User that includes GID should be valid.

k9withabone / compose_spec_rs

Rust library for (de)serializing from/to the compose-spec

https://crates.io/crates/compose_spec

Mozilla Public License 2.0

3 stars 0 forks source link

User that includes GID should be valid. #23

Open rany2 opened 1 week ago

rany2 commented 1 week ago

Please check the following related issue from a project that depends on this library: https://github.com/containers/podlet/issues/106

In short, this compose file is invalid according to the library:

version: "3.7"
services:
  true:
    image: 'docker.io/busybox'
    command: 'true'
    user: 999:999

When the :999 GID portion is dropped, it works fine. It appears that the current implementation doesn't split : to get the group portion.

k9withabone commented 2 days ago

I'll respond here to both issues. It seems that the Compose Specification doesn't define user well. I found a relevant issue, compose-spec/compose-spec#39, but it's over 4.5 years old with no movement on it... Also, docker compose config accepts any string for user, regardless of whether it's a valid user/group name, which is unhelpful. So I guess I'll just have to go by what the docker-run(1) and podman-run(1) man pages say for --user.

k9withabone commented 2 days ago

My initial plan for implementation is the following:

Rename UserOrGroup to IdOrName.
Add a User struct like so:

pub struct User {
    pub user: IdOrName,
    pub group: Option<IdOrName>,
}

Rename the user_or_group module to user.
Change the type of the user field in Service to Option<User>.

Unfortunately, this has to be a breaking change.