Ejemplo n.º 1
0
def export_docker(graph, export_location):
    """
    This is a wrapper function for exporting docker images, containers
    and volumes.
    """

    if os.geteuid() != 0:
        sys.exit("You need to have root privileges to run atomic export.")

    if not os.path.isdir(export_location):
        os.makedirs(export_location)

    try:
        #Save the docker storage driver
        storage_driver = DOCKER_CLIENT.info()["Driver"]
        filed = open(export_location + "/info.txt", "w")
        filed.write(storage_driver)
        filed.close()

        #export docker images
        export_images(export_location)
        #export docker containers
        export_containers(graph, export_location)
        #export docker volumes
        export_volumes(graph, export_location)
    except:
        error = sys.exc_info()[0]
        sys.exit(error)

    util.writeOut("atomic export completed successfully")
Ejemplo n.º 2
0
def import_docker(graph, import_location):
    """
    This is a wrapper function for importing docker images, containers
    and volumes.
    """

    if os.geteuid() != 0:
        sys.exit("You need to have root privileges to run atomic import.")

    if not os.path.isdir(import_location):
        sys.exit("{0} does not exist".format(import_location))
    try:
        #import docker images
        import_images(import_location)
        #import docker containers
        import_containers(graph, import_location)
        #import docker volumes
        import_volumes(graph, import_location)
    except:
        error = sys.exc_info()[0]
        sys.exit(error)

    util.writeOut("atomic import completed successfully")
    util.writeOut("Would you like to cleanup (rm -rf {0}) the temporary directory [y/N]"
          .format(import_location))
    choice = sys.stdin.read(1)
    if (choice == 'y') or (choice == 'Y'):
        util.writeOut("Deleting {0}".format(import_location))
        subprocess.check_call("rm -rf {0}".format(import_location), shell=True)
    else:
        util.writeOut("Cleanup operation aborted")
    util.writeOut("Please restart docker daemon for the changes to take effect")
Ejemplo n.º 3
0
def export_docker(graph, export_location):
    """
    This is a wrapper function for exporting docker images, containers
    and volumes.
    """

    if os.geteuid() != 0:
        sys.exit("You need to have root privileges to run atomic export.")

    if not os.path.isdir(export_location):
        os.makedirs(export_location)

    try:
	#Save the docker storage driver
        storage_driver = DOCKER_CLIENT.info()["Driver"]
        filed = open(export_location+"/info.txt", "w")
        filed.write(storage_driver)
        filed.close()

        #export docker images
        export_images(export_location)
        #export docker containers
        export_containers(graph, export_location)
        #export docker volumes
        export_volumes(graph, export_location)
    except:
        error = sys.exc_info()[0]
        sys.exit(error)

    util.writeOut("atomic export completed successfully")
Ejemplo n.º 4
0
    def scan(self):
        if (not self.args.images and not self.args.containers and not self.args.all) and len(self.args.scan_targets) == 0:
            sys.stderr.write("\nYou must provide a list of containers or images to scan\n")
            sys.exit(1)
        self.ping()
        BUS_NAME = "org.OpenSCAP.daemon"
        OBJECT_PATH = "/OpenSCAP/daemon"
        INTERFACE = "org.OpenSCAP.daemon.Interface"
        input_resolve = {}
        if self.args.images:
            scan_list = self._get_all_image_ids()
        elif self.args.containers:
            scan_list = self._get_all_container_ids()
        elif self.args.all:
            cids = self._get_all_container_ids()
            iids = self._get_all_image_ids()
            scan_list = cids + iids
        else:
            scan_list = []
            for scan_input in self.args.scan_targets:
                docker_id = self.get_input_id(scan_input)
                input_resolve[docker_id] = scan_input
                scan_list.append(docker_id)
        util.writeOut("\nScanning...\n")
        bus = dbus.SystemBus()
        try:
            oscap_d = bus.get_object(BUS_NAME, OBJECT_PATH)
            oscap_i = dbus.Interface(oscap_d, INTERFACE)
            # Check if the user has asked to override the behaviour of fetching the
            # latest CVE input data, as defined in the openscap-daemon conf file
            # oscap-daemon a byte of 0 (False), 1 (True), and 2 (no change)

            if self.args.fetch_cves is None:
                fetch = 2
            elif self.args.fetch_cves:
                fetch = 1
            else:
                fetch = 0
            scan_return = json.loads(oscap_i.scan_list(scan_list, 4, fetch, timeout=99999))

