From 6b62d53797327c4f64d4efe8214f7611e6dab561 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 4 Oct 2023 12:17:38 +0200 Subject: [PATCH] Consolidated all post-fork updates including dependency bumps and workflow changes --- .all-contributorsrc | 62 +- .github/CODEOWNERS | 16 +- .github/ISSUE_TEMPLATE/bug.yml | 2 +- .github/ISSUE_TEMPLATE/config.yml | 2 +- .github/renovate.json5 | 207 ++++++ .github/workflows/codeql-analysis.yml | 6 +- .github/workflows/dependabot-approve.yml | 2 +- .github/workflows/greetings.yml | 6 +- .github/workflows/publish-docs.yml | 6 +- .github/workflows/pull-request.yml | 33 +- .github/workflows/release-dev.yaml | 20 +- .github/workflows/release.yml | 252 +++---- CONTRIBUTING.md | 24 +- README.md | 212 +++--- build.sh | 2 +- cmd/notify-upgrade.go | 6 +- cmd/root.go | 31 +- dockerfiles/Dockerfile | 2 +- dockerfiles/Dockerfile.dev-self-contained | 2 +- dockerfiles/Dockerfile.self-contained | 4 +- .../container-networking/docker-compose.yml | 4 +- docs/arguments.md | 76 ++- docs/container-selection.md | 1 + docs/http-api-mode.md | 12 +- docs/index.md | 36 +- docs/introduction.md | 3 +- docs/notifications.md | 96 +-- docs/private-registries.md | 46 +- docs/remote-hosts.md | 4 +- docs/running-multiple-instances.md | 42 +- docs/secure-connections.md | 2 +- docs/template-preview.md | 56 +- docs/updating.md | 4 +- docs/usage-overview.md | 12 +- go.mod | 154 +++-- go.sum | 629 +++++------------- goreleaser.yml | 51 +- internal/actions/actions_suite_test.go | 6 +- internal/actions/check.go | 14 +- internal/actions/mocks/client.go | 2 +- internal/actions/mocks/container.go | 4 +- internal/actions/mocks/progress.go | 4 +- internal/actions/update.go | 12 +- internal/actions/update_test.go | 6 +- internal/util/rand_sha256.go | 2 +- main.go | 2 +- mkdocs.yml | 2 +- pkg/api/metrics/metrics.go | 2 +- pkg/api/metrics/metrics_test.go | 12 +- pkg/container/cgroup_id.go | 2 +- pkg/container/client.go | 29 +- pkg/container/client_test.go | 41 +- pkg/container/container.go | 27 +- pkg/container/container_mock_test.go | 15 +- pkg/container/container_test.go | 90 ++- pkg/container/mocks/ApiServer.go | 10 +- pkg/container/mocks/container_ref.go | 2 +- .../mocks/data/container_restarting.json | 15 +- .../mocks/data/container_stopped.json | 15 +- .../mocks/data/container_watchtower.json | 15 +- pkg/container/mocks/data/containers.json | 20 +- pkg/container/mocks/data/image_running.json | 19 +- pkg/container/util_test.go | 2 +- pkg/filters/filters.go | 23 +- pkg/filters/filters_test.go | 49 +- pkg/lifecycle/lifecycle.go | 4 +- pkg/metrics/metrics.go | 2 +- pkg/notifications/email.go | 2 +- pkg/notifications/gotify.go | 2 +- pkg/notifications/json.go | 2 +- pkg/notifications/json_test.go | 2 +- pkg/notifications/model.go | 2 +- pkg/notifications/msteams.go | 2 +- pkg/notifications/notifier.go | 2 +- pkg/notifications/notifier_test.go | 6 +- pkg/notifications/preview/data/data.go | 2 +- pkg/notifications/preview/data/report.go | 2 +- pkg/notifications/preview/data/status.go | 2 +- pkg/notifications/preview/tplprev.go | 8 +- pkg/notifications/shoutrrr.go | 8 +- pkg/notifications/shoutrrr_test.go | 6 +- pkg/notifications/slack.go | 2 +- pkg/registry/auth/auth.go | 6 +- pkg/registry/auth/auth_test.go | 42 +- pkg/registry/digest/digest.go | 8 +- pkg/registry/digest/digest_test.go | 6 +- pkg/registry/helpers/helpers.go | 2 +- pkg/registry/helpers/helpers_test.go | 6 +- pkg/registry/manifest/manifest.go | 6 +- pkg/registry/manifest/manifest_test.go | 16 +- pkg/registry/registry.go | 20 +- pkg/registry/registry_test.go | 6 +- pkg/registry/trust.go | 2 +- pkg/session/container_status.go | 2 +- pkg/session/progress.go | 2 +- pkg/session/report.go | 2 +- pkg/sorter/sort.go | 2 +- scripts/dependency-test.sh | 4 +- tplprev/main.go | 6 +- tplprev/main_wasm.go | 6 +- 100 files changed, 1503 insertions(+), 1264 deletions(-) create mode 100644 .github/renovate.json5 diff --git a/.all-contributorsrc b/.all-contributorsrc index 4c07c48..270f462 100644 --- a/.all-contributorsrc +++ b/.all-contributorsrc @@ -5,6 +5,30 @@ "imageSize": 100, "commit": false, "contributors": [ + { + "login": "piksel", + "name": "nils måsén", + "avatar_url": "https://avatars2.githubusercontent.com/u/807383?v=4", + "profile": "https://piksel.se", + "contributions": [ + "code", + "doc", + "maintenance", + "review" + ] + }, + { + "login": "simskij", + "name": "Simon Aronsson", + "avatar_url": "https://avatars0.githubusercontent.com/u/1596025?v=4", + "profile": "http://simme.dev", + "contributions": [ + "code", + "doc", + "maintenance", + "review" + ] + }, { "login": "Codelica", "name": "James", @@ -273,18 +297,6 @@ "code" ] }, - { - "login": "simskij", - "name": "Simon Aronsson", - "avatar_url": "https://avatars0.githubusercontent.com/u/1596025?v=4", - "profile": "http://simme.dev", - "contributions": [ - "code", - "maintenance", - "review", - "doc" - ] - }, { "login": "Ansem93", "name": "Ansem93", @@ -508,16 +520,6 @@ "doc" ] }, - { - "login": "piksel", - "name": "nils måsén", - "avatar_url": "https://avatars2.githubusercontent.com/u/807383?v=4", - "profile": "https://piksel.se", - "contributions": [ - "doc", - "code" - ] - }, { "login": "arnested", "name": "Arne Jørgensen", @@ -841,6 +843,12 @@ "code" ] }, + { + "login": "andriibratanin", + "name": "Andrii Bratanin", + "avatar_url": "https://avatars.githubusercontent.com/u/20169213?v=4", + "profile": "https://github.com/andriibratanin" + }, { "login": "IAmTamal", "name": "Tamal Das ", @@ -858,6 +866,16 @@ "contributions": [ "doc" ] + }, + { + "login": "nothub", + "name": "Florian Hübner", + "avatar_url": "https://avatars.githubusercontent.com/u/48992448?v=4", + "profile": "http://hub.lol", + "contributions": [ + "doc", + "code" + ] } ], "contributorsPerLine": 7, diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 42fd645..1dda5ed 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,8 +1,8 @@ -pkg/notifications/smtp.go @piksel -pkg/notifications/email.go @piksel -pkg/notifications/shoutrrr.go @piksel @simskij @arnested -pkg/container/* @simskij -pkg/api/* @victorcmoura -.devbots/* @simskij -.github/* @simskij -docs/* @containrrr/watchtower-contributors +pkg/notifications/smtp.go @nicholas-fedor +pkg/notifications/email.go @nicholas-fedor +pkg/notifications/shoutrrr.go @nicholas-fedor +pkg/container/* @nicholas-fedor +pkg/api/* @nicholas-fedor +.devbots/* @nicholas-fedor +.github/* @nicholas-fedor +docs/* @nicholas-fedor/watchtower-contributors diff --git a/.github/ISSUE_TEMPLATE/bug.yml b/.github/ISSUE_TEMPLATE/bug.yml index d4b87f1..1442251 100644 --- a/.github/ISSUE_TEMPLATE/bug.yml +++ b/.github/ISSUE_TEMPLATE/bug.yml @@ -5,7 +5,7 @@ labels: ["Priority: Medium, Status: Available, Type: Bug"] body: - type: markdown attributes: - value: Before submitting your issue, please make sure you're using the containrrr/watchtower:latest image. If not, switch to this image prior to posting your report. Other forks, or the old `v2tec` image are **not** supported. + value: Before submitting your issue, please make sure you're using the nickfedor/watchtower:latest image. If not, switch to this image prior to posting your report. Other forks, or the old `v2tec` image are **not** supported. - type: textarea id: description diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml index 01cc777..4376e73 100644 --- a/.github/ISSUE_TEMPLATE/config.yml +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -1,5 +1,5 @@ blank_issues_enabled: false contact_links: - name: Ask a question - url: https://github.com/containrrr/watchtower/discussions + url: https://github.com/nicholas-fedor/watchtower/discussions about: Ask questions and discuss with other community members diff --git a/.github/renovate.json5 b/.github/renovate.json5 new file mode 100644 index 0000000..6c48677 --- /dev/null +++ b/.github/renovate.json5 @@ -0,0 +1,207 @@ +{ + $schema: 'https://docs.renovatebot.com/renovate-schema.json', + extends: [ + 'config:recommended', + 'docker:enableMajor', + ':disableRateLimiting', + ':dependencyDashboard', + ':semanticCommits', + ':automergeBranch', + ], + dependencyDashboard: true, + dependencyDashboardTitle: 'Renovate Dashboard 🤖', + suppressNotifications: [ + 'prEditedNotification', + 'prIgnoreNotification', + ], + rebaseWhen: 'conflicted', + schedule: [ + 'every weekend', + ], + commitMessageTopic: '{{depName}}', + commitMessageExtra: 'to {{newVersion}}', + commitMessageSuffix: '', + packageRules: [ + { + description: [ + 'Auto merge Github Actions', + ], + matchManagers: [ + 'github-actions', + ], + automerge: true, + automergeType: 'branch', + ignoreTests: true, + matchUpdateTypes: [ + 'minor', + 'patch', + ], + }, + { + matchDatasources: [ + 'docker', + ], + commitMessageTopic: 'image {{depName}}', + }, + { + matchDatasources: [ + 'docker', + ], + matchUpdateTypes: [ + 'major', + ], + commitMessagePrefix: 'feat(container)!: ', + }, + { + matchDatasources: [ + 'docker', + ], + matchUpdateTypes: [ + 'minor', + ], + semanticCommitType: 'feat', + semanticCommitScope: 'container', + }, + { + matchDatasources: [ + 'docker', + ], + matchUpdateTypes: [ + 'patch', + ], + semanticCommitType: 'fix', + semanticCommitScope: 'container', + }, + { + matchDatasources: [ + 'docker', + ], + matchUpdateTypes: [ + 'digest', + ], + semanticCommitType: 'chore', + semanticCommitScope: 'container', + }, + { + matchDatasources: [ + 'github-releases', + 'github-tags', + ], + matchUpdateTypes: [ + 'major', + ], + commitMessagePrefix: 'feat(github-release)!: ', + }, + { + matchDatasources: [ + 'github-releases', + 'github-tags', + ], + matchUpdateTypes: [ + 'minor', + ], + semanticCommitType: 'feat', + semanticCommitScope: 'github-release', + }, + { + matchDatasources: [ + 'github-releases', + 'github-tags', + ], + matchUpdateTypes: [ + 'patch', + ], + semanticCommitType: 'fix', + semanticCommitScope: 'github-release', + }, + { + matchManagers: [ + 'github-actions', + ], + matchUpdateTypes: [ + 'major', + ], + commitMessagePrefix: 'feat(github-action)!: ', + }, + { + matchManagers: [ + 'github-actions', + ], + matchUpdateTypes: [ + 'minor', + ], + semanticCommitType: 'feat', + semanticCommitScope: 'github-action', + }, + { + matchManagers: [ + 'github-actions', + ], + matchUpdateTypes: [ + 'patch', + ], + semanticCommitType: 'fix', + semanticCommitScope: 'github-action', + }, + { + matchUpdateTypes: [ + 'major', + ], + labels: [ + 'type/major', + ], + }, + { + matchUpdateTypes: [ + 'minor', + ], + labels: [ + 'type/minor', + ], + }, + { + matchUpdateTypes: [ + 'patch', + ], + labels: [ + 'type/patch', + ], + }, + { + matchDatasources: [ + 'docker', + ], + addLabels: [ + 'renovate/container', + ], + }, + { + matchDatasources: [ + 'github-releases', + 'github-tags', + ], + addLabels: [ + 'renovate/github-release', + ], + }, + { + matchManagers: [ + 'github-actions', + ], + addLabels: [ + 'renovate/github-action', + ], + }, + ], + customManagers: [ + { + customType: "regex", + description: ["Process custom Docker dependencies"], + fileMatch: ["^Dockerfile$"], // Match only Dockerfile for Watchtower + matchStrings: [ + "FROM (?[^\\s]+)(?:[^\\s]+)?\\s*", // Simplified for Docker images + ], + datasourceTemplate: "docker", + }, + ], +} diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 8f0c724..c479d05 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -44,7 +44,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -55,7 +55,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v2 + uses: github/codeql-action/autobuild@v3 # ℹ️ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -69,4 +69,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/dependabot-approve.yml b/.github/workflows/dependabot-approve.yml index 46f9d18..1574b1a 100644 --- a/.github/workflows/dependabot-approve.yml +++ b/.github/workflows/dependabot-approve.yml @@ -9,4 +9,4 @@ jobs: pull-requests: write if: github.actor == 'dependabot[bot]' steps: - - uses: hmarr/auto-approve-action@v3 + - uses: hmarr/auto-approve-action@v4 diff --git a/.github/workflows/greetings.yml b/.github/workflows/greetings.yml index 83ff8a0..f2d6ab1 100644 --- a/.github/workflows/greetings.yml +++ b/.github/workflows/greetings.yml @@ -1,7 +1,7 @@ name: Greetings on: - # Runs in the context of the target (containrrr/watchtower) repository, and as such has access to GITHUB_TOKEN + # Runs in the context of the target (nicholas-fedor/watchtower) repository, and as such has access to GITHUB_TOKEN pull_request_target: types: [opened] issues: @@ -16,8 +16,8 @@ jobs: repo-token: ${{ secrets.GITHUB_TOKEN }} issue-message: > Hi there! 👋🏼 - As you're new to this repo, we'd like to suggest that you read our [code of conduct](https://github.com/containrrr/.github/blob/master/CODE_OF_CONDUCT.md) - as well as our [contribution guidelines](https://github.com/containrrr/watchtower/blob/master/CONTRIBUTING.md). + As you're new to this repo, we'd like to suggest that you read our [code of conduct](https://github.com/nicholas-fedor/.github/blob/master/CODE_OF_CONDUCT.md) + as well as our [contribution guidelines](https://github.com/nicholas-fedor/watchtower/blob/master/CONTRIBUTING.md). Thanks a bunch for opening your first issue! 🙏 pr-message: > Congratulations on opening your first pull request! We'll get back to you as soon as possible. In the meantime, please make sure you've updated the documentation to reflect your changes and have added test automation as needed. Thanks! 🙏🏼 diff --git a/.github/workflows/publish-docs.yml b/.github/workflows/publish-docs.yml index 9204541..040f0dc 100644 --- a/.github/workflows/publish-docs.yml +++ b/.github/workflows/publish-docs.yml @@ -18,13 +18,13 @@ jobs: with: fetch-depth: 0 - name: Set up Go - uses: actions/setup-go@v4 + uses: actions/setup-go@v5 with: - go-version: 1.18.x + go-version: 1.23.x - name: Build tplprev run: scripts/build-tplprev.sh - name: Setup python - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: '3.10' cache: 'pip' diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index 819a554..062e212 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -6,6 +6,9 @@ on: branches: - main +permissions: + contents: read + jobs: lint: name: Lint @@ -16,12 +19,12 @@ jobs: with: fetch-depth: 0 - name: Set up Go - uses: actions/setup-go@v4 + uses: actions/setup-go@v5 with: - go-version: 1.18.x - - uses: dominikh/staticcheck-action@ba605356b4b29a60e87ab9404b712f3461e566dc #v1.3.0 + go-version: 1.23.x + - uses: dominikh/staticcheck-action@v1.3.1 with: - version: "2022.1.1" + # version: "2024.1.1" install-go: "false" # StaticCheck uses go v1.17 which does not support `any` test: name: Test @@ -29,7 +32,7 @@ jobs: fail-fast: false matrix: go-version: - - 1.18.x + - 1.23.x platform: - macos-latest - windows-latest @@ -41,16 +44,16 @@ jobs: with: fetch-depth: 0 - name: Set up Go - uses: actions/setup-go@v4 + uses: actions/setup-go@v5 with: - go-version: 1.18.x + go-version: 1.23.x - name: Run tests run: | go test -v -coverprofile coverage.out -covermode atomic ./... - - name: Publish coverage - uses: codecov/codecov-action@v3 - with: - token: ${{ secrets.CODECOV_TOKEN }} + # - name: Publish coverage + # uses: codecov/codecov-action@v5 + # with: + # token: ${{ secrets.CODECOV_TOKEN }} build: name: Build runs-on: ubuntu-latest @@ -60,11 +63,11 @@ jobs: with: fetch-depth: 0 - name: Set up Go - uses: actions/setup-go@v4 + uses: actions/setup-go@v5 with: - go-version: 1.18.x + go-version: 1.23.x - name: Build - uses: goreleaser/goreleaser-action@7ec5c2b0c6cdda6e8bbb49444bc797dd33d74dd8 #v3 + uses: goreleaser/goreleaser-action@9ed2f89a662bf1735a48bc8557fd212fa902bebf # v6 with: - version: v0.155.0 + version: '~> v2' args: --snapshot --skip-publish --debug diff --git a/.github/workflows/release-dev.yaml b/.github/workflows/release-dev.yaml index df97308..94867f7 100644 --- a/.github/workflows/release-dev.yaml +++ b/.github/workflows/release-dev.yaml @@ -11,10 +11,12 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - name: Set up Go - uses: actions/setup-go@v4 with: - go-version: 1.18 + fetch-depth: 0 + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: 1.23.x - name: Build run: ./build.sh test: @@ -22,13 +24,13 @@ jobs: steps: - uses: actions/checkout@v4 - name: Set up Go - uses: actions/setup-go@v4 + uses: actions/setup-go@v5 with: - go-version: 1.18 + go-version: 1.23.x - name: Test - run: go test -v -coverprofile coverage.out -covermode atomic ./... + run: go test -v -coverprofile coverage.out -covermode atomic ./... - name: Publish coverage - uses: codecov/codecov-action@v3 + uses: codecov/codecov-action@v5 with: token: ${{ secrets.CODECOV_TOKEN }} publish: @@ -44,7 +46,7 @@ jobs: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_PASSWORD }} file: dockerfiles/Dockerfile.self-contained - repository: containrrr/watchtower + repository: nickfedor/watchtower tags: latest-dev - name: Publish to GHCR uses: jerray/publish-docker-action@87d84711629b0dc9f6bb127b568413cc92a2088e #master@2022-10-14 @@ -53,5 +55,5 @@ jobs: password: ${{ secrets.BOT_GHCR_PAT }} file: dockerfiles/Dockerfile.self-contained registry: ghcr.io - repository: containrrr/watchtower + repository: nicholas-fedor/watchtower tags: latest-dev diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b6ef374..295f205 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -2,37 +2,31 @@ name: Release (Production) on: workflow_dispatch: {} - release: - types: - - created + push: tags: - - 'v[0-9]+.[0-9]+.[0-9]+' - - '**/v[0-9]+.[0-9]+.[0-9]+' + - "v[0-9]+.[0-9]+.[0-9]+" + - "**/v[0-9]+.[0-9]+.[0-9]+" jobs: lint: name: Lint runs-on: ubuntu-latest steps: - - name: Checkout - uses: actions/checkout@v4 + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 with: - fetch-depth: 0 - - name: Set up Go - uses: actions/setup-go@v4 + go-version: stable + - name: golangci-lint + uses: golangci/golangci-lint-action@v6 with: - go-version: 1.18.x - - uses: dominikh/staticcheck-action@ba605356b4b29a60e87ab9404b712f3461e566dc #v1.3.0 - with: - version: "2022.1.1" - install-go: "false" # StaticCheck uses go v1.17 which does not support `any` + version: v1.60 test: name: Test strategy: matrix: go-version: - - 1.18.x + - 1.23.x platform: - ubuntu-latest - macos-latest @@ -44,9 +38,9 @@ jobs: with: fetch-depth: 0 - name: Set up Go - uses: actions/setup-go@v4 + uses: actions/setup-go@v5 with: - go-version: 1.18.x + go-version: 1.23.x - name: Run tests run: | go test ./... -coverprofile coverage.out @@ -54,146 +48,154 @@ jobs: build: name: Build runs-on: ubuntu-latest - needs: + permissions: + packages: write + contents: read + attestations: write + id-token: write + needs: - test - lint env: CGO_ENABLED: 0 - TAG: ${{ github.event.release.tag_name }} + TAG: ${{ github.ref_name }} steps: - name: Checkout uses: actions/checkout@v4 with: fetch-depth: 0 + - name: Set up Go - uses: actions/setup-go@v4 + uses: actions/setup-go@v5 with: - go-version: 1.18.x + go-version: 1.23.x + - name: Login to Docker Hub - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc #v2 + uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Login to GHCR - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc #v2 + uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3 with: - username: ${{ secrets.BOT_USERNAME }} - password: ${{ secrets.BOT_GHCR_PAT }} registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Build - uses: goreleaser/goreleaser-action@7ec5c2b0c6cdda6e8bbb49444bc797dd33d74dd8 #v3 + uses: goreleaser/goreleaser-action@9ed2f89a662bf1735a48bc8557fd212fa902bebf # v6.1 with: version: v0.155.0 args: --debug env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_TOKEN: ${{ secrets.BOT_GHCR_PAT }} + - name: Enable experimental docker features run: | mkdir -p ~/.docker/ && \ echo '{"experimental": "enabled"}' > ~/.docker/config.json - - name: Create manifest for version - run: | - export DH_TAG=$(echo $TAG | sed 's/^v*//') - docker manifest create \ - containrrr/watchtower:$DH_TAG \ - containrrr/watchtower:amd64-$DH_TAG \ - containrrr/watchtower:i386-$DH_TAG \ - containrrr/watchtower:armhf-$DH_TAG \ - containrrr/watchtower:arm64v8-$DH_TAG - docker manifest create \ - ghcr.io/containrrr/watchtower:$DH_TAG \ - ghcr.io/containrrr/watchtower:amd64-$DH_TAG \ - ghcr.io/containrrr/watchtower:i386-$DH_TAG \ - ghcr.io/containrrr/watchtower:armhf-$DH_TAG \ - ghcr.io/containrrr/watchtower:arm64v8-$DH_TAG - - name: Annotate manifest for version - run: | - for REPO in '' ghcr.io/ ; do - - docker manifest annotate \ - ${REPO}containrrr/watchtower:$(echo $TAG | sed 's/^v*//') \ - ${REPO}containrrr/watchtower:i386-$(echo $TAG | sed 's/^v*//') \ - --os linux \ - --arch 386 - - docker manifest annotate \ - ${REPO}containrrr/watchtower:$(echo $TAG | sed 's/^v*//') \ - ${REPO}containrrr/watchtower:armhf-$(echo $TAG | sed 's/^v*//') \ - --os linux \ - --arch arm - - docker manifest annotate \ - ${REPO}containrrr/watchtower:$(echo $TAG | sed 's/^v*//') \ - ${REPO}containrrr/watchtower:arm64v8-$(echo $TAG | sed 's/^v*//') \ - --os linux \ - --arch arm64 \ - --variant v8 - - done - - name: Create manifest for latest - run: | - docker manifest create \ - containrrr/watchtower:latest \ - containrrr/watchtower:amd64-latest \ - containrrr/watchtower:i386-latest \ - containrrr/watchtower:armhf-latest \ - containrrr/watchtower:arm64v8-latest - docker manifest create \ - ghcr.io/containrrr/watchtower:latest \ - ghcr.io/containrrr/watchtower:amd64-latest \ - ghcr.io/containrrr/watchtower:i386-latest \ - ghcr.io/containrrr/watchtower:armhf-latest \ - ghcr.io/containrrr/watchtower:arm64v8-latest - - name: Annotate manifest for latest - run: | - for REPO in '' ghcr.io/ ; do - docker manifest annotate \ - ${REPO}containrrr/watchtower:latest \ - ${REPO}containrrr/watchtower:i386-latest \ - --os linux \ - --arch 386 - - docker manifest annotate \ - ${REPO}containrrr/watchtower:latest \ - ${REPO}containrrr/watchtower:armhf-latest \ - --os linux \ - --arch arm - - docker manifest annotate \ - ${REPO}containrrr/watchtower:latest \ - ${REPO}containrrr/watchtower:arm64v8-latest \ - --os linux \ - --arch arm64 \ - --variant v8 + - name: Create GHCR manifests for version and latest and push to GHCR + env: + GHCR_USER: ${{ secrets.BOT_USERNAME }} + GHCR_TOKEN: ${{ secrets.BOT_GHCR_PAT }} + run: | + echo $GHCR_TOKEN | docker login ghcr.io -u $GHCR_USER --password-stdin && \ + export DH_TAG=$(git tag --points-at HEAD | sed 's/^v*//') && \ - done - - name: Push manifests to Dockerhub + # Create latest manifest + docker manifest create \ + ghcr.io/nicholas-fedor/watchtower:latest \ + ghcr.io/nicholas-fedor/watchtower:amd64-latest \ + ghcr.io/nicholas-fedor/watchtower:i386-latest \ + ghcr.io/nicholas-fedor/watchtower:armhf-latest \ + ghcr.io/nicholas-fedor/watchtower:arm64v8-latest + + # Create versioned manifest + docker manifest create \ + ghcr.io/nicholas-fedor/watchtower:$DH_TAG \ + ghcr.io/nicholas-fedor/watchtower:amd64-$DH_TAG \ + ghcr.io/nicholas-fedor/watchtower:i386-$DH_TAG \ + ghcr.io/nicholas-fedor/watchtower:armhf-$DH_TAG \ + ghcr.io/nicholas-fedor/watchtower:arm64v8-$DH_TAG + + # Latest manifest annotation + # for REPO in '' ghcr.io/ ; do + + # docker manifest annotate \ + # ${REPO}nicholas-fedor/watchtower:latest \ + # ${REPO}nicholas-fedor/watchtower:i386-latest \ + # --os linux \ + # --arch 386 + + # docker manifest annotate \ + # ${REPO}nicholas-fedor/watchtower:latest \ + # ${REPO}nicholas-fedor/watchtower:armhf-latest \ + # --os linux \ + # --arch arm + + # docker manifest annotate \ + # ${REPO}nicholas-fedor/watchtower:latest \ + # ${REPO}nicholas-fedor/watchtower:arm64v8-latest \ + # --os linux \ + # --arch arm64 \ + # --variant v8 + + # done + + # Versioned manifest annotation + # for REPO in '' ghcr.io/ ; do + + # docker manifest annotate \ + # ${REPO}nicholas-fedor/watchtower:$(echo $TAG | sed 's/^v*//') \ + # ${REPO}nicholas-fedor/watchtower:i386-$(echo $TAG | sed 's/^v*//') \ + # --os linux \ + # --arch 386 + + # docker manifest annotate \ + # ${REPO}nicholas-fedor/watchtower:$(echo $TAG | sed 's/^v*//') \ + # ${REPO}nicholas-fedor/watchtower:armhf-$(echo $TAG | sed 's/^v*//') \ + # --os linux \ + # --arch arm + + # docker manifest annotate \ + # ${REPO}nicholas-fedor/watchtower:$(echo $TAG | sed 's/^v*//') \ + # ${REPO}nicholas-fedor/watchtower:arm64v8-$(echo $TAG | sed 's/^v*//') \ + # --os linux \ + # --arch arm64 \ + # --variant v8 + + # done + + # Push manifests to GHCR + docker manifest push ghcr.io/nicholas-fedor/watchtower:latest + docker manifest push ghcr.io/nicholas-fedor/watchtower:$(echo $TAG | sed 's/^v*//') + + - name: Create Docker Hub manifests for version and latest and push to Docker Hub env: DOCKER_USER: ${{ secrets.DOCKERHUB_USERNAME }} DOCKER_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} run: | - docker login -u $DOCKER_USER -p $DOCKER_TOKEN && \ - docker manifest push containrrr/watchtower:$(echo $TAG | sed 's/^v*//') && \ - docker manifest push containrrr/watchtower:latest - - name: Push manifests to GitHub Container Registry - env: - DOCKER_USER: ${{ secrets.BOT_USERNAME }} - DOCKER_TOKEN: ${{ secrets.BOT_GHCR_PAT }} - run: | - docker login -u $DOCKER_USER -p $DOCKER_TOKEN ghcr.io && \ - docker manifest push ghcr.io/containrrr/watchtower:$(echo $TAG | sed 's/^v*//') && \ - docker manifest push ghcr.io/containrrr/watchtower:latest + echo $DOCKER_TOKEN | docker login -u $DOCKER_USER --password-stdin && \ + export DH_TAG=$(git tag --points-at HEAD | sed 's/^v*//') && \ - renew-docs: - name: Refresh pkg.go.dev - needs: build - runs-on: ubuntu-latest - steps: - - name: Pull new module version - uses: andrewslotin/go-proxy-pull-action@50fea06a976087614babb9508e5c528b464f4645 #master@2022-10-14 + # Create latest manifest + docker manifest create \ + nickfedor/watchtower:latest \ + nickfedor/watchtower:amd64-latest \ + nickfedor/watchtower:i386-latest \ + nickfedor/watchtower:armhf-latest \ + nickfedor/watchtower:arm64v8-latest - - + # Create versioned manifest + docker manifest create \ + nickfedor/watchtower:$DH_TAG \ + nickfedor/watchtower:amd64-$DH_TAG \ + nickfedor/watchtower:i386-$DH_TAG \ + nickfedor/watchtower:armhf-$DH_TAG \ + nickfedor/watchtower:arm64v8-$DH_TAG - + # Push manifests to Docker Hub + docker manifest push nickfedor/watchtower:latest + docker manifest push nickfedor/watchtower:$(echo $TAG | sed 's/^v*//') diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 0202384..cc54b5d 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,25 +1,31 @@ ## Prerequisites + To contribute code changes to this project you will need the following development kits. - * [Go](https://golang.org/doc/install) - * [Docker](https://docs.docker.com/engine/installation/) - + +* [Go](https://golang.org/doc/install) +* [Docker](https://docs.docker.com/engine/installation/) + As watchtower utilizes go modules for vendor locking, you'll need at least Go 1.11. You can check your current version of the go language as follows: + ```bash ~ $ go version go version go1.12.1 darwin/amd64 ``` - ## Checking out the code + Do not place your code in the go source path. + ```bash git clone git@github.com:/watchtower.git cd watchtower ``` ## Building and testing + watchtower is a go application and is built with go commands. The following commands assume that you are at the root level of your repo. + ```bash go build # compiles and packages an executable binary, watchtower go test ./... -v # runs tests with verbose output @@ -29,10 +35,12 @@ go test ./... -v # runs tests with verbose output If you dont have it enabled, you'll either have to prefix each command with `GO111MODULE=on` or run `export GO111MODULE=on` before running the commands. [You can read more about modules here.](https://github.com/golang/go/wiki/Modules) To build a Watchtower image of your own, use the self-contained Dockerfiles. As the main Dockerfile, they can be found in `dockerfiles/`: -- `dockerfiles/Dockerfile.dev-self-contained` will build an image based on your current local Watchtower files. -- `dockerfiles/Dockerfile.self-contained` will build an image based on current Watchtower's repository on GitHub. + +* `dockerfiles/Dockerfile.dev-self-contained` will build an image based on your current local Watchtower files. +* `dockerfiles/Dockerfile.self-contained` will build an image based on current Watchtower's repository on GitHub. e.g.: + ```bash -sudo docker build . -f dockerfiles/Dockerfile.dev-self-contained -t containrrr/watchtower # to build an image from local files -``` \ No newline at end of file +sudo docker build . -f dockerfiles/Dockerfile.dev-self-contained -t nickfedor/watchtower # to build an image from local files +``` diff --git a/README.md b/README.md index ba6642d..4514506 100644 --- a/README.md +++ b/README.md @@ -1,38 +1,40 @@
- # Watchtower +# Watchtower A process for automating Docker container base image updates.

