Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
BioHPC
clair-singularity
Commits
7a5b138d
Commit
7a5b138d
authored
Aug 24, 2017
by
David Trudgian
Browse files
Tidying up a bit
parent
59fa5439
Changes
6
Hide whitespace changes
Inline
Side-by-side
clair_singularity/__init__.py
View file @
7a5b138d
VERSION
=
'0.1.0'
VERSION
=
'0.1.0'
clair_singularity/clair.py
View file @
7a5b138d
from
__future__
import
print_function
import
requests
import
json
import
sys
from
util
import
pretty_json
,
err_and_exit
def
check_clair
(
API_URI
,
quiet
):
"""Check Clair is accessible by call to namespaces end point"""
...
...
@@ -15,8 +16,7 @@ def check_clair(API_URI, quiet):
if
not
quiet
:
sys
.
stderr
.
write
(
"Found Clair server with %d namespaces
\n
"
%
namespace_count
)
except
Exception
as
e
:
sys
.
stderr
.
write
(
"Error - couldn't access Clair v1 API at %s
\n
%s
\n
"
%
(
API_URI
,
e
.
message
))
sys
.
exit
(
1
)
err_and_exit
(
"Error - couldn't access Clair v1 API at %s
\n
%s
\n
"
%
(
API_URI
,
e
.
message
),
1
)
return
True
...
...
@@ -35,13 +35,10 @@ def post_layer(API_URI, image_name, image_uri, quiet):
if
not
quiet
:
sys
.
stderr
.
write
(
"Image registered as layer with Clair
\n
"
)
else
:
pretty_response
=
json
.
dumps
(
r
.
json
(),
separators
=
(
','
,
':'
),
sort_keys
=
True
,
indent
=
2
)
sys
.
stderr
.
write
(
"Failed registering image with Clair
\n
%s
\n
"
%
pretty_response
)
sys
.
exit
(
1
)
err_and_exit
(
"Failed registering image with Clair
\n
%s
\n
"
%
pretty_json
(
r
),
1
)
except
Exception
as
e
:
sys
.
stderr
.
write
(
"Error - couldn't send image to Clair - %s
\n
"
%
(
e
))
sys
.
exit
(
1
)
err_and_exit
(
"Error - couldn't send image to Clair - %s
\n
"
%
(
e
),
1
)
def
get_report
(
API_URI
,
image_name
):
...
...
@@ -53,13 +50,10 @@ def get_report(API_URI, image_name):
if
r
.
status_code
==
requests
.
codes
.
ok
:
return
r
.
json
()
else
:
pretty_response
=
json
.
dumps
(
r
.
json
(),
separators
=
(
','
,
':'
),
sort_keys
=
True
,
indent
=
2
)
sys
.
stderr
.
write
(
"Failed retrieving report from Clair
\n
%s
\n
"
%
pretty_response
)
sys
.
exit
(
1
)
err_and_exit
(
"Failed retrieving report from Clair
\n
%s
\n
"
%
pretty_json
(
r
),
1
)
except
Exception
as
e
:
sys
.
stderr
.
write
(
"Error - couldn't retrieve report from Clair - %s
\n
"
%
(
e
))
sys
.
exit
(
1
)
err_and_exit
(
"Error - couldn't retrieve report from Clair - %s
\n
"
%
(
e
),
1
)
def
format_report_text
(
report
):
...
...
clair_singularity/cli.py
View file @
7a5b138d
...
...
@@ -9,6 +9,7 @@ from .clair import check_clair, post_layer, get_report, format_report_text
from
.util
import
sha256
from
.image
import
check_image
,
image_to_tgz
,
http_server
@
click
.
command
()
@
click
.
option
(
'--clair-uri'
,
default
=
"http://localhost:6060"
,
help
=
'Base URI for your Clair server'
)
...
...
clair_singularity/image.py
View file @
7a5b138d
...
...
@@ -3,16 +3,16 @@ import sys
import
tempfile
from
os
import
path
,
chdir
import
click
from
six.moves
import
SimpleHTTPServer
,
socketserver
from
.util
import
err_and_exit
def
check_image
(
image
):
"""Check if specified image file exists"""
if
not
path
.
isfile
(
image
):
click
.
secho
(
'Error: Singularity image "%s" not found.'
