fix check digest
This commit is contained in:
parent
1dc2b2a5b7
commit
7ebba2f488
1 changed files with 43 additions and 67 deletions
110
main.go
110
main.go
|
|
@ -4,29 +4,25 @@ import (
|
|||
"context"
|
||||
"fmt"
|
||||
"log"
|
||||
"os"
|
||||
"regexp"
|
||||
"strings"
|
||||
|
||||
"github.com/docker/docker/api/types/container"
|
||||
"github.com/docker/docker/api/types/image"
|
||||
"github.com/docker/docker/client"
|
||||
"github.com/regclient/regclient"
|
||||
"github.com/regclient/regclient/types/ref"
|
||||
)
|
||||
|
||||
// Zerlegt einen Image-Namen in die Form registry/repo:tag für regclient
|
||||
func parseImageName(imageName string) (string, error) {
|
||||
// Wandelt ein ImageTag in registrykompatibles Format (ggf. registry hinzufügen)
|
||||
func toRegistryImage(imageTag string) (string, error) {
|
||||
r := regexp.MustCompile(`^(?:(?P<registry>[^/]+)/)?(?P<repo>[^:]+)(?::(?P<tag>.+))?$`)
|
||||
match := r.FindStringSubmatch(imageName)
|
||||
match := r.FindStringSubmatch(imageTag)
|
||||
if len(match) == 0 {
|
||||
return "", fmt.Errorf("Fehler beim Parsen des Image-Namens: %s", imageName)
|
||||
return "", fmt.Errorf("Image-Tag nicht erkannt: %s", imageTag)
|
||||
}
|
||||
registry := match[r.SubexpIndex("registry")]
|
||||
repo := match[r.SubexpIndex("repo")]
|
||||
tag := match[r.SubexpIndex("tag")]
|
||||
if repo == "" {
|
||||
return "", fmt.Errorf("Kein Repo erkannt in %s", imageName)
|
||||
}
|
||||
if registry == "" {
|
||||
registry = "registry-1.docker.io"
|
||||
}
|
||||
|
|
@ -36,84 +32,64 @@ func parseImageName(imageName string) (string, error) {
|
|||
return fmt.Sprintf("%s/%s:%s", registry, repo, tag), nil
|
||||
}
|
||||
|
||||
// Digest remote ermitteln (regclient)
|
||||
func getRemoteDigest(ctx context.Context, rc *regclient.RegClient, image string) (string, error) {
|
||||
refObj, err := ref.New(image)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("image-ref ungültig: %w", err)
|
||||
}
|
||||
desc, err := rc.ManifestHead(ctx, refObj)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("Fehler ManifestHead %s: %w", image, err)
|
||||
}
|
||||
return desc.GetDigest().String(), nil
|
||||
}
|
||||
|
||||
// Lokalen Digest via Docker-API holen
|
||||
func getLocalDigestOfImage(ctx context.Context, cli *client.Client, imageName string) (string, error) {
|
||||
images, err := cli.ImageList(ctx, image.ListOptions{All: true})
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
for _, img := range images {
|
||||
for _, t := range img.RepoTags {
|
||||
if t == imageName {
|
||||
if len(img.RepoDigests) > 0 {
|
||||
return img.RepoDigests[0], nil
|
||||
}
|
||||
return img.ID, nil
|
||||
}
|
||||
// Extrahiert nur den reinen sha256:<...>-Digest
|
||||
func extractDigest(s string) string {
|
||||
for _, part := range strings.Split(s, "@") {
|
||||
if strings.HasPrefix(part, "sha256:") {
|
||||
return part
|
||||
}
|
||||
}
|
||||
return "", fmt.Errorf("Image %s nicht lokal gefunden", imageName)
|
||||
return s // ggf. nur die ID, wenn kein Digest
|
||||
}
|
||||
|
||||
func main() {
|
||||
ctx := context.Background()
|
||||
|
||||
cli, err := client.NewClientWithOpts(client.FromEnv)
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
defer cli.Close()
|
||||
|
||||
rc := regclient.New()
|
||||
|
||||
containers, err := cli.ContainerList(ctx, container.ListOptions{All: true})
|
||||
images, err := cli.ImageList(ctx, image.ListOptions{All: true})
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
if len(containers) == 0 {
|
||||
fmt.Println("Keine laufenden Container gefunden")
|
||||
os.Exit(0)
|
||||
}
|
||||
|
||||
for _, ctr := range containers {
|
||||
fmt.Printf("Container: %s %s (status: %s)\n", ctr.ID[:12], ctr.Image, ctr.Status)
|
||||
imageFull, err := parseImageName(ctr.Image)
|
||||
if err != nil {
|
||||
fmt.Printf(" Fehler beim Parsen des Image-Namens: %v\n", err)
|
||||
continue
|
||||
}
|
||||
for _, img := range images {
|
||||
for _, tag := range img.RepoTags {
|
||||
imageRef, err := toRegistryImage(tag)
|
||||
if err != nil {
|
||||
continue
|
||||
}
|
||||
|
||||
localDigest, err := getLocalDigestOfImage(ctx, cli, ctr.Image)
|
||||
if err != nil {
|
||||
fmt.Printf(" Fehler beim lokalen Digest: %v\n", err)
|
||||
continue
|
||||
}
|
||||
// Lokalen Digest extrahieren
|
||||
var localDigest string
|
||||
if len(img.RepoDigests) > 0 {
|
||||
localDigest = extractDigest(img.RepoDigests[0])
|
||||
} else {
|
||||
localDigest = img.ID
|
||||
}
|
||||
|
||||
remoteDigest, err := getRemoteDigest(ctx, rc, imageFull)
|
||||
if err != nil {
|
||||
fmt.Printf(" Fehler beim Remote-Digest: %v\n", err)
|
||||
continue
|
||||
}
|
||||
// Remote-Digest bestimmen
|
||||
refObj, err := ref.New(imageRef)
|
||||
if err != nil {
|
||||
fmt.Printf("ImageRef-Fehler bei %s: %v\n", tag, err)
|
||||
continue
|
||||
}
|
||||
desc, err := rc.ManifestHead(ctx, refObj)
|
||||
if err != nil {
|
||||
fmt.Printf("Manifest nicht gefunden (%s): %v\n", tag, err)
|
||||
continue
|
||||
}
|
||||
remoteDigest := desc.GetDigest().String()
|
||||
|
||||
fmt.Println(" Local Digest: ", localDigest)
|
||||
fmt.Println(" Remote Digest:", remoteDigest)
|
||||
if localDigest == remoteDigest {
|
||||
fmt.Println(" -> Image ist aktuell")
|
||||
} else {
|
||||
fmt.Println(" -> Update verfügbar!\n")
|
||||
fmt.Printf("Image: %s\n Local Digest: %s\n Remote Digest: %s\n", tag, localDigest, remoteDigest)
|
||||
if localDigest == remoteDigest {
|
||||
fmt.Println(" -> Kein Update verfügbar.")
|
||||
} else {
|
||||
fmt.Println(" -> Update verfügbar!")
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue