Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
podman-secret-create(1)	    General Commands Manual    podman-secret-create(1)

NAME
       podman-secret-create - Create a new secret

SYNOPSIS
       podman secret create [options] name file|-

DESCRIPTION
       Creates	a  secret  using  standard input or from a file	for the	secret
       content.

       Create accepts a	path to	a file,	or -, which tells podman to  read  the
       secret from stdin

       A secret	is a blob of sensitive data which a container needs at runtime
       but  is not stored in the image or in source control, such as usernames
       and passwords, TLS certificates and keys, SSH keys or  other  important
       generic strings or binary content (up to	500 kb in size).

       Secrets	are not	committed to an	image with podman commit, and does not
       get committed in	the archive created by a podman	export command.

       Secrets can also	be used	to store passwords for podman login to authen-
       ticate against container	registries.

OPTIONS
   --driver, -d=driver
       Specify the secret driver (default file).

   --driver-opts=key1=val1,key2=val2
       Specify driver specific options.

   --env=false
       Read secret data	from environment variable.

   --help
       Print usage statement.

   --label, -l=key=val1,key2=val2
       Add label to secret. These labels can be	viewed in podman  secrete  in-
       spect or	ls.

   --replace=false
       If  existing  secret  with the same name	already	exists,	update the se-
       cret.  The --replace option does	not  change  secrets  within  existing
       containers, only	newly created containers.
	The default is false.

SECRET DRIVERS
   file
       Secret resides in a read-protected file.

   pass
       Secret resides in a GPG-encrypted file.

   shell
       Secret  is managed by custom scripts. An	environment variable SECRET_ID
       is passed to the	scripts	(except	for list), and	secrets	 are  communi-
       cated via stdin/stdout (where applicable). Driver options list, lookup,
       store, and delete serve to install the scripts:

       [secrets]
       driver =	"shell"

       [secrets.opts]
       list =
       lookup =
       store =
       delete =

EXAMPLES
       Create the specified secret based on local file.

       echo -n mysecret	> ./secret.txt
       $ podman	secret create my_secret	./secret.txt

       Create the specified secret via stdin.

       $ printf	<secret> | podman secret create	my_secret -

       Create gpg encrypted secret based on local file using the pass driver.

       $ podman	secret create --driver=pass my_secret ./secret.txt.gpg

       Create a	secret from an environment variable called 'MYSECRET'.

       $ podman	secret create --env=true my_secret MYSECRET

SEE ALSO
       podman(1), podman-secret(1), podman-login(1)

HISTORY
       January	 2021,	Originally  compiled  by  Ashley  Cui  acui@redhat.com
       <mailto:acui@redhat.com>	February 2024, Added  example  showing	secret
       creation	 from  an  environment variable	by Brett Calliss brett@obliga-
       tory.email <mailto:brett@obligatory.email>

						       podman-secret-create(1)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=podman-secret-create&sektion=1&manpath=FreeBSD+Ports+14.3.quarterly>

home | help