dependabot-core icon indicating copy to clipboard operation
dependabot-core copied to clipboard
verified publisher icon dependabot

[Docker] Update docker images used within the codebase

Open yeikel opened this issue 2 years ago • 1 comments

Is there an existing issue for this?

  • [X] I have searched the existing issues

Feature description

Disclaimer

This is probably very difficult to implement given all the different files these could be stored. I am logging it to hear your thoughts and to see if there are possible ways to do this

Background

While using testcontainers, it is common to define docker images using the following syntax:


// Referring directly to an image on Docker Hub (mysql:8.0.24)
final MySQLContainer<?> mysql = new MySQLContainer<>(
    DockerImageName.parse("mysql:8.0.24")
)

final MySQLContainer<?> mysql = new MySQLContainer<>(
    DockerImageName.parse("registry.mycompany.com/mirror/mysql:8.0.24")
        .asCompatibleSubstituteFor("mysql")
)

It would be ideal if dependabot could detect and update them

if parsing all files is too expensive, maybe we could configure specific files to scan.

yeikel avatar Mar 22 '23 15:03 yeikel

If others interested, I guess it would need to add more options/code to the "Docker" ecosystem https://github.com/dependabot/dependabot-core/tree/main/docker/lib/dependabot/docker

I'm wondering if searching in Properties file can be a good first iteration. I think it is relatively common to extract the versions in these files and it would allow a simpler parsing. We might even force a convention to search for the container value, like container.* or *.container property key.

apupier avatar Aug 21 '24 15:08 apupier