def __init__(self, tasker, workflow, parent_registry=None, parent_registry_insecure=False, check_platforms=False): """ constructor :param tasker: DockerTasker instance :param workflow: DockerBuildWorkflow instance :param parent_registry: registry to enforce pulling from :param parent_registry_insecure: allow connecting to the registry over plain http :param check_platforms: validate parent images provide all platforms expected for the build """ # call parent constructor super(PullBaseImagePlugin, self).__init__(tasker, workflow) self.check_platforms = check_platforms source_registry = get_source_registry( self.workflow, { 'uri': RegistryURI(parent_registry) if parent_registry else None, 'insecure': parent_registry_insecure }) if source_registry.get('uri'): self.parent_registry = source_registry['uri'].docker_uri self.parent_registry_insecure = source_registry['insecure'] else: self.parent_registry = None self.parent_registry_insecure = False
def __init__(self, tasker, workflow, koji_hub=None, koji_ssl_certs_dir=None, poll_interval=DEFAULT_POLL_INTERVAL, poll_timeout=DEFAULT_POLL_TIMEOUT): """ :param tasker: ContainerTasker instance :param workflow: DockerBuildWorkflow instance :param koji_hub: str, koji hub (xmlrpc) :param koji_ssl_certs_dir: str, path to "cert", "ca", and "serverca" used when Koji's identity certificate is not trusted :param poll_interval: int, seconds between polling for Koji build :param poll_timeout: int, max amount of seconds to wait for Koji build """ super(KojiParentPlugin, self).__init__(tasker, workflow) self.koji_fallback = { 'hub_url': koji_hub, 'auth': {'ssl_certs_dir': koji_ssl_certs_dir} } self.koji_session = get_koji_session(self.workflow, self.koji_fallback) self.poll_interval = poll_interval self.poll_timeout = poll_timeout self._base_image_nvr = None self._base_image_build = None self._parent_builds = {} self._poll_start = None self._source_registry = get_source_registry(workflow, {}) self._deep_manifest_list_inspection = get_deep_manifest_list_inspection(self.workflow, fallback=True)
def adjust_new_parent_image(self): new_parent_image = ImageName.parse(self._new_parent_image) organization = get_registries_organization(self.workflow) source_registry_docker_uri = get_source_registry( self.workflow)['uri'].docker_uri if new_parent_image.registry != source_registry_docker_uri: new_parent_image.registry = source_registry_docker_uri if organization: new_parent_image.enclose(organization) self._new_parent_image = new_parent_image.to_str()
def resolve_docker_image_repo(self, docker_image_repo_fallback): # The plugin parameter docker_image_repo is actually a combination # of source_registry_uri and name label. Thus, the fallback case must # be handled in a non-generic way. try: source_registry = get_source_registry(self.workflow) except KeyError: return docker_image_repo_fallback registry = source_registry['uri'].docker_uri labels = Labels(df_parser(self.workflow.builder.df_path).labels) _, name = labels.get_name_and_value(Labels.LABEL_TYPE_NAME) return '/'.join([registry, name])
def __init__(self, tasker, workflow, parent_registry=None, parent_registry_insecure=False, check_platforms=False, inspect_only=False, parent_images_digests=None): """ constructor :param tasker: ContainerTasker instance :param workflow: DockerBuildWorkflow instance :param parent_registry: registry to enforce pulling from :param parent_registry_insecure: allow connecting to the registry over plain http :param check_platforms: validate parent images provide all platforms expected for the build :param inspect_only: bool, if set to True, base images will not be pulled :param parent_images_digests: dict, parent images manifest digests """ # call parent constructor super(PullBaseImagePlugin, self).__init__(tasker, workflow) self.check_platforms = check_platforms self.inspect_only = inspect_only source_registry = get_source_registry( self.workflow, { 'uri': RegistryURI(parent_registry) if parent_registry else None, 'insecure': parent_registry_insecure }) if source_registry.get('uri'): self.parent_registry = source_registry['uri'].docker_uri self.parent_registry_insecure = source_registry['insecure'] self.parent_registry_dockercfg_path = source_registry.get( 'dockercfg_path', None) else: self.parent_registry = None self.parent_registry_insecure = False self.parent_registry_dockercfg_path = None if parent_images_digests: metadata = self.workflow.builder.parent_images_digests metadata.update(parent_images_digests) self.manifest_list_cache = {}
