Example #1
0
    def edit_policy_file(self, editpolicy=False, whitelist=False):
        ret = True

        if not editpolicy and not whitelist:
            # nothing to do
            return(ret)

        for imageId in self.images:
            if editpolicy:
                data = self.anchoreDB.load_gate_policy(imageId)
            else:
                data = self.anchoreDB.load_gate_whitelist(imageId)

            if not data:
                self._logger.info("Cannot find existing data to edit, skipping: " + str(imageId))
            else:
                tmpdir = anchore_utils.make_anchoretmpdir("/tmp")
                try:
                    thefile = os.path.join(tmpdir, "anchorepol."+imageId)
                    anchore_utils.write_plainfile_fromlist(thefile, data)
                    if "EDITOR" in os.environ:
                        cmd = os.environ["EDITOR"].split()
                        cmd.append(thefile)
                        try:
                            subprocess.check_output(cmd, shell=False)
                        except:
                            ret = False
                    elif os.path.exists("/bin/vi"):
                        try:
                            rc = os.system("/bin/vi " + thefile)
                            if rc:
                                ret = False
                        except:
                            ret = False
                    else:
                        self._logger.info("Cannot find editor to use: please set the EDITOR environment variable and try again")
                        break

                    #newdata = anchore_utils.read_plainfile_tolist(thefile)
                    try:
                        policy = anchore_policy.read_policy(name='default', file=thefile)
                        newdata = policy['default']
                    except Exception as err:
                        newdata = []

                    if editpolicy:
                        self.anchoreDB.save_gate_policy(imageId, newdata)
                    else:
                        self.anchoreDB.save_gate_whitelist(imageId, newdata)
                except Exception as err:
                    pass
                finally:
                    if tmpdir:
                        shutil.rmtree(tmpdir)

        return(ret)
Example #2
0
    def edit_policy_file(self, editpolicy=False, whitelist=False):
        ret = True

        if not editpolicy and not whitelist:
            # nothing to do
            return (ret)

        for imageId in self.images:
            if editpolicy:
                data = self.anchoreDB.load_gate_policy(imageId)
            else:
                data = self.anchoreDB.load_gate_whitelist(imageId)

            if not data:
                self._logger.info(
                    "Cannot find existing data to edit, skipping: " +
                    str(imageId))
            else:
                tmpdir = anchore_utils.make_anchoretmpdir("/tmp")
                try:
                    thefile = os.path.join(tmpdir, "anchorepol." + imageId)
                    anchore_utils.write_plainfile_fromlist(thefile, data)
                    if "EDITOR" in os.environ:
                        cmd = os.environ["EDITOR"].split()
                        cmd.append(thefile)
                        try:
                            subprocess.check_output(cmd, shell=False)
                        except:
                            ret = False
                    elif os.path.exists("/bin/vi"):
                        try:
                            rc = os.system("/bin/vi " + thefile)
                            if rc:
                                ret = False
                        except:
                            ret = False
                    else:
                        self._logger.info(
                            "Cannot find editor to use: please set the EDITOR environment variable and try again"
                        )
                        break

                    #newdata = anchore_utils.read_plainfile_tolist(thefile)
                    try:
                        policy = anchore_policy.read_policy(name='default',
                                                            file=thefile)
                        newdata = policy['default']
                    except Exception as err:
                        newdata = []

                    if editpolicy:
                        self.anchoreDB.save_gate_policy(imageId, newdata)
                    else:
                        self.anchoreDB.save_gate_whitelist(imageId, newdata)
                except Exception as err:
                    pass
                finally:
                    if tmpdir:
                        shutil.rmtree(tmpdir)

        return (ret)
Example #3
0
 def save_gate_whitelist(self, imageId, data):
     thedir = os.path.join(self.imagerootdir, imageId)
     if not os.path.exists(thedir):
         os.makedirs(thedir)
     thefile = os.path.join(thedir, 'anchore_gate.whitelist')
     return (anchore_utils.write_plainfile_fromlist(thefile, data))
Example #4
0
 def save_gate_eval_output(self, imageId, gate_name, data):
     thedir = os.path.join(self.imagerootdir, imageId, "gates_output")
     if not os.path.exists(thedir):
         os.makedirs(thedir)
     thefile = os.path.join(thedir, gate_name + ".eval")
     return (anchore_utils.write_plainfile_fromlist(thefile, data))