From a7c7dcd2853da2beb04b4b05deb38cea60cea026 Mon Sep 17 00:00:00 2001
From: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Date: Fri, 20 Aug 2021 17:57:56 +0900
Subject: [PATCH] docs/ocicrypt.md: update for containerd 1.5

The config has been enabled by default since containerd 1.5.
(containerd PR 5135)

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
---
 docs/ocicrypt.md | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/docs/ocicrypt.md b/docs/ocicrypt.md
index 0d9e6c4e..4f7f00f3 100644
--- a/docs/ocicrypt.md
+++ b/docs/ocicrypt.md
@@ -10,7 +10,15 @@ See https://github.com/containerd/imgcrypt
 ## Decryption
 
 ### Configuration
-Add the following configuration to `/etc/containerd/config.toml` (for rootless `~/.config/containerd/config.toml`):
+Put the private key files to `/etc/containerd/ocicrypt/keys` (for rootless `~/.config/containerd/ocicrypt/keys`).
+
+<details>
+<summary>Extra step for containerd 1.4 and older</summary>
+
+<p>
+
+containerd 1.4 and older requires adding the following configuration to `/etc/containerd/config.toml`
+(for rootless `~/.config/containerd/config.toml`):
 
 ```toml
 version = 2
@@ -30,9 +38,9 @@ version = 2
 # NOTE: On rootless, ~/.config/containerd is mounted as /etc/containerd in the namespace.
 ```
 
-Future version of containerd may have this configuration by default: https://github.com/containerd/containerd/pull/5135
+</p>
 
-Then, put the private key files to `/etc/containerd/ocicrypt/keys` (for rootless `~/.config/containerd/ocicrypt/keys`).
+</details>
 
 ### nerdctl run