uumas/ansible-podman
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

container: Add support for specifying secret type (untested)

Browse Source
This commit is contained in:
uumas
2025-06-17 09:08:59 +03:00
parent 3ac6b98a30
commit 7d8b1cb258
4 changed files with 28 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
roles/container/meta/argument_specs.yaml
View File

@@ -114,7 +114,14 @@ argument_specs:
description: Length of randomly generated string description: Length of randomly generated string
type: int type: int
required: false required: false
defalut: 128 default: 128
type:
description: How the secret will be exposed to the container
type: str
choices:
- mount
- env
default: mount
container_env: container_env:
description: A dict of environment variables for the container description: A dict of environment variables for the container

2
roles/container/tasks/main.yaml
View File

@@ -44,7 +44,7 @@
mount: "{{ _container_mounts | map('items') | map('map', 'join', '=') | map('join', ',') }}" mount: "{{ _container_mounts | map('items') | map('map', 'join', '=') | map('join', ',') }}"
network: "{{ container_networks | map('regex_replace', '$', '.network') }}" network: "{{ container_networks | map('regex_replace', '$', '.network') }}"
publish: "{{ container_publish_ports }}" publish: "{{ container_publish_ports }}"
secrets: "{{ container_secrets | map(attribute='name') }}" secrets: "{{ _container_secrets }}"
env: "{{ container_env.keys() | zip(container_env.values() | map('quote')) | community.general.dict }}" env: "{{ container_env.keys() | zip(container_env.values() | map('quote')) | community.general.dict }}"
state: quadlet state: quadlet
quadlet_file_mode: "0600" quadlet_file_mode: "0600"

12
roles/container/vars/main.yaml
View File

@@ -22,6 +22,18 @@ _container_mounts: >-
| zip(_container_volume_mount_sources) | map('combine') | zip(_container_volume_mount_sources) | map('combine')
}} }}
_container_secrets: >-
{{
container_secrets
| map(attribute='name')
| zip(
container_secrets
| map(attribute='type', default='mount')
| map('regex_replace', '^', 'type=')
)
| map('join', ',')
}}
_container_quadlet_unit_options: | _container_quadlet_unit_options: |
[Unit] [Unit]
Description=Container {{ container_name }} Description=Container {{ container_name }}

7
roles/service/meta/argument_specs.yaml
View File

@@ -138,6 +138,13 @@ argument_specs:
type: int type: int
required: false required: false
default: 128 default: 128
type:
description: How the secret will be exposed to the container
type: str
choices:
- mount
- env
default: mount
service_container_env: service_container_env:
description: A dict of environment variables for the service container(s) description: A dict of environment variables for the service container(s)
type: dict type: dict