compose: recreate container when mounted image digest changes#13549
Merged
ndeloof merged 1 commit intodocker:mainfrom Jan 26, 2026
Merged
compose: recreate container when mounted image digest changes#13549ndeloof merged 1 commit intodocker:mainfrom
ndeloof merged 1 commit intodocker:mainfrom
Conversation
ndeloof
reviewed
Jan 23, 2026
Contributor
ndeloof
left a comment
ndeloof
left a comment
There was a problem hiding this comment.
I'm not a fan about using (yet another) labels for this.
As an alternative, I suggest compose could resolve digest for image used as volume source, and update service definition accordingly (comparable to docker compose config --resolve-image-digests). Doing so we get a service definition that can be compared with actual container state.
ibrahimypr
force-pushed
the
fix/image-mount-recreate
branch
from
38a9962 to
12e2cd1
Compare
Contributor
Author
|
Thanks for the feedback! I've updated the implementation to resolve the image digest directly in the volume source. |
ndeloof
reviewed
Jan 26, 2026
| } | ||
| if img, ok := images[imgName]; ok { | ||
| // Append digest to source so config hash changes when image is rebuilt | ||
| service.Volumes[i].Source = fmt.Sprintf("%s@%s", vol.Source, img.ID) |
Contributor
There was a problem hiding this comment.
better use of reference.ParseDockerRef() then reference.WithDigest() to enforce format follows expectations
ndeloof
reviewed
Jan 26, 2026
| "gotest.tools/v3/assert" | ||
| ) | ||
|
|
||
| func TestMustRecreateImageMounts(t *testing.T) { |
Contributor
There was a problem hiding this comment.
we prefer use of e2e test on docker/compose as those allows to detect actual issues with the engine API.
ibrahimypr
force-pushed
the
fix/image-mount-recreate
branch
from
12e2cd1 to
ac49d00
Compare
Contributor
Author
|
Sorry for the amateur mistakes, this is my first open source contribution! |
ibrahimypr
force-pushed
the
fix/image-mount-recreate
branch
from
ac49d00 to
193247d
Compare
ndeloof
previously approved these changes
Jan 26, 2026
ibrahimypr
force-pushed
the
fix/image-mount-recreate
branch
from
193247d to
822f608
Compare
Contributor
Author
|
Fixed subpath in e2e test fixture (must be relative path) causing daemon error. Also addressed linter feedback. |
ndeloof
reviewed
Jan 26, 2026
| return nil | ||
| } | ||
|
|
||
| func resolveImageVolumes(service types.ServiceConfig, images map[string]api.ImageSummary, projectName string) { |
Contributor
There was a problem hiding this comment.
I wonder this works as expected as you don't pass a *types.ServiceConfig so struct is copied in function scope, leaving original unmodified.
Until now, mustRecreate logic only checked for divergence in TypeVolume mounts but ignored TypeImage mounts. This inconsistency caused containers to erroneously retain stale images even after the source image was rebuilt. This commit updates ensureImagesExists to resolve image volume sources to their digests using the official reference package. This enables ServiceHash (config hash) to naturally detect underlying image digest changes, triggering recreation via the standard convergence logic. An E2E test case is added to verify this behavior. Fixes docker#13547 Signed-off-by: ibrahim yapar <[email protected]>
ibrahimypr
force-pushed
the
fix/image-mount-recreate
branch
from
822f608 to
3463651
Compare
Contributor
Author
|
Thanks again for the review!
