mirrors/diun
1
0
Fork 0
mirror of https://github.com/crazy-max/diun.git synced 2025-12-29 22:41:17 +01:00
Code Issues Packages Projects Releases Wiki Activity

Docs website with mkdocs (#100)

Browse Source 
* Fix build workflow

* Docs website with mkdocs (#99)

* Fix docs workflow

* Move mkdocs Docker file

* Ignore docs in build workflow

* Update workflows

* Update links

* Move upgrade notes to documentation

Co-authored-by: CrazyMax <crazy-max@users.noreply.github.com>
This commit is contained in:
CrazyMax
2020-06-19 22:47:17 +00:00
committed by GitHub
parent b5c584eca1
commit db2bce3bb3
77 changed files with 1695 additions and 924 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
docs/assets/favicon.ico Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 34 KiB

BIN
docs/assets/logo.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 77 KiB

BIN
docs/assets/meta/apple-touch-icon-114x114.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 15 KiB

BIN
docs/assets/meta/apple-touch-icon-120x120.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 12 KiB

BIN
docs/assets/meta/apple-touch-icon-144x144.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 20 KiB

BIN
docs/assets/meta/apple-touch-icon-152x152.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 25 KiB

BIN
docs/assets/meta/apple-touch-icon-57x57.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 5.1 KiB

BIN
docs/assets/meta/apple-touch-icon-60x60.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 4.8 KiB

BIN
docs/assets/meta/apple-touch-icon-72x72.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 6.7 KiB

BIN
docs/assets/meta/apple-touch-icon-76x76.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 8.1 KiB

BIN
docs/assets/meta/card.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 33 KiB

BIN
docs/assets/meta/favicon-128.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 16 KiB

BIN
docs/assets/meta/favicon-16x16.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 862 B

BIN
docs/assets/meta/favicon-196x196.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 41 KiB

BIN
docs/assets/meta/favicon-32x32.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.1 KiB

BIN
docs/assets/meta/favicon-96x96.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 9.8 KiB

BIN
docs/assets/meta/mstile-144x144.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 20 KiB

BIN
docs/assets/meta/mstile-150x150.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 56 KiB

BIN
docs/assets/meta/mstile-310x150.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 152 KiB

BIN
docs/assets/meta/mstile-310x310.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 265 KiB

BIN
docs/assets/meta/mstile-70x70.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 16 KiB

BIN
docs/assets/notif/gotify.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 10 KiB

BIN
docs/assets/notif/mail.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 21 KiB

BIN
docs/assets/notif/rocketchat.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 11 KiB

BIN
docs/assets/notif/slack.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 13 KiB

BIN
docs/assets/notif/teams.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 18 KiB

BIN
docs/assets/notif/telegram.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.0 KiB

15
docs/config/db.md Normal file
View File

@@ -0,0 +1,15 @@
# Database configuration
## `path`
Path to Bolt database file where images manifests are stored. (default `diun.db`)
!!! example "Config file"
```yaml
db:
path:
token: diun.db
```
!!! abstract "Environment variables"
* `DIUN_DB_PATH`

118
docs/config/index.md Normal file
View File

@@ -0,0 +1,118 @@
# Configuration
## Overview
There are two different ways to define configuration in Diun:
* In a [configuration file](#configuration-file)
* As environment variables
These ways are evaluated in the order listed above.
If no value was provided for a given option, a default value applies. Moreover, if an option has sub-options, and any of these sub-options is not specified, a default value will apply as well.
For example, the `DIUN_PROVIDERS_DOCKER` environment variable is enough by itself to enable the docker provider, even though sub-options like `DIUN_PROVIDERS_DOCKER_ENDPOINT` exist. Once positioned, this option sets (and resets) all the default values of the sub-options of `DIUN_PROVIDERS_DOCKER`.
## Configuration file
You can define a configuration file through the option `--config` with the following content:
```yaml
db:
path: diun.db
watch:
workers: 10
schedule: "0 * * * *"
firstCheckNotif: false
notif:
amqp:
host: localhost
port: 5672
username: guest
password: guest
queue: queue
gotify:
endpoint: http://gotify.foo.com
token: Token123456
priority: 1
timeout: 10s
mail:
host: localhost
port: 25
ssl: false
insecureSkipVerify: false
from: diun@example.com
to: webmaster@example.com
rocketchat:
endpoint: http://rocket.foo.com:3000
channel: "#general"
userID: abcdEFGH012345678
token: Token123456
timeout: 10s
script:
cmd: "myprogram"
args:
- "--anarg"
- "another"
slack:
webhookURL: https://hooks.slack.com/services/ABCD12EFG/HIJK34LMN/01234567890abcdefghij
teams:
webhookURL: https://outlook.office.com/webhook/ABCD12EFG/HIJK34LMN/01234567890abcdefghij
telegram:
token: aabbccdd:11223344
chatIDs:
- 123456789
- 987654321
webhook:
endpoint: http://webhook.foo.com/sd54qad89azd5a
method: GET
headers:
content-type: application/json
authorization: Token123456
timeout: 10s
regopts:
someregistryoptions:
username: foo
password: bar
timeout: 20s
onemore:
username: foo2
password: bar2
insecureTLS: true
providers:
docker:
watchStopped: true
swarm:
watchByDefault: true
kubernetes:
namespaces:
- default
- production
file:
directory: ./imagesdir
```
## Reference
* [db](db.md)
* [watch](watch.md)
* notif
* [amqp](../notif/amqp.md)
* [gotify](../notif/amqp.md)
* [mail](../notif/amqp.md)
* [rocketchat](../notif/amqp.md)
* [script](../notif/amqp.md)
* [slack](../notif/amqp.md)
* [teams](../notif/amqp.md)
* [telegram](../notif/amqp.md)
* [webhook](../notif/amqp.md)
* [regopts](regopts.md)
* providers
* [docker](../providers/docker.md)
* [file](../providers/file.md)
* [kubernetes](../providers/kubernetes.md)
* [swarm](../providers/swarm.md)

11
docs/config/notif.md Normal file
View File

@@ -0,0 +1,11 @@
# Notifications configuration
* [`amqp`](../notif/amqp.md)
* [`gotify`](../notif/gotify.md)
* [`mail`](../notif/mail.md)
* [`rocketchat`](../notif/rocketchat.md)
* [`script`](../notif/script.md)
* [`slack`](../notif/slack.md)
* [`teams`](../notif/teams.md)
* [`telegram`](../notif/telegram.md)
* [`webhook`](../notif/webhook.md)

6
docs/config/providers.md Normal file
View File

@@ -0,0 +1,6 @@
# Providers configuration
* [`docker`](../providers/docker.md)
* [`file`](../providers/file.md)
* [`kubernetes`](../providers/kubernetes.md)
* [`swarm`](../providers/swarm.md)

87
docs/config/regopts.md Normal file
View File

@@ -0,0 +1,87 @@
# Registries options configuration
## `username`
Registry username.
!!! example "Config file"
```yaml
regopts:
<name>:
username: foo
```
!!! abstract "Environment variables"
* `DIUN_REGOPTS_<NAME>_USERNAME`
## `usernameFile`
Use content of secret file as registry username if `username` not defined.
!!! example "Config file"
```yaml
regopts:
<name>:
usernameFile: /run/secrets/username
```
!!! abstract "Environment variables"
* `DIUN_REGOPTS_<NAME>_USERNAMEFILE`
## `password`
Registry password.
!!! example "Config file"
```yaml
regopts:
<name>:
username: foo
password: bar
```
!!! abstract "Environment variables"
* `DIUN_REGOPTS_<NAME>_PASSWORD`
## `passwordFile`
Use content of secret file as registry password if `password` not defined.
!!! example "Config file"
```yaml
regopts:
<name>:
usernameFile: /run/secrets/username
usernameFile: /run/secrets/password
```
!!! abstract "Environment variables"
* `DIUN_REGOPTS_<NAME>_PASSWORDFILE`
## `timeout`
Timeout is the maximum amount of time for the TCP connection to establish. (default `10s`)
!!! example "Config file"
```yaml
regopts:
<name>:
timeout: 10s
```
!!! abstract "Environment variables"
* `DIUN_REGOPTS_<NAME>_TIMEOUT`
## `insecureTLS`
Allow contacting docker registry over HTTP, or HTTPS with failed TLS verification. (default `false`)
!!! example "Config file"
```yaml
regopts:
<name>:
insecureTLS: false
```
!!! abstract "Environment variables"
* `DIUN_REGOPTS_<NAME>_INSECURETLS`

40
docs/config/watch.md Normal file
View File

@@ -0,0 +1,40 @@
# Watch configuration
## `workers`
Maximum number of workers that will execute tasks concurrently. (default `10`)
!!! example "Config file"
```yaml
watch:
workers: 10
```
!!! abstract "Environment variables"
* `DIUN_WATCH_WORKERS`
## `schedule`
[CRON expression](https://godoc.org/github.com/robfig/cron#hdr-CRON_Expression_Format) to schedule Diun watcher. (default `0 * * * *`)
!!! example "Config file"
```yaml
watch:
schedule: "0 * * * *"
```
!!! abstract "Environment variables"
* `DIUN_WATCH_SCHEDULE`
## `firstCheckNotif`
Send notification at the very first analysis of an image. (default `false`)
!!! example "Config file"
```yaml
watch:
firstCheckNotif: false
```
!!! abstract "Environment variables"
* `DIUN_WATCH_FIRSTCHECKNOTIF`

