def get_image_manifest(userId, image_info, registry_creds): logger.debug("get_image_manifest input: " + str(userId) + " : " + str(image_info) + " : " + str(time.time())) user = pw = None repo = url = None registry_verify=True registry = image_info['registry'] try: user, pw, registry_verify = anchore_engine.auth.common.get_creds_by_registry(registry, registry_creds=registry_creds) except Exception as err: raise err if registry == 'docker.io': url = "https://index.docker.io" if not re.match(".*/.*", image_info['repo']): repo = "library/"+image_info['repo'] else: repo = image_info['repo'] else: url = "https://"+registry repo = image_info['repo'] if image_info['digest']: tag = None input_digest = image_info['digest'] fulltag = "{}/{}@{}".format(registry, repo, input_digest) else: input_digest = None tag = image_info['tag'] fulltag = "{}/{}:{}".format(registry, repo, tag) manifest = digest = None logger.debug("trying to get manifest/digest for image ("+str(fulltag)+")") err = None try: if tag: manifest, digest = get_image_manifest_skopeo(url, registry, repo, intag=tag, user=user, pw=pw, verify=registry_verify) elif input_digest: manifest, digest = get_image_manifest_skopeo(url, registry, repo, indigest=input_digest, user=user, pw=pw, verify=registry_verify) else: raise Exception("neither tag nor digest was given as input") except Exception as ex: logger.error("could not fetch manifest/digest: " + str(ex)) manifest = digest = None err = ex if manifest and digest: return(manifest, digest) logger.error("could not get manifest/digest for image ({}) from registry ({}) - error: {}".format(fulltag, url, err)) raise Exception("could not get manifest/digest for image ({}) from registry ({}) - error: {}".format(fulltag, url, err)) return({}, "")
def exec(tag, tmpdir): """ Run analyzer(s) against the local tagged image and write the result in a local fs :param tag: str tag name to analyze on local host (e.g. alpine:latest) :param tmpdir: valid and existing file path :return: """ global config click.echo('Getting tag manifest for: {}'.format(tag)) registry, rest = tag.split('/', 1) repo, tag = rest.split(':', 1) click.echo('Registry: {}, Repository: {}, Tag: {}'.format( registry, repo, tag)) manifest, digest, parentdigest = get_image_manifest_skopeo(None, registry, repo, intag=tag) img_record = { 'imageDigest': digest, 'parentDigest': parentdigest, 'dockerfile_mode': 'guessed', 'image_detail': [{ 'dockerfile': '', 'imageId': digest, 'imageDigest': digest, 'tag': tag, 'registry': registry, 'repo': repo }] } click.echo('Got digest: {}'.format(digest)) click.echo('Got parentdigest: {}'.format(parentdigest)) click.echo('Config: {}'.format(config)) click.echo('Running analyzers') image_report = localanchore_standalone.analyze_image( userId='cli_test', manifest=json.dumps(manifest), image_record=img_record, tmprootdir=tmpdir, localconfig=config, registry_creds=None, use_cache_dir=False) click.echo('complete!') with open(digest + '.report.json', 'w') as f: json.dump(image_report, f)