build

.gitlab-ci.yml

@@ -1,13 +1,28 @@
+
 stages:          # List of stages for jobs, and their order of execution
+  - notify1
   - lint
+  - test
+  - security
+  - dast
   - build
   - clean
   - notify
 variables:
   GIT_SSH_COMMAND: "ssh -i /home/gitlab-runner/.ssh/id_rsa -o IdentitiesOnly=yes"
+notify1:
+  stage: notify1  # Should be in a later stage than the job that might fail
+  when: on_success # <-- This is the key keyword
+  script:
+      - column=':'
+      - echo "${flow_id}"
+      - curl -XPOST http://192.168.77.101:8123/api/webhook/voice-notifications-tC_8YKxMJIAaQRV5riKuC7Zl --data-raw 'message=portainer build job started'
+      - rm -rf /home/gitlab-runner/builds/1fLwHSKm2/0/jaydee/portainer.tmp
+  rules:
+      - if: '$CI_COMMIT_MESSAGE =~ /build/'
 lint:
   stage: lint
-  image: r.sectorq.eu/jaydee/builder-portainer:latest
+  image: r.sectorq.eu/jaydee/builder:latest
   before_script:
     - python3 -m pip install --break-system-packages flake8 black pylint tabulate prompt_toolkit hvac
     - export PATH="$PATH:/home/gitlab-runner/.local/bin"
@@ -19,17 +34,22 @@ lint:
     - rm -rf /home/gitlab-runner/builds/1fLwHSKm2/0/jaydee/portainer.tmp
   rules:
       - if: '$CI_COMMIT_MESSAGE =~ /lint/'
+
+      
+include:
+  - template: Security/SAST.gitlab-ci.yml
+  - template: Security/Dependency-Scanning.gitlab-ci.yml
+  - template: Security/Secret-Detection.gitlab-ci.yml
+  - template: Security/DAST.gitlab-ci.yml
+
 build-job:       # This job runs in the build stage, which runs first.
     stage: build
-    image: r.sectorq.eu/jaydee/builder-portainer:latest
+    image: r.sectorq.eu/jaydee/builder:amd64
     script:
-      - mkdir -p ~/.ssh
-      - echo "$SSH_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_rsa
-      - chmod 600 ~/.ssh/id_rsa
-      - pyinstaller --onefile portainer.py
+      - pyinstaller --onefile --clean -n portainer main.py
       #- scp -o ConnectTimeout=5 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null dist/portainer jd@192.168.80.222:/myapps/bin/ || true
       - scp -o ConnectTimeout=5 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null dist/portainer jd@192.168.77.12:/myapps/bin/ || true
-      - scp -o ConnectTimeout=5 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null dist/portainer jd@192.168.77.101:/myapps/bin/ || true
+      - curl -F "file=@dist/portainer" https://myapps.sectorq.eu/
       - rm -rf /home/gitlab-runner/builds/1fLwHSKm2/0/jaydee/portainer.tmp
     artifacts:
       paths:
@@ -40,19 +60,37 @@ build-job:       # This job runs in the build stage, which runs first.
     # - curl -X POST https://kestra.sectorq.eu/api/v1/executions/webhook/jaydee/ansible-all/${flow_id} -d '{"tag":["proxmox"],"target":["servers"]}' -H "Content-Type${column} application/json"
     rules:
       - if: '$CI_COMMIT_MESSAGE =~ /build/'
+build-job-arm:       # This job runs in the build stage, which runs first.
+    stage: build
+    image: r.sectorq.eu/jaydee/builder:arm64
+    script:
+      - pyinstaller --onefile --clean -n portainer_arm main.py
+      #- scp -o ConnectTimeout=5 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null dist/portainer jd@192.168.80.222:/myapps/bin/ || true
+      - scp -o ConnectTimeout=5 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null dist/portainer_arm jd@192.168.77.12:/myapps/bin/ || true
+      - curl -F "file=@dist/portainer_arm" https://myapps.sectorq.eu/
+      - rm -rf /home/gitlab-runner/builds/1fLwHSKm2/0/jaydee/portainer.tmp
+    artifacts:
+      paths:
+      - dist/
+      expire_in: 1 week
+    # - column=":"
+    # - echo "${flow_id}"
+    # - curl -X POST https://kestra.sectorq.eu/api/v1/executions/webhook/jaydee/ansible-all/${flow_id} -d '{"tag":["proxmox"],"target":["servers"]}' -H "Content-Type${column} application/json"
+    rules:
+      - if: '$CI_COMMIT_MESSAGE =~ /build-all/'
+
+
 clean-job:       # This job runs in the build stage, which runs first.
     stage: clean
     script:
       - rm -rf /home/gitlab-runner/builds/1fLwHSKm2/0/jaydee/portainer.tmp
     rules:
       - if: '$CI_COMMIT_MESSAGE =~ /build/'
-
 cleanup_on_failure_job:
   stage: clean  # Should be in a later stage than the job that might fail
   when: on_failure # <-- This is the key keyword
   script:
       - rm -rf /home/gitlab-runner/builds/1fLwHSKm2/0/jaydee/portainer.tmp
-
 notify:
   stage: notify  # Should be in a later stage than the job that might fail
   when: on_success # <-- This is the key keyword
@@ -61,7 +99,8 @@ notify:
       - echo "${flow_id}"
       - curl -XPOST http://192.168.77.101:8123/api/webhook/voice-notifications-tC_8YKxMJIAaQRV5riKuC7Zl --data-raw 'message=portainer build job completed'
       - rm -rf /home/gitlab-runner/builds/1fLwHSKm2/0/jaydee/portainer.tmp
-
+  rules:
+      - if: '$CI_COMMIT_MESSAGE =~ /build/'
 notify2:
   stage: notify  # Should be in a later stage than the job that might fail
   when: on_failure # <-- This is the key keyword
@@ -72,4 +111,3 @@ notify2:
       - rm -rf /home/gitlab-runner/builds/1fLwHSKm2/0/jaydee/portainer.tmp
   rules:
       - if: '$CI_COMMIT_MESSAGE =~ /build/'
-      

