def run_test(self):
"""
Common test path for all configs to test against
:return:
"""
print('Basic string operations using get/put/delete')
resp = archive.put(userId=self.test_user_id, bucket=self.test_bucket_id, archiveid='document_1',
data=self.document_1)
print(('Document 1 PUT: {}'.format(resp)))
resp = archive.get(userId=self.test_user_id, bucket=self.test_bucket_id, archiveid='document_1')
self.assertEqual(self.document_1, resp)
self.assertTrue(archive.exists(self.test_user_id, self.test_bucket_id, 'document_1'))
self.assertFalse(archive.exists(self.test_user_id, self.test_bucket_id, 'document_10'))
print('Document operations')
resp = archive.put_document(userId=self.test_user_id, bucket=self.test_bucket_id, archiveId='document_json',
data=self.document_json)
print(('Document JSON PUT Doc: {}'.format(resp)))
resp = archive.get_document(userId=self.test_user_id, bucket=self.test_bucket_id, archiveId='document_json')
print(('Document JSON GET Dock: {}'.format(resp)))
self.assertEqual(self.document_json, resp)
print('Document operations')
resp = archive.put_document(userId=self.test_user_id, bucket=self.test_bucket_id, archiveId='document_json',
data=self.document_1)
print(('Document string PUT Doc: {}'.format(resp)))
resp = archive.get_document(userId=self.test_user_id, bucket=self.test_bucket_id, archiveId='document_json')
print(('Document string GET Dock: {}'.format(resp)))
self.assertEqual(self.document_1, resp)
def list_policies(active=None):
"""
GET /policies?active=true|false
:return:
"""
# set up the filter based on input
try:
request_inputs = anchore_engine.apis.do_request_prep(connexion.request,
default_params={})
user_id = request_inputs['userId']
with db.session_scope() as dbsession:
if active is not None:
records = db_policybundle.get_byfilter(user_id,
session=dbsession,
active=active)
else:
records = db_policybundle.get_byfilter(user_id,
session=dbsession)
if records:
for record in records:
record['policybundle'] = {}
try:
policybundle = archive.get_document(
user_id, 'policy_bundles', record['policyId'])
if policybundle:
record['policybundle'] = policybundle
record['policybundlemeta'] = {}
meta = archive.get_document_meta(
user_id, 'policy_bundles', record['policyId'])
if meta:
record['policybundlemeta'] = meta
except Exception as err:
logger.warn(
"failed to fetch policy bundle from archive - exception: "
+ str(err))
raise anchore_engine.common.helpers.make_anchore_exception(
err,
input_message=
"failed to fetch policy bundle from archive",
input_httpcode=500)
else:
records = []
return records, 200
except Exception as err:
logger.exception('Uncaught exception')
return str(err), 500
def get_policy(policyId):
"""
GET /policies/{policyId}
:param policyId:
:return:
"""
try:
request_inputs = anchore_engine.apis.do_request_prep(connexion.request,
default_params={})
user_id = request_inputs['userId']
with db.session_scope() as dbsession:
record = db_policybundle.get(user_id,
policyId=policyId,
session=dbsession)
if record:
record['policybundle'] = {}
try:
policybundle = archive.get_document(user_id, 'policy_bundles',
record['policyId'])
if policybundle:
record['policybundle'] = policybundle
record['policybundlemeta'] = {}
meta = archive.get_document_meta(user_id, 'policy_bundles',
record['policyId'])
if meta:
record['policybundlemeta'] = meta
except Exception as err:
logger.warn(
"failed to fetch policy bundle from archive - exception: "
+ str(err))
raise anchore_engine.common.helpers.make_anchore_exception(
err,
input_message="failed to fetch policy bundle from archive",
input_httpcode=500)
return record, 200
else:
return anchore_engine.common.helpers.make_response_error(
'Policy bundle {} not found in DB'.format(policyId),
in_httpcode=404), 404
except Exception as err:
logger.exception('Uncaught exception')
return str(err), 500
def list_evals_impl(dbsession,
userId,
policyId=None,
imageDigest=None,
tag=None,
evalId=None,
newest_only=False,
interactive=False):
logger.debug("looking up eval record: " + userId)
# set up the filter based on input
dbfilter = {}
if policyId is not None:
dbfilter['policyId'] = policyId
if imageDigest is not None:
dbfilter['imageDigest'] = imageDigest
if tag is not None:
dbfilter['tag'] = tag
if evalId is not None:
dbfilter['evalId'] = evalId
# perform an interactive eval to get/install the latest
try:
logger.debug("performing eval refresh: " + str(dbfilter))
imageDigest = dbfilter['imageDigest']
if 'tag' in dbfilter:
evaltag = dbfilter['tag']
else:
evaltag = None
if 'policyId' in dbfilter:
policyId = dbfilter['policyId']
else:
policyId = None
latest_eval_record, latest_eval_result = catalog_impl.perform_policy_evaluation(
userId,
imageDigest,
dbsession,
evaltag=evaltag,
policyId=policyId,
interactive=interactive,
newest_only=newest_only)
except Exception as err:
logger.error(
"interactive eval failed, will return any in place evaluation records - exception: "
+ str(err))
records = []
if interactive or newest_only:
latest_eval_record['result'] = latest_eval_result
records = [latest_eval_record]
else:
records = db_policyeval.tsget_byfilter(userId,
session=dbsession,
**dbfilter)
for record in records:
try:
result = archive_sys.get_document(userId, 'policy_evaluations',
record['evalId'])
record['result'] = result
except:
record['result'] = {}
return records