[Bug] Docker Compose secrets returns error invalid mount config when deploying to a remote context #11141
Description
Description
Error response from daemon: invalid mount config for type "bind": bind source path does not exist: /secrets/password
Steps To Reproduce
- Create
docker-compose-ex.yml
version: '3.8'
services:
app:
image: nginx
container_name: app
environment:
PASSWORD: /run/secrets/password
secrets:
- password
secrets:
password:
file: /secrets/password
- Create a file
/secrets/password - Setup a remote context https://www.docker.com/blog/how-to-deploy-on-remote-docker-hosts-with-docker-compose/
- docker context use remote
- docker compose -f docker-compose-ex.yml up
Compose Version
Docker Compose version v2.22.0-desktop.2
Docker Environment
Client:
Version: 24.0.6
Context: remote
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.11.2-desktop.5
Path: /Users/andrewlam/.docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.22.0-desktop.2
Path: /Users/andrewlam/.docker/cli-plugins/docker-compose
dev: Docker Dev Environments (Docker Inc.)
Version: v0.1.0
Path: /Users/andrewlam/.docker/cli-plugins/docker-dev
extension: Manages Docker extensions (Docker Inc.)
Version: v0.2.20
Path: /Users/andrewlam/.docker/cli-plugins/docker-extension
init: Creates Docker-related starter files for your project (Docker Inc.)
Version: v0.1.0-beta.8
Path: /Users/andrewlam/.docker/cli-plugins/docker-init
sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc.)
Version: 0.6.0
Path: /Users/andrewlam/.docker/cli-plugins/docker-sbom
scan: Docker Scan (Docker Inc.)
Version: v0.26.0
Path: /Users/andrewlam/.docker/cli-plugins/docker-scan
scout: Docker Scout (Docker Inc.)
Version: v1.0.7
Path: /Users/andrewlam/.docker/cli-plugins/docker-scout
Server:
Containers: 2
Running: 0
Paused: 0
Stopped: 2
Images: 11
Server Version: 24.0.6
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 8165feabfdfe38c65b599c4993d227328c231fca
runc version: v1.1.8-0-g82f18fe
init version: de40ad0
Security Options:
seccomp
Profile: unconfined
cgroupns
Kernel Version: 6.4.16-linuxkit
Operating System: Docker Desktop
OSType: linux
Architecture: aarch64
CPUs: 9
Total Memory: 7.765GiB
Name: docker-desktop
ID: 6399ab74-67c5-47be-b92e-b76d0f234cfe
Docker Root Dir: /var/lib/docker
Debug Mode: false
HTTP Proxy: http.docker.internal:3128
HTTPS Proxy: http.docker.internal:3128
No Proxy: hubproxy.docker.internal
Experimental: false
Insecure Registries:
hubproxy.docker.internal:5555
127.0.0.0/8
Live Restore Enabled: false
WARNING: daemon is not using the default seccomp profile
Anything else?
Follow up questions. This "bug" is more of a question does Docker Compose support secrets when compose up in remote context?
If not, where would it try to mount? I'm wondering if preloading that directory with secrets at remote. I just don't know where.