        except dbus.exceptions.DBusException as e:
            message = "The openscap-daemon returned: {0}".format(e.get_dbus_message())
            if e.get_dbus_name() == 'org.freedesktop.DBus.Error.ServiceUnknown':
                message = "Unable to find the openscap-daemon dbus service. "\
                          "Either start the openscap-daemon service or pull " \
                          "and run the openscap-daemon image"
            sys.stderr.write("\n{0}\n\n".format(message))
            sys.exit(1)

        if self.args.json:
            util.output_json(scan_return)

        else:
            if not self.args.detail:
                clean = util.print_scan_summary(scan_return, input_resolve)
            else:
                clean = util.print_detail_scan_summary(scan_return,
                                                       input_resolve)
            if not clean:
                sys.exit(1)
Ejemplo n.º 5
0
def push_image_to_satellite(image,
                            server_url,
                            username,
                            password,
                            verify_ssl,
                            docker_client,
                            repo_name,
                            organization_name,
                            activation_key_name,
                            debug=False):
    if not image:
        raise ValueError("Image required")
    parts = image.split("/")
    if parts > 1:
        if parts[0].find(".") != -1:
            server_url = parts[0]
            image = ("/").join(parts[1:])
    if not server_url:
        raise ValueError("Satellite server url required")

    if not server_url.startswith("http"):
        server_url = "https://" + server_url

    try:
        sat = SatelliteServer(server_url=server_url,
                              username=username,
                              password=password,
                              verify_ssl=verify_ssl,
                              docker_client=docker_client,
                              debug=debug)
    except Exception as e:
        raise IOError('Failed to initialize Satellite: {0}'.format(e))
    try:
        org_id = sat.getOrgID(organization_name)
    except Exception as e:
        raise IOError("Failed to get organization ID")
    try:
        repo_id = sat.getRepoId(repo_name, org_id)
    except Exception as e:
        raise IOError("""Invalid Repository Name: {0}.  Please verify that you
typed the name correctly, or create the repository
""".format(repo_name).replace('\n', ' '))
    try:
        activation_key = sat.getActivationKey(activation_key_name,
                                              organization_id)
    except Exception as e:
        raise IOError("""Invalid Activation Key Name:
            {0}""".format(activation_key_name).replace('\n', ' '))
    keyData = sat.get_data(repo_id, activation_key)
    content_view_id = keyData.get("content_view_id")
    product_id = keyData.get("product_id")
    try:
        util.writeOut('Uploading image "{0}" to server "{1}"'.format(
            image, server_url))
        sat.upload_docker_image(image, repo_id)
        util.writeOut("")
    except Exception as e:
        raise IOError('Failed to upload image: {0}'.format(e))
    sat.publish_view(content_view_id, repo_id)
    print("Push Complete")
Ejemplo n.º 6
0
def import_docker(graph, import_location):
    """
    This is a wrapper function for importing docker images, containers
    and volumes.
    """

    if os.geteuid() != 0:
        sys.exit("You need to have root privileges to run atomic import.")

    if not os.path.isdir(import_location):
        sys.exit("{0} does not exist".format(import_location))
    try:
        #import docker images
        import_images(import_location)
        #import docker containers
        import_containers(graph, import_location)
        #import docker volumes
        import_volumes(graph, import_location)
    except:
        error = sys.exc_info()[0]
        sys.exit(error)

