Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

podman_container: using YAML dictionaries for options in the secrets parameter #758

Open
ivanov17 opened this issue May 25, 2024 · 4 comments
Open

podman_container: using YAML dictionaries for options in the secrets parameter #758

ivanov17 opened this issue May 25, 2024 · 4 comments
Labels
enhancement New feature or request
Milestone
2.0.0

Comments

@ivanov17
Copy link

/kind feature

Description

Hello, Sergey! What do you think about using list (or dictionary) of dictionaries in addition to using a list of strings for the secrets parameter in the containers.podman.podman_container module?

It might look like this:

- containers.podman.podman_container:
    ...
    secrets:
      - secret: my_file
        type: mount
        target: /run/secrets/file.txt
        uid: 101
        mode: 0600
      - secret: my_variable
        type: env
        target: MY_VARIABLE
    ...

Or like this:

- containers.podman.podman_container:
    ...
    secrets:
      my_file:
        type: mount
        target: /run/secrets/file.txt
        uid: 101
        mode: 0600
      my_variable:
        type: env
        target: MY_VARIABLE
    ...

It seems to be a little more readable than this:

- containers.podman.podman_container:
    ...
    secrets:
      - "my_file,type=mount,target=/run/secrets/file.txt,uid=101,mode=0600"
      - "my_variable,type=env,target=MY_VARIABLE"
    ...

Also, if multiple Jinja variables are used in a string, it becomes too long.
@sshnaidm
Copy link
Member

It's doable of course, but it will be backward incompatible, which will break current users of podman_container. I would consider it for next version 2 of collection, which will be anyway incompatible with version 1.

@sshnaidm sshnaidm added the enhancement New feature or request label May 26, 2024
@ivanov17
Copy link
Author

Can we to have two syntax variants at the same time: list (or dictionary) of dictionaries and list of strings? I think the module could check the type and just concatenate keys and values into a string if it's a dictionary.

In any case, there is nothing critical here. It's just an idea to make working with secret options a little more convenient. Thank you.

@sshnaidm
Copy link
Member

It's possible to add another variable like secrets_dict or something similar, module has strict type for each variable. But in this case we'll need to handle idempotency for one parameter from two different variables, which will be non trivial. I think better to plan it for next version.

@ivanov17
Copy link
Author

module has strict type for each variable

Now it's clear, thank you. Yes, this is really worth doing in the next major version.

@sshnaidm sshnaidm added this to the 2.0.0 milestone May 29, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
2.0.0
Development

No branches or pull requests
2 participants
@ivanov17 @sshnaidm