Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
There are a number of incorrect statements in this post.
1) One should neither be using the "latest" nor just the "version" tag as the version can still vary depending on when it is pulled.
Instead, one should use a combination of version + hash, say alpine:3.18.2@sha256:82d1e9d7ed48a7523bdebc18cf6290bdb97b82302a8a9c27d4fe885949ea94d1 for reproducibility reasons. This provides for human readable versions as well as the specific hash.
2) Next, afaik, Compose has removed the need for version tags. All of the compose.yml files that I now use do not specify versions.
See https://github.com/compose-spec/compose-spec/blob/master/04-...
Related posts
- Some options missing for me.
- When I create a docker-compose file to deploy multiple containers, do the different versions of each compose file matter?
- A compose file visualization tool that follows compose-spec and allows you to gernerate graph in several formats.
- Why Does Everything Say Docker Compose is Deprecated / Dead?
- 12 Factor: 13 years later