Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
docker-compose
Advanced tools
docker-compose
is a small library that allows you to run docker-compose (which is still required) via Node.js. This is useful to bootstrap test environments.
As of version 1.0, this library only supports docker compose
(v2, the docker "compose" plugin). The docker-compose
(v1) has been removed from recent releases of Docker Desktop and is no longer supported. Use the 0.x
versions of this library if you still need to use the old docker-compose
(v1).
yarn add --dev docker-compose
The documentation can be found here.
docker-compose
import * as compose from 'docker-compose'
You can also import only the required commands:
import { run, upAll } from 'docker-compose'
To start service containers based on the docker-compose.yml
file in your current directory, just call compose.upAll
like this:
compose.upAll({ cwd: path.join(__dirname), log: true }).then(
() => {
console.log('done')
},
(err) => {
console.log('something went wrong:', err.message)
}
)
Start specific services using compose.upMany
:
const services = ['serviceA', 'serviceB']
compose.upMany(services, { cwd: path.join(__dirname), log: true })
Or start a single service with compose.upOne
:
const service = 'serviceA'
compose.upOne(service, { cwd: path.join(__dirname), log: true })
To execute command inside a running container
compose.exec('node', 'npm install', { cwd: path.join(__dirname) })
To list the containers for a compose project
const result = await compose.ps({ cwd: path.join(__dirname) })
result.data.services.forEach((service) => {
console.log(service.name, service.command, service.state, service.ports)
// state is e.g. 'Up 2 hours'
})
The --format json
command option can be used to get a better state support:
const result = await compose.ps({ cwd: path.join(__dirname), commandOptions: [["--format", "json"]] })
result.data.services.forEach((service) => {
console.log(service.name, service.command, service.state, service.ports)
// state is one of the defined states: paused | restarting | removing | running | dead | created | exited
})
docker compose
seems to send its exit code also commands don't seem to have finished. This doesn't occur for all commands, but for example with stop
or down
. We had the option to wait for stopped / removed containers using third party libraries but this would make bootstrapping docker-compose
much more complicated for the users. So we decided to use a setTimeout(500)
workaround. We're aware this is not perfect, but it seems to be the most appropriate solution for now. Details can be found in the v2 PR discussion (we're happy to get help here).While docker-compose
runs on Node.js 6+, running the tests requires you to use Node.js 8+ as they make use of async/await
.
yarn test
This project is just getting off the ground and could use some help with cleaning things up and refactoring.
If you want to contribute - we'd love it! Just open an issue to work against so you get full credit for your fork. You can open the issue first so we can discuss and you can work your fork as we go along.
If you see a bug, please be so kind as to show how it's failing, and we'll do our best to get it fixed quickly.
Before sending a PR, please create an issue to introduce your idea and have a reference for your PR.
We're using conventional commits, so please use it for your commits as well.
Also please add tests and make sure to run yarn lint
.
If you want to discuss an docker-compose
issue or PR in more detail, feel free to start a discussion.
MIT License
Copyright (c) 2017 - 2021 PDMLab
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
FAQs
Manage docker-compose from Node.js
The npm package docker-compose receives a total of 585,041 weekly downloads. As such, docker-compose popularity was classified as popular.
We found that docker-compose demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.