rwtccus

module
v0.0.0-...-4607c2a Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 17, 2023 License: MIT

README 

= RWTCCUS

Registry Webhook Triggered Composefile Container Update System.  I'll rename this when stable, the current name is an in joke for my inability to name projects sensibly.

== Status

There is currently no stable release for this, it does work as below, but I'm not sure I'm happy with this, so things may change.

== Why?

Why not just use watchtower? Watchtower has to poll the registry to wait for updates, this is fairly inefficient but is sometimes the only option. If you can get webhooks from the registry however, it is more efficient to listen to these and update containers as required.

As for how it does updates, I may well change this to update containers via the docker API, but at the minute this does
execute docker compose and this does come with some downsides.

== Docs

It is expected that you have all your composefiles are either in the same directory, or share a common parent directory
you tell the executor where this is and mount this in, enabling the container to perform updates.

This consists of two binaries, one that listens for registry events, the other that triggers updates, the docker socket it only exposed to the executor.  The executor then checks if a matching container is running and updates this as needed.

As this is currently being done by executing docker compose, the executor has to have access to the docker socket,
as such the container needs to be run as root and be able to perform bind mounts inside the container, this means the
container also required the SYS_ADMIN capability.

== Example Composefile

[source,yaml]
----
networks:
  public:
  internal:
services:
  listener:
    image: ghcr.io/greboid/rwtccus:latest
    command: /listener
    ports: 80:3000
    environment:
      IN_TOKEN: RandomAuthToken
      OUT_TOKEN: AnotherRandomToken
      EXECUTOR_URL: http://executor:3000
    networks:
      - public
      - internal
  executor:
    image: ghcr.io/greboid/rwtccus:latest
    command: /executor
    cap_add:
      - SYS_ADMIN
    environment:
      IN_TOKEN: AnotherRandomToken
      COMPOSE_DIR: <compose directory>
    networks:
      - internal
    volumes:
      - <compose directory>:/compose:ro
      - /var/run/docker.sock:/var/run/docker.sock
      - /var/run/docker.sock:/composemount/var/run/docker.sock
----

Directories

Path Synopsis
cmd
executor command
listener command

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.