Skip to content

owkin/docker-dependency-updater

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

155 Commits

.github

.github

 
 

__tests__

__tests__

 
 

dist

dist

 
 

src

src

 
 

.eslintignore

.eslintignore

 
 

.eslintrc.json

.eslintrc.json

 
 

.gitignore

.gitignore

 
 

.prettierrc.json

.prettierrc.json

 
 

CHANGELOG.md

CHANGELOG.md

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

action.yml

action.yml

 
 

jest.config.js

jest.config.js

 
 

package-lock.json

package-lock.json

 
 

package.json

package.json

 
 

tsconfig.json

tsconfig.json

 
 

Repository files navigation

build-test

About

GitHub action to update system dependencies installed in a Dockerfile. This action currently supports apk and apt based images.

Usage

In the examples below we are also using other actions:

Update dependencies

Using this you can automatically update dependencies of your docker images in a similar way as using dependabot.

name: Dependencies
on:
  schedule:
    - cron: "0 6 * * *"
  workflow_dispatch:

jobs:
  updates:
    timeout-minutes: 10
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2

      - uses: owkin/docker-dependency-updater@v2.0.0
        with:
          dockerfile: ./docker/Dockerfile
          dependencies: ./docker/dependencies.json
          apply: true

      - uses: peter-evans/create-pull-request@v3
        with:
          commit-message: "chore(deps): update dockerfile dependencies"
          branch: chore/update-docker-dependencies
          title: "chore(deps): update dockerfile dependencies"
          body: Updated dependencies.json
          labels: dependencies
          delete-branch: true

Note the workflow_dispatch trigger that will enable you to run this workflow if the daily update missed the new version and you need to update during the day.

Customizing

Action inputs

Name Type Description
dockerfile String Path to the Dockerfile you want to update
dependencies String Path to the dependencies.json file where you keep your dependencies pinned
apply Bool If true the action will apply changes directly to the files checked out

Recommendations

Before using this Action you will need to update your Dockerfile in order to extract the dependencies you install. The dependencies.json file should have the following structure:

[
  {
    "name": "curl",
    "version": "7.55.0-r2"
  }
]

In your Dockerfiles you can install the dependencies from this file by copying it inside the image and running the update taking this file as an input.

FROM alpine/latest

COPY ./dependencies.json /tmp/dependencies.json

RUN apk update && apk add --no-cache jq \
        && jq -r '.[] | "\(.name)=\(.version)"' /tmp/dependencies.json | xargs apk add --no-cache \
        && rm /tmp/dependencies.json

One of the downsides is that you have the jq package installed in an unpinned manner but since it's only a build dependency, it should be acceptable.

About

Checks system dependencies and update them if required

Topics

environment--production bu--dept-data-platform owner--squad-dse

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases 5

v2.0.3 Latest
Apr 22, 2024
+ 4 releases

Packages

No packages published

Contributors 6

Languages