29
docs/contributing.md Normal file
View File

@@ -0,0 +1,29 @@
# Contributing
Hi there! I'm thrilled that you'd like to contribute to this project. Your help is essential for keeping it great.
Contributions to this project are [released](https://help.github.com/articles/github-terms-of-service/#6-contributions-under-repository-license) to the public under the [project's open source license]({{ config.repo_url }}/blob/master/LICENSE).
## Submitting a pull request
1. [Fork]({{ config.repo_url }}fork) and clone the repository
2. Configure and install the dependencies: `go mod download`
3. Create a new branch: `git checkout -b my-branch-name`
4. Make your changes
5. Test your code: `go test -covermode=atomic ./...`
6. Build with [GoReleaser](https://goreleaser.com/): `goreleaser release --skip-publish --skip-validate`
7. Push to your fork and [submit a pull request]({{ config.repo_url }}compare)
8. Pat your self on the back and wait for your pull request to be reviewed and merged.
Here are a few things you can do that will increase the likelihood of your pull request being accepted:
* Make sure the `README.md` and any other relevant **documentation are kept up-to-date**.
* I try to follow [SemVer v2.0.0](https://semver.org/). Randomly breaking public APIs is not an option.
* Keep your change as focused as possible. If there are multiple changes you would like to make that are not dependent upon each other, consider submitting them as **separate pull requests**.
* Write a [good commit message](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html).
## Resources
* [How to Contribute to Open Source](https://opensource.guide/how-to-contribute/)
* [Using Pull Requests](https://help.github.com/articles/about-pull-requests/)
* [GitHub Help](https://help.github.com)

3
docs/css/extra.css Normal file
View File

@@ -0,0 +1,3 @@
.md-typeset__table code {
word-break: normal;
}

5
docs/donate.md Normal file
View File

@@ -0,0 +1,5 @@
**Diun** :bell: is free and open source and always will be.
All kinds of contributions are welcome! The most basic way to show your support is to [star the project]({{ config.repo_rul }}), or to raise issues.
You can also support this project by [**becoming a sponsor on GitHub**](https://github.com/sponsors/crazy-max) or by making a [Paypal donation](https://www.paypal.me/crazyws) to ensure this journey continues indefinitely!

63
docs/faq.md Normal file
View File

@@ -0,0 +1,63 @@
# FAQ
## Test notifications
Through the [command line](get-started.md#diun-cli) with:
```shell
$ diun --config ./diun.yml --test-notif
```
Or within a container:
```shell
$ docker-compose exec diun --test-notif
```
## field docker|swarm uses unsupported type: invalid
If you have the error `failed to decode configuration from file: field docker uses unsupported type: invalid` that's because your `docker`, `swarm` or `kubernetes` provider is not initialized in your configuration:
```yaml
providers:
docker:
```
should be:
```yaml
providers:
docker: {}
```
## No image found in manifest list for architecture, variant, OS
If you encounter this kind of error, you are probably using the [file provider](providers/file.md) containing an image with an erroneous or empty platform. If the platform is not filled in, it will be deduced automatically from the information of your operating system on which Diun is running.
In the example below, Diun is running (`diun_x.x.x_windows_i386.zip`) on Windows 10 and tries to analyze the `crazymax/cloudflared` image with the detected platform (`windows/386)`:
```yaml
- name: crazymax/cloudflared:2020.2.1
watch_repo: true
```
But this platform is not supported by this image as you can see [on DockerHub](https://hub.docker.com/layers/crazymax/cloudflared/2020.2.1/images/sha256-137eea4e84ec4c6cb5ceb2017b9788dcd7b04f135d756e1f37e3e6673c0dd9d2?context=explore):
```
Fri, 27 Mar 2020 01:20:03 UTC ERR Cannot run job error="Error choosing image instance: no image found in manifest list for architecture 386, variant , OS windows" provider=file
Fri, 27 Mar 2020 01:20:03 UTC ERR Cannot list tags from registry error="Error choosing image instance: no image found in manifest list for architecture 386, variant , OS windows" image=crazymax/cloudflared:2020.2.1 provider=file
```
You have to force the platform for this image if you are not on a supported platform. For example:
```yaml
- name: crazymax/cloudflared:2020.2.1
watch_repo: true
platform:
os: linux
arch: amd64
```
```
Fri, 27 Mar 2020 01:24:33 UTC INF New image found image=docker.io/crazymax/cloudflared:2020.2.1 provider=file
```

119
docs/get-started.md Normal file
View File

@@ -0,0 +1,119 @@
## What is Diun?
**D**ocker **I**mage **U**pdate **N**otifier is a CLI application written in [Go](https://golang.org/) and delivered as a
[single executable](https://github.com/crazy-max/diun/releases/latest) (and a [Docker image](install/docker.md))
to receive notifications when a Docker image is updated on a Docker registry.
## Purpose
The goal of this project is to provide the easiest, fastest, and most painless way of setting up a self-hosted service to handle this.
With Go, this can be done with an independent binary distribution across all platforms and architectures that Go supports.
This support includes Linux, macOS, and Windows, on architectures like amd64, i386, ARM, PowerPC, and others.
## Features
* Allow to watch a Docker repository and report new tags
* Include and exclude filters with regular expression for tags
* Internal cron implementation through go routines
* Worker pool to parallelize analyses
* Allow overriding image os and architecture
* [Docker](providers/docker.md), [Swarm](providers/swarm.md), [Kubernetes](providers/kubernetes.md)
and [File](providers/file.md) providers available
* Get notified through Gotify, Mail, Slack, Telegram and [more](config/index.md#reference)
* Enhanced logging
* Timezone can be changed
* Official [Docker image available](install/docker.md)
## Diun CLI
```
$ ./diun --help
Usage: diun
Docker image update notifier. More info: https://github.com/crazy-max/diun
Flags:
--help Show context-sensitive help.
--version
--config=STRING Diun configuration file ($CONFIG).
--timezone="UTC" Timezone assigned to Diun ($TZ).
--log-level="info" Set log level ($LOG_LEVEL).
--log-json Enable JSON logging output ($LOG_JSON).
--log-caller Add file:line of the caller to log output ($LOG_CALLER).
--test-notif Test notification settings.
```
Following environment variables can be used in place of flags:
| Name | Default | Description |
|--------------------|---------------|---------------|
| `CONFIG` | | Diun configuration file |
| `TZ` | `UTC` | Timezone assigned |
| `LOG_LEVEL` | `info` | Log level output |
| `LOG_JSON` | `false` | Enable JSON logging output |
| `LOG_CALLER` | `false` | Enable to add `file:line` of the caller |
## Run with the Docker provider
Create a `docker-compose.yml` file that uses the official Diun image:
```yaml
version: "3.5"
services:
diun:
image: crazymax/diun:latest
volumes:
- "./data:/data"
- "/var/run/docker.sock:/var/run/docker.sock"
environment:
- "TZ=Europe/Paris"
- "LOG_LEVEL=info"
- "LOG_JSON=false"
- "DIUN_WATCH_WORKERS=20"
- "DIUN_WATCH_SCHEDULE=*/30 * * * *"
- "DIUN_PROVIDERS_DOCKER=true"
- "DIUN_PROVIDERS_DOCKER_WATCHBYDEFAULT=true"
restart: always
```
Here we use a minimal configuration to analyze **all running containers** (watch by default enabled) of your **local Docker** instance **every 30 minutes**.
That's it. Now you can launch Diun with the following command:
```shell
$ docker-compose up -d
```
If you prefer to rely on the configuration file instead of environment variables:
```yaml
version: "3.5"
services:
diun:
image: crazymax/diun:latest
volumes:
- "./data:/data"
- "./diun.yml:/diun.yml:ro"
- "/var/run/docker.sock:/var/run/docker.sock"
environment:
- "CONFIG=/diun.yml"
- "TZ=Europe/Paris"
- "LOG_LEVEL=info"
- "LOG_JSON=false"
restart: always
```
```yaml
# ./diun.yml
watch:
workers: 20
schedule: "*/30 * * * *"
firstCheckNotif: false
providers:
docker:
watchByDefault: true
```

4
docs/index.md Normal file
View File

@@ -0,0 +1,4 @@
---
template: home.html
title: Diun
---

89
docs/install/binary.md Normal file
View File

@@ -0,0 +1,89 @@
# Installation from binary
## Download
Diun binaries are available on [releases]({{ config.repo_url }}releases) page.
Choose the archive matching the destination platform:
* [diun_{{ app.version }}_darwin_i386.tar.gz]({{ config.repo_url }}releases/download/v{{ app.version }}/diun_{{ app.version }}_darwin_i386.tar.gz)
* [diun_{{ app.version }}_darwin_x86_64.tar.gz]({{ config.repo_url }}/releases/download/v{{ app.version }}/diun_{{ app.version }}_darwin_x86_64.tar.gz)
* [diun_{{ app.version }}_freebsd_i386.tar.gz]({{ config.repo_url }}/releases/download/v{{ app.version }}/diun_{{ app.version }}_freebsd_i386.tar.gz)
* [diun_{{ app.version }}_freebsd_x86_64.tar.gz]({{ config.repo_url }}/releases/download/v{{ app.version }}/diun_{{ app.version }}_freebsd_x86_64.tar.gz)
* [diun_{{ app.version }}_linux_arm64.tar.gz]({{ config.repo_url }}/releases/download/v{{ app.version }}/diun_{{ app.version }}_linux_arm64.tar.gz)
* [diun_{{ app.version }}_linux_armv6.tar.gz]({{ config.repo_url }}/releases/download/v{{ app.version }}/diun_{{ app.version }}_linux_armv6.tar.gz)
* [diun_{{ app.version }}_linux_armv7.tar.gz]({{ config.repo_url }}/releases/download/v{{ app.version }}/diun_{{ app.version }}_linux_armv7.tar.gz)
* [diun_{{ app.version }}_linux_i386.tar.gz]({{ config.repo_url }}/releases/download/v{{ app.version }}/diun_{{ app.version }}_linux_i386.tar.gz)
* [diun_{{ app.version }}_linux_x86_64.tar.gz]({{ config.repo_url }}/releases/download/v{{ app.version }}/diun_{{ app.version }}_linux_x86_64.tar.gz)
* [diun_{{ app.version }}_windows_i386.zip]({{ config.repo_url }}/releases/download/v{{ app.version }}/diun_{{ app.version }}_windows_i386.zip)
* [diun_{{ app.version }}_windows_x86_64.zip]({{ config.repo_url }}/releases/download/v{{ app.version }}/diun_{{ app.version }}_windows_x86_64.zip)
And extract diun:
```shell
$ wget -qO- {{ config.repo_url }}releases/download/v{{ app.version }}/diun_{{ app.version }}_linux_x86_64.tar.gz | tar -zxvf - diun
```
After getting the binary, it can be tested with [`./diun --help`](../get-started.md#diun-cli) command and moved to a permanent location.
## Server configuration
Steps below are the recommended server configuration.
### Prepare environment
Create user to run diun (ex. `diun`)
```shell
$ groupadd diun
$ useradd -s /bin/false -d /bin/null -g diun diun
```
### Create required directory structure
```shell
$ mkdir -p /var/lib/diun
$ chown diun:diun /var/lib/diun/
$ chmod -R 750 /var/lib/diun/
$ mkdir /etc/diun
$ chown diun:diun /etc/diun
$ chmod 770 /etc/diun
```
### Configuration
Create your first [configuration](../config/index.md) file in `/etc/diun/diun.yml` and type:
```shell
$ chown diun:diun /etc/diun/diun.yml
$ chmod 644 /etc/diun/diun.yml
```
!!! note
Not required if you want to only rely on environment variables
### Copy binary to global location
```shell
$ cp diun /usr/local/bin/diun
```
## Running Diun
After the above steps, two options to run Diun:
### 1. Creating a service file (recommended)
See how to create [Linux service](linux-service.md) to start Diun automatically.
### 2. Running from terminal
```shell
$ DIUN_DB_PATH=/var/lib/diun/diun.db /usr/local/bin/diun --config /etc/diun/diun.yml
```
## Updating to a new version
You can update to a new version of Diun by stopping it, replacing the binary at `/usr/local/bin/diun` and restarting the instance.
If you have carried out the installation steps as described above, the binary should have the generic name `diun`. Do not change this, i.e. to include the version number.

