simono41/image-checker
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix check digest

Browse source
This commit is contained in:
Simon Rieger 2025-07-17 03:04:35 +02:00
parent 1dc2b2a5b7
commit 7ebba2f488
1 changed files with 43 additions and 67 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

110
main.go
View file

@ -4,29 +4,25 @@ import (
"context" "context"
"fmt" "fmt"
"log" "log"
"os"
"regexp" "regexp"
"strings"
"github.com/docker/docker/api/types/container"
"github.com/docker/docker/api/types/image" "github.com/docker/docker/api/types/image"
"github.com/docker/docker/client" "github.com/docker/docker/client"
"github.com/regclient/regclient" "github.com/regclient/regclient"
"github.com/regclient/regclient/types/ref" "github.com/regclient/regclient/types/ref"
) )
// Zerlegt einen Image-Namen in die Form registry/repo:tag für regclient // Wandelt ein ImageTag in registrykompatibles Format (ggf. registry hinzufügen)
func parseImageName(imageName string) (string, error) { func toRegistryImage(imageTag string) (string, error) {
r := regexp.MustCompile(`^(?:(?P<registry>[^/]+)/)?(?P<repo>[^:]+)(?::(?P<tag>.+))?$`) r := regexp.MustCompile(`^(?:(?P<registry>[^/]+)/)?(?P<repo>[^:]+)(?::(?P<tag>.+))?$`)
match := r.FindStringSubmatch(imageName) match := r.FindStringSubmatch(imageTag)
if len(match) == 0 { if len(match) == 0 {
return "", fmt.Errorf("Fehler beim Parsen des Image-Namens: %s", imageName) return "", fmt.Errorf("Image-Tag nicht erkannt: %s", imageTag)
} }
registry := match[r.SubexpIndex("registry")] registry := match[r.SubexpIndex("registry")]
repo := match[r.SubexpIndex("repo")] repo := match[r.SubexpIndex("repo")]
tag := match[r.SubexpIndex("tag")] tag := match[r.SubexpIndex("tag")]
if repo == "" {
return "", fmt.Errorf("Kein Repo erkannt in %s", imageName)
}
if registry == "" { if registry == "" {
registry = "registry-1.docker.io" registry = "registry-1.docker.io"
} }
@ -36,84 +32,64 @@ func parseImageName(imageName string) (string, error) {
return fmt.Sprintf("%s/%s:%s", registry, repo, tag), nil return fmt.Sprintf("%s/%s:%s", registry, repo, tag), nil
} }
// Digest remote ermitteln (regclient) // Extrahiert nur den reinen sha256:<...>-Digest
func getRemoteDigest(ctx context.Context, rc *regclient.RegClient, image string) (string, error) { func extractDigest(s string) string {
refObj, err := ref.New(image) for _, part := range strings.Split(s, "@") {
if err != nil { if strings.HasPrefix(part, "sha256:") {
return "", fmt.Errorf("image-ref ungültig: %w", err) return part
}
desc, err := rc.ManifestHead(ctx, refObj)
if err != nil {
return "", fmt.Errorf("Fehler ManifestHead %s: %w", image, err)
}
return desc.GetDigest().String(), nil
}
// Lokalen Digest via Docker-API holen
func getLocalDigestOfImage(ctx context.Context, cli *client.Client, imageName string) (string, error) {
images, err := cli.ImageList(ctx, image.ListOptions{All: true})
if err != nil {
return "", err
}
for _, img := range images {
for _, t := range img.RepoTags {
if t == imageName {
if len(img.RepoDigests) > 0 {
return img.RepoDigests[0], nil
}
return img.ID, nil
}
} }
} }
return "", fmt.Errorf("Image %s nicht lokal gefunden", imageName) return s // ggf. nur die ID, wenn kein Digest
} }
func main() { func main() {
ctx := context.Background() ctx := context.Background()
cli, err := client.NewClientWithOpts(client.FromEnv) cli, err := client.NewClientWithOpts(client.FromEnv)
if err != nil { if err != nil {
log.Fatal(err) log.Fatal(err)
} }
defer cli.Close() defer cli.Close()
rc := regclient.New() rc := regclient.New()
containers, err := cli.ContainerList(ctx, container.ListOptions{All: true}) images, err := cli.ImageList(ctx, image.ListOptions{All: true})
if err != nil { if err != nil {
log.Fatal(err) log.Fatal(err)
} }
if len(containers) == 0 {
fmt.Println("Keine laufenden Container gefunden")
os.Exit(0)
}
for _, ctr := range containers { for _, img := range images {
fmt.Printf("Container: %s %s (status: %s)\n", ctr.ID[:12], ctr.Image, ctr.Status) for _, tag := range img.RepoTags {
imageFull, err := parseImageName(ctr.Image) imageRef, err := toRegistryImage(tag)
if err != nil { if err != nil {
fmt.Printf(" Fehler beim Parsen des Image-Namens: %v\n", err) continue
continue }
}
localDigest, err := getLocalDigestOfImage(ctx, cli, ctr.Image) // Lokalen Digest extrahieren
if err != nil { var localDigest string
fmt.Printf(" Fehler beim lokalen Digest: %v\n", err) if len(img.RepoDigests) > 0 {
continue localDigest = extractDigest(img.RepoDigests[0])
} } else {
localDigest = img.ID
}
remoteDigest, err := getRemoteDigest(ctx, rc, imageFull) // Remote-Digest bestimmen
if err != nil { refObj, err := ref.New(imageRef)
fmt.Printf(" Fehler beim Remote-Digest: %v\n", err) if err != nil {
continue fmt.Printf("ImageRef-Fehler bei %s: %v\n", tag, err)
} continue
}
desc, err := rc.ManifestHead(ctx, refObj)
if err != nil {
fmt.Printf("Manifest nicht gefunden (%s): %v\n", tag, err)
continue
}
remoteDigest := desc.GetDigest().String()
fmt.Println(" Local Digest: ", localDigest) fmt.Printf("Image: %s\n Local Digest: %s\n Remote Digest: %s\n", tag, localDigest, remoteDigest)
fmt.Println(" Remote Digest:", remoteDigest) if localDigest == remoteDigest {
if localDigest == remoteDigest { fmt.Println(" -> Kein Update verfügbar.")
fmt.Println(" -> Image ist aktuell") } else {
} else { fmt.Println(" -> Update verfügbar!")
fmt.Println(" -> Update verfügbar!\n") }
} }
} }
} }