    util.writeOut("atomic import completed successfully")
    util.writeOut("Would you like to cleanup (rm -rf {0}) the temporary directory [y/N]"
          .format(import_location))
    choice = sys.stdin.read(1)
    if (choice == 'y') or (choice == 'Y'):
        util.writeOut("Deleting {0}".format(import_location))
        subprocess.check_call("rm -rf {0}".format(import_location), shell=True)
    else:
        util.writeOut("Cleanup operation aborted")
    util.writeOut("Please restart docker daemon for the changes to take effect")
Ejemplo n.º 7
0
def import_images(import_location):
    """
    Method for importing docker images from a filesystem directory.
    """
    tarballs = subprocess.check_output("ls {0}/images".format(import_location), shell=True)
    split_tarballs = tarballs.split()
    for i in split_tarballs:
	util.writeOut("Importing image with id: {0}".format(i[:-4]))
        subprocess.check_call("docker load < {0}/images/{1}".format(import_location, i), shell=True)
Ejemplo n.º 8
0
def import_images(import_location):
    """
    Method for importing docker images from a filesystem directory.
    """
    tarballs = subprocess.check_output("ls {0}/images".format(import_location), shell=True)
    split_tarballs = tarballs.split()
    for i in split_tarballs:
        util.writeOut("Importing image with id: {0}".format(i[:-4]))
        subprocess.check_call("docker load < {0}/images/{1}".format(import_location, i), shell=True)
Ejemplo n.º 9
0
 def _print_release(self):
     """
     Prints the release information and splits based on the column length
     :return: None
     """
     step = self._max - 2
     r1_split = [self.i1.release.strip()[i:i+step] for i in range(0, len(self.i1.release.rstrip()), step)]
     r2_split = [self.i2.release.strip()[i:i+step] for i in range(0, len(self.i2.release.rstrip()), step)]
     for n in list(range(max(len(r1_split), len(r2_split)))):
         col1 = r1_split[n] if 0 <= n < len(r1_split) else ""
         col2 = r2_split[n] if 0 <= n < len(r2_split) else ""
         util.writeOut(self.two_col.format(col1, col2))
Ejemplo n.º 10
0
def import_volumes(graph, import_location):
    """
    Method for importing docker volumes from a filesystem directory.
    """
    util.writeOut("Importing Volumes")
    subprocess.check_call("/usr/bin/tar --selinux -xzvf {0}/volumes/volumeData.tar.gz"
                          " -C {1}/volumes"
                          .format(import_location, graph), stdout=DEVNULL, shell=True)
    if os.path.isdir(graph + "/vfs"):
        subprocess.check_call("/usr/bin/tar --selinux -xzvf {0}/volumes/vfsData.tar.gz"
                              " -C {1}/vfs"
                              .format(import_location, graph), stdout=DEVNULL,  shell=True)
Ejemplo n.º 11
0
def import_volumes(graph, import_location):
    """
    Method for importing docker volumes from a filesystem directory.
    """
    util.writeOut("Importing Volumes")
    subprocess.check_call("/usr/bin/tar --selinux -xzvf {0}/volumes/volumeData.tar.gz"
                          " -C {1}/volumes"
                          .format(import_location, graph), stdout=DEVNULL, shell=True)
    if os.path.isdir(graph + "/vfs"):
        subprocess.check_call("/usr/bin/tar --selinux -xzvf {0}/volumes/vfsData.tar.gz"
                              " -C {1}/vfs"
                              .format(import_location, graph), stdout=DEVNULL,  shell=True)
Ejemplo n.º 12
0
def push_image_to_satellite(image, server_url, username, password,
                            verify_ssl, docker_client,
                            repo_name, organization_name,
                            activation_key_name, debug=False):
    if not image:
        raise ValueError("Image required")
    parts = image.split("/")
    if parts > 1:
        if parts[0].find(".") != -1:
            server_url = parts[0]
            image = ("/").join(parts[1:])
    if not server_url:
        raise ValueError("Satellite server url required")

    if not server_url.startswith("http"):
        server_url = "https://" + server_url

    try:
        sat = SatelliteServer(server_url=server_url, username=username,
                              password=password, verify_ssl=verify_ssl,
                              docker_client=docker_client, debug=debug)
    except Exception as e:
        raise IOError('Failed to initialize Satellite: {0}'.format(e))
    try:
        org_id = sat.getOrgID(organization_name)
    except Exception as e:
        raise IOError("Failed to get organization ID")
    try:
        repo_id = sat.getRepoId(repo_name, org_id)
    except Exception as e:
        raise IOError("""Invalid Repository Name: {0}.  Please verify that you
typed the name correctly, or create the repository
""".format(repo_name).replace('\n', ' '))
    try:
        activation_key = sat.getActivationKey(activation_key_name,
                                              organization_id)
    except Exception as e:
        raise IOError("""Invalid Activation Key Name:
            {0}""".format(activation_key_name).replace('\n', ' '))
    keyData = sat.get_data(repo_id, activation_key)
    content_view_id = keyData.get("content_view_id")
    product_id = keyData.get("product_id")
    try:
        util.writeOut('Uploading image "{0}" to server "{1}"'.format(
                      image, server_url))
        sat.upload_docker_image(image, repo_id)
        util.writeOut("")
    except Exception as e:
        raise IOError('Failed to upload image: {0}'.format(e))
    sat.publish_view(content_view_id, repo_id)
    print("Push Complete")
Ejemplo n.º 13
0
def export_volumes(graph, export_location):
    """
    Method for exporting docker volumes into a filesystem directory.
    """
    if not os.path.isdir(export_location + "/volumes"):
        os.makedirs(export_location + "/volumes")
    util.writeOut("Exporting Volumes")
    subprocess.check_call("/usr/bin/tar --selinux -zcvf {0}/volumes/volumeData.tar.gz"
                          " -C {1}/volumes ."
                          .format(export_location, graph), stdout=DEVNULL, shell=True)
    if os.path.isdir(graph + "/vfs"):
        subprocess.check_call("/usr/bin/tar --selinux -zcvf {0}/volumes/vfsData.tar.gz"
                              " -C {1}/vfs ."
                              .format(export_location, graph), stdout=DEVNULL, shell=True)
Ejemplo n.º 14
0
def import_containers(graph, import_location):
    """
    Method for importing docker containers from a filesystem directory.
    """
    if not os.path.isdir(import_location + "/containers"):
        sys.exit("{0} does not exist. No containers to import."
                 .format(import_location+"/containers"))

