Any tips on how to check dockerhub images for new tags

Docker Hub
1

I have a lot of images running on my home platform, and as its my home platform I don’t have a team of people who are constantly monitoring patches etc for each component.

It would be great to have some kind of application that I can input dockerhub repositories in, and monitor if any new tags have been posted, and have this information collected in one place. For example:
gitlab: 1.2.34
python: 2.3.4
traefik: 6.4.3

I’m sure something like this already exists but I must be searching for the wrong keywords… otherwise I guess I have a fun project in front of me :smiley:

1 Like
2

You might find what you are looking for in the Watchtower documentation: Without updating containers

3

Unfortunately Watchtower may still do a pull if the image has changed, so there’s a risk of accidental update.

This request seem to be so ubiquitous, and being able to query an action before doing it is so fundamental to good IT practice, why isn’t it part of the core product?

4

Is it safe to assume that you already raised a feature request in the docker github repo?
After all this is open source and it is a collective effort to make the dream come true.

5

My main intent was to highlight that Watchtower unfortunately doesn’t solve the problem fully, but I also added to one of the feature requests:

1 Like
6

I had a further look at this since I really need something for my media centre installation, and it is just about possible using a bash script. No idea how reliable it will be in the long-run, hopefully it won’t be needed when it’s in the core, but for me it works for now.

https://www.pseudocode.ch/2021/08/24/docker-detecting-out-of-date-containers/

1 Like
8

Got something here for you:

This project still needs some optimizations, but for now its working for ne on 3 Servers with 10-25 Containers Running.

9

I use a script like this to get the most recent images version tags for a given base name:

#!/bin/bash
set -e
mostrecent() {
    local baseimagename="$1"
    local output="$(echo "$baseimagename" | sed 's/\//\/v2\//g')"
    local tag=$( curl -s -u "DOCKERUSER:PASSWORD "https://${output}/tags/list" | jq -r '.tags | map(select(test("^[0-9]{8}\\.[0-9]+$"))) | sort | .[-1]' )
    echo "${baseimagename}:${tag}"
}

cat <<EOT
services:
  my-app:
    image: $(mostrecent myrepo/apps/my-app)
EOT

I then output that to a lock-file.yml which I merge with my normal deploy, the lock-file I can compare against the existing lock-file.yml to see what has changed

The key part that tells me the tag list is

curl -s -u "DOCKERUSER:PASSWORD "https://${output}/tags/list"

The logic for me to find out which is the most recent version is done based on existing tag rules I have for my services, but the general concept is the same.

The solution uses HTTP API so you don’t even need Docker installed.

1 Like