Allow time selection on Podman Auto Update

[Odilhao]

Feature request description

Using podman auto-update with quadlets right now restricts the user with one daily update when the image is hosted in one registry

Podman ships with a podman-auto-update.service systemd unit. 
This unit is triggered daily at midnight by the podman-auto-update.timer systemd timer. 
The timer can be altered for custom time-based updates if desired. 

1 - https://docs.podman.io/en/latest/markdown/podman-auto-update.1.html

Suggest potential solution

My proposal is to create one new item for quadlet files, that allows the user to set a timer definition using the OnCalendar= option from systemd-timer, this will allow user to customize the image pull.

2 - https://www.freedesktop.org/software/systemd/man/systemd.timer

Have you considered any alternatives?

The alternative that I tried is to modify the default[3] template provided by podman, this does not scale when you have multiple machines running containers, one native solution should make easier to manage the deployments.

3 - https://github.com/containers/podman/blob/main/contrib/systemd/system/podman-auto-update.timer#L5

Additional context

Right now I'm modifying the default timer provided by podman to ensure that my containers are checking the registry at least 5 times in hour. I don't have any reason to use k8s APIs to update containers or neither use IAC/GitOps to keep the images update to date at the moment, just replacing the timer with a more customizable one allows my deployments to be up-to-date without issues.

[Luap99]

This doesn't seem to make much sense as podman auto-update updates all containers. As such it is impossible to define a key to set a interval in a container unit as this would then change the interval for all containers which would be totally confusing. And if set in multiple units it would be racy which one was read first/last....

The alternative that I tried is to modify the default[3] template provided by podman, this does not scale when you have multiple machines running containers, one native solution should make easier to manage the deployments.

Why does this not scale? systemd units support drop in configs to overwrite a single setting so all you need to do is copy one single file on all your systems. You can edit the file with systemctl edit podman-auto-update.timer which then creates such a drop in file for you which you could copy on any system, i.e.

$ cat /etc/systemd/system/podman-auto-update.timer.d/override.conf
[Timer]
OnCalendar=...

[vrothberg]

I think it's doable to have a dedicated per-quadlet timer for auto-updates. As @Luap99 mentioned above, auto updates currently run for all containers but this could certainly be changed. But it would be quite some coding to get it right.

Changing the time and frequency should scale well across even huge fleets. It sounds like a good use case for Ansible.

[JacobCallahan]

I like the idea of having a per-quadlet interval set.