Merge pull request #26083 from itoffshore/secret-create

Update podman-secret-create.1.md

docs/source/markdown/podman-secret-create.1.md

@@ -78,7 +78,7 @@ delete =
 
 ## EXAMPLES
 
-Create the specified secret based on local file.
+Create the specified secret based on a local file.
 ```
 echo -n mysecret > ./secret.txt
 $ podman secret create my_secret ./secret.txt
@@ -89,7 +89,17 @@ Create the specified secret via stdin.
 $ printf <secret> | podman secret create my_secret -
 ```
 
-Create gpg encrypted secret based on local file using the pass driver.
+Create or rotate a cryptographically secure random secret just under the maximum `512000` bytes via stdin.
+```
+openssl rand -base64 378000 | podman secret create --replace my_secret -
+```
+
+Mount a local file-based secret securely in a container.
+```
+podman run --rm --secret source=my_secret,type=mount,uid=1001,gid=1001,mode=440 docker.io/library/alpine ls -l /run/secrets/my_secret
+```
+
+Create gpg encrypted secret based on a local file using the pass driver.
 ```
 $ podman secret create --driver=pass my_secret ./secret.txt.gpg
 ```
@@ -100,8 +110,9 @@ $ podman secret create --env=true my_secret MYSECRET
 ```
 
 ## SEE ALSO
-**[podman(1)](podman.1.md)**, **[podman-secret(1)](podman-secret.1.md)**, **[podman-login(1)](podman-login.1.md)**
+**[podman(1)](podman.1.md)**, **[podman-secret(1)](podman-secret.1.md)**, **[podman-login(1)](podman-login.1.md)**, **[podman-run(1)](podman-run.1.md)**
 
 ## HISTORY
-January 2021, Originally compiled by Ashley Cui <acui@redhat.com>
-February 2024, Added example showing secret creation from an environment variable by Brett Calliss <brett@obligatory.email>
+* January 2021, Originally compiled by Ashley Cui <acui@redhat.com>
+* February 2024, Added example showing secret creation from an environment variable by Brett Calliss <brett@obligatory.email>
+* May 2025, Added example showing secure secret generation / rotation & mounting by [Stuart Cardall](https://github.com/itoffshore)