85
docs/install/docker.md Normal file
View File

@@ -0,0 +1,85 @@
# Installation with Docker
Diun provides automatically updated Docker :whale: images within [Docker Hub](https://hub.docker.com/r/crazymax/diun).
It is possible to always use the latest stable tag or to use another service that handles updating Docker images.
Following platforms for this image are available:
```shell
$ docker run --rm mplatform/mquery crazymax/diun:latest
Image: crazymax/diun:latest
* Manifest List: Yes
* Supported platforms:
- linux/amd64
- linux/arm/v6
- linux/arm/v7
- linux/arm64
- linux/386
- linux/ppc64le
- linux/s390x
```
## Volumes
| Path | Description |
|--------------------|---------------|
| `/data` | Contains bbolt database which retains Docker images manifests |
## Usage
Docker compose is the recommended way to run this image. Copy the following `docker-compose.yml` in `/opt/diun/` on your host for example:
```yaml
version: "3.5"
services:
diun:
image: crazymax/diun:latest
container_name: diun
volumes:
- "./data:/data"
- "/var/run/docker.sock:/var/run/docker.sock"
environment:
- "TZ=Europe/Paris"
- "LOG_LEVEL=info"
- "LOG_JSON=false"
- "DIUN_WATCH_WORKERS=20"
- "DIUN_WATCH_SCHEDULE=*/30 * * * *"
- "DIUN_PROVIDERS_DOCKER=true"
labels:
- "diun.enable=true"
- "diun.watch_repo=true"
restart: always
```
Edit this example with your preferences and run the following commands to bring up Diun:
```shell
$ docker-compose up -d
$ docker-compose logs -f
```
Or use the following command:
```shell
$ docker run -d --name diun \
-e "TZ=Europe/Paris" \
-e "LOG_LEVEL=info" \
-e "LOG_JSON=false" \
-e "DIUN_WATCH_WORKERS=20" \
-e "DIUN_WATCH_SCHEDULE=*/30 * * * *" \
-e "DIUN_PROVIDERS_DOCKER=true" \
-e "DIUN_PROVIDERS_DOCKER_WATCHSTOPPED=true" \
-v "$(pwd)/data:/data" \
-v "/var/run/docker.sock:/var/run/docker.sock" \
-l "diun.enable=true" \
-l "diun.watch_repo=true" \
crazymax/diun:latest
```
To upgrade your installation to the latest release:
```shell
$ docker-compose pull
$ docker-compose up -d
```

43
docs/install/linux-service.md Normal file
View File

@@ -0,0 +1,43 @@
# Run as service on Debian based distro
## Using systemd
!!! warning
Make sure to follow the instructions to [install from binary](binary.md) before.
To create a new service, paste this content in `/etc/systemd/system/diun.service`:
```
[Unit]
Description=Diun
Documentation={{ config.site_url }}
After=syslog.target
After=network.target
[Service]
RestartSec=2s
Type=simple
User=diun
Group=diun
ExecStart=/usr/local/bin/diun --config /etc/diun/diun.yml --log-level info
Restart=always
Environment=DIUN_DB_PATH=/var/lib/diun/diun.db
[Install]
WantedBy=multi-user.target
```
Change the user, group, and other required startup values following your needs.
Enable and start Diun at boot:
```shell
$ sudo systemctl enable diun
$ sudo systemctl start diun
```
To view logs:
```shell
$ journalctl -fu diun.service
```

43
docs/migration/v0-to-v1.md Normal file
View File

@@ -0,0 +1,43 @@
# Diun v0 to v1
Some fields in configuration file has been changed:
* `registries` renamed `regopts`
* `items` renamed `image`
* `items[].image` renamed `image[].name`
* `items[].registry_id` renamed `image[].regopts_id`
* `watch.os` and `watch.arch` moved to `image[].os` and `image[].arch`
!!! example "v0"
```yaml
watch:
os: linux
arch: amd64
registries:
someregistryoptions:
username: foo
password: bar
timeout: 20
items:
- image: docker.io/crazymax/nextcloud:latest
registry_id: someregistryoptions
```
!!! example "v1"
```yaml
watch:
os: linux
arch: amd64
registries:
someregistryoptions:
username: foo
password: bar
timeout: 20
items:
- image: docker.io/crazymax/nextcloud:latest
registry_id: someregistryoptions
```

20
docs/migration/v1-to-v2.md Normal file
View File

@@ -0,0 +1,20 @@
# Diun v1 to v2
`image` field has been moved to `providers.static` in configuration file:
!!! example "v1"
```yaml
image:
- name: docker.io/crazymax/diun
watch_repo: true
max_tags: 10
```
!!! example "v2"
```yaml
providers:
static:
- name: docker.io/crazymax/diun
watch_repo: true
max_tags: 10
```

83
docs/migration/v2-to-v3.md Normal file
View File

@@ -0,0 +1,83 @@
# Diun v2 to v3
## File provider
`static` provider has been renamed `file`. This now allows the static configuration to be declared in one or more files to avoid overloading the current configuration file and also dynamic updating.
!!! example "v2"
```yaml
providers:
static:
- name: docker.io/crazymax/diun
watch_repo: true
max_tags: 10
```
!!! example "v3"
```yaml
providers:
file:
# Watch images from filename /path/to/config.yml
filename: /path/to/config.yml
# OR watch images from directory /path/to/config/folder
directory: /path/to/config/folder
```
```yaml
# /path/to/config.yml
- name: docker.io/crazymax/diun
watch_repo: true
max_tags: 10
```
## Allow only one Docker and Swarm provider
Now you can declare only one Docker and/or Swarm provider. This is due to a limitation of the Docker engine.
!!! example "v2"
```yaml
providers:
docker:
mydocker:
watch_stopped: true
swarm:
myswarm:
watch_by_default: true
```
!!! example "v3"
```yaml
providers:
docker:
watch_stopped: true
swarm:
watch_by_default: true
```
## Remove `enable` setting for notifiers
The `enable` entry has been removed for notifiers. If you don't want a notifier to be enabled, you must now remove or comment its configuration.
!!! example "v2"
```yaml
notif:
amqp:
enable: false
host: localhost
port: 5672
gotify:
enable: true
endpoint: http://gotify.foo.com
token: Token123456
priority: 1
timeout: 10
```
!!! example "v3"
```yaml
notif:
gotify:
endpoint: http://gotify.foo.com
token: Token123456
priority: 1
timeout: 10
```

57
docs/notif/amqp.md Normal file
View File

@@ -0,0 +1,57 @@
# Amqp notifications
You can send notifications to any amqp compatible server with the following settings.
## Configuration
!!! example "File"
```yaml
notif:
amqp:
host: localhost
port: 5672
username: guest
password: guest
queue: queue
```
!!! abstract "Environment variables"
* `DIUN_NOTIF_AMQP_HOST`
* `DIUN_NOTIF_AMQP_EXCHANGE`
* `DIUN_NOTIF_AMQP_PORT`
* `DIUN_NOTIF_AMQP_USERNAME`
* `DIUN_NOTIF_AMQP_USERNAMEFILE`
* `DIUN_NOTIF_AMQP_PASSWORD`
* `DIUN_NOTIF_AMQP_PASSWORDFILE`
* `DIUN_NOTIF_AMQP_QUEUE`
| Name | Default | Description |
|--------------------|---------------|---------------|
| `host`[^1] | `localhost` | AMQP server host |
| `port`[^1] | `5672` | AMQP server port |
| `username` | | AMQP username |
| `usernameFile` | | Use content of secret file as AMQP username if `username` not defined |
| `password` | | AMQP password |
| `passwordFile` | | Use content of secret file as AMQP password if `password` not defined |
| `exchange` | | Name of the exchange the message will be sent to |
| `queue`[^1] | | Name of the queue the message will be sent to |
## Sample
The JSON response will look like this:
```json
{
"diun_version": "0.3.0",
"status": "new",
"provider": "file",
"image": "docker.io/crazymax/swarm-cronjob:0.2.1",
"hub_link": "https://hub.docker.com/r/crazymax/swarm-cronjob",
"mime_type": "application/vnd.docker.distribution.manifest.v2+json",
"digest": "sha256:5913d4b5e8dc15430c2f47f40e43ab2ca7f2b8df5eee5db4d5c42311e08dfb79",
"created": "2019-01-24T10:26:49.152006005Z",
"platform": "linux/amd64"
}
```
[^1]: Value required

34
docs/notif/gotify.md Normal file
View File

@@ -0,0 +1,34 @@
# Amqp notifications
Notifications can be sent using a [Gotify](https://gotify.net/) instance.
## Configuration
!!! example "File"
```yaml
notif:
gotify:
endpoint: http://gotify.foo.com
token: Token123456
priority: 1
timeout: 10s
```
!!! abstract "Environment variables"
* `DIUN_NOTIF_GOTIFY_ENDPOINT`
* `DIUN_NOTIF_GOTIFY_TOKEN`
* `DIUN_NOTIF_GOTIFY_PRIORITY`
* `DIUN_NOTIF_GOTIFY_TIMEOUT`
| Name | Default | Description |
|--------------------|---------------|---------------|
| `endpoint`[^1] | | Gotify base URL |
| `token`[^1] | | Application token |
| `priority` | `1` | The priority of the message |
| `timeout` | `10s` | Timeout specifies a time limit for the request to be made |
## Sample
![](../assets/notif/gotify.png)
[^1]: Value required

48
docs/notif/mail.md Normal file
View File

@@ -0,0 +1,48 @@
# Mail notifications
Notifications can be sent through SMTP.
## Configuration
!!! example "File"
```yaml
notif:
mail:
host: localhost
port: 25
ssl: false
insecureSkipVerify: false
from: diun@example.com
to: webmaster@example.com
```
| Name | Default | Description |
|-----------------------|---------------|---------------|
| `host`[^1] | `localhost` | SMTP server host |
| `port`[^1] | `25` | SMTP server port |
| `ssl` | `false` | SSL defines whether an SSL connection is used. Should be false in most cases since the auth mechanism should use STARTTLS |
| `insecureSkipVerify` | `false` | Controls whether a client verifies the server's certificate chain and hostname |
| `username` | | SMTP username |
| `usernameFile` | | Use content of secret file as SMTP username if `username` not defined |
| `password` | | SMTP password |
| `passwordFile` | | Use content of secret file as SMTP password if `password` not defined |
| `from`[^1] | | Sender email address |
| `to`[^1] | | Recipient email address |
!!! abstract "Environment variables"
* `DIUN_NOTIF_MAIL_HOST`
* `DIUN_NOTIF_MAIL_PORT`
* `DIUN_NOTIF_MAIL_SSL`
* `DIUN_NOTIF_MAIL_INSECURESKIPVERIFY`
* `DIUN_NOTIF_MAIL_USERNAME`
* `DIUN_NOTIF_MAIL_USERNAMEFILE`
* `DIUN_NOTIF_MAIL_PASSWORD`
* `DIUN_NOTIF_MAIL_PASSWORDFILE`
* `DIUN_NOTIF_MAIL_FROM`
* `DIUN_NOTIF_MAIL_TO`
## Sample
![](../assets/notif/mail.png)
[^1]: Value required

40
docs/notif/rocketchat.md Normal file
View File

@@ -0,0 +1,40 @@
# Rocket.Chat notifications
Allow to send notifications to your Rocket.Chat channel.
## Configuration
!!! example "File"
```yaml
notif:
rocketchat:
endpoint: http://rocket.foo.com:3000
channel: "#general"
userID: abcdEFGH012345678
token: Token123456
timeout: 10s
```
!!! abstract "Environment variables"
* `DIUN_NOTIF_ROCKETCHAT_ENDPOINT`
* `DIUN_NOTIF_ROCKETCHAT_CHANNEL`
* `DIUN_NOTIF_ROCKETCHAT_USERID`
* `DIUN_NOTIF_ROCKETCHAT_TOKEN`
* `DIUN_NOTIF_ROCKETCHAT_TIMEOUT`
| Name | Default | Description |
|--------------------|---------------|---------------|
| `endpoint`[^1] | | Rocket.Chat base URL |
| `channel`[^1] | | Channel name with the prefix in front of it |
| `userID`[^1] | | User ID |
| `token`[^1] | | Authentication token |
| `timeout` | `10s` | Timeout specifies a time limit for the request to be made |
!!! warning
You must first create a _Personal Access Token_ through your account settings on your Rocket.Chat instance.
## Sample
![](../assets/notif/rocketchat.png)
[^1]: Value required

40
docs/notif/script.md Normal file
View File

@@ -0,0 +1,40 @@
# Script notifications
You can call a script when a notification occured. Following environment variables will be passed:
```
DIUN_VERSION=3.0.0
DIUN_ENTRY_STATUS=new
DIUN_ENTRY_PROVIDER=file
DIUN_ENTRY_IMAGE=docker.io/crazymax/diun:latest
DIUN_ENTRY_HUBLINK=https://hub.docker.com/r/crazymax/diun
DIUN_ENTRY_MIMETYPE=application/vnd.docker.distribution.manifest.list.v2+json
DIUN_ENTRY_DIGEST=sha256:216e3ae7de4ca8b553eb11ef7abda00651e79e537e85c46108284e5e91673e01
DIUN_ENTRY_CREATED=2020-03-26 12:23:56 +0000 UTC
DIUN_ENTRY_PLATFORM=linux/amd64
```
## Configuration
!!! example "File"
```yaml
notif:
script:
cmd: "myprogram"
args:
- "--anarg"
- "another"
```
| Name | Default | Description |
|-----------------------|---------------|---------------|
| `cmd`[^1] | | Command or script to execute |
| `args` | | List of args to pass to `cmd` |
| `dir` | | Specifies the working directory of the command |
!!! abstract "Environment variables"
* `DIUN_NOTIF_SCRIPT_CMD`
* `DIUN_NOTIF_SCRIPT_ARGS`
* `DIUN_NOTIF_SCRIPT_DIR`
[^1]: Value required

28
docs/notif/slack.md Normal file
View File

@@ -0,0 +1,28 @@
# Slack notifications
You can send notifications to your Slack channel using an [incoming webhook URL](https://api.slack.com/messaging/webhooks).
!!! hint
Mattermost webhooks are compatible with Slack notification without any special configuration (if Webhooks are enabled).
## Configuration
!!! example "File"
```yaml
notif:
slack:
webhookURL: https://hooks.slack.com/services/ABCD12EFG/HIJK34LMN/01234567890abcdefghij
```
!!! abstract "Environment variables"
* `DIUN_NOTIF_SLACK_WEBHOOKURL`
| Name | Default | Description |
|--------------------|---------------|---------------|
| `webhookURL`[^1] | | Slack [incoming webhook URL](https://api.slack.com/messaging/webhooks) |
## Sample
![](../assets/notif/slack.png)
[^1]: Value required

25
docs/notif/teams.md Normal file
View File

@@ -0,0 +1,25 @@
# Teams notifications
You can send notifications to your Teams team-channel using an [incoming webhook URL](https://docs.microsoft.com/en-us/microsoftteams/platform/webhooks-and-connectors/what-are-webhooks-and-connectors).
## Configuration
!!! example "File"
```yaml
notif:
teams:
webhookURL: https://outlook.office.com/webhook/ABCD12EFG/HIJK34LMN/01234567890abcdefghij
```
!!! abstract "Environment variables"
* `DIUN_NOTIF_TEAMS_WEBHOOKURL`
| Name | Default | Description |
|--------------------|---------------|---------------|
| `webhookURL`[^1] | | Teams [incoming webhook URL](https://docs.microsoft.com/en-us/microsoftteams/platform/webhooks-and-connectors/what-are-webhooks-and-connectors) |
## Sample
![](../assets/notif/teams.png)
[^1]: Value required

35
docs/notif/telegram.md Normal file
View File

@@ -0,0 +1,35 @@
# Telegram notifications
Notifications can be sent via Telegram using a [Telegram Bot](https://core.telegram.org/bots).
Follow the [instructions](https://core.telegram.org/bots#6-botfather) to set up a bot and get it's token.
Message the [GetID bot](https://t.me/getidsbot) to find your chat ID.
Multiple chat IDs can be provided in order to deliver notifications to multiple recipients.
## Configuration
!!! example "File"
```yaml
notif:
telegram:
token: aabbccdd:11223344
chatIDs:
- 123456789
- 987654321
```
!!! abstract "Environment variables"
* `DIUN_NOTIF_TELEGRAM_TOKEN`
* `DIUN_NOTIF_TELEGRAM_CHATIDS` (comma separated)
| Name | Default | Description |
|--------------------|---------------|---------------|
| `token`[^1] | | Telegram bot token |
| `chatIDs`[^1] | | List of chat IDs to send notifications to |
## Sample
![](../assets/notif/telegram.png)
[^1]: Value required

48
docs/notif/webhook.md Normal file
View File

@@ -0,0 +1,48 @@
# Webhook notifications
You can send webhook notifications with the following settings.
## Configuration
!!! example "File"
```yaml
notif:
gotify:
endpoint: http://gotify.foo.com
token: Token123456
priority: 1
timeout: 10s
```
!!! abstract "Environment variables"
* `DIUN_NOTIF_WEBHOOK_ENDPOINT`
* `DIUN_NOTIF_WEBHOOK_METHOD`
* `DIUN_NOTIF_WEBHOOK_HEADERS_<KEY>`
* `DIUN_NOTIF_WEBHOOK_TIMEOUT`
| Name | Default | Description |
|--------------------|---------------|---------------|
| `endpoint`[^1] | | URL of the HTTP request |
| `method`[^1] | `GET` | HTTP method |
| `headers` | | Map of additional headers to be sent (key is case insensitive) |
| `timeout` | `10s` | Timeout specifies a time limit for the request to be made |
## Sample
The JSON response will look like this:
```json
{
"diun_version": "4.0.0",
"status": "new",
"provider": "file",
"image": "docker.io/crazymax/diun:latest",
"hub_link": "https://hub.docker.com/r/crazymax/diun",
"mime_type": "application/vnd.docker.distribution.manifest.list.v2+json",
"digest": "sha256:216e3ae7de4ca8b553eb11ef7abda00651e79e537e85c46108284e5e91673e01",
"created": "2020-03-26T12:23:56Z",
"platform": "linux/amd64"
}
```
[^1]: Value required

167
docs/overrides/home.html Normal file
View File

@@ -0,0 +1,167 @@
{% extends "main.html" %}
<!-- Render hero under tabs -->
{% block tabs %}
{{ super() }}
<!-- Additional styles for landing page -->
<style>
/* Application header should be static for the landing page */
.md-header {
position: initial;
}
/* Remove spacing, as we cannot hide it completely */
.md-main__inner {
margin: 0;
}
/* Hide main content for now */
.md-content {
display: none;
}
/* Gradient background + blob */
.tx-container {
padding-top: 1rem;
background:
url("data:image/svg+xml;utf8,<svg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 1123 258'><path d='M1124,2c0,0 0,256 0,256l-1125,0l0,-48c0,0 16,5 55,5c116,0 197,-92 325,-92c121,0 114,46 254,46c140,0 214,-167 572,-166Z' style='fill: white' /></svg>") no-repeat bottom,
linear-gradient(
to bottom,
var(--md-primary-fg-color),
hsla(280deg, 67%, 55%, 1) 99%,
white 99%
);
}
/* Set inverted text color on hero */
.tx-hero {
margin: 0 .8rem;
color: var(--md-primary-bg-color);
}
/* Make main headline thicker */
.tx-hero h1 {
margin-bottom: 1rem;
color: currentColor;
font-weight: 700;
}
/* Ensure that blob doesn't overlap buttons */
.tx-hero__content {
padding-bottom: 6rem;
}
/* Adjust spacing of buttons and invert them */
.tx-hero .md-button {
margin-top: .5rem;
margin-right: .5rem;
color: var(--md-primary-bg-color);
}
/* Invert primary button */
.tx-hero .md-button--primary {
background-color: var(--md-primary-bg-color);
color: hsla(280deg, 37%, 48%, 1);
border-color: var(--md-primary-bg-color);
}
/* Invert hover and focus button states */
.tx-hero .md-button:hover,
.tx-hero .md-button:focus {
background-color: var(--md-accent-fg-color);
color: var(--md-default-bg-color);
border-color: var(--md-accent-fg-color);
}
/* [mobile portrait -]: Adjust headline */
@media screen and (max-width: 30em) {
/* Make main headline smaller */
.tx-hero h1 {
font-size: 1.4rem;
}
}
/* [tablet landscape +]: Display content and image next to each other */
@media screen and (min-width: 60em) {
/* Hide table of contents */
.md-sidebar--secondary {
display: none;
}
/* Use flex layout to align items */
.tx-hero {
display: flex;
align-items: stretch;
}
/* Increase bottom spacing and set dimensions */
.tx-hero__content {
max-width: 19rem;
margin-top: 3.5rem;
padding-bottom: 14vw;
}
/* Swap with teaser and set dimensions */
.tx-hero__image {
width: 38rem;
order: 1;
transform: translateX(4rem);
}
}
/* [screen +]: Adjust spacing */
@media screen and (min-width: 76.25em) {
/* Hide navigation */
.md-sidebar--primary {
display: none;
}
/* Ensure the image aligns with the repository information */
.tx-hero__image {
transform: translateX(8rem);
}
}
.tx-hero .capitalize {
font-weight: bold;
font-size: 1.4em;
}
</style>
<!-- Hero for landing page -->
<section class="tx-container">
<div class="md-grid md-typeset">
<div class="tx-hero">
<!-- Hero image -->
<div class="tx-hero__image">
<img src="assets/logo.png" alt="" draggable="false">
</div>
<!-- Hero content -->
<div class="tx-hero__content">
<h1>Diun</h1>
<p><span class="capitalize">D</span> ocker <span class="capitalize">I</span> mage <span class="capitalize">U</span> pdate <span class="capitalize">N</span> otifier</p>
<p>{{ config.site_description }}.</p>
<a href="{{ page.next_page.url | url }}" title="{{ page.next_page.title | striptags }}" class="md-button md-button--primary">
Get started
</a>
<a href="{{ config.repo_url }}" title="{{ lang.t('source.link.title') }}" class="md-button">
Go to GitHub
</a>
</div>
</div>
</div>
</section>
{% endblock %}
<!-- Content -->
{% block content %}{% endblock %}
<!-- Application footer -->
{% block footer %}{% endblock %}

82
docs/overrides/main.html Normal file
View File

@@ -0,0 +1,82 @@
{% extends "base.html" %}
<!-- Custom front matter -->
{% block extrahead %}
<!-- Determine title -->
{% set title = config.site_name %}
{% if page and page.title and not page.is_homepage %}
{% set title = config.site_name ~ " - " ~ page.title | striptags %}
{% endif %}
<!-- assets absolute URL -->
{% set assets = config.site_url ~ 'assets' %}
<!-- Some meta tags -->
<link rel="apple-touch-icon-precomposed" sizes="57x57" href="{{ assets }}/meta/apple-touch-icon-57x57.png">
<link rel="apple-touch-icon-precomposed" sizes="114x114" href="{{ assets }}/meta/apple-touch-icon-114x114.png">
<link rel="apple-touch-icon-precomposed" sizes="72x72" href="{{ assets }}/meta/apple-touch-icon-72x72.png">
<link rel="apple-touch-icon-precomposed" sizes="144x144" href="{{ assets }}/meta/apple-touch-icon-144x144.png">
<link rel="apple-touch-icon-precomposed" sizes="60x60" href="{{ assets }}/meta/apple-touch-icon-60x60.png">
<link rel="apple-touch-icon-precomposed" sizes="120x120" href="{{ assets }}/meta/apple-touch-icon-120x120.png">
<link rel="apple-touch-icon-precomposed" sizes="76x76" href="{{ assets }}/meta/apple-touch-icon-76x76.png">
<link rel="apple-touch-icon-precomposed" sizes="152x152" href="{{ assets }}/meta/apple-touch-icon-152x152.png">
<link rel="icon" type="image/png" href="{{ assets }}/meta/favicon-196x196.png" sizes="196x196">
<link rel="icon" type="image/png" href="{{ assets }}/meta/favicon-96x96.png" sizes="96x96">
<link rel="icon" type="image/png" href="{{ assets }}/meta/favicon-32x32.png" sizes="32x32">
<link rel="icon" type="image/png" href="{{ assets }}/meta/favicon-16x16.png" sizes="16x16">
<link rel="icon" type="image/png" href="{{ assets }}/meta/favicon-128.png" sizes="128x128">
<meta name="application-name" content="{{ config.site_name }}">
<meta name="msapplication-TileColor" content="#FFFFFF">
<meta name="msapplication-TileImage" content="{{ assets }}/meta/mstile-144x144.png">
<meta name="msapplication-square70x70logo" content="{{ assets }}/meta/mstile-70x70.png">
<meta name="msapplication-square150x150logo" content="{{ assets }}/meta/mstile-150x150.png">
<meta name="msapplication-wide310x150logo" content="{{ assets }}/meta/mstile-310x150.png">
<meta name="msapplication-square310x310logo" content="{{ assets }}/meta/mstile-310x310.png">
<meta property="og:type" content="website">
<meta property="og:title" content="{{ title }}">
<meta property="og:description" content="{{ config.site_description }}">
<meta property="og:url" content="{{ page.canonical_url }}">
<meta property="og:image" content="{{ assets }}/meta/card.png">
<meta property="og:image:type" content="image/png">
<meta property="og:image:width" content="1200">
<meta property="og:image:height" content="630">
<meta name="twitter:card" content="summary_large_image">
<meta name="twitter:site" content="@crazyws">
<meta name="twitter:creator" content="@crazyws">
<meta name="twitter:title" content="{{ title }}">
<meta name="twitter:description" content="{{ config.site_description }}">
<meta name="twitter:image" content="{{ assets }}/card.png">
{% endblock %}
<!-- Announcement bar -->
{% block announce %}
<style>
/* Add background color transition */
.md-announce {
transition: background-color 125ms;
}
/* Change background color on link focus */
.md-announce:focus-within {
background-color: var(--md-accent-fg-color);
}
/* Preserve link color */
.md-announce a,
.md-announce a:focus,
.md-announce a:hover {
color: currentColor;
}
/* Don't wrap name of blog article */
.md-announce strong {
white-space: nowrap;
}
</style>
<a target="_blank" href="https://github.com/sponsors/crazy-max">
If you like this project and use it, consider sponsoring it via
<strong>GitHub <img alt="❤" class="twemoji md-footer-custom-text" src="https://twemoji.maxcdn.com/v/latest/svg/2764.svg" title="love"> Sponsors</strong>
</a>
{% endblock %}

177
docs/providers/docker.md Normal file
View File

@@ -0,0 +1,177 @@
# Docker provider
## About
The Docker provider allows you to analyze the containers of your Docker instance to extract images found and check for updates on the registry.
## Quick start
In this section we quickly go over a basic docker-compose file using your local docker provider.
Here we use a single Docker provider with a minimum configuration to analyze labeled containers (watch by default disabled), even stopped ones, of your local Docker instance.
Now let's create a simple docker-compose file with Diun and some simple services:
```yaml
version: "3.5"
services:
diun:
image: crazymax/diun:latest
volumes:
- "./data:/data"
- "/var/run/docker.sock:/var/run/docker.sock"
environment:
- "TZ=Europe/Paris"
- "LOG_LEVEL=info"
- "LOG_JSON=false"
- "DIUN_WATCH_WORKERS=20"
- "DIUN_WATCH_SCHEDULE=*/30 * * * *"
- "DIUN_PROVIDERS_DOCKER=true"
- "DIUN_PROVIDERS_DOCKER_WATCHSTOPPED=true"
restart: always
cloudflared:
image: crazymax/cloudflared:latest
ports:
- target: 5053
published: 5053
protocol: udp
- target: 49312
published: 49312
protocol: tcp
environment:
- "TZ=Europe/Paris"
- "TUNNEL_DNS_UPSTREAM=https://1.1.1.1/dns-query,https://1.0.0.1/dns-query"
labels:
- "diun.enable=true"
- "diun.watch_repo=true"
restart: always
```
As an example we use [crazymax/cloudflared:latest](https://github.com/crazy-max/docker-cloudflared) Docker image. A few [labels](#docker-labels) are added to configure the image analysis of this container for Diun. Now start this composition with `docker-composes up -d` and take a look at the logs:
```
$ docker-compose logs -f
Attaching to bin_diun_1, cloudflared
cloudflared | time="2019-12-14T15:30:07+01:00" level=info msg="Adding DNS upstream" url="https://1.1.1.1/dns-query"
cloudflared | time="2019-12-14T15:30:07+01:00" level=info msg="Adding DNS upstream" url="https://1.0.0.1/dns-query"
cloudflared | time="2019-12-14T15:30:07+01:00" level=info msg="Starting metrics server" addr="[::]:49312"
cloudflared | time="2019-12-14T15:30:07+01:00" level=info msg="Starting DNS over HTTPS proxy server" addr="dns://0.0.0.0:5053"
diun_1 | Sat, 14 Dec 2019 15:30:07 CET INF Starting Diun v2.0.0
diun_1 | Sat, 14 Dec 2019 15:30:07 CET INF Found 1 image(s) to analyze provider=docker
diun_1 | Sat, 14 Dec 2019 15:30:10 CET INF New image found id=mydocker image=docker.io/crazymax/cloudflared:latest provider=docker
diun_1 | Sat, 14 Dec 2019 15:30:12 CET INF New image found id=mydocker image=docker.io/crazymax/cloudflared:2019.9.0 provider=docker
diun_1 | Sat, 14 Dec 2019 15:30:12 CET INF New image found id=mydocker image=docker.io/crazymax/cloudflared:2019.9.1 provider=docker
diun_1 | Sat, 14 Dec 2019 15:30:12 CET INF New image found id=mydocker image=docker.io/crazymax/cloudflared:2019.9.2 provider=docker
diun_1 | Sat, 14 Dec 2019 15:30:12 CET INF New image found id=mydocker image=docker.io/crazymax/cloudflared:2019.10.1 provider=docker
diun_1 | Sat, 14 Dec 2019 15:30:12 CET INF New image found id=mydocker image=docker.io/crazymax/cloudflared:2019.10.4 provider=docker
diun_1 | Sat, 14 Dec 2019 15:30:12 CET INF New image found id=mydocker image=docker.io/crazymax/cloudflared:2019.10.2 provider=docker
diun_1 | Sat, 14 Dec 2019 15:30:12 CET INF New image found id=mydocker image=docker.io/crazymax/cloudflared:2019.11.0 provider=docker
diun_1 | Sat, 14 Dec 2019 15:30:12 CET INF New image found id=mydocker image=docker.io/crazymax/cloudflared:2019.11.3 provider=docker
diun_1 | Sat, 14 Dec 2019 15:30:13 CET INF New image found id=mydocker image=docker.io/crazymax/cloudflared:2019.11.2 provider=docker
diun_1 | Sat, 14 Dec 2019 15:30:13 CET INF Cron initialized with schedule */30 * * * *
diun_1 | Sat, 14 Dec 2019 15:30:13 CET INF Next run in 29 minutes (2019-12-14 16:00:00 +0100 CET)
```
## Configuration
!!! hint
Environment variable `DIUN_PROVIDERS_DOCKER=true` can be used to enable this provider with default values.
### `endpoint`
Server address to connect to. Local if empty.
!!! example "File"
```yaml
providers:
docker:
endpoint: "unix:///var/run/docker.sock"
```
!!! abstract "Environment variables"
* `DIUN_PROVIDERS_DOCKER_ENDPOINT`
### `apiVersion`
Overrides the client version with the specified one.
!!! example "File"
```yaml
providers:
docker:
apiVersion: "1.39"
```
!!! abstract "Environment variables"
* `DIUN_PROVIDERS_DOCKER_APIVERSION`
### `tlsCertsPath`
Path to load the TLS certificates from.
!!! example "File"
```yaml
providers:
docker:
tlsCertsPath: "/certs/"
```
!!! abstract "Environment variables"
* `DIUN_PROVIDERS_DOCKER_TLSCERTSPATH`
### `tlsVerify`
Controls whether client verifies the server's certificate chain and hostname (default `true`).
!!! example "File"
```yaml
providers:
docker:
tlsVerify: true
```
!!! abstract "Environment variables"
* `DIUN_PROVIDERS_DOCKER_TLSVERIFY`
### `watchByDefault`
Enable watch by default. If false, containers that don't have `diun.enable=true` label will be ignored (default `false`).
!!! example "File"
```yaml
providers:
docker:
watchByDefault: false
```
!!! abstract "Environment variables"
* `DIUN_PROVIDERS_DOCKER_WATCHBYDEFAULT`
### `watchStopped`
Include created and exited containers too (default `false`).
!!! example "File"
```yaml
providers:
docker:
watchStopped: false
```
!!! abstract "Environment variables"
* `DIUN_PROVIDERS_DOCKER_WATCHSTOPPED`
## Docker labels
You can configure more finely the way to analyze the image of your container through Docker labels:
| Name | Default | Description |
|-------------------------------|---------------|---------------|
| `diun.enable` | | Set to true to enable image analysis of this container |
| `diun.regopts_id` | | Registry options ID from [`regopts`](../config/regopts.md) to use |
| `diun.watch_repo` | `false` | Watch all tags of this container image |
| `diun.max_tags` | `0` | Maximum number of tags to watch if `diun.watch_repo` enabled. `0` means all of them |
| `diun.include_tags` | | Semi-colon separated list of regular expressions to include tags. Can be useful if you enable `diun.watch_repo` |
| `diun.exclude_tags` | | Semi-colon separated list of regular expressions to exclude tags. Can be useful if you enable `diun.watch_repo` |

174
docs/providers/file.md Normal file
View File

@@ -0,0 +1,174 @@
# File provider
## About
The file provider lets you define Docker images to analyze through a YAML file or a directory.
## Example
Register the file provider:
```yaml
db:
path: diun.db
watch:
workers: 20
schedule: "* * * * *"
regopts:
someregistryoptions:
username: foo
password: bar
timeout: 20
onemore:
username: foo2
password: bar2
insecureTLS: true
providers:
file:
filename: /path/to/config.yml
```
```yaml
### /path/to/config.yml
# Watch latest tag of crazymax/nextcloud image on docker.io (DockerHub) with registry ID 'someregistryoptions'.
- name: docker.io/crazymax/nextcloud:latest
regopts_id: someregistryoptions
# Watch 4.0.0 tag of jfrog/artifactory-oss image on frog-docker-reg2.bintray.io (Bintray) with registry ID 'onemore'.
- name: jfrog-docker-reg2.bintray.io/jfrog/artifactory-oss:4.0.0
regopts_id: onemore
# Watch coreos/hyperkube image on quay.io (Quay) and assume latest tag.
- name: quay.io/coreos/hyperkube
# Watch crazymax/swarm-cronjob image and assume docker.io registry and latest tag.
# Only include tags matching regexp ^1\.2\..*
- name: crazymax/swarm-cronjob
watch_repo: true
include_tags:
- ^1\.2\..*
# Watch portainer/portainer image on docker.io (DockerHub) and assume latest tag
# Only watch latest 10 tags and include tags matching regexp ^(0|[1-9]\d*)\..*
- name: docker.io/portainer/portainer
watch_repo: true
max_tags: 10
include_tags:
- ^(0|[1-9]\d*)\..*
# Watch alpine image (library) and assume docker.io registry and latest tag.
# Force linux/arm64/v8 platform for this image
- name: alpine
watch_repo: true
platform:
os: linux
arch: arm64
variant: v8
```
## Quick start
Let's take a look with a simple example:
```yaml
db:
path: diun.db
watch:
workers: 20
schedule: "* * * * *"
regopts:
jfrog:
username: foo
password: bar
providers:
file:
filename: /path/to/config.yml
```
```yaml
# /path/to/config.yml
- name: crazymax/cloudflared
watch_repo: true
- name: docker.bintray.io/jfrog/xray-mongo:3.2.6
regopts_id: jfrog
```
Here we want to analyze all tags of `crazymax/cloudflared` and `docker.bintray.io/jfrog/xray-mongo:3.2.6` tag. Now let's start Diun:
```
$ diun --config diun.yml
Sat, 14 Dec 2019 15:32:23 UTC INF Starting Diun 2.0.0
Sat, 14 Dec 2019 15:32:23 UTC INF Found 2 image(s) to analyze... provider=file
Sat, 14 Dec 2019 15:32:25 UTC INF New image found id=crazymax/cloudflared image=docker.io/crazymax/cloudflared:latest provider=file
Sat, 14 Dec 2019 15:32:28 UTC INF New image found id=crazymax/cloudflared image=docker.io/crazymax/cloudflared:2019.11.3 provider=file
Sat, 14 Dec 2019 15:32:28 UTC INF New image found id=crazymax/cloudflared image=docker.io/crazymax/cloudflared:2019.11.0 provider=file
Sat, 14 Dec 2019 15:32:28 UTC INF New image found id=crazymax/cloudflared image=docker.io/crazymax/cloudflared:2019.10.1 provider=file
Sat, 14 Dec 2019 15:32:28 UTC INF New image found id=crazymax/cloudflared image=docker.io/crazymax/cloudflared:2019.9.0 provider=file
Sat, 14 Dec 2019 15:32:28 UTC INF New image found id=crazymax/cloudflared image=docker.io/crazymax/cloudflared:2019.9.2 provider=file
Sat, 14 Dec 2019 15:32:28 UTC INF New image found id=crazymax/cloudflared image=docker.io/crazymax/cloudflared:2019.10.2 provider=file
Sat, 14 Dec 2019 15:32:28 UTC INF New image found id=crazymax/cloudflared image=docker.io/crazymax/cloudflared:2019.11.2 provider=file
Sat, 14 Dec 2019 15:32:28 UTC INF New image found id=crazymax/cloudflared image=docker.io/crazymax/cloudflared:2019.9.1 provider=file
Sat, 14 Dec 2019 15:32:28 UTC INF New image found id=crazymax/cloudflared image=docker.io/crazymax/cloudflared:2019.10.4 provider=file
Sat, 14 Dec 2019 15:32:28 UTC INF New image found id=docker.bintray.io/jfrog/xray-mongo:3.2.6 image=docker.bintray.io/jfrog/xray-mongo:3.2.6 provider=file
Sat, 14 Dec 2019 15:32:28 UTC INF Cron initialized with schedule * * * * *
Sat, 14 Dec 2019 15:32:28 UTC INF Next run in 31 seconds (2019-12-14 15:33:00 +0000 UTC)
```
## Configuration
### `filename`
Defines the path to the [configuration file](#yaml-configuration-file).
!!! warning
`filename` and `directory` are mutually exclusive
!!! example "File"
```yaml
providers:
file:
filename: /path/to/config/conf.yml
```
!!! abstract "Environment variables"
* `DIUN_PROVIDERS_FILE_FILENAME`
### `directory`
Defines the path to the directory that contains the [configuration files](#yaml-configuration-file) (`*.yml` or `*.yaml`).
!!! warning
`filename` and `directory` are mutually exclusive
!!! example "File"
```yaml
providers:
file:
directory: /path/to/config
```
!!! abstract "Environment variables"
* `DIUN_PROVIDERS_FILE_DIRECTORY`
## YAML configuration file
The configuration file(s) defines a slice of images to analyze with the following fields:
| Name | Default | Description |
|-------------------------------|----------------------------------|---------------|
| `name` | `latest` | Docker image name to watch using `registry/path:tag` format. If registry omitted, `docker.io` will be used and if tag omitted, `latest` will be used |
| `regopts_id` | | Registry options ID from [`regopts`](../config/regopts.md) to use |
| `watch_repo` | `false` | Watch all tags of this image |
| `max_tags` | `0` | Maximum number of tags to watch if `watch_repo` enabled. `0` means all of them |
| `include_tags` | | List of regular expressions to include tags. Can be useful if you enable `watch_repo` |
| `exclude_tags` | | List of regular expressions to exclude tags. Can be useful if you enable `watch_repo` |
| `platform.os` | dynamic based on your OS specs | Operating system to use as custom platform |
| `platform.arch` | dynamic based on your OS specs | CPU architecture to use as custom platform |
| `platform.variant` | dynamic based on your OS specs | Variant of the CPU to use as custom platform |

280
docs/providers/kubernetes.md Normal file
View File

@@ -0,0 +1,280 @@
# Kubernetes provider
## About
The Kubernetes provider allows you to analyze the pods of your Kubernetes cluster to extract images found and check for updates on the registry.
## Quick start
In this section we quickly go over a basic deployment using your local Kubernetes cluster.
Here we use our local Kubernetes provider with a minimum configuration to analyze annotated pods (watch by default disabled).
Now let's create a simple pod for Diun:
```yaml
apiVersion: v1
kind: ServiceAccount
metadata:
namespace: default
name: diun
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: diun
rules:
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- watch
- list
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: diun
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: diun
subjects:
- kind: ServiceAccount
name: diun
namespace: default
---
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: default
name: diun
spec:
replicas: 1
selector:
matchLabels:
app: diun
template:
metadata:
labels:
app: diun
annotations:
diun.enable: "true"
diun.watch_repo: "true"
spec:
serviceAccountName: diun
containers:
- name: diun
image: crazymax/diun:latest
imagePullPolicy: Always
env:
- name: TZ
value: "Europe/Paris"
- name: LOG_LEVEL
value: "info"
- name: LOG_JSON
value: "false"
- name: DIUN_WATCH_WORKERS
value: "20"
- name: DIUN_WATCH_SCHEDULE
value: "*/30 * * * *"
- name: DIUN_PROVIDERS_KUBERNETES
value: "true"
volumeMounts:
- mountPath: "/data"
name: "data"
restartPolicy: Always
volumes:
# Set up a data directory for diun
# For production usage, you should consider using PV/PVC instead(or simply using storage like NAS)
# For more details, please see https://kubernetes.io/docs/concepts/storage/volumes/
- name: "data"
hostPath:
path: "/data"
type: Directory
```
And another one with a simple Nginx pod:
```yaml
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: default
name: nginx
spec:
selector:
matchLabels:
run: nginx
replicas: 2
template:
metadata:
labels:
run: nginx
annotations:
diun.enable: "true"
diun.watch_repo: "true"
spec:
containers:
- name: nginx
image: nginx
ports:
- containerPort: 80
```
As an example we use [nginx](https://hub.docker.com/_/nginx/) Docker image. A few [annotations](#kubernetes-annotations) are added to configure the image analysis of this pod for Diun. We can now start these 2 pods:
```
kubectl apply -f diun.yml
kubectl apply -f nginx.yml
```
Now take a look at the logs:
```
$ kubectl logs -f -l app=diun --all-containers
Wed, 17 Jun 2020 10:49:58 CEST INF Starting Diun version=4.0.0-beta.3
Wed, 17 Jun 2020 10:49:58 CEST WRN No notifier available
Wed, 17 Jun 2020 10:49:58 CEST INF Cron triggered
Wed, 17 Jun 2020 10:49:59 CEST INF Found 1 image(s) to analyze provider=kubernetes
Wed, 17 Jun 2020 10:50:00 CEST INF New image found image=docker.io/library/nginx:latest provider=kubernetes
Wed, 17 Jun 2020 10:50:02 CEST INF New image found image=docker.io/library/nginx:1.9 provider=kubernetes
Wed, 17 Jun 2020 10:50:02 CEST INF New image found image=docker.io/library/nginx:1.9.5 provider=kubernetes
Wed, 17 Jun 2020 10:50:02 CEST INF New image found image=docker.io/library/nginx:1.9.7 provider=kubernetes
Wed, 17 Jun 2020 10:50:02 CEST INF New image found image=docker.io/library/nginx:1.9.9 provider=kubernetes
Wed, 17 Jun 2020 10:50:02 CEST INF New image found image=docker.io/library/nginx:1.9.4 provider=kubernetes
Wed, 17 Jun 2020 10:50:02 CEST INF New image found image=docker.io/library/nginx:1.9.6 provider=kubernetes
Wed, 17 Jun 2020 10:50:02 CEST INF New image found image=docker.io/library/nginx:1.9.8 provider=kubernetes
Wed, 17 Jun 2020 10:50:03 CEST INF New image found image=docker.io/library/nginx:stable provider=kubernetes
Wed, 17 Jun 2020 10:50:03 CEST INF New image found image=docker.io/library/nginx:stable-alpine provider=kubernetes
Wed, 17 Jun 2020 10:50:03 CEST INF New image found image=docker.io/library/nginx:perl provider=kubernetes
...
```
## Configuration
!!! hint
Environment variable `DIUN_PROVIDERS_KUBERNETES=true` can be used to enable this provider with default values.
### `endpoint`
The Kubernetes server endpoint as URL.
!!! example "File"
```yaml
providers:
kubernetes:
endpoint: "http://localhost:8080"
```
!!! abstract "Environment variables"
* `DIUN_PROVIDERS_KUBERNETES_ENDPOINT`
Kubernetes server endpoint as URL, which is only used when the behavior based on environment variables described below does not apply.
When deployed into Kubernetes, Diun reads the environment variables `KUBERNETES_SERVICE_HOST` and `KUBERNETES_SERVICE_PORT` or `KUBECONFIG` to create the endpoint.
The access token is looked up in `/var/run/secrets/kubernetes.io/serviceaccount/token` and the SSL CA certificate in `/var/run/secrets/kubernetes.io/serviceaccount/ca.crt`. They are both provided automatically as mounts in the pod where Diun is deployed.
When the environment variables are not found, Diun tries to connect to the Kubernetes API server with an external-cluster client. In which case, the endpoint is required. Specifically, it may be set to the URL used by `kubectl proxy` to connect to a Kubernetes cluster using the granted authentication and authorization of the associated kubeconfig.
### `token`
Bearer token used for the Kubernetes client configuration.
!!! example "File"
```yaml
providers:
kubernetes:
token: "atoken"
```
!!! abstract "Environment variables"
* `DIUN_PROVIDERS_KUBERNETES_TOKEN`
### `tokenFile`
Use content of secret file as bearer token if `token` not defined.
!!! example "File"
```yaml
providers:
kubernetes:
tokenFile: "/run/secrets/token"
```
!!! abstract "Environment variables"
* `DIUN_PROVIDERS_KUBERNETES_TOKEN`
### `certAuthFilePath`
Path to the certificate authority file. Used for the Kubernetes client configuration.
!!! example "File"
```yaml
providers:
kubernetes:
certAuthFilePath: "/a/ca.crt"
```
!!! abstract "Environment variables"
* `DIUN_PROVIDERS_KUBERNETES_CERTAUTHFILEPATH`
### `tlsInsecure`
Controls whether client does not verify the server's certificate chain and hostname (default `false`).
!!! example "File"
```yaml
providers:
kubernetes:
tlsInsecure: false
```
!!! abstract "Environment variables"
* `DIUN_PROVIDERS_KUBERNETES_TLSINSECURE`
### `namespaces`
Array of namespaces to watch (default all namespaces).
!!! example "File"
```yaml
providers:
kubernetes:
namespaces:
- default
- production
```
!!! abstract "Environment variables"
* `DIUN_PROVIDERS_KUBERNETES_NAMESPACES` (comma separated)
### `watchByDefault`
Enable watch by default. If false, pods that don't have `diun.enable: "true"` annotation will be ignored (default `false`).
!!! example "File"
```yaml
providers:
kubernetes:
watchByDefault: false
```
!!! abstract "Environment variables"
* `DIUN_PROVIDERS_KUBERNETES_WATCHBYDEFAULT`
## Kubernetes annotations
You can configure more finely the way to analyze the image of your pods through Kubernetes annotations:
| Name | Default | Description |
|-------------------------------|---------------|---------------|
| `diun.enable` | | Set to true to enable image analysis of this pod |
| `diun.regopts_id` | | Registry options ID from [`regopts`](../config/regopts.md) to use |
| `diun.watch_repo` | `false` | Watch all tags of this pod image |
| `diun.max_tags` | `0` | Maximum number of tags to watch if `diun.watch_repo` enabled. `0` means all of them |
| `diun.include_tags` | | Semi-colon separated list of regular expressions to include tags. Can be useful if you enable `diun.watch_repo` |
| `diun.exclude_tags` | | Semi-colon separated list of regular expressions to exclude tags. Can be useful if you enable `diun.watch_repo` |

