colby gutierrez-kraybill
21 June 2022
The volume bind mount type for docker-compose requires that the source directory/file exist before the directory/file is mounted. There are scenarios where you want to mount credentials, for example, .aws. This can keep the credentials out of a checked in docker-compose.yml and leave it to the responsibility of the developer.
Example configuration:
...
- type: bind
source: ~/.aws
target: /root/.aws
consistency: cached
volume:
nocopy: true
...When using docker in a third-party CI/CD pipeline, this can cause errors like:
...
ERROR: for scratch-backpack-app Cannot create container for service app: invalid mount config for type "bind": bind source path does not exist: /home/travis/.aws
ERROR: for app Cannot create container for service app: invalid mount config for type "bind": bind source path does not exist: /home/travis/.aws
...Since the home directory does not contain .aws the docker-compose command fails.
One solution:
...
- type: bind
source: ${AWS_CREDENTIALS_DIR:-~/.aws}
target: /root/.aws
consistency: cached
volume:
nocopy: true
...Leveraging shell substitution syntax, this will look for an environment variable AWS_CREDENTIALS_DIR and use it if it exists. If it does not exist, it will default to ~/.aws
Et voila, it is done!