containers / containers.podman / 1.12.1 / module / podman_secret Manage podman secrets | "added in version" 1.7.0 of containers.podman" Authors: Aliaksandr Mianzhynski (@amenzhinsky)containers.podman.podman_secret (1.12.1) — module
Install with ansible-galaxy collection install containers.podman:==1.12.1
collections: - name: containers.podman version: 1.12.1
Manage podman secrets
- name: Create secret containers.podman.podman_secret: state: present name: mysecret data: "my super secret content"
- name: Create container that uses the secret containers.podman.podman_container: name: showmysecret image: docker.io/alpine:3.14 secrets: - mysecret detach: false command: cat /run/secrets/mysecret register: container
- name: Output secret data debug: msg: '{{ container.stdout }}'
- name: Remove secret containers.podman.podman_secret: state: absent name: mysecret
data: description: - The value of the secret. Required when C(state) is C(present). type: str name: description: - The name of the secret. required: true type: str debug: default: false description: - Enable debug mode for module. type: bool force: default: false description: - Use it when C(state) is C(present) to remove and recreate an existing secret. type: bool state: choices: - absent - present default: present description: - Whether to create or remove the named secret. type: str driver: description: - Override default secrets driver, currently podman uses C(file) which is unencrypted. type: str labels: description: - Labels to set on the secret. type: dict executable: default: podman description: - Path to C(podman) executable if it is not in the C($PATH) on the machine running C(podman) type: str driver_opts: description: - Driver-specific key-value options. type: dict skip_existing: default: false description: - Use it when C(state) is C(present) and secret with the same name already exists. If set to C(true), the secret will NOT be recreated and remains as is. type: bool