refactor: replace deprecated docker-compose with docker compose across repository

2026-04-09 12:15:00 +02:00
parent 64b7d49056
commit dceefe0573
33 changed files with 115 additions and 114 deletions
@@ -86,8 +86,8 @@ test_unauthorized_access() {
 ## INF-01 Verification Pattern
 ```bash
 # From RESEARCH.md - Non-root container verification
-for service in $(docker-compose ps --services); do
-    container_name=$(docker-compose ps -q $service)
+for service in $(docker compose ps --services); do
+    container_name=$(docker compose ps -q $service)
    actual_user=$(docker exec $container_name whoami 2>/dev/null)
    if [ "$actual_user" = "root" ]; then
        echo "FAIL: $service running as root"
@@ -444,7 +444,7 @@ test_no_container_runs_as_root() {
    fi

    # Get all services from compose file
-    local services=$(docker-compose -f "$compose_file" ps --services 2>/dev/null || echo "")
+    local services=$(docker compose -f "$compose_file" ps --services 2>/dev/null || echo "")

    if [ -z "$services" ]; then
        echo -e "${YELLOW}SKIP${NC}: No services defined yet"
@@ -455,7 +455,7 @@ test_no_container_runs_as_root() {
    local root_containers=0
    while IFS= read -r service; do
        if [ -n "$service" ]; then
-            local container_name=$(docker-compose -f "$compose_file" ps -q "$service" 2>/dev/null || echo "")
+            local container_name=$(docker compose -f "$compose_file" ps -q "$service" 2>/dev/null || echo "")
            if [ -n "$container_name" ]; then
                local user=$(docker exec "$container_name" whoami 2>/dev/null || echo "unknown")
                if [ "$user" = "root" ]; then
@@ -586,11 +586,11 @@ else
    fi

    # If containers are running, verify they're not root
-    if docker-compose -f "$compose_file" ps --services 2>/dev/null | grep -q .; then
+    if docker compose -f "$compose_file" ps --services 2>/dev/null | grep -q .; then
        local root_count=0
        while IFS= read -r service; do
            [ -z "$service" ] && continue
-            local container=$(docker-compose -f "$compose_file" ps -q "$service" 2>/dev/null || echo "")
+            local container=$(docker compose -f "$compose_file" ps -q "$service" 2>/dev/null || echo "")
            if [ -n "$container" ]; then
                local user=$(docker exec "$container" whoami 2>/dev/null || echo "unknown")
                if [ "$user" = "root" ]; then
@@ -598,7 +598,7 @@ else
                    ((root_count++))
                fi
            fi
-        done <<< "$(docker-compose -f "$compose_file" ps --services 2>/dev/null)"
+        done <<< "$(docker compose -f "$compose_file" ps --services 2>/dev/null)"

        if [ $root_count -eq 0 ]; then
            echo -e "  ${GREEN}✓${NC} All running containers are non-root"
@@ -606,7 +606,7 @@ else
            all_passed=false
        fi
    else
-        echo -e "  ${YELLOW}○${NC} No containers running (start with docker-compose up)"
+        echo -e "  ${YELLOW}○${NC} No containers running (start with docker compose up)"
    fi
 fi
 echo ""
@@ -822,8 +822,8 @@ done

