New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add secrets property to build section #238
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM with some minor adjustments
schema/compose-spec.json
Outdated
"oneOf": [ | ||
{"type": "string"}, | ||
{ | ||
"type": "object", | ||
"properties": { | ||
"source": {"type": "string"}, | ||
"target": {"type": "string"}, | ||
"uid": {"type": "string"}, | ||
"gid": {"type": "string"}, | ||
"mode": {"type": "number"} | ||
}, | ||
"additionalProperties": false, | ||
"patternProperties": {"^x-": {}} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this model is already declared twice for service configs and secrets, maybe this is a good opportunity to extract it into it's own definition and use a $ref
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes sure 👍
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you for looking into this! A few high-level questions first ❓
- Does this allow for secrets to be optional?
- What would the workflow look like for creating a secret? I'm aware that this crosses somewhat into implementation, but knowing the workflow E2E will help validate the schema changes.
@EricHripko this is basically a port of |
Thank you for confirming 👍 Is the idea that the user calls |
The idea is that use can declare an entry in |
9fe7290
to
02f367e
Compare
That makes sense, thank you for clarifying 👍 One last question, would this still allow for optional secrets? |
Signed-off-by: Guillaume Lours <guillaume.lours@docker.com>
…ts build property Co-authored-by: Nicolas De loof <nicolas.deloof@gmail.com> Signed-off-by: Guillaume Lours <guillaume.lours@docker.com>
Signed-off-by: Guillaume Lours <guillaume.lours@docker.com>
02f367e
to
c607167
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
The secrets mechanism define in the compose specification has no |
It would be great to allow for optional secrets, as development/CI/production environments can have different secrets (or none at all) even when it comes to build time. |
different secrets makes sense to me (so the ability to provide overrides on compose file, or use paths relative to user's home |
Sure, I agree that this can be discussed in a separate thread. Let me get some resources ready to see if there is a substantial justification for such functionality 👍 |
Any update on this? |
What this PR does / why we need it:
Add a
secrets
property to the build section which will allow Specification implementations to use secrets during the building step.Which issue(s) this PR fixes:
Refer to #233