Пример #1
0
  def Run(self, args):
    """Yields the differences of packages between two images."""
    # If not specified, both base project and diff project are the user project.

    base_image_ref = args.CONCEPTS.base_image.Parse()
    diff_image_ref = args.CONCEPTS.diff_image.Parse()

    # Use GA to construct the compute API holder since the containeranalysis
    # API always call compute v1 API to refer the compute resources.
    holder = base_classes.ComputeApiHolder(base.ReleaseTrack.GA)
    resource_filter_base = filter_utils.GetFilter(base_image_ref, holder)
    resource_filter_diff = filter_utils.GetFilter(diff_image_ref, holder)

    image_packages_base = containeranalysis_util.MakeOccurrenceRequest(
        project_id=base_image_ref.project, resource_filter=resource_filter_base,
        occurrence_filter=None, resource_urls=None)

    image_packages_diff = containeranalysis_util.MakeOccurrenceRequest(
        project_id=diff_image_ref.project, resource_filter=resource_filter_diff,
        occurrence_filter=None, resource_urls=None)

    package_versions_base = self._GetVersions(image_packages_base,
                                              args.base_image)
    package_versions_diff = self._GetVersions(image_packages_diff,
                                              args.diff_image)

    return self._GetDiff(args, package_versions_base, package_versions_diff)
Пример #2
0
def FetchOccurrencesForResource(digest, occurrence_filter=None):
    """Fetches the occurrences attached to this image."""
    project_id = RecoverProjectId(digest)
    resource_filter = 'resource_url="{resource_url}"'.format(
        resource_url=_FullyqualifiedDigest(digest))
    return containeranalysis_util.MakeOccurrenceRequest(
        project_id, resource_filter, occurrence_filter)
Пример #3
0
  def Run(self, args):
    """Yields filtered vulnerabilities."""
    project = properties.VALUES.core.project.Get()
    holder = base_classes.ComputeApiHolder(base.ReleaseTrack.GA)
    resource_filter = self._GetFilter(args, holder)

    return containeranalysis_util.MakeOccurrenceRequest(
        project_id=project, resource_filter=resource_filter,
        occurrence_filter=None, resource_urls=None)
Пример #4
0
  def Run(self, args):
    """Yields filtered packages."""
    project = properties.VALUES.core.project.Get()
    image_ref = args.CONCEPTS.image.Parse()

    # Use GA to construct the compute API holder since the containeranalysis
    # API always call compute v1 API to refer the compute resources.
    holder = base_classes.ComputeApiHolder(base.ReleaseTrack.GA)
    resource_filter = filter_utils.GetFilter(image_ref, holder)

    image_packages = containeranalysis_util.MakeOccurrenceRequest(
        project_id=project, resource_filter=resource_filter,
        occurrence_filter=None, resource_urls=None)

    return self._GetPackageVersions(image_packages, args.image)
Пример #5
0
def FetchOccurrences(repository, occurrence_filter=None, resource_urls=None):
    """Fetches the occurrences attached to the list of manifests."""
    project_id = RecoverProjectId(repository)

    # Retrieve all resource urls prefixed with the image path
    resource_filter = 'has_prefix(resource_url, "{repo}")'.format(
        repo=_UnqualifiedResourceUrl(repository))

    occurrences = containeranalysis_util.MakeOccurrenceRequest(
        project_id, resource_filter, occurrence_filter, resource_urls)
    occurrences_by_resources = {}
    for occ in occurrences:
        if occ.resourceUrl not in occurrences_by_resources:
            occurrences_by_resources[occ.resourceUrl] = []
        occurrences_by_resources[occ.resourceUrl].append(occ)
    return occurrences_by_resources
Пример #6
0
def FetchDeploymentsForImage(image, occurrence_filter=None):
    """Fetches the deployment occurrences attached to this image."""
    project_id = RecoverProjectId(image)
    depl_filter = 'kind="DEPLOYABLE"'  # and details.deployment.resource_uri=image
    occ_filter = '({arg_filter} AND {depl_filter})'.format(
        arg_filter=occurrence_filter,
        depl_filter=depl_filter,
    )
    occurrences = list(
        containeranalysis_util.MakeOccurrenceRequest(project_id, occ_filter))
    deployments = []
    image_string = six.text_type(image)
    for occ in occurrences:
        if not occ.deployment:
            continue
        if image_string in occ.deployment.resourceUri:
            deployments.append(occ)
    return deployments