{"id":41010334,"url":"https://github.com/trusch/stackctl","last_synced_at":"2026-01-22T09:03:11.122Z","repository":{"id":57707148,"uuid":"280376673","full_name":"trusch/stackctl","owner":"trusch","description":"run compose files as rootless podman pods","archived":false,"fork":false,"pushed_at":"2021-05-20T07:27:33.000Z","size":88,"stargazers_count":7,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2024-06-19T18:08:44.870Z","etag":null,"topics":["compose-spec","containers","developer-tools","podman","rootless"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/trusch.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-07-17T08:57:18.000Z","updated_at":"2023-12-20T16:16:46.000Z","dependencies_parsed_at":"2022-09-26T21:20:38.098Z","dependency_job_id":null,"html_url":"https://github.com/trusch/stackctl","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/trusch/stackctl","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trusch%2Fstackctl","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trusch%2Fstackctl/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trusch%2Fstackctl/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trusch%2Fstackctl/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/trusch","download_url":"https://codeload.github.com/trusch/stackctl/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trusch%2Fstackctl/sbom","scorecard":{"id":899966,"data":{"date":"2025-08-11","repo":{"name":"github.com/trusch/stackctl","commit":"49f1dda7a142b43ac77b0eae89d9187ce194f423"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":1.4,"checks":[{"name":"Code-Review","score":0,"reason":"Found 0/18 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":0,"reason":"license file not detected","details":["Warn: project does not have a license file"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":1,"reason":"9 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2022-0229 / GHSA-cjjc-xp8v-855w","Warn: Project is vulnerable to: GO-2020-0012 / GHSA-ffhg-7mh4-33c4","Warn: Project is vulnerable to: GO-2021-0227 / GHSA-3vm4-22fp-5rfm","Warn: Project is vulnerable to: GO-2022-0968 / GHSA-gwc9-m7rh-j2ww","Warn: Project is vulnerable to: GO-2021-0356 / GHSA-8c26-wmh5-6g9v","Warn: Project is vulnerable to: GO-2024-2961","Warn: Project is vulnerable to: GO-2023-2402 / GHSA-45x7-px36-x8w8","Warn: Project is vulnerable to: GO-2024-3321 / GHSA-v778-237x-gjrc","Warn: Project is vulnerable to: GO-2025-3487 / GHSA-hcg3-q754-cr77"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-24T15:12:09.495Z","repository_id":57707148,"created_at":"2025-08-24T15:12:09.495Z","updated_at":"2025-08-24T15:12:09.495Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28659900,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-22T01:17:37.254Z","status":"online","status_checked_at":"2026-01-22T02:00:07.137Z","response_time":144,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["compose-spec","containers","developer-tools","podman","rootless"],"created_at":"2026-01-22T09:03:11.037Z","updated_at":"2026-01-22T09:03:11.113Z","avatar_url":"https://github.com/trusch.png","language":"Go","readme":"stackctl\n========\n\nLets you run compose files as rootless podman pods!\n\n## Scope\n\nThis project aims at proving a tool to seamlessly spin-up and manage [rootless podman](https://github.com/containers/podman) pods following a compose file.\nIt provides some additional extensions which try to make the developer workflow with the application stack as easy as possible.\n\n## Usage\n\nLets assume the following `compose.yaml` file that lives in a folder called `test-project`:\n\n```yaml\nversion: \"3.8\"\nservices:\n  alpine1:\n    image: alpine\n    command: [\"tail\", \"-f\", \"/dev/null\"]\n  alpine2:\n    image: alpine\n    command: [\"tail\", \"-f\", \"/dev/null\"]\n```\n\nYou can now easily spin that up by using `stackctl up`:\n\n```bash\n➜ stackctl up\n➜ stackctl status\n       ID      |  NAME   |              IMAGE              |      STATUS\n---------------+---------+---------------------------------+-------------------\n  2d2d21f7a4f5 | alpine1 | docker.io/library/alpine:latest | Up 3 seconds ago\n  bb71867756fb | alpine2 | docker.io/library/alpine:latest | Up 2 seconds ago\n```\n\nYou also have more fine grained control over the process if you want:\n\n```bash\n➜ stackctl create\nINFO[0000] creating pod\nINFO[0000] creating container for alpine1\nINFO[0000] creating container for alpine2\n➜ stackctl status\n       ID      |  NAME   |              IMAGE              | STATUS\n---------------+---------+---------------------------------+----------\n  612c7e3e1b18 | alpine1 | docker.io/library/alpine:latest | Created\n  6361bbfad2ae | alpine2 | docker.io/library/alpine:latest | Created\n➜ stackctl start alpine1\nINFO[0000] starting container for alpine1\n➜ stackctl status\n       ID      |  NAME   |              IMAGE              |      STATUS\n---------------+---------+---------------------------------+-------------------\n  612c7e3e1b18 | alpine1 | docker.io/library/alpine:latest | Up 2 seconds ago\n  6361bbfad2ae | alpine2 | docker.io/library/alpine:latest | Created\n➜ stackctl start alpine2\nINFO[0000] starting container for alpine2\n➜ stackctl status\n       ID      |  NAME   |              IMAGE              |      STATUS\n---------------+---------+---------------------------------+--------------------\n  612c7e3e1b18 | alpine1 | docker.io/library/alpine:latest | Up 14 seconds ago\n  6361bbfad2ae | alpine2 | docker.io/library/alpine:latest | Up 8 seconds ago\n➜ stackctl stop\nINFO[0000] stopping pod\n➜ stackctl remove\nINFO[0000] removing pod\n```\n\nIf you want to restart a service, but not rerendering the image, you can do so using `stackctl restart alpine1`\n\nIf you want to really rerender the image and start a new container from this use `stackctl recreate alpine1`. This is usefull when you locally rebuild an image and want to upgrade one of your services with the newest local image.\n\n## Additional nice things\n\n### `recreate` with tricks\n\nYou can override the image that is used when recreating a service without touching your compose file. Just supply it as argument to the `stackctl recreate` call:\n\n```bash\n➜ stackctl recreate alpine1 --image alpine:edge\nINFO[0000] stop service alpine1\nINFO[0001] remove service alpine1\nINFO[0001] create service alpine1\nTrying to pull docker.io/library/alpine:edge...\nGetting image source signatures\nCopying blob 5d2415897100 done\nCopying config 3c791e92a8 done\nWriting manifest to image destination\nStoring signatures\n93a9ee4f683ed714ac5ddae50652df186feed762acc7a7f7f5af07ab730690be\nINFO[0006] start service alpine1\n➜ stackctl status\n       ID      |  NAME   |              IMAGE              |      STATUS\n---------------+---------+---------------------------------+--------------------\n  93a9ee4f683e | alpine1 | docker.io/library/alpine:edge   | Up 2 seconds ago\n  03e27a4a6aa5 | alpine2 | docker.io/library/alpine:latest | Up 10 minutes ago\n\n```\n\nIf you have images build from your CI for pull requests of specific components you can also use the special config directive `x-pr-template` to reference the PRs while recreating.\n\n```bash\n➜ cat compose.yaml\nversion: \"3.8\"\nx-pr-template: \"your-registry.io/pr-templates/{{ .Service }}:{{ .PR }}\"\nservices:\n  alpine1:\n    image: alpine\n    command: [\"tail\", \"-f\", \"/dev/null\"]\n  alpine2:\n    image: alpine\n    command: [\"tail\", \"-f\", \"/dev/null\"]\n➜ stackctl recreate alpine1 --with-pr 123\nINFO[0000] stop service alpine1\nINFO[0001] remove service alpine1\nINFO[0001] create service alpine1\nTrying to pull your-registry.io/pr-templates/alpine1:123...\n[...]\n```\n\nYou can also supply a service local `x-pr-template` directive that takes precedence over the global template in case the PR image name is not simply constructable by using the service name and the PR number (like if you have two services which have different names, but the same image repository).\n\n### Centralize your port forwarding\n\nSince all services get created in one network namespace, and therefore all port declarations can't be conflicting, we can also declare them on the toplevel to have them easily discoverable:\n\n```yaml\nversion: \"3.8\"\nx-ports:\n  \"127.0.0.1:3001\": \"3001/tcp\"\nservices:\n  alpine1:\n    image: alpine\n    command: [\"tail\", \"-f\", \"/dev/null\"]\n  alpine2:\n    image: alpine\n    command: [\"tail\", \"-f\", \"/dev/null\"]\n\n```\n\n## Completeness And Compability Disclaimer\n\nThis doesn't implement all of the [compose-spec](https://github.com/compose/compose-spec). In fact it just implements the most important and most used parts of the spec needed to define your services. Since the goal of this project is to provide a developer tool that uses rootless podman pods, its also simply not possible to implement certain things like networking, resource contraints, privileges etc. Once rootless containers are matured, so that these are all doable things, I would be more than happy to extend in this regard.\n\nThere is also no (or just very limited) command line compability to `docker-compose`.\n\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftrusch%2Fstackctl","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftrusch%2Fstackctl","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftrusch%2Fstackctl/lists"}