.gitlab/sast-ruleset.toml

@@ -0,0 +1,2 @@
+[semgrep]
+exclude = ["bandit.B101", "java_deserialization_rule-JacksonUnsafeDeserialization"]

.vscode/settings.json

@@ -0,0 +1,3 @@
+{
+  "python.defaultInterpreterPath": "../../venvs/portainer/bin/python"
+}

main.py

@@ -5,41 +5,49 @@ This module provides a wrapper for interacting with the Portainer API
 to manage endpoints, stacks, and containers.
 """
 
-# !/myapps/venvs/portainer/bin/python3
 import os
 import logging
 import signal
 import sys
 import json
 import argparse
-import tty
-import termios
 import hvac
+import time
+import base64
+import shutil
+import requests
+from portainer.api import PortainerApi
+from git import Repo
+from concurrent.futures import ThreadPoolExecutor
 from tabulate import tabulate
-from port import Portainer
 from prompt_toolkit import prompt
 from prompt_toolkit.completion import WordCompleter
 from prompt_toolkit.shortcuts import checkboxlist_dialog
 from prompt_toolkit.shortcuts import radiolist_dialog
 
-VAULT_ADDR = os.environ.get("VAULT_ADDR", "http://192.168.77.101:8200")
-try:
-    VAULT_TOKEN = os.environ.get("VAULT_TOKEN")
-    if VAULT_TOKEN is None:
-        raise KeyError
-except KeyError:
-    VAULT_TOKEN = prompt("Valult root token : ", is_password=True)
-os.environ["VAULT_TOKEN"] = VAULT_TOKEN
 
