search

southalc / podman

Puppet module for podman
Apache License 2.0
13 stars 30 forks source link

New podman::secret to create or delete secrets #65

Closed traylenator closed 10 months ago

traylenator commented 1 year ago

Can set secrets from:

When flag values are changed the secret will be updated. To update a changing secret it best to store a secret version as a label.

Setting a secret from puppet:

podman::secret{'foo':
   secret => Sensitive('topsecret'),
   flags => {
     label => ['version=20230615'],
   },
}

Setting a secret from a file path

podman::secret{'foo':
   path          => '/tmp/secretstuff',
   subscribe => File['/tmp/secretstuff'],
}

Setting a secret from a deferred function

podman::secret{'foo':
   secret => Sensitive(Deferred('fetch_secret',['key'])),
   flags => {
     label => ['version=20230615'],
   },
}
traylenator commented 1 year ago

In draft while I think of way to update secrets - comments very much welcome.

traylenator commented 1 year ago

In draft while I think of way to update secrets - comments very much welcome.

Add a secret version in the label works well.

southalc commented 10 months ago

Thanks for your contribution to the project!