def is_docker_image_already_in_registry(service, sha):
"""Verifies that docker image exists in the paasta registry.
:param service: name of the service
:param sha: git sha
:returns: True, False or raises requests.exceptions.RequestException
"""
registry_uri = load_system_paasta_config().get_docker_registry()
repository, tag = build_docker_image_name(service, sha).split(':')
url = 'https://%s/v2/%s/tags/list' % (registry_uri, repository)
creds = read_docker_registy_creds(registry_uri)
with requests.Session() as s:
r = s.get(url, timeout=30) if creds[0] is None else s.get(
url, auth=creds, timeout=30)
if r.status_code == 200:
tags_resp = r.json()
if tags_resp['tags']:
return tag in tags_resp['tags']
else:
return False
elif r.status_code == 404:
return False # No Such Repository Error
r.raise_for_status()
def is_docker_image_already_in_registry(service, soa_dir, sha):
"""Verifies that docker image exists in the paasta registry.
:param service: name of the service
:param sha: git sha
:returns: True, False or raises requests.exceptions.RequestException
"""
registry_uri = get_service_docker_registry(service, soa_dir)
repository, tag = build_docker_image_name(service, sha).split(":")
creds = read_docker_registry_creds(registry_uri)
uri = f"{registry_uri}/v2/{repository}/manifests/paasta-{sha}"
with requests.Session() as s:
try:
url = "https://" + uri
r = (s.head(url, timeout=30)
if creds[0] is None else s.head(url, auth=creds, timeout=30))
except SSLError:
# If no auth creds, fallback to trying http
if creds[0] is not None:
raise
url = "http://" + uri
r = s.head(url, timeout=30)
if r.status_code == 200:
return True
elif r.status_code == 404:
return False # No Such Repository Error
r.raise_for_status()
def is_docker_image_already_in_registry(service, soa_dir, sha):
"""Verifies that docker image exists in the paasta registry.
:param service: name of the service
:param sha: git sha
:returns: True, False or raises requests.exceptions.RequestException
"""
registry_uri = get_service_docker_registry(service, soa_dir)
repository, tag = build_docker_image_name(service, sha).split(':')
creds = read_docker_registy_creds(registry_uri)
uri = '%s/v2/%s/tags/list' % (registry_uri, repository)
with requests.Session() as s:
try:
url = 'https://' + uri
r = s.get(url, timeout=30) if creds[0] is None else s.get(
url, auth=creds, timeout=30)
except SSLError:
# If no auth creds, fallback to trying http
if creds[0] is not None:
raise
url = 'http://' + uri
r = s.get(url, timeout=30)
if r.status_code == 200:
tags_resp = r.json()
if tags_resp['tags']:
return tag in tags_resp['tags']
else:
return False
elif r.status_code == 404:
return False # No Such Repository Error
r.raise_for_status()
def configure_and_run_docker_container(
docker_client,
docker_url,
docker_sha,
service,
instance,
cluster,
system_paasta_config,
args,
pull_image=False,
dry_run=False,
):
"""
Run Docker container by image hash with args set in command line.
Function prints the output of run command in stdout.
"""
if instance is None and args.healthcheck_only:
paasta_print(
"With --healthcheck-only, --instance MUST be provided!", file=sys.stderr
)
return 1
if instance is None and not sys.stdin.isatty():
paasta_print(
"--instance and --cluster must be specified when using paasta local-run without a tty!",
file=sys.stderr,
)
return 1
soa_dir = args.yelpsoa_config_root
volumes = list()
load_deployments = (docker_url is None or pull_image) and not docker_sha
interactive = args.interactive
try:
if instance is None:
instance_type = "adhoc"
instance = "interactive"
instance_config = get_default_interactive_config(
service=service,
cluster=cluster,
soa_dir=soa_dir,
load_deployments=load_deployments,
)
interactive = True
else:
instance_type = validate_service_instance(
service, instance, cluster, soa_dir
)
instance_config = get_instance_config(
service=service,
instance=instance,
cluster=cluster,
load_deployments=load_deployments,
soa_dir=soa_dir,
)
except NoConfigurationForServiceError as e:
paasta_print(str(e), file=sys.stderr)
return 1
except NoDeploymentsAvailable:
paasta_print(
PaastaColors.red(
"Error: No deployments.json found in %(soa_dir)s/%(service)s. "
"You can generate this by running: "
"generate_deployments_for_service -d %(soa_dir)s -s %(service)s"
% {"soa_dir": soa_dir, "service": service}
),
sep="\n",
file=sys.stderr,
)
return 1
if docker_sha is not None:
instance_config.branch_dict = {
"git_sha": docker_sha,
"docker_image": build_docker_image_name(service=service, sha=docker_sha),
"desired_state": "start",
"force_bounce": None,
}
if docker_url is None:
try:
docker_url = instance_config.get_docker_url()
except NoDockerImageError:
if instance_config.get_deploy_group() is None:
paasta_print(
PaastaColors.red(
f"Error: {service}.{instance} has no 'deploy_group' set. Please set one so "
"the proper image can be used to run for this service."
),
sep="",
file=sys.stderr,
)
else:
paasta_print(
PaastaColors.red(
"Error: No sha has been marked for deployment for the %s deploy group.\n"
"Please ensure this service has either run through a jenkins pipeline "
"or paasta mark-for-deployment has been run for %s\n"
% (instance_config.get_deploy_group(), service)
),
sep="",
file=sys.stderr,
)
return 1
if pull_image:
docker_pull_image(docker_url)
for volume in instance_config.get_volumes(system_paasta_config.get_volumes()):
if os.path.exists(volume["hostPath"]):
volumes.append(
"{}:{}:{}".format(
volume["hostPath"], volume["containerPath"], volume["mode"].lower()
)
)
else:
paasta_print(
PaastaColors.yellow(
"Warning: Path %s does not exist on this host. Skipping this binding."
% volume["hostPath"]
),
file=sys.stderr,
)
if interactive is True and args.cmd is None:
command = "bash"
elif args.cmd:
command = args.cmd
else:
command_from_config = instance_config.get_cmd()
if command_from_config:
command = format_command_for_type(
command=command_from_config, instance_type=instance_type, date=args.date
)
else:
command = instance_config.get_args()
secret_provider_kwargs = {
"vault_cluster_config": system_paasta_config.get_vault_cluster_config(),
"vault_auth_method": args.vault_auth_method,
"vault_token_file": args.vault_token_file,
}
return run_docker_container(
docker_client=docker_client,
service=service,
instance=instance,
docker_url=docker_url,
volumes=volumes,
interactive=interactive,
command=command,
healthcheck=args.healthcheck,
healthcheck_only=args.healthcheck_only,
user_port=args.user_port,
instance_config=instance_config,
soa_dir=args.yelpsoa_config_root,
dry_run=dry_run,
json_dict=args.dry_run_json_dict,
framework=instance_type,
secret_provider_name=system_paasta_config.get_secret_provider_name(),
secret_provider_kwargs=secret_provider_kwargs,
skip_secrets=args.skip_secrets,
)