diff --git a/loader/full-example.yml b/loader/full-example.yml index e489bbe9..25dfbce6 100644 --- a/loader/full-example.yml +++ b/loader/full-example.yml @@ -26,7 +26,8 @@ services: additional_contexts: foo: ./bar secrets: - - secret1 + - source: secret1 + target: /run/secrets/secret1 - source: secret2 target: my_secret uid: '103' @@ -257,7 +258,8 @@ services: restart: always secrets: - - secret1 + - source: secret1 + target: /run/secrets/secret1 - source: secret2 target: my_secret uid: '103' diff --git a/loader/full-struct_test.go b/loader/full-struct_test.go index 01aa0264..57decffd 100644 --- a/loader/full-struct_test.go +++ b/loader/full-struct_test.go @@ -65,6 +65,7 @@ func services(workingDir, homeDir string) types.Services { Secrets: []types.ServiceSecretConfig{ { Source: "secret1", + Target: "/run/secrets/secret1", }, { Source: "secret2", @@ -396,6 +397,7 @@ func services(workingDir, homeDir string) types.Services { Secrets: []types.ServiceSecretConfig{ { Source: "secret1", + Target: "/run/secrets/secret1", }, { Source: "secret2", @@ -627,6 +629,7 @@ services: target: foo secrets: - source: secret1 + target: /run/secrets/secret1 - source: secret2 target: my_secret uid: "103" @@ -885,6 +888,7 @@ services: restart: always secrets: - source: secret1 + target: /run/secrets/secret1 - source: secret2 target: my_secret uid: "103" @@ -1180,7 +1184,8 @@ func fullExampleJSON(workingDir, homeDir string) string { "target": "foo", "secrets": [ { - "source": "secret1" + "source": "secret1", + "target": "/run/secrets/secret1" }, { "source": "secret2", @@ -1544,7 +1549,8 @@ func fullExampleJSON(workingDir, homeDir string) string { "restart": "always", "secrets": [ { - "source": "secret1" + "source": "secret1", + "target": "/run/secrets/secret1" }, { "source": "secret2", diff --git a/loader/loader_test.go b/loader/loader_test.go index c248ce48..41cb7a88 100644 --- a/loader/loader_test.go +++ b/loader/loader_test.go @@ -828,6 +828,7 @@ networks: Secrets: []types.ServiceSecretConfig{ { Source: "super", + Target: "/run/secrets/super", Mode: uint32Ptr(555), }, }, @@ -1842,6 +1843,7 @@ secrets: Secrets: []types.ServiceSecretConfig{ { Source: "secret", + Target: "/run/secrets/secret", }, }, }, @@ -1911,6 +1913,7 @@ secrets: Secrets: []types.ServiceSecretConfig{ { Source: "secret", + Target: "/run/secrets/secret", }, }, }, diff --git a/transform/defaults.go b/transform/defaults.go index 9ed42ae4..49293b72 100644 --- a/transform/defaults.go +++ b/transform/defaults.go @@ -24,6 +24,7 @@ var defaultValues = map[tree.Path]transformFunc{} func init() { defaultValues["services.*.build"] = defaultBuildContext + defaultValues["services.*.secrets.*"] = defaultSecretMount } // SetDefaultValues transforms a compose model to set default values to missing attributes diff --git a/transform/secrets.go b/transform/secrets.go index 11f8855a..1e84d18d 100644 --- a/transform/secrets.go +++ b/transform/secrets.go @@ -34,3 +34,16 @@ func transformFileMount(data any, p tree.Path) (any, error) { return nil, fmt.Errorf("%s: unsupported type %T", p, data) } } + +func defaultSecretMount(data any, p tree.Path) (any, error) { + switch v := data.(type) { + case map[string]any: + source := v["source"] + if _, ok := v["target"]; !ok { + v["target"] = fmt.Sprintf("/run/secrets/%s", source) + } + return v, nil + default: + return nil, fmt.Errorf("%s: unsupported type %T", p, data) + } +}