- [![Circle CI](https://circleci.com/gh/containrrr/watchtower.svg?style=shield)](https://circleci.com/gh/containrrr/watchtower) - [![codecov](https://codecov.io/gh/containrrr/watchtower/branch/main/graph/badge.svg)](https://codecov.io/gh/containrrr/watchtower) - [![GoDoc](https://godoc.org/github.com/containrrr/watchtower?status.svg)](https://godoc.org/github.com/containrrr/watchtower) - [![Go Report Card](https://goreportcard.com/badge/github.com/containrrr/watchtower)](https://goreportcard.com/report/github.com/containrrr/watchtower) - [![latest version](https://img.shields.io/github/tag/containrrr/watchtower.svg)](https://github.com/containrrr/watchtower/releases) - [![Apache-2.0 License](https://img.shields.io/github/license/containrrr/watchtower.svg)](https://www.apache.org/licenses/LICENSE-2.0) - [![Codacy Badge](https://app.codacy.com/project/badge/Grade/1c48cfb7646d4009aa8c6f71287670b8)](https://www.codacy.com/gh/containrrr/watchtower/dashboard?utm_source=github.com&utm_medium=referral&utm_content=containrrr/watchtower&utm_campaign=Badge_Grade) - [![All Contributors](https://img.shields.io/github/all-contributors/containrrr/watchtower)](#contributors) - [![Pulls from DockerHub](https://img.shields.io/docker/pulls/containrrr/watchtower.svg)](https://hub.docker.com/r/containrrr/watchtower) + [![codecov](https://codecov.io/gh/nicholas-fedor/watchtower/branch/main/graph/badge.svg)](https://codecov.io/gh/nicholas-fedor/watchtower) + [![GoDoc](https://godoc.org/github.com/nicholas-fedor/watchtower?status.svg)](https://godoc.org/github.com/nicholas-fedor/watchtower) + [![Go Report Card](https://goreportcard.com/badge/github.com/nicholas-fedor/watchtower)](https://goreportcard.com/report/github.com/nicholas-fedor/watchtower) + [![latest version](https://img.shields.io/github/tag/nicholas-fedor/watchtower.svg)](https://github.com/nicholas-fedor/watchtower/releases) + [![Apache-2.0 License](https://img.shields.io/github/license/nicholas-fedor/watchtower.svg)](https://www.apache.org/licenses/LICENSE-2.0) + [![Codacy Badge](https://app.codacy.com/project/badge/Grade/1c48cfb7646d4009aa8c6f71287670b8)](https://www.codacy.com/gh/nicholas-fedor/watchtower/dashboard?utm_source=github.com&utm_medium=referral&utm_content=nicholas-fedor/watchtower&utm_campaign=Badge_Grade) + [![All Contributors](https://img.shields.io/github/all-contributors/nicholas-fedor/watchtower)](#contributors) + [![Pulls from DockerHub](https://img.shields.io/docker/pulls/nickfedor/watchtower.svg)](https://hub.docker.com/r/nickfedor/watchtower)
## Quick Start -With watchtower you can update the running version of your containerized app simply by pushing a new image to the Docker Hub or your own image registry. +With watchtower you can update the running version of your containerized app simply by pushing a new image to the Docker Hub or your own image registry. Watchtower will pull down your new image, gracefully shut down your existing container and restart it with the same options that were used when it was deployed initially. Run the watchtower container with the following command: -``` +```console $ docker run --detach \ --name watchtower \ --volume /var/run/docker.sock:/var/run/docker.sock \ - containrrr/watchtower + nickfedor/watchtower ``` +Watchtower is intended to be used in homelabs, media centers, local dev environments, and similar. We do **not** recommend using Watchtower in a commercial or production environment. If that is you, you should be looking into using Kubernetes. If that feels like too big a step for you, please look into solutions like [MicroK8s](https://microk8s.io/) and [k3s](https://k3s.io/) that take away a lot of the toil of running a Kubernetes cluster. + ## Documentation -The full documentation is available at https://containrrr.dev/watchtower. + +The full documentation is available at . ## Contributors @@ -44,124 +46,126 @@ Thanks goes to these wonderful people ([emoji key](https://allcontributors.org/d - - - - - - - + + + + + + + - - + + + + - - - - + + - + + + - - - - - + + + - - - - - - - + + + + + + + - - - - - - - + + + + + + + - - - - - - - + + + + + + + - - - - - - - + + + + + + + - - - - - - - + + + + + + + - - - - - - - + + + + + + + - - - - - - - + + + + + + + - - - - - - - + + + + + + + - - - - - - - + + + + + + + - - - - - - - + + + + + + + - + + +
James
James
⚠️ 🤔		Florian
Florian
👀 📖		Brian DeHamer
Brian DeHamer
💻 🚧		Ross Cadogan
Ross Cadogan
💻		stffabi
stffabi
💻 🚧		Austin
Austin
📖		David Gardner
David Gardner
👀 📖		nils måsén
nils måsén
💻 📖 🚧 👀		Simon Aronsson
Simon Aronsson
💻 📖 🚧 👀		James
James
⚠️ 🤔		Florian
Florian
👀 📖		Brian DeHamer
Brian DeHamer
💻 🚧		Ross Cadogan
Ross Cadogan
💻		stffabi
stffabi
💻 🚧
Tanguy ⧓ Herrmann
Tanguy ⧓ Herrmann
💻		Rodrigo Damazio Bovendorp
Rodrigo Damazio Bovendorp
💻 📖		Austin
Austin
📖		David Gardner
David Gardner
👀 📖		Tanguy ⧓ Herrmann
Tanguy ⧓ Herrmann
💻		Rodrigo Damazio Bovendorp
Rodrigo Damazio Bovendorp
💻 📖		 Ryan Kuba
Ryan Kuba
🚇		cnrmck
cnrmck
📖		Harry Walter
Harry Walter
💻		Robotex
Robotex
📖		Gerald Pape
Gerald Pape
📖		cnrmck
cnrmck
📖		Harry Walter
Harry Walter
💻
fomk
fomk
💻		Robotex
Robotex
📖		Gerald Pape
Gerald Pape
📖		fomk
fomk
💻		 Sven Gottwald
Sven Gottwald
🚇		techknowlogick
techknowlogick
💻		waja
waja
📖		Scott Albertson
Scott Albertson
📖		Jason Huddleston
Jason Huddleston
📖		Napster
Napster
💻		techknowlogick
techknowlogick
💻		waja
waja
📖		Scott Albertson
Scott Albertson
📖
Maxim
Maxim
💻 📖		Max Schmitt
Max Schmitt
📖		cron410
cron410
📖		Paulo Henrique
Paulo Henrique
📖		Kaleb Elwert
Kaleb Elwert
📖		Bill Butler
Bill Butler
📖		Mario Tacke
Mario Tacke
💻		Jason Huddleston
Jason Huddleston
📖		Napster
Napster
💻		Maxim
Maxim
💻 📖		Max Schmitt
Max Schmitt
📖		cron410
cron410
📖		Paulo Henrique
Paulo Henrique
📖		Kaleb Elwert
Kaleb Elwert
📖
Mark Woodbridge
Mark Woodbridge
💻		Simon Aronsson
Simon Aronsson
💻 🚧 👀 📖		Ansem93
Ansem93
📖		Luka Peschke
Luka Peschke
💻 📖		Zois Pagoulatos
Zois Pagoulatos
💻 👀 🚧		Alexandre Menif
Alexandre Menif
💻		Andrey
Andrey
📖		Bill Butler
Bill Butler
📖		Mario Tacke
Mario Tacke
💻		Mark Woodbridge
Mark Woodbridge
💻		Ansem93
Ansem93
📖		Luka Peschke
Luka Peschke
💻 📖		Zois Pagoulatos
Zois Pagoulatos
💻 👀 🚧		Alexandre Menif
Alexandre Menif
💻
Armando Lüscher
Armando Lüscher
📖		Ryan Budke
Ryan Budke
📖		Kaloyan Raev
Kaloyan Raev
💻 ⚠️		sixth
sixth
📖		Gina Häußge
Gina Häußge
💻		Max H.
Max H.
💻		Jungkook Park
Jungkook Park
📖		Andrey
Andrey
📖		Armando Lüscher
Armando Lüscher
📖		Ryan Budke
Ryan Budke
📖		Kaloyan Raev
Kaloyan Raev
💻 ⚠️		sixth
sixth
📖		Gina Häußge
Gina Häußge
💻		Max H.
Max H.
💻
Jan Kristof Nidzwetzki
Jan Kristof Nidzwetzki
📖		lukas
lukas
💻		Ameya Shenoy
Ameya Shenoy
💻		Raymon de Looff
Raymon de Looff
💻		John Clayton
John Clayton
💻		Germs2004
Germs2004
📖		Lukas Willburger
Lukas Willburger
💻		Jungkook Park
Jungkook Park
📖		Jan Kristof Nidzwetzki
Jan Kristof Nidzwetzki
📖		lukas
lukas
💻		Ameya Shenoy
Ameya Shenoy
💻		Raymon de Looff
Raymon de Looff
💻		John Clayton
John Clayton
💻		Germs2004
Germs2004
📖
Oliver Cervera
Oliver Cervera
📖		Victor Moura
Victor Moura
⚠️ 💻 📖		Maximilian Brandau
Maximilian Brandau
💻 ⚠️		Andrew
Andrew
📖		sixcorners
sixcorners
📖		nils måsén
nils måsén
📖 💻		Arne Jørgensen
Arne Jørgensen
⚠️ 👀		Lukas Willburger
Lukas Willburger
💻		Oliver Cervera
Oliver Cervera
📖		Victor Moura
Victor Moura
⚠️ 💻 📖		Maximilian Brandau
Maximilian Brandau
💻 ⚠️		Andrew
Andrew
📖		sixcorners
sixcorners
📖		Arne Jørgensen
Arne Jørgensen
⚠️ 👀
PatSki123
PatSki123
📖		Valentine Zavadsky
Valentine Zavadsky
💻 📖 ⚠️		Alexander Voronin
Alexander Voronin
💻 🐛		Oliver Mueller
Oliver Mueller
📖		Sebastiaan Tammer
Sebastiaan Tammer
💻		miosame
miosame
📖		Andrew Metzger
Andrew Metzger
🐛 💡		PatSki123
PatSki123
📖		Valentine Zavadsky
Valentine Zavadsky
💻 📖 ⚠️		Alexander Voronin
Alexander Voronin
💻 🐛		Oliver Mueller
Oliver Mueller
📖		Sebastiaan Tammer
Sebastiaan Tammer
💻		miosame
miosame
📖		Andrew Metzger
Andrew Metzger
🐛 💡
Pierre Grimaud
Pierre Grimaud
📖		Matt Doran
Matt Doran
📖		MihailITPlace
MihailITPlace
💻		bugficks
bugficks
💻 📖		Michael
Michael
💻		D. Domig
D. Domig
📖		Ben Osheroff
Ben Osheroff
💻		Pierre Grimaud
Pierre Grimaud
📖		Matt Doran
Matt Doran
📖		MihailITPlace
MihailITPlace
💻		bugficks
bugficks
💻 📖		Michael
Michael
💻		D. Domig
D. Domig
📖		Ben Osheroff
Ben Osheroff
💻
David H.
David H.
💻		Chander Ganesan
Chander Ganesan
📖		yrien30
yrien30
💻		ksurl
ksurl
📖 💻 🚇		rg9400
rg9400
💻		Turtle Kalus
Turtle Kalus
💻		Srihari Thalla
Srihari Thalla
📖		David H.
David H.