    containers = subprocess.check_output("ls {0}/containers".format(import_location), shell=True)
    split_containers = containers.split()
    for i in split_containers:
        util.writeOut("Importing container ID:{0}".format(i[8:]))
        subprocess.check_call("/usr/libexec/atomic/migrate.sh import --container-id={0}"
                              " --graph={1} --import-location={2}"
                              .format(i[8:], graph, import_location), shell=True)
Ejemplo n.º 15
0
    def output_files(self, images, image_list):
        """
        Prints out the file differences when applicable
        :param images:
        :param image_list:
        :return: None
        """
        file_diff = DiffFS(image_list[0].chroot, image_list[1].chroot)
        for image in image_list:
            self.json_out[image.name] = {'{}_only'.format(image.name): file_diff._get_only(image.chroot)}
        self.json_out['files_differ'] = file_diff.common_diff

        if not self.args.json:
            file_diff.print_results(images[0], images[1])
            util.writeOut("\n")
Ejemplo n.º 16
0
def import_containers(graph, import_location):
    """
    Method for importing docker containers from a filesystem directory.
    """
    if not os.path.isdir(import_location + "/containers"):
        sys.exit("{0} does not exist. No containers to import."
                 .format(import_location+"/containers"))

    containers = subprocess.check_output("ls {0}/containers".format(import_location), shell=True)
    split_containers = containers.split()
    for i in split_containers:
        util.writeOut("Importing container ID:{0}".format(i[8:]))
        subprocess.check_call("/usr/libexec/atomic/migrate.sh import --container-id={0}"
                              " --graph={1} --import-location={2}"
                              .format(i[8:], graph, import_location), shell=True)
Ejemplo n.º 17
0
def push_image_to_satellite(image,
                            server_url,
                            username,
                            password,
                            verify_ssl,
                            docker_client,
                            activation_key,
                            repo_id,
                            debug=False):
    if not image:
        raise ValueError("Image required")
    parts = image.split("/")
    if parts > 1:
        if parts[0].find(".") != -1:
            server_url = parts[0]
            image = ("/").join(parts[1:])
    if not server_url:
        raise ValueError("Satellite server url required")

    if not server_url.startswith("http"):
        server_url = "https://" + server_url

    try:
        sat = SatelliteServer(server_url=server_url,
                              username=username,
                              password=password,
                              verify_ssl=verify_ssl,
                              docker_client=docker_client,
                              debug=debug)
    except Exception as e:
        raise IOError('Failed to initialize Satellite: {0}'.format(e))
    if not sat.is_repo(repo_id):
        raise IOError(
            """Invalid Repository ID: {0}.  Please create that repository
and try again, or input a different ID.""".format(repo_id).replace('\n', ' '))
    keyData = sat.get_data(repo_id, activation_key)
    content_view_id = keyData.get("content_view_id")
    org_id = keyData.get("org_id")
    product_id = keyData.get("product_id")
    try:
        util.writeOut('Uploading image "{0}" to server "{1}"'.format(
            image, server_url))
        sat.upload_docker_image(image, repo_id)
        util.writeOut("")
    except Exception as e:
        raise IOError('Failed to upload image: {0}'.format(e))
    sat.publish_view(content_view_id, repo_id)
    print("Push Complete")
Ejemplo n.º 18
0
def push_image_to_satellite(
    image, server_url, username, password, verify_ssl, docker_client, activation_key, repo_id, debug=False
):
    if not image:
        raise ValueError("Image required")
    parts = image.split("/")
    if parts > 1:
        if parts[0].find(".") != -1:
            server_url = parts[0]
            image = ("/").join(parts[1:])
    if not server_url:
        raise ValueError("Satellite server url required")

