def do_main(args): '''Execute according to subcommands''' # set bind mount location if working in a container rootfs.set_mount_dir(args.bind_mount) # create working directory create_top_dir() if args.log_stream: # set up console logs global logger global console logger.addHandler(console) logger.debug('Starting...') if args.clear_cache: logger.debug('Clearing cache...') cache.clear() if hasattr(args, 'name') and args.name == 'report': if args.dockerfile: run.execute_dockerfile(args) if args.docker_image: if general.check_tar(args.docker_image): logger.error("%s", errors.incorrect_raw_option) else: run.execute_docker_image(args) logger.debug('Report completed.') if args.raw_image: if not general.check_tar(args.raw_image): logger.error( "%s", errors.invalid_raw_image.format(image=args.raw_image)) else: run.execute_docker_image(args) logger.debug('Report completed.') logger.debug('Finished')
def do_main(args): """Execute according to subcommands""" # Set up environment if not args.quiet: # set up console logs global logger global console logger.addHandler(console) logger.debug("Starting...") prep.setup(args.working_dir) if args.clear_cache: logger.debug('Clearing cache...') cache.clear() if hasattr(args, 'name'): if args.name == 'lock': run.execute_dockerfile(args) elif args.name == 'report': if args.dockerfile: run.execute_dockerfile(args) elif args.docker_image: # Check if the image string is a tarball if general.check_tar(args.docker_image): logger.critical(errors.incorrect_raw_option) sys.exit(1) # Check if the image string has the right format if not check_image_string(args.docker_image): logger.critical(errors.incorrect_image_string_format) sys.exit(1) # If the checks are OK, execute for docker image run.execute_docker_image(args) # Tear down the environment prep.teardown(args.keep_wd) logger.debug('Finished')
def __init__(self, repotag=None): '''Initialize using repotag''' super().__init__(repotag) self.__repotags = [] self.__history = None if self.repotag is None: raise NameError("Image object initialized with no repotag") # parse the repotag repo_dict = general.parse_image_string(self._repotag) self._name = repo_dict.get('name') self._tag = repo_dict.get('tag') self.set_checksum( repo_dict.get('digest_type'), repo_dict.get('digest')) if not self.checksum and general.check_tar(repotag) is False: # if there is no checksum, get the digest type docker_image = container.check_image(self._repotag) # this object could be representing an image built from # a Dockerfile, so it may not have a digest # so check for that condition if docker_image.attrs['RepoDigests']: image_name_digest = container.get_image_digest(docker_image) repo_dict = general.parse_image_string(image_name_digest) self.set_checksum( repo_dict.get('digest_type'), repo_dict.get('digest'))
def do_main(args): '''Execute according to subcommands''' # set bind mount location if working in a container rootfs.set_mount_dir(args.bind_mount, args.working_dir) # create working directory create_top_dir(args.working_dir) if not args.quiet: # set up console logs global logger global console logger.addHandler(console) logger.debug('Starting...') if args.clear_cache: logger.debug('Clearing cache...') cache.clear() if hasattr(args, 'name') and (args.name == 'report' or args.name == 'lock'): if args.name == 'lock': run.execute_dockerfile(args) elif args.dockerfile: run.execute_dockerfile(args) elif args.docker_image: # Check if the image is of image:tag # or image@digest_type:digest format if not check_image_string(args.docker_image): sys.stderr.write('Error running Tern\n' 'Please provide docker image ' 'string in image:tag or ' 'image@digest_type:digest format\n') sys.exit(1) if general.check_tar(args.docker_image): logger.error("%s", errors.incorrect_raw_option) else: run.execute_docker_image(args) logger.debug('Report completed.') if args.name == 'report': if args.raw_image: if not general.check_tar(args.raw_image): logger.error( "%s", errors.invalid_raw_image.format(image=args.raw_image)) else: run.execute_docker_image(args) logger.debug('Report completed.') logger.debug('Finished')
def check_image_input(options): """If the option is a raw image tarball then check if it is a tar file. If the option is a image string, check if it is in the right format""" # Check if the option is a tarball if options.raw_image: if not general.check_tar(options.raw_image): logger.critical(errors.incorrect_raw_option) sys.exit(1) # Check if the image string has the right format if options.docker_image: if not check_image_string(options.docker_image): logger.critical(errors.incorrect_image_string_format) sys.exit(1)
def setup(dockerfile=None, image_tag_string=None): '''Any initial setup''' # generate random names for image, container, and tag general.initialize_names() # load the cache cache.load() # load dockerfile if present if dockerfile: dhelper.load_docker_commands(dockerfile) # check if the docker image is present if image_tag_string and general.check_tar(image_tag_string) is False: if container.check_image(image_tag_string) is None: # if no docker image is present, try to pull it if container.pull_image(image_tag_string) is None: logger.fatal("%s", errors.cannot_find_image.format( imagetag=image_tag_string)) sys.exit()
def __init__(self, repotag=None, repo_digest=None): '''Initialize using repotag''' super().__init__(repotag) self.__repotags = [] self.__history = None if self.repotag is None: raise NameError("Image object initialized with no repotag") # parse the repotag repo_dict = general.parse_image_string(self._repotag) self._name = repo_dict.get('name') self._tag = repo_dict.get('tag') self.set_checksum(repo_dict.get('digest_type'), repo_dict.get('digest')) if not self.checksum and general.check_tar(repotag) is False: # see if we can set it via the repo_digest string if repo_digest and ':' in repo_digest: repo_digest_list = repo_digest.split(':') self.set_checksum(repo_digest_list[0], repo_digest_list[1])
def extract_image_metadata(image_tag_string): '''Run docker save and extract the files in a temporary directory''' temp_path = rootfs.get_working_dir() placeholder = os.path.join(general.get_top_dir(), temp_tarfile) try: if general.check_tar(image_tag_string) is True: # image_tag_string is the path to the tar file for raw images rootfs.extract_tarfile(image_tag_string, temp_path) else: image = client.images.get(image_tag_string) result = image.save(chunk_size=2097152, named=True) # write all of the tar byte stream into temporary tar file with open(placeholder, 'wb') as f: for chunk in result: f.write(chunk) # extract tarfile into folder rootfs.extract_tarfile(placeholder, temp_path) # remove temporary tar file os.remove(placeholder) if not os.listdir(temp_path): raise IOError('Unable to untar Docker image') except docker.errors.APIError: # pylint: disable=try-except-raise raise