Fix idempotency for any podman secret driver

All secret drivers are provided with the same interface in podman, so there is no need to hardcode the state as changed for all drivers other than 'file'. Signed-off-by: lersveen <7195448+lersveen@users.noreply.github.com>
2026-02-04 07:11:49 +00:00 · 2025-05-04 23:59:49 +02:00 · 2025-05-04 23:59:49 +02:00 · a1934b1733
commit a1934b1733
parent f1a9456147
1 changed files with 6 additions and 9 deletions
--- a/plugins/modules/podman_secret.py
+++ b/plugins/modules/podman_secret.py
@ -140,11 +140,6 @@ def need_update(module, executable, name, data, path, env, skip, driver, driver_
        return False
    try:
        secret = module.from_json(out)[0]
-        # We support only file driver for now
-        if (driver and driver != 'file') or secret['Spec']['Driver']['Name'] != 'file':
-            if debug:
-                module.log("PODMAN-SECRET-DEBUG: Idempotency of driver %s is not supported" % driver)
-            return True
        if data:
            if secret['SecretData'] != data:
                if debug:
@ -175,7 +170,11 @@ def need_update(module, executable, name, data, path, env, skip, driver, driver_
                    diff['after'] = "<different-secret>"
                    diff['before'] = "<secret>"
                return True
-
+        if driver:
+            if secret['Spec']['Driver']['Name'] != driver:
+                diff['after'] = driver
+                diff['before'] = secret['Spec']['Driver']['Name']
+                return True
        if driver_opts:
            for k, v in driver_opts.items():
                if secret['Spec']['Driver']['Options'].get(k) != v:
@ -198,9 +197,7 @@ def need_update(module, executable, name, data, path, env, skip, driver, driver_
 def podman_secret_create(module, executable, name, data, path, env, force, skip,
                         driver, driver_opts, debug, labels):
    podman_version = get_podman_version(module, fail=False)
-    if (podman_version is not None and
-        LooseVersion(podman_version) >= LooseVersion('4.7.0')
-            and (driver is None or driver == 'file')):
+    if podman_version is not None and LooseVersion(podman_version) >= LooseVersion('4.7.0'):
        if need_update(module, executable, name, data, path, env, skip, driver, driver_opts, debug, labels):
            podman_secret_remove(module, executable, name)
        else: