Parameter values not parsed when using docker run --env-file

[heldrida]

Description

Given an environment file where keys have a quoted value:

FOOBAR="12345"
BARFOO="xxxxxxxxxxxxxxxx"

Where in any application context the value when printed is unquoted, e.g. python:

print(os.getenv('FOOBAR'))

12345

The docker run --env-file has an unexpected behaviour, where the output includes the quotes. For example, given the use case above for the same app in-docker the print output would look like:

"12345"

The parser for docker compose confirms that quotes are supported (optionally) as found in https://docs.docker.com/compose/compose-file/05-services/#env_file

Reproduce

Create a env file in the host:

touch .env-test
echo 'FOOBAR="12345"' > .env-test

Docker run ubuntu and execute echo env var in bash :

docker run --rm --name ubuntu-env --env-file .env-test ubuntu bash -c 'echo $FOOBAR'

Dump the value for FOOBAR, which is expected to be 12345 (unquoted), it should:

"12345"

Here, you can assert that the default behaviour is to output it unquoted as follows:

export BARFOO="12345" && echo $BARFOO

12345

Expected behavior

The value should be unquoted as documented for docker compose (https://docs.docker.com/compose/compose-file/05-services/#env_file)

docker version

Client: Docker Engine - Community
 Version:           24.0.5
 API version:       1.43
 Go version:        go1.20.6
 Git commit:        ced0996600
 Built:             Wed Jul 19 19:44:22 2023
 OS/Arch:           darwin/arm64
 Context:           desktop-linux

Server: Docker Desktop 4.24.0 (122432)
 Engine:
  Version:          24.0.6
  API version:      1.43 (minimum version 1.12)
  Go version:       go1.20.7
  Git commit:       1a79695
  Built:            Mon Sep  4 12:31:36 2023
  OS/Arch:          linux/arm64
  Experimental:     false
 containerd:
  Version:          1.6.22
  GitCommit:        8165feabfdfe38c65b599c4993d227328c231fca
 runc:
  Version:          1.1.8
  GitCommit:        v1.1.8-0-g82f18fe
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

docker info

Client: Docker Engine - Community
 Version:    24.0.5
 Context:    desktop-linux
 Debug Mode: false
 Plugins:
  buildx: Docker Buildx (Docker Inc.)
    Version:  v0.11.2-desktop.5
    Path:     /Users/punkbit/.docker/cli-plugins/docker-buildx
  compose: Docker Compose (Docker Inc.)
    Version:  v2.22.0-desktop.2
    Path:     /Users/punkbit/.docker/cli-plugins/docker-compose
  dev: Docker Dev Environments (Docker Inc.)
    Version:  v0.1.0
    Path:     /Users/punkbit/.docker/cli-plugins/docker-dev
  extension: Manages Docker extensions (Docker Inc.)
    Version:  v0.2.20
    Path:     /Users/punkbit/.docker/cli-plugins/docker-extension
  init: Creates Docker-related starter files for your project (Docker Inc.)
    Version:  v0.1.0-beta.8
    Path:     /Users/punkbit/.docker/cli-plugins/docker-init
  sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc.)
    Version:  0.6.0
    Path:     /Users/punkbit/.docker/cli-plugins/docker-sbom
  scan: Docker Scan (Docker Inc.)
    Version:  v0.26.0
    Path:     /Users/punkbit/.docker/cli-plugins/docker-scan
  scout: Docker Scout (Docker Inc.)
    Version:  v1.0.7
    Path:     /Users/punkbit/.docker/cli-plugins/docker-scout

Server:
 Containers: 6
  Running: 2
  Paused: 0
  Stopped: 4
 Images: 3
 Server Version: 24.0.6
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Using metacopy: false
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Cgroup Version: 2
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 8165feabfdfe38c65b599c4993d227328c231fca
 runc version: v1.1.8-0-g82f18fe
 init version: de40ad0
 Security Options:
  seccomp
   Profile: unconfined
  cgroupns
 Kernel Version: 6.4.16-linuxkit
 Operating System: Docker Desktop
 OSType: linux
 Architecture: aarch64
 CPUs: 13
 Total Memory: 7.667GiB
 Name: docker-desktop
 ID: f8fb2bc1-22b9-4f29-8b98-1b9a18286e88
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 HTTP Proxy: http.docker.internal:3128
 HTTPS Proxy: http.docker.internal:3128
 No Proxy: hubproxy.docker.internal
 Experimental: false
 Insecure Registries:
  hubproxy.docker.internal:5555
  127.0.0.0/8
 Live Restore Enabled: false

Additional Info

No response

[thaJeztah]

The value should be unquoted as documented for docker compose (https://docs.docker.com/compose/compose-file/05-services/#env_file)

Unfortunately that format is a breaking change introduced in compose, and I wonder if that change was intentional or because they conflated the format for the .env file and --env-file, which are very different. The --env-file format was designed to be a plain NAME=value, no parsing, and no handling on quotes.

The only processing happening is if a NAME is provided without = / =value, the value of NAME is set from an $NAME env-var if present in the current environment; https://docs.docker.com/engine/reference/commandline/run/#env

[thaJeztah]

It looks like this is a duplicate (or very close to) an existing ticket; let me close this one to prevent the conversation from diverging, but feel free to comment on the other ticket;

• Handle quotes in --env-file values consistently with Linux/WSL2 "source"ing #3630