podman and podman-compose compatibility for tutor - podman lacks support for ls --format json which tutor requires from docker compose

[eirikhanssen]

Problem
We wish to deploy openedx using tutor with podman and podman-compose instead of docker and docker-compose because the docker deamon is not secure enough. In the case of misconfiguration or hidden malware in the application, the docker deamon effectively will have root access and this poses a security risk.

Tried solution
podman and podman-compose which is an alternative to docker, is designed with more security in mind and a container can be run without the risk of gaining root access.

podman lacks support for docker compose ls --format json
However, tutor calls docker-compose with a parameter unsupported by podman and podman-compose, namely docker compose ls --format json

as I understand, docker compose ls --format json will get the running images. I would like tutor to check if docker version is in fact running docker or podman, and if it runs podman, it should interact with podman to get the data it needs for setting up all the containers.

System information

We have installed podman-docker which is supposed to emulate docker-compose CLI and use podman as the backend when using docker commands (such as used by tutor).

OS: Red Hat Enterprise Linux 10
tutor version: 20.0.1
podman version: 5.4.0
podman-compose version: 1.5.0

$ docker version
Client:        Podman Engine
Version:       5.4.0
API Version:   5.4.0
Go Version:    go1.24.6 (Red Hat 1.24.6-1.el10_0)
Built:         Wed Sep 10 02:00:00 2025
Build Origin:  Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
OS/Arch:       linux/amd64

$ docker compose version
>>>> Executing external compose provider "/bin/podman-compose". Please see podman-compose(1) for how to disable this message. <<<<

podman-compose version 1.5.0
podman version 5.4.0

Log when trying tutor local launch

$ tutor local launch
==================================================
        Interactive platform configuration
==================================================
Are you configuring a production platform? Type 'n' if you are just testing Tutor on your local computer [Y/n] Y
Your website domain name for students (LMS) [server.example.com] 
Your website domain name for teachers (CMS) [studio.server.example.com] 
Your platform name/title [servername] 
Your public contact email address [openedx@example.com] 
The default language code for the platform [en] 
Activate SSL/TLS certificates for HTTPS access? Important note: this will NOT work in a development environment. [Y/n] Y
Configuration saved to /opt/openedx/tutor/config.yml
Environment generated in /opt/openedx/tutor/env
======================================
        Building Docker images
======================================
No image to build
==============================================
        Stopping any existing platform
==============================================
docker compose -f /opt/openedx/tutor/env/local/docker-compose.yml -f /opt/openedx/tutor/env/local/docker-compose.prod.yml --project-name tutor_local stop
Error: no container with name or ID "tutor_local_lms-worker_1" found: no such container
Error: no container with name or ID "tutor_local_caddy_1" found: no such container
Error: no container with name or ID "tutor_local_mongodb_1" found: no such container
Error: no container with name or ID "tutor_local_mfe_1" found: no such container
Error: no container with name or ID "tutor_local_permissions_1" found: no such container
Error: no container with name or ID "tutor_local_cms_1" found: no such container
Error: no container with name or ID "tutor_local_cms-worker_1" found: no such container
Error: no container with name or ID "tutor_local_lms_1" found: no such container
Error: no container with name or ID "tutor_local_smtp_1" found: no such container
Error: no container with name or ID "tutor_local_redis_1" found: no such container
Error: no container with name or ID "tutor_local_meilisearch_1" found: no such container
Error: no container with name or ID "tutor_local_mysql_1" found: no such container
======================================================
        Starting the platform in detached mode
======================================================
docker compose -f /opt/openedx/tutor/env/local/docker-compose.yml -f /opt/openedx/tutor/env/dev/docker-compose.yml --project-name tutor_dev ls --format json
usage: podman-compose [-h] [-v] [--in-pod in_pod] [--pod-args pod_args]
                      [--env-file env_file] [-f file] [--profile profile]
                      [-p PROJECT_NAME] [--podman-path PODMAN_PATH]
                      [--podman-args args] [--podman-pull-args args]
                      [--podman-push-args args] [--podman-build-args args]
                      [--podman-inspect-args args] [--podman-run-args args]
                      [--podman-start-args args] [--podman-stop-args args]
                      [--podman-rm-args args] [--podman-volume-args args]
                      [--no-ansi] [--no-cleanup] [--dry-run]
                      [--parallel PARALLEL] [--verbose]
                      {help,version,wait,systemd,pull,push,build,up,down,ps,run,exec,start,stop,restart,logs,config,port,pause,unpause,kill,stats,images}
                      ...
podman-compose: error: argument command: invalid choice: 'ls' (choose from help, version, wait, systemd, pull, push, build, up, down, ps, run, exec, start, stop, restart, logs, config, port, pause, unpause, kill, stats, images)
Error applying action: func=<function _stop_on_local_start at 0x7fd3b2eaafc0> contexts=[]'
Error: Command failed: docker compose -f /opt/openedx/tutor/env/local/docker-compose.yml -f /opt/openedx/tutor/env/dev/docker-compose.yml --project-name tutor_dev ls --format json