Try SpotterManage podman secrets
| "added in version" 1.7.0 of containers.podman"
Authors: Aliaksandr Mianzhynski (@amenzhinsky)
Install with ansible-galaxy collection install containers.podman:==1.12.1
collections:
- name: containers.podman
version: 1.12.1Manage podman secrets
- name: Create secret
containers.podman.podman_secret:
state: present
name: mysecret
data: "my super secret content"
- name: Create container that uses the secret
containers.podman.podman_container:
name: showmysecret
image: docker.io/alpine:3.14
secrets:
- mysecret
detach: false
command: cat /run/secrets/mysecret
register: container
- name: Output secret data
debug:
msg: '{{ container.stdout }}'
- name: Remove secret
containers.podman.podman_secret:
state: absent
name: mysecret
data:
description:
- The value of the secret. Required when C(state) is C(present).
type: str
name:
description:
- The name of the secret.
required: true
type: str
debug:
default: false
description:
- Enable debug mode for module.
type: bool
force:
default: false
description:
- Use it when C(state) is C(present) to remove and recreate an existing secret.
type: bool
state:
choices:
- absent
- present
default: present
description:
- Whether to create or remove the named secret.
type: str
driver:
description:
- Override default secrets driver, currently podman uses C(file) which is unencrypted.
type: str
labels:
description:
- Labels to set on the secret.
type: dict
executable:
default: podman
description:
- Path to C(podman) executable if it is not in the C($PATH) on the machine running
C(podman)
type: str
driver_opts:
description:
- Driver-specific key-value options.
type: dict
skip_existing:
default: false
description:
- Use it when C(state) is C(present) and secret with the same name already exists.
If set to C(true), the secret will NOT be recreated and remains as is.
type: bool