From 7dd8bf13bead93a7bb05327deeb65b7913e5c687 Mon Sep 17 00:00:00 2001 From: Rhys Arkins <rhys@keylocation.sg> Date: Tue, 24 Oct 2017 05:33:03 +0200 Subject: [PATCH] refactor: add pinDigests configuration option for docker (#1033) --- docs/configuration.md | 9 ++++++ lib/config/definitions.js | 6 ++++ lib/workers/package/docker.js | 53 +++++++++++++++++++---------------- 3 files changed, 44 insertions(+), 24 deletions(-) diff --git a/docs/configuration.md b/docs/configuration.md index fc09388b31..95a5abea95 100644 --- a/docs/configuration.md +++ b/docs/configuration.md @@ -92,6 +92,7 @@ $ node renovate --help --package-files <list> Package file paths --ignore-paths <list> Skip any package.json whose path matches one of these. --ignore-deps <list> Dependencies to ignore + --pin-digests [boolean] Whether to add digests to Dockerfile source images --pin-versions [boolean] Convert ranged versions in package.json to pinned versions --separate-major-releases [boolean] If set to false, it will upgrade dependencies to latest release only, and not separate major/minor branches --separate-patch-releases [boolean] If set to true, it will separate minor and patch updates into separate branches @@ -458,6 +459,14 @@ Obviously, you can't set repository or package file location with this method. <td></td> <td><td> </tr> +<tr> + <td>`pinDigests`</td> + <td>Whether to add digests to Dockerfile source images</td> + <td>boolean</td> + <td><pre>true</pre></td> + <td>`RENOVATE_PIN_DIGESTS`</td> + <td>`--pin-digests`<td> +</tr> <tr> <td>`pinVersions`</td> <td>Convert ranged versions in package.json to pinned versions</td> diff --git a/lib/config/definitions.js b/lib/config/definitions.js index de02d29e7b..ed3de2f8ad 100644 --- a/lib/config/definitions.js +++ b/lib/config/definitions.js @@ -315,6 +315,12 @@ const options = [ env: false, }, // Version behaviour + { + name: 'pinDigests', + description: 'Whether to add digests to Dockerfile source images', + stage: 'package', + type: 'boolean', + }, { name: 'pinVersions', description: 'Convert ranged versions in package.json to pinned versions', diff --git a/lib/workers/package/docker.js b/lib/workers/package/docker.js index d8f71989e2..f148442cb4 100644 --- a/lib/workers/package/docker.js +++ b/lib/workers/package/docker.js @@ -5,29 +5,34 @@ module.exports = { }; async function renovateDockerImage(config) { - const newDigest = await dockerApi.getDigest( - config.depName, - config.currentTag, - config.logger - ); - if (!newDigest || config.currentDigest === newDigest) { - return []; + const { currentTag, logger } = config; + const upgrades = []; + if (config.pinDigests) { + logger.debug('Checking Docker pinDigests'); + const newDigest = await dockerApi.getDigest( + config.depName, + currentTag, + config.logger + ); + if (newDigest && config.currentDigest !== newDigest) { + const upgrade = {}; + upgrade.newTag = currentTag; + upgrade.newDigest = newDigest; + upgrade.newVersion = newDigest; + upgrade.newFrom = config.depName; + if (upgrade.newTag) { + upgrade.newFrom += `:${upgrade.newTag}`; + } + upgrade.newFrom += `@${upgrade.newDigest}`; + if (config.currentDigest) { + upgrade.type = 'digest'; + upgrade.isDigest = true; + } else { + upgrade.type = 'pin'; + upgrade.isPin = true; + } + upgrades.push(upgrade); + } } - const upgrade = {}; - upgrade.newTag = config.currentTag; - upgrade.newDigest = newDigest; - upgrade.newVersion = newDigest; - upgrade.newFrom = config.depName; - if (upgrade.newTag) { - upgrade.newFrom += `:${upgrade.newTag}`; - } - upgrade.newFrom += `@${upgrade.newDigest}`; - if (config.currentDigest) { - upgrade.type = 'digest'; - upgrade.isDigest = true; - } else { - upgrade.type = 'pin'; - upgrade.isPin = true; - } - return [upgrade]; + return upgrades; } -- GitLab