DNS Timeout on run once

[psleep]

Describe the bug
Receive DNS timeout message when using --run-once

To Reproduce

Steps to reproduce the behavior:
Run docker run --rm -v /var/run/docker.sock:/var/run/docker.sock containrrr/watchtower --run-once --cleanup --debug

Expected behavior
Containers to update automatically.

We want to know:

• Platform: Ubuntu 22.04
• Architecture: x86_64
• Docker version: Docker version 20.10.12, build 20.10.12-0ubuntu4

docker run --rm -v /var/run/docker.sock:/var/run/docker.sock containrrr/watchtower --run-once --cleanup --debug
time="2022-07-29T07:54:50Z" level=debug
time="2022-07-29T07:54:50Z" level=debug msg="Sleeping for a second to ensure the docker api client has been properly initialized."
time="2022-07-29T07:54:51Z" level=debug msg="Making sure everything is sane before starting"
time="2022-07-29T07:54:51Z" level=info msg="Watchtower 1.4.0"
time="2022-07-29T07:54:51Z" level=info msg="Using no notifications"
time="2022-07-29T07:54:51Z" level=info msg="Checking all containers (except explicitly disabled with label)"
time="2022-07-29T07:54:51Z" level=info msg="Running a one time update."
time="2022-07-29T07:54:51Z" level=debug msg="Checking containers for updated images"
time="2022-07-29T07:54:51Z" level=debug msg="Retrieving running containers"
time="2022-07-29T07:54:51Z" level=debug msg="Trying to load authentication credentials." container=/zen_wu image="containrrr/watchtower:latest"
time="2022-07-29T07:54:51Z" level=debug msg="No credentials for containrrr found" config_file=/config.json
time="2022-07-29T07:54:51Z" level=debug msg="Got image name: containrrr/watchtower:latest"
time="2022-07-29T07:54:51Z" level=debug msg="Checking if pull is needed" container=/zen_wu image="containrrr/watchtower:latest"
time="2022-07-29T07:54:51Z" level=debug msg="Building challenge URL" URL="https://index.docker.io/v2/"
time="2022-07-29T07:55:01Z" level=warning msg="Could not do a head request for \"containrrr/watchtower:latest\", falling back to regular pull." container=/zen_wu image="containrrr/watchtower:latest"
time="2022-07-29T07:55:01Z" level=warning msg="Reason: Get \"https://index.docker.io/v2/\": dial tcp: lookup index.docker.io on 192.168.0.7:53: read udp 172.17.0.2:37548->192.168.0.7:53: i/o timeout" container=/zen_wu image="containrrr/watchtower:latest"

Additional context

Watchtower updates containers as expected if started as a daemon and on a schedule.
If I remove my DNS server settings from the netplan config, watchtower attempts to use google DNS (which is blocked by my router) but if I allow it through, watchtower works as expected.

DNS server (adguard) is running without any issues in a container on the same docker host as watchtower

[github-actions]

Hi there! 👋🏼 As you're new to this repo, we'd like to suggest that you read our code of conduct as well as our contribution guidelines. Thanks a bunch for opening your first issue! 🙏

[piksel]

That's interesting. The HEAD requests are done using a simple go net/http request, and this would suggest that it doesn't use the containers DNS settings. This might be due to the static binary nature of go, but since the docker daemon is able to to make the request, we should be able to do so as well. edit: or rather, since it's only when using --run-once it's because the network hasn't been sufficiently initialized yet. Still, this looks like a deep dive into go's net implementation and docker networking.