Ejemplo n.º 1
0
    def load_image_from_docker(self):
        try:
            ddata = {}
            hdata = {}
            Id = None

            # first get a list of docker images and search for the input image
            if self.meta['imageId'] not in self.docker_images.keys():
                self.docker_images = anchore_utils.get_docker_images(self.docker_cli)

            if self.meta['imageId'] in self.docker_images.keys():
                ddata = self.docker_cli.inspect_image(self.meta['imageId'])
                hdata = self.docker_cli.history(self.meta['imageId'])

        except Exception as err:
            raise err

        if not ddata:
            raise Exception("docker_inspect data empty")

        self.docker_data = ddata
        self.docker_history = hdata

        for t in self.docker_data['RepoTags']:
            if t not in self.anchore_current_tags:
                self.anchore_current_tags.append(t)
            if t not in self.anchore_all_tags:
                self.anchore_all_tags.append(t)

        return (True)
Ejemplo n.º 2
0
    def __init__(self, imagename, allimages={}, tmpdirroot="/tmp", dockerfile=None, docker_cli=None, anchore_db=None, docker_images=None, usertype=None):
        self._logger.debug("initializing image: " + str(imagename))
        # all members
        self.allimages = allimages
        self.initialized = False
        self.docleanup = True
        self.tmpdirroot = tmpdirroot
        self.tmpdir = '/'.join([self.tmpdirroot, str(random.randint(0, 9999999)) + ".anchoretmp"])

        self.dockerfile = dockerfile
        self.dockerfile_contents = None
        self.dockerfile_mode = None
        self.docker_cli = None
        self.docker_data = {}
        self.docker_history = {}

        self.meta = {'imagename': None,
                     'shortname': None,
                     'humanname': None,
                     'imageId': None,
                     'shortId': None,
                     'parentId': None,
                     'shortparentId': None,
                     'usertype': usertype,
                     'sizebytes':0}

        self.anchore_data = {}

        self.anchore_allfiles = {}
        self.anchore_allpkgs = {}
        self.anchore_familytree = None
        self.anchore_layers = None
        self.anchore_current_tags = []
        self.anchore_all_tags = []
        self.anchore_tag_history = []

        self.anchore_analyzer_meta = {}

        self.anchore_analysis_report = None
        self.anchore_gates_report = None
        self.anchore_gates_eval_report = None
        self.anchore_image_report = None

        # some contexts
        self.anchore_db = None
        self.docker_images = None
        self.anchore_config = None

        # do some setup
        # set up imageId
        try:
            result = anchore_utils.discover_imageId(imagename)
            if not result:
                raise Exception("could not locate image named ("+str(imagename)+") in anchore or local container system.")
        except Exception as err:
            raise Exception("input image name ("+str(imagename)+") is ambiguous. exception - " + str(err))

        self.meta['imageId'] = result

        if dockerfile and (os.stat(dockerfile).st_size <= 0 or not os.path.exists(dockerfile) or not os.path.isfile(dockerfile)):
            raise Exception("input dockerfile ("+str(dockerfile)+") is invalid.")

        # set up external contexts
        if docker_cli:
            self.docker_cli = docker_cli
        elif 'docker_cli' in contexts and contexts['docker_cli']:
            self.docker_cli = contexts['docker_cli']
        else:
            try:
                self.docker_cli = docker.Client(base_url='unix://var/run/docker.sock', version='auto', timeout=300)
            except Exception as err:
                self._logger.warn("could not establish connection with docker, some operations (analyze) may fail: exception: " + str(err))

        if anchore_db:
            self.anchore_db = anchore_db
        elif 'anchore_db' in contexts and contexts['anchore_db']:
            self.anchore_db = contexts['anchore_db']

        if not self.anchore_db:
            raise Exception("could not init/connect to anchoreDB")

        if docker_images:
            self.docker_images = docker_images
        elif 'docker_images' in contexts and contexts['docker_images']:
            self.docker_images = contexts['docker_images']
        else: 
            self.docker_images = anchore_utils.get_docker_images(self.docker_cli)

        if 'anchore_config' in contexts and contexts['anchore_config']:
            self.anchore_config = contexts['anchore_config']
            
        # set up metadata about the image from anchoreDB and docker
        if not self.load_image(dockerfile):
            raise Exception("could not load image information from Docker or AnchoreDB")

        # set up image directory structure
        try:
            self.anchore_db.create_image(self.meta['imageId'])
        except Exception as err:
            raise err

        # set up any additional internal members
        self.initialized = True

        self.discover_layers()
        self.discover_familytree()
        self.discover_dockerfile_contents()

        newlist = list(self.anchore_familytree)
        while self.meta['imageId'] in newlist: newlist.remove(self.meta['imageId'])
        anchore_utils.image_context_add(newlist, self.allimages, docker_cli=self.docker_cli, tmproot=self.tmpdirroot, anchore_db=self.anchore_db, docker_images=self.docker_images)