💻		Chander Ganesan
Chander Ganesan
📖		yrien30
yrien30
💻		ksurl
ksurl
📖 💻 🚇		rg9400
rg9400
💻		Turtle Kalus
Turtle Kalus
💻		Srihari Thalla
Srihari Thalla
📖
Thomas Gaudin
Thomas Gaudin
📖		hydrargyrum
hydrargyrum
📖		Reinout van Rees
Reinout van Rees
📖		DasSkelett
DasSkelett
💻		zenjabba
zenjabba
📖		Dan Quan
Dan Quan
📖		modem7
modem7
📖		Thomas Gaudin
Thomas Gaudin
📖		hydrargyrum
hydrargyrum
📖		Reinout van Rees
Reinout van Rees
📖		DasSkelett
DasSkelett
💻		zenjabba
zenjabba
📖		Dan Quan
Dan Quan
📖		modem7
modem7
📖
Igor Zibarev
Igor Zibarev
💻		Patrice
Patrice
💻		James White
James White
📖		Dirk Kok
Dirk Kok
💻		EDIflyer
EDIflyer
📖		Jauder Ho
Jauder Ho
💻		Tamal Das
Tamal Das
📖		Igor Zibarev
Igor Zibarev
💻		Patrice
Patrice
💻		James White
James White
📖		Dirk Kok
Dirk Kok
💻		EDIflyer
EDIflyer
📖		Jauder Ho
Jauder Ho
💻		Tamal Das
Tamal Das
📖
guangwu
guangwu
📖		guangwu
guangwu
📖		Florian Hübner
Florian Hübner
📖 💻
Andrii Bratanin
📖
diff --git a/build.sh b/build.sh index 78b1bfc..79745f7 100755 --- a/build.sh +++ b/build.sh @@ -6,4 +6,4 @@ if [ -n "$MSYSTEM" ]; then fi VERSION=$(git describe --tags) echo "Building $VERSION..." -go build -o $BINFILE -ldflags "-X github.com/containrrr/watchtower/internal/meta.Version=$VERSION" +go build -o $BINFILE -ldflags "-X github.com/nicholas-fedor/watchtower/internal/meta.Version=$VERSION" diff --git a/cmd/notify-upgrade.go b/cmd/notify-upgrade.go index 9991ee6..4edd2bc 100644 --- a/cmd/notify-upgrade.go +++ b/cmd/notify-upgrade.go @@ -9,9 +9,9 @@ import ( "syscall" "time" - "github.com/containrrr/watchtower/internal/flags" - "github.com/containrrr/watchtower/pkg/container" - "github.com/containrrr/watchtower/pkg/notifications" + "github.com/nicholas-fedor/watchtower/internal/flags" + "github.com/nicholas-fedor/watchtower/pkg/container" + "github.com/nicholas-fedor/watchtower/pkg/notifications" "github.com/spf13/cobra" ) diff --git a/cmd/root.go b/cmd/root.go index 48961d2..f8ceb3b 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -11,17 +11,17 @@ import ( "syscall" "time" - "github.com/containrrr/watchtower/internal/actions" - "github.com/containrrr/watchtower/internal/flags" - "github.com/containrrr/watchtower/internal/meta" - "github.com/containrrr/watchtower/pkg/api" - apiMetrics "github.com/containrrr/watchtower/pkg/api/metrics" - "github.com/containrrr/watchtower/pkg/api/update" - "github.com/containrrr/watchtower/pkg/container" - "github.com/containrrr/watchtower/pkg/filters" - "github.com/containrrr/watchtower/pkg/metrics" - "github.com/containrrr/watchtower/pkg/notifications" - t "github.com/containrrr/watchtower/pkg/types" + "github.com/nicholas-fedor/watchtower/internal/actions" + "github.com/nicholas-fedor/watchtower/internal/flags" + "github.com/nicholas-fedor/watchtower/internal/meta" + "github.com/nicholas-fedor/watchtower/pkg/api" + apiMetrics "github.com/nicholas-fedor/watchtower/pkg/api/metrics" + "github.com/nicholas-fedor/watchtower/pkg/api/update" + "github.com/nicholas-fedor/watchtower/pkg/container" + "github.com/nicholas-fedor/watchtower/pkg/filters" + "github.com/nicholas-fedor/watchtower/pkg/metrics" + "github.com/nicholas-fedor/watchtower/pkg/notifications" + t "github.com/nicholas-fedor/watchtower/pkg/types" "github.com/robfig/cron" log "github.com/sirupsen/logrus" @@ -33,6 +33,7 @@ var ( scheduleSpec string cleanup bool noRestart bool + noPull bool monitorOnly bool enableLabel bool disableContainers []string @@ -53,7 +54,7 @@ func NewRootCommand() *cobra.Command { Short: "Automatically updates running Docker containers", Long: ` Watchtower automatically updates running Docker containers whenever a new image is released. - More information available at https://github.com/containrrr/watchtower/. + More information available at https://github.com/nicholas-fedor/watchtower/. `, Run: Run, PreRun: PreRun, @@ -110,7 +111,7 @@ func PreRun(cmd *cobra.Command, _ []string) { log.Fatal(err) } - noPull, _ := f.GetBool("no-pull") + noPull, _ = f.GetBool("no-pull") includeStopped, _ := f.GetBool("include-stopped") includeRestarting, _ := f.GetBool("include-restarting") reviveStopped, _ := f.GetBool("revive-stopped") @@ -122,7 +123,6 @@ func PreRun(cmd *cobra.Command, _ []string) { } client = container.NewClient(container.ClientOptions{ - PullImages: !noPull, IncludeStopped: includeStopped, ReviveStopped: reviveStopped, RemoveVolumes: removeVolumes, @@ -187,7 +187,7 @@ func Run(c *cobra.Command, names []string) { metrics.RegisterScan(metric) }, updateLock) httpAPI.RegisterFunc(updateHandler.Path, updateHandler.Handle) - // If polling isn't enabled the scheduler is never started and + // If polling isn't enabled the scheduler is never started, and // we need to trigger the startup messages manually. if !unblockHTTPAPI { writeStartupMessage(c, time.Time{}, filterDesc) @@ -367,6 +367,7 @@ func runUpdatesWithNotifications(filter t.Filter) *metrics.Metric { LifecycleHooks: lifecycleHooks, RollingRestart: rollingRestart, LabelPrecedence: labelPrecedence, + NoPull: noPull, } result, err := actions.Update(client, updateParams) if err != nil { diff --git a/dockerfiles/Dockerfile b/dockerfiles/Dockerfile index 03fd636..68d2ee5 100644 --- a/dockerfiles/Dockerfile +++ b/dockerfiles/Dockerfile @@ -1,4 +1,4 @@ -FROM --platform=$BUILDPLATFORM alpine:3.18.4 as alpine +FROM --platform=$BUILDPLATFORM alpine:3.21.2 as alpine RUN apk add --no-cache \ ca-certificates \ diff --git a/dockerfiles/Dockerfile.dev-self-contained b/dockerfiles/Dockerfile.dev-self-contained index 1a39c26..910b0ff 100644 --- a/dockerfiles/Dockerfile.dev-self-contained +++ b/dockerfiles/Dockerfile.dev-self-contained @@ -25,7 +25,7 @@ COPY . /watchtower RUN \ cd /watchtower && \ \ - GO111MODULE=on CGO_ENABLED=0 GOOS=linux go build -a -ldflags "-extldflags '-static' -X github.com/containrrr/watchtower/internal/meta.Version=$(git describe --tags)" . && \ + GO111MODULE=on CGO_ENABLED=0 GOOS=linux go build -a -ldflags "-extldflags '-static' -X github.com/nicholas-fedor/watchtower/internal/meta.Version=$(git describe --tags)" . && \ GO111MODULE=on go test ./... -v diff --git a/dockerfiles/Dockerfile.self-contained b/dockerfiles/Dockerfile.self-contained index 04a6047..95895bc 100644 --- a/dockerfiles/Dockerfile.self-contained +++ b/dockerfiles/Dockerfile.self-contained @@ -13,12 +13,12 @@ RUN apk add --no-cache \ git \ tzdata -RUN git clone --branch "${WATCHTOWER_VERSION}" https://github.com/containrrr/watchtower.git +RUN git clone --branch "${WATCHTOWER_VERSION}" https://github.com/nicholas-fedor/watchtower.git RUN \ cd watchtower && \ \ - GO111MODULE=on CGO_ENABLED=0 GOOS=linux go build -a -ldflags "-extldflags '-static' -X github.com/containrrr/watchtower/internal/meta.Version=$(git describe --tags)" . && \ + GO111MODULE=on CGO_ENABLED=0 GOOS=linux go build -a -ldflags "-extldflags '-static' -X github.com/nicholas-fedor/watchtower/internal/meta.Version=$(git describe --tags)" . && \ GO111MODULE=on go test ./... -v diff --git a/dockerfiles/container-networking/docker-compose.yml b/dockerfiles/container-networking/docker-compose.yml index 24cd00d..7795d2d 100644 --- a/dockerfiles/container-networking/docker-compose.yml +++ b/dockerfiles/container-networking/docker-compose.yml @@ -1,6 +1,6 @@ services: producer: - image: qmcgaw/gluetun:v3.35.0 + image: qmcgaw/gluetun:v3.40.0 cap_add: - NET_ADMIN environment: @@ -11,7 +11,7 @@ services: consumer: depends_on: - producer - image: nginx:1.25.1 + image: nginx:1.27.3 network_mode: "service:producer" labels: - "com.centurylinklabs.watchtower.depends-on=/wt-contnet-producer-1" diff --git a/docs/arguments.md b/docs/arguments.md index 8b00de9..d830185 100644 --- a/docs/arguments.md +++ b/docs/arguments.md @@ -7,7 +7,7 @@ launching watchtower. $ docker run -d \ --name watchtower \ -v /var/run/docker.sock:/var/run/docker.sock \ - containrrr/watchtower \ + nickfedor/watchtower \ nginx redis ``` @@ -18,7 +18,7 @@ the watchtower container after its execution. ```bash $ docker run --rm \ -v /var/run/docker.sock:/var/run/docker.sock \ - containrrr/watchtower \ + nickfedor/watchtower \ --run-once \ nginx redis ``` @@ -33,14 +33,16 @@ Some arguments can also reference a file, in which case the contents of the file This can be used to avoid putting secrets in the configuration file or command line. The following arguments are currently supported (including their corresponding `WATCHTOWER_` environment variables): - - `notification-url` - - `notification-email-server-password` - - `notification-slack-hook-url` - - `notification-msteams-hook` - - `notification-gotify-token` - - `http-api-token` + +- `notification-url` +- `notification-email-server-password` +- `notification-slack-hook-url` +- `notification-msteams-hook` +- `notification-gotify-token` +- `http-api-token` ### Example docker-compose usage + ```yaml secrets: access_token: @@ -55,6 +57,7 @@ services: ``` ## Help + Shows documentation about the supported flags. ```text @@ -65,6 +68,7 @@ Environment Variable: N/A ``` ## Time Zone + Sets the time zone to be used by WatchTower's logs and the optional Cron scheduling argument (--schedule). If this environment variable is not set, Watchtower will use the default time zone: UTC. To find out the right value, see [this list](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones), find your location and use the value in _TZ Database Name_, e.g _Europe/Rome_. The timezone can alternatively be set by volume mounting your hosts /etc/localtime file. `-v /etc/localtime:/etc/localtime:ro` @@ -76,6 +80,7 @@ Environment Variable: TZ ``` ## Cleanup + Removes old images after updating. When this flag is specified, watchtower will remove the old image after restarting a container with a new image. Use this option to prevent the accumulation of orphaned images on your system as containers are updated. ```text @@ -86,6 +91,7 @@ Environment Variable: WATCHTOWER_CLEANUP ``` ## Remove anonymous volumes + Removes anonymous volumes after updating. When this flag is specified, watchtower will remove all anonymous volumes from the container before restarting with a new image. Named volumes will not be removed! ```text @@ -96,6 +102,7 @@ Environment Variable: WATCHTOWER_REMOVE_VOLUMES ``` ## Debug + Enable debug mode with verbose logging. !!! note "Notes" @@ -110,6 +117,7 @@ Environment Variable: WATCHTOWER_DEBUG ``` ## Trace + Enable trace mode with very verbose logging. Caution: exposes credentials! !!! note "Notes" @@ -146,6 +154,7 @@ Environment Variable: WATCHTOWER_LOG_FORMAT ``` ## ANSI colors + Disable ANSI color escape codes in log output. ```text @@ -156,6 +165,7 @@ Environment Variable: NO_COLOR ``` ## Docker host + Docker daemon socket to connect to. Can be pointed at a remote Docker host by specifying a TCP endpoint as "tcp://hostname:port". ```text @@ -166,6 +176,7 @@ Environment Variable: DOCKER_HOST ``` ## Docker API version + The API version to use by the Docker client for connecting to the Docker daemon. The minimum supported version is 1.24. ```text @@ -176,6 +187,7 @@ Environment Variable: DOCKER_API_VERSION ``` ## Include restarting + Will also include restarting containers. ```text @@ -186,6 +198,7 @@ Environment Variable: WATCHTOWER_INCLUDE_RESTARTING ``` ## Include stopped + Will also include created and exited containers. ```text @@ -196,6 +209,7 @@ Environment Variable: WATCHTOWER_INCLUDE_STOPPED ``` ## Revive stopped + Start any stopped containers that have had their image updated. This argument is only usable with the `--include-stopped` argument. ```text @@ -206,6 +220,7 @@ Environment Variable: WATCHTOWER_REVIVE_STOPPED ``` ## Poll interval + Poll interval (in seconds). This value controls how frequently watchtower will poll for new images. Either `--schedule` or a poll interval can be defined, but not both. ```text @@ -216,6 +231,7 @@ Environment Variable: WATCHTOWER_POLL_INTERVAL ``` ## Filter by enable label + Monitor and update containers that have a `com.centurylinklabs.watchtower.enable` label set to true. ```text @@ -226,11 +242,13 @@ Environment Variable: WATCHTOWER_LABEL_ENABLE ``` ## Filter by disable label -__Do not__ Monitor and update containers that have `com.centurylinklabs.watchtower.enable` label set to false and -no `--label-enable` argument is passed. Note that only one or the other (targeting by enable label) can be + +**Do not** Monitor and update containers that have `com.centurylinklabs.watchtower.enable` label set to false