Define and run multi-container applications with Docker

docker docker-compose go golang orchestration

Go to file

Sebastiaan van Stijn d54cd0445e update go to 1.18.4 go1.18.4 (released 2022-07-12) includes security fixes to the compress/gzip, encoding/gob, encoding/xml, go/parser, io/fs, net/http, and path/filepath packages, as well as bug fixes to the compiler, the go command, the linker, the runtime, and the runtime/metrics package. See the Go 1.18.4 milestone on the issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.18.4+label%3ACherryPickApproved This update addresses: CVE-2022-1705, CVE-2022-1962, CVE-2022-28131, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632, CVE-2022-30633, CVE-2022-30635, and CVE-2022-32148. Full diff: https://github.com/golang/go/compare/go1.18.3...go1.18.4 From the security announcement; https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE We have just released Go versions 1.18.4 and 1.17.12, minor point releases. These minor releases include 9 security fixes following the security policy: - net/http: improper sanitization of Transfer-Encoding header The HTTP/1 client accepted some invalid Transfer-Encoding headers as indicating a "chunked" encoding. This could potentially allow for request smuggling, but only if combined with an intermediate server that also improperly failed to reject the header as invalid. This is CVE-2022-1705 and https://go.dev/issue/53188. - When `httputil.ReverseProxy.ServeHTTP` was called with a `Request.Header` map containing a nil value for the X-Forwarded-For header, ReverseProxy would set the client IP as the value of the X-Forwarded-For header, contrary to its documentation. In the more usual case where a Director function set the X-Forwarded-For header value to nil, ReverseProxy would leave the header unmodified as expected. This is https://go.dev/issue/53423 and CVE-2022-32148. Thanks to Christian Mehlmauer for reporting this issue. - compress/gzip: stack exhaustion in Reader.Read Calling Reader.Read on an archive containing a large number of concatenated 0-length compressed files can cause a panic due to stack exhaustion. This is CVE-2022-30631 and Go issue https://go.dev/issue/53168. - encoding/xml: stack exhaustion in Unmarshal Calling Unmarshal on a XML document into a Go struct which has a nested field that uses the any field tag can cause a panic due to stack exhaustion. This is CVE-2022-30633 and Go issue https://go.dev/issue/53611. - encoding/xml: stack exhaustion in Decoder.Skip Calling Decoder.Skip when parsing a deeply nested XML document can cause a panic due to stack exhaustion. The Go Security team discovered this issue, and it was independently reported by Juho Nurminen of Mattermost. This is CVE-2022-28131 and Go issue https://go.dev/issue/53614. - encoding/gob: stack exhaustion in Decoder.Decode Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is CVE-2022-30635 and Go issue https://go.dev/issue/53615. - path/filepath: stack exhaustion in Glob Calling Glob on a path which contains a large number of path separators can cause a panic due to stack exhaustion. Thanks to Juho Nurminen of Mattermost for reporting this issue. This is CVE-2022-30632 and Go issue https://go.dev/issue/53416. - io/fs: stack exhaustion in Glob Calling Glob on a path which contains a large number of path separators can cause a panic due to stack exhaustion. This is CVE-2022-30630 and Go issue https://go.dev/issue/53415. - go/parser: stack exhaustion in all Parse* functions Calling any of the Parse functions on Go source code which contains deeply nested types or declarations can cause a panic due to stack exhaustion. Thanks to Juho Nurminen of Mattermost for reporting this issue. This is CVE-2022-1962 and Go issue https://go.dev/issue/53616. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>		2022-07-13 12:40:24 +02:00
.github	update go to 1.18.4	2022-07-13 12:40:24 +02:00
cmd	Merge pull request #9507 from TheodosiouTh/tc/simplify-flag-conversion	2022-07-04 09:19:21 +02:00
docs	update go to 1.18.4	2022-07-13 12:40:24 +02:00
internal	move ACI/ECS -specific const to related packages	2021-08-31 16:05:32 +02:00
packaging	packaging: Add EULA	2020-09-22 15:04:16 +02:00
pkg	Merge pull request #9640 from glours/fix-close-network-name-issue	2022-07-13 10:46:13 +02:00
scripts/validate	move compose-cli code into docker/compose/v2	2021-08-31 19:09:19 +02:00
.dockerignore	contenairized documetation generation	2022-03-18 10:42:05 +01:00
.gitattributes	Removed test requiring linux containers	2020-06-11 12:58:58 +02:00
.gitignore	Add Azure sovereign cloud support	2021-02-15 18:38:59 -08:00
.golangci.yml	Fix golangci syntax error in run configuration	2022-07-03 01:45:52 +09:00
BUILDING.md	add new targets to build Compose binary before running e2e tests	2022-07-04 15:53:08 +02:00
CONTRIBUTING.md	CONTRIBUTING.md file. Update slack sign-up link	2022-03-04 12:25:11 +01:00
Dockerfile	update go to 1.18.4	2022-07-13 12:40:24 +02:00
LICENSE	Add LICENSE and NOTICE files	2020-08-17 10:20:49 +02:00
MAINTAINERS	Fix the maintainers array in MAINTAINERS	2021-11-02 22:39:51 +01:00
Makefile	add new targets to build Compose binary before running e2e tests	2022-07-04 15:53:08 +02:00
NOTICE	move compose-cli code into docker/compose/v2	2021-08-31 19:09:19 +02:00
README.md	Update README.md: typographical edit of "About update..."	2021-10-28 13:18:12 +02:00
builder.Makefile	add support for ppc64le	2022-04-14 17:25:01 +05:30
go.mod	build(deps): bump github.com/cnabio/cnab-to-oci from 0.3.4 to 0.3.5	2022-07-07 10:01:05 +00:00
go.sum	build(deps): bump github.com/cnabio/cnab-to-oci from 0.3.4 to 0.3.5	2022-07-07 10:01:05 +00:00
logo.png	move compose-cli code into docker/compose/v2	2021-08-31 19:09:19 +02:00

