def add_event(userId, event):
if not isinstance(event, Event):
raise TypeError('Invalid event definition')
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = False
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = anchore_engine.clients.common.get_service_endpoint(
userId, 'catalog')
url = base_url + "/events"
ret = http.anchy_post(url,
data=event.to_json(),
auth=auth,
headers=headers,
verify=localconfig['internal_ssl_verify'])
return (ret)
def add_image(userId, tag=None, dockerfile=None, annotations={}):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = anchore_engine.clients.common.get_service_endpoint(
userId, 'catalog')
url = base_url + "/image"
payload = {}
if tag:
url = url + "?{}".format(urllib.urlencode({'tag': tag}))
if dockerfile:
payload['dockerfile'] = dockerfile
if annotations:
payload['annotations'] = annotations
ret = http.anchy_post(url,
data=json.dumps(payload),
auth=auth,
headers=headers,
verify=localconfig['internal_ssl_verify'])
return (ret)
def add_registry(userId, registrydata, validate=True):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = anchore_engine.clients.common.get_service_endpoint(
userId, 'catalog')
url = "{}/system/registries?validate={}".format(base_url, validate)
payload = registrydata
ret = http.anchy_post(url,
data=json.dumps(payload),
auth=auth,
headers=headers,
verify=localconfig['internal_ssl_verify'])
return (ret)
def add_eval(userId, evalId, policyId, imageDigest, tag, final_action,
eval_url):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = anchore_engine.clients.common.get_service_endpoint(
userId, 'catalog')
url = base_url + "/evals"
try:
payload = anchore_engine.services.common.make_eval_record(
userId, evalId, policyId, imageDigest, tag, final_action, eval_url)
except Exception as err:
logger.error("couldn't prep input as valid eval add payload: " +
str(err))
raise err
ret = http.anchy_post(url,
data=json.dumps(payload),
auth=auth,
headers=headers,
verify=localconfig['internal_ssl_verify'])
return (ret)
def put_document(userId, bucket, name, inobj):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = False
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = anchore_engine.clients.common.get_service_endpoint(
userId, 'catalog')
url = base_url + "/archive/" + bucket + "/" + name
payload = {}
payload['document'] = inobj
ret = http.anchy_post(url,
data=json.dumps(payload),
auth=auth,
headers=headers,
verify=localconfig['internal_ssl_verify'])
return (ret)
def perform_prune(userId, resourcetype, prune_candidates):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = False
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = anchore_engine.clients.common.get_service_endpoint(
userId, 'catalog')
url = base_url + "/system/prune/" + resourcetype
payload = json.dumps(prune_candidates)
ret = http.anchy_post(url,
data=payload,
auth=auth,
headers=headers,
verify=localconfig['internal_ssl_verify'])
return (ret)
def import_image(userId, anchore_data):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = anchore_engine.clients.common.get_service_endpoint(
userId, 'catalog')
url = base_url + "/import"
payload = anchore_data
ret = http.anchy_post(url,
data=json.dumps(payload),
auth=auth,
headers=headers,
verify=localconfig['internal_ssl_verify'])
return (ret)
def add_policy(userId, bundle):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = get_catalog_endpoint()
url = base_url + "/policies"
try:
payload = anchore_engine.services.common.make_policy_record(userId, bundle)
except Exception as err:
logger.error("couldn't prep input as valid policy add payload: " + str(err))
raise err
ret = http.anchy_post(url, data=json.dumps(payload), auth=auth, headers=headers, verify=localconfig['internal_ssl_verify'])
#(httpcode, jsondata, rawdata) = http.fpost(url, data=json.dumps(payload), auth=auth, headers=headers, verify=localconfig['internal_ssl_verify'])
#if httpcode == 200 and jsondata != None:
# ret = jsondata
#else:
# #raise Exception("failed post: httpcode="+str(httpcode)+" rawdata="+str(rawdata))
# e = Exception("failed post url="+str(url))
# e.__dict__.update({'httpcode':httpcode, 'anchore_error_raw':str(rawdata), 'anchore_error_json':jsondata})
# raise e
return(ret)
def add_event(userId, hostId, service_name, level, message, detail=None):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = False
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = get_catalog_endpoint()
url = base_url + "/events"
payload = {
'hostId':hostId,
'service_name':service_name,
'level':level,
'message':message,
'detail':detail
}
ret = http.anchy_post(url, data=json.dumps(payload), auth=auth, headers=headers, verify=localconfig['internal_ssl_verify'])
