Roles: Update check - HolgerHees/smartserver GitHub Wiki

Check for available software updates

Each operating system has its own way to check for updated software versions. On suse you call "zypper dup" or on almalinux (rhel) you call "dnf upgrade".

But whats happen with docker containers and installed software from github repositories.

The problem with docker containers could be solved by using always the latest images and call "docker pull" from time to time. This updates your image to the latest version but at the same time, you have not much control about the version you want to install.

For github there is no solution so far, except you call "git pull" and recompile everything.

Update notifier

Thats why I wrote a small tool called update notifier where all docker and github deployment roles are registering their self. The tool is running as a cron job every night and is checking docker and github projects for available updates.

For docker images it checks for newer tagged images and on github it checks either for a new release tag or how many commits are pushed since you clonded a specific version.

Configuration

The following example registers the apache docker container. The current version is detected automatically. The only thing which maybe different is the regex pattern to filter out unwanted tags.

- name: register update notifier
  vars:
    name: "apache"
    type: "docker"
    url: "https://www.apachelounge.com/Changelog-2.4.html"
    config: {
      repository: "httpd", 
      pattern: "^([0-9\\.]+)$"
    }
  import_tasks: roles/update_notifier/tasks/add_notifier.yml

Another example where we register java as a github project with a specific tag and where we want to check for newer tags. If you leave the pattern empty it will notify you about new commits instead about new tagged versions.

- name: register update notifier
  vars:
    name: "java"
    type: "github"
    url: "https://github.com/corretto/corretto-8/releases"
    config: { 
      project: "corretto/corretto-8", 
      pattern: "^([0-9\\.\\-]+)$",
      version: "8.242.08.1" 
    }
  import_tasks: roles/update_notifier/tasks/add_notifier.yml

Notification and visualisation

After each cron job run, you get a email notification if there are new available updates since the last run. In a web ui you can check which versions are available and click on the each version to see the changelogs and release notes to decide if you want this update or not.