README.md

Docker Compose v2

Docker Compose is a tool for running multi-container applications on Docker defined using the Compose file format. A Compose file is used to define how the one or more containers that make up your application are configured. Once you have a Compose file, you can create and start your application with a single command: docker compose up.

About update and backward compatibility

Docker Compose V2 is a major version bump release of Docker Compose. It has been completely rewritten from scratch in Golang (V1 was in Python). The installation instructions for Compose V2 differ from V1. V2 is not a standalone binary anymore, and installation scripts will have to be adjusted. Some commands are different.

For a smooth transition from legacy docker-compose 1.xx, please consider installing compose-switch to translate docker-compose ... commands into Compose V2's docker compose .... . Also check V2's --compatibility flag.

Where to get Docker Compose

Windows and macOS

Docker Compose is included in Docker Desktop for Windows and macOS.

Linux

You can download Docker Compose binaries from the release page on this repository.

Rename the relevant binary for your OS to docker-compose and copy it to $HOME/.docker/cli-plugins

Or copy it into one of these folders for installing it system-wide:

/usr/local/lib/docker/cli-plugins OR /usr/local/libexec/docker/cli-plugins
/usr/lib/docker/cli-plugins OR /usr/libexec/docker/cli-plugins

(might require to make the downloaded file executable with chmod +x)

Quick Start

Using Docker Compose is basically a three-step process:

Define your app's environment with a Dockerfile so it can be reproduced anywhere.
Define the services that make up your app in docker-compose.yml so they can be run together in an isolated environment.
Lastly, run docker compose up and Compose will start and run your entire app.

A Compose file looks like this:

services:
  web:
    build: .
    ports:
      - "5000:5000"
    volumes:
      - .:/code
  redis:
    image: redis

Contributing

Want to help develop Docker Compose? Check out our contributing documentation.

If you find an issue, please report it on the issue tracker.