def __init__(self, image, scanner, result_file):
# container/image under test
self.image = image
# scanner name / as installed /not full URL
self.scanner = scanner
# name of the output result file by scanner
self.result_file = result_file
# image_id
self.image_id = Atomic().get_input_id(self.image)
# set logger or set console
load_logger()
self.logger = logging.getLogger("scan-worker")
# Flag to indicate if image is mounted on local filesystem
self.is_mounted = False
# image mount path
self.image_mountpath = os.path.join("/", self.image_id)
# initialize the atomic mount object
self.mount_obj = mount.Mount()
# provide image id to mount object
self.mount_obj.image = self.image_id
# provide mount option read/write
self.mount_obj.options = ["rw"]
# provide mount point
self.mount_obj.mountpoint = self.image_mountpath
# set default for res_dir, this is a dir which is created
# by atomic, default result location
self.res_dir = None
def poll_server(template_location):
load_logger()
logger = logging.getLogger('poll-job')
queue = JobQueue(host=settings.BEANSTALKD_HOST,
port=settings.BEANSTALKD_PORT,
sub="poll_server",
pub="poll_failed",
logger=logger)
job = None
job_obj = None
project = {}
job_details = None
try:
job_obj = queue.get()
job = json.loads(job_obj.body)
logger.info("Got job: %s" % str(job))
except Exception as e:
logger.warning("Could not retrieve job details:%s " % str(e))
image_under_test = job.get("image_under_test")
project["image_under_test"] = image_under_test
project["analytics_server"] = job.get("analytics_server")
project["git_sha"] = job.get("git-sha")
project["git_url"] = job.get("git-url")
project["logs_dir"] = job.get("logs_dir")
project["api_server_poll_job_name"] = image_under_test.replace(
"/", "-").replace(".", "-").replace(":", "-")
try:
env = Environment(loader=FileSystemLoader('./'),
trim_blocks=True,
lstrip_blocks=True)
template = env.get_template("api-server-poll.yml")
logger.info("Project details got is: %s" % str(project))
job_details = template.render(project)
logger.info("Template is rendered with project: %s" % str(project))
except Exception as e:
logger.critical("Error template is not updated: %s" % str(e))
try:
generated_filename = os.path.join(template_location,
"poll_server_generated.yaml")
with open(generated_filename, 'w') as outfile:
outfile.write(job_details)
outfile.flush()
except Exception as e:
logger.critical("Error job_details could not be updated %s" % str(e))
if job:
queue.delete(job_obj)
def __init__(self, job):
"""Initialize runner."""
# initializing logger
load_logger()
self.logger = logging.getLogger('scan-worker')
self.docker_conn = self.docker_client()
if not self.docker_conn:
self.logger.fatal("Not able to connect to docker daemon.")
sys.exit(1)
self.job = job
# register all scanners
self.scanners = [
PipelineScanner,
AnalyticsIntegration,
ScannerRPMVerify,
MiscPackageUpdates,
ContainerCapabilities
]
def send_scan_data(analytics_server, image_under_test, git_url, git_sha,
logs_dir, gemini_report):
load_logger()
logger = logging.getLogger('poll-job')
conn = beanstalkc.Connection(host=settings.BEANSTALKD_HOST,
port=settings.BEANSTALKD_PORT)
logger.info("Getting scan details from jenkins")
scan_details = {}
scan_details["action"] = "start_scan"
scan_details["weekly"] = "True"
scan_details["analytics_server"] = analytics_server
scan_details["image_under_test"] = image_under_test
scan_details["git-url"] = git_url
scan_details["git-sha"] = git_sha
scan_details["gemini_report"] = gemini_report
scan_details["notify_email"] = settings.NOTIFY_EMAILS
scan_details["logs_dir"] = logs_dir
logger.info("Pushing scan details to the tube")
conn.use("master_tube")
conn.put(json.dumps(scan_details))
print("scan details are pushed to master tube")
Clean up the system after scan is done.
This cleans up any unused/dangling images and volumes.
This is using `docker image prune -f` and `docker volume prune -f`
commands under the hood. The `-f` option will help avoid the prompt
for confirmation.
"""
command = "docker rmi -f `docker images -f dangling=true -q`"
self.logger.debug("Removing unused/dangling images..")
try:
run_cmd(command, shell=True)
except Exception:
pass
else:
self.logger.debug("Cleaned unsued images post scan.")
command = "docker volume rm `docker volume ls -f dangling=true -q`"
self.logger.debug("Removing unused/dangling volumes..")
try:
run_cmd(command, shell=True)
except Exception:
pass
else:
self.logger.debug("Cleaned unsued volumes post scan.")
if __name__ == '__main__':
log.load_logger()
logger = logging.getLogger("scan-worker")
ScanWorker(logger, sub='start_scan', pub='failed_scan').run()