45 lines
1.7 KiB
Python
45 lines
1.7 KiB
Python
#!/usr/bin/env python3
|
|
|
|
"""This script replaces `podman auto-update`. If a digest in a registry has been updated, `podman
|
|
pull` may not necessarily pull the image for quite some time. However, `auto-update` will still try
|
|
every day, but since it doesn't check if the new digest has actually been pulled it will restart the
|
|
service again and again. This script attempts to solve the problem by explicitly checking the digest
|
|
after the pull. However, it assumes that there is only service that needs restarting on updates and
|
|
that its called <username>.service so it is not (yet) a drop-in replacement for `podman
|
|
auto-update`.
|
|
|
|
"""
|
|
|
|
import getpass
|
|
import json
|
|
import subprocess
|
|
|
|
if __name__ == "__main__":
|
|
out = subprocess.run(["podman", "images", "--format", "json"], capture_output=True, check=True)
|
|
images = json.loads(out.stdout)
|
|
|
|
updated = []
|
|
for image in images:
|
|
if not image["Names"]:
|
|
continue
|
|
if len(image["Names"]) > 1:
|
|
raise ValueError(f"Multiple names available for image: {image['Names']}")
|
|
name = image["Names"][0]
|
|
|
|
subprocess.run(["podman", "pull", name], capture_output=True, check=True)
|
|
|
|
out = subprocess.run(["podman", "inspect", "--format", "json", name],
|
|
capture_output=True, check=True)
|
|
inspect = json.loads(out.stdout)
|
|
assert inspect
|
|
if len(inspect) > 1:
|
|
raise ValueError("Podman inspect returned multiple entries")
|
|
|
|
if inspect[0]["Digest"] != image["Digest"]:
|
|
updated.append(name)
|
|
|
|
if updated:
|
|
print(f"The following images have been updated: {updated}")
|
|
subprocess.run(["systemctl", "--user", "restart", f"{getpass.getuser()}.service"],
|
|
check=True)
|