-client = hvac.Client(url=VAULT_ADDR, token=VAULT_TOKEN)
-# Check if connected
-if client.is_authenticated():
-    print("Connected to Vault")
-else:
-    raise Exception("Failed to authenticate with Vault")
-# Specify the mount point of your KV engine
+def setup_vault():
+    # VAULT_ADDR = os.environ.get("VAULT_ADDR", "http://192.168.77.101:8200")
+    VAULT_ADDR = os.environ.get("VAULT_ADDR", "https://vault.sectorq.eu")
+    try:
+        VAULT_TOKEN = os.environ.get("VAULT_TOKEN")
+        if VAULT_TOKEN is None:
+            raise KeyError
+    except KeyError:
+        VAULT_TOKEN = prompt("Valult root token : ", is_password=True)
+    os.environ["VAULT_TOKEN"] = VAULT_TOKEN
+
+    vclient = hvac.Client(url=VAULT_ADDR, token=VAULT_TOKEN)
+    # Check if connected
+    if vclient.is_authenticated():
+        print("Connected to Vault")
+    else:
+        raise Exception("Failed to authenticate with Vault")
+    # Specify the mount point of your KV engine
+    return vclient
+
+VERSION = "0.1.74"
 
-VERSION = "0.1.16"
 
 defaults = {
     "endpoint_id": "vm01",
@@ -83,10 +91,6 @@ def load_config(defaults=defaults):
         print("Configuration written to /myapps/portainer.conf")
     return cur_config
 
-
-
-
-
 a = load_config(defaults)
 
 # ENV_VARS = [
@@ -109,7 +113,11 @@ def update_configs(cur_config):
         print("Configuration written to /myapps/portainer.conf")
 
 parser = argparse.ArgumentParser(
-    description="Portainer helper - use env vars or pass credentials."
+    description=f"""\
+Portainer helper - use env vars or pass credentials."        
+version: {VERSION}
+    """,
+        formatter_class=argparse.RawTextHelpFormatter,
 )
 parser.add_argument(
     "--base",
@@ -139,14 +147,22 @@ parser.add_argument(
 )
 parser.add_argument("--update", "-u", action="store_true", help="Update service if it exists")
 parser.add_argument("--debug", "-D", action="store_true")
+parser.add_argument("--launcher", "-L", action="store_true")
 parser.add_argument("--gpu", "-g", action="store_true")
 parser.add_argument("--timeout", type=int, default=10, help="Request timeout seconds")
 parser.add_argument("--deploy-mode", "-m", type=str, default="git", help="Deploy mode")
 parser.add_argument("--stack-mode", "-w", default=None, help="Stack mode")
+parser.add_argument(
+    "-E", "--excluded",
+    nargs="+",
+    default=["portainer", "nginx"],
+    help="Exclude from update"
+)
 args = parser.parse_args()
 print("Running version:", VERSION)
 print("Environment:", args.site)
-args.client = client
+
+args.client = setup_vault()
 if args.site is not None:
     cur_config["PORTAINER_SITE"] = args.site
 if args.endpoint_id is not None:
@@ -242,16 +258,15 @@ def prompt_missing_args(args_in, defaults_in, fields, action=None,stacks=None):
                     if args.action == "create_stack":
                         # input(json.dumps(stacks, indent=2))
                         commands = [
-                            'authentik', 'bitwarden', 'bookstack', 'dockermon', 'fail2ban', 'gitea', 'gitlab', 'grafana',
-                            'hashicorp', 'home-assistant', 'homepage', 'immich', 'influxdb', 'jupyter', 'kestra', 'mailu3',
+                            'authentik', 'bitwarden', 'bookstack', 'dockermon', 'duplicati', 'fail2ban', 'filebrowser', 'gitea', 'gitlab', 'grafana', 'grocy',
+                            'hashicorp', 'home-assistant', 'homebox','homepage', 'immich', 'influxdb', 'jupyter', 'kestra', 'kopia', 'linkding', 'linkwarden', 'mailu3',
                             'mealie', 'mediacenter', 'mosquitto', 'motioneye', 'n8n', 'nebula', 'nextcloud', 'nginx',
                             'node-red', 'octoprint', 'ollama', 'onlyoffice', 'paperless-ngx', 'pihole', 'portainer-ce', 'rancher', 'registry',
-                            'regsync', 'semaphore', 'unifibrowser', 'uptime-kuma', 'watchtower', 'wazuh', 'webhub', 'wordpress',
+                            'regsync', 'repo_mirror', 'searxng','semaphore', 'unifibrowser', 'uptime-kuma', 'watchtower', 'wazuh', 'webhub', 'wordpress',
                             'wud', 'zabbix-server']
                         try:
                             print(por.all_data['stacks'][defaults_in[f"PORTAINER_ENDPOINT_ID".upper()]]['by_name'].keys())
                             for s in por.all_data['stacks'][defaults_in[f"PORTAINER_ENDPOINT_ID".upper()]]['by_name'].keys():
-                            
                                 #print(s)
                                 commands.remove(s)
                         except KeyError:
@@ -372,7 +387,7 @@ def prompt_missing_args(args_in, defaults_in, fields, action=None,stacks=None):
 