and +no `--label-enable` argument is passed. Note that only one or the other (targeting by enable label) can be used at the same time to target containers. ## Filter by disabling specific container names + Monitor and update containers whose names are not in a given set of names. This can be used to exclude specific containers, when setting labels is not an option. @@ -244,8 +262,9 @@ Environment Variable: WATCHTOWER_DISABLE_CONTAINERS ``` ## Without updating containers + Will only monitor for new images, send notifications and invoke -the [pre-check/post-check hooks](https://containrrr.dev/watchtower/lifecycle-hooks/), but will __not__ update the +the [pre-check/post-check hooks](https://containrrr.dev/watchtower/lifecycle-hooks/), but will **not** update the containers. !!! note @@ -262,7 +281,7 @@ Environment Variable: WATCHTOWER_MONITOR_ONLY Note that monitor-only can also be specified on a per-container basis with the `com.centurylinklabs.watchtower.monitor-only` label set on those containers. -See [With label taking precedence over arguments](#With-label-taking-precedence-over-arguments) for behavior when both argument and label are set +See [With label taking precedence over arguments](#with-label-taking-precedence-over-arguments) for behavior when both argument and label are set ## With label taking precedence over arguments @@ -276,8 +295,10 @@ Environment Variable: WATCHTOWER_LABEL_TAKE_PRECEDENCE ``` ## Without restarting containers + Do not restart containers after updating. This option can be useful when the start of the containers is managed by an external system such as systemd. + ```text Argument: --no-restart Environment Variable: WATCHTOWER_NO_RESTART @@ -286,6 +307,7 @@ Environment Variable: WATCHTOWER_NO_RESTART ``` ## Without pulling new images + Do not pull new images. When this flag is specified, watchtower will not attempt to pull new images from the registry. Instead it will only monitor the local image cache for changes. Use this option if you are building new images directly on the Docker host without pushing @@ -301,9 +323,10 @@ Environment Variable: WATCHTOWER_NO_PULL Note that no-pull can also be specified on a per-container basis with the `com.centurylinklabs.watchtower.no-pull` label set on those containers. -See [With label taking precedence over arguments](#With-label-taking-precedence-over-arguments) for behavior when both argument and label are set +See [With label taking precedence over arguments](#with-label-taking-precedence-over-arguments) for behavior when both argument and label are set ## Without sending a startup message + Do not send a message after watchtower started. Otherwise there will be an info-level notification. ```text @@ -314,6 +337,7 @@ Environment Variable: WATCHTOWER_NO_STARTUP_MESSAGE ``` ## Run once + Run an update attempt against a container name list one time immediately and exit. ```text @@ -324,7 +348,8 @@ Environment Variable: WATCHTOWER_RUN_ONCE ``` ## HTTP API Mode -Runs Watchtower in HTTP API mode, only allowing image updates to be triggered by an HTTP request. + +Runs Watchtower in HTTP API mode, only allowing image updates to be triggered by an HTTP request. For details see [HTTP API](https://containrrr.dev/watchtower/http-api-mode). ```text @@ -335,6 +360,7 @@ Environment Variable: WATCHTOWER_HTTP_API_UPDATE ``` ## HTTP API Token + Sets an authentication token to HTTP API requests. Can also reference a file, in which case the contents of the file are used. @@ -346,6 +372,7 @@ Environment Variable: WATCHTOWER_HTTP_API_TOKEN ``` ## HTTP API periodic polls + Keep running periodic updates if the HTTP API mode is enabled, otherwise the HTTP API would prevent periodic polls. ```text @@ -356,17 +383,23 @@ Environment Variable: WATCHTOWER_HTTP_API_PERIODIC_POLLS ``` ## Filter by scope -Update containers that have a `com.centurylinklabs.watchtower.scope` label set with the same value as the given argument. + +Update containers that have a `com.centurylinklabs.watchtower.scope` label set with the same value as the given argument. This enables [running multiple instances](https://containrrr.dev/watchtower/running-multiple-instances). +!!! note "Filter by lack of scope" + If you want other instances of watchtower to ignore the scoped containers, set this argument to `none`. + When omitted, watchtower will update all containers regardless of scope. + ```text Argument: --scope Environment Variable: WATCHTOWER_SCOPE Type: String Default: - -``` +``` ## HTTP API Metrics + Enables a metrics endpoint, exposing prometheus metrics via HTTP. See [Metrics](metrics.md) for details. ```text @@ -377,6 +410,7 @@ Environment Variable: WATCHTOWER_HTTP_API_METRICS ``` ## Scheduling + [Cron expression](https://pkg.go.dev/github.com/robfig/cron@v1.2.0?tab=doc#hdr-CRON_Expression_Format) in 6 fields (rather than the traditional 5) which defines when and how often to check for new images. Either `--interval` or the schedule expression can be defined, but not both. An example: `--schedule "0 0 4 * * *"` @@ -388,6 +422,7 @@ Environment Variable: WATCHTOWER_SCHEDULE ``` ## Rolling restart + Restart one image at time instead of stopping and starting all at once. Useful in conjunction with lifecycle hooks to implement zero-downtime deploy. @@ -399,6 +434,7 @@ Environment Variable: WATCHTOWER_ROLLING_RESTART ``` ## Wait until timeout + Timeout before the container is forcefully stopped. When set, this option will change the default (`10s`) wait time to the given value. An example: `--stop-timeout 30s` will set the timeout to 30 seconds. ```text @@ -450,10 +486,10 @@ Writes the session results to STDOUT using a stable, machine-readable format (in Alias for: ```text - --notification-url logger:// - --notification-log-stdout - --notification-report - --notification-template porcelain.VERSION.summary-no-log + --notification-url logger:// + --notification-log-stdout + --notification-report + --notification-template porcelain.VERSION.summary-no-log Argument: --porcelain, -P Environment Variable: WATCHTOWER_PORCELAIN diff --git a/docs/container-selection.md b/docs/container-selection.md index 4b6facd..8327c66 100644 --- a/docs/container-selection.md +++ b/docs/container-selection.md @@ -58,6 +58,7 @@ If instead you want to [only include containers with the enable label](https://c If you wish to create a monitoring scope, you will need to [run multiple instances and set a scope for each of them](https://containrrr.github.io/watchtower/running-multiple-instances). Watchtower filters running containers by testing them against each configured criteria. A container is monitored if all criteria are met. For example: + - If a container's name is on the monitoring name list (not empty `--name` argument) but it is not enabled (_centurylinklabs.watchtower.enable=false_), it won't be monitored; - If a container's name is not on the monitoring name list (not empty `--name` argument), even if it is enabled (_centurylinklabs.watchtower.enable=true_ and `--label-enable` flag is set), it won't be monitored; diff --git a/docs/http-api-mode.md b/docs/http-api-mode.md index 2cf082a..dfd16a8 100644 --- a/docs/http-api-mode.md +++ b/docs/http-api-mode.md @@ -1,6 +1,6 @@ Watchtower provides an HTTP API mode that enables an HTTP endpoint that can be requested to trigger container updating. The current available endpoint list is: -- `/v1/update` - triggers an update for all of the containers monitored by this Watchtower instance. +- `/v1/update` - triggers an update for all of the containers monitored by this Watchtower instance. --- @@ -16,7 +16,7 @@ services: - "com.centurylinklabs.watchtower.enable=true" watchtower: - image: containrrr/watchtower + image: nickfedor/watchtower volumes: - /var/run/docker.sock:/var/run/docker.sock command: --debug --http-api-update @@ -35,3 +35,11 @@ Notice that there is an environment variable named WATCHTOWER_HTTP_API_TOKEN. To ```bash curl -H "Authorization: Bearer mytoken" localhost:8080/v1/update ``` + +--- + +In order to update only certain images, the image names can be provided as URL query parameters. The following `curl` command would trigger an update for the images `foo/bar` and `foo/baz`: + +```bash +curl -H "Authorization: Bearer mytoken" localhost:8080/v1/update?image=foo/bar,foo/baz +``` diff --git a/docs/index.md b/docs/index.md index 1d0b2cc..c74fc5a 100644 --- a/docs/index.md +++ b/docs/index.md @@ -8,32 +8,32 @@

A container-based solution for automating Docker container base image updates.

- - Circle CI + + Circle CI - - Codecov + + Codecov - - GoDoc + + GoDoc - - Go Report Card + + Go Report Card - - latest version + + latest version - Apache-2.0 License + Apache-2.0 License - + Codacy Badge - - All Contributors + + All Contributors - - Pulls from DockerHub + + Pulls from DockerHub

@@ -50,7 +50,7 @@ the following command: $ docker run -d \ --name watchtower \ -v /var/run/docker.sock:/var/run/docker.sock \ - containrrr/watchtower + nickfedor/watchtower ``` === "docker-compose.yml" @@ -59,7 +59,7 @@ the following command: version: "3" services: watchtower: - image: containrrr/watchtower + image: nickfedor/watchtower volumes: - /var/run/docker.sock:/var/run/docker.sock ``` diff --git a/docs/introduction.md b/docs/introduction.md index cbbc3a3..ecaaa60 100644 --- a/docs/introduction.md +++ b/docs/introduction.md @@ -8,8 +8,7 @@ For example, let's say you were running watchtower along with an instance of _ce $ docker ps CONTAINER ID IMAGE STATUS PORTS NAMES 967848166a45 centurylink/wetty-cli Up 10 minutes 0.0.0.0:8080->3000/tcp wetty -6cc4d2a9d1a5 containrrr/watchtower Up 15 minutes watchtower +6cc4d2a9d1a5 nickfedor/watchtower Up 15 minutes watchtower ``` Every day watchtower will pull the latest _centurylink/wetty-cli_ image and compare it to the one that was used to run the "wetty" container. If it sees that the image has changed it will stop/remove the "wetty" container and then restart it using the new image and the same `docker run` options that were used to start the container initially (in this case, that would include the `-p 8080:3000` port mapping). - diff --git a/docs/notifications.md b/docs/notifications.md index 3042919..cff6a84 100644 --- a/docs/notifications.md +++ b/docs/notifications.md @@ -1,10 +1,10 @@ # Notifications Watchtower can send notifications when containers are updated. Notifications are sent via hooks in the logging -system, [logrus](http://github.com/sirupsen/logrus). +system, [logrus](http://github.com/sirupsen/logrus). !!! note "Using multiple notifications with environment variables" - There is currently a bug in Viper (https://github.com/spf13/viper/issues/380), which prevents comma-separated slices to + There is currently a bug in Viper (), which prevents comma-separated slices to be used when using the environment variable. A workaround is available where we instead put quotes around the environment variable value and replace the commas with spaces: @@ -16,20 +16,19 @@ system, [logrus](http://github.com/sirupsen/logrus). ## Settings -- `--notifications-level` (env. `WATCHTOWER_NOTIFICATIONS_LEVEL`): Controls the log level which is used for the notifications. If omitted, the default log level is `info`. Possible values are: `panic`, `fatal`, `error`, `warn`, `info`, `debug` or `trace`. -- `--notifications-hostname` (env. `WATCHTOWER_NOTIFICATIONS_HOSTNAME`): Custom hostname specified in subject/title. Useful to override the operating system hostname. -- `--notifications-delay` (env. `WATCHTOWER_NOTIFICATIONS_DELAY`): Delay before sending notifications expressed in seconds. -- Watchtower will post a notification every time it is started. This behavior [can be changed](https://containrrr.github.io/watchtower/arguments/#without_sending_a_startup_message) with an argument. -- `--notification-title-tag` (env. `WATCHTOWER_NOTIFICATION_TITLE_TAG`): Prefix to include in the title. Useful when running multiple watchtowers. -- `--notification-skip-title` (env. `WATCHTOWER_NOTIFICATION_SKIP_TITLE`): Do not pass the title param to notifications. This will not pass a dynamic title override to notification services. If no title is configured for the service, it will remove the title all together. -- `--notification-log-stdout` (env. `WATCHTOWER_NOTIFICATION_LOG_STDOUT`): Enable output from `logger://` shoutrrr service to stdout. +- `--notifications-level` (env. `WATCHTOWER_NOTIFICATIONS_LEVEL`): Controls