Introduction
Open source container update monitoring built in TypeScript. Auto-discover containers, detect image updates across 23 registries, and trigger notifications via 20+ services.
Drydock monitors your Docker containers for image updates. It auto-discovers running containers, checks 23 registries for new versions, and triggers notifications or automated updates via 20+ services.
๐ How it works
๐ณ Watchers scan Docker hosts to discover containers to monitor.
๐ฆ Registries query remote Docker registries to find update candidates.
โก Triggers perform actions when updates are available โ notify, update, or run custom scripts.
โจ Key features
- ๐ Auto-discovery of running containers
- ๐ฆ 23 registry integrations (Docker Hub, GHCR, ECR, GCR, GAR, GitLab, Quay, and more)
- ๐ 20+ trigger types (Slack, Discord, Telegram, SMTP, webhooks, Docker auto-update, and more)
- ๐งช Dry-run preview before applying updates
- ๐พ Image backup and one-click rollback
- ๐ Auto-rollback on health check failure
- ๐ช Pre/post-update lifecycle hooks
- ๐ Graceful self-update
- ๐ Distributed agents for remote Docker hosts
- ๐ Prometheus metrics and Grafana dashboard
- ๐ OIDC authentication support
- ๐ก๏ธ Update Bouncer โ vulnerability scanning, signature verification, and SBOM
- ๐ ๏ธ Full REST API, webhooks, and audit log
๐ Quick start
docker run -d --name drydock \
-v /var/run/docker.sock:/var/run/docker.sock \
-p 3000:3000 \
codeswhat/drydockDirect socket access grants the container full control over the Docker daemon. See the Quick Start guide for the recommended socket proxy setup and other secure connection options.
๐ Next steps
- Configure registries โ set up private image access
- Set up triggers โ enable notifications and auto-updates
- Configure webhooks โ integrate with CI/CD pipelines
- Lifecycle hooks โ run commands before and after updates
- Backup & rollback โ automatic backups and one-click restore
- Enable authentication โ secure your instance
- Monitor with Prometheus โ add observability