{"id":13564486,"url":"https://github.com/umputun/updater","last_synced_at":"2025-04-05T16:07:50.175Z","repository":{"id":39607116,"uuid":"394706905","full_name":"umputun/updater","owner":"umputun","description":"Simple web-hook based receiver executing things via HTTP request","archived":false,"fork":false,"pushed_at":"2025-03-25T23:32:43.000Z","size":977,"stargazers_count":121,"open_issues_count":0,"forks_count":8,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-29T15:07:23.876Z","etag":null,"topics":["docker","update-checker","update-service","updates"],"latest_commit_sha":null,"homepage":"https://updater.umputun.dev","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/umputun.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":["umputun"]}},"created_at":"2021-08-10T16:17:30.000Z","updated_at":"2025-03-25T23:32:42.000Z","dependencies_parsed_at":"2024-01-16T18:58:02.875Z","dependency_job_id":"b7b705ab-b643-47c3-aea6-a1afbad1436e","html_url":"https://github.com/umputun/updater","commit_stats":{"total_commits":54,"total_committers":4,"mean_commits":13.5,"dds":"0.35185185185185186","last_synced_commit":"6daa11a083f4102a1b3a5d57c192e28f58aa6160"},"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/umputun%2Fupdater","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/umputun%2Fupdater/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/umputun%2Fupdater/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/umputun%2Fupdater/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/umputun","download_url":"https://codeload.github.com/umputun/updater/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247361687,"owners_count":20926643,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["docker","update-checker","update-service","updates"],"created_at":"2024-08-01T13:01:32.059Z","updated_at":"2025-04-05T16:07:50.156Z","avatar_url":"https://github.com/umputun.png","language":"Go","funding_links":["https://github.com/sponsors/umputun"],"categories":["Go"],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n  \u003cimg class=\"logo\" src=\"https://raw.githubusercontent.com/umputun/updater/master/site/logo-bg.svg\" width=\"355px\" height=\"142px\" alt=\"Updater | Simple Remote Updater\"/\u003e\n\u003c/div\u003e\n\nUpdater is a simple web-hook-based receiver executing things via HTTP requests and invoking remote updates without exposing any sensitive info, like ssh keys, passwords, etc. The updater is usually called from CI/CD system (i.e., Github action), and the actual http call looks like `curl https://\u003cserver\u003e/update/\u003ctask-name\u003e/\u003caccess-key\u003e`. Alternatively, the updater can be called with POST method and the payload can be passed as JSON, i.e. `curl -X POST -d '{\"task\":\"remark42-site\", \"secret\":\"123456\"}' https://example.com/update`\n\nList of tasks defined in the configuration file, and each task has its custom section for the command.\n\n---\n\n\u003cdiv align=\"center\"\u003e\n\n[![Build Status](https://github.com/umputun/updater/workflows/build/badge.svg)](https://github.com/umputun/updater/actions) \u0026nbsp;[![Coverage Status](https://coveralls.io/repos/github/umputun/updater/badge.svg?branch=master)](https://coveralls.io/github/umputun/updater?branch=master) \n\n\u003c/div\u003e\n\nExample of `updater.yml`:\n\n```yaml\ntasks:\n\n  - name: remark42-site\n    command: |\n      echo \"update remark42-site\"\n      docker pull ghcr.io/umputun/remark24-site:master\n      docker rm -f remark42-site\n      docker run -d --name=remark42-site\n\n  - name: feed-master\n    command: |\n      echo \"update feed-master\"\n      docker pull umputun/feed-master\n      docker restart feed-master\n```\n\nBy default the update call synchronous but can be switched to non-blocking mode with `async` query parameter, i.e. `curl https://example.com/update/remark42-site/super-seecret-key?async=1`. To request the async update with `POST`, `async=true` should be used in the payload, i.e. `curl -X POST -d '{\"task\":\"remark42-site\", \"secret\":\"123456\", \"async\":true}' https://example.com/update`\n\n## Install\n\nUpdater distributed as multi-arch docker container as well as binary files for multiple platforms. Container has the docker client preinstalled to allow the typical \"docker pull \u0026 docker restart\" update sequence.