warricksothr
/
pinned-package-updater
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
19 Commits
1 Branch
0 Tags
4.1 MiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
pinned-package-updater/README.md

98 lines
4.0 KiB
Raw Permalink Normal View History

Initial commit for the project
3 years ago
Added additional starting documentation
3 years ago
Initial commit for the project
3 years ago
Updated documentation and added TODO.md for task tracking
3 years ago
Initial commit for the project
3 years ago
Updated documentation and added TODO.md for task tracking
3 years ago
Initial commit for the project
3 years ago
Added additional starting documentation
3 years ago
Updated documentation
3 years ago
Added additional starting documentation
3 years ago
Initial commit for the project
3 years ago
Replaced an incorrect email in the license sections
3 years ago
Initial commit for the project
3 years ago
  1. # Pinned Package Updater
  3. Pinned Package Updater (PPU) is a tool for managing pinned packages installed with package managers in a Dockerfile
  4. manifest. The goal of this tool is to reduce the administrative burden of keeping packages up to date with upstream
  5. security releases by offering an automatic mechanism for checking for new security releases and patching the existing
  6. Dockerfile manifest with those new versions.
  8. The integration into the CI/CD is left up to the user, but can be as simple as committing the changes and opening an MR.
  10. ## Table Of Contents
  12. 1. [Usage](#usage)
  13. 2. [Features](#features)
  14. 3. [Building](#building)
  15. 4. [Contributing](#contributing)
  16. 5. [License](#license)
  18. ## Usage
  20. ### Standalone Usage
  21. The default behavior for the tool is to operate in a standalone mode. In this mode the tool is responsible for parsing
  22. the Dockerfile, fetching the upstream package manager resources, identifying the upgrades available, and applying those
  23. upgrades. An alternative [distributed mode](#distributed-usage) is available to remove the upstream package resource
  24. caching and version upgrade determination logic.
  26. ```bash
  27. pinned-package-updater check [Dockerfile, ...]
  28. pinned-package-updater update [Dockerfile, ...]
  29. ```
  31. ### Distributed Usage
  33. In distributed mode the tool relies on an external deployment of PPU that is running in ***serve*** mode
  34. `pinned-package-updater serve`. To cache the upstream package manager resources and handle the upgrade check logic. In
  35. this mode much of the work can be cached between requests and the overhead of checking for pinned version updates is
  36. significantly reduced.
  38. The tool running in this mode will revert to standalone mode if the upstream service is unavailable.
  40. ```bash
  41. pinned-package-updater check --remote <address of the upstream service> [Dockerfile, ...]
  42. pinned-package-updater update [Dockerfile, ...]
  43. ```
  45. ## Features
  47. - [ ] Supported base images
  48. - [ ] Alpine Linux
  49. - (3.11, 3.12, 3.13, 3.14) are recognized by default, other versions may need additional configuration
  50. - [ ] Debian
  51. - (jessie, stretch, buster, bullseye) are recognized by default, other versions may need additional configuration
  52. - [ ] Ubuntu
  53. - (16.04, 18.04, 20.04) are recognized by default, other versions may need additional configuration
  54. - [ ] Red Hat Enterprise Linux
  55. - (8, 9) are recognized by default, other versions may need additional configurations
  56. - [ ] Others with explicit configuration of package manager and default upstream repositories
  57. - [ ] Support external repositories added in the image manifest
  58. - [ ] Support additional Alpine Linux repositories
  59. - [ ] Support additional Debian repositories
  60. - [ ] deb repositories
  61. - [ ] ppa repositories
  62. - [ ] Support additional Red Hat Linux repositories
  63. - [ ] Resolve pinned packages in Dockerfiles
  64. - [ ] Support for Alpine based images (apk)
  65. - [ ] Support for Debian based images (apt, apt-get)
  66. - [ ] Support for Red Hat Enterprise Linux based images (yum, dnf)
  67. - [ ] Interrogate upstream package systems for package and version information
  68. - [ ] Support for Alpine based package repositories
  69. - [ ] Support for Debian based package repositories
  70. - [ ] Support for Red Hat Enterprise Linux based package repositories
  71. - [ ] Patch Dockerfiles in place with the recommended version upgrades
  73. ## Building
  75. To build `pinned-package-updater`, run `go build`
  77. ## Contributing
  79. I am not currently accepting outside contributions.
  81. ## License
  83. ```
  84. Copyright © 2021 Drew Short <warrick@sothr.com>
  86. Licensed under the Apache License, Version 2.0 (the "License");
  87. you may not use this file except in compliance with the License.
  88. You may obtain a copy of the License at
  90. http://www.apache.org/licenses/LICENSE-2.0
  92. Unless required by applicable law or agreed to in writing, software
  93. distributed under the License is distributed on an "AS IS" BASIS,
  94. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  95. See the License for the specific language governing permissions and
  96. limitations under the License.
  97. ```
  99. A copy of the license can also be viewed at [LICENSE](LICENSE)