Podman · Capability
supports a RESTful API for the Libpod library — secrets
supports a RESTful API for the Libpod library — secrets. 5 operations. Lead operation: Create a secret. Self-contained Naftiko capability covering one Podman business surface.
What You Can Do
POST
Secretcreatelibpod
— Create a secret
/v1/libpod/secrets/create
GET
Secretlistlibpod
— List secrets
/v1/libpod/secrets/json
DELETE
Secretdeletelibpod
— Remove secret
/v1/libpod/secrets/{name}
GET
Secretexistslibpod
— Secret exists
/v1/libpod/secrets/{name}/exists
GET
Secretinspectlibpod
— Inspect secret
/v1/libpod/secrets/{name}/json
MCP Tools
create-secret
Create a secret
list-secrets
List secrets
read-only
idempotent
remove-secret
Remove secret
idempotent
secret-exists
Secret exists
read-only
idempotent
inspect-secret
Inspect secret
read-only
idempotent
Capability Spec
naftiko: 1.0.0-alpha2
info:
label: supports a RESTful API for the Libpod library — secrets
description: 'supports a RESTful API for the Libpod library — secrets. 5 operations. Lead operation: Create a secret. Self-contained
Naftiko capability covering one Podman business surface.'
tags:
- Podman
- secrets
created: '2026-05-19'
modified: '2026-05-19'
binds:
- namespace: env
keys:
PODMAN_API_KEY: PODMAN_API_KEY
capability:
consumes:
- type: http
namespace: podman-secrets
baseUri: http://podman.io
description: supports a RESTful API for the Libpod library — secrets business capability. Self-contained, no shared references.
resources:
- name: libpod-secrets-create
path: /libpod/secrets/create
operations:
- name: secretcreatelibpod
method: POST
description: Create a secret
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: name
in: query
type: string
description: User-defined name of the secret.
required: true
- name: driver
in: query
type: string
description: Secret driver
- name: driveropts
in: query
type: string
description: JSON-encoded string containing secret driver options as a `map[string]string`.
- name: labels
in: query
type: string
description: JSON-encoded string containing labels as a `map[string]string`.
- name: replace
in: query
type: boolean
description: Replace an existing secret with the same name.
- name: ignore
in: query
type: boolean
description: Ignore the request if a secret with the same name already exists.
- name: request
in: body
type: string
description: Secret
- name: libpod-secrets-json
path: /libpod/secrets/json
operations:
- name: secretlistlibpod
method: GET
description: List secrets
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: filters
in: query
type: string
description: 'JSON encoded value of the filters (a `map[string][]string`) to process on the secrets list. Currently
available filters:'
- name: libpod-secrets-name
path: /libpod/secrets/{name}
operations:
- name: secretdeletelibpod
method: DELETE
description: Remove secret
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: name
in: path
type: string
description: the name or ID of the secret
required: true
- name: all
in: query
type: boolean
description: Remove all secrets
- name: libpod-secrets-name-exists
path: /libpod/secrets/{name}/exists
operations:
- name: secretexistslibpod
method: GET
description: Secret exists
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: name
in: path
type: string
description: the name or ID of the secret
required: true
- name: libpod-secrets-name-json
path: /libpod/secrets/{name}/json
operations:
- name: secretinspectlibpod
method: GET
description: Inspect secret
outputRawFormat: json
outputParameters:
- name: result
type: object
value: $.
inputParameters:
- name: name
in: path
type: string
description: the name or ID of the secret
required: true
- name: showsecret
in: query
type: boolean
description: Display Secret
exposes:
- type: rest
namespace: podman-secrets-rest
port: 8080
description: REST adapter for supports a RESTful API for the Libpod library — secrets. One Spectral-compliant resource
per consumed operation, prefixed with /v1.
resources:
- path: /v1/libpod/secrets/create
name: libpod-secrets-create
description: REST surface for libpod-secrets-create.
operations:
- method: POST
name: secretcreatelibpod
description: Create a secret
call: podman-secrets.secretcreatelibpod
with:
name: rest.name
driver: rest.driver
driveropts: rest.driveropts
labels: rest.labels
replace: rest.replace
ignore: rest.ignore
request: rest.request
outputParameters:
- type: object
mapping: $.
- path: /v1/libpod/secrets/json
name: libpod-secrets-json
description: REST surface for libpod-secrets-json.
operations:
- method: GET
name: secretlistlibpod
description: List secrets
call: podman-secrets.secretlistlibpod
with:
filters: rest.filters
outputParameters:
- type: object
mapping: $.
- path: /v1/libpod/secrets/{name}
name: libpod-secrets-name
description: REST surface for libpod-secrets-name.
operations:
- method: DELETE
name: secretdeletelibpod
description: Remove secret
call: podman-secrets.secretdeletelibpod
with:
name: rest.name
all: rest.all
outputParameters:
- type: object
mapping: $.
- path: /v1/libpod/secrets/{name}/exists
name: libpod-secrets-name-exists
description: REST surface for libpod-secrets-name-exists.
operations:
- method: GET
name: secretexistslibpod
description: Secret exists
call: podman-secrets.secretexistslibpod
with:
name: rest.name
outputParameters:
- type: object
mapping: $.
- path: /v1/libpod/secrets/{name}/json
name: libpod-secrets-name-json
description: REST surface for libpod-secrets-name-json.
operations:
- method: GET
name: secretinspectlibpod
description: Inspect secret
call: podman-secrets.secretinspectlibpod
with:
name: rest.name
showsecret: rest.showsecret
outputParameters:
- type: object
mapping: $.
- type: mcp
namespace: podman-secrets-mcp
port: 9090
transport: http
description: MCP adapter for supports a RESTful API for the Libpod library — secrets. One tool per consumed operation,
routed inline through this capability's consumes block.
tools:
- name: create-secret
description: Create a secret
hints:
readOnly: false
destructive: false
idempotent: false
call: podman-secrets.secretcreatelibpod
with:
name: tools.name
driver: tools.driver
driveropts: tools.driveropts
labels: tools.labels
replace: tools.replace
ignore: tools.ignore
request: tools.request
outputParameters:
- type: object
mapping: $.
- name: list-secrets
description: List secrets
hints:
readOnly: true
destructive: false
idempotent: true
call: podman-secrets.secretlistlibpod
with:
filters: tools.filters
outputParameters:
- type: object
mapping: $.
- name: remove-secret
description: Remove secret
hints:
readOnly: false
destructive: true
idempotent: true
call: podman-secrets.secretdeletelibpod
with:
name: tools.name
all: tools.all
outputParameters:
- type: object
mapping: $.
- name: secret-exists
description: Secret exists
hints:
readOnly: true
destructive: false
idempotent: true
call: podman-secrets.secretexistslibpod
with:
name: tools.name
outputParameters:
- type: object
mapping: $.
- name: inspect-secret
description: Inspect secret
hints:
readOnly: true
destructive: false
idempotent: true
call: podman-secrets.secretinspectlibpod
with:
name: tools.name
showsecret: tools.showsecret
outputParameters:
- type: object
mapping: $.