Drydock Logo
v1.5.0 · Open Source

Container Update
Monitoring

Keep your containers up-to-date. Auto-discover running containers, detect image updates across 23 registries, scan for vulnerabilities, and trigger notifications via 20+ services.

View on GitHubDocumentation
GHCR pullsDocker Hub pullsQuay.ioMulti-archContainer size
StarsForksIssuesLicense AGPL-3.0Last commitCommit activityDiscussionsMentioned in Awesome Docker
CIOpenSSF Best PracticesOpenSSF ScorecardCodecovSnykMutation testingSite viewsKo-fiBuy Me a CoffeeGitHub Sponsors

Everything you need

A complete solution for monitoring and managing container updates across your infrastructure.

drydock capabilities12 modules
01

Auto-Discovery

Core

Automatically discovers running containers and tracks their image versions without manual configuration.

02

23 Registries

Integrations

Query Docker Hub, GHCR, ECR, GCR, GAR, GitLab, Quay, LSCR, ACR, Harbor, Artifactory, Nexus, and more.

03

20 Triggers

Integrations

Notify via Slack, Discord, Telegram, Teams, SMTP, MQTT, HTTP, Gotify, NTFY, Kafka, and more.

04

Dry-Run Preview

Operations

Preview updates before applying them. Pre-update image backup with one-click rollback.

05

Distributed Agents

Core

Monitor remote Docker hosts via SSE-based agents. Centralized dashboard for all environments.

06

Prometheus Metrics

Core

Built-in /metrics endpoint with Grafana dashboard template. Full observability out of the box.

07

Audit Log

Security

Event-based audit trail with persistent storage. Full REST API and Prometheus counters.

08

OIDC Authentication

Security

Secure your instance with OpenID Connect. Works with Authelia, Auth0, and Authentik.

09

Auto Rollback

Operations

Automatic rollback on health check failure. Configurable image backup retention policies.

10

Container Actions

Operations

Start, stop, and restart containers directly from the UI or API. Feature-flagged for safety.

11

Webhook API

Integrations

Token-authenticated HTTP endpoints for CI/CD integration. Trigger updates on demand.

12

Container Grouping

Core

Smart stack detection via compose project or labels. Collapsible groups with batch actions.

Get started in seconds

One command to start monitoring all your containers.

Terminal
$ docker run -d \
  --name drydock \
  -v /var/run/docker.sock:/var/run/docker.sock \
  -p 3000:3000 \
  codeswhat/drydock

Screenshots

See it in action!

Try the fully interactive demo below — real UI, real data*, no install required.

*Not real data

Roadmap

Where we've been and where we're headed.

v1.4.1Released

Patch & Polish

  • Headless mode (API-only, no UI serving)
  • Maturity-based update policy (NEW/MATURE badges)
  • URL param groupByStack, agent handshake fix, login error surfacing
v1.5.0Up Next

Observability & User-Requested Features

  • Real-time WebSocket log viewer with ANSI colors + JSON syntax highlighting
  • Diagnostic debug dump with automatic redaction
  • Dashboard customization with drag-to-reorder and per-widget toggles
  • Resource usage dashboard widget
  • Trigger environment variable aliases (DD_ACTION_*/DD_NOTIFICATION_*)
  • Security scan digest (SECURITYMODE=digest) — one notification per scan cycle (#300)
  • POST /containers/scan-all bulk scan endpoint with 1 req/60s rate limit
  • Backend-driven update queue with Queued → Updating → Updated state progression
  • Update eligibility blockers surfaced on container rows
  • Floating tag detection with auto-enable digest watch for mutable aliases
  • Notification bell rework — actionable alerts only, per-entry dismiss, zebra stripes
  • Notification history store — once=true dedup survives restarts
  • Metrics bearer token auth (DD_SERVER_METRICS_TOKEN)
  • Design system overhaul — shared components, semantic typography, WCAG touch targets
  • Container source project shortcut link from OCI labels (#295)
  • Watcher next-run column with absolute-timestamp tooltip (#288)
  • Actionable deprecation banners with inline migration guidance (#214)
v1.6.0

📨Scanner Decoupling, Notifications & Release Intel

  • Backend-based scanner execution (docker/remote)
  • Grype scanner provider
  • Scanner asset lifecycle management
  • Custom zero-dependency dashboard grid (replaces grid-layout-plus, #281)
  • Fixed-height Containers table redesign with explicit column widths, overflow handling, and safe virtualization re-enable
  • Notification templates
  • Notification preferences UI
  • Deprecation removals
v1.7.0

🚀Smart Updates & UX

  • Dependency-aware update ordering
  • Clickable port links
  • Image prune from UI
  • Static image monitoring
v1.8.0

⚙️Fleet Management & Live Config

  • YAML config file & Config API
  • Live UI configuration panels
  • Volume browser & parallel updates
  • SQLite store migration
  • i18n framework setup
v2.0.0

🌍Platform Expansion

  • Docker Swarm native support
  • Kubernetes watcher & triggers
  • Basic Git-based stack deployment
v2.1.0

🎯Advanced Deployment Patterns

  • Health check gate with auto-rollback
  • Canary deployments (Kubernetes)
  • Durable self-update controller
v2.2.0

💻Container Operations

  • Web terminal / container shell
  • Container file browser
  • Image building & registry push
  • Basic Podman support
v2.3.0

🔧Automation & Developer Experience

  • API keys & passkey auth (WebAuthn)
  • TOTP two-factor authentication
  • OpenAPI / Swagger docs
  • TypeScript scripting & Drydock CLI
v2.4.0

📦Data Safety & Templates

  • Scheduled automated backups
  • Compose templates library
  • Secret management
v3.0.0

🔮Advanced Platform

  • Network topology visualization
  • GPU monitoring (NVIDIA/AMD)
  • Multi-language / i18n (full translations)
v3.1.0

🔐Enterprise Access & Compliance

  • RBAC (role-based access control)
  • LDAP / Active Directory integration
  • Environment-scoped permissions
  • Audit logging & compliance
  • Hardened container image (Wolfi)

And more to come…

Star History

Star History Chart

Compare with alternatives

See how Drydock stacks up against Watchtower, Portainer, Diun, and more.

View all comparisons