def run(self): """ run the plugin """ if not is_flatpak_build(self.workflow): self.log.info('not flatpak build, skipping plugin') return self._load_source_spec() source_spec = get_flatpak_source_spec(self.workflow) module_info = ModuleSpec.from_str(source_spec) # Load additional information from the flatpak section flatpak_yaml = self.workflow.source.config.flatpak base_image = flatpak_yaml.get('base_image', self.default_base_image) name = flatpak_yaml.get('name', module_info.name) component = flatpak_yaml.get('component', module_info.name) # Create the dockerfile df_path = os.path.join(self.workflow.builder.df_dir, DOCKERFILE_FILENAME) with open(df_path, 'w') as fp: fp.write( DOCKERFILE_TEMPLATE.format( name=name, component=component, cleanupscript=FLATPAK_CLEANUPSCRIPT_FILENAME, includepkgs=FLATPAK_INCLUDEPKGS_FILENAME, stream=module_info.stream.replace('-', '_'), base_image=base_image, relative_repos_path=RELATIVE_REPOS_PATH, rpm_qf_args=rpm_qf_args(), yum_repos_dir=YUM_REPOS_DIR)) self.workflow.builder.set_df_path(df_path) # set source registry and organization source_registry_docker_uri = get_source_registry( self.workflow)['uri'].docker_uri organization = get_registries_organization(self.workflow) self.workflow.builder.dockerfile_images.set_source_registry( source_registry_docker_uri, organization)
def __init__(self, tasker, workflow, imagestream, docker_image_repo=None, url=None, build_json_dir=None, verify_ssl=True, use_auth=True, insecure_registry=None): """ constructor :param tasker: DockerTasker instance :param workflow: DockerBuildWorkflow instance :param imagestream: str, name of ImageStream :param docker_image_repo: str, image repository to import tags from :param url: str, URL to OSv3 instance :param build_json_dir: str, path to directory with input json :param verify_ssl: bool, verify SSL certificate? :param use_auth: bool, initiate authentication with openshift? :param insecure_registry: bool, whether the Docker registry uses plain HTTP """ # call parent constructor super(ImportImagePlugin, self).__init__(tasker, workflow) self.imagestream_name = imagestream self.openshift_fallback = { 'url': url, 'insecure': not verify_ssl, 'auth': { 'enable': use_auth }, 'build_json_dir': build_json_dir } self.insecure_registry = get_source_registry( self.workflow, {'insecure': insecure_registry})['insecure'] self.osbs = None self.imagestream = None self.primary_images = None self.docker_image_repo = None self.docker_image_repo_fallback = docker_image_repo
def resolve_docker_image_repo(self): # The plugin parameter docker_image_repo is actually a combination # of source_registry_uri and name label. Thus, the fallback case must # be handled in a non-generic way. try: source_registry = get_source_registry(self.workflow) except KeyError: image = ImageName.parse(self.docker_image_repo_fallback) else: registry = source_registry['uri'].docker_uri image = self.floating_images[0] image.registry = registry organization = get_registries_organization(self.workflow) if organization: image.enclose(organization) self.docker_image_repo = image.to_str(registry=True, tag=False)
def resolve_docker_image_repo(self): # The plugin parameter docker_image_repo is actually a combination # of source_registry_uri and name label. Thus, the fallback case must # be handled in a non-generic way. try: source_registry = get_source_registry(self.workflow) except KeyError: image = ImageName.parse(self.docker_image_repo_fallback) else: registry = source_registry['uri'].docker_uri image = self.floating_images[0] image.registry = registry organization = get_registries_organization(self.workflow) if organization: image.enclose(organization) self.docker_image_repo = image.to_str(registry=True, tag=False)
def __init__(self, tasker, workflow, check_platforms=False, inspect_only=False, parent_images_digests=None): """ constructor :param tasker: ContainerTasker instance :param workflow: DockerBuildWorkflow instance :param check_platforms: validate parent images provide all platforms expected for the build :param inspect_only: bool, if set to True, base images will not be pulled :param parent_images_digests: dict, parent images manifest digests """ # call parent constructor super(PullBaseImagePlugin, self).__init__(tasker, workflow) self.check_platforms = check_platforms self.inspect_only = inspect_only pull_registries = get_pull_registries(workflow, []) self.source_registry_docker_uri = get_source_registry( self.workflow)['uri'].docker_uri self.allowed_registries = [ reg['uri'].docker_uri for reg in pull_registries ] self.allowed_registries.append(self.source_registry_docker_uri) if parent_images_digests: metadata = self.workflow.builder.parent_images_digests metadata.update(parent_images_digests) self.manifest_list_cache = {} # RegistryClient instances cached by registry name self.registry_clients = {}
def __init__(self, tasker, workflow, imagestream, docker_image_repo=None, url=None, build_json_dir=None, verify_ssl=True, use_auth=True, insecure_registry=None): """ constructor :param tasker: DockerTasker instance :param workflow: DockerBuildWorkflow instance :param imagestream: str, name of ImageStream :param docker_image_repo: str, image repository to import tags from :param url: str, URL to OSv3 instance :param build_json_dir: str, path to directory with input json :param verify_ssl: bool, verify SSL certificate? :param use_auth: bool, initiate authentication with openshift? :param insecure_registry: bool, whether the Docker registry uses plain HTTP """ # call parent constructor super(ImportImagePlugin, self).__init__(tasker, workflow) self.imagestream_name = imagestream self.openshift_fallback = { 'url': url, 'insecure': not verify_ssl, 'auth': {'enable': use_auth}, 'build_json_dir': build_json_dir } self.insecure_registry = get_source_registry( self.workflow, {'insecure': insecure_registry})['insecure'] self.osbs = None self.imagestream = None self.floating_images = None self.docker_image_repo = None self.docker_image_repo_fallback = docker_image_repo
def adjust_config_kwargs(self): koji_fallback = { 'hub_url': self.config_kwargs.get('koji_hub'), 'root_url': self.config_kwargs.get('koji_root') } koji_map = get_koji(self.workflow, koji_fallback) self.config_kwargs['koji_hub'] = koji_map['hub_url'] self.config_kwargs['koji_root'] = koji_map['root_url'] odcs_fallback = { 'api_url': self.config_kwargs.get('odcs_url'), 'insecure': self.config_kwargs.get('odcs_insecure') } odcs_map = get_odcs(self.workflow, odcs_fallback) self.config_kwargs['odcs_url'] = odcs_map['api_url'] self.config_kwargs['odcs_insecure'] = odcs_map.get('insecure', False) smtp_fallback = { 'host': self.config_kwargs.get('smtp_host'), 'from_address': self.config_kwargs.get('smtp_from'), 'domain': self.config_kwargs.get('smtp_email_domain'), 'send_to_submitter': self.config_kwargs.get('smtp_to_submitter'), 'send_to_pkg_owner': self.config_kwargs.get('smtp_to_pkgowner') } additional_addresses = self.config_kwargs.get('smtp_error_addresses') error_addresses = self.config_kwargs.get('smtp_additional_addresses') smtp_fallback['additional_addresses'] =\ additional_addresses.split(',') if additional_addresses else () smtp_fallback['error_addresses'] = error_addresses.split( ',') if error_addresses else () smtp_map = get_smtp(self.workflow, smtp_fallback) self.config_kwargs['smtp_additional_addresses'] =\ ','.join(smtp_map.get('additional_addresses', ())) self.config_kwargs['smtp_email_domain'] = smtp_map.get('domain') self.config_kwargs['smtp_error_addresses'] = ','.join( smtp_map.get('error_addresses', ())) self.config_kwargs['smtp_from'] = smtp_map['from_address'] self.config_kwargs['smtp_host'] = smtp_map['host'] self.config_kwargs['smtp_to_pkgowner'] = smtp_map.get( 'send_to_pkg_owner', False) self.config_kwargs['smtp_to_submitter'] = smtp_map.get( 'send_to_submitter', False) source_reg = self.config_kwargs.get('source_registry_uri') souce_registry = get_source_registry( self.workflow, {'uri': RegistryURI(source_reg) if source_reg else None})['uri'] self.config_kwargs[ 'source_registry_uri'] = souce_registry.uri if souce_registry else None artifacts = self.config_kwargs.get('artifacts_allowed_domains') self.config_kwargs['artifacts_allowed_domains'] =\ ','.join(get_artifacts_allowed_domains( self.workflow, artifacts.split(',') if artifacts else ())) equal_labels_fallback = [] equal_labels_str = self.config_kwargs.get('equal_labels') if equal_labels_str: label_groups = [x.strip() for x in equal_labels_str.split(',')] for label_group in label_groups: equal_labels_fallback.append( [label.strip() for label in label_group.split(':')]) equal_labels = get_image_equal_labels(self.workflow, equal_labels_fallback) if equal_labels: equal_labels_sets = [] for equal_set in equal_labels: equal_labels_sets.append(':'.join(equal_set)) equal_labels_string = ','.join(equal_labels_sets) self.config_kwargs['equal_labels'] = equal_labels_string self.config_kwargs['prefer_schema1_digest'] =\ get_prefer_schema1_digest(self.workflow, self.config_kwargs.get('prefer_schema1_digest')) registry_api_ver = self.config_kwargs.get('registry_api_versions') self.config_kwargs['registry_api_versions'] =\ ','.join(get_content_versions(self.workflow, registry_api_ver.split(',') if registry_api_ver else ())) self.config_kwargs['yum_proxy'] =\ get_yum_proxy(self.workflow, self.config_kwargs.get('yum_proxy')) self.config_kwargs['sources_command'] =\ get_sources_command(self.workflow, self.config_kwargs.get('sources_command'))
def adjust_config_kwargs(self): koji_fallback = { 'hub_url': self.config_kwargs.get('koji_hub'), 'root_url': self.config_kwargs.get('koji_root') } koji_map = get_koji(self.workflow, koji_fallback) self.config_kwargs['koji_hub'] = koji_map['hub_url'] self.config_kwargs['koji_root'] = koji_map['root_url'] odcs_fallback = { 'api_url': self.config_kwargs.get('odcs_url'), 'insecure': self.config_kwargs.get('odcs_insecure') } odcs_map = get_odcs(self.workflow, odcs_fallback) self.config_kwargs['odcs_url'] = odcs_map['api_url'] self.config_kwargs['odcs_insecure'] = odcs_map.get('insecure', False) pulp_fallback = {'name': self.config_kwargs.get('pulp_registry_name')} pulp_map = get_pulp(self.workflow, pulp_fallback) self.config_kwargs['pulp_registry_name'] = pulp_map['name'] smtp_fallback = { 'host': self.config_kwargs.get('smtp_host'), 'from_address': self.config_kwargs.get('smtp_from'), 'domain': self.config_kwargs.get('smtp_email_domain'), 'send_to_submitter': self.config_kwargs.get('smtp_to_submitter'), 'send_to_pkg_owner': self.config_kwargs.get('smtp_to_pkgowner') } additional_addresses = self.config_kwargs.get('smtp_error_addresses') error_addresses = self.config_kwargs.get('smtp_additional_addresses') smtp_fallback['additional_addresses'] =\ additional_addresses.split(',') if additional_addresses else () smtp_fallback['error_addresses'] = error_addresses.split(',') if error_addresses else () smtp_map = get_smtp(self.workflow, smtp_fallback) self.config_kwargs['smtp_additional_addresses'] =\ ','.join(smtp_map.get('additional_addresses', ())) self.config_kwargs['smtp_email_domain'] = smtp_map.get('domain') self.config_kwargs['smtp_error_addresses'] = ','.join(smtp_map.get('error_addresses', ())) self.config_kwargs['smtp_from'] = smtp_map['from_address'] self.config_kwargs['smtp_host'] = smtp_map['host'] self.config_kwargs['smtp_to_pkgowner'] = smtp_map.get('send_to_pkg_owner', False) self.config_kwargs['smtp_to_submitter'] = smtp_map.get('send_to_submitter', False) source_reg = self.config_kwargs.get('source_registry_uri') souce_registry = get_source_registry(self.workflow, { 'uri': RegistryURI(source_reg) if source_reg else None})['uri'] self.config_kwargs['source_registry_uri'] = souce_registry.uri if souce_registry else None artifacts = self.config_kwargs.get('artifacts_allowed_domains') self.config_kwargs['artifacts_allowed_domains'] =\ ','.join(get_artifacts_allowed_domains( self.workflow, artifacts.split(',') if artifacts else ())) equal_labels_fallback = [] equal_labels_str = self.config_kwargs.get('equal_labels') if equal_labels_str: label_groups = [x.strip() for x in equal_labels_str.split(',')] for label_group in label_groups: equal_labels_fallback.append([label.strip() for label in label_group.split(':')]) equal_labels = get_image_equal_labels(self.workflow, equal_labels_fallback) if equal_labels: equal_labels_sets = [] for equal_set in equal_labels: equal_labels_sets.append(':'.join(equal_set)) equal_labels_string = ','.join(equal_labels_sets) self.config_kwargs['equal_labels'] = equal_labels_string self.config_kwargs['prefer_schema1_digest'] =\ get_prefer_schema1_digest(self.workflow, self.config_kwargs.get('prefer_schema1_digest')) registry_api_ver = self.config_kwargs.get('registry_api_versions') self.config_kwargs['registry_api_versions'] =\ ','.join(get_content_versions(self.workflow, registry_api_ver.split(',') if registry_api_ver else ())) self.config_kwargs['yum_proxy'] =\ get_yum_proxy(self.workflow, self.config_kwargs.get('yum_proxy')) self.config_kwargs['sources_command'] =\ get_sources_command(self.workflow, self.config_kwargs.get('sources_command'))