compose-go icon indicating copy to clipboard operation
compose-go copied to clipboard

Published 20 hours ago verified publisher icon compose-spec

secrets & config mount merge violates compose spec

Open edwardpeek-crown opened this issue 7 months ago • 1 comments

Per https://github.com/compose-spec/compose-spec/blob/master/13-merge.md#unique-resources

Applies to the ports, volumes, secrets and configs services attributes. While these types are modeled in a Compose file as a sequence, they have special uniqueness requirements:

Attribute Unique key volumes target secrets source configs source ports {ip, target, published, protocol}

But current behaviour is to merge based on target instead, as demonstrated by https://github.com/compose-spec/compose-go/blob/main/override/merge_mounts_test.go :

services:
  test:
    image: foo
    secrets:
      - foo
      - bar
      - zot

merged with

services:
  test:
    image: foo
    secrets:
      - source: zot
        target: /run/secrets/foo

results in

services:
  test:
    image: foo
    secrets:
      - source: zot
        target: /run/secrets/foo
      - bar
      - zot

Per compose spec the output should be

services:
  test:
    image: foo
    secrets:
      - foo
      - bar
      - source: zot
        target: /run/secrets/foo

edwardpeek-crown avatar Jul 11 '24 06:07 edwardpeek-crown