 if __name__ == "__main__":
     # Example usage: set PORTAINER_USER and PORTAINER_PASS in env, or pass literals below.
-    # token = get_portainer_token(base,"admin","l4c1j4yd33Du5lo")  # or get_portainer_token(base, "admin", "secret")
+
     def signal_handler(sig, frame):
         logger.warning("Killed manually %s, %s", sig, frame)
         print("\nTerminated by user")
@@ -403,18 +418,13 @@ if __name__ == "__main__":
         ]  
         
         selected_action = radiolist_dialog(
-            title="Select one service",
+            title=f"Select one service - version: {VERSION}",
             text="Choose a service:",
             values=actions
         ).run()     
-        
-
 
         print("Selected:", selected_action)
-        
-        
-        
-        
+
         # print("Possible actions: \n")
         # i = 1
         # for a in actions:
@@ -426,7 +436,7 @@ if __name__ == "__main__":
         
         os.system("cls" if os.name == "nt" else "clear")
     # Example: list endpoints
-    por = Portainer(cur_config["PORTAINER_SITE"], args)
+    por = PortainerApi(cur_config["PORTAINER_SITE"], args)
     por.set_defaults(cur_config)
     if args.debug:
         por._debug = True
@@ -547,6 +557,8 @@ if __name__ == "__main__":
             ],
         )
         por.update_service()
+        if args.launcher:
+            input("\nPress ENTER to continue...")
         sys.exit()
 
     if args.action == "update_containers":
@@ -574,12 +586,24 @@ if __name__ == "__main__":
             ],
         )
         por.print_stacks(args)
+        if args.launcher:
+            input("Press ENTER to continue...")
         # print(json.dumps(por.all_data, indent=2))
         sys.exit()
 
     if args.action == "list_containers":
         print("Getting containers")
-        print(por.get_containers())
+        args = prompt_missing_args(
+            args,
+            cur_config,
+            [
+                ("site", "Site"),
+                ("endpoint_id", "Endpoint ID"),
+            ],
+        )
+        print("\n".join(por.get_containers()))
+        if args.launcher:
+            input("\nPress ENTER to continue...")
         sys.exit()
 
     if args.action == "update_stack":
@@ -593,11 +617,16 @@ if __name__ == "__main__":
         )
 
         por.update_stack(args)
+        if args.launcher:
+            input("\nPress ENTER to continue...")
         sys.exit()
 
     if args.action == "print_all_data":
         print(json.dumps(por.all_data, indent=2))
+        if args.launcher:
+            input("\nPress ENTER to continue...")
         sys.exit()
+
     if args.action == "update_status":
         por.update_status(args.endpoint_id, args.stack)
         sys.exit()
@@ -609,10 +638,20 @@ if __name__ == "__main__":
             export_data.append([i, eps["by_id"][i]])
         headers = ["EndpointId", "Name"]
         print(tabulate(export_data, headers=headers, tablefmt="github"))
-
+        if args.launcher:
+            input("\nPress ENTER to continue...")
         sys.exit()
 
     if args.action == "stop_containers":
+        # TODO: does not work
+        args = prompt_missing_args(
+            args,
+            cur_config,
+            [
+                ("site", "Site"),
+                ("endpoint_id", "Endpoint ID"),
+            ],
+        )
         if por.all_data["endpoints_status"][args.endpoint_id] != 1:
             print(f"Endpoint {por.get_endpoint_name(args.endpoint_id)} is offline")
             sys.exit()
@@ -647,8 +686,4 @@ if __name__ == "__main__":
         sys.exit()
 