\n\nContainers available on both [github container registry (ghcr)](https://github.com/umputun/updater/pkgs/container/updater) and [docker hub](https://hub.docker.com/repository/docker/umputun/updater)\n\n\nThis is an example of updater usage inside of the docker compose. It uses [reproxy](https://reproxy.io) as the reversed proxy, but any other (nginx, apache, haproxy, etc) can be used as well.\n\n```yaml\nservices:\n  \n  reproxy:\n    image: ghcr.io/umputun/reproxy:master\n    restart: always\n    hostname: reproxy\n    container_name: reproxy\n    logging: \u0026default_logging\n      driver: json-file\n      options:\n        max-size: \"10m\"\n        max-file: \"5\"\n    ports:\n      - \"80:8080\"\n      - \"443:8443\"\n    environment:\n      - TZ=America/Chicago\n      - DOCKER_ENABLED=true\n      - SSL_TYPE=auto\n      - SSL_ACME_EMAIL=umputun@gmail.com\n      - SSL_ACME_FQDN=jess.umputun.com,echo.umputun.com\n    volumes:\n      - /var/run/docker.sock:/var/run/docker.sock:ro\n      - ./var/ssl:/srv/var/ssl\n\n  echo:\n    image: ghcr.io/umputun/echo-http\n    hostname: echo\n    container_name: echo\n    command: --message=\"echo echo 123\"\n    logging: *default_logging\n    labels:\n      reproxy.server: 'echo.umputun.com'\n      reproxy.route: '^/(.*)'\n\n  updater:\n    image: ghcr.io/umputun/updater:master\n    container_name: \"updater\"\n    hostname: \"updater\"\n    restart: always\n    logging: *default_logging\n    environment:\n      - LISTEN=0.0.0.0:8080\n      - KEY=super-secret-password\n      - CONF=/srv/etc/updater.yml\n    ports:\n      - \"8080\"\n    volumes:\n      - ./etc:/srv/etc\n      - /var/run/docker.sock:/var/run/docker.sock\n    labels:\n      reproxy.server: 'jess.umputun.com'\n      reproxy.route: '^/(.*)'\n```\n\n## Working with docker-compose\n\nFor a simple container, started with all the parameters manually, the typical update sequence can be as simple as \"kill container and recreate it\", however docker compose-based container can be a little trickier. If user runs updater directly on the host (not from a container) the update command can be as trivial as \"docker-compose pull \u003cservice\u003e \u0026\u0026 docker-compose up -d \u003cservice\u003e\". In case if updater runs from a container the simplest way to do the same is \"ssh user@bridge-ip docker-compose ...\". To simplify the process the openssh-client already preinstalled. \n\nThis is an example of ssh-based `updater.yml`\n\n```yaml\ntasks:\n\n  - name: remark42-site\n    command: |\n      echo \"update remark42-site with compose\"\n      ssh app@172.17.42.1 \"cd /srv \u0026\u0026 docker-compose pull remark42-site \u0026\u0026 docker-compose up -d remark42-site\"\n\n  - name: reproxy-site\n    command: |\n      echo \"update reproxy-site\"\n      ssh app@172.17.42.1 \"cd /srv \u0026\u0026 docker-compose pull reproxy-site \u0026\u0026 docker-compose up -d reproxy-site\"\n```\n\n### Creating user for SSH connection from updater\n\n```shell\n# updater container uses user app so it would be convinient to connect using the same name\nsudo useradd -m -d /home/app -s /bin/bash app\nsudo usermod -a -G docker app\nsudo su - app\nssh-keygen -t ed25519 -N '' -f ~/.ssh/id_rsa -C updater\nmv .ssh/id_rsa.pub .ssh/authorized_keys\nchmod 600 ~/.ssh/authorized_keys\n# proper user and group for private key to be used inside the container\nchown 1001:1001 ~/.ssh/id_rsa\nlogout\n# then attach /home/app/.ssh/id_rsa to a /home/app/.ssh/id_rsa on the container where updater runs if necessary\n```\n\n## Other use cases\n\nThe main goal of this utility is to update containers; however, all it does is the remote activation of predefined commands. Such command can do anything user like, not just \"docker pull \u0026\u0026 docker restart.\" For instance, it can be used to schedule remote jobs from some central orchestrator, run remote cleanup jobs, etc.\n\n## All parameters\n\n```\n  -f, --file=         config file (default: updater.yml) [$CONF]\n  -l, --listen=       listen on host:port (default: localhost:8080) [$LISTEN]\n  -k, --key=          secret key [$KEY]\n  -b, --batch         batch mode for multi-line scripts\n      --limit=        limit how many concurrent update can be running (default: 10)\n      --timeout=      for how long update task can be running (default: 1m)\n      --update-delay= delay between updates (default: 1s)\n      --dbg           show debug info [$DEBUG]\n\nHelp Options:\n  -h, --help    Show this help message\n\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fumputun%2Fupdater","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fumputun%2Fupdater","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fumputun%2Fupdater/lists"}