|
ndeloof
approved these changes
Jan 26, 2026
Codecov Report❌ Patch coverage is
📢 Thoughts on this report? Let us know! |
tmeijn
pushed a commit
to tmeijn/dotfiles
that referenced
this pull request
Feb 25, 2026
This MR contains the following updates: | Package | Update | Change | |---|---|---| | [docker/compose](https://github.com/docker/compose) | minor | `v5.0.2` → `v5.1.0` | MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot). **Proposed changes to behavior should be submitted there as MRs.** --- ### Release Notes <details> <summary>docker/compose (docker/compose)</summary> ### [`v5.1.0`](https://github.com/docker/compose/releases/tag/v5.1.0) [Compare Source](docker/compose@v5.0.2...v5.1.0) #### What's Changed ##### 🐛 Fixes - emit container status events after network reconnection (fixes [#​13524](docker/compose#13524)) by [@​MaheshThakur9152](https://github.com/MaheshThakur9152) in [#​13529](docker/compose#13529) - Fix potential nil pointer dereference in container event monitoring by [@​Nepomuk5665](https://github.com/Nepomuk5665) in [#​13551](docker/compose#13551) - compose: recreate container when mounted image digest changes by [@​ibrahimypr](https://github.com/ibrahimypr) in [#​13549](docker/compose#13549) - fix panic by [@​ndeloof](https://github.com/ndeloof) in [#​13562](docker/compose#13562) - Fix invalid path error when using OCI artifacts on Windows by [@​mikesir87](https://github.com/mikesir87) in [#​13574](docker/compose#13574) - fix: execute post\_start hooks in docker compose run by [@​veeceey](https://github.com/veeceey) in [#​13607](docker/compose#13607) - Fix panic when watch rebuilds without up by [@​maxproske](https://github.com/maxproske) in [#​13610](docker/compose#13610) ##### 🔧 Internal - fsnotify is set in Dockerfile by [@​ndeloof](https://github.com/ndeloof) in [#​13533](docker/compose#13533) - Dockerfile: update golangci-lint to v2.8.0 by [@​thaJeztah](https://github.com/thaJeztah) in [#​13535](docker/compose#13535) - replace some uses of strings.Split(N) for strings.Cut by [@​thaJeztah](https://github.com/thaJeztah) in [#​13542](docker/compose#13542) - Upgrade GitHub Actions to latest versions by [@​salmanmkc](https://github.com/salmanmkc) in [#​13546](docker/compose#13546) - pkg/compose: remove dependency on github.com/docker/buildx/driver by [@​thaJeztah](https://github.com/thaJeztah) in [#​13563](docker/compose#13563) - use Docker GitHub Builder to build and sign binaries and bin image by [@​crazy-max](https://github.com/crazy-max) in [#​13568](docker/compose#13568) - ci: fix bin-image job by [@​crazy-max](https://github.com/crazy-max) in [#​13569](docker/compose#13569) - pkg/compose: defaultNetworkSettings: refactor by [@​thaJeztah](https://github.com/thaJeztah) in [#​13580](docker/compose#13580) - pkg/compose: un-export consts by [@​thaJeztah](https://github.com/thaJeztah) in [#​13584](docker/compose#13584) - modernize some code by [@​thaJeztah](https://github.com/thaJeztah) in [#​13588](docker/compose#13588) ##### ⚙️ Dependencies - update to go1.25.7 by [@​thaJeztah](https://github.com/thaJeztah) in [#​13573](docker/compose#13573) - build(deps): bump golang.org/x/sys from 0.40.0 to 0.41.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​13578](docker/compose#13578) - build(deps): bump go.yaml.in/yaml/v4 from 4.0.0-rc.3 to 4.0.0-rc.4 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​13541](docker/compose#13541) - migrate to moby modules by [@​thaJeztah](https://github.com/thaJeztah) in [#​13078](docker/compose#13078) #### New Contributors - [@​MaheshThakur9152](https://github.com/MaheshThakur9152) made their first contribution in [#​13529](docker/compose#13529) - [@​salmanmkc](https://github.com/salmanmkc) made their first contribution in [#​13546](docker/compose#13546) - [@​Nepomuk5665](https://github.com/Nepomuk5665) made their first contribution in [#​13551](docker/compose#13551) - [@​ibrahimypr](https://github.com/ibrahimypr) made their first contribution in [#​13549](docker/compose#13549) - [@​veeceey](https://github.com/veeceey) made their first contribution in [#​13607](docker/compose#13607) **Full Changelog**: <docker/compose@v5.0.2...v5.1.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this MR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box --- This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4zNS4xIiwidXBkYXRlZEluVmVyIjoiNDMuMzUuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiUmVub3ZhdGUgQm90IiwiYXV0b21hdGlvbjpib3QtYXV0aG9yZWQiLCJkZXBlbmRlbmN5LXR5cGU6Om1pbm9yIl19-->
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What I did
Until now,
mustRecreatelogic only checked for divergence inTypeVolumemounts but ignoredTypeImagemounts. This inconsistency caused containers to erroneously retain stale images even after the source image was rebuilt.This commit introduces a new label
com.docker.compose.image.mountsthat tracks the digests of images used as mounts. The convergence logic is updated to verify this label, ensuring that containers are correctly recreated whenever the underlying image mount digest changes.Related issue
Fixes #13547