Is there a straightforward way to view an application docker-compose prior to install?
In relation to what?
Docker compose is just a YAML file which is basically a specially formatted text file. Typically it is named compose.yaml or docker-compose.yml, and is used to define and run more advanced application setups and multi-container applications.
If it’s an app installed from the Truenas Apps tab then not really and if you do find it any changes you make to it will revert on the next app stop/start cycle.
If it is a Truenas App that was converted in the apps screen to a custom app, then yes, but only from within the custom file editor they provide on the app edit screen. Not quite as convenient as some would like but will accomplish the job.
If it is an app you are installing manually through one of several methods into you data pool, then you have full control over the compose file and yes you should inspect it and make sure you understand what each lines intent is.
1 Like
I don’t think there’s a straightforward way to view a compose file for TrueNAS apps since there is TrueNAS middleware in the mix, and (I think) the compose file is at least partly generated by the answers you provide when installing an app. That said, you may be able to dig around in the app repo to get an idea of what options an app may offer and what the generated compose file might be. I think this is as close as you can get to what you’re asking, but it’s not really straightforward.
2 Likes
Question is in context of general auditability of apps deployed by marketplace (e.g. assessing supply-chain attack surface, etc).
A hypothetical ideal state might be an option for an intervening deployment step, that allows user to review the dynamically generated docker-compose before proceeding along a more transparent, straightforward docker-compose up deployment. Maybe worth a feature request, but benefiting user population might be too small. Perhaps just be the cutoff point for moving to manual container deployments.
That sounds consistent with what I was finding in the app repos as well. What I can find seems to be heavily templated, and produced with fairly extensive business logic. (Apparently, I cannot post the links). Would be a lot to disentangle from the middleware, as you note. Thanks.