What I've done, is write a script to update the containers, based on a json file hosted on Gitea.
The only call that remains is a "script run" which still requires some permissions but I'm satisfied with the current setup.
Thanks (a little bit late) for your answer Amm0.