Open giggio opened 11 months ago
piksel
commented
11 months ago Shoutrrr is a go library, so we have no idea what the running environment is like. It also feels like a potential security issue that the consumers of the library would need to handle.
giggio
commented
11 months ago Shoutrrr doesn't need to know the environment, the user is supposed to know what they want to call.
I'll explain my context. I'm using Shoutrrr with Watchtower, and I need to know when an update is available and take some custom actions. Because I can't do that, I can't use Watchtower. I'm moving to Diun, as they support custom scripts, see: https://crazymax.dev/diun/notif/script/
Regarding security, the script would have as much privilege as the process running Shoutrrr, if that is compromised, I'd say the risk is much greater than starting a process.
piksel
commented
11 months ago Watchtower is running inside a container with no additional binaries, so there is nothing to run your script in. No bash, no python, nothing. That's what I meant by "the environment".
Diun seems to be much more suitable for your usage though, as it's main usage scenario is watching for docker image updates.
giggio
commented
11 months ago I could volume mount what I need.
It would be nice to have shoutrrr simply call a custom script and pass the arguments. We could extend then it as we needed.