def scan_registry(registry_url): """Scan the docker registry and import the layers into Neo4J.""" client = DockerRegistryClient(registry_url) try: repositories = client.repositories() except requests.HTTPError as e: if e.response.status_code == requests.codes.not_found: print("Catalog/Search not supported") else: raise else: print("Repositories:") for repository in repositories: repo = client.repository(repository) for tag in repo.tags(): print("%s/%s:%s" % (registry_url, repository, tag)) assert client.api_version in [1, 2] if client.api_version == 2: manifest, digest = repo.manifest(tag) layers = list(map(get_hash, manifest["fsLayers"])) else: image = repo.image(tag) image_json = image.get_json() layers = list(map(get_hash, image_json["fsLayers"])) layer_fingerprint = "".join(layers) with neo4j.session() as session: session.run( "MERGE ( i:Image {url: '%s', repo: '%s', tag: '%s'}) SET i.fingerprint='%s' " % (registry_url, repository, tag, layer_fingerprint))
def test_repositories(self, version, namespace): url = mock_registry(version) client = DockerRegistryClient(url) repositories = client.repositories(TEST_NAMESPACE) assert len(repositories) == 1 assert TEST_NAME in repositories repository = repositories[TEST_NAME] assert repository.name == "%s/%s" % (TEST_NAMESPACE, TEST_REPO)
def test_repositories(self, version, namespace): url = mock_registry(version) client = DockerRegistryClient(url) repositories = client.repositories(TEST_NAMESPACE) assert len(repositories) == 1 assert TEST_NAME in repositories repository = repositories[TEST_NAME] assert repository.name == "%s/%s" % (TEST_NAMESPACE, TEST_REPO)
def test_repository_tags(self, version): url = mock_registry(version) client = DockerRegistryClient(url) repositories = client.repositories(TEST_NAMESPACE) assert TEST_NAME in repositories repository = repositories[TEST_NAME] tags = repository.tags() assert len(tags) == 1 assert TEST_TAG in tags
def test_repository_tags(self, version): url = mock_registry(version) client = DockerRegistryClient(url) repositories = client.repositories(TEST_NAMESPACE) assert TEST_NAME in repositories repository = repositories[TEST_NAME] tags = repository.tags() assert len(tags) == 1 assert TEST_TAG in tags
from docker_registry_client import DockerRegistryClient import docker client = DockerRegistryClient("http://127.0.0.1:5000") print client.repositories() r = client.repository("busybox") tags = r.tags() print tags docker_client = docker.from_env() reg = docker_client.containers.get("registry") print reg docker_client.login(registry="http://127.0.0.1:5000", username="", password="") docker_client.images.pull("127.0.0.1:5000/busybox")
def test_repository_manifest(self): url = mock_v2_registry() client = DockerRegistryClient(url) repository = client.repositories()[TEST_NAME] manifest, digest = repository.manifest(TEST_TAG) repository.delete_manifest(digest)
def test_repository_manifest(self): url = mock_v2_registry() client = DockerRegistryClient(url) repository = client.repositories()[TEST_NAME] manifest, digest = repository.manifest(TEST_TAG) repository.delete_manifest(digest)
import yaml import os import io import tarfile from docker_registry_client import DockerRegistryClient target_directory = 'sample_lain_yaml' try: os.mkdir(target_directory) except FileExistsError: pass client = docker.from_env(version='auto') registry_host = 'registry.lain.ein.plus' registry = DockerRegistryClient(f'http://{registry_host}') repos = registry.repositories() print(repos) for repo in repos.values(): try: tags = repo.tags() except HTTPError: continue if not tags: continue try: latest_meta_tag = max(t for t in tags if t.startswith('meta-')) except ValueError: continue image_name = f'{registry_host}/{repo.name}:{latest_meta_tag}' client.images.pull(image_name) container = client.containers.create(image_name, command='whatever')
import os from laceworksdk import LaceworkClient from docker_registry_client import DockerRegistryClient lw = LaceworkClient(account=os.getenv('LW_ACCOUNT'), api_key=os.getenv('LW_API_KEY'), api_secret=os.getenv('LW_API_SECRET')) registry = os.getenv('REGISTRY') nexus = DockerRegistryClient(f"https://{registry}", verify_ssl=False, username=os.getenv('REGISTRY_USER'), password=os.getenv('REGISTRY_PASSWORD')) repos = nexus.repositories() for name, repo in repos.items(): tags = repo.tags() for tag in tags: scan_request = lw.vulnerabilities.initiate_container_scan( registry, name, tag) print( f"INITIATING SCAN FOR -> REGISTRY[{registry}] IMAGE[{name}] TAG[{tag}] -> RequestId [{scan_request['data']['RequestId']}]" )