search

crazy-max / diun

Receive notifications when an image is updated on a Docker registry
https://crazymax.dev/diun/
MIT License
2.93k stars 112 forks source link

Skip notification if tag with same digest is found in the same repo #679

Open fahrenhe1t opened 2 years ago

fahrenhe1t commented 2 years ago

Behaviour

This happened on two containers. Initially I had two applications rolled out with specific version labels:

image: crazymax/diun:4.22
image: pihole/pihole:22.08.3

Both of the container images were the latest available at the time. I changed the docker-compose.yml for each of the apps to the latest tag and redeployed them (ex: image: crazymax/diun:latest). This resulted in the same container being listed twice when running docker image ls:

REPOSITORY                              TAG            IMAGE ID       CREATED        SIZE
crazymax/diun                           4.22           712017b86c4b   6 weeks ago    46.1MB
crazymax/diun                           latest         712017b86c4b   6 weeks ago    46.1MB

pihole/pihole                           2022.08.3      e08e0f76fc61   3 days ago     309MB
pihole/pihole                           latest         e08e0f76fc61   3 days ago     309MB

DIUN then sent a notification that it required an update, even though it was running the latest. Same thing happened with pihole. I had to delete the duplicate image tag to remedy the issue.

Steps to reproduce this issue

  1. Roll out the latest version of an application with the specific version tag in docker-compose.yml (ex: image: crazymax/diun:4.22)
  2. Take the container down with: docker compose down
  3. Modify the image in docker-compose.yml to use the latest tag (image: crazymax/diun:latest)
  4. Verify the existence of two image tags: docker image ls crazymax/diun
  5. See a notification delivered even though it is already on the latest version

Expected behaviour

I think it would detect in this case that 4.22 is the latest version, which also shares the "latest" tag, so therefore a notification would not be generated.

Configuration

  • docker-compose.yml 
    
version: "3.5"
services:
diun:
image: crazymax/diun:latest
container_name: diun
hostname: diun
command: serve
volumes:
  • "diun-data:/data"
  • "/var/run/docker.sock:/var/run/docker.sock" environment: TZ: "America/Denver" LOG_LEVEL: "info" LOG_JSON: "false" DIUN_WATCH_WORKERS: "20" DIUN_WATCH_SCHEDULE: "45 4 *" DIUN_PROVIDERS_DOCKER: "true" DIUN_PROVIDERS_DOCKER_WATCHBYDEFAULT: "true" DIUN_PROVIDERS_DOCKER_WATCHSTOPPED: "true" DIUN_NOTIF_MAIL_HOST: "${MAIL_HOST}" DIUN_NOTIF_MAIL_PORT: "${MAIL_PORT}" DIUN_NOTIF_MAIL_SSL: "${MAIL_SSL}" DIUN_NOTIF_MAIL_INSECURESKIPVERIFY: "${MAIL_INSECURESKIPVERIFY}" DIUN_NOTIF_MAIL_LOCALNAME: "${MAIL_LOCALNAME}" DIUN_NOTIF_MAIL_USERNAME: "${MAIL_USERNAME}" DIUN_NOTIF_MAIL_PASSWORD: "${MAIL_PASSWORD}" DIUN_NOTIF_MAIL_FROM: "${MAIL_FROM}" DIUN_NOTIF_MAIL_TO: "${MAIL_TO}" restart: always volumes: diun-data: driver: local driver_opts: type: "nfs" o: "addr=192.168.1.20,nfsvers=4.1,nolock,soft,rw" device: ":/volume1/docker-volumes/diun/data"
crazy-max commented 1 year ago

Diun only checks digest for specified image name (tag included) from database with the one being fetched but there is no relation between tags like a registry would do atm. I think this could be an opt-in feature.

crazy-max commented 1 year ago

This is also slightly related to #114