utilities/topgrade
utilities/topgrade
1
0
Fork 0
mirror of https://github.com/r-darwish/topgrade synced 2024-07-08 20:16:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

Upgrade podman/docker containers (#850)

Browse Source 
* containers: Pull newer versions of containers

Allows topgrade to update a users containers. It will automatically skip
containers which come from the `localhost` repo as these are self-built.
Respects the version number the containers were initially checked out
with in order not to introduce semver-breaking changes.

Works with podman and docker.

* topgrade: Add 'containers' step

* containers: Ignore some errors for docker

This patch is needed to achieve compatibility between docker and podman.
In particular, docker doesn't store/tell the user from which repository
(i.e. `hub.docker.com`, or `registry.fedoraproject.org`) a container
originates. This has the side-effect, that self-built containers cannot
be distinguished from publicly available containers. Therefore this
patch introduces an exception to the error handling when pulling, by
scanning the output of the `docker pull` command. If it finds the
`registry does not exist` substring in the output, it will skip the
container but **NOT** consider the whole update step failed.

* containers: Skip '<none>' containers

that result from either intermediate products of a container build or
when images are dangling.

* steps: containers: simplify error handling

And don't return errors from within the "unknown container registry"
handling, since that would immediately terminate the whole update which
isn't intended.
This commit is contained in:
Funky185540 2022-03-05 20:59:19 +01:00 committed by Roey Darwish Dror
parent afa3171d99
commit 72ee6598a6
4 changed files with 107 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/config.rs
View File

@ -78,6 +78,7 @@ pub enum Step {
Composer,
Conda,
ConfigUpdate,
Containers,
CustomCommands,
Deno,
Dotnet,

1
src/main.rs
View File

@ -312,6 +312,7 @@ fn run() -> Result<()> {
runner.execute(Step::Kakoune, "Kakoune", || kakoune::upgrade_kak_plug(&ctx))?;
runner.execute(Step::Node, "npm", || node::run_npm_upgrade(&ctx))?;
runner.execute(Step::Pnpm, "pnpm", || node::pnpm_global_update(&ctx))?;
runner.execute(Step::Containers, "Containers", || containers::run_containers(&ctx))?;
runner.execute(Step::Deno, "deno", || node::deno_upgrade(&ctx))?;
runner.execute(Step::Composer, "composer", || generic::run_composer_update(&ctx))?;
runner.execute(Step::Krew, "krew", || generic::run_krew_upgrade(run_type))?;

104
src/steps/containers.rs Normal file
View File

@ -0,0 +1,104 @@
use anyhow::Result;
use crate::error::{self, TopgradeError};
use crate::executor::CommandExt;
use crate::terminal::print_separator;
use crate::{execution_context::ExecutionContext, utils::require};
use log::{debug, error, warn};
use std::path::Path;
use std::process::Command;
// A string found in the output of docker for containers that weren't found in
// the docker registry. We use this to gracefully handle and skip containers
// that cannot be pulled, likely because they don't exist in the registry in
// the first place. This happens e.g. when the user tags an image locally
// themselves or when using docker-compose.
const NONEXISTENT_REPO: &str = "repository does not exist";
/// Returns a Vector of all containers, with Strings in the format
/// "REGISTRY/[PATH/]CONTAINER_NAME:TAG"
fn list_containers(crt: &Path) -> Result<Vec<String>> {
debug!(
"Querying '{} images --format \"{{{{.Repository}}}}:{{{{.Tag}}}}\"' for containers",
crt.display()
);
let output = Command::new(crt)
.args(&["images", "--format", "{{.Repository}}:{{.Tag}}"])
.output()?;
let output_str = String::from_utf8(output.stdout)?;
let mut retval = vec![];
for line in output_str.lines() {
if line.starts_with("localhost") {
// Don't know how to update self-built containers
debug!("Skipping self-built container '{}'", line);
continue;
}
if line.contains("<none>") {
// Bogus/dangling container or intermediate layer
debug!("Skipping bogus container '{}'", line);
continue;
}
debug!("Using container '{}'", line);
retval.push(String::from(line));
}
Ok(retval)
}
pub fn run_containers(ctx: &ExecutionContext) -> Result<()> {
// Prefer podman, fall back to docker if not present
let crt = require("podman").or_else(|_| require("docker"))?;
debug!("Using container runtime '{}'", crt.display());
print_separator("Containers");
let mut success = true;
let containers = list_containers(&crt)?;
debug!("Containers to inspect: {:?}", containers);
for container in containers.iter() {
debug!("Pulling container '{}'", container);
let args = vec!["pull", &container[..]];
let mut exec = ctx.run_type().execute(&crt);
if let Err(e) = exec.args(&args).check_run() {
error!("Pulling container '{}' failed: {}", container, e);
// Find out if this is 'skippable'
// This is necessary e.g. for docker, because unlike podman docker doesn't tell from
// which repository a container originates (such as `docker.io`). This has the
// practical consequence that all containers, whether self-built, created by
// docker-compose or pulled from the docker hub, look exactly the same to us. We can
// only find out what went wrong by manually parsing the output of the command...
if match exec.check_output() {
Ok(s) => s.contains(NONEXISTENT_REPO),
Err(e) => match e.downcast_ref::<TopgradeError>() {
Some(TopgradeError::ProcessFailedWithOutput(_, stderr)) => stderr.contains(NONEXISTENT_REPO),
_ => false,
},
} {
warn!("Skipping unknown container '{}'", container);
continue;
}
success = false;
}
}
if ctx.config().cleanup() {
// Remove dangling images
debug!("Removing dangling images");
if let Err(e) = ctx.run_type().execute(&crt).args(&["image", "prune", "-f"]).check_run() {
error!("Removing dangling images failed: {}", e);
success = false;
}
}
if success {
Ok(())
} else {
Err(anyhow::anyhow!(error::StepFailed))
}
}

1
src/steps/mod.rs
View File

@ -1,3 +1,4 @@
pub mod containers;
pub mod emacs;
pub mod generic;
pub mod git;