Skip to content

docker-lock-bot

GitHub App

docker-lock-bot

GitHub App

Dependabot for Dockerfiles and docker-compose files.

docker-lock-bot automates docker-lock to manage image digests by tracking them in a separate Lockile (think package-lock.json or Pipfile.lock).

Example Workflow:

  • (1) Add docker-lock-bot to a repo.
  • (2) docker-lock-bot looks for Dockerfiles and docker-compose files in the repo.
  • (3) docker-lock-bot uses docker-lock to generate a Lockfile, docker-lock.json, with all of the base image digests.
  • (4) docker-lock-bot makes a pull request to the default branch (usually master) with the Lockfile.
  • (5) Whenever a new base image is published, docker-lock-bot updates the Lockfile and makes a pull request.

With docker-lock-bot, if base images change or Dockerfiles/docker-compose files change, the Lockfile will always be up-to-date, automatically.

For more in depth examples with screenshots, view the docker-lock-botREADME.

Developer

docker-lock-bot is provided by a third-party and is governed by separate terms of service, privacy policy, and support documentation.

Report abuse