From 2e02aaa542a550aa3b569ddffd7776496adda72a Mon Sep 17 00:00:00 2001 From: Alex Frantz Date: Fri, 24 Apr 2026 15:17:35 -0400 Subject: [PATCH] simplify update script, run on cron tab --- .gitea/workflows/update.yml | 2 ++ scripts/run_updates.py | 64 +++++++++++++++++-------------------- 2 files changed, 32 insertions(+), 34 deletions(-) diff --git a/.gitea/workflows/update.yml b/.gitea/workflows/update.yml index 3011181..119154a 100644 --- a/.gitea/workflows/update.yml +++ b/.gitea/workflows/update.yml @@ -2,6 +2,8 @@ name: Update Images on: workflow_dispatch: + schedule: + - cron: 0 0 * * * jobs: run-update: diff --git a/scripts/run_updates.py b/scripts/run_updates.py index a12012b..75ff6cf 100644 --- a/scripts/run_updates.py +++ b/scripts/run_updates.py @@ -7,7 +7,8 @@ def search_for_image(image_name): tasks_folder = os.path.realpath(os.path.join('./', 'tasks')) if "library/" in image_name: image_name = image_name.replace("library/", "") - + image_name = image_name.split(":")[0] + for task in os.listdir(tasks_folder): with open(os.path.join(tasks_folder, task), 'r') as file: data = yaml.safe_load(file) @@ -21,45 +22,40 @@ def main(): update_list = requests.get("https://cup.fntz.net/api/v3/json") update_list.raise_for_status() update_list = update_list.json() - + refs = [] deployable_tags = [] - with open("main.yml", 'r') as file: - data = yaml.safe_load(file) - for host in data: - if "tasks" in host: - for task in host['tasks']: - deployable_tags.append(task['tags']) - if len(update_list["images"]) > 0: - already_deployed = [] - actually_updatable = [] - blacklist = [] + for image in update_list["images"]: + reference = image["reference"] - for image in update_list["images"]: - if image['result']['has_update']: - if image in blacklist: - print(f"[UPDATE] Ignoring '{image}' due to its blacklist") - elif 'version_update_type' in image['result']['info'] and image['result']['info']['version_update_type'] != "major": - actually_updatable.append({ 'reference': image['reference'], 'repository': image['parts']['repository'] }) - elif 'type' in image['result']['info'] and image['result']['info']['type'] == "digest": - actually_updatable.append({ 'reference': image['reference'], 'repository': image['parts']['repository'] }) - - print(f"Redeploying {len(actually_updatable)} container(s)..") - for image in actually_updatable: - ansible_tag = search_for_image(image['repository']) - print(ansible_tag, image['reference']) - if ansible_tag and ansible_tag in deployable_tags and ansible_tag not in already_deployed: - print(f'[UPDATE] Deploying {ansible_tag}..') - subprocess.run(f'ANSIBLE_CONFIG=ansible.cfg ansible-playbook main.yml --tags {ansible_tag} --vault-password-file=~/.vault_pass.txt', shell=True) - else: - print('[UPDATE] Could not find corresponding task, cleaning up..') - subprocess.run(f"docker image remove {image['reference']}", shell=True) - already_deployed.append(ansible_tag) + # don't attempt to update if unable + if not image["in_use"]: + continue + if ":latest" not in reference: + continue - print("\nAll images updated, refreshing Cup") + refs.append(reference) + + print("attempting to match images to references: " + ", ".join(refs)) + for reference in refs: + tag = search_for_image(reference) + if tag: + deployable_tags.append(tag) + else: + print("Could not find suitable container for " + reference) + + if len(deployable_tags) > 0: + print(f"Found {len(deployable_tags)}, deploying..") + for ansible_tag in deployable_tags: + subprocess.run(f'ANSIBLE_CONFIG=ansible.cfg ansible-playbook main.yml --tags {ansible_tag} -l bear --vault-password-file=~/.vault_pass.txt', shell=True) + + print("Redeployed all images, refreshing Cup") requests.get("https://cup.fntz.net/api/v3/refresh") + + print("Attempting to clean up dangling/unassumed images") + subprocess.run(f"docker image prune -a -f", shell=True) else: - print("No images to update!") + print("All up to date! :)") if __name__ == "__main__": main()