def Run(self, args): """Yields the differences of packages between two images.""" # If not specified, both base project and diff project are the user project. base_image_ref = args.CONCEPTS.base_image.Parse() diff_image_ref = args.CONCEPTS.diff_image.Parse() # Use GA to construct the compute API holder since the containeranalysis # API always call compute v1 API to refer the compute resources. holder = base_classes.ComputeApiHolder(base.ReleaseTrack.GA) resource_filter_base = filter_utils.GetFilter(base_image_ref, holder) resource_filter_diff = filter_utils.GetFilter(diff_image_ref, holder) image_packages_base = containeranalysis_util.MakeOccurrenceRequest( project_id=base_image_ref.project, resource_filter=resource_filter_base, occurrence_filter=None, resource_urls=None) image_packages_diff = containeranalysis_util.MakeOccurrenceRequest( project_id=diff_image_ref.project, resource_filter=resource_filter_diff, occurrence_filter=None, resource_urls=None) package_versions_base = self._GetVersions(image_packages_base, args.base_image) package_versions_diff = self._GetVersions(image_packages_diff, args.diff_image) return self._GetDiff(args, package_versions_base, package_versions_diff)
def FetchOccurrencesForResource(digest, occurrence_filter=None): """Fetches the occurrences attached to this image.""" project_id = RecoverProjectId(digest) resource_filter = 'resource_url="{resource_url}"'.format( resource_url=_FullyqualifiedDigest(digest)) return containeranalysis_util.MakeOccurrenceRequest( project_id, resource_filter, occurrence_filter)
def Run(self, args): """Yields filtered vulnerabilities.""" project = properties.VALUES.core.project.Get() holder = base_classes.ComputeApiHolder(base.ReleaseTrack.GA) resource_filter = self._GetFilter(args, holder) return containeranalysis_util.MakeOccurrenceRequest( project_id=project, resource_filter=resource_filter, occurrence_filter=None, resource_urls=None)
def Run(self, args): """Yields filtered packages.""" project = properties.VALUES.core.project.Get() image_ref = args.CONCEPTS.image.Parse() # Use GA to construct the compute API holder since the containeranalysis # API always call compute v1 API to refer the compute resources. holder = base_classes.ComputeApiHolder(base.ReleaseTrack.GA) resource_filter = filter_utils.GetFilter(image_ref, holder) image_packages = containeranalysis_util.MakeOccurrenceRequest( project_id=project, resource_filter=resource_filter, occurrence_filter=None, resource_urls=None) return self._GetPackageVersions(image_packages, args.image)
def FetchOccurrences(repository, occurrence_filter=None, resource_urls=None): """Fetches the occurrences attached to the list of manifests.""" project_id = RecoverProjectId(repository) # Retrieve all resource urls prefixed with the image path resource_filter = 'has_prefix(resource_url, "{repo}")'.format( repo=_UnqualifiedResourceUrl(repository)) occurrences = containeranalysis_util.MakeOccurrenceRequest( project_id, resource_filter, occurrence_filter, resource_urls) occurrences_by_resources = {} for occ in occurrences: if occ.resourceUrl not in occurrences_by_resources: occurrences_by_resources[occ.resourceUrl] = [] occurrences_by_resources[occ.resourceUrl].append(occ) return occurrences_by_resources
def FetchDeploymentsForImage(image, occurrence_filter=None): """Fetches the deployment occurrences attached to this image.""" project_id = RecoverProjectId(image) depl_filter = 'kind="DEPLOYABLE"' # and details.deployment.resource_uri=image occ_filter = '({arg_filter} AND {depl_filter})'.format( arg_filter=occurrence_filter, depl_filter=depl_filter, ) occurrences = list( containeranalysis_util.MakeOccurrenceRequest(project_id, occ_filter)) deployments = [] image_string = six.text_type(image) for occ in occurrences: if not occ.deployment: continue if image_string in occ.deployment.resourceUri: deployments.append(occ) return deployments