30 lines
824 B
Bash
30 lines
824 B
Bash
#!/bin/bash
|
|
|
|
# Function to get latest SHA256 digest
|
|
get_latest_digest() {
|
|
image_name=$(echo $1 | cut -d'@' -f1)
|
|
docker pull $image_name > /dev/null
|
|
digest=$(docker inspect --format='{{index .RepoDigests 0}}' $image_name | cut -d'@' -f2)
|
|
echo $digest
|
|
}
|
|
|
|
# Update Dockerfile
|
|
update_dockerfile() {
|
|
old_line=$1
|
|
new_digest=$2
|
|
new_line=$(echo $old_line | sed "s|@sha256:[a-f0-9]*|@$new_digest|")
|
|
sed -i "s|$old_line|$new_line|" Dockerfile
|
|
echo "Updated: $new_line"
|
|
}
|
|
|
|
# Process Dockerfile
|
|
while IFS= read -r line
|
|
do
|
|
if [[ $line == FROM* && $line == *@sha256:* ]]; then
|
|
image=$(echo $line | awk '{print $2}')
|
|
new_digest=$(get_latest_digest $image)
|
|
update_dockerfile "$line" "$new_digest"
|
|
fi
|
|
done < Dockerfile
|
|
|
|
echo "Dockerfile updated with latest SHA256 digests." |