fix writing to watch_status.json
All checks were successful
Docker Build Smart Logic / Build amd64 & arm64 (push) Successful in 16s
All checks were successful
Docker Build Smart Logic / Build amd64 & arm64 (push) Successful in 16s
This commit is contained in:
@@ -4,6 +4,9 @@ CONFIG_DIR="/config"
|
|||||||
CONFIG_FILE="$CONFIG_DIR/watchdog.conf"
|
CONFIG_FILE="$CONFIG_DIR/watchdog.conf"
|
||||||
STATE_FILE="$CONFIG_DIR/watch_state.json"
|
STATE_FILE="$CONFIG_DIR/watch_state.json"
|
||||||
|
|
||||||
|
# Sicherstellen, dass die Datei existiert und valides JSON ist
|
||||||
|
if [ ! -f "$STATE_FILE" ] || [ ! -s "$STATE_FILE" ]; then echo "{}" > "$STATE_FILE"; fi
|
||||||
|
|
||||||
while true; do
|
while true; do
|
||||||
if [ -f "$CONFIG_FILE" ]; then
|
if [ -f "$CONFIG_FILE" ]; then
|
||||||
source "$CONFIG_FILE"
|
source "$CONFIG_FILE"
|
||||||
@@ -13,14 +16,14 @@ while true; do
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
INTERVAL=${CHECK_INTERVAL:-3600}
|
INTERVAL=${CHECK_INTERVAL:-3600}
|
||||||
if [ ! -f "$STATE_FILE" ] || [ ! -s "$STATE_FILE" ]; then echo "{}" > "$STATE_FILE"; fi
|
|
||||||
|
|
||||||
UPDATES_FOUND=""
|
UPDATES_FOUND=""
|
||||||
echo "--- Starte Check: $(date) ---"
|
echo "--- Starte Check: $(date) ---"
|
||||||
|
|
||||||
for entry in "${TARGETS[@]}"; do
|
for entry in "${TARGETS[@]}"; do
|
||||||
IFS="|" read -r TYPE REPO EXTRA <<< "$entry"
|
IFS="|" read -r TYPE REPO EXTRA <<< "$entry"
|
||||||
KEY="${TYPE}_${REPO//[\/\.]/_}_${EXTRA}"
|
KEY="${TYPE}_${REPO//[\/\.]/_}_${EXTRA}"
|
||||||
|
|
||||||
|
# Aktuellen Wert aus Datei lesen
|
||||||
OLD_VAL=$(jq -r ".[\"$KEY\"] // empty" "$STATE_FILE")
|
OLD_VAL=$(jq -r ".[\"$KEY\"] // empty" "$STATE_FILE")
|
||||||
NEW_VAL=""
|
NEW_VAL=""
|
||||||
|
|
||||||
@@ -28,66 +31,67 @@ while true; do
|
|||||||
|
|
||||||
if [ "$TYPE" == "DOCKER" ]; then
|
if [ "$TYPE" == "DOCKER" ]; then
|
||||||
if [[ "$REPO" != *"."* ]] || [[ "$REPO" == *"docker.io"* ]]; then
|
if [[ "$REPO" != *"."* ]] || [[ "$REPO" == *"docker.io"* ]]; then
|
||||||
# --- Docker Hub Logik ---
|
|
||||||
CLEAN_REPO=${REPO#docker.io/}
|
CLEAN_REPO=${REPO#docker.io/}
|
||||||
[[ "$CLEAN_REPO" != *"/"* ]] && CLEAN_REPO="library/$CLEAN_REPO"
|
[[ "$CLEAN_REPO" != *"/"* ]] && CLEAN_REPO="library/$CLEAN_REPO"
|
||||||
NEW_VAL=$(curl -s "https://hub.docker.com/v2/repositories/${CLEAN_REPO}/tags/${EXTRA}" | jq -r '.last_updated // empty')
|
NEW_VAL=$(curl -s "https://hub.docker.com/v2/repositories/${CLEAN_REPO}/tags/${EXTRA}" | jq -r '.last_updated // empty')
|
||||||
else
|
else
|
||||||
# --- Custom Registry (z.B. Gitea) ---
|
