Skip to content

cant add secrets, error says path is not absolute #7110

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
jankyjames opened this issue Dec 28, 2019 · 3 comments
Closed

cant add secrets, error says path is not absolute #7110

jankyjames opened this issue Dec 28, 2019 · 3 comments
Labels
kind/bug status/0-triage

Comments

@jankyjames
Copy link

jankyjames commented Dec 28, 2019
edited by ndeloof
Loading

Description of the issue

When running my compose file, my secrets will not mount.

Context information (for bug reports)

The compose file gets ran from Jetbrains, but I don't think that adds any extra layers here. Correct me if I'm wrong.

The docker deamon is on my homelab, the commands are being ran from compose on my laptop. Everything works as expected without any secrets implemented in compose file.

My compose file


secrets:
  auth:
    file: ./auth

services:
  secrets-server:
    build: secrets-server/
    ports:
      - "8080:80"
    secrets:
      - auth
    environment:
      INTERNAL_AUTH_FILE: /run/secrets/auth
    deploy:
      replicas: 1

Output of docker-compose version

docker-compose version 1.25.0, build 0a186604
docker-py version: 4.1.0
CPython version: 3.7.5
OpenSSL version: OpenSSL 1.1.1d  10 Sep 2019

Output of docker version

Client: Docker Engine - Community
 Version:           19.03.2
 API version:       1.40
 Go version:        go1.12.8
 Git commit:        6a30dfc
 Built:             Thu Aug 29 05:29:11 2019
 OS/Arch:           linux/amd64
 Experimental:      false

Server: Docker Engine - Community
 Engine:
  Version:          19.03.2
  API version:      1.40 (minimum version 1.12)
  Go version:       go1.12.8
  Git commit:       6a30dfc
  Built:            Thu Aug 29 05:27:45 2019
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.2.6
  GitCommit:        894b81a4b802e4eb2a91d1ce216b8817763c29fb
 runc:
  Version:          1.0.0-rc8
  GitCommit:        425e105d5a03fabd737a126ad93d62a9eeede87f
 docker-init:
  Version:          0.18.0
  GitCommit:        fec3683

Output of docker-compose config
(Make sure to add the relevant -f and other flags)

WARNING: Some services (secrets-server) use the 'deploy' key, which will be ignored. Compose does not support 'deploy' configuration - use `docker stack deploy` to deploy to a swarm.
secrets:
  auth:
    file: C:\Users\James\GolandProjects\jankylogin\auth
services:
  secrets-server:
    build:
      context: C:\Users\James\GolandProjects\jankylogin\secrets-server
    deploy:
      replicas: 1
    environment:
      INTERNAL_AUTH_FILE: /run/secrets/auth
    ports:
    - published: 8080
      target: 80
    secrets:
    - source: auth
version: '3.7'

Steps to reproduce the issue

  1. have those files
  2. run docker compose

Observed result

Its failing saying it cant mount the secrets

Expected result

It to work

Stacktrace / full error message

Successfully built c27f128cb1d4
Successfully tagged jankylogin_secrets-server:latest
Recreating b93bbb268144_jankylogin_secrets-server_1 ... 
Recreating b93bbb268144_jankylogin_secrets-server_1 ... error
ERROR: for b93bbb268144_jankylogin_secrets-server_1  Cannot create container for service secrets-server: invalid mount config for type "bind": invalid mount path: 'C:/Users/James/GolandProjects/jankylogin/auth' mount path must be absolute

ERROR: for secrets-server  Cannot create container for service secrets-server: invalid mount config for type "bind": invalid mount path: 'C:/Users/James/GolandProjects/jankylogin/auth' mount path must be absolute
Encountered errors while bringing up the project.
Failed to deploy 'Compose: docker-compose.yml': `docker-compose` process finished with exit code 1

Additional information

OS version / distribution, docker-compose install method, etc.
@ndeloof
Copy link
Contributor

ndeloof commented Jan 7, 2020
edited
Loading

seems like secrets' path isn't converted by normalize_path_for_engine before passed as bind mount option to engine. I'm looking into this.

@ndeloof
Copy link
Contributor

ndeloof commented Jan 7, 2020

according to changelog:

When using Compose with Docker Toolbox/Machine on Windows, volume paths are
no longer converted from C:\Users to /c/Users-style by default. To
re-enable this conversion so that your volumes keep working, set the
environment variable COMPOSE_CONVERT_WINDOWS_PATHS=1. Users of
Docker for Windows are not affected and do not need to set the variable.

So it seems to be expected for normalize_path_for_engine not being used to adjust path on secrets bind mount.

@ndeloof
Copy link
Contributor

ndeloof commented Jan 7, 2020

Sounds I misunderstood your setup (whenever you clearly detailled in issue description): you don't use Docker Desktop but a Linux host to run docke engine ("homelab").

docker engine (without swarm mode enabled) has no support for secrets, and as such docker-compose do actually mock a secret store with a plain bind-mount from your laptop. This is transparently managed when using Docker Desktop, as bind mount is still "local", but not possible with a remote host like your homelab.

Arguably, the error message is far from being useful to understand what's going wrong.

@ndeloof ndeloof mentioned this issue Jan 7, 2020
Closed
@ndeloof ndeloof closed this as completed Jan 7, 2020
@andoks andoks mentioned this issue May 30, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug status/0-triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ndeloof @jankyjames