コード例 #1
0
def get_image_manifest(userId, image_info, registry_creds):
    logger.debug("get_image_manifest input: " + str(userId) + " : " + str(image_info) + " : " + str(time.time()))
    user = pw = None
    repo = url = None
    registry_verify=True

    registry = image_info['registry']
    try:
        user, pw, registry_verify = anchore_engine.auth.common.get_creds_by_registry(registry, registry_creds=registry_creds)
    except Exception as err:
        raise err    

    if registry == 'docker.io':
        url = "https://index.docker.io"
        if not re.match(".*/.*", image_info['repo']):
            repo = "library/"+image_info['repo']
        else:
            repo = image_info['repo']
    else:
        url = "https://"+registry
        repo = image_info['repo']

    if image_info['digest']:
        tag = None
        input_digest = image_info['digest']
        fulltag = "{}/{}@{}".format(registry, repo, input_digest)
    else:
        input_digest = None
        tag = image_info['tag']
        fulltag = "{}/{}:{}".format(registry, repo, tag)

    manifest = digest = None

    logger.debug("trying to get manifest/digest for image ("+str(fulltag)+")")
    err = None
    try:
        if tag:
            manifest, digest = get_image_manifest_skopeo(url, registry, repo, intag=tag, user=user, pw=pw, verify=registry_verify)
        elif input_digest:
            manifest, digest = get_image_manifest_skopeo(url, registry, repo, indigest=input_digest, user=user, pw=pw, verify=registry_verify)
        else:
            raise Exception("neither tag nor digest was given as input")
    except Exception as ex:
        logger.error("could not fetch manifest/digest: " + str(ex))
        manifest = digest = None
        err = ex

    if manifest and digest:
        return(manifest, digest)

    logger.error("could not get manifest/digest for image ({}) from registry ({}) - error: {}".format(fulltag, url, err))
    raise Exception("could not get manifest/digest for image ({}) from registry ({}) - error: {}".format(fulltag, url, err))

    return({}, "")
コード例 #2
0
ファイル: analyzers.py プロジェクト: zhy1991/anchore-engine 
def exec(tag, tmpdir):
    """
    Run analyzer(s) against the local tagged image and write the result in a local fs
    :param tag: str tag name to analyze on local host (e.g. alpine:latest)
    :param tmpdir: valid and existing file path
    :return:
    """
    global config
    click.echo('Getting tag manifest for: {}'.format(tag))
    registry, rest = tag.split('/', 1)
    repo, tag = rest.split(':', 1)
    click.echo('Registry: {}, Repository: {}, Tag: {}'.format(
        registry, repo, tag))
    manifest, digest, parentdigest = get_image_manifest_skopeo(None,
                                                               registry,
                                                               repo,
                                                               intag=tag)
    img_record = {
        'imageDigest':
        digest,
        'parentDigest':
        parentdigest,
        'dockerfile_mode':
        'guessed',
        'image_detail': [{
            'dockerfile': '',
            'imageId': digest,
            'imageDigest': digest,
            'tag': tag,
            'registry': registry,
            'repo': repo
        }]
    }
    click.echo('Got digest: {}'.format(digest))
    click.echo('Got parentdigest: {}'.format(parentdigest))
    click.echo('Config: {}'.format(config))
    click.echo('Running analyzers')

    image_report = localanchore_standalone.analyze_image(
        userId='cli_test',
        manifest=json.dumps(manifest),
        image_record=img_record,
        tmprootdir=tmpdir,
        localconfig=config,
        registry_creds=None,
        use_cache_dir=False)
    click.echo('complete!')
    with open(digest + '.report.json', 'w') as f:
        json.dump(image_report, f)