def execute_step(image_obj, args):
"""Execution path for looking at a container image filesystem at a
specific layer. This is an interactive debugging option and should not be
used in production."""
print()
print("*************************************************************")
print(" Container Image Interactive Debug Mode ")
print("*************************************************************")
print()
for layer in image_obj.layers:
created_by = layer.created_by if layer.created_by else 'unknown'
print("[{}] {}".format(image_obj.layers.index(layer), created_by))
try:
while True:
try:
# input is safe in Python3
top_layer = int(input("\nPick a layer to debug: ")) # nosec
except ValueError:
print("Not an integer")
continue
if not 0 <= top_layer < len(image_obj.layers):
print("Not a valid layer number")
continue
drop_into_layer(image_obj, top_layer)
except KeyboardInterrupt:
print("Exiting...")
rootfs.clean_up()
if not args.keep_wd:
prep.clean_image_tars(image_obj)
def teardown():
'''Tear down tern setup'''
# close docker client if any
container.close_client()
# save the cache
cache.save()
# remove folders for rootfs operations
rootfs.clean_up()
def recover(driver):
"""Undo all the mounts and clean up directories"""
if driver in ('overlay2', 'fuse'):
try:
rootfs.unmount_rootfs()
except subprocess.CalledProcessError:
pass
# nuking working directories
rootfs.clean_up()
def teardown(keep=False):
"""Tear down the environment setup"""
logger.debug("Tearing down...")
# save the cache
cache.save()
# remove folders for rootfs operations
rootfs.clean_up()
# clean up the working directory if user has not asked to keep it
if not keep:
clean_working_dir()
else:
logger.debug("Working directory available at: %s",
rootfs.get_working_dir())
def analyze_full_image(full_image, options):
"""If we are able to load a full image after a build, we can run an
analysis on it"""
# set up for analysis
crun.setup(full_image)
# analyze image
cimage.analyze(full_image, options)
# clean up after analysis
rootfs.clean_up()
# we should now be able to set imported layers
lock.set_imported_layers(full_image)
# save to the cache
common.save_to_cache(full_image)
return [full_image]
def analyze_base_image(base_image, options):
"""If we are unable to load the full image, we will try to analyze
the base image and try to extrapolate"""
# set up for analysis
crun.setup(base_image)
# analyze image
cimage.analyze(base_image, options)
# clean up
rootfs.clean_up()
# save the base image to cache
common.save_to_cache(base_image)
# let's try to figure out what packages were going to be installed in
# the dockerfile anyway
stub_image = get_dockerfile_packages()
return [base_image, stub_image]
def execute_invoke(image_obj, args):
"""Execution path for checking command library scripts"""
# we set up the image for analysis
run.setup(image_obj)
# we now mount the whole container image
mount_container_image(image_obj, args.driver)
# invoke commands in chroot
invoke_script(args)
# undo the mounts
if args.driver in ('fuse', 'overlay2'):
rootfs.unmount_rootfs()
# cleanup
rootfs.clean_up()
if not args.keep_wd:
prep.clean_image_tars(image_obj)
def recover():
"""Undo all the mounts and clean up directories"""
try:
rootfs.undo_mount()
except subprocess.CalledProcessError:
pass
try:
rootfs.unmount_rootfs()
except subprocess.CalledProcessError:
pass
# we nuke all the directories after mounting
rootfs.clean_up()
working_dir = rootfs.get_working_dir()
if os.path.exists(working_dir):
rootfs.root_command(rootfs.remove, working_dir)
def run_extension_layer(image_layer, ext_string, redo=False):
'''Depending on what tool the user has chosen to extend with, load that
extension and run it'''
try:
mgr = driver.DriverManager(
namespace='tern.extensions',
name=ext_string,
invoke_on_load=True,
)
return mgr.driver.execute_layer(image_layer, redo)
except NoMatches:
msg = errors.unrecognized_extension.format(ext=ext_string)
logger.critical(msg)
rootfs.clean_up()
prep.clean_working_dir()
sys.exit(1)
def teardown(image_obj):
"""Teardown and cleanup after analysis"""
# Add the image layers to the cache
common.save_to_cache(image_obj)
# Clean up working directories and mount points
rootfs.clean_up()
def teardown():
'''Tear down tern setup'''
# save the cache
cache.save()
# remove folders for rootfs operations
rootfs.clean_up()
def cleanup():
"""Clean up the working directory"""
rootfs.clean_up()
rootfs.root_command(rootfs.remove, rootfs.get_working_dir())
def cleanup():
"""Clean up the working directory"""
rootfs.clean_up()
report.clean_working_dir(False)