%
image
,
fg
=
'red'
,
err
=
True
)
sys
.
exit
(
66
)
# E_NOINPUT
err_and_exit
(
'Error: Singularity image "%s" not found.'
%
image
,
66
)
# E_NOINPUT
return
True
...
...
@@ -31,8 +31,7 @@ def image_to_tgz(image, quiet):
try
:
subprocess
.
check_call
(
cmd
)
except
(
subprocess
.
CalledProcessError
,
OSError
)
as
e
:
sys
.
stderr
.
write
(
"Error calling Singularity export to create .tar file
\n
%s"
%
e
.
message
)
sys
.
exit
(
1
)
err_and_exit
(
"Error calling Singularity export to create .tar file
\n
%s"
%
e
.
message
,
1
)
cmd
=
[
'gzip'
,
tar_file
]
...
...
@@ -42,8 +41,7 @@ def image_to_tgz(image, quiet):
try
:
subprocess
.
check_call
(
cmd
)
except
subprocess
.
CalledProcessError
as
e
:
sys
.
stderr
.
write
(
"Error calling gzip export to compress .tar file
\n
%s"
%
e
.
message
)
sys
.
exit
(
1
)
err_and_exit
(
"Error calling gzip export to compress .tar file
\n
%s"
%
e
.
message
,
1
)
return
(
temp_dir
,
tar_gz_file
)
...
...
clair_singularity/util.py
View file @
7a5b138d
import
hashlib
import
json
import
sys
def
sha256
(
fname
):
"""Compute sha256 hash for file fname"""
hash_sha256
=
hashlib
.
sha256
()
with
open
(
fname
,
"rb"
)
as
f
:
for
chunk
in
iter
(
lambda
:
f
.
read
(
65536
),
b
""
):
hash_sha256
.
update
(
chunk
)
return
hash_sha256
.
hexdigest
()
def
pretty_json
(
obj
):
"""Format an object into json nicely"""
return
json
.
dumps
(
obj
.
json
(),
separators
=
(
','
,
':'
),
sort_keys
=
True
,
indent
=
2
)
def
err_and_exit
(
message
,
code
=
1
):
"""Write error to STDERR and exit with supplied code"""
sys
.
stderr
.
write
(
message
)
sys
.
exit
(
code
)
tests/test_cli.py
View file @
7a5b138d
...
...
@@ -6,6 +6,7 @@ from clair_singularity.cli import cli
from
.test_image
import
testimage
@
pytest
.
fixture
def
runner
():
return
CliRunner
()
...
...
@@ -15,8 +16,11 @@ def test_help(runner):
result
=
runner
.
invoke
(
cli
,
[
'--help'
])
assert
'Usage:'
in
result
.
output
def
test_full_json
(
runner
,
testimage
):
result
=
runner
.
invoke
(
cli
,
[
'--quiet'
,
'--json-output'
,
'--bind-ip'
,
'127.0.0.1'
,
'--bind-port'
,
'8081'
,
'--clair-uri'
,
'http://127.0.0.1:6060'
,
testimage
])
result
=
runner
.
invoke
(
cli
,
[
'--quiet'
,
'--json-output'
,
'--bind-ip'
,
'127.0.0.1'
,
'--bind-port'
,
'8081'
,
'--clair-uri'
,
'http://127.0.0.1:6060'
,
testimage
])
output
=
json
.
loads
(
result
.
output
)
# Using the shub://396 image and the 2017-08-21 clair db...
...
...
@@ -32,7 +36,8 @@ def test_full_json(runner, testimage):
def
test_full_text
(
runner
,
testimage
):
result
=
runner
.
invoke
(
cli
,
[
'--quiet'
,
'--bind-ip'
,
'127.0.0.1'
,
'--bind-port'
,
'8082'
,
'--clair-uri'
,
'http://127.0.0.1:6060'
,
testimage
])
result
=
runner
.
invoke
(
cli
,
[
'--quiet'
,
'--bind-ip'
,
'127.0.0.1'
,
'--bind-port'
,
'8082'
,
'--clair-uri'
,
'http://127.0.0.1:6060'
,
testimage
])
# Check we do have some CVEs we expect reported here
assert
'bash - 4.3-14ubuntu1.1'
in
result
.
output
assert
'CVE-2016-9401'
in
result
.
output
\ No newline at end of file
assert
'CVE-2016-9401'
in
result
.
output
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment