Dockerfile Automatic Updater.
Python script to automatically update both the base image and included software in a Dockerfile.
This image, working with snw35/nvchecker, automatically updates itself.
NOTE: compatible with nvchecker versions 2.x and above.
This script reads the output of nvchecker, run from snw35/nvchecker.
A new_ver.json file generated by nvchecker must exist inside the root of the repository, and it should contain entries for all of the software packages that should be updated, as well as the container base image.
Please see snw35/nvchecker for further instructions on how to configure nvchecker to generate a new_ver.json file that dfupdate can use.
You can update the base image of your container using nvchecker and dfupdate. A suitable entry is required for nvchecker to check an upstream container registry for a newer base image, such as (for the 'python' image):
[BASE]
source = "container"
container = "library/python"
include_regex = "\\d+\\.\\d+\\.?\\d?-alpine\\d\\.\\d+"
Note that the entry must be called 'BASE' for dfupate to recognise it. The script will update the Dockerfile directly with any newer base image found.
You can update included software in your Dockerfile using nvchecker and dfupdate.
Install software in your Dockerfile using the following ENV vars:
- SOFTWARE_VERSION - the bare version number, e.g 1.2.3
- SOFTWARE_URL - the base download URL without the filename. Can include $SOFTWARE_VERSION if necessary.
- SOFTWARE_FILENAME - the filename (last part) of the download URL. Can include $SOFTWARE_VERSION if necessary.
- SOFTWARE_SHA256 - the expected sha256 of the retrieved file.
This will result in a block similar to e.g, for kubectl:
ENV KUBECTL_VERSION 1.16.1
ENV KUBECTL_URL https://storage.googleapis.com/kubernetes-release/release/v$KUBECTL_VERSION/bin/linux/amd64
ENV KUBECTL_FILENAME kubectl
ENV KUBECTL_SHA256 69cfb3eeaa0b77cc4923428855acdfc9ca9786544eeaff9c21913be830869d29
RUN wget $KUBECTL_URL/$KUBECTL_FILENAME \
&& echo "$KUBECTL_SHA256 ./$KUBECTL_FILENAME" | sha256sum -c - \
&& chmod +x ./$KUBECTL_FILENAME
- SOFTWARE_VERSION - the bare version number, e.g 1.2.3
This will result in, e.g for pip:
ENV REQUESTS_VERSION 2.22.0
ENV DOCKERFILE_PARSE_VERSION 0.0.15
RUN pip3 install --no-cache-dir \
requests==${REQUESTS_VERSION} \
dockerfile_parse==${DOCKERFILE_PARSE_VERSION} \
You must include an nvchecker configuration section for the software as well (see snw35/nvchecker for complete instructions).
For example:
[KUBECTL]
source = "cmd"
cmd = "wget -qO- https://storage.googleapis.com/kubernetes-release/release/stable.txt"
prefix = "v"
If you first run nvchecker against your repository to update the veresions inside new_ver.json, and then run this script, it will update the ENV variables inside the Dockerfile directly including downloading the new binary package and taking the sha256sum.
While in the root directory of a compatible project, run the container with the current directory bind-mounted to /data:
docker run -it --rm --mount type=bind,source=${PWD},target=/data/ -w /data snw35/dfupdate:latest