* Invoke hooks before and after updating * Scripts can now be run --before and --after
3.1 KiB
Fresh: Keeping your docker stacks up to date
Fresh was written to scratch an itch. It works by querying the respective repositories for the various manifests in order to determine if the images have been changed. If so it can do a combination of things:
- Set the exitcode to indicate the freshness,
0
means up-to-date and1
outdated. - Pull the updated images with docker-compose, and optionally recreate the containers
with
docker-compose up
. - Run a script before and after updating, f.ex. to enable maintenance mode or update permission on volumes.
- Notify webhooks when updating. Currently only Slack and Mattermost are supported.
Fresh is designed to be invoked using cron or systemd timers, and as such provides a light-weight easy-to-use alternative to more complex toolkits.
Building
Build using NoccyLabs Pharlite:
$ tools/pharlite
Installing
Download the latest version (or build it yourself) and move it into /usr/bin
.
Go grab it at https://dev.noccylabs.info/noccy/fresh/releases
Usage
To check for updates, pull updated images and recreate any containers defined in the
docker-compose.yml
in the current directory:
$ fresh.phar
Specify a directory to chdir into; very useful with cron:
$ fresh.phar --dir /srv/docker/mystack
To invoke scripts or webhooks:
$ fresh.phar --before scripts/sitedown.sh --after scripts/siteup.sh \
--slack https://my.slack.or/mattermost/webhook
For all available options, use the --help
flag.
Known Issues
- There is currently no way to update the state when manually updating using the
--check
flag. - Only checks authenticated registries for new versions. But if you are using this you probably aren't using DockerHub anyway.
FAQ
- How does Fresh remember the last seen hash? The container hashes are stored
in the same directory as the
docker-compose.yml
file in a file namedfresh.yml
. Remove this file to force trigger an update. - What are these hashes? Fresh grabs the manifest for the image from the registry and proceeds to hash a concatenation of all the various build layer hashes. This should mean if the image is new but the layers are the same nothing will be updated.
- How do I notify a Mattermost webook? Mattermost webhooks are compatible with
Slack webhooks, so simply use the
--slack
flag.
Changes
0.1.1
- Moved the logic from the entrypoint script to its own class.
- Added locking (though
fresh.lock
lockfile) to prevent multiple instances. - Added
--after
hook to invoke script after update. - Disabled automatic flushing of the state to disk; --check will no longer update the state file, but --pull and default update will.
0.1.2
- Fixed a bug in lockfile class preventing release of stale lockfile.
- The
--image
option finally works. - Added a
--write-state
/-w
option to write updated hashes to the state file. - Implemented
--config
and--config-type
options.
0.1.3
- Added a
--before
script hook, to complement the--after
hook. - Hooks now invoked both before and after deploy.