `target` if specified while running or creating containers
with secret `type=mount`.
Example:
`podman run -it --secret token,type=mount,target=TOKEN ubi8/ubi:latest
bash`
Signed-off-by: Aditya Rajan <arajan@redhat.com>
Diffstat (limited to 'pkg')
-rw-r--r-- | pkg/specgen/generate/container_create.go | 1 | ||||
-rw-r--r-- | pkg/specgen/specgen.go | 1 | ||||
-rw-r--r-- | pkg/specgenutil/specgen.go | 5 |
3 files changed, 4 insertions, 3 deletions
diff --git a/pkg/specgen/generate/container_create.go b/pkg/specgen/generate/container_create.go index f3dc28b01..f90fef9e8 100644 --- a/pkg/specgen/generate/container_create.go +++ b/pkg/specgen/generate/container_create.go @@ -474,6 +474,7 @@ func createContainerOptions(ctx context.Context, rt *libpod.Runtime, s *specgen. UID: s.UID, GID: s.GID, Mode: s.Mode, + Target: s.Target, }) } options = append(options, libpod.WithSecrets(secrs)) diff --git a/pkg/specgen/specgen.go b/pkg/specgen/specgen.go index d777287d7..310695c3b 100644 --- a/pkg/specgen/specgen.go +++ b/pkg/specgen/specgen.go @@ -540,6 +540,7 @@ func (s *SpecGenerator) GetImage() (*libimage.Image, string) { type Secret struct { Source string + Target string UID uint32 GID uint32 Mode uint32 diff --git a/pkg/specgenutil/specgen.go b/pkg/specgenutil/specgen.go index 04d3add32..91f5165f2 100644 --- a/pkg/specgenutil/specgen.go +++ b/pkg/specgenutil/specgen.go @@ -874,6 +874,7 @@ func parseSecrets(secrets []string) ([]specgen.Secret, map[string]string, error) if len(split) == 1 { mountSecret := specgen.Secret{ Source: val, + Target: target, UID: uid, GID: gid, Mode: mode, @@ -939,11 +940,9 @@ func parseSecrets(secrets []string) ([]specgen.Secret, map[string]string, error) return nil, nil, errors.Wrapf(secretParseError, "no source found %s", val) } if secretType == "mount" { - if target != "" { - return nil, nil, errors.Wrapf(secretParseError, "target option is invalid for mounted secrets") - } mountSecret := specgen.Secret{ Source: source, + Target: target, UID: uid, GID: gid, Mode: mode, |