the log level which is used for the notifications. If omitted, the default log level is `info`. Possible values are: `panic`, `fatal`, `error`, `warn`, `info`, `debug` or `trace`. +- `--notifications-hostname` (env. `WATCHTOWER_NOTIFICATIONS_HOSTNAME`): Custom hostname specified in subject/title. Useful to override the operating system hostname. +- `--notifications-delay` (env. `WATCHTOWER_NOTIFICATIONS_DELAY`): Delay before sending notifications expressed in seconds. +- Watchtower will post a notification every time it is started. This behavior [can be changed](https://containrrr.github.io/watchtower/arguments/#without_sending_a_startup_message) with an argument. +- `--notification-title-tag` (env. `WATCHTOWER_NOTIFICATION_TITLE_TAG`): Prefix to include in the title. Useful when running multiple watchtowers. +- `--notification-skip-title` (env. `WATCHTOWER_NOTIFICATION_SKIP_TITLE`): Do not pass the title param to notifications. This will not pass a dynamic title override to notification services. If no title is configured for the service, it will remove the title all together. +- `--notification-log-stdout` (env. `WATCHTOWER_NOTIFICATION_LOG_STDOUT`): Enable output from `logger://` shoutrrr service to stdout. -## [shoutrrr](https://github.com/containrrr/shoutrrr) notifications +## [Shoutrrr](https://github.com/containrrr/shoutrrr) notifications To send notifications via shoutrrr, the following command-line options, or their corresponding environment variables, can be set: -- `--notification-url` (env. `WATCHTOWER_NOTIFICATION_URL`): The shoutrrr service URL to be used. This option can also reference a file, in which case the contents of the file are used. - +- `--notification-url` (env. `WATCHTOWER_NOTIFICATION_URL`): The shoutrrr service URL to be used. This option can also reference a file, in which case the contents of the file are used. Go to [containrrr.dev/shoutrrr/v0.8/services/overview](https://containrrr.dev/shoutrrr/v0.8/services/overview) to learn more about the different service URLs you can use. You can define multiple services by space separating the @@ -37,14 +36,14 @@ URLs. (See example below) You can customize the message posted by setting a template. -- `--notification-template` (env. `WATCHTOWER_NOTIFICATION_TEMPLATE`): The template used for the message. +- `--notification-template` (env. `WATCHTOWER_NOTIFICATION_TEMPLATE`): The template used for the message. The template is a Go [template](https://golang.org/pkg/text/template/) that either format a list of [log entries](https://pkg.go.dev/github.com/sirupsen/logrus?tab=doc#Entry) or a `notification.Data` struct. Simple templates are used unless the `notification-report` flag is specified: -- `--notification-report` (env. `WATCHTOWER_NOTIFICATION_REPORT`): Use the session report as the notification template data. +- `--notification-report` (env. `WATCHTOWER_NOTIFICATION_REPORT`): Use the session report as the notification template data. ## Simple templates @@ -57,6 +56,9 @@ outputs timestamp and log level. custom format. i.e., The day of the year has to be 1, the month has to be 2 (february), the hour 3 (or 15 for 24h time) etc. +!!! note "Skipping notifications" + To skip sending notifications that do not contain any information, you can wrap your template with `{{if .}}` and `{{end}}`. + Example: ```bash @@ -65,12 +67,13 @@ docker run -d \ -v /var/run/docker.sock:/var/run/docker.sock \ -e WATCHTOWER_NOTIFICATION_URL="discord://token@channel slack://watchtower@token-a/token-b/token-c" \ -e WATCHTOWER_NOTIFICATION_TEMPLATE="{{range .}}{{.Time.Format \"2006-01-02 15:04:05\"}} ({{.Level}}): {{.Message}}{{println}}{{end}}" \ - containrrr/watchtower + nickfedor/watchtower ``` ## Report templates The default template for report notifications are the following: + ```go {{- if .Report -}} {{- with .Report -}} @@ -81,13 +84,13 @@ The default template for report notifications are the following: {{- end -}} {{- range .Fresh}} - {{.Name}} ({{.ImageName}}): {{.State}} - {{- end -}} - {{- range .Skipped}} + {{- end -}} + {{- range .Skipped}} - {{.Name}} ({{.ImageName}}): {{.State}}: {{.Error}} - {{- end -}} - {{- range .Failed}} + {{- end -}} + {{- range .Failed}} - {{.Name}} ({{.ImageName}}): {{.State}}: {{.Error}} - {{- end -}} + {{- end -}} {{- end -}} {{- end -}} {{- else -}} @@ -134,7 +137,7 @@ Example using a custom report template that always sends a session report after {{range .Entries -}}{{.Message}}{{\"\n\"}}{{- end -}} {{- end -}} " \ - containrrr/watchtower + nickfedor/watchtower ``` === "docker-compose" @@ -143,7 +146,7 @@ Example using a custom report template that always sends a session report after version: "3" services: watchtower: - image: containrrr/watchtower + image: nickfedor/watchtower volumes: - /var/run/docker.sock:/var/run/docker.sock env: @@ -179,12 +182,13 @@ For backwards compatibility, the notifications can also be configured using lega The types of notifications to send are set by passing a comma-separated list of values to the `--notifications` option (or corresponding environment variable `WATCHTOWER_NOTIFICATIONS`), which has the following valid values: -- `email` to send notifications via e-mail -- `slack` to send notifications through a Slack webhook -- `msteams` to send notifications via MSTeams webhook -- `gotify` to send notifications via Gotify +- `email` to send notifications via e-mail +- `slack` to send notifications through a Slack webhook +- `msteams` to send notifications via MSTeams webhook +- `gotify` to send notifications via Gotify ### `notify-upgrade` + If watchtower is started with `notify-upgrade` as it's first argument, it will generate a .env file with your current legacy notification options converted to shoutrrr URLs. === "docker run" @@ -195,7 +199,7 @@ If watchtower is started with `notify-upgrade` as it's first argument, it will g -v /var/run/docker.sock:/var/run/docker.sock \ -e WATCHTOWER_NOTIFICATIONS=slack \ -e WATCHTOWER_NOTIFICATION_SLACK_HOOK_URL="https://hooks.slack.com/services/xxx/yyyyyyyyyyyyyyy" \ - containrrr/watchtower \ + nickfedor/watchtower \ notify-upgrade ``` @@ -205,7 +209,7 @@ If watchtower is started with `notify-upgrade` as it's first argument, it will g version: "3" services: watchtower: - image: containrrr/watchtower + image: nickfedor/watchtower volumes: - /var/run/docker.sock:/var/run/docker.sock env: @@ -214,7 +218,6 @@ If watchtower is started with `notify-upgrade` as it's first argument, it will g command: notify-upgrade ``` - You can then copy this file from the container (a message with the full command to do so will be logged) and use it with your current setup: === "docker run" @@ -224,7 +227,7 @@ You can then copy this file from the container (a message with the full command --name watchtower \ -v /var/run/docker.sock:/var/run/docker.sock \ --env-file watchtower-notifications.env \ - containrrr/watchtower + nickfedor/watchtower ``` === "docker-compose.yml" @@ -233,7 +236,7 @@ You can then copy this file from the container (a message with the full command version: "3" services: watchtower: - image: containrrr/watchtower + image: nickfedor/watchtower volumes: - /var/run/docker.sock:/var/run/docker.sock env_file: @@ -244,15 +247,15 @@ You can then copy this file from the container (a message with the full command To receive notifications by email, the following command-line options, or their corresponding environment variables, can be set: -- `--notification-email-from` (env. `WATCHTOWER_NOTIFICATION_EMAIL_FROM`): The e-mail address from which notifications will be sent. -- `--notification-email-to` (env. `WATCHTOWER_NOTIFICATION_EMAIL_TO`): The e-mail address to which notifications will be sent. -- `--notification-email-server` (env. `WATCHTOWER_NOTIFICATION_EMAIL_SERVER`): The SMTP server to send e-mails through. -- `--notification-email-server-tls-skip-verify` (env. `WATCHTOWER_NOTIFICATION_EMAIL_SERVER_TLS_SKIP_VERIFY`): Do not verify the TLS certificate of the mail server. This should be used only for testing. -- `--notification-email-server-port` (env. `WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PORT`): The port used to connect to the SMTP server to send e-mails through. Defaults to `25`. -- `--notification-email-server-user` (env. `WATCHTOWER_NOTIFICATION_EMAIL_SERVER_USER`): The username to authenticate with the SMTP server with. -- `--notification-email-server-password` (env. `WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD`): The password to authenticate with the SMTP server with. Can also reference a file, in which case the contents of the file are used. -- `--notification-email-delay` (env. `WATCHTOWER_NOTIFICATION_EMAIL_DELAY`): Delay before sending notifications expressed in seconds. -- `--notification-email-subjecttag` (env. `WATCHTOWER_NOTIFICATION_EMAIL_SUBJECTTAG`): Prefix to include in the subject tag. Useful when running multiple watchtowers. **NOTE:** This will affect all notification types. +- `--notification-email-from` (env. `WATCHTOWER_NOTIFICATION_EMAIL_FROM`): The e-mail address from which notifications will be sent. +- `--notification-email-to` (env. `WATCHTOWER_NOTIFICATION_EMAIL_TO`): The e-mail address to which notifications will be sent. +- `--notification-email-server` (env. `WATCHTOWER_NOTIFICATION_EMAIL_SERVER`): The SMTP server to send e-mails through. +- `--notification-email-server-tls-skip-verify` (env. `WATCHTOWER_NOTIFICATION_EMAIL_SERVER_TLS_SKIP_VERIFY`): Do not verify the TLS certificate of the mail server. This should be used only for testing. +- `--notification-email-server-port` (env. `WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PORT`): The port used to connect to the SMTP server to send e-mails through. Defaults to `25`. +- `--notification-email-server-user` (env. `WATCHTOWER_NOTIFICATION_EMAIL_SERVER_USER`): The username to authenticate with the SMTP server with. +- `--notification-email-server-password` (env. `WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD`): The password to authenticate with the SMTP server with. Can also reference a file, in which case the contents of the file are used. +- `--notification-email-delay` (env. `WATCHTOWER_NOTIFICATION_EMAIL_DELAY`): Delay before sending notifications expressed in seconds. +- `--notification-email-subjecttag` (env. `WATCHTOWER_NOTIFICATION_EMAIL_SUBJECTTAG`): Prefix to include in the subject tag. Useful when running multiple watchtowers. **NOTE:** This will affect all notification types. Example: @@ -268,7 +271,7 @@ docker run -d \ -e WATCHTOWER_NOTIFICATION_EMAIL_SERVER_USER=fromaddress@gmail.com \ -e WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD=app_password \ -e WATCHTOWER_NOTIFICATION_EMAIL_DELAY=2 \ - containrrr/watchtower + nickfedor/watchtower ``` The previous example assumes, that you already have an SMTP server up and running you can connect to. If you don't or you want to bring up watchtower with your own simple SMTP relay the following `docker-compose.yml` might be a good start for you. @@ -281,7 +284,7 @@ Example including an SMTP relay: version: '3.8' services: watchtower: - image: containrrr/watchtower:latest + image: nickfedor/watchtower:latest container_name: watchtower environment: WATCHTOWER_MONITOR_ONLY: 'true' @@ -331,7 +334,7 @@ By default, watchtower will send messages under the name `watchtower`, you can c Other, optional, variables include: -- `--notification-slack-channel` (env. `WATCHTOWER_NOTIFICATION_SLACK_CHANNEL`): A string which overrides the webhook's default channel. Example: #my-custom-channel. +- `--notification-slack-channel` (env. `WATCHTOWER_NOTIFICATION_SLACK_CHANNEL`): A string which overrides the webhook's default channel. Example: #my-custom-channel. Example: @@ -343,7 +346,7 @@ docker run -d \ -e WATCHTOWER_NOTIFICATION_SLACK_HOOK_URL="https://hooks.slack.com/services/xxx/yyyyyyyyyyyyyyy" \ -e WATCHTOWER_NOTIFICATION_SLACK_IDENTIFIER=watchtower-server-1 \ -e WATCHTOWER_NOTIFICATION_SLACK_CHANNEL=#my-custom-channel \ - containrrr/watchtower + nickfedor/watchtower ``` ### Microsoft Teams @@ -363,7 +366,7 @@ docker run -d \ -e WATCHTOWER_NOTIFICATIONS=msteams \ -e WATCHTOWER_NOTIFICATION_MSTEAMS_HOOK_URL="https://outlook.office.com/webhook/xxxxxxxx@xxxxxxx/IncomingWebhook/yyyyyyyy/zzzzzzzzzz" \ -e WATCHTOWER_NOTIFICATION_MSTEAMS_USE_LOG_DATA=true \ - containrrr/watchtower + nickfedor/watchtower ``` ### Gotify @@ -377,10 +380,9 @@ docker run -d \ -e WATCHTOWER_NOTIFICATIONS=gotify \ -e WATCHTOWER_NOTIFICATION_GOTIFY_URL="https://my.gotify.tld/" \ -e WATCHTOWER_NOTIFICATION_GOTIFY_TOKEN="SuperSecretToken" \ - containrrr/watchtower + nickfedor/watchtower ``` `-e WATCHTOWER_NOTIFICATION_GOTIFY_TOKEN` or `--notification-gotify-token` can also reference a file, in which case the contents of the file are used. If you want to disable TLS verification for the Gotify instance, you can use either `-e WATCHTOWER_NOTIFICATION_GOTIFY_TLS_SKIP_VERIFY=true` or `--notification-gotify-tls-skip-verify`. - diff --git a/docs/private-registries.md b/docs/private-registries.md index 68fbe84..4befe84 100644 --- a/docs/private-registries.md +++ b/docs/private-registries.md @@ -1,14 +1,15 @@ Watchtower supports private Docker image registries. In many cases, accessing a private registry requires a valid username and password (i.e., _credentials_). In order to operate in such an -environment, watchtower needs to know the credentials to access the registry. +environment, watchtower needs to know the credentials to access the registry. The credentials can be provided to watchtower in a configuration file called `config.json`. There are two ways to generate this configuration file: -* The configuration file can be created manually. -* Call `docker login ` and share the resulting configuration file. +* The configuration file can be created manually. +* Call `docker login ` and share the resulting configuration file. ### Create the configuration file manually + Create a new configuration file with the following syntax and a base64 encoded username and password `auth` string: @@ -31,7 +32,7 @@ password `auth` string: In this special case, the registry domain does not have to be specified in `docker run` or `docker-compose`. Like Docker, Watchtower will use the Docker Hub registry and its credentials when no registry domain is specified. - + Watchtower will recognize credentials with `` `index.docker.io`, but the Docker CLI will not. @@ -40,7 +41,7 @@ password `auth` string: in both `config.json` and the `docker run` command or `docker-compose` file. Valid hosts are `localhost[:PORT]`, `HOST:PORT`, or any multi-part `domain.name` or IP-address with or without a port. - + Examples: * `localhost` -> `localhost/myimage` * `127.0.0.1` -> `127.0.0.1/myimage:mytag` @@ -63,7 +64,7 @@ When the watchtower Docker container is started, the created configuration file (`/config.json` in this example) needs to be passed to the container: ```bash -docker run [...] -v /config.json:/config.json containrrr/watchtower +docker run [...] -v /config.json:/config.json nickfedor/watchtower ``` ### Share the Docker configuration file @@ -76,7 +77,7 @@ additional configuration file is not necessary. When the Docker container is started, pass the configuration file to watchtower: ```bash -docker run [...] -v /.docker/config.json:/config.json containrrr/watchtower +docker run [...] -v /.docker/config.json:/config.json nickfedor/watchtower ``` When creating the watchtower container via docker-compose, use the following lines: @@ -85,7 +86,7 @@ When creating the watchtower container via docker-compose, use the following lin version: "3.4" services: watchtower: - image: containrrr/watchtower:latest + image: nickfedor/watchtower:latest volumes: - /var/run/docker.sock:/var/run/docker.sock - /.docker/config.json:/config.json @@ -93,6 +94,7 @@ services: ``` #### Docker Config path + By default, watchtower will look for the `config.json` file in `/`, but this can be changed by setting the `DOCKER_CONFIG` environment variable to the directory path where your config is located. This is useful for setups where the config.json file is changed while the watchtower instance is running, as the changes will not be picked up for a mounted file if the inode changes. Example usage: @@ -101,7 +103,7 @@ version: "3.4" services: watchtower: - image: containrrr/watchtower + image: nickfedor/watchtower environment: DOCKER_CONFIG: /config volumes: @@ -110,6 +112,7 @@ services: ``` ## Credential helpers + Some private Docker registries (the most prominent probably being AWS ECR) use non-standard ways of authentication. To be able to use this together with watchtower, we need to use a credential helper. @@ -117,14 +120,16 @@ To keep the image size small we've decided to not include any helpers in the wat helper in a separate container and mount it using volumes. ### Example + Example implementation for use with [amazon-ecr-credential-helper](https://github.com/awslabs/amazon-ecr-credential-helper): Use the dockerfile below to build the [amazon-ecr-credential-helper](https://github.com/awslabs/amazon-ecr-credential-helper), in a volume that may be mounted onto your watchtower container. -1. Create the Dockerfile (contents below): +1. Create the Dockerfile (contents below): + ```Dockerfile - FROM golang:1.17 + FROM golang:1.20 ENV GO111MODULE off ENV CGO_ENABLED 0 @@ -141,7 +146,8 @@ in a volume that may be mounted onto your watchtower container. WORKDIR /go/bin/ ``` -2. Use the following commands to build the aws-ecr-dock-cred-helper and store it's output in a volume: +2. Use the following commands to build the aws-ecr-dock-cred-helper and store it's output in a volume: + ```bash # Create a volume to store the command (once built) docker volume create helper @@ -154,8 +160,9 @@ in a volume that may be mounted onto your watchtower container. --volume helper:/go/bin aws-ecr-dock-cred-helper ``` -3. Create a configuration file for docker, and store it in $HOME/.docker/config.json (replace the +3. Create a configuration file for docker, and store it in $HOME/.docker/config.json (replace the placeholders with your AWS Account ID and with your AWS ECR Region): + ```json { "credsStore" : "ecr-login", @@ -171,14 +178,15 @@ in a volume that may be mounted onto your watchtower container. } ``` -4. Create a docker-compose file (as an example) to help launch the container: +4. Create a docker-compose file (as an example) to help launch the container: + ```yaml version: "3.4" services: # Check for new images and restart things if a new image exists # for any of our containers. watchtower: - image: containrrr/watchtower:latest + image: nickfedor/watchtower:latest volumes: - /var/run/docker.sock:/var/run/docker.sock - .docker/config.json:/config.json @@ -194,14 +202,14 @@ in a volume that may be mounted onto your watchtower container. A few additional notes: -1. With docker-compose the volume (helper, in this case) MUST be set to `external: true`, otherwise docker-compose +1. With docker-compose the volume (helper, in this case) MUST be set to `external: true`, otherwise docker-compose will preface it with the directory name. -2. Note that "credsStore" : "ecr-login" is needed - and in theory if you have that you can remove the +2. Note that "credsStore" : "ecr-login" is needed - and in theory if you have that you can remove the credHelpers section -3. I have this running on an EC2 instance that has credentials assigned to it - so no keys are needed; however, +3. I have this running on an EC2 instance that has credentials assigned to it - so no keys are needed; however, you may need to include the `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` environment variables as well. -4. An alternative to adding the various variables is to create a ~/.aws/config and ~/.aws/credentials files and +4. An alternative to adding the various variables is to create a ~/.aws/config and ~/.aws/credentials files and place the settings there, then mount the ~/.aws directory to / in the container. diff --git a/docs/remote-hosts.md b/docs/remote-hosts.md index 22c3f94..4ee355a 100644 --- a/docs/remote-hosts.md +++ b/docs/remote-hosts.md @@ -3,7 +3,7 @@ By default, watchtower is set-up to monitor the local Docker daemon (the same da ```bash docker run -d \ --name watchtower \ - containrrr/watchtower --host "tcp://10.0.1.2:2375" + nickfedor/watchtower --host "tcp://10.0.1.2:2375" ``` or @@ -12,7 +12,7 @@ or docker run -d \ --name watchtower \ -e DOCKER_HOST="tcp://10.0.1.2:2375" \ - containrrr/watchtower + nickfedor/watchtower ``` Note in both of the examples above that it is unnecessary to mount the _/var/run/docker.sock_ into the watchtower container. diff --git a/docs/running-multiple-instances.md b/docs/running-multiple-instances.md index 3899095..118ad79 100644 --- a/docs/running-multiple-instances.md +++ b/docs/running-multiple-instances.md @@ -1,10 +1,11 @@ -By default, Watchtower will clean up other instances and won't allow multiple instances running on the same Docker host or swarm. It is possible to override this behavior by defining a [scope](https://containrrr.github.io/watchtower/arguments/#filter_by_scope) to each running instance. +By default, Watchtower will clean up other instances and won't allow multiple instances running on the same Docker host or swarm. It is possible to override this behavior by defining a [scope](https://containrrr.github.io/watchtower/arguments/#filter_by_scope) to each running instance. -Notice that: -- Multiple instances can't run with the same scope; -- An instance without a scope will clean up other running instances, even if they have a defined scope; +!!! note + - Multiple instances can't run with the same scope; + - An instance without a scope will clean up other running instances, even if they have a defined scope; + - Supplying `none` as the scope will treat `com.centurylinklabs.watchtower.scope=none`, `com.centurylinklabs.watchtower.scope=` and the lack of a `com.centurylinklabs.watchtower.scope` label as the scope `none`. This effectly enables you to run both scoped and unscoped watchtower instances on the same machine. -To define an instance monitoring scope, use the `--scope` argument or the `WATCHTOWER_SCOPE` environment variable on startup and set the _com.centurylinklabs.watchtower.scope_ label with the same value for the containers you want to include in this instance's scope (including the instance itself). +To define an instance monitoring scope, use the `--scope` argument or the `WATCHTOWER_SCOPE` environment variable on startup and set the `com.centurylinklabs.watchtower.scope` label with the same value for the containers you want to include in this instance's scope (including the instance itself). For example, in a Docker Compose config file: @@ -12,16 +13,29 @@ For example, in a Docker Compose config file: version: '3' services: - app-monitored-by-watchtower: + app-with-scope: image: myapps/monitored-by-watchtower - labels: - - "com.centurylinklabs.watchtower.scope=myscope" + labels: [ "com.centurylinklabs.watchtower.scope=myscope" ] - watchtower: - image: containrrr/watchtower - volumes: - - /var/run/docker.sock:/var/run/docker.sock + scoped-watchtower: + image: nickfedor/watchtower + volumes: [ "/var/run/docker.sock:/var/run/docker.sock" ] command: --interval 30 --scope myscope - labels: - - "com.centurylinklabs.watchtower.scope=myscope" + labels: [ "com.centurylinklabs.watchtower.scope=myscope" ] + + unscoped-app-a: + image: myapps/app-a + + unscoped-app-b: + image: myapps/app-b + labels: [ "com.centurylinklabs.watchtower.scope=none" ] + + unscoped-app-c: + image: myapps/app-b + labels: [ "com.centurylinklabs.watchtower.scope=" ] + + unscoped-watchtower: + image: nickfedor/watchtower + volumes: [ "/var/run/docker.sock:/var/run/docker.sock" ] + command: --interval 30 --scope none ``` diff --git a/docs/secure-connections.md b/docs/secure-connections.md index 0c2a900..fb7955f 100644 --- a/docs/secure-connections.md +++ b/docs/secure-connections.md @@ -10,5 +10,5 @@ docker run -d \ -e DOCKER_HOST=$DOCKER_HOST \ -e DOCKER_CERT_PATH=/etc/ssl/docker \ -v $DOCKER_CERT_PATH:/etc/ssl/docker \ - containrrr/watchtower --tlsverify + nickfedor/watchtower --tlsverify ``` diff --git a/docs/template-preview.md b/docs/template-preview.md index 3ae4321..3d99ce9 100644 --- a/docs/template-preview.md +++ b/docs/template-preview.md @@ -40,7 +40,7 @@ } #tplprev button { border-radius: 0.1rem; - color: var(--md-typeset-color); + color: var(--md-primary-bg-color); background-color: var(--md-primary-fg-color); flex:1; min-width: 12ch; @@ -78,6 +78,8 @@ flex:1; width:100% } + #result b {color: var(--md-code-hl-special-color)} + #result i {color: var(--md-code-hl-keyword-color)} #tplprev .loading { position: absolute; inset: 0; @@ -90,12 +92,14 @@ -
+ 
loading wasm...
-