Publishing Docker Compose Applications as OCI Artifacts

--- title: Using Docker Compose with OCI artifacts linkTitle: OCI artifact applications weight: 110 description: How to publish and start Compose applications as OCI artifacts keywords: cli, compose, oci, docker hub, artificats, publish, package, distribute params: sidebar: badge: color: green text: New --- {{< summary-bar feature_name="Compose OCI artifact" >}} Docker Compose supports working with [OCI artifacts](/manuals/docker-hub/repos/manage/hub-images/oci-artifacts.md), allowing you to package and distribute your Compose applications through container registries. This means you can store your Compose files alongside your container images, making it easier to version, share, and deploy your multi-container applications. ## Publish your Compose application as an OCI artifact To distribute your Compose application as an OCI artifact, you can use the `docker compose publish` command, to publish it to an OCI-compliant registry. This allows others to deploy your application directly from the registry. The publish function supports most of the composition capabilities of Compose, like overrides, extends or include, [with some limitations](#limitations). ### General steps 1. Navigate to your Compose application's directory. Ensure you're in the directory containing your `compose.yml` file or that you are specifying your Compose file with the `-f` flag. 2. In your terminal, sign in to your Docker account so you're authenticated with Docker Hub. ```console $ docker login ``` 3. Use the `docker compose publish` command to push your application as an OCI artifact: ```console $ docker compose publish username/my-compose-app:latest ``` If you have multiple Compose files, run: ```console $ docker compose -f compose-base.yml -f compose-production.yml publish username/my-compose-app:latest ``` ### Advanced publishing options When publishing, you can pass additional options: - `--oci-version`: Specify the OCI version (default is automatically determined). - `--resolve-image-digests`: Pin image tags to digests. - `--with-env`: Include environment variables in the published OCI artifact. Compose checks to make sure there isn't any sensitive data in your configuration and displays your environment variables to confirm you want to publish them. ```text ... you are about to publish sensitive data within your OCI artifact. please double check that you are not leaking sensitive data AWS Client ID "services.serviceA.environment.AWS_ACCESS_KEY_ID": xxxxxxxxxx AWS Secret Key "services.serviceA.environment.AWS_SECRET_ACCESS_KEY": aws"xxxx/xxxx+xxxx+" Github authentication "GITHUB_TOKEN": ghp_xxxxxxxxxx JSON Web Token "": xxxxxxx.xxxxxxxx.xxxxxxxx Private Key "": -----BEGIN DSA PRIVATE KEY----- xxxxx -----END DSA PRIVATE KEY----- Are you ok to publish these sensitive data? [y/N]:y you are about to publish environment variables within your OCI artifact. please double check that you are not leaking sensitive data Service/Config serviceA FOO=bar Service/Config serviceB FOO=bar QUIX= BAR=baz Are you ok to publish these environment variables? [y/N]:

Docker Compose supports publishing and distributing applications as OCI artifacts via container registries. The `docker compose publish` command allows packaging Compose files with container images for versioning, sharing, and deployment. The process involves authenticating with a registry, running the publish command with a target repository, and optionally specifying OCI version, resolving image digests, and including environment variables. Users should be cautious when including environment variables to avoid publishing sensitive data.