def execute_image(args):
"""Execution path for container images"""
logger.debug('Starting analysis...')
image_string = extract_image(args)
# If the image has been extracted, load the metadata
if image_string:
full_image = cimage.load_full_image(image_string,
args.load_until_layer)
# check if the image was loaded successfully
if full_image.origins.is_empty():
# Add an image origin here
full_image.origins.add_notice_origin(
formats.docker_image.format(imagetag=image_string))
# Set up for analysis
setup(full_image)
# analyze image
cimage.analyze(full_image, args)
# report out
report.report_out(args, full_image)
# clean up
teardown(full_image)
else:
# we cannot load the full image
logger.error('Cannot retrieve full image metadata')
if not args.keep_wd:
prep.clean_image_tars(full_image)
def analyze_full_image(full_image, options):
"""If we are able to load a full image after a build, we can run an
analysis on it"""
# set up for analysis
crun.setup(full_image)
# analyze image
cimage.analyze(full_image, options)
# clean up after analysis
rootfs.clean_up()
# we should now be able to set imported layers
lock.set_imported_layers(full_image)
# save to the cache
common.save_to_cache(full_image)
return [full_image]
def analyze_base_image(base_image, options):
"""If we are unable to load the full image, we will try to analyze
the base image and try to extrapolate"""
# set up for analysis
crun.setup(base_image)
# analyze image
cimage.analyze(base_image, options)
# clean up
rootfs.clean_up()
# save the base image to cache
common.save_to_cache(base_image)
# let's try to figure out what packages were going to be installed in
# the dockerfile anyway
stub_image = get_dockerfile_packages()
return [base_image, stub_image]