[BUG] template_driver being ignored in config #11179
Description
Description
I am trying to use secrets in a config template to work around zitadel not supporting file-based secrets management.
It seems the config is correctly identified and mounted, but not executing the golang template wrapper. I would expect the output to be Hello, 007 instead of Hello, {{ secret "codename" }}.
Otherwise, I would expect some sort of error message and early exit if template_driver is incorrect.
$ docker compose up
[+] Building 0.0s (0/0) docker:orbstack
[+] Running 1/0
✔ Container compose-scratch-app-1 Recreated 0.0s
Attaching to compose-scratch-app-1
compose-scratch-app-1 | hello, {{ secret "codename" }}
compose-scratch-app-1 exited with code 0
compose.yaml
version: "3.8"
secrets:
codename:
file: codename
configs:
greeting:
file: greeting
template_driver: golang
services:
app:
image: alpine
secrets: [ codename ]
configs: [ greeting ]
command: [ "sh", "-c", "/greeting" ]greeting
echo Hello, {{ secret "codename" }}codename
007
Steps To Reproduce
Use the above files, then run docker compose up, and observe that the configs are not being run through the specified template_driver.
Compose Version
$ docker compose version
Docker Compose version v2.22.0
$ docker-compose version
Docker Compose version 2.23.0Docker Environment
Client:
Version: 24.0.6
Context: orbstack
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.11.1
Path: /Users/micro/.docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.22.0
Path: /Users/micro/.docker/cli-plugins/docker-compose
Server:
Containers: 4
Running: 0
Paused: 0
Stopped: 4
Images: 8
Server Version: 24.0.6
Storage Driver: overlay2
Backing Filesystem: btrfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 091922f03c2762540fd057fba91260237ff86acb
runc version: 82f18fe0e44a59034f3e1f45e475fa5636e539aa
init version: de40ad0
Security Options:
seccomp
Profile: builtin
cgroupns
Kernel Version: 6.5.7-orbstack-00109-gd8500ae6683d
Operating System: OrbStack
OSType: linux
Architecture: aarch64
CPUs: 10
Total Memory: 7.748GiB
Name: orbstack
ID: 2a4af27e-188d-4bd2-9a74-02baef220b6b
Docker Root Dir: /var/lib/docker
Debug Mode: false
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
Product License: Community Engine
Default Address Pools:
Base: 192.168.215.0/24, Size: 24
Base: 192.168.228.0/24, Size: 24
Base: 192.168.247.0/24, Size: 24
Base: 192.168.207.0/24, Size: 24
Base: 192.168.167.0/24, Size: 24
Base: 192.168.107.0/24, Size: 24
Base: 192.168.237.0/24, Size: 24
Base: 192.168.148.0/24, Size: 24
Base: 192.168.214.0/24, Size: 24
Base: 192.168.165.0/24, Size: 24
Base: 192.168.227.0/24, Size: 24
Base: 192.168.181.0/24, Size: 24
Base: 192.168.158.0/24, Size: 24
Base: 192.168.117.0/24, Size: 24
Base: 192.168.155.0/24, Size: 24
Base: 192.168.147.0/24, Size: 24
Base: 192.168.229.0/24, Size: 24
Base: 192.168.183.0/24, Size: 24
Base: 192.168.156.0/24, Size: 24
Base: 192.168.97.0/24, Size: 24
Base: 192.168.171.0/24, Size: 24
Base: 192.168.186.0/24, Size: 24
Base: 192.168.216.0/24, Size: 24
Base: 192.168.242.0/24, Size: 24
Base: 192.168.166.0/24, Size: 24
Base: 192.168.239.0/24, Size: 24
Base: 192.168.223.0/24, Size: 24
Base: 192.168.164.0/24, Size: 24
Base: 192.168.163.0/24, Size: 24
Base: 192.168.172.0/24, Size: 24
Base: 172.17.0.0/16, Size: 16
Base: 172.18.0.0/16, Size: 16
Base: 172.19.0.0/16, Size: 16
Base: 172.20.0.0/14, Size: 16
Base: 172.24.0.0/14, Size: 16
Base: 172.28.0.0/14, Size: 16Anything else?
I linked to the wider context/motivation re: zitadel in the original description - if there is a more correct usage of docker features than configs+secrets, I'd love to learn them.