    if not server_url.startswith("http"):
        server_url = "https://" + server_url

    try:
        sat = SatelliteServer(
            server_url=server_url,
            username=username,
            password=password,
            verify_ssl=verify_ssl,
            docker_client=docker_client,
            debug=debug,
        )
    except Exception as e:
        raise IOError("Failed to initialize Satellite: {0}".format(e))
    if not sat.is_repo(repo_id):
        raise IOError(
            """Invalid Repository ID: {0}.  Please create that repository
and try again, or input a different ID.""".format(
                repo_id
            ).replace(
                "\n", " "
            )
        )
    keyData = sat.get_data(repo_id, activation_key)
    content_view_id = keyData.get("content_view_id")
    org_id = keyData.get("org_id")
    product_id = keyData.get("product_id")
    try:
        util.writeOut('Uploading image "{0}" to server "{1}"'.format(image, server_url))
        sat.upload_docker_image(image, repo_id)
        util.writeOut("")
    except Exception as e:
        raise IOError("Failed to upload image: {0}".format(e))
    sat.publish_view(content_view_id, repo_id)
    print("Push Complete")
Ejemplo n.º 19
0
def export_containers(graph, export_location):
    """
    Method for exporting docker containers into a filesystem directory.
    """
    if not os.path.isdir(export_location + "/containers"):
        os.makedirs(export_location + "/containers")

    split_containers = []
    for j in DOCKER_CLIENT.containers(all=True):
        split_containers.append(j["Id"])

    for i in range(0, len(split_containers)):
        util.writeOut("Exporting container ID:{0}".format(split_containers[i][:12]))
        subprocess.check_call("/usr/libexec/atomic/migrate.sh export --container-id={0}"
                              " --graph={1} --export-location={2}"
                              .format(split_containers[i][:12], graph, export_location),
                              shell=True)
Ejemplo n.º 20
0
    def scan(self):
        self.ping()
        BUS_NAME = "org.OpenSCAP.daemon"
        OBJECT_PATH = "/OpenSCAP/daemon"
        INTERFACE = "org.OpenSCAP.daemon.Interface"
        input_resolve = {}

        if self.args.images:
            scan_list = self._get_all_image_ids()
        elif self.args.containers:
            scan_list = self._get_all_container_ids()
        elif self.args.all:
            cids = self._get_all_container_ids()
            iids = self._get_all_image_ids()
            scan_list = cids + iids
        else:
            scan_list = []
            for scan_input in self.args.scan_targets:
                docker_id = self.get_input_id(scan_input)
                input_resolve[docker_id] = scan_input
                scan_list.append(docker_id)
        util.writeOut("\nScanning...\n")
        bus = dbus.SystemBus()
        try:
            oscap_d = bus.get_object(BUS_NAME, OBJECT_PATH)
            oscap_i = dbus.Interface(oscap_d, INTERFACE)
            scan_return = json.loads(oscap_i.scan_list(scan_list, 4))
        except dbus.exceptions.DBusException:
            error = "Unable to find the openscap-daemon dbus service. "\
                    "Either start the openscap-daemon service or pull and run"\
                    " the openscap-daemon image"
            sys.stderr.write("\n{0}\n\n".format(error))
            sys.exit(1)

        if self.args.json:
            util.output_json(scan_return)

