summaryrefslogtreecommitdiff
path: root/libpod/oci_conmon_exec_linux.go
diff options
context:
space:
mode:
Diffstat (limited to 'libpod/oci_conmon_exec_linux.go')
-rw-r--r--libpod/oci_conmon_exec_linux.go16
1 files changed, 14 insertions, 2 deletions
diff --git a/libpod/oci_conmon_exec_linux.go b/libpod/oci_conmon_exec_linux.go
index 469bc7d86..5a7677b04 100644
--- a/libpod/oci_conmon_exec_linux.go
+++ b/libpod/oci_conmon_exec_linux.go
@@ -438,7 +438,7 @@ func (r *ConmonOCIRuntime) startExec(c *Container, sessionID string, options *Ex
// }
// }
- conmonEnv, extraFiles := r.configureConmonEnv(c, runtimeDir)
+ conmonEnv := r.configureConmonEnv(c, runtimeDir)
var filesToClose []*os.File
if options.PreserveFDs > 0 {
@@ -456,7 +456,6 @@ func (r *ConmonOCIRuntime) startExec(c *Container, sessionID string, options *Ex
execCmd.Env = append(execCmd.Env, conmonEnv...)
execCmd.ExtraFiles = append(execCmd.ExtraFiles, childSyncPipe, childStartPipe, childAttachPipe)
- execCmd.ExtraFiles = append(execCmd.ExtraFiles, extraFiles...)
execCmd.Dir = c.execBundlePath(sessionID)
execCmd.SysProcAttr = &syscall.SysProcAttr{
Setpgid: true,
@@ -685,6 +684,19 @@ func prepareProcessExec(c *Container, options *ExecOptions, env []string, sessio
pspec.Env = append(pspec.Env, env...)
}
+ // Add secret envs if they exist
+ manager, err := c.runtime.SecretsManager()
+ if err != nil {
+ return nil, err
+ }
+ for name, secr := range c.config.EnvSecrets {
+ _, data, err := manager.LookupSecretData(secr.Name)
+ if err != nil {
+ return nil, err
+ }
+ pspec.Env = append(pspec.Env, fmt.Sprintf("%s=%s", name, string(data)))
+ }
+
if options.Cwd != "" {
pspec.Cwd = options.Cwd
}
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-03-02 03:46:10 +0000