← 返回
未分类 中文

Docker Container Rerun

Safely check whether a Docker container's image has changed and, only when needed, recreate that docker run container with a user-provided original docker ru...
安全检查 Docker 容器镜像是否已更改,仅在需要时使用用户提供的原始 docker run 命令重新创建该容器。
ugvfpdcuwfnh ugvfpdcuwfnh 来源
未分类 clawhub v1.0.0 1 版本 100000 Key: 无需
★ 1
Stars
📥 347
下载
💾 0
安装
1
版本
#latest

概述

Docker Container Rerun

Update a docker run container with a conservative workflow.

Required Inputs

Require both of these from the user:

  • container_name
  • recreate_command

Treat recreate_command as the source of truth. Do not try to reconstruct missing flags from docker inspect.

Scope

Support only containers originally managed by docker run.

Do not use this skill for:

  • docker compose
  • guessing or synthesizing missing run flags
  • deleting volumes
  • docker system prune
  • changing environment variables, mounts, ports, labels, or networks unless the user explicitly changed the recreate command

Update Rule

Always compare image Id values, not repo digests.

Use this exact logic:

  1. Read current image Id from the running container:

```bash

docker inspect -f '{{.Image}}'

```

  1. Extract the image reference from recreate_command.
  2. Pull the latest version of that image:

```bash

docker pull

```

  1. Read the latest local image Id:

```bash

docker image inspect --format '{{.Id}}'

```

  1. Recreate the container only if the two Id values differ.

Safety Rules

Before any destructive action, restate the exact recreate command that will be used.

If recreate_command is missing, ambiguous, or not clearly a docker run command, stop and ask the user to provide a valid full command.

If the image cannot be extracted from recreate_command, stop and ask the user to provide the image explicitly inside the command.

Never silently modify the recreate command.

Prefer this sequence when update is needed:

docker stop <container_name>
docker rm <container_name>
<recreate_command>

Validation of recreate_command

Before using it, verify all of the following:

  • starts with docker run
  • includes an image name as the final image argument before any container command
  • clearly targets the same logical container the user wants updated

If the command includes an inline container command after the image, preserve it exactly.

If the command is multiline, preserve it exactly.

Recommended Execution Workflow

  1. Confirm the target container name.
  2. Echo back the exact recreate command.
  3. Extract the image from the recreate command.
  4. Compare current image Id and latest pulled image Id.
  5. If Ids match, report that the container is already up to date and do nothing else.
  6. If Ids differ:
    • run docker stop
    • run docker rm
    • run the exact recreate_command
  7. Verify startup with:

```bash

docker ps --filter name=

docker inspect

docker logs --tail 100

```

  1. Report status clearly, including whether healthcheck is healthy, starting, or absent.

Bundled Script

Use the bundled script when you want a deterministic check/apply flow:

python3 scripts/update_docker_run_container.py \
  --container-name <container_name> \
  --recreate-command '<full docker run command>'

Add --apply only when the user has approved the exact recreate command and actual recreation should happen.

The script will:

  • validate recreate_command
  • extract the image
  • pull the latest image
  • compare current vs latest image Id
  • optionally stop/remove/recreate
  • emit JSON summary with container state, health status, and recent logs

Output Expectations

When reporting results, include:

  • target container name
  • extracted image name
  • current image Id
  • latest image Id
  • whether recreation was needed
  • post-recreate container state
  • health status if present
  • any obvious log errors seen in recent logs

Example Pattern

Input:

  • container_name: my-container
  • recreate_command:

```bash

docker run -d --network host --name my-container --restart unless-stopped -v example_data:/data -v example_certs:/etc/ssl/certs -e DB_HOST= -e DB_PORT= -e DB_NAME= -e DB_USER= -e DB_PASSWORD= --health-cmd="/bin/check-health" --health-interval=600s --health-retries=5 --health-timeout=3s example/image:latest

```

Expected behavior:

  • extract image example/image:latest
  • compare current container image Id vs pulled latest image Id
  • recreate only if the Ids differ
  • preserve the recreate command exactly

Notes

When users ask to "update container X", prefer asking for the original docker run command unless it is already documented in memory or provided in the current request.

If the user has a known fixed recreate command for a specific container, prefer using that exact command unchanged.

版本历史

共 1 个版本

  • v1.0.0 当前
    2026-05-07 08:20 安全 安全

安全检测

腾讯云安全 (Keen)

安全,无风险
查看报告

腾讯云安全 (Sanbu)

安全,无风险
查看报告

🔗 相关推荐

it-ops-security

Free Ride - Unlimited free AI

shaivpidadi
管理OpenClaw的OpenRouter免费AI模型,自动按质量排名模型,配置速率限制备用方案,并更新opencla...
★ 472 📥 78,674
dev-programming

Tavily Proxy Search

ugvfpdcuwfnh
使用自托管的 TavilyProxyManager 实例进行网络搜索,采用 Bearer 主密钥认证,并保持熟悉的 tavily‑search 参数。
★ 1 📥 493
it-ops-security

MoltGuard - Security & Antivirus & Guardrails

thomaslwang
MoltGuard — OpenClaw 安全守卫,由 OpenGuardrails 提供。安装后可防止您和您的用户受到提示注入、数据泄露及恶意行为的侵害。
★ 116 📥 31,031