        else:
            if not self.args.detail:
                clean = util.print_scan_summary(scan_return, input_resolve)
            else:
                clean = util.print_detail_scan_summary(scan_return,
                                                       input_resolve)
            if not clean:
                sys.exit(1)
Ejemplo n.º 21
0
def export_volumes(graph, export_location):
    """
    Method for exporting docker volumes into a filesystem directory.
    """
    if not os.path.isdir(export_location + "/volumes"):
        os.makedirs(export_location + "/volumes")
    util.writeOut("Exporting Volumes")
    subprocess.check_call(
        "/usr/bin/tar --selinux -zcvf {0}/volumes/volumeData.tar.gz"
        " -C {1}/volumes .".format(export_location, graph),
        stdout=DEVNULL,
        shell=True)
    if os.path.isdir(graph + "/vfs"):
        subprocess.check_call(
            "/usr/bin/tar --selinux -zcvf {0}/volumes/vfsData.tar.gz"
            " -C {1}/vfs .".format(export_location, graph),
            stdout=DEVNULL,
            shell=True)
Ejemplo n.º 22
0
def export_containers(graph, export_location):
    """
    Method for exporting docker containers into a filesystem directory.
    """
    if not os.path.isdir(export_location + "/containers"):
        os.makedirs(export_location + "/containers")

    split_containers = []
    for j in DOCKER_CLIENT.containers(all=True):
        split_containers.append(j["Id"])

    for i in range(0, len(split_containers)):
        util.writeOut("Exporting container ID:{0}".format(
            split_containers[i][:12]))
        subprocess.check_call(
            "/usr/libexec/atomic/migrate.sh export --container-id={0}"
            " --graph={1} --export-location={2}".format(
                split_containers[i][:12], graph, export_location),
            shell=True)
Ejemplo n.º 23
0
def push_image_to_pulp(image, server_url, username, password, verify_ssl,
                       docker_client):
    if not image:
        raise ValueError("Image required")
    parts = image.split("/")
    if parts > 1:
        if parts[0].find(".") != -1:
            server_url = parts[0]
            image = ("/").join(parts[1:])

    repo = image.replace("/", "-")
    if not server_url:
        raise ValueError("Pulp server url required")

    if not server_url.startswith("http"):
        server_url = "https://" + server_url

    try:
        pulp = PulpServer(server_url=server_url,
                          username=username,
                          password=password,
                          verify_ssl=verify_ssl,
                          docker_client=docker_client)
    except Exception as e:
        raise IOError('Failed to initialize Pulp: {0}'.format(e))

    try:
        if not pulp.is_repo(repo):
            pulp.create_repo(image, repo)
    except Exception as e:
        raise IOError('Failed to create repository: {0}'.format(e))

    try:
        util.writeOut('Uploading image "{0}" to server "{1}"'.format(
            image, server_url))
        pulp.upload_docker_image(image, repo)
        util.writeOut("")
    except Exception as e:
        raise IOError('Failed to upload image: {0}'.format(e))

    pulp.publish_repo(repo)
    pulp.export_repo(repo)
Ejemplo n.º 24
0
    def stop(self):
        try:
            cid = self._is_container(self.name, active=True)
            self.name = cid
        except AtomicError as error:
            util.writeOut(error)
            sys.exit(1)

        args = self._get_args("STOP")
        if args:
            cmd = self.gen_cmd(args + list(map(pipes.quote, self.args.args)))
            self.display(cmd)
            subprocess.check_call(cmd, env=self.cmd_env, shell=True)

        # Container exists
        try:
            if self.inspect["State"]["Running"]:
                self.d.stop(self.name)
        except KeyError:
            pass
Ejemplo n.º 25
0
    def stop(self):
        try:
            cid = self._is_container(self.name, active=True)
            self.name = cid
        except AtomicError as error:
            util.writeOut(error)
            sys.exit(1)

        args = self._get_args("STOP")
        if args:
            cmd = self.gen_cmd(args)
            self.display(cmd)
            subprocess.check_call(cmd, env=self.cmd_env, shell=True)

        # Container exists
        try:
            if self.inspect["State"]["Running"]:
                self.d.stop(self.name)
        except KeyError:
            pass
Ejemplo n.º 26
0
def push_image_to_pulp(image, server_url, username, password,
                       verify_ssl, docker_client):
    if not image:
        raise ValueError("Image required")
    parts = image.split("/")
    if parts > 1:
        if parts[0].find(".") != -1:
            server_url = parts[0]
            image = ("/").join(parts[1:])

    repo = image.replace("/", "-")
    if not server_url:
        raise ValueError("Pulp server url required")

    if not server_url.startswith("http"):
        server_url = "https://" + server_url

    try:
        pulp = PulpServer(server_url=server_url, username=username,
                          password=password, verify_ssl=verify_ssl,
                          docker_client=docker_client)
    except Exception as e:
        raise IOError('Failed to initialize Pulp: {0}'.format(e))

