@ -8,6 +8,7 @@ import (
log "github.com/sirupsen/logrus"
"github.com/spf13/cobra"
"github.com/spf13/pflag"
"github.com/spf13/viper"
)
@ -15,15 +16,12 @@ import (
// use watchtower
const DockerAPIMinVersion string = "1.25"
// DefaultInterval is the default time between the start of update checks
const DefaultInterval = int ( time . Hour * 24 / time . Second )
// RegisterDockerFlags that are used directly by the docker api client
func RegisterDockerFlags ( rootCmd * cobra . Command ) {
flags := rootCmd . PersistentFlags ( )
flags . StringP ( "host" , "H" , "unix:///var/run/docker.sock" , "daemon socket to connect to" )
flags . BoolP ( "tlsverify" , "v" , false , "use TLS and verify the remote" )
flags . StringP ( "api-version" , "a" , DockerAPIMinVersion , "api version to use by docker client" )
flags . StringP ( "host" , "H" , viper . GetString ( "DOCKER_HOST" ) , "daemon socket to connect to" )
flags . BoolP ( "tlsverify" , "v" , viper . GetBool ( "DOCKER_TLS_VERIFY" ) , "use TLS and verify the remote" )
flags . StringP ( "api-version" , "a" , viper. GetString ( "DOCKER_API_VERSION" ) , "api version to use by docker client" )
}
// RegisterSystemFlags that are used by watchtower to modify the program flow
@ -32,126 +30,126 @@ func RegisterSystemFlags(rootCmd *cobra.Command) {
flags . IntP (
"interval" ,
"i" ,
DefaultInterval ,
viper. GetInt ( "WATCHTOWER_POLL_INTERVAL" ) ,
"poll interval (in seconds)" )
flags . StringP (
"schedule" ,
"s" ,
" ",
viper . GetString ( " WATCHTOWER_SCHEDULE ") ,
"the cron expression which defines when to update" )
flags . DurationP (
"stop-timeout" ,
"t" ,
time. Second * 10 ,
viper. GetDuration ( "WATCHTOWER_TIMEOUT" ) ,
"timeout before a container is forcefully stopped" )
flags . BoolP (
"no-pull" ,
"" ,
false ,
viper . GetBool ( "WATCHTOWER_NO_PULL" ) ,
"do not pull any new images" )
flags . BoolP (
"no-restart" ,
"" ,
false ,
viper . GetBool ( "WATCHTOWER_NO_RESTART" ) ,
"do not restart any containers" )
flags . BoolP (
"no-startup-message" ,
"" ,
false ,
viper . GetBool ( "WATCHTOWER_NO_STARTUP_MESSAGE" ) ,
"Prevents watchtower from sending a startup message" )
flags . BoolP (
"cleanup" ,
"c" ,
false ,
viper . GetBool ( "WATCHTOWER_CLEANUP" ) ,
"remove previously used images after updating" )
flags . BoolP (
"remove-volumes" ,
"" ,
false ,
viper . GetBool ( "WATCHTOWER_REMOVE_VOLUMES" ) ,
"remove attached volumes before updating" )
flags . BoolP (
"label-enable" ,
"e" ,
false ,
viper . GetBool ( "WATCHTOWER_LABEL_ENABLE" ) ,
"watch containers where the com.centurylinklabs.watchtower.enable label is true" )
flags . BoolP (
"debug" ,
"d" ,
false ,
viper . GetBool ( "WATCHTOWER_DEBUG" ) ,
"enable debug mode with verbose logging" )
flags . BoolP (
"trace" ,
"" ,
false ,
viper . GetBool ( "WATCHTOWER_TRACE" ) ,
"enable trace mode with very verbose logging - caution, exposes credentials" )
flags . BoolP (
"monitor-only" ,
"m" ,
false ,
viper . GetBool ( "WATCHTOWER_MONITOR_ONLY" ) ,
"Will only monitor for new images, not update the containers" )
flags . BoolP (
"run-once" ,
"R" ,
false ,
viper . GetBool ( "WATCHTOWER_RUN_ONCE" ) ,
"Run once now and exit" )
flags . BoolP (
"include-stopped" ,
"S" ,
false ,
viper . GetBool ( "WATCHTOWER_INCLUDE_STOPPED" ) ,
"Will also include created and exited containers" )
flags . BoolP (
"revive-stopped" ,
"" ,
false ,
viper . GetBool ( "WATCHTOWER_REVIVE_STOPPED" ) ,
"Will also start stopped containers that were updated, if include-stopped is active" )
flags . BoolP (
"enable-lifecycle-hooks" ,
"" ,
false ,
viper . GetBool ( "WATCHTOWER_LIFECYCLE_HOOKS" ) ,
"Enable the execution of commands triggered by pre- and post-update lifecycle hooks" )
flags . BoolP (
"rolling-restart" ,
"" ,
false ,
viper . GetBool ( "WATCHTOWER_ROLLING_RESTART" ) ,
"Restart containers one at a time" )
flags . BoolP (
"http-api" ,
"" ,
false ,
viper . GetBool ( "WATCHTOWER_HTTP_API" ) ,
"Runs Watchtower in HTTP API mode, so that image updates must to be triggered by a request" )
flags . StringP (
"http-api-token" ,
"" ,
" ",
viper . GetString ( " WATCHTOWER_HTTP_API_TOKEN ") ,
"Sets an authentication token to HTTP API requests." )
// https://no-color.org/
flags . BoolP (
"no-color" ,
"" ,
false ,
viper . IsSet ( "NO_COLOR" ) ,
"Disable ANSI color escape codes in log output" )
flags . StringP (
"scope" ,
"" ,
" ",
viper . GetString ( " WATCHTOWER_SCOPE ") ,
"Defines a monitoring scope for the Watchtower instance." )
}
@ -162,177 +160,178 @@ func RegisterNotificationFlags(rootCmd *cobra.Command) {
flags . StringSliceP (
"notifications" ,
"n" ,
[ ] string { } ,
viper . GetStringSlice ( "WATCHTOWER_NOTIFICATIONS" ) ,
" notification types to send (valid: email, slack, msteams, gotify, shoutrrr)" )
flags . StringP (
"notifications-level" ,
"" ,
"info" ,
viper . GetString ( "WATCHTOWER_NOTIFICATIONS_LEVEL" ) ,
"The log level used for sending notifications. Possible values: panic, fatal, error, warn, info or debug" )
flags . StringP (
"notification-email-from" ,
"" ,
" ",
viper . GetString ( " WATCHTOWER_NOTIFICATION_EMAIL_FROM ") ,
"Address to send notification emails from" )
flags . StringP (
"notification-email-to" ,
"" ,
" ",
viper . GetString ( " WATCHTOWER_NOTIFICATION_EMAIL_TO ") ,
"Address to send notification emails to" )
flags . IntP (
"notification-email-delay" ,
"" ,
0 ,
viper . GetInt ( "WATCHTOWER_NOTIFICATION_EMAIL_DELAY" ) ,
"Delay before sending notifications, expressed in seconds" )
flags . StringP (
"notification-email-server" ,
"" ,
" ",
viper . GetString ( " WATCHTOWER_NOTIFICATION_EMAIL_SERVER ") ,
"SMTP server to send notification emails through" )
flags . IntP (
"notification-email-server-port" ,
"" ,
25 ,
viper . GetInt ( "WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PORT" ) ,
"SMTP server port to send notification emails through" )
flags . BoolP (
"notification-email-server-tls-skip-verify" ,
"" ,
false ,
viper . GetBool ( "WATCHTOWER_NOTIFICATION_EMAIL_SERVER_TLS_SKIP_VERIFY" ) ,
` Controls whether watchtower verifies the SMTP server ' s certificate chain and host name .
Should only be used for testing . ` )
flags . StringP (
"notification-email-server-user" ,
"" ,
" ",
viper . GetString ( " WATCHTOWER_NOTIFICATION_EMAIL_SERVER_USER ") ,
"SMTP server user for sending notifications" )
flags . StringP (
"notification-email-server-password" ,
"" ,
" ",
viper . GetString ( " WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD ") ,
"SMTP server password for sending notifications" )
flags . StringP (
"notification-email-subjecttag" ,
"" ,
" ",
viper . GetString ( " WATCHTOWER_NOTIFICATION_EMAIL_SUBJECTTAG ") ,
"Subject prefix tag for notifications via mail" )
flags . StringP (
"notification-slack-hook-url" ,
"" ,
" ",
viper . GetString ( " WATCHTOWER_NOTIFICATION_SLACK_HOOK_URL ") ,
"The Slack Hook URL to send notifications to" )
flags . StringP (
"notification-slack-identifier" ,
"" ,
"watchtower" ,
viper . GetString ( "WATCHTOWER_NOTIFICATION_SLACK_IDENTIFIER" ) ,
"A string which will be used to identify the messages coming from this watchtower instance" )
flags . StringP (
"notification-slack-channel" ,
"" ,
" ",
viper . GetString ( " WATCHTOWER_NOTIFICATION_SLACK_CHANNEL ") ,
"A string which overrides the webhook's default channel. Example: #my-custom-channel" )
flags . StringP (
"notification-slack-icon-emoji" ,
"" ,
" ",
viper . GetString ( " WATCHTOWER_NOTIFICATION_SLACK_ICON_EMOJI ") ,
"An emoji code string to use in place of the default icon" )
flags . StringP (
"notification-slack-icon-url" ,
"" ,
" ",
viper . GetString ( " WATCHTOWER_NOTIFICATION_SLACK_ICON_URL ") ,
"An icon image URL string to use in place of the default icon" )
flags . StringP (
"notification-msteams-hook" ,
"" ,
" ",
viper . GetString ( " WATCHTOWER_NOTIFICATION_MSTEAMS_HOOK_URL ") ,
"The MSTeams WebHook URL to send notifications to" )
flags . BoolP (
"notification-msteams-data" ,
"" ,
false ,
viper . GetBool ( "WATCHTOWER_NOTIFICATION_MSTEAMS_USE_LOG_DATA" ) ,
"The MSTeams notifier will try to extract log entry fields as MSTeams message facts" )
flags . StringP (
"notification-gotify-url" ,
"" ,
" ",
viper . GetString ( " WATCHTOWER_NOTIFICATION_GOTIFY_URL ") ,
"The Gotify URL to send notifications to" )
flags . StringP (
"notification-gotify-token" ,
"" ,
" ",
viper . GetString ( " WATCHTOWER_NOTIFICATION_GOTIFY_TOKEN ") ,
"The Gotify Application required to query the Gotify API" )
flags . BoolP (
"notification-gotify-tls-skip-verify" ,
"" ,
false ,
viper . GetBool ( "WATCHTOWER_NOTIFICATION_GOTIFY_TLS_SKIP_VERIFY" ) ,
` Controls whether watchtower verifies the Gotify server ' s certificate chain and host name .
Should only be used for testing . ` )
flags . StringP (
"notification-template" ,
"" ,
" ",
viper . GetString ( " WATCHTOWER_NOTIFICATION_TEMPLATE ") ,
"The shoutrrr text/template for the messages" )
flags . StringArrayP (
"notification-url" ,
"" ,
[ ] string { } ,
viper . GetStringSlice ( "WATCHTOWER_NOTIFICATION_URL" ) ,
"The shoutrrr URL to send notifications to" )
}
// SetEnvBindings binds environment variables to their corresponding config keys
func SetEnvBindings ( ) {
if err := viper . BindEnv ( "host" , "DOCKER_HOST" ) ; err != nil {
log . Fatalf ( "failed to bind env DOCKER_HOST: %v" , err )
}
if err := viper . BindEnv ( "tlsverify" , "DOCKER_TLS_VERIFY" ) ; err != nil {
log . Fatalf ( "failed to bind env DOCKER_TLS_VERIFY: %v" , err )
}
if err := viper . BindEnv ( "api-version" , "DOCKER_API_VERSION" ) ; err != nil {
log . Fatalf ( "failed to bind env DOCKER_API_VERSION: %v" , err )
}
viper . SetEnvPrefix ( "WATCHTOWER" )
viper . SetEnvKeyReplacer ( strings . NewReplacer ( "-" , "_" ) )
// SetDefaults provides default values for environment variables
func SetDefaults ( ) {
day := ( time . Hour * 24 ) . Seconds ( )
viper . AutomaticEnv ( )
}
// BindViperFlags binds the cmd PFlags to the viper configuration
func BindViperFlags ( cmd * cobra . Command ) {
if err := viper . BindPFlags ( cmd . PersistentFlags ( ) ) ; err != nil {
log . Fatalf ( "failed to bind flags: %v" , err )
}
viper . SetDefault ( "DOCKER_HOST" , "unix:///var/run/docker.sock" )
viper . SetDefault ( "DOCKER_API_VERSION" , DockerAPIMinVersion )
viper . SetDefault ( "WATCHTOWER_POLL_INTERVAL" , day )
viper . SetDefault ( "WATCHTOWER_TIMEOUT" , time . Second * 10 )
viper . SetDefault ( "WATCHTOWER_NOTIFICATIONS" , [ ] string { } )
viper . SetDefault ( "WATCHTOWER_NOTIFICATIONS_LEVEL" , "info" )
viper . SetDefault ( "WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PORT" , 25 )
viper . SetDefault ( "WATCHTOWER_NOTIFICATION_EMAIL_SUBJECTTAG" , "" )
viper . SetDefault ( "WATCHTOWER_NOTIFICATION_SLACK_IDENTIFIER" , "watchtower" )
}
// EnvConfig translates the command-line options into environment variables
// that will initialize the api client
func EnvConfig ( ) error {
func EnvConfig ( cmd * cobra . Command ) error {
var err error
var host string
var tls bool
var version string
host := viper . GetString ( "host" )
tls = viper . GetBool ( "tlsverify" )
version = viper . GetString ( "api-version" )
flags := cmd . PersistentFlags ( )
if host , err = flags . GetString ( "host" ) ; err != nil {
return err
}
if tls , err = flags . GetBool ( "tlsverify" ) ; err != nil {
return err
}
if version , err = flags . GetString ( "api-version" ) ; err != nil {
return err
}
if err = setEnvOptStr ( "DOCKER_HOST" , host ) ; err != nil {
return err
}
@ -345,6 +344,32 @@ func EnvConfig() error {
return nil
}
// ReadFlags reads common flags used in the main program flow of watchtower
func ReadFlags ( cmd * cobra . Command ) ( bool , bool , bool , time . Duration ) {
flags := cmd . PersistentFlags ( )
var err error
var cleanup bool
var noRestart bool
var monitorOnly bool
var timeout time . Duration
if cleanup , err = flags . GetBool ( "cleanup" ) ; err != nil {
log . Fatal ( err )
}
if noRestart , err = flags . GetBool ( "no-restart" ) ; err != nil {
log . Fatal ( err )
}
if monitorOnly , err = flags . GetBool ( "monitor-only" ) ; err != nil {
log . Fatal ( err )
}
if timeout , err = flags . GetDuration ( "stop-timeout" ) ; err != nil {
log . Fatal ( err )
}
return cleanup , noRestart , monitorOnly , timeout
}
func setEnvOptStr ( env string , opt string ) error {
if opt == "" || opt == os . Getenv ( env ) {
return nil
@ -365,7 +390,9 @@ func setEnvOptBool(env string, opt bool) error {
// GetSecretsFromFiles checks if passwords/tokens/webhooks have been passed as a file instead of plaintext.
// If so, the value of the flag will be replaced with the contents of the file.
func GetSecretsFromFiles ( ) {
func GetSecretsFromFiles ( rootCmd * cobra . Command ) {
flags := rootCmd . PersistentFlags ( )
secrets := [ ] string {
"notification-email-server-password" ,
"notification-slack-hook-url" ,
@ -373,19 +400,25 @@ func GetSecretsFromFiles() {
"notification-gotify-token" ,
}
for _ , secret := range secrets {
getSecretFromFile ( secret)
getSecretFromFile ( flags, secret)
}
}
// getSecretFromFile will check if the flag contains a reference to a file; if it does, replaces the value of the flag with the contents of the file.
func getSecretFromFile ( secret string ) {
value := viper . GetString ( secret )
func getSecretFromFile ( flags * pflag . FlagSet , secret string ) {
value , err := flags . GetString ( secret )
if err != nil {
log . Error ( err )
}
if value != "" && isFile ( value ) {
file , err := ioutil . ReadFile ( value )
if err != nil {
log . Fatal ( err )
}
viper . Set ( secret , strings . TrimSpace ( string ( file ) ) )
err = flags . Set ( secret , strings . TrimSpace ( string ( file ) ) )
if err != nil {
log . Error ( err )
}
}
}