Get Docker Images and Containers Updates Notifications

You Won’t Miss an Update From Now On!

Post cover image displaying the Docker logo and post title
You Will Be Notified Now!

As a developer or sysadmin running a number of Docker containers, it is critical that you keep them updated regularly when a new release or a security patch is out for your images.

Being informed is not easy, If you go by checking the Docker image homepage or its releases page, that's not practical and a waste of time.

In this post, we will see two ways to get notified about newly released Docker images.

Table of contents

Requirements

The Idea

You would want something to check the image latest version with the version you are currently running, automatically!, If a newer version is found, you should be notified, then you can examine the change-log and act upon that (you do check the change-log right?)

For this we have a tool for the job and a bonus one at the bottom, Let's discover them.

WatchTower

WatchTower is not only notifying you about new releases but also updates the running containers for you, however, this is not the ideal output we want since sometimes the new release can be a breaking one or needs some kind of preparation ahead of deploying it.

Let's see how we can make it work.

WatchTower works also as a Docker container, for that we will be writing a Docker Compose file to set our configuration for it.

Create a docker-compose.yml file and paste the following into it:

version: "2"

services:
  app:
    image: containrrr/watchtower
    hostname: SERVER_NAME
    restart: unless-stopped
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    environment:
      - TZ=Africa/Casablanca
      - NO_COLOR=true
      - WATCHTOWER_SCHEDULE=0 0 19 * * *
      - WATCHTOWER_INCLUDE_STOPPED=true
      - WATCHTOWER_INCLUDE_RESTARTING=true
      - WATCHTOWER_MONITOR_ONLY=true
      - WATCHTOWER_NOTIFICATIONS=gotify
      - WATCHTOWER_NOTIFICATION_GOTIFY_URL=http://192.168.1.197:8001/
      - WATCHTOWER_NOTIFICATION_GOTIFY_TOKEN=A0e2ekUPRRiNhu_
      - WATCHTOWER_NOTIFICATION_GOTIFY_TLS_SKIP_VERIFY=true
docker-compose.yml

Before spinning the container up, we will go throw the environment variables used there:

  • WATCHTOWER_SCHEDULE is where you define when WatchTower will look for updates.
  • WATCHTOWER_INCLUDE_RESTARTING and WATCHTOWER_INCLUDE_STOPPED are to tell WatchTower to look for updates for stopped and restarting containers as well.
  • WATCHTOWER_MONITOR_ONLY used to tell WatchTower to not update (this is where notifications only part is).
  • WATCHTOWER_NOTIFICATIONS this is where you define the notifications channels where possible values are email, slack, msteams, shoutrrr, and gotify (gotify is what we are using in this example, feel free to use whatever notification channel you want or need, we have a post on how to install it).
  • WATCHTOWER_NOTIFICATION_GOTIFY_URL, WATCHTOWER_NOTIFICATION_GOTIFY_TOKEN and WATCHTOWER_NOTIFICATION_GOTIFY_TLS_SKIP_VERIFY are used to define the Gotify server information.

The other options are up to you to adapt like TZ (TimeZone), NO_COLOR, and docker-compose argument hostname so you can identify from where the notifications are coming.

WatchTower Start and Verification

Start the container up with:

docker-compose up -d

Check the logs for any errors thrown with:

docker-compose logs

You should see something similar to the following):

Attaching to watchtower_app_1
app_1  | time="2021-11-22T21:37:54+01:00" level=warning msg="Using an HTTP url for Gotify is insecure"
app_1  | time="2021-11-22T21:37:56+01:00" level=info msg="Watchtower 1.3.0\nUsing notifications: gotify\nChecking all containers (except explicitly disabled with label)\nScheduling first run: 2021-11-23 19:00:00 +0100 +01\nNote that the first check will be performed in 21 hours, 22 minutes, 3 seconds"

After checking the logs, in Gotify you should see a notification already carrying almost the same information:

Gotify notification from the web user interface
Gotify notification from the web user interface

If the above checks, we can say the setup was successful, now every day at 19:00 you will receive a notification if there is a container that needs to be updated so you can take action.

Here is a sample notification (where M0, M1 and CM1 are names of servers I maintain):

A picture displaying a WatchTower's notifications sample
WatchTower's notifications sample

Bonus Tool, Diun

Diun (Docker Image Update Notifier), is a similar service, actually, it was built for the purpose of notifications only (unlike WatchTower, which can do both; notify and/or update).

We will see below how you can deploy and use it, then you can be the judge and use what you feel comfortable with.

To install it, you will do the same thing as WatchTower, create a docker-compose.yml file and paste the following into it:

version: "3.5"

services:
  diun:
    image: crazymax/diun:latest
    container_name: diun
    restart: unless-stopped
    command: serve
    volumes:
      - ./data:/data
      - /var/run/docker.sock:/var/run/docker.sock
    environment:
      - TZ=Africa/Casablanca
      - LOG_LEVEL=info
      - LOG_JSON=false
      - DIUN_WATCH_WORKERS=20
      - DIUN_WATCH_SCHEDULE=0 19 * * *
      - DIUN_PROVIDERS_DOCKER=true
      - DIUN_PROVIDERS_DOCKER_WATCHBYDEFAULT=true
      - DIUN_PROVIDERS_DOCKER_WATCHSTOPPED=true
      - DIUN_NOTIF_GOTIFY_ENDPOINT=http://192.168.1.197:8001/
      - DIUN_NOTIF_GOTIFY_TOKEN=AVcPmg-d9sE-Z8s

Feel free to make the required changes to make it work, like changing the gotify notification information and credentials along with the schedule and timezone.

Launch it with:

docker-compose up -d

Below is a sample of Diun's notifications:

A picture displaying a Diun's notifications sample
Diun's notifications sample

Conclusion

Personally, I like how WatchTower delivers notifications with a list of all updates available for each server I have while Diun is sending a notification for each update available.

But it's up to you to decide and choose between the two!

Sources


As always, I hope you learned something.

Found this useful? feel free to share it with your friends.

Join the newsletter from to notify you of new posts and updates.

Like the post? consider buying us a coffee ❤️.