Skip to content

deadnews/pindock

BranchesTags

Repository files navigation

pindock

Pin and update Docker image digests in Dockerfiles and compose files.

PyPI: Version AUR: version GitHub: Release Docker: ghcr CI: Main CI: Coverage

InstallationUsageAuthenticationPre-commit

Installation

# PyPI
uv tool install pindock

# AUR
yay -S pindock

# Docker
docker pull ghcr.io/deadnews/pindock

Usage

Usage: pindock <command> [flags]

Pin and update Docker image digests.

Commands:
  run [<files> ...] [flags]
    Pin unpinned image digests.

  check [<files> ...] [flags]
    Verify all images are pinned.

Run flags:
  -C, --dir=.      Directory to scan.
  -u, --update     Also update pinned digests to latest.
  -v, --verbose    Show all images, including pinned.

Check flags:
  -C, --dir=.      Directory to scan.
  -v, --verbose    Show all images, including pinned.

When no files are given, pindock auto-discovers files recursively.

Supported files

  • Dockerfile, Containerfile (and variants like Dockerfile.dev, *.dockerfile)
  • compose*.yml, docker-compose*.yml (and .yaml)

Supported instructions

Dockerfile Compose
FROM [--platform=...] image:tag[@digest] [AS name] image: image:tag[@digest]
COPY --from=image:tag[@digest] ...
RUN --mount=from=image:tag[@digest],... ...

Authentication

Uses existing Docker credentials. If you can docker pull, pindock works too.

Pre-commit

repos:
  - repo: https://github.com/deadnews/pindock
    rev: v1.0.0
    hooks:
      - id: pindock
      - id: pindock-check
      - id: pindock-update

About

Pin and update Docker image digests in Dockerfiles and compose files

Topics

docker docker-compose

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

12 tags

Packages

 
 
 

Contributors

Languages