     if args.action == "refresh_status":
-        if args.stack == "all":
-            print("Stopping all stacks...")
-            stcks = por.get_stacks(endpoint_id=args.endpoint_id)
-        else:
-            por.refresh_status(args.stack_id)
+        por.refresh_status(args)

portainer/api.py

@@ -21,7 +21,7 @@ from prompt_toolkit.shortcuts import radiolist_dialog
 logger = logging.getLogger(__name__)
 
 
-class Portainer:
+class PortainerApi:
     """
     Simple wrapper around the module-level Portainer helper functions.
     Instantiate with base_url and optional token/timeout and call methods
@@ -141,6 +141,13 @@ class Portainer:
         self.get_endpoints()
         self.get_stacks()
 
+    def refresh_status(self, args):
+        for s in self.all_data['stacks']['m-s']['by_id']:
+            path = f'/stacks/{s}/images_status?refresh=true'
+            
+            print(path)
+            res = self._api_get(path, timeout=args.timeout)
+
     def _is_number(self, s):
         """Check if the input string is a number."""
         try:
@@ -159,7 +166,7 @@ class Portainer:
         response = requests.post(
             "https://gotify.sectorq.eu/message",
             data=payload,
-            headers={"X-Gotify-Key": "ASn_fIAd5OVjm8c"}
+            headers={"X-Gotify-Key": "A1krRuo8GIW-fpY"}
         )
         logger.debug(response.text)
         # print("Status:", response.status_code)
@@ -315,6 +322,7 @@ class Portainer:
 
     def get_endpoint_id(self):
         '''Get endpoint ID from either ID or name input.'''
+        # input(self.args.endpoint_id)
         if self._is_number(self.args.endpoint_id):
             self.endpoint_id = self.args.endpoint_id
             self.endpoint_name = self.endpoints["by_id"][self.args.endpoint_id]
@@ -342,7 +350,6 @@ class Portainer:
         # print(stack)
         cont = []
         data = {}
-
         eps = [ep for ep in self.all_data['endpoints']['by_id'].keys()]
         #input(eps)
         for endpoint in eps:
@@ -361,11 +368,15 @@ class Portainer:
                 print(f"failed to get containers from {path}: {e}")
                 continue
             contr = []
+            # print(f"Containers: {containers}")
             try:
                 for c in containers:
-                    #input(c)
-                    cont.append([c["Names"][0].replace("/", ""),c["Id"], c['Image']])
-                    contr.append([c["Names"][0].replace("/", ""), c["Id"], c['Image']])
+                    # print(c)
+                    try:
+                        cont.append([c["Names"][0].replace("/", ""),c["Id"], c['Image']])
+                        contr.append([c["Names"][0].replace("/", ""), c["Id"], c['Image']])
+                    except:
+                        print("Unable to parse container info")
                 if self.all_data["endpoints"]["by_id"][endpoint] in data:
                     data[self.all_data["endpoints"]["by_id"][endpoint]] = contr
                     data[endpoint] = contr
@@ -394,14 +405,13 @@ class Portainer:
         else:
 
