-
Notifications
You must be signed in to change notification settings - Fork 5.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(hash): recreate container on project config content change #11931
base: main
Are you sure you want to change the base?
Conversation
While I understand the intent, I don't like we get the config content added into the service hash. This also only makes sense as the config content is inlined. |
pkg/compose/hash.go
Outdated
|
||
for _, serviceConfig := range o.Configs { | ||
if projectConfig, ok := project.Configs[serviceConfig.Source]; ok { | ||
bytes = append(bytes, []byte(projectConfig.Content)...) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This won't detect changes for config set by environment of file
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
added support for env and config file
why?
I don't get the idea, time it was created - do you mean config file? or docker-compose.yaml? but docker-compose can refer to external config file |
time container was created, so we can check it needs to be recreated if current config doesn't match |
pkg/compose/hash.go
Outdated
@@ -37,5 +38,22 @@ func ServiceHash(o types.ServiceConfig) (string, error) { | |||
if err != nil { | |||
return "", err | |||
} | |||
|
|||
for _, serviceConfig := range o.Configs { | |||
if projectConfig, ok := project.Configs[serviceConfig.Source]; ok { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: I would invert the if statements so that we do not get the code so nested. Other than that looks good to me!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@jhrotko done
Some poins:
|
@ndeloof thanks for the details. pushed changes:
Let me know if you have better idea for the label name, because I'm not fully satisfied with my name) |
pkg/compose/hash.go
Outdated
if projectConfig.Content != "" { | ||
bytes = append(bytes, []byte(projectConfig.Content)...) | ||
} else if projectConfig.File != "" { | ||
content, err := os.ReadFile(projectConfig.File) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
File
could also be a folder. Maybe an option would be to read content into a tar (code exists to inject secrets) and compute hash from it
While the general approach looks good, I'd prefer we have a more explicit hash and label per resource, and a dedicated hash
function for configs (and secrets), so that it make it easier to diagnose use of those labels
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ndeloof thank you the comment. Pushed fixes: added secrets hash, added separate hashes for configs and secrets, added support for file.File directory
284468c
to
2aa70c0
Compare
pkg/compose/hash.go
Outdated
return err | ||
} | ||
if !info.IsDir() { | ||
fileContent, err := os.ReadFile(path) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this will not detect file being rename. Maybe better to create a tar stream from file/dir content
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ndeloof it creates a tar from the content here pkg/compose/hash.go:122.
b, err := utils.CreateTar(content, serviceConfig, modTime)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ndeloof is there any reason to create tar inside a tar? the createTarForConfig
func calls this readPathContent
func and creates a tar with the path content
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
here you are creating a tar with all content appended as []byte, this doesn't reflect the filesystem structure for intput. You have to create one tar entry per file with file/folder name.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ndeloof you're right, thank you! Updated the code, now it creates a tar file for a given path and keeps file structure
Signed-off-by: Suleiman Dibirov <idsulik@gmail.com>
This reverts commit 64c37bf. Signed-off-by: Suleiman Dibirov <idsulik@gmail.com>
Signed-off-by: Suleiman Dibirov <idsulik@gmail.com>
…older support Signed-off-by: Suleiman Dibirov <idsulik@gmail.com>
Signed-off-by: Suleiman Dibirov <idsulik@gmail.com>
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #11931 +/- ##
==========================================
+ Coverage 51.10% 51.21% +0.11%
==========================================
Files 149 152 +3
Lines 14537 14743 +206
==========================================
+ Hits 7429 7551 +122
- Misses 6356 6419 +63
- Partials 752 773 +21
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
data = append(data, b.Bytes()...) | ||
} | ||
|
||
return digest.SHA256.FromBytes(data).Encoded(), nil |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd prefer we have one label per config/secret mount, so it makes it easier to track|debug changes and container being recreated.
Also need to consider config can be mounted from docker host, i.e. file is not available for compose to compute hash, and then must be excluded from label / no label created. createTarForConfig
could return ErrNotFound
and we would ignore it for this specific usage
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
do you mean something like that:
com.docker.compose.service.configs-hash-{configName}={hash}
com.docker.compose.service.configs-hash-{serviceName}={hash}
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
indeed, or maybe, to follow the dot-notation style used for labels, com.docker.compose.service.configs.{configName}.hash
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It seems to me that this will complicate the logic, first you need to generate a hash for each item separately, then you need to go through all labels whose names start with “com.docker.compose.service.configs.” to check if the hash has changed.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Doesn't look such a pain to me, as this would allow to trace reason we recreate a container, and make it easier to diagnose potential regressions (this sometimes happened :P)
for c := range service.Configs {
hash := labels["com.docker.compose.configs."+c+".hash"]
expected := ConfigHash(project.Configs[c]
if hash := expected {
log.Debug("container has to be recreated after config %s has been updated", c)
return DIVERGED
}
}
if err != nil { | ||
return nil, err | ||
} | ||
|
||
return b, nil |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: make it simpler as return b, err
What I did
Fixed
hash.ServiceHash()
to support config content changeRelated issue
#11900