|
||||||
REG_HOST=$(echo $REPO | cut -d/ -f1)
|
REG_HOST=$(echo $REPO | cut -d/ -f1)
|
||||||
IMG_NAME=$(echo $REPO | cut -d/ -f2-)
|
IMG_NAME=$(echo $REPO | cut -d/ -f2-)
|
||||||
|
|
||||||
# 1. Versuche einen anonymen Token zu holen (Standard V2 Auth)
|
|
||||||
TOKEN=$(curl -s "https://${REG_HOST}/v2/token?service=${REG_HOST}&scope=repository:${IMG_NAME}:pull" | jq -r '.token // empty')
|
TOKEN=$(curl -s "https://${REG_HOST}/v2/token?service=${REG_HOST}&scope=repository:${IMG_NAME}:pull" | jq -r '.token // empty')
|
||||||
|
|
||||||
# 2. Abfrage mit Token (falls vorhanden) und explizitem GET statt HEAD
|
|
||||||
if [ -n "$TOKEN" ] && [ "$TOKEN" != "null" ]; then
|
|
||||||
AUTH_HEADER="Authorization: Bearer $TOKEN"
|
|
||||||
else
|
|
||||||
AUTH_HEADER="X-No-Auth: true" # Dummy Header
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Wir nutzen curl -i (Header + Body) und fangen den Digest ab
|
|
||||||
RESPONSE=$(curl -s -i -H "$AUTH_HEADER" \
|
|
||||||
-H "Accept: application/vnd.docker.distribution.manifest.v2+json" \
|
|
||||||
"https://${REG_HOST}/v2/${IMG_NAME}/manifests/${EXTRA}")
|
|
||||||
|
|
||||||
|
[[ -n "$TOKEN" && "$TOKEN" != "null" ]] && AUTH_H="Authorization: Bearer $TOKEN" || AUTH_H="X-No-Auth: true"
|
||||||
|
|
||||||
|
RESPONSE=$(curl -s -i -L -H "$AUTH_H" -H "Accept: application/vnd.docker.distribution.manifest.v2+json" "https://${REG_HOST}/v2/${IMG_NAME}/manifests/${EXTRA}")
|
||||||
NEW_VAL=$(echo "$RESPONSE" | grep -i "docker-content-digest" | awk '{print $2}' | tr -d '\r')
|
NEW_VAL=$(echo "$RESPONSE" | grep -i "docker-content-digest" | awk '{print $2}' | tr -d '\r')
|
||||||
|
[[ -z "$NEW_VAL" ]] && NEW_VAL=$(echo "$RESPONSE" | grep -i "etag" | awk '{print $2}' | tr -d '\r' | tr -d '"')
|
||||||
# Falls Digest leer, versuche ETag (Backup für manche Registries)
|
|
||||||
if [ -z "$NEW_VAL" ]; then
|
|
||||||
NEW_VAL=$(echo "$RESPONSE" | grep -i "etag" | awk '{print $2}' | tr -d '\r' | tr -d '"')
|
|
||||||
fi
|
|
||||||
fi
|
fi
|
||||||
elif [ "$TYPE" == "GITHUB" ]; then
|
elif [ "$TYPE" == "GITHUB" ]; then
|
||||||
NEW_VAL=$(curl -s "https://api.github.com/repos/${REPO}/branches/${EXTRA}" | jq -r '.commit.sha // empty')
|
NEW_VAL=$(curl -s "https://api.github.com/repos/${REPO}/branches/${EXTRA}" | jq -r '.commit.sha // empty')
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Debug-Ausgabe falls leer
|
|
||||||
if [ -z "$NEW_VAL" ] || [ "$NEW_VAL" == "null" ]; then
|
if [ -z "$NEW_VAL" ] || [ "$NEW_VAL" == "null" ]; then
|
||||||
echo " ⚠️ Konnte keine Daten für $REPO abrufen (API-Antwort leer)."