             eps = [self.get_endpoint_id()]
-        #input(eps)
+        
         for endpoint in eps:
-
-            # print(s)
             #print(self.args.stack)
             if self.args.stack in ["all", None]:
                 # input([id for id in self.all_data["stacks"][endpoint]['by_id'].keys()])
-                for s in [id for id in self.all_data["stacks"][endpoint]['by_id'].keys()]:
+                for e in [id for id in self.all_data["stacks"][endpoint]['by_name'].keys()]:
+                    #input(e)
                     # if s not in self.all_data["stacks"]:
                     #     continue
                     #input(self.all_data)
@@ -409,36 +419,36 @@ class Portainer:
                         # print(f"Endpoint {self.all_data["endpoints"]["by_id"][s]} is offline")
                         continue
                     # input(self.all_data["stacks"][endpoint]["by_name"])
-                    for e in self.all_data["stacks"][endpoint]["by_name"]:
-                        #input(e)
-                        path = (
-                            f"/endpoints/{endpoint}/docker/containers/json"
-                            f'?all=1&filters={{"label": ["com.docker.compose.project={e}"]}}'
+
+                    #input(e)
+                    path = (
+                        f"/endpoints/{endpoint}/docker/containers/json"
+                        f'?all=1&filters={{"label": ["com.docker.compose.project={e}"]}}'
+                    )
+                    logging.info(f"request : {path}")
+                    try:
+                        containers = self._api_get(path)
+                        #input(containers)
+                    except Exception as e:
+                        print(f"failed to get containers from {path}: {e}")
+                        continue
+                    contr = []
+                    try:
+                        for c in containers:
+                            # input(c)
+                            cont.append(c["Names"][0].replace("/", ""))
+                            contr.append(c["Names"][0].replace("/", ""))
+                        if self.all_data["endpoints"]["by_id"][endpoint] in data:
+                            data[self.all_data["endpoints"]["by_id"][endpoint]][e] = contr
+                        else:
+                            data[self.all_data["endpoints"]["by_id"][endpoint]] = {
+                                e: contr
+                            }
+                    except Exception as e:
+                        logger.debug(
+                            f"Exception while getting containers for stack {e} ",
+                            f"on endpoint {self.all_data['endpoints']['by_id'][endpoint]}: {e}",
                         )
-                        logging.info(f"request : {path}")
-                        try:
-                            containers = self._api_get(path)
-                            #input(containers)
-                        except Exception as e:
-                            print(f"failed to get containers from {path}: {e}")
-                            continue
-                        contr = []
-                        try:
-                            for c in containers:
-                                # input(c)
-                                cont.append(c["Names"][0].replace("/", ""))
-                                contr.append(c["Names"][0].replace("/", ""))
-                            if self.all_data["endpoints"]["by_id"][endpoint] in data:
-                                data[self.all_data["endpoints"]["by_id"][endpoint]][e] = contr
-                            else:
-                                data[self.all_data["endpoints"]["by_id"][endpoint]] = {
-                                    e: contr
-                                }
-                        except Exception as e:
-                            logger.debug(
-                                f"Exception while getting containers for stack {e} ",
-                                f"on endpoint {self.all_data['endpoints']['by_id'][endpoint]}: {e}",
-                            )
 
                 self.all_data["containers"] = data
 
@@ -489,7 +499,7 @@ class Portainer:
                 stacks_tuples.append((s['Webhook'],s['Name']))
                 # print(s['Name'], " : ", s['Webhook'])
         stacks_dict = dict(stacks_tuples)
-        print(stacks_dict)
+        # print(stacks_dict)
         #input(stacks_tuples)
         # stacks_tuples = [(s['AutoUpdate']['Webhook'], s['Name']) for s in stacks if "Webhook" in s['AutoUpdate'] ]
 
@@ -514,7 +524,7 @@ class Portainer:
                 values=stacks_tuples
             ).run()
         stcs = []
-        input(stack_ids)
+        #input(stack_ids)
 
         if args.stack == "all":
             for s in stack_dict:
@@ -524,18 +534,18 @@ class Portainer:
                 if s in stack_ids:
                     stcs.append([s, stack_dict[s]])
 
-        print(stcs)           
+        # print(stcs)           
         with ThreadPoolExecutor(max_workers=10) as exe:
             list(exe.map(update, stcs))
 
-        input('UPDATED')
+        #input('UPDATED')
         if not args.autostart:
             time.sleep(120)
             cont = []
-            for c in self.all_data["containers"][endpoint]:
-                if stack == c or stack == "all":
-                    cont += self.all_data["containers"][endpoint][c]
-            self.stop_containers(endpoint, cont)
+            for c in self.all_data["containers"][args.endpoint_id]:
+                if args.stack == c or args.stack == "all":
+                    cont += self.all_data["containers"][args.endpoint_id][c]
+            self.stop_containers(args.endpoint_id, cont)
 
     def get_endpoints(self, timeout=10):
         '''Get a list of all endpoints.'''
@@ -834,7 +844,7 @@ class Portainer:
                     }
                     self._api_post_file(path, self.endpoint_id, stack, envs, file)
 
