mirror of
https://github.com/containers/podman
synced 2024-10-19 08:44:11 +00:00
Docs: removing secrets is safe for in-use secrets
Add docs explaining that it is safe to remove a secret that is in use by a container: secrets are copied and mounted into the container at creation Signed-off-by: Ashley Cui <acui@redhat.com>
This commit is contained in:
parent
604459b404
commit
3d01d42f26
|
@ -833,6 +833,11 @@ A secret is a blob of sensitive data which a container needs at runtime but
|
|||
should not be stored in the image or in source control, such as usernames and passwords,
|
||||
TLS certificates and keys, SSH keys or other important generic strings or binary content (up to 500 kb in size).
|
||||
|
||||
Secrets are copied and mounted into the container when a container is created. If a secret is deleted using
|
||||
`podman secret rm`, the container will still have access to the secret. If a secret is deleted and
|
||||
another secret is created with the same name, the secret inside the container will not change; the old
|
||||
secret value will still remain.
|
||||
|
||||
Secrets are managed using the `podman secret` command.
|
||||
|
||||
#### **--security-opt**=*option*
|
||||
|
|
|
@ -885,6 +885,11 @@ A secret is a blob of sensitive data which a container needs at runtime but
|
|||
should not be stored in the image or in source control, such as usernames and passwords,
|
||||
TLS certificates and keys, SSH keys or other important generic strings or binary content (up to 500 kb in size).
|
||||
|
||||
Secrets are copied and mounted into the container when a container is created. If a secret is deleted using
|
||||
`podman secret rm`, the container will still have access to the secret. If a secret is deleted and
|
||||
another secret is created with the same name, the secret inside the container will not change; the old
|
||||
secret value will still remain.
|
||||
|
||||
Secrets are managed using the `podman secret` command
|
||||
|
||||
#### **--security-opt**=*option*
|
||||
|
|
|
@ -10,6 +10,12 @@ podman\-secret\-rm - Remove one or more secrets
|
|||
|
||||
Removes one or more secrets.
|
||||
|
||||
`podman secret rm` is safe to use on secrets that are in use by a container.
|
||||
The created container will still have access to the secret data because secrets are
|
||||
copied and mounted into the container when a container is created. If a secret is deleted and
|
||||
another secret is created with the same name, the secret inside the container will not change;
|
||||
the old secret value will still remain.
|
||||
|
||||
## OPTIONS
|
||||
|
||||
#### **--all**, **-a**
|
||||
|
|
Loading…
Reference in a new issue