def scan_image(): trivy_exists = None #if is_tool("trivy"): trivy_exists = True if not trivy_exists and os.path.exists("/usr/local/bin/trivy"): trivy_exists = True if not trivy_exists: msg = "ERROR: Could not retrieve trivy to scan the image" results = {"status": False} results["log"] = msg return results os.environ["TIMEOUT"] = "1800" repository_uri = os.environ["REPOSITORY_URI"] tag = os.environ["COMMIT_HASH"][0:6] fqn_image = "{}:{}".format(repository_uri, tag) cmds = ["trivy {}".format(fqn_image)] try: results = run_cmds(cmds) except: results = {"status": False} results["log"] = "TIMED OUT scanning {}".format(fqn_image) return results
def rebuild_deploy(dockerfile="Dockerfile"): repo_dir = os.environ["DOCKER_BUILD_DIR"] cmds = [] cmds.append("cd {} && docker-compose stop".format(repo_dir)) cmds.append("cd {} && docker-compose rm -fv".format(repo_dir)) cmds.append("cd {} && docker-compose build".format(repo_dir)) cmds.append("cd {} && docker-compose up -d".format(repo_dir)) os.environ["TIMEOUT"] = str(os.environ.get("DOCKER_BUILD_TIMEOUT", 300)) try: results = run_cmds(cmds) except: results = {"status": False} results["log"] = "TIMED OUT building container" return results
def build_container(dockerfile="Dockerfile"): repo_dir = os.environ["DOCKER_BUILD_DIR"] repository_uri = os.environ["REPOSITORY_URI"] tag = os.environ["COMMIT_HASH"][0:6] cmds = [] cmds.append("cd {}; docker build -t {}:{} . -f {}".format( repo_dir, repository_uri, tag, dockerfile)) cmds.append("cd {}; docker build -t {}:latest . -f {}".format( repo_dir, repository_uri, dockerfile)) os.environ["TIMEOUT"] = str(os.environ.get("DOCKER_BUILD_TIMEOUT", 1800)) try: results = run_cmds(cmds) except: results = {"status": False} results["log"] = "TIMED OUT building container" return results
def push_container(): repository_uri = os.environ["REPOSITORY_URI"] ecr_login = os.environ["ECR_LOGIN"] tag = os.environ["COMMIT_HASH"][0:6] print "Pushing image to repository {}, tag = {}".format( repository_uri, tag) cmds = [] cmds.append(ecr_login) cmd = "docker push {}:{}".format(repository_uri, tag) cmds.append(cmd) os.environ["TIMEOUT"] = "300" try: results = run_cmds(cmds) except: results = {"status": False} results["log"] = "TIMED OUT pushing container to registry" return results