def fetch_credentials(digest2pods): creds = "" for _, pods in digest2pods.items(): if creds: break for pod in pods: if creds: break pull_secrets = pod["spec"].get("imagePullSecrets", "null") if pull_secrets != "null": for pull_secret in pull_secrets: token_name = pull_secret["name"] token = kubectl.get("secret", token_name) secret_base64 = token["data"].get(".dockerconfigjson", "") if not secret_base64: continue secret_dict = json.loads(base64.b64decode(secret_base64)) hostname = list(secret_dict["auths"].keys())[0] username = secret_dict["auths"][hostname]["username"] password = secret_dict["auths"][hostname]["password"] creds = "{}:{}".format(username, password) break return creds
def collect_data(image_regexp, pod_selectors, verbose=False): image2digest2pods = {} for pod in kubectl.get("pods")["items"]: for container in pod["status"]["containerStatuses"]: image_name = container["image"] if not matches_image(image_regexp, image_name, verbose): continue if not matches_pod(pod_selectors, pod["metadata"].get( "labels", {}), pod["metadata"]["name"], verbose): continue digest = re.sub("^.*@", "", container.get("imageID", "")) if image_name not in image2digest2pods: image2digest2pods[image_name] = {} if digest not in image2digest2pods[image_name]: image2digest2pods[image_name][digest] = [] image2digest2pods[image_name][digest].append(pod) if verbose: for image in image2digest2pods: print("selected: docker-image/{}".format(image)) return image2digest2pods
def _get_raw_status(self): return api.get(self.definition_type, self.name)['status']
def get_first_owner(resource): owners = resource["metadata"].get("ownerReferences", []) if not owners: return None return kubectl.get(owners[0]["kind"], owners[0]["name"])