naftiko: 1.0.0-alpha2 info: label: supports a RESTful API for the Libpod library — secrets description: 'supports a RESTful API for the Libpod library — secrets. 5 operations. Lead operation: Create a secret. Self-contained Naftiko capability covering one Podman business surface.' tags: - Podman - secrets created: '2026-05-19' modified: '2026-05-19' binds: - namespace: env keys: PODMAN_API_KEY: PODMAN_API_KEY capability: consumes: - type: http namespace: podman-secrets baseUri: http://podman.io description: supports a RESTful API for the Libpod library — secrets business capability. Self-contained, no shared references. resources: - name: libpod-secrets-create path: /libpod/secrets/create operations: - name: secretcreatelibpod method: POST description: Create a secret outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: name in: query type: string description: User-defined name of the secret. required: true - name: driver in: query type: string description: Secret driver - name: driveropts in: query type: string description: JSON-encoded string containing secret driver options as a `map[string]string`. - name: labels in: query type: string description: JSON-encoded string containing labels as a `map[string]string`. - name: replace in: query type: boolean description: Replace an existing secret with the same name. - name: ignore in: query type: boolean description: Ignore the request if a secret with the same name already exists. - name: request in: body type: string description: Secret - name: libpod-secrets-json path: /libpod/secrets/json operations: - name: secretlistlibpod method: GET description: List secrets outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: filters in: query type: string description: 'JSON encoded value of the filters (a `map[string][]string`) to process on the secrets list. Currently available filters:' - name: libpod-secrets-name path: /libpod/secrets/{name} operations: - name: secretdeletelibpod method: DELETE description: Remove secret outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: name in: path type: string description: the name or ID of the secret required: true - name: all in: query type: boolean description: Remove all secrets - name: libpod-secrets-name-exists path: /libpod/secrets/{name}/exists operations: - name: secretexistslibpod method: GET description: Secret exists outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: name in: path type: string description: the name or ID of the secret required: true - name: libpod-secrets-name-json path: /libpod/secrets/{name}/json operations: - name: secretinspectlibpod method: GET description: Inspect secret outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: name in: path type: string description: the name or ID of the secret required: true - name: showsecret in: query type: boolean description: Display Secret exposes: - type: rest namespace: podman-secrets-rest port: 8080 description: REST adapter for supports a RESTful API for the Libpod library — secrets. One Spectral-compliant resource per consumed operation, prefixed with /v1. resources: - path: /v1/libpod/secrets/create name: libpod-secrets-create description: REST surface for libpod-secrets-create. operations: - method: POST name: secretcreatelibpod description: Create a secret call: podman-secrets.secretcreatelibpod with: name: rest.name driver: rest.driver driveropts: rest.driveropts labels: rest.labels replace: rest.replace ignore: rest.ignore request: rest.request outputParameters: - type: object mapping: $. - path: /v1/libpod/secrets/json name: libpod-secrets-json description: REST surface for libpod-secrets-json. operations: - method: GET name: secretlistlibpod description: List secrets call: podman-secrets.secretlistlibpod with: filters: rest.filters outputParameters: - type: object mapping: $. - path: /v1/libpod/secrets/{name} name: libpod-secrets-name description: REST surface for libpod-secrets-name. operations: - method: DELETE name: secretdeletelibpod description: Remove secret call: podman-secrets.secretdeletelibpod with: name: rest.name all: rest.all outputParameters: - type: object mapping: $. - path: /v1/libpod/secrets/{name}/exists name: libpod-secrets-name-exists description: REST surface for libpod-secrets-name-exists. operations: - method: GET name: secretexistslibpod description: Secret exists call: podman-secrets.secretexistslibpod with: name: rest.name outputParameters: - type: object mapping: $. - path: /v1/libpod/secrets/{name}/json name: libpod-secrets-name-json description: REST surface for libpod-secrets-name-json. operations: - method: GET name: secretinspectlibpod description: Inspect secret call: podman-secrets.secretinspectlibpod with: name: rest.name showsecret: rest.showsecret outputParameters: - type: object mapping: $. - type: mcp namespace: podman-secrets-mcp port: 9090 transport: http description: MCP adapter for supports a RESTful API for the Libpod library — secrets. One tool per consumed operation, routed inline through this capability's consumes block. tools: - name: create-secret description: Create a secret hints: readOnly: false destructive: false idempotent: false call: podman-secrets.secretcreatelibpod with: name: tools.name driver: tools.driver driveropts: tools.driveropts labels: tools.labels replace: tools.replace ignore: tools.ignore request: tools.request outputParameters: - type: object mapping: $. - name: list-secrets description: List secrets hints: readOnly: true destructive: false idempotent: true call: podman-secrets.secretlistlibpod with: filters: tools.filters outputParameters: - type: object mapping: $. - name: remove-secret description: Remove secret hints: readOnly: false destructive: true idempotent: true call: podman-secrets.secretdeletelibpod with: name: tools.name all: tools.all outputParameters: - type: object mapping: $. - name: secret-exists description: Secret exists hints: readOnly: true destructive: false idempotent: true call: podman-secrets.secretexistslibpod with: name: tools.name outputParameters: - type: object mapping: $. - name: inspect-secret description: Inspect secret hints: readOnly: true destructive: false idempotent: true call: podman-secrets.secretinspectlibpod with: name: tools.name showsecret: tools.showsecret outputParameters: - type: object mapping: $.