v1.12.1

This patch release includes stability improvements and bug fixes to enhance the reliability of Watchtower. It implements a fix for a bug in 1.12.0 that was causing HEAD requests to fail when pulling image digests.

Fixed

• Digest retrieval failed, falling back to full pull (1e41ae95) by @nicholas-fedor in #763
• Prevent I/O blocking in API update handler (9130559d) by @nicholas-fedor in #765

Full Changelog: v1.12.0...v1.12.1

v1.12.0

Overview

This release introduces new features for enhanced lifecycle hooks, rolling restarts, and notification splitting, along with numerous bug fixes for concurrency, digest handling, and container management, plus dependency updates.

Features

• Lifecycle Hooks Improvements:
  • Added container metadata support for pre/post-update hooks (#670).
  • Added UID and GID configuration for lifecycle hook scripts (#690).
• Rolling Restarts: Implemented health check waiting for rolling restart operations (#671).
• Immediate Update Checks: Added --update-on-start flag to perform an update check immediately when Watchtower starts (#672).
• HTTP API Enhancements:
  • Enhanced the update endpoint to return structured JSON responses (#673).
  • Added support for configuring the HTTP API host (#697).
• Podman CPU Compatibility: Introduced --cpu-copy-mode flag for improved CPU handling during container recreation with Podman (#712).
• Notification Splitting: Added --notification-split-by-container flag to send separate notifications for each updated container (#721).

Bug Fixes

• Self-Update Ordering: Fixed issue where Watchtower would update itself before other containers, causing notification splitting problems (#756).
• Shutdown Handling: Corrected shutdown lock logic to prevent test timeouts (#753).
• Concurrency Issues:
  • Resolved data race in Shoutrrr notifications (#746).
  • Prevented crashes from concurrent Docker client access (#731).
  • Fixed HTTP API failures when handling multiple simultaneous requests (#668).
• Digest and Registry Handling:
  • Improved digest fetching with automatic fallback from HEAD to GET requests (#669, #667).
  • Enhanced self-update digest parsing for better reliability (#724).
  • Resolved Docker Distribution API manifest request issues (#728).
• Container Management:
  • Prevented nil pointer dereference during container cleanup (#745).
  • Fixed container identification issues (#718).
  • Improved container ID retrieval for self-updates (#714).
• Notifications and Logging:
  • Ensured report notifications are sent in monitor-only mode (#709).
  • Improved logging clarity and accuracy for different scheduling modes (#716).
• Scope and Initialization:
  • Resolved scope isolation issues in self-updates (#666, #683).
  • Prevented dereferencing uninitialized notifier instances (#644).
• Update Integration: Properly integrated --update-on-start with normal update cycles (#740).

Dependencies

• Updated Docker CLI and Docker modules to v28.5.0+incompatible.
• Updated Shoutrrr notification library to v0.10.0.
• Updated Prometheus client library to v1.23.2.
• Updated Viper configuration library to v1.21.0.
• Updated Go text library to v0.29.0.

Full Changelog: v1.11.8...v1.12.0

v1.11.8

Overview

This release integrates dependency updates, including the latest v1.25.1 release of Go, and a minor CI/CD fix to version prefixes.

Changes

• chore(deps): update dependency go to v1.25.0 by @renovate[bot] in #544
• build: remove prefix from image tags by @nicholas-fedor in #558
• chore(deps): update Go dependencies by @nicholas-fedor in #612
• chore(deps): update dependency go to v1.25.1 by @renovate[bot] in #616
• fix(deps): update module github.com/docker/cli to v28.4.0+incompatible by @renovate[bot] in #618
• fix(deps): update module github.com/docker/docker to v28.4.0+incompatible by @renovate[bot] in #619
• fix(deps): update module github.com/nicholas-fedor/shoutrrr to v0.8.18 by @renovate[bot] in #621

Notes

• This reverts a minor change from 1.11.7 that introduced a version ("v") prefix when building the images.

Full Changelog: v1.11.7...v1.11.8

v1.11.7

Overview

This release improves Watchtower with enhancements to SMTP notifications and container stop functionality, alongside dependency updates for improved stability and security.

Changes

Bug Fixes

• Enhanced SMTP notification configuration with timeout constants and URL parameter support (#527).
• Streamlined StopContainer implementation with updated documentation (#504).

Dependency Updates

• Updated Go to v1.24.6 (#513), Docker CLI and Docker to v28.3.3 (#494, #495), Prometheus client to v1.23.0 (#500), and shoutrrr to v0.8.17 (#526).
• Updated Docker images: golang:alpine (#515), nginx:alpine (#413).
• Configured Renovate for Go version updates with gomodTidy (#469, #481).

CI/CD Improvements

• Resolved Gosec flagging issues in test files (#411).
• Overhauled build workflows with SBOM generation and multi-architecture support (#416).
• Enabled Buildx for attestations and OCI output in GoReleaser (#444, #445, #447, #448).
• Added push trigger and test job to dev release workflow (#440).
• Optimized .dockerignore and .gitignore for build contexts (#462, #476).
• Enhanced GoReleaser configurations and workflow documentation (#479, #490).
• Added dynamic versioning for development builds (#474).
• Fixed GoReleaser configurations, artifact paths, and architecture handling (#419, #420, #423, #424, #456, #465).
• Corrected SBOM generation with registry credentials and local image pulling (#431, #432, #433).
• Fixed Docker Hub authentication in workflows (#434, #435).
• Addressed undefined dry-run inputs and workflow errors (#475, #480).

Full Changelog

See the full changelog for details.

v1.11.6

Overview

This release restores proxy support, redirect handling, and DialContext in the registry authentication client, addressing a regression from a prior refactor. It also includes dependency updates for improved stability and compatibility.

Changes

Fixes

• Restored Proxy: http.ProxyFromEnvironment in NewAuthClient to support proxy environment variables (e.g., HTTP_PROXY, HTTPS_PROXY), fixing regression from commit f8c2344 (#403)
• Reintroduced DialContext with net.Dialer using 30s timeouts (DefaultDialTimeoutSeconds, DefaultDialKeepAliveSeconds) in NewAuthClient (#403)
• Added CheckRedirect with DefaultMaxRedirects (3) in NewAuthClient to enforce redirect limits (#403)

Improvements

• Documented proxy support via environment variables in docs/arguments.md (#403)
• Added missing environment variables to docs/arguments.md (#393)

Dependency Updates

• Updated github.com/docker/cli and github.com/docker/docker to v28.3.2+incompatible (#370, #371, #379, #383)
• Updated golang.org/x/text to v0.27.0 (#384)
• Updated github.com/spf13/pflag to v1.0.7 (#407)
• Updated alpine to v3.22.1 and related Docker images: golang:alpine, nginx, nginx:alpine, cimg/go:1.24.5 (#377, #378, #380, #382, #394, #395, #397, #398, #399, #400, #404, #405)
• Updated CI actions: actions/setup-python, actions/setup-go, goreleaser/goreleaser-action, golangci/golangci-lint-action, nicholas-fedor/go-proxy-pull-action (#372, #375, #376, #381, #385, #388, #401, #406)
• Updated prom/prometheus and nginx:1.29.0 Docker digests (#390, #391, #392)

Full Changelog

For a complete list of changes, see the v1.11.5...v1.11.6 changelog.

v1.11.5

Overview

This release resolves issues with HEAD requests for unauthenticated registries (e.g., local registry:2), improving reliability for users with private or custom registries.

Changes

Bug Fixes

• fix(registry): handle unauthenticated registries and update linting (#366) by @nicholas-fedor in #369

Dependency Updates

• chore(deps): update nginx docker digest to 93230cd by @renovate in #367
• chore(deps): update nginx:1.29.0 docker digest to 93230cd by @renovate in #368

Full Changelog: v1.11.4...v1.11.5

v1.11.4

Overview

This release includes bug fixes, dependency updates, and minor enhancements to improve Watchtower's functionality and reliability. Key changes include resolving container update issues with multiple networks, ensuring pinned container images are skipped during updates, and fixing registry redirect handling for image updates.

Changes

Bug Fixes

• Fixed container update failure when containers are connected to multiple networks (#346) by @nicholas-fedor in #351
• Ensured pinned container images are skipped during updates (#347) by @nicholas-fedor in #347
• Fixed registry redirect handling for image updates (#359) by @nicholas-fedor in #359

Enhancements

• Increased default container stop timeout to 30s and demoted timeout log to debug level (#325) by @nicholas-fedor in #325

Dependency Updates

• Updated Python to v3.13.5 (#326) by @renovate in #326
• Updated github.com/google/pprof (#327) by @nicholas-fedor in #327
• Updated grafana/grafana Docker digest to 63ef313 and b5b59bf (#328, #337) by @renovate in #328 and #337
• Updated docker/login-action digest to 3d10084 (#329) by @renovate in #329
• Updated docker/setup-buildx-action digest to 6229134, 18ce135, and e468171 (#330, #331, #338) by @renovate in #330, #331, and #338
• Updated docker/setup-qemu-action digest to 05340d1 (#332) by @renovate in #332
• Updated Renovate configuration (#334) by @nicholas-fedor in #334
• Updated nicholas-fedor/go-proxy-pull-action digest to 0aec514 (#336) by @renovate in #336
• Updated golangci/golangci-lint-action digest to dee96ac, 8861dcf, f509bac, and 4f58623 (#335, #348, #361, #363) by @renovate in #335, #348, #361, and #363
• Updated actions/setup-go digest to fa96338 (#339) by @renovate in #339
• Updated actions/setup-python digest to 5fa0ee6, e9c40fb, and 1264885 (#340, #341, #354) by @renovate in #340, #341, and #354
• Updated nginx Docker digest to dc53c8f, b2e814d, and c8a4413 (#352, #353, #364, #365) and tag to v1.29.0 (#355) by @renovate in #352, #353, #364, #365, and #355
• Updated github.com/nicholas-fedor/shoutrrr to v0.8.15 (#349) by @renovate in #349
• Updated github.com/docker/docker to v28.3.0+incompatible (#357) by @renovate in #357
• Updated github.com/docker/cli to v28.3.0+incompatible (#356) by @renovate in #356
• Updated codecov/codecov-action digest to 2db07e3 (#358) by @renovate in #358
• Updated prom/prometheus Docker digest to 3b1d5be and 7a34573 (#360, #362) by @renovate in #360 and #362

Full Changelog: v1.11.3...v1.11.4

v1.11.3

Overview

Watchtower v1.11.3 is a patch release that introduces support for the riscv64 architecture, enhances logging by demoting certain container log messages to debug level, and improves reliability with deferred image cleanup during self-updates. It also includes several dependency updates for improved security and maintainability.

Changes

New Features

• Add riscv64 Architecture Support (PR #318)
  Added support for the riscv64 architecture, expanding Watchtower's compatibility to include RISC-V based systems.

Bug Fixes

• Demote Container Log Messages to Debug (PR #315)
  Reduced verbosity by changing certain container-related log messages to debug level, improving the user experience by minimizing log noise.
• Defer Image Cleanup During Self-Update (PR #321)
  Fixed image cleanup process to defer cleanup during self-updates, enhancing reliability and preventing potential issues with image management.

Dependencies and CI

• Updated golangci/golangci-lint-action digest to cf2fd4c (PR #316).
• Updated nginx docker digest to 6784fb0 (PR #319).
• Updated nginx:1.28.0 docker digest to 1fd589a (PR #320).
• Updated nginx:1.28.0 docker digest to 20555a0 (PR #324).
• Updated actions/attest-build-provenance digest to e8998f9 (PR #322).
• Updated actions/setup-go digest to 4de67c0 (PR #323).

Full Changelog

For a complete list of changes, see the v1.11.2...v1.11.3 changelog.

v1.11.2

Overview

Watchtower v1.11.2 is a patch release that addresses excessive warning logs for non-running containers (e.g., in the created state) when no MAC address is found. This improves the user experience by reducing log noise, particularly for containers like Renovate Bot, while maintaining diagnostic capabilities for running containers.

Changes

Reduce MAC Address Warning to Debug for Non-Running Containers (PR #314)

• Modified validateMacAddresses to log debug messages instead of warnings for non-running containers, resolving Issue #313.
• Added container state checks using IsRunning() and State.Status to differentiate running and non-running containers.
• Enhanced validateMacAddresses comments for improved maintainability and clarity.
• Updated tests in container_test.go to cover running, created, and exited container states.
• Made IsRunning() robust against nil container metadata to prevent potential panics.
• Fixed test panics by ensuring consistent container state initialization in network configuration tests.

Full Changelog

For a complete list of changes, see the v1.11.1...v1.11.2 changelog.

v1.11.1

Overview

Watchtower v1.11.1 is a patch release that reintroduces the option to skip TLS verification for registry connections, addressing compatibility issues with insecure registries. It also includes minor dependency updates and CI improvements.

Changes

Reintroduce TLS Skip Option (PR #312)

• Added WATCHTOWER_REGISTRY_TLS_SKIP and WATCHTOWER_REGISTRY_TLS_MIN_VERSION flags to support insecure registries and configurable TLS versions, resolving issue #309.
• Refactored registry authentication with a Client interface for better testability.
• Enhanced error handling in digest.go to fail on empty authentication tokens.
• Updated tests in auth_test.go and digest_test.go for HTTP registries and malformed headers.
• Improved documentation in docs/arguments.md with reorganized navigation.

Dependencies and CI

• Updated nicholas-fedor/go-proxy-pull-action to digest 295b256 (PR #306).
• Updated golangci/golangci-lint-action to digest 09dada9 (PR #310).
• Updated cimg/go Docker tag to v1.24.4 (PR #311).

Full Changelog

For a complete list of changes, see the v1.11.0...v1.11.1 changelog.