Skip to content

Fix: Disable in-pod placement for podman-compose by default #4381

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
MarkTwoFive wants to merge 2 commits into
base: master
Choose a base branch
from
+6 −4
Open

Fix: Disable in-pod placement for podman-compose by default #4381

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
38fff9a
fix: Initialization commands may fail on Podman
MarkTwoFive Jun 19, 2026
cfee360
chore: Remove no longer required dcr pod customization
MarkTwoFive Jun 19, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions docker-compose.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -122,6 +122,11 @@ x-snuba-defaults: &snuba_defaults
# If you have statsd server, you can utilize that to monitor self-hosted Snuba containers.
# To start, state these environment variables below on your `.env.` file and adjust the options as needed.
SNUBA_STATSD_ADDR: "${STATSD_ADDR:-}"

# Prevent podman from placing the compose stack and ad-hoc containers into pods
x-podman:
in_pod: false

services:
smtp:
<<: *restart_policy
Expand Down
5 changes: 1 addition & 4 deletions install/dc-detect-version.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,10 +51,7 @@ proxy_args="--build-arg HTTP_PROXY=${HTTP_PROXY:-} --build-arg HTTPS_PROXY=${HTT
exec_proxy_args="-e HTTP_PROXY=${HTTP_PROXY:-} -e HTTPS_PROXY=${HTTPS_PROXY:-} -e NO_PROXY=${NO_PROXY:-} -e http_proxy=${http_proxy:-} -e https_proxy=${https_proxy:-} -e no_proxy=${no_proxy:-}"
if [[ "$CONTAINER_ENGINE" == "podman" ]]; then
proxy_args_dc="--podman-build-args HTTP_PROXY=${HTTP_PROXY:-},HTTPS_PROXY=${HTTPS_PROXY:-},NO_PROXY=${NO_PROXY:-},http_proxy=${http_proxy:-},https_proxy=${https_proxy:-},no_proxy=${no_proxy:-}"
# Disable pod creation as these are one-off commands and creating a pod
# prints its pod id to stdout which is messing with the output that we
# rely on various places such as configuration generation
dcr="$dc --profile=feature-complete --in-pod=false run --rm"
dcr="$dc --profile=feature-complete run --rm"

@sentry sentry Bot Jun 19, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: Removing --in-pod=false from dcr may cause podman-compose run to print a pod ID to stdout, breaking scripts that parse its output.
Severity: HIGH

Suggested Fix

Verify if podman-compose run respects the x-podman: in_pod: false setting from the compose file. If it does not, or if the behavior is undocumented, restore the --in-pod=false flag to the dcr variable in install/dc-detect-version.sh to guarantee that no pod ID is printed to stdout during script execution.

Prompt for AI Agent 
Review the code at the location below. A potential bug has been identified by an AI
agent. Verify if this is a real issue. If it is, propose a fix; if not, explain why it's
not valid.

Location: install/dc-detect-version.sh#L54

Potential issue: The pull request removes the `--in-pod=false` flag from the `dcr` alias
for `podman-compose run`, relying instead on the `x-podman: in_pod: false` setting in
`docker-compose.yml`. It is uncertain whether `podman-compose run` respects this compose
file setting for ad-hoc commands. If it does not, the command will print a pod ID to
standard output. This will break several critical initialization scripts that parse the
output of `dcr` for tasks like database migrations (`web upgrade`), credential
generation, and JSON parsing, causing deployment failures.

Also affects:

  • docker-compose.yml:122~124

Did we get this right? 👍 / 👎 to inform future reviews.

else
proxy_args_dc=$proxy_args
dcr="$dc run --pull=never --rm"
Expand Down