Use custom script for podman auto-update
This commit is contained in:
parent
db079ed1ef
commit
6d547182a8
@ -0,0 +1,9 @@
|
||||
[Unit]
|
||||
Description=Pod service auto-update service
|
||||
Documentation=man:podman(1)
|
||||
Wants=network.target
|
||||
After=network-online.target
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
ExecStart=/usr/local/sbin/pod-service-auto-update
|
@ -0,0 +1,9 @@
|
||||
[Unit]
|
||||
Description=Pod service auto-update timer
|
||||
|
||||
[Timer]
|
||||
OnCalendar=daily
|
||||
Persistent=true
|
||||
|
||||
[Install]
|
||||
WantedBy=timers.target
|
@ -1,7 +1,7 @@
|
||||
[Unit]
|
||||
Description=Prune dangling podman images
|
||||
Documentation=man:podman-image-prune(1)
|
||||
Before=podman-auto-update.service
|
||||
Before=pod-service-auto-update.service
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
@ -9,4 +9,4 @@ ExecStart=/usr/bin/podman container prune -f
|
||||
ExecStart=/usr/bin/podman image prune -f
|
||||
|
||||
[Install]
|
||||
WantedBy=podman-auto-update.service
|
||||
WantedBy=pod-service-auto-update.service
|
||||
|
@ -0,0 +1,44 @@
|
||||
#!/usr/bin/env python3
|
||||
|
||||
"""This script replaces `podman auto-update`. If a digest in a registry has been updated, `podman
|
||||
pull` may not necessarily pull the image for quite some time. However, `auto-update` will still try
|
||||
every day, but since it doesn't check if the new digest has actually been pulled it will restart the
|
||||
service again and again. This script attempts to solve the problem by explicitly checking the digest
|
||||
after the pull. However, it assumes that there is only service that needs restarting on updates and
|
||||
that its called <username>.service so it is not (yet) a drop-in replacement for `podman
|
||||
auto-update`.
|
||||
|
||||
"""
|
||||
|
||||
import getpass
|
||||
import json
|
||||
import subprocess
|
||||
|
||||
if __name__ == "__main__":
|
||||
out = subprocess.run(["podman", "images", "--format", "json"], capture_output=True, check=True)
|
||||
images = json.loads(out.stdout)
|
||||
|
||||
updated = []
|
||||
for image in images:
|
||||
if not image["Names"]:
|
||||
continue
|
||||
if len(image["Names"]) > 1:
|
||||
raise ValueError(f"Multiple names available for image: {image['Names']}")
|
||||
name = image["Names"][0]
|
||||
|
||||
subprocess.run(["podman", "pull", name], capture_output=True, check=True)
|
||||
|
||||
out = subprocess.run(["podman", "inspect", "--format", "json", name],
|
||||
capture_output=True, check=True)
|
||||
inspect = json.loads(out.stdout)
|
||||
assert inspect
|
||||
if len(inspect) > 1:
|
||||
raise ValueError("Podman inspect returned multiple entries")
|
||||
|
||||
if inspect[0]["Digest"] != image["Digest"]:
|
||||
updated.append(name)
|
||||
|
||||
if updated:
|
||||
print(f"The following images have been updated: {updated}")
|
||||
subprocess.run(["systemctl", "--user", "restart", f"{getpass.getuser()}.service"],
|
||||
check=True)
|
@ -1,16 +1,23 @@
|
||||
- name: Copy systemd auto-update service for user
|
||||
- name: Copy the pod-service update script
|
||||
copy:
|
||||
src: "/usr/lib/systemd/system/podman-auto-update.service"
|
||||
dest: "/etc/systemd/user/podman-auto-update.service"
|
||||
remote_src: yes
|
||||
src: "./filesystem/common/usr/local/sbin/pod-service-auto-update"
|
||||
dest: "/usr/local/sbin/pod-service-auto-update"
|
||||
mode: 0755
|
||||
|
||||
- name: Copy systemd auto-update timer for user
|
||||
- name: Copy the pod-service update service
|
||||
copy:
|
||||
src: "/usr/lib/systemd/system/podman-auto-update.timer"
|
||||
dest: "/etc/systemd/user/podman-auto-update.timer"
|
||||
remote_src: yes
|
||||
src: "./filesystem/common/etc/systemd/user/pod-service-auto-update.service"
|
||||
dest: "/etc/systemd/user/pod-service-auto-update.service"
|
||||
mode: 0644
|
||||
|
||||
- name: Copy the pod-service update timer
|
||||
copy:
|
||||
src: "./filesystem/common/etc/systemd/user/pod-service-auto-update.timer"
|
||||
dest: "/etc/systemd/user/pod-service-auto-update.timer"
|
||||
mode: 0644
|
||||
|
||||
- name: Copy systemd image prune service for user
|
||||
copy:
|
||||
src: "./filesystem/common/etc/systemd/user/podman-image-prune.service"
|
||||
dest: "/etc/systemd/user/podman-image-prune.service"
|
||||
mode: 0644
|
||||
|
@ -105,9 +105,9 @@
|
||||
daemon_reload: true
|
||||
scope: user
|
||||
|
||||
- name: Enable podman auto-update
|
||||
- name: Enable pod-service auto-update
|
||||
systemd:
|
||||
name: podman-auto-update.timer
|
||||
name: pod-service-auto-update.timer
|
||||
enabled: yes
|
||||
state: started
|
||||
scope: user
|
||||
|
Loading…
Reference in New Issue
Block a user