data "docker_registry_image" "shepherd" {
  name = "containrrr/shepherd:latest"
}

resource "docker_service" "shepherd" {
  name = "shepherd"

  task_spec {
    container_spec {
      image = "${data.docker_registry_image.shepherd.name}@${data.docker_registry_image.shepherd.sha256_digest}"

      env = {
        FILTER_SERVICES       = "label=shepherd.auto-update=true"
        SLEEP_TIME            = "1d"
        IMAGE_AUTOCLEAN_LIMIT = "2"
      }

      mounts {
        target = "/var/run/docker.sock"
        source = "/var/run/docker.sock"
        type   = "bind"
      }
    }

    placement {
      constraints = ["node.role == manager"]
    }
  }

  lifecycle {
    ignore_changes = [
      task_spec[0].placement[0].platforms
    ]
  }
}