I just has the honors of writing a guest article on selfh.st about my ever so slowly evolving project, dockcheck.
Oh that’s neat, really liking the matrix notifications. Now to make it a systemd service on all my hosts.
Oh nice, yeah I havn’t thought about suggesting a systemd-service thats neat! If you’d like you could contribute it as a discussion/suggestion/PR if you land on liking it, thatd be lovely.
With the image backups in the next release you could maybe even build some kind of auto rollback functionality.
Sure I can do that. I make packages too, would you think your project could use AUR, deb, rpm and/or snap packages?
Oh that’s very kind of you! There’s an AUR package and a brew already, don’t know if other packages is necessary tbh :)
Though some people have suggested they’d like a docker container - which I should try to spend some time on in the future.
Does this check for version tags as well or only updates to the current tag?
Like the current container uses an image with the tag
:0.1.0or:v0.1.0but:0.2.0is available on the registry.If you want automatic updates over major versions most containers will use the :latest tag for that.
I don’t really want automatic updates, I want a notification once a month with all images that have a newer :latest available or if versionised, when a image with a newer version is available.
Is this a replacement for Watchtower?
This question is usually asked a lot.
This started as a project to prove that you could check for updates without first pulling every new image to compare against, while that’s not why it kept get getting traction my original answer to this question still seems true:
From Watchtower Docs - Arguments
Due to Docker API limitations the latest image will still be pulled from the registry.
And:
Do not pull new images. When this flag is specified, watchtower will not attempt to pull new images from the registry. Instead it will only monitor the local image cache for changes
It’s also a different approach. With dockcheck you’d run it and then make the choice what you’ll update there and then. Selectively choosing exactly what containers to update at the moment. Or have it completely unattended auto update a selection of images.
With the notifications, you can get notified and then have a sitdown and auto-update what you choose.
It’s just different workflows and options.
The upcoming release will also add a new option to backup the image being updated and then autoprune old backups after N days. To allow for easy rollback if a new image breaks.
Thanks for the detailed explanation. Will try to see how it fits my setup when I get a chance, but I have been wanting to move away from Watchtower as it is no longer maintained. Good to know there is an alternative, and from what you describe I like your approach. Having to opt-out of updates in Watchtower never really sat right with me- Watchtower clutter is okay in compose files that actually want something to do with Watchtower…
Thank you. I hope you can find some usefulness in it. You can also do things by compose labels. As well as dynamically at runtime. Either interactively or as arguments.
Watchtower as it is no longer maintained
Not to take away anything from the OP, but there is a fork of Watchtower that is maintained and works a lot better than the OG Watchtower. The original Watchtower would screw up the update fairly regularly. So, if you want to just yolo your updates, that’d be the way to go. If you want a bit more control, DockCheck seems to have that covered. It’s always good to have choices.
Watchtower hadn’t been updated in like 3 years or something. It’s a dead project.
There’s a maintained fork, fortunately!
What more does it need to do
It works prefectly
Not for the latest and future versions of Docker.
This fork works, though: https://github.com/nicholas-fedor/watchtower
Stopped working for me with a recent docker cli update. That’s how I even found out it’s totally abandoned.
I’m not a big fan of running software that has access to the internet once it’s abandoned like this.
Sorry for spamming in this thread, but if you rely on Watchtower, there’s a maintained fork I recommend: https://github.com/nicholas-fedor/watchtower
Is used by literal millions. I’m sure if there was a security issue or would be reported.
Changes for the reason of making changes doesn’t make sense either
Anyway, I use podman now. It had this functionality built in
How many people use it makes no difference if there is no devs fixing security bugs.
I switched to DIUN, but it doesn’t do updates only notifications. That’s why I’m excited to look at OP’s library.
Are there security issues reported? Is open source
Your point being that I am not currently using it? Or that I should be looking for alternatives since I am currently using it?
I used to use it and switched away because it’s not maintained and I had errors with recent docker cli
I absolutely adore dockcheck. Thank you for your work.
Perfect and just what I needed!
