Merge pull request 'added gotify alerts on image updates' (#1) from podman_gotify_alert into master

Reviewed-on: jonas/salt-states#1

podman/files/check_image_updates.service.jinja

@@ -0,0 +1,10 @@
+[Unit]
+Description=Check for image updates on configured podman containers
+
+[Service]
+Type=oneshot
+User={{ pillar.podman.user }}
+ExecStart={{ salt['user.info'](pillar.podman.user).home }}/bin/check_image_updates.sh
+
+[Install]
+WantedBy=default.target

podman/files/check_image_updates.sh.jinja

@@ -0,0 +1,35 @@
+#!/usr/bin/env bash
+
+URL="{{ pillar['podman']['gotify']['url'] }}"
+TOKEN="{{ pillar['podman']['gotify']['token'] }}"
+TITLE="Updates on $HOSTNAME"
+PRIORITY="{{ pillar['podman']['gotify']['priority'] }}"
+
+{% raw -%}
+function check_update(){
+    IFS=',' read -r -a container_info <<< "$(podman container inspect $1 --format '{{ .Name }},{{ .ImageName }},{{ .Image }}')"
+
+    podman pull "${container_info[1]}"
+    if [[ "$(podman image inspect "${container_info[1]}" --format "{{.Id}}")" != "${container_info[2]}" ]];then
+        containers[${#containers[@]}]="${container_info[0]}"
+    fi
+}
+
+
+IFS=$'\n'
+for line in $(podman container ls -q); do
+    check_update "$line"
+done
+if [[ "${#containers[@]}" == "0" ]]; then
+    exit
+fi
+
+MESSAGE=$(cat << EOM
+Following ${#containers[@]} container(s) has updates:
+${containers[*]}
+EOM
+)
+
+curl "$URL/message?token=$TOKEN" -F "title=$TITLE" -F "priority=$PRIORITY" -F "message=$MESSAGE"
+echo " "
+{% endraw -%}

podman/files/check_image_updates.timer.jinja

@@ -0,0 +1,9 @@
+[Unit]
+Description=Restic backup timer
+
+[Timer]
+OnCalendar=Sun, 12:00
+Unit=check_image_updates.service
+
+[Install]
+WantedBy=timers.target

podman/init.sls

@@ -1,4 +1,6 @@
 {% set user = salt['pillar.get']('podman:user', 'root') %}
+{% set home = salt['user.info'](user).home %}
+
 
 Install packages needed for podman:
   pkg.installed:
@@ -10,6 +12,45 @@ Set linger for user {{ user }}:
     - name: loginctl enable-linger {{ user }}
     - unless: test -e /var/lib/systemd/linger/{{ user }}
 
+Copy check image update script:
+  file.managed:
+    - name: {{ home }}/bin/check_image_updates.sh
+    - source: salt://podman/files/check_image_updates.sh.jinja
+    - template: jinja
+    - user: {{ user }}
+    - group: {{ user }}
+    - mode: 0700
+
+Create check image update service:
+  file.managed:
+    - name: /etc/systemd/system/check_image_updates.service
+    - source: salt://podman/files/check_image_updates.service.jinja
+    - template: jinja
+    - user: root
+    - group: root
+    - mode: "0644"
+
+Create check image update timer:
+  file.managed:
+    - name: /etc/systemd/system/check_image_updates.timer
+    - source: salt://podman/files/check_image_updates.timer.jinja
+    - template: jinja
+    - user: root
+    - group: root
+    - mode: "0644"
+
+Systemd daemon reload for image update:
+  cmd.run:
+    - name: systemctl daemon-reload
+    - onchanges:
+      - file: Create check image update service
+      - file: Create check image update timer
+
+Start check image update timer:
+  service.running:
+    - name: check_image_updates.timer
+    - enable: True
+
 {% if pillar.containers is defined %}
 include:
 {%- for container, args in pillar.containers.items() %}