    try:
        if not pulp.is_repo(repo):
            pulp.create_repo(image, repo)
    except Exception as e:
        raise IOError('Failed to create repository: {0}'.format(e))

    try:
        util.writeOut('Uploading image "{0}" to server "{1}"'.format(
            image, server_url))
        pulp.upload_docker_image(image, repo)
        util.writeOut("")
    except Exception as e:
        raise IOError('Failed to upload image: {0}'.format(e))

    pulp.publish_repo(repo)
    pulp.export_repo(repo)
Ejemplo n.º 27
0
def export_images(export_location):
    """
    Method for exporting docker images into a filesystem directory.
    """
    if not os.path.isdir(export_location + "/images"):
        os.makedirs(export_location + "/images")

    split_images, split_ids = ([] for i in range(2))
    for j in DOCKER_CLIENT.images():
        split_images.append(j["RepoTags"])
    for k in DOCKER_CLIENT.images():
        split_ids.append(k["Id"])

    dic = {}

    for i in range(0, len(split_ids)):
        if split_images[i] == '<none>:<none>':
            continue
        if split_ids[i] in dic:
            dic[split_ids[i]] = [dic[split_ids[i]], split_images[i]]
        else:
            dic[split_ids[i]] = split_images[i]

    for ids, images in dic.iteritems():
        util.writeOut("Exporting image with id: {0}".format(ids[:12]))
        if isinstance(images, list):
            img = ""
            for i, val in enumerate(images):
                img = img + " " + val
            subprocess.check_call(
                "docker save {0} > {1}/images/{2}.tar".format(
                    img.lstrip(), export_location, ids[:12]),
                shell=True)
        else:
            subprocess.check_call(
                "docker save {0} > {1}/images/{2}.tar".format(
                    images, export_location, ids[:12]),
                shell=True)
Ejemplo n.º 28
0
    def output_rpms(self, rpm_image_list):
        """
        Prints out the differences in RPMs when applicable
        :param rpm_image_list:
        :return: None
        """
        ip = RpmPrint(rpm_image_list)
        if not self.args.json:
            if ip.has_diff:
                ip._print_diff(self.args.verbose)
            else:
                util.writeOut("\n{} and {} have no different RPMs".format(ip.i1.name, ip.i2.name))

        # Output JSON content
        else:
            rpm_json = ip._rpm_json()
            for image in rpm_json.keys():
                if image not in self.json_out:
                    self.json_out[image] = rpm_json[image]
                else:
                    _tmp = self.json_out[image]
                    _tmp.update(rpm_json[image])
                    self.json_out[image] = _tmp
Ejemplo n.º 29
0
def export_images(export_location):
    """
    Method for exporting docker images into a filesystem directory.
    """
    if not os.path.isdir(export_location + "/images"):
        os.makedirs(export_location + "/images")

    split_images, split_ids = ([] for i in range(2))
    for j in DOCKER_CLIENT.images():
        split_images.append(j["RepoTags"])
    for k in DOCKER_CLIENT.images():
        split_ids.append(k["Id"])

    dic = {}

    for i in range(0, len(split_ids)):
        if split_images[i] == '<none>:<none>':
            continue
        if split_ids[i] in dic:
            dic[split_ids[i]] = [dic[split_ids[i]], split_images[i]]
        else:
            dic[split_ids[i]] = split_images[i]

    for ids, images in dic.iteritems():
        util.writeOut("Exporting image with id: {0}".format(ids[:12]))
        if isinstance(images, list):
            img = ""
            for i, val in enumerate(images):
                img = img+" "+val
            subprocess.check_call(
                "docker save {0} > {1}/images/{2}.tar".format(
                    img.lstrip(), export_location, ids[:12]), shell=True)
        else:
            subprocess.check_call(
                "docker save {0} > {1}/images/{2}.tar".format(
                    images, export_location, ids[:12]), shell=True)
Ejemplo n.º 30
0
    def print_results(self, left_docker_obj, right_docker_obj):
        """
        Pretty output for the results of the filesystem diff
        :param left_docker_obj:
        :param right_docker_obj:
        :return:
        """
        def _print_diff(file_list):
            for _file in file_list:
                util.writeOut("{0}{1}".format(5*" ", _file))

