|
|
|
#!/usr/bin/python3
|
|
|
|
"""Check Docker images for security/distro updates. Assumes DNF."""
|
|
|
|
|
|
|
|
from __future__ import division, print_function
|
|
|
|
import docker
|
|
|
|
import subprocess
|
|
|
|
|
|
|
|
c = docker.APIClient(base_url='unix://var/run/docker.sock')
|
|
|
|
for container in c.containers():
|
|
|
|
name = container['Names'][0]
|
|
|
|
id_ = container['Id']
|
|
|
|
image_id = c.inspect_container(id_)['Image']
|
|
|
|
|
|
|
|
print('-' * 75)
|
|
|
|
print('Container: {}'.format(name))
|
|
|
|
print('Image: {} '.format(image_id))
|
|
|
|
|
|
|
|
# Not using the API here for simplicity (for now)
|
|
|
|
output = subprocess.check_output([
|
|
|
|
'docker', 'run', '-t', '--rm',
|
|
|
|
image_id,
|
|
|
|
'/bin/sh', '-c',
|
|
|
|
|
|
|
|
# Note the semicolons and the string concatenation here!
|
|
|
|
'if [ ! -x /usr/bin/dnf ]; then echo "dnf not available"; exit 0; fi;' +
|
|
|
|
'/usr/bin/dnf -q check-update;' +
|
|
|
|
'if [ $? == 100 ]; then echo "Updates available"; fi;'
|
|
|
|
])
|
|
|
|
print(output.decode())
|