-
Notifications
You must be signed in to change notification settings - Fork 16
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Podman Secret - JSON #121
Comments
It appears to be an issue with the way that the - name: Debug1
containers.podman.podman_secret:
name: mysecret2
state: present
force: true
data: "{{ __data }}"
vars:
__data: '{"test": "json"}' then following the instructions at https://docs.ansible.com/ansible/latest/dev_guide/debugging.html#debugging-modules
as you can see, the I looked at the built-in ansible Note that this works: - name: Debug2
containers.podman.podman_secret:
name: mysecret3
state: present
force: true
data: "{{ __data | to_json }}"
vars:
__data: {test: json} this is converted to |
Thanks for your quick reply and elaborate analsysis. |
Cause: Ansible is somehow converting JSON strings to the corresponding JSON object if the value is used in a loop and the value is used like `data: "{{ value }}"` Consequence: You cannot pass JSON strings as secrets and have the value preserved. Fix: Cast the data value to a string when passing to the podman_secret module. Result: JSON strings are preserved as-is for use in secrets. Github issue: linux-system-roles#121 Signed-off-by: Rich Megginson <rmeggins@redhat.com>
@sveno1990 are you able to try out #122 ? |
@richm just tested it, works great! |
Cause: Ansible is somehow converting JSON strings to the corresponding JSON object if the value is used in a loop and the value is used like `data: "{{ value }}"` Consequence: You cannot pass JSON strings as secrets and have the value preserved. Fix: Cast the data value to a string when passing to the podman_secret module. Result: JSON strings are preserved as-is for use in secrets. Github issue: #121 Signed-off-by: Rich Megginson <rmeggins@redhat.com>
If I pass a json value to my podman secret:
And I mount this secret in my .container file
Secret=password,type=mount,target=/test/test.json
When I exec in my container I see that ansible turned my double quotes to single quotes so no longer valid json.
sh-4.2# cat /test/test.json {'test': 'json'}
Is there a way to solve this?
The text was updated successfully, but these errors were encountered: