Dockerfile

kind: dockerfile

Description

The Dockerfile crawler looks recursively for all Dockerfile from a specific root directory. Then, for each of them, it tries to update each Docker image tag found in a 'FROM' instruction.

Updatecli looks for the following file patterns:

  • Dockerfile

  • Dockerfile.*

The automatic discovery behavior can be tuned by providing a YAML manifest with a dockerfile crawler in top-level directive autodiscovery as explained in the "Autodiscovery" page.

Usage

The dockerfile autodiscovery can use with or without manifest.

Without manifest

Without manifest available, Updatecli will enable all default crawlers, including dockerfile.

updatecli diff to run updatecli in dryrun updatecli apply to apply the changes locally

With a manifest

If a manifest is provided, Updatecli will only execute crawlers specified in the manifest such as in the following example

  • updatecli diff --config updatecli.d/default.yaml to run updatecli in dryrun

  • updatecli apply --config updatecli.d/default.yaml to apply the changes

# updatecli.d/default.yaml
name: "[asciidoctor/docker-asciidoctor] Dockerfile autodiscovery using git scm"
scms:
  asciidoctor:
    kind: git
    spec:
      url: https://github.com/asciidoctor/docker-asciidoctor.git
      branch: main

autodiscovery:
  # scmid is applied to all crawlers
  scmid: asciidoctor
  crawlers:
    dockerfile:
      #rootdir: <custom root directory, overriden by scm configuration>
      #
      ## Ignore Dockerfile update matching following rules
      #ignore:
      #  - archs:
      #      - "amd64"
      #    path: "qa/*"
      #    images:
      #      - alpine
      #      - alpine:3
      #  
      ## Only update Dockerfile matching following rules
      #only:
      #  - archs:
      #      - "amd64"
      #    path: "qa/*"
      #    images:
      #      - alpine
      #      - alpine:3
      #
      # auths:
      # Override default dockerfile filematch
      #filematch:
      #  - "Dockerfile.example"

Manifest

Parameters

NameTypeDescriptionRequired
authsobjectAuths provides a map of registry credentials where the key is the registry URL without scheme
digestbooleandigest provides parameters to specify if the generated manifest should use a digest on top of the tag.
filematcharrayFileMatch allows to override default Dockerfile file matching. Default [“Dockerfile”]
ignorearrayIgnore allows to specify rule to ignore autodiscovery a specific Helm based on a rule
    archsarrayArch specifies a list of docker image architecture
    imagesarrayImage specifies a list of docker image
    pathstringPath specifies a Dockerfile path pattern, the pattern requires to match all of name, not just a substring.
onlyarrayOnly allows to specify rule to only autodiscover manifest for a specific Helm based on a rule
    archsarrayArch specifies a list of docker image architecture
    imagesarrayImage specifies a list of docker image
    pathstringPath specifies a Dockerfile path pattern, the pattern requires to match all of name, not just a substring.
rootdirstringRootDir defines the root directory used to recursively search for Helm Chart
versionfilterobject

versionfilter provides parameters to specify the version pattern used when generating manifest.

	kind - semver
		versionfilter of kind `semver` uses semantic versioning as version filtering
		pattern accepts one of:
			`patch` - patch only update patch version
			`minor` - minor only update minor version
			`major` - major only update major versions
			`a version constraint` such as `>= 1.0.0`

	kind - regex
		versionfilter of kind `regex` uses regular expression as version filtering
		pattern accepts a valid regular expression

	example:
	```
		versionfilter:
			kind: semver
			pattern: minor
	```

	and its type like regex, semver, or just latest.
    kindstringspecifies the version kind such as semver, regex, or latest
    patternstringspecifies the version pattern according the version kind
    strictbooleanstrict enforce strict versioning rule. Only used for semantic versioning at this time
⚠ This table is generated from the Updatecli codebase and may contain inaccurate data. Feel free to report them on github.com/updatecli/updatecli

Docker Image Tag

The Docker ecosystem has no versioning guidelines. This means that it’s the wild west out there and pretty much impossible to detect all cases. Hence why Updatecli manifest was created.

That being said we are still interested in an autodiscovery feature that would detect as many cases as possible. This section is about documentation what is covered and what’s missing. Do not hesitate to look at the contributing section

Semantic Versioning

In the Docker ecosystem, many tags look like semver but are not. For instance, node:18.12.1-alpine would match the semver regular expression but the prerelease -alpine is not a prerelease information as per semver convention but a variant of node:18.12.1-buster or node:18.12.1. This means that we would expect a newer version with the -alpine such as node:19.0.0-alpine.

The dockerfile autodiscovery will handle the following scenarios

  • 1 will suggest a version such 2 otherwise stick to 1

  • 1-alpine will suggest a version such 2-alpine otherwise stick to 1-alpine

  • 1.0 will suggest a version such 2.1 otherwise stick to 1.0

  • 1.0-alpine will suggest a version such 2.1-alpine otherwise stick to 1.0-alpine

  • 1.0.0 will suggest a version such 2.1.0 otherwise stick to 1.0.0

  • 1.0.0-alpine will suggest a version such 2.1.0-alpine otherwise stick to 1.0.0-alpine

Any other version pattern such as PEP 440 are ignored in the current state. We are planning to add new versionFilter kinds in the future as the need raise.

Feel free to:

  1. Open an issue explaining the version pattern you are looking for.

  2. Add a +1 to an existing issue as it helps us to prioritise

  3. Contribute to an existing one as it will move things faster.

Top