Open rirze opened 2 years ago
Hi @rirze ! Thanks for your interest in driftctl 🙏🏻
I'm curious about your usecase, are you saying that you cannot reach docker hub APIs from your environment ? I'm wondering why can't you use image tags as source of truth for versions numbers ?
For maintainers: Docker images are configured as auto build on the docker hub, but we can probably use some hooks to override it and inject some labels.
Thanks for the reply.
You are correct, I work in environments where I cannot use dockerhub APIs. I have found it immensely easier to write scripts that check for labels (i.e. parsing a key-value in a JSON) compared to extracting CLI output from a docker subcommand (docker images
).
Please do let me know if this is a viable option. I do see many other images use labels as well, if that helps influence your decision.
hi @rirze! I'd like to understand your workflow better. Once you get the value of snyk.driftctl.version
from a label, what do you compare it with, if you can't access the docker hub?
@sjourdan Sure, it's pretty simple imo.
I have a version-controlled config file with the pinned versions of the docker images I use. Every day, I have a scheduled task that pulls down the latest image (latest snyk/driftcl
image in this case) and then extracts the version of that latest image. It then compares the version string to the one written in the config file. If it is a newer version, it triggers a rebuild of my custom docker image that depends on snyk/driftctl
and updates the config file with the latest version.
If that's not clear, please let me know.
Description Add version information into the
driftctl
docker image. It would be as simple as adding:LABEL snyk.driftctl.version=$DRIFTCTL_VERSION
into the Dockerfile.I work in environments where I cannot easily check APIs or public sites for image updates. It would be incredibly useful to check the version from docker image attributes and check for updates that way. I already check other docker images in a similar fashion, so it would be nice to share the same workflow across my images.
Example
For example, for
terraform
: