fix(hash): recreate container on project config content change #11931
Conversation
|
While I understand the intent, I don't like we get the config content added into the service hash. This also only makes sense as the config content is inlined. |
pkg/compose/hash.go
Outdated
|
|
||
| for _, serviceConfig := range o.Configs { | ||
| if projectConfig, ok := project.Configs[serviceConfig.Source]; ok { | ||
| bytes = append(bytes, []byte(projectConfig.Content)...) |
There was a problem hiding this comment.
This won't detect changes for config set by environment of file
There was a problem hiding this comment.
added support for env and config file
why?
I don't get the idea, time it was created - do you mean config file? or docker-compose.yaml? but docker-compose can refer to external config file |
|
time container was created, so we can check it needs to be recreated if current config doesn't match |
pkg/compose/hash.go
Outdated
| @@ -37,5 +38,22 @@ func ServiceHash(o types.ServiceConfig) (string, error) { | |||
| if err != nil { | |||
| return "", err | |||
| } | |||
|
|
|||
| for _, serviceConfig := range o.Configs { | |||
| if projectConfig, ok := project.Configs[serviceConfig.Source]; ok { | |||
There was a problem hiding this comment.
nit: I would invert the if statements so that we do not get the code so nested. Other than that looks good to me!
|
Some poins:
|
|
@ndeloof thanks for the details. pushed changes:
Let me know if you have better idea for the label name, because I'm not fully satisfied with my name) |
pkg/compose/hash.go
Outdated
| if projectConfig.Content != "" { | ||
| bytes = append(bytes, []byte(projectConfig.Content)...) | ||
| } else if projectConfig.File != "" { | ||
| content, err := os.ReadFile(projectConfig.File) |
There was a problem hiding this comment.
File could also be a folder. Maybe an option would be to read content into a tar (code exists to inject secrets) and compute hash from it
While the general approach looks good, I'd prefer we have a more explicit hash and label per resource, and a dedicated hash function for configs (and secrets), so that it make it easier to diagnose use of those labels
There was a problem hiding this comment.
@ndeloof thank you the comment. Pushed fixes: added secrets hash, added separate hashes for configs and secrets, added support for file.File directory
idsulik
force-pushed
the
issue-11900
branch
from
284468c
to
2aa70c0
Compare
pkg/compose/hash.go
Outdated
| return err | ||
| } | ||
| if !info.IsDir() { | ||
| fileContent, err := os.ReadFile(path) |
There was a problem hiding this comment.
this will not detect file being rename. Maybe better to create a tar stream from file/dir content
There was a problem hiding this comment.
@ndeloof it creates a tar from the content here pkg/compose/hash.go:122.
b, err := utils.CreateTar(content, serviceConfig, modTime)
There was a problem hiding this comment.
@ndeloof is there any reason to create tar inside a tar? the createTarForConfig func calls this readPathContent func and creates a tar with the path content
There was a problem hiding this comment.
here you are creating a tar with all content appended as []byte, this doesn't reflect the filesystem structure for intput. You have to create one tar entry per file with file/folder name.
There was a problem hiding this comment.
@ndeloof you're right, thank you! Updated the code, now it creates a tar file for a given path and keeps file structure
Signed-off-by: Suleiman Dibirov <[email protected]>
This reverts commit 64c37bf. Signed-off-by: Suleiman Dibirov <[email protected]>
Signed-off-by: Suleiman Dibirov <[email protected]>
…older support Signed-off-by: Suleiman Dibirov <[email protected]>
Signed-off-by: Suleiman Dibirov <[email protected]>
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #11931 +/- ##
==========================================
+ Coverage 51.10% 51.21% +0.11%
==========================================
Files 149 152 +3
Lines 14537 14743 +206
==========================================
+ Hits 7429 7551 +122
- Misses 6356 6419 +63
- Partials 752 773 +21
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
| data = append(data, b.Bytes()...) | ||
| } | ||
|
|
||
| return digest.SHA256.FromBytes(data).Encoded(), nil |
There was a problem hiding this comment.
I'd prefer we have one label per config/secret mount, so it makes it easier to track|debug changes and container being recreated.
Also need to consider config can be mounted from docker host, i.e. file is not available for compose to compute hash, and then must be excluded from label / no label created. createTarForConfig could return ErrNotFound and we would ignore it for this specific usage
There was a problem hiding this comment.
do you mean something like that:
com.docker.compose.service.configs-hash-{configName}={hash}
com.docker.compose.service.configs-hash-{serviceName}={hash}
?
There was a problem hiding this comment.
indeed, or maybe, to follow the dot-notation style used for labels, com.docker.compose.service.configs.{configName}.hash
There was a problem hiding this comment.
It seems to me that this will complicate the logic, first you need to generate a hash for each item separately, then you need to go through all labels whose names start with “com.docker.compose.service.configs.” to check if the hash has changed.
There was a problem hiding this comment.
Doesn't look such a pain to me, as this would allow to trace reason we recreate a container, and make it easier to diagnose potential regressions (this sometimes happened :P)
for c := range service.Configs {
hash := labels["com.docker.compose.configs."+c+".hash"]
expected := ConfigHash(project.Configs[c]
if hash := expected {
log.Debug("container has to be recreated after config %s has been updated", c)
return DIVERGED
}
}
| if err != nil { | ||
| return nil, err | ||
| } | ||
|
|
||
| return b, nil |
There was a problem hiding this comment.
nit: make it simpler as return b, err
What I did
Fixed
hash.ServiceHash()to support config content changeRelated issue
#11900