Trigger VSTS Build after docker hub image update

Question

I run a docker image for data processing on a windows server 2016 (single vm, On Premises). My image is stored in a Azure Container Registry. The code does not change often. To get security Updates I like to get a rebuild and release after the microsoft/windowsservercoreis updated.

Is there a Best Practice Way to do this?

I thought about 3 ways of solving this:

1. Run a scheduled build every 24h, pull the microsoft/windowsservercore, pull my custom image, run powershell to get the build dates and compare then (or use some of the histroy ids). If a rebuild is needed, build the new image and tag the build. Configure the Release to run only on this tag.
2. Run a Job to check the update time of the docker image and trigger the build with a REST request.
3. Put a basic Dockerfile on github. Set up automated Build with a trigger to microsoft/windowsservercore and configure the webhook to a WebService, which start the Build with REST.

But I really like non of these Ideas. Is there a better option?

Answer 1

I choose option three. Therefore I set up a github repository with a one line Dockerfile:

FROM alpine

I used the alpine image and not the windowsservercore, because automated build does currently does not support windows images. I configured a automated build in the docker hub and add a Linked Repositories to microsoft/windowsservercore. Then I set up a MS Flow with a HTTP Request Trigger to start the Build. Add the Flow URL to a new webhook on the automated build.

For me this are to many moving parts that has to configured and work together, but I know no better way.

Answer 2

You can use Azure Container Registry webhooks directly, the simple workflow:

1. Build a Web Api project to queue build per to detail request (webhook request) through Queue a build Rest API
2. Create an Azure Container Registry webhook to call Web API (step1)