add secrets property to build section#238
Conversation
ndeloof
left a comment
There was a problem hiding this comment.
LGTM with some minor adjustments
schema/compose-spec.json
Outdated
| "oneOf": [ | ||
| {"type": "string"}, | ||
| { | ||
| "type": "object", | ||
| "properties": { | ||
| "source": {"type": "string"}, | ||
| "target": {"type": "string"}, | ||
| "uid": {"type": "string"}, | ||
| "gid": {"type": "string"}, | ||
| "mode": {"type": "number"} | ||
| }, | ||
| "additionalProperties": false, | ||
| "patternProperties": {"^x-": {}} |
There was a problem hiding this comment.
this model is already declared twice for service configs and secrets, maybe this is a good opportunity to extract it into it's own definition and use a $ref
EricHripko
left a comment
There was a problem hiding this comment.
Thank you for looking into this! A few high-level questions first ❓
- Does this allow for secrets to be optional?
- What would the workflow look like for creating a secret? I'm aware that this crosses somewhat into implementation, but knowing the workflow E2E will help validate the schema changes.
|
@EricHripko this is basically a port of |
|
Thank you for confirming 👍 Is the idea that the user calls |
|
The idea is that use can declare an entry in |
9fe7290 to
02f367e
Compare
|
That makes sense, thank you for clarifying 👍 One last question, would this still allow for optional secrets? |
Signed-off-by: Guillaume Lours <guillaume.lours@docker.com>
…ts build property Co-authored-by: Nicolas De loof <nicolas.deloof@gmail.com> Signed-off-by: Guillaume Lours <guillaume.lours@docker.com>
Signed-off-by: Guillaume Lours <guillaume.lours@docker.com>
02f367e to
c607167
Compare
The secrets mechanism define in the compose specification has no |
|
It would be great to allow for optional secrets, as development/CI/production environments can have different secrets (or none at all) even when it comes to build time. |
|
different secrets makes sense to me (so the ability to provide overrides on compose file, or use paths relative to user's home |
|
Sure, I agree that this can be discussed in a separate thread. Let me get some resources ready to see if there is a substantial justification for such functionality 👍 |
|
Any update on this? |
What this PR does / why we need it:
Add a
secretsproperty to the build section which will allow Specification implementations to use secrets during the building step.Which issue(s) this PR fixes:
Refer to #233