Container secret mounts » History » Version 1
Tom Clegg, 02/27/2018 08:17 PM
| 1 | 1 | Tom Clegg | h1. Container secret mounts |
|---|---|---|---|
| 2 | |||
| 3 | "secret_mounts" (?) behave just like mounts, except: |
||
| 4 | * Only literal content is allowed (text, json) |
||
| 5 | * Value of secret_mounts is never returned in a container request or container API response, except a new "containers#secrets" API which must be authenticated by the container's own runtime token |
||
| 6 | * Never appears in container logs |
||
| 7 | * Never appears in the Arvados logs table |
||
| 8 | * Never appears in websocket updates |
||
| 9 | * Never appears in API server request logs |
||
| 10 | |||
| 11 | It is an error for the same key (mount path) to appear in both mounts and secret_mounts. |