 ```bash
 # Verifica tutti i servizi nel compose file
-docker-compose ps --services | while read service; do
-    container=$(docker-compose ps -q $service)
+docker compose ps --services | while read service; do
+    container=$(docker compose ps -q $service)
    echo "Service: $service, User: $(docker exec $container whoami)"
 done
 ```
@@ -271,7 +271,7 @@ Key implementation points:
 - Container name matches test expectations
 - Healthcheck verifies non-root user
 - Comments explain why no volumes/networks (future labs)
- Follows docker-compose V3.8 syntax
+- Follows docker compose V3.8 syntax
 - No ports exposed (security best practice)

 TDD Context: Tests from Wave 0 check for user directive - this configuration should satisfy those tests.
@@ -282,7 +282,7 @@ INF-01 Compliance:
 - No possibility of root execution
  </action>
  <verify>
-    <automated>cd labs/lab-01-iam && docker-compose config > /dev/null 2>&1 && echo "PASS: docker-compose.yml is valid" || echo "FAIL: docker-compose.yml has errors"</automated>
+    <automated>cd labs/lab-01-iam && docker compose config > /dev/null 2>&1 && echo "PASS: docker-compose.yml is valid" || echo "FAIL: docker-compose.yml has errors"</automated>
  </verify>
  <done>docker-compose.yml defines service with non-root user directive</done>
 </task>
@@ -331,7 +331,7 @@ fail_count=0

 # Test 1: docker-compose.yml is valid
 echo -e "${BLUE}[1/6] Checking docker-compose.yml syntax...${NC}"
-if docker-compose config >/dev/null 2>&1; then
+if docker compose config >/dev/null 2>&1; then
    echo -e "  ${GREEN}✓${NC} docker-compose.yml is valid YAML"
    ((pass_count++))
 else
@@ -402,11 +402,11 @@ else
 fi
 echo ""

-# Test 6: Verify docker-compose service
-echo -e "${BLUE}[6/6] Verifying docker-compose service...${NC}"
+# Test 6: Verify docker compose service
+echo -e "${BLUE}[6/6] Verifying docker compose service...${NC}"
 # Start container in detached mode
-if docker-compose up -d >/dev/null 2>&1; then
-    echo -e "  ${GREEN}✓${NC} docker-compose service started"
+if docker compose up -d >/dev/null 2>&1; then
+    echo -e "  ${GREEN}✓${NC} docker compose service started"

    # Wait for container to be ready
    sleep 3
@@ -418,10 +418,10 @@ if docker-compose up -d >/dev/null 2>&1; then
        # Verify user
        actual_user=$(docker exec lab01-iam-test whoami 2>/dev/null || echo "unknown")
        if [ "$actual_user" = "labuser" ]; then
-            echo -e "  ${GREEN}✓${NC} docker-compose container runs as non-root"
+            echo -e "  ${GREEN}✓${NC} docker compose container runs as non-root"
            ((pass_count++))
        else
-            echo -e "  ${RED}✗${NC} docker-compose container running as $actual_user (expected labuser)"
+            echo -e "  ${RED}✗${NC} docker compose container running as $actual_user (expected labuser)"
            ((fail_count++))
        fi
    else
@@ -430,9 +430,9 @@ if docker-compose up -d >/dev/null 2>&1; then
    fi

    # Cleanup
-    docker-compose down --volumes >/dev/null 2>&1
+    docker compose down --volumes >/dev/null 2>&1
 else
-    echo -e "  ${RED}✗${NC} Failed to start docker-compose service"
+    echo -e "  ${RED}✗${NC} Failed to start docker compose service"
    ((fail_count++))
 fi
 echo ""
@@ -466,7 +466,7 @@ Key implementation points:
 - Verifies USER directive in Dockerfile
 - Verifies user directive in docker-compose.yml
 - Builds and tests Docker image
- Starts container with docker-compose and verifies execution
+- Starts container with docker compose and verifies execution
 - Proper cleanup after testing
 - Clear pass/fail indicators

@@ -483,7 +483,7 @@ TDD Context: This script confirms the GREEN phase - infrastructure implementatio
 <verification>
 1. Dockerfile creates non-root user with USER directive
 2. docker-compose.yml specifies user directive for service
-3. docker-compose config validates without errors
+3. docker compose config validates without errors
 4. Docker build succeeds without warnings
 5. Container execution verified as non-root (whoami, docker inspect, docker top)
 6. All Wave 0 tests now pass (GREEN phase of TDD)
@@ -117,7 +117,7 @@ Created a 163-line bash script that validates all infrastructure requirements:
 - **Test 3:** Verifies docker-compose.yml has non-root user directive
 - **Test 4:** Builds Docker image successfully
 - **Test 5:** Verifies container runs as non-root (whoami check)
- **Test 6:** Starts docker-compose service and verifies execution
+- **Test 6:** Starts docker compose service and verifies execution

 **Result:** 6/6 tests passed - GREEN phase complete.

@@ -175,7 +175,7 @@ All 6 infrastructure tests passed:
 [3/6] docker-compose.yml user directive (1000:1000)  PASS
 [4/6] Docker image builds successfully               PASS
 [5/6] Container runs as non-root (labuser)           PASS
-[6/6] docker-compose service verification            PASS
+[6/6] docker compose service verification            PASS
 ```

 ## Requirements Satisfied
@@ -165,7 +165,7 @@ services:

 ### Pitfall 3: Insufficient Verification of Non-Root Execution
 **What goes wrong:** Container configured with `USER` directive but still running as root
-**Why it happens:** Dockerfile USER directive not applied, or docker-compose `user` override missing, or container switches back to root
+**Why it happens:** Dockerfile USER directive not applied, or docker compose `user` override missing, or container switches back to root
 **How to avoid:** Always verify with `docker exec <container> whoami` AND `docker inspect <container> | grep User`
 **Warning signs:** Container process shows as root in `docker top` or `docker inspect`

@@ -204,7 +204,7 @@ docker exec <container_name> whoami

 # Method 2: Inspect container configuration
 docker inspect <container_name> --format='{{.State.User}}'
-# Note: May show empty if using docker-compose user directive
+# Note: May show empty if using docker compose user directive

 # Method 3: Check process on host
 docker top <container_name>
@@ -389,8 +389,8 @@ echo "All tests passed!" || echo "Some tests failed"
 **Automated Verification:**
 ```bash
 # Test runs for every container defined in docker-compose.yml
-for service in $(docker-compose ps --services); do
-    container_name=$(docker-compose ps -q $service)
+for service in $(docker compose ps --services); do
+    container_name=$(docker compose ps -q $service)
    actual_user=$(docker exec $container_name whoami 2>/dev/null)
    if [ "$actual_user" = "root" ]; then
        echo "FAIL: $service running as root"
@@ -402,7 +402,7 @@ echo "PASS: All containers running as non-root"

 **Manual Verification:**
 1. Check docker-compose.yml for `user:` directive on all services
-2. Run `docker-compose ps` to get container names
+2. Run `docker compose ps` to get container names
 3. Run `docker top <container>` and verify USER column != root
 4. Run `docker inspect <container>` and verify Config.User is set