From d3d7659bca0bd451ca1c2dacb6c1434c697d283a Mon Sep 17 00:00:00 2001
From: trivernis <trivernis@protonmail.com>
Date: Tue, 20 Jun 2023 16:06:34 +0200
Subject: [PATCH] Add script to check for podman image updates

---
 lib/dockerhub.nu    | 18 +++++++++++++++++
 podman-update-check | 49 +++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 67 insertions(+)
 create mode 100644 lib/dockerhub.nu
 create mode 100755 podman-update-check

diff --git a/lib/dockerhub.nu b/lib/dockerhub.nu
new file mode 100644
index 0000000..2fc1927
--- /dev/null
+++ b/lib/dockerhub.nu
@@ -0,0 +1,18 @@
+export def get_image_digest [image: string] {
+  let token = ( get_token $image )
+  mut headers = ( [] 
+    | append [Accept "application/vnd.docker.distribution.manifest.v2+json"]
+    | append [Authorization $"Bearer ($token)"]
+  ) 
+  print $headers
+
+  ( http get -H $headers $"https://registry.hub.docker.com/v2/($image)/manifests/latest"
+    | from json
+    | get config 
+    | get digest
+  )
+}
+
+def get_token [image: string] {
+  http get $"https://auth.docker.io/token?scope=repository:($image):pull&service=registry.docker.io" | get token
+}
\ No newline at end of file
diff --git a/podman-update-check b/podman-update-check
new file mode 100755
index 0000000..0359dd8
--- /dev/null
+++ b/podman-update-check
@@ -0,0 +1,49 @@
+#!/bin/env nu
+use ./lib/cntfy.nu
+use ./lib/dockerhub.nu
+
+def main [  
+  --ntfy: bool
+] { 
+  let images = ( get_images )
+  let image_count = ( $images | length )
+  if $image_count  == 0 {
+    print "No images found"
+    return
+  }
+  print $"($image_count) local image[s] found"
+
+  ( $images
+    | where { |$it| $it.Names? != null } 
+    | insert Name {|$it| $it.Names | first } 
+    | where {|| needs_update }
+    | each {|| print_needs_update $ntfy }
+  )
+}
+
+def get_images [] {
+  podman images --no-trunc --format json | from json 
+}
+
+export def needs_update [] {
+  let data = $in
+  let name_parts = ( $data.Name | split row "/" --number 2 ) 
+  let host = ( $name_parts | first )
+  let image = ( $name_parts | last | split row ":" | get 0 )
+  let digest = $data.Digest
+
+  if $host == "docker.io/" {
+    ( dockerhub get_image_digest $image ) == digest
+  } else {
+    false
+  }
+}
+
+def print_needs_update [ntfy: bool] {
+  let data = $in
+  print $"Image `($data.Name)` needs to be updated."
+
+  if $ntfy {
+      cntfy publish --tags [ podman $data.Name ] --title $"($data.Name) outdated" "updates" $"Container ($data.Name) needs to be updated."
+  }
+}
\ No newline at end of file