|
echo " ⚠️ Fehler: Keine Daten empfangen."
|
||||||
continue
|
continue
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -n "$OLD_VAL" ] && [ "$OLD_VAL" != "$NEW_VAL" ]; then
|
# Logik: Wenn kein alter Wert da ist ODER der neue Wert anders ist
|
||||||
|
if [ -z "$OLD_VAL" ]; then
|
||||||
|
echo " 🆕 Erstaufnahme in Datenbank."
|
||||||
|
# Wir schreiben hier sofort, damit der Zustand gespeichert wird
|
||||||
|
TEMP_JSON=$(jq ".[\"$KEY\"] = \"$NEW_VAL\"" "$STATE_FILE")
|
||||||
|
echo "$TEMP_JSON" > "$STATE_FILE"
|
||||||
|
elif [ "$OLD_VAL" != "$NEW_VAL" ]; then
|
||||||
MSG="Update für $REPO ($EXTRA)! Alt: $OLD_VAL | Neu: $NEW_VAL"
|
MSG="Update für $REPO ($EXTRA)! Alt: $OLD_VAL | Neu: $NEW_VAL"
|
||||||
echo " 🔔 $MSG"
|
echo " 🔔 $MSG"
|
||||||
UPDATES_FOUND="${UPDATES_FOUND}${MSG}\n"
|
UPDATES_FOUND="${UPDATES_FOUND}${MSG}\n"
|
||||||
|
# Wert aktualisieren
|
||||||
|
TEMP_JSON=$(jq ".[\"$KEY\"] = \"$NEW_VAL\"" "$STATE_FILE")
|
||||||
|
echo "$TEMP_JSON" > "$STATE_FILE"
|
||||||
else
|
else
|
||||||
echo " ✅ Aktuell."
|
echo " ✅ Aktuell."
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Speichern
|
|
||||||
TEMP_JSON=$(jq ".[\"$KEY\"] = \"$NEW_VAL\"" "$STATE_FILE")
|
|
||||||
echo "$TEMP_JSON" > "$STATE_FILE"
|
|
||||||
done
|
done
|
||||||
|
|
||||||
# Mail-Versand (bleibt gleich)
|
# E-Mail Versand
|
||||||
if [ -n "$UPDATES_FOUND" ]; then
|
if [ -n "$UPDATES_FOUND" ]; then
|
||||||
# SMTP Konfig schreiben (msmtp Logik hier einfügen wie zuvor...)
|
# Dynamische msmtp config (wie vorher)
|
||||||
|
cat <<EOF > /etc/msmtprc
|
||||||
|
defaults
|
||||||
|
auth on
|
||||||
|
tls on
|
||||||
|
tls_trust_file /etc/ssl/certs/ca-certificates.crt
|
||||||
|
account default
|
||||||
|
host $SMTP_HOST
|
||||||
|
port $SMTP_PORT
|
||||||
|
from $EMAIL_FROM
|
||||||
|
user $SMTP_USER
|
||||||
|
password $SMTP_PASS
|
||||||
|
EOF
|
||||||
|
chmod 600 /etc/msmtprc
|
||||||
echo -e "Subject: Watchdog Alert\n\n$UPDATES_FOUND" | msmtp "$EMAIL_TO"
|
echo -e "Subject: Watchdog Alert\n\n$UPDATES_FOUND" | msmtp "$EMAIL_TO"
|
||||||
|
echo " 📧 E-Mail gesendet."
|
||||||
fi
|
fi
|
||||||
|
|
||||||
echo "Check beendet. Nächster Scan in $INTERVAL s."
|
echo "Nächster Scan in $INTERVAL s."
|
||||||
sleep "$INTERVAL"
|
sleep "$INTERVAL"
|
||||||
done
|
done
|
||||||
Reference in New Issue
Block a user