-    def print_stacks(self, endpoint="all"):
+    def print_stacks(self, args):
         """Print a table of stacks, optionally filtered by endpoint."""
         stacks = self.get_stacks()
         count = 0
@@ -842,11 +852,11 @@ class Portainer:
         stack_names = []
         for stack in stacks:
             # print(stack)
-            if endpoint is not None:
+            if args.endpoint_id is not None:
                 if not stack["EndpointId"] in self.endpoints["by_id"]:
                     continue
-                if endpoint != "all":
-                    if self.endpoints["by_name"][endpoint] != stack["EndpointId"]:
+                if args.endpoint_id != "all":
+                    if self.endpoints["by_name"][args.endpoint_id] != stack["EndpointId"]:
                         continue
             try:
                 stack_names.append(stack["Name"])
@@ -873,7 +883,7 @@ class Portainer:
     def update_containers(self):
         all_containers = self.all_data["containers"][self.args.endpoint_id]
         #input(all_containers)
-        service_tuples = [(s[1], s[0]) for s in all_containers if "." not in s[0]]
+        service_tuples = [(s[1], s[0]) for s in all_containers if "." not in s[0] and not s[0].startswith("runner-")]
         service_tuples = sorted(service_tuples, key=lambda x: x[1])
         service_dict = dict(service_tuples)
         # input(service_tuples)
@@ -913,9 +923,12 @@ class Portainer:
         #print(longest)
         ok = "\033[92m✔\033[0m"
         err = "\033[91m✖\033[0m"
+        updates = []
         for service_id in service_ids:
             # print(self.all_data["containers"][self.args.endpoint_id])
-
+            if service_dict[service_id] in self.args.excluded:
+                print(f"App {service_dict[service_id]} excluded")
+                continue
             print("\033[?25l", end="")
             print(f"{service_dict[service_id]:<{longest}}  ", end="", flush=True)
             path = f"/docker/{self.get_endpoint_id()}/containers/{service_id}/image_status?refresh=true"
@@ -930,10 +943,10 @@ class Portainer:
                 print("?")
             elif resp['Status'] == "outdated":
                 if pull:
-                    print("Recreate")
+                    #print("Recreate")
                     self.recreate_container(service_id, pull)
                     #print(f"Service {service_dict[service_id]:<{longest}} : updated")
-                    self.gotify_message(f"Service {service_dict[service_id]} updated")
+                    updates.append(service_dict[service_id])
                     print(ok, end=" ")
                     for name, hash_, image in self.all_data["containers"][self.args.endpoint_id]:
                         if name.startswith(service_dict[service_id]):
@@ -941,7 +954,7 @@ class Portainer:
                 else:
                     print(f"\r\033[4m{service_dict[service_id]:<{longest}}\033[0m  ", end="", flush=True)
                     #print(f"\033[4m{service_dict[service_id]:<{longest}} {err}\033[0m")
-                    self.gotify_message(f"Service update available for {service_dict[service_id]}")
+                    updates.append(service_dict[service_id])
                     print(err, end=" ")
                     for name, hash_, image in self.all_data["containers"][self.args.endpoint_id]:
                         if name.startswith(service_dict[service_id]):
@@ -951,12 +964,24 @@ class Portainer:
                 for name, hash_, image in self.all_data["containers"][self.args.endpoint_id]:
                     if name.startswith(service_dict[service_id]):
                         print(image)
+        if len(updates) > 0:
+            if pull:
+                self.gotify_message(f"Services updated: {', '.join(updates)}")
+            else:
+                self.gotify_message(f"Services updates available: {', '.join(updates)}")
         print("\033[?25h", end="")
         return True
 
     def update_service(self):
         all_services = self.get_services(self.get_endpoint_id())
-        #input(all_services)
+        if self.args.debug:
+            print(all_services)
+        if all_services == 503:
+            print("No services found on this endpoint.")
+            return False
+        if len(all_services) == 0:
+            print("No services found on this endpoint.")
+            return False
         service_tuples = [(s['ID'], s['Spec']['Name']) for s in all_services]
         service_tuples = sorted(service_tuples, key=lambda x: x[1])
         service_dict = dict(service_tuples)
@@ -1000,6 +1025,7 @@ class Portainer:
         #print(longest)
         ok = "\033[92m✔\033[0m"
         err = "\033[91m✖\033[0m"
+        service_to_update = []
         for service_id in service_ids:
             print("\033[?25l", end="")
             print(f"{service_dict[service_id]:<{longest}}  ", end="", flush=True)
@@ -1012,18 +1038,23 @@ class Portainer:
                 return []
             
             if resp['Status'] == "outdated":
+                service_to_update.append(service_dict[service_id])
                 if pull:
+                    if service_dict[service_id] in self.args.excluded:
+                        continue
                     self.restart_srv(service_id, pull)
                     #print(f"Service {service_dict[service_id]:<{longest}} : updated")
-                    self.gotify_message(f"Service {service_dict[service_id]} updated")
-                    print(ok)
+                    print(f"{ok} updated")
                 else:
                     print(f"\r\033[4m{service_dict[service_id]:<{longest}}\033[0m  ", end="", flush=True)
                     #print(f"\033[4m{service_dict[service_id]:<{longest}} {err}\033[0m")
-                    self.gotify_message(f"Service update available for {service_dict[service_id]}")
                     print(err)
             else:
                 print(ok)
+        if pull:
+            self.gotify_message(f"Services updated: {', '.join(service_to_update)}")
+        else:
+            self.gotify_message(f"Service update available: {', '.join(service_to_update)}")
         print("\033[?25h", end="")
         return True
 
@@ -1094,10 +1125,10 @@ class Portainer:
     def recreate_container(self,service_id, pull=False):
         """Restart a service on an endpoint."""
         path = f"/docker/{self.endpoint_id}/containers/{service_id}/recreate"
-        print(path)
+        # print(path)
         params={"pullImage": pull}
         try:
-            resp = self._api_post(path, json=params, timeout=20)
+            resp = self._api_post(path, json=params, timeout=120)
             #print(resp)
         except ValueError as e:
             print(f"Error restarting service: {e}")
@@ -1108,7 +1139,7 @@ class Portainer:
         path = f"/endpoints/{self.endpoint_id}/forceupdateservice"
         params={"serviceID": service_id, "pullImage": pool}
         try:
-            resp = self._api_put(path, json=params, timeout=20)
+            resp = self._api_put(path, json=params, timeout=120)
             # print(resp)
         except ValueError as e:
             print(f"Error restarting service: {e}")
@@ -1154,7 +1185,7 @@ class Portainer:
             self.get_endpoint(endpoint_id)
         if stack is not None:
             for s in stack:
-                self.stack_ids = [self._resolve_stack_id(s, endpoint_id)]
+                self.stack_ids.append(self._resolve_stack_id(s, endpoint_id))
         for stck in self.stack_ids:
             path = f"/stacks/{stck}/start"
             if self.endpoint_id is not None:
@@ -1184,7 +1215,7 @@ class Portainer:
 
         if stack is not None:
             for s in stack:
-                self.stack_ids = [self._resolve_stack_id(s, endpoint_id)]
+                self.stack_ids.append(self._resolve_stack_id(s, endpoint_id))
         # print(self.stack_ids)
         for stck in self.stack_ids:
             path = f"/stacks/{stck}/stop"
@@ -1351,4 +1382,5 @@ class Portainer:
         path = f"/endpoints/{endpoint_id}/docker/secrets/create"
         encoded = base64.b64encode(value.encode()).decode()
         data = {"Name": name, "Data": encoded}
+
         return self._api_post(path, data, timeout=timeout)

requirements.txt

@@ -4,4 +4,7 @@ tabulate
 # Other dev tools
 flake8
 pylint
-black
+black
+docker
+hvac
+prompt_toolkit