        if all([len(self.left) == 0, len(self.right) == 0,
                len(self.common_diff) == 0]):
            util.writeOut("\nThere are no file differences between {0} "
                          "and {1}".format(left_docker_obj, right_docker_obj))
        if len(self.left) > 0:
            util.writeOut("\nFiles only in {}:".format(left_docker_obj))
            _print_diff(self.left)
        if len(self.right) > 0:
            util.writeOut("\nFiles only in {}:".format(right_docker_obj))
            _print_diff(self.right)
        if len(self.common_diff):
            util.writeOut("\nCommon files that are different:")
            _print_diff(self.common_diff)
Ejemplo n.º 31
0
 def _print_diff(self, be_verbose):
     """
     Outputs the diff information in columns
     :return: None
     """
     util.writeOut("")
     util.writeOut(self.two_col.format(self.i1.name, self.i2.name))
     util.writeOut(self.two_col.format("-"*self._max, "-"*self._max))
     self._print_release()
     util.writeOut(self.two_col.format("-"*self._max, "-"*self._max))
     for rpm in self.all_rpms:
         if (rpm in self.i1.rpms) and (rpm in self.i2.rpms):
             if be_verbose:
                 util.writeOut(self.two_col.format(rpm, rpm))
         elif (rpm in self.i1.rpms) and not (rpm in self.i2.rpms):
             util.writeOut(self.two_col.format(rpm, ""))
         elif not (rpm in self.i1.rpms) and (rpm in self.i2.rpms):
             util.writeOut(self.two_col.format("", rpm))
Ejemplo n.º 32
0
 def _print_diff(file_list):
     for _file in file_list:
         util.writeOut("{0}{1}".format(5*" ", _file))
Ejemplo n.º 33
0
    def scan(self):
        if (not self.args.images and not self.args.containers
                and not self.args.all) and len(self.args.scan_targets) == 0:
            sys.stderr.write(
                "\nYou must provide a list of containers or images to scan\n")
            sys.exit(1)
        self.ping()
        BUS_NAME = "org.OpenSCAP.daemon"
        OBJECT_PATH = "/OpenSCAP/daemon"
        INTERFACE = "org.OpenSCAP.daemon.Interface"
        input_resolve = {}
        if self.args.images:
            scan_list = self._get_all_image_ids()
        elif self.args.containers:
            scan_list = self._get_all_container_ids()
        elif self.args.all:
            cids = self._get_all_container_ids()
            iids = self._get_all_image_ids()
            scan_list = cids + iids
        else:
            scan_list = []
            for scan_input in self.args.scan_targets:
                docker_id = self.get_input_id(scan_input)
                input_resolve[docker_id] = scan_input
                scan_list.append(docker_id)

        # Check to make sure none of the docker objects we need to
        # scan are already mounted.
        for docker_obj in scan_list:
            if util.is_dock_obj_mounted(docker_obj):
                sys.stderr.write(
                    "\nThe object {0} is already mounted (in  "
                    "use) and therefore cannot be scanned.\n".format(
                        docker_obj))
                sys.exit(1)
        util.writeOut("\nScanning...\n")
        bus = dbus.SystemBus()
        try:
            oscap_d = bus.get_object(BUS_NAME, OBJECT_PATH)
            oscap_i = dbus.Interface(oscap_d, INTERFACE)
            # Check if the user has asked to override the behaviour of fetching the
            # latest CVE input data, as defined in the openscap-daemon conf file
            # oscap-daemon a byte of 0 (False), 1 (True), and 2 (no change)

            if self.args.fetch_cves is None:
                fetch = 2
            elif self.args.fetch_cves:
                fetch = 1
            else:
                fetch = 0
            scan_return = json.loads(
                oscap_i.scan_list(scan_list, 4, fetch, timeout=99999))

        except dbus.exceptions.DBusException as e:
            message = "The openscap-daemon returned: {0}".format(
                e.get_dbus_message())
            if e.get_dbus_name(
            ) == 'org.freedesktop.DBus.Error.ServiceUnknown':
                message = "Unable to find the openscap-daemon dbus service. "\
                          "Either start the openscap-daemon service or pull " \
                          "and run the openscap-daemon image"
            sys.stderr.write("\n{0}\n\n".format(message))
            sys.exit(1)

        if self.args.json:
            util.output_json(scan_return)

        else:
            if not self.args.detail:
                clean = util.print_scan_summary(scan_return, input_resolve)
            else:
                clean = util.print_detail_scan_summary(scan_return,
                                                       input_resolve)
            if not clean:
                sys.exit(1)