181
docs/providers/swarm.md Normal file
View File

@@ -0,0 +1,181 @@
# Swarm provider
## About
The Swarm provider allows you to analyze the services of your Swarm cluster to extract images found and check for updates on the registry.
## Quick start
In this section we quickly go over a basic stack using your local swarm cluster.
Here we use our local Swarm provider with a minimum configuration to analyze labeled containers (watch by default disabled).
Now let's create a simple stack for Diun:
```yaml
version: "3.5"
services:
diun:
image: crazymax/diun:latest
volumes:
- "./data:/data"
- "/var/run/docker.sock:/var/run/docker.sock"
environment:
- "TZ=Europe/Paris"
- "LOG_LEVEL=info"
- "LOG_JSON=false"
- "DIUN_WATCH_WORKERS=20"
- "DIUN_WATCH_SCHEDULE=*/30 * * * *"
- "DIUN_PROVIDERS_SWARM=true"
deploy:
mode: replicated
replicas: 1
placement:
constraints:
- node.role == manager
```
And another one with a simple service:
```yaml
version: "3.5"
services:
nginx:
image: nginx
ports:
- target: 80
published: 80
protocol: udp
deploy:
mode: replicated
replicas: 2
labels:
- "diun.enable=true"
- "diun.watch_repo=true"
```
As an example we use [nginx](https://hub.docker.com/_/nginx/) Docker image. A few [labels](#docker-labels) are added to configure the image analysis of this service for Diun. We can now start these 2 stacks:
```
docker stack deploy -c diun.yml diun
docker stack deploy -c nginx.yml nginx
```
Now take a look at the logs:
```
$ docker service logs -f diun_diun
diun_diun.1.i1l4yuiafq6y@docker-desktop | Sat, 14 Dec 2019 16:19:57 CET INF Starting Diun dev
diun_diun.1.i1l4yuiafq6y@docker-desktop | Sat, 14 Dec 2019 16:19:57 CET INF Starting Diun...
diun_diun.1.i1l4yuiafq6y@docker-desktop | Sat, 14 Dec 2019 16:19:57 CET INF Found 1 image(s) to analyze provider=swarm
diun_diun.1.i1l4yuiafq6y@docker-desktop | Sat, 14 Dec 2019 16:19:59 CET INF New image found id=myswarm image=docker.io/library/nginx:latest provider=swarm
diun_diun.1.i1l4yuiafq6y@docker-desktop | Sat, 14 Dec 2019 16:20:01 CET INF New image found id=myswarm image=docker.io/library/nginx:1.9 provider=swarm
diun_diun.1.i1l4yuiafq6y@docker-desktop | Sat, 14 Dec 2019 16:20:01 CET INF New image found id=myswarm image=docker.io/library/nginx:1.9.4 provider=swarm
diun_diun.1.i1l4yuiafq6y@docker-desktop | Sat, 14 Dec 2019 16:20:01 CET INF New image found id=myswarm image=docker.io/library/nginx:1.9.8 provider=swarm
diun_diun.1.i1l4yuiafq6y@docker-desktop | Sat, 14 Dec 2019 16:20:01 CET INF New image found id=myswarm image=docker.io/library/nginx:1.9.7 provider=swarm
diun_diun.1.i1l4yuiafq6y@docker-desktop | Sat, 14 Dec 2019 16:20:01 CET INF New image found id=myswarm image=docker.io/library/nginx:1.9.9 provider=swarm
diun_diun.1.i1l4yuiafq6y@docker-desktop | Sat, 14 Dec 2019 16:20:01 CET INF New image found id=myswarm image=docker.io/library/nginx:1.9.6 provider=swarm
diun_diun.1.i1l4yuiafq6y@docker-desktop | Sat, 14 Dec 2019 16:20:01 CET INF New image found id=myswarm image=docker.io/library/nginx:1.9.5 provider=swarm
diun_diun.1.i1l4yuiafq6y@docker-desktop | Sat, 14 Dec 2019 16:20:02 CET INF New image found id=myswarm image=docker.io/library/nginx:mainline-alpine provider=swarm
diun_diun.1.i1l4yuiafq6y@docker-desktop | Sat, 14 Dec 2019 16:20:02 CET INF New image found id=myswarm image=docker.io/library/nginx:alpine-perl provider=swarm
diun_diun.1.i1l4yuiafq6y@docker-desktop | Sat, 14 Dec 2019 16:20:02 CET INF New image found id=myswarm image=docker.io/library/nginx:stable-perl provider=swarm
diun_diun.1.i1l4yuiafq6y@docker-desktop | Sat, 14 Dec 2019 16:20:02 CET INF New image found id=myswarm image=docker.io/library/nginx:stable-alpine-perl provider=swarm
diun_diun.1.i1l4yuiafq6y@docker-desktop | Sat, 14 Dec 2019 16:20:02 CET INF New image found id=myswarm image=docker.io/library/nginx:1 provider=swarm
diun_diun.1.i1l4yuiafq6y@docker-desktop | Sat, 14 Dec 2019 16:20:02 CET INF New image found id=myswarm image=docker.io/library/nginx:perl provider=swarm
diun_diun.1.i1l4yuiafq6y@docker-desktop | Sat, 14 Dec 2019 16:20:02 CET INF New image found id=myswarm image=docker.io/library/nginx:mainline-alpine-perl provider=swarm
diun_diun.1.i1l4yuiafq6y@docker-desktop | Sat, 14 Dec 2019 16:20:02 CET INF New image found id=myswarm image=docker.io/library/nginx:stable provider=swarm
diun_diun.1.i1l4yuiafq6y@docker-desktop | Sat, 14 Dec 2019 16:20:02 CET INF New image found id=myswarm image=docker.io/library/nginx:mainline-perl provider=swarm
diun_diun.1.i1l4yuiafq6y@docker-desktop | Sat, 14 Dec 2019 16:20:02 CET INF New image found id=myswarm image=docker.io/library/nginx:mainline provider=swarm
...
```
## Configuration
!!! hint
Environment variable `DIUN_PROVIDERS_SWARM=true` can be used to enable this provider with default values.
### `endpoint`
Server address to connect to. Local if empty.
!!! example "File"
```yaml
providers:
swarm:
endpoint: "unix:///var/run/docker.sock"
```
!!! abstract "Environment variables"
* `DIUN_PROVIDERS_SWARM_ENDPOINT`
#### `apiVersion`
Overrides the client version with the specified one.
!!! example "File"
```yaml
providers:
swarm:
apiVersion: "1.39"
```
!!! abstract "Environment variables"
* `DIUN_PROVIDERS_SWARM_APIVERSION`
#### `tlsCertsPath`
Path to load the TLS certificates from.
!!! example "File"
```yaml
providers:
swarm:
tlsCertsPath: "/certs/"
```
!!! abstract "Environment variables"
* `DIUN_PROVIDERS_SWARM_TLSCERTSPATH`
#### `tlsVerify`
Controls whether client verifies the server's certificate chain and hostname (default `true`).
!!! example "File"
```yaml
providers:
swarm:
tlsVerify: true
```
!!! abstract "Environment variables"
* `DIUN_PROVIDERS_SWARM_TLSVERIFY`
#### `watchByDefault`
Enable watch by default. If false, services that don't have `diun.enable=true` label will be ignored (default `false`).
!!! example "File"
```yaml
providers:
swarm:
watchByDefault: false
```
!!! abstract "Environment variables"
* `DIUN_PROVIDERS_SWARM_WATCHBYDEFAULT`
## Docker labels
You can configure more finely the way to analyze the image of your service through Docker labels:
| Name | Default | Description |
|-------------------------------|---------------|---------------|
| `diun.enable` | | Set to true to enable image analysis of this service |
| `diun.regopts_id` | | Registry options ID from [`regopts`](../config/regopts.md) to use |
| `diun.watch_repo` | `false` | Watch all tags of this service image |
| `diun.max_tags` | `0` | Maximum number of tags to watch if `diun.watch_repo` enabled. `0` means all of them |
| `diun.include_tags` | | Semi-colon separated list of regular expressions to include tags. Can be useful if you enable `diun.watch_repo` |
| `diun.exclude_tags` | | Semi-colon separated list of regular expressions to exclude tags. Can be useful if you enable `diun.watch_repo` |

31
docs/reporting-issue.md Normal file
View File

@@ -0,0 +1,31 @@
# Reporting an issue
## Before submitting an issue
First, [be a good guy](https://github.com/kossnocorp/etiquette/blob/master/README.md).
Please do a search in [open issues]({{ config.repo_url }}issues?utf8=%E2%9C%93&q=) to see if the issue or feature request has already been filed and read the [FAQ](faq.md) page first.
If you find your issue already exists, make relevant comments and add your [reaction](https://github.com/blog/2119-add-reactions-to-pull-requests-issues-and-comments). Use a reaction in place of a "+1" comment.
:+1: - upvote
:-1: - downvote
If you cannot find an existing issue that describes your bug or feature, submit an issue using the guidelines below.
## Writing good bug reports and feature requests
File a single issue per problem and feature request.
* Do not enumerate multiple bugs or feature requests in the same issue.
* Do not add your issue as a comment to an existing issue unless it's for the identical input. Many issues look similar, but have different causes.
The more information you can provide, the more likely someone will be successful reproducing the issue and finding a fix.
You are now ready to [create a new issue]({{ config.repo_url }}issues/new/choose)!
## Closure policy
* Issues that don't have the information requested above (when applicable) will be closed immediately and the poster directed to the support guidelines.
* Issues that go a week without a response from original poster are subject to closure at our discretion.