inject secrets/config just before container is started #12970

ndeloof · 2025-06-24T09:59:38Z

What I did

delay injection of secrets/config after dependencies have been resolved. This allows to avoid issue when an init container is used to setup a volume, and container mounts this volume with subpath. As CopyToContainer require the container's filesystem to be all set, this can't run on create but must wait for init container completion

Related issue

(not mandatory) A picture of a cute animal, if possible in relation to what you did

Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>

This MR contains the following updates: | Package | Update | Change | |---|---|---| | [docker/compose](https://github.com/docker/compose) | patch | `v2.37.2` -> `v2.37.3` | MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot). **Proposed changes to behavior should be submitted there as MRs.** --- ### Release Notes <details> <summary>docker/compose (docker/compose)</summary> ### [`v2.37.3`](https://github.com/docker/compose/releases/tag/v2.37.3) [Compare Source](docker/compose@v2.37.2...v2.37.3) #### What's Changed ##### ✨ Improvements - add support for cache\_to with bake by [@ndeloof](https://github.com/ndeloof) in docker/compose#12959 ##### 🐛 Fixes - fix bake intergation by [@ndeloof](https://github.com/ndeloof) in docker/compose#12960 - don't create services passed as parameters of run command during dependencies creation process by [@glours](https://github.com/glours) in docker/compose#12968 - inject secrets/config just before container is started by [@ndeloof](https://github.com/ndeloof) in docker/compose#12970 - propagate target docker host set by --host to Bake by [@ndeloof](https://github.com/ndeloof) in docker/compose#12961 ##### 🔧 Internal - pkg/compose: remove uses of ExecOptions.Detach by [@thaJeztah](https://github.com/thaJeztah) in docker/compose#12950 ##### ⚙️ Dependencies - build(deps): bump github.com/moby/buildkit from 0.23.0 to 0.23.1 by [@dependabot](https://github.com/dependabot) in docker/compose#12964 **Full Changelog**: docker/compose@v2.37.2...v2.37.3 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever MR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this MR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this MR, check this box --- This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

ndeloof requested a review from a team as a code owner June 24, 2025 09:59

ndeloof requested a review from glours June 24, 2025 09:59

glours approved these changes Jun 24, 2025

View reviewed changes

glours enabled auto-merge (rebase) June 24, 2025 10:00

inject secrets/config just before container is started

9f07a0c

Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>

ndeloof force-pushed the late_inject branch from 50af7d4 to 9f07a0c Compare June 24, 2025 10:17

glours merged commit aadce87 into docker:main Jun 24, 2025
25 checks passed

ndeloof deleted the late_inject branch June 24, 2025 10:26

BrewTestBot mentioned this pull request Jun 24, 2025

docker-compose 2.37.3 Homebrew/homebrew-core#228006

Merged

rancherbot mentioned this pull request Jun 24, 2025

rddepman: bump dockerCompose from 2.37.2 to 2.37.3 rancher-sandbox/rancher-desktop#8826

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

inject secrets/config just before container is started #12970

inject secrets/config just before container is started #12970

Uh oh!

ndeloof commented Jun 24, 2025

Uh oh!

Uh oh!

Uh oh!

inject secrets/config just before container is started #12970

inject secrets/config just before container is started #12970

Uh oh!

Conversation

ndeloof commented Jun 24, 2025

Uh oh!

Uh oh!

Uh oh!