return(ret)
def add_repo(userId, regrepo=None, autosubscribe=False, lookuptag=None):
global localconfig, headers
if not regrepo:
raise Exception("no regrepo supplied as input")
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = get_catalog_endpoint()
url = base_url + "/repo"
url = url + "?regrepo="+regrepo+"&autosubscribe="+str(autosubscribe)
if lookuptag:
url = url + "&lookuptag="+str(lookuptag)
ret = http.anchy_post(url, auth=auth, headers=headers, verify=localconfig['internal_ssl_verify'])
return(ret)
def import_image(userId, anchore_data):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = get_catalog_endpoint()
url = base_url + "/import"
payload = anchore_data
ret = http.anchy_post(url, data=json.dumps(payload), auth=auth, headers=headers, verify=localconfig['internal_ssl_verify'])
#(httpcode, jsondata, rawdata) = http.fpost(url, data=json.dumps(payload), auth=auth, headers=headers, verify=localconfig['internal_ssl_verify'])
#if httpcode == 200 and jsondata != None:
# ret = jsondata
#else:
# #raise Exception("failed post: httpcode="+str(httpcode)+" rawdata="+str(rawdata))
# e = Exception("failed post url="+str(url))
# e.__dict__.update({'httpcode':httpcode, 'anchore_error_raw':str(rawdata), 'anchore_error_json':jsondata})
# raise e
return(ret)
def enqueue(userId, name, inobj, qcount=0, forcefirst=False):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = False
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = get_simplequeue_endpoint(auth)
url = '/'.join([base_url, name])
url = url + "?qcount=" + str(qcount) + "&forcefirst=" + str(forcefirst)
payload = inobj
ret = http.anchy_post(url,
data=json.dumps(payload),
auth=auth,
headers=headers,
verify=localconfig['internal_ssl_verify'])
return (ret)
def add_registry(userId, registrydata):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = get_catalog_endpoint()
url = base_url + "/system/registries"
payload = registrydata
ret = http.anchy_post(url,
data=json.dumps(payload),
auth=auth,
headers=headers,
verify=localconfig['internal_ssl_verify'])
return (ret)
def add_image(userId, tag=None, dockerfile=None):
global localconfig, headers
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = get_catalog_endpoint()
url = base_url + "/image"
payload = {}
if tag:
url = url + "?tag="+tag
if dockerfile:
payload['dockerfile'] = dockerfile
ret = http.anchy_post(url, data=json.dumps(payload), auth=auth, headers=headers, verify=localconfig['internal_ssl_verify'])
return(ret)
def add_repo(userId, regrepo=None, autosubscribe=False, lookuptag=None):
global localconfig, headers
if not regrepo:
raise Exception("no regrepo supplied as input")
if localconfig == None:
localconfig = anchore_engine.configuration.localconfig.get_config()
ret = {}
if type(userId) == tuple:
userId, pw = userId
else:
pw = ""
auth = (userId, pw)
base_url = anchore_engine.clients.common.get_service_endpoint(userId, 'catalog')
url = base_url + "/repo"
params = {}
params['regrepo'] = str(regrepo)
params['autosubscribe'] = str(autosubscribe)
if lookuptag:
params['lookuptag'] = str(lookuptag)
if params:
url = url + "?{}".format(urllib.urlencode(params))
ret = http.anchy_post(url, auth=auth, headers=headers, verify=localconfig['internal_ssl_verify'])
return(ret)
def do_notify_webhook(user_record, notification):
logger.spew("webhook notify user: "******"webhook notify user: "******"could not prepare notification as JSON - exception: " + str(err))
webhooks = {}
localconfig = anchore_engine.configuration.localconfig.get_config()
if 'webhooks' in localconfig:
webhooks.update(localconfig['webhooks'])
if webhooks:
rootuser = webhooks.pop('webhook_user', None)
rootpw = webhooks.pop('webhook_pass', None)
rootverify = webhooks.pop('ssl_verify', None)
for ntype in [notification_type, 'general']:
if ntype in webhooks:
webhook = webhooks[ntype]
user = webhook.pop('webhook_user', rootuser)
pw = webhook.pop('webhook_pass', rootpw)
verify = webhook.pop('ssl_verify', rootverify)
if not user and not pw:
auth=None
else:
auth = (user, pw)
url = webhook['url']
for subkey,subval in subvars:
url = url.replace(subkey, subval)
try:
logger.debug("webhook post: " + str(url) + " : " + str(notification))
#result = http.post(url, data=payload, auth=auth, timeout=2.0, verify=verify)
result = http.anchy_post(url, data=payload, auth=auth, timeout=2.0, verify=verify)
logger.debug("webhook response: " + str(result))
return(True)
except Exception as err:
raise Exception("failed to post notification to webhook - exception: " + str(err))
logger.debug("warning: notification generated, but no matching webhook could be found in config to send it to - dropping notification")
return(False)
