Skip to content

Commit 48ca696

Browse files
Murat KumykovEric Lei
Murat Kumykov
authored and
Eric Lei
committed
Modified layer matching to based in sha256 rather that the layer folder
name.
1 parent a95a204 commit 48ca696

File tree

1 file changed

+37
-12
lines changed

1 file changed

+37
-12
lines changed

examples/scan_docker_image.py

Lines changed: 37 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -177,7 +177,7 @@ def process_container_image(self):
177177
self.manifest = self.docker.read_manifest()
178178
print(self.manifest)
179179
self.config = self.docker.read_config()
180-
print (self.config)
180+
print (json.dumps(self.config, indent=4))
181181

182182
self.layers = []
183183
num = 1
@@ -189,6 +189,7 @@ def process_container_image(self):
189189
while self.config['history'][num + offset -1].get('empty_layer', False):
190190
offset = offset + 1
191191
layer['command'] = self.config['history'][num + offset - 1]
192+
layer['shaid'] = self.config['rootfs']['diff_ids'][num - 1]
192193
self.layers.append(layer)
193194
num = num + 1
194195
print (json.dumps(self.layers, indent=4))
@@ -209,7 +210,7 @@ def generate_project_structures(self, base_layers=None):
209210
addon = []
210211

211212
for layer in self.layers:
212-
if layer['path'] in base_layers:
213+
if layer['shaid'] in base_layers:
213214
base.append(layer)
214215
else:
215216
addon.append(layer)
@@ -252,7 +253,7 @@ def submit_layer_scans(self):
252253
options = []
253254
options.append('--detect.project.name={}'.format(layer['name']))
254255
options.append('--detect.project.version.name="{}"'.format(self.image_version))
255-
options.append('--detect.blackduck.signature.scanner.disabled=false')
256+
# options.append('--detect.blackduck.signature.scanner.disabled=false')
256257
options.append('--detect.code.location.name={}_{}_code_{}'.format(layer['name'],self.image_version,layer['path']))
257258
options.append('--detect.source.path={}/{}'.format(self.docker.imagedir, layer['path'].split('/')[0]))
258259
self.hub_detect.detect_run(options)
@@ -262,15 +263,18 @@ def submit_single_layer_scan(self, layer_number):
262263
options = []
263264
options.append('--detect.project.name={}'.format(layer['name']))
264265
options.append('--detect.project.version.name="{}"'.format(self.image_version))
265-
options.append('--detect.blackduck.signature.scanner.disabled=false')
266+
# options.append('--detect.blackduck.signature.scanner.disabled=false')
266267
options.append('--detect.code.location.name={}_{}_code_{}'.format(layer['name'],self.image_version,layer['path']))
267268
options.append('--detect.source.path={}/{}'.format(self.docker.imagedir, layer['path'].split('/')[0]))
268269
self.hub_detect.detect_run(options)
269270

270271
def cleanup_project_structure(self):
271272
release = self.hub.get_or_create_project_version(self.image_name,self.image_version)
272-
base_release = self.hub.get_or_create_project_version(self.image_name,self.image_version + "__base_layers")
273-
addon_release = self.hub.get_or_create_project_version(self.image_name,self.image_version + "_addon_layers")
273+
base_release = self.hub.get_project_version_by_name(self.image_name,self.image_version + "__base_layers")
274+
addon_release = self.hub.get_project_version_by_name(self.image_name,self.image_version + "_addon_layers")
275+
276+
print("--------")
277+
print(base_release)
274278

275279
components = self.hub.get_version_components(release)
276280

@@ -281,10 +285,28 @@ def cleanup_project_structure(self):
281285
sub_version_name = item['componentVersionName']
282286
sub_release = self.hub.get_or_create_project_version(sub_name, sub_version_name)
283287
print(self.hub.remove_version_as_component(release, sub_release))
284-
print(self.hub.remove_version_as_component(base_release, sub_release))
285-
print(self.hub.remove_version_as_component(addon_release, sub_release))
286-
print(self.hub.delete_project_by_name(sub_name))
287-
print(self.hub.delete_project_by_name(self.image_name))
288+
if base_release:
289+
print(self.hub.remove_version_as_component(base_release, sub_release))
290+
if addon_release:
291+
print(self.hub.remove_version_as_component(addon_release, sub_release))
292+
293+
project = self.hub.get_project_by_name(sub_name)
294+
versions = self.hub.get_project_versions(project)
295+
if versions['totalCount'] == 1:
296+
print(self.hub.delete_project_by_name(sub_name))
297+
else:
298+
print(self.hub.delete_project_version_by_name(sub_name, sub_version_name))
299+
300+
if base_release:
301+
print(self.hub.delete_project_version_by_name(self.image_name,self.image_version + "__base_layers"))
302+
if addon_release:
303+
print(self.hub.delete_project_version_by_name(self.image_name,self.image_version + "_addon_layers"))
304+
project = self.hub.get_project_by_name(self.image_name)
305+
versions = self.hub.get_project_versions(project)
306+
if versions['totalCount'] == 1:
307+
print(self.hub.delete_project_by_name(self.image_name))
308+
else:
309+
print(self.hub.delete_project_version_by_name(self.image_name,self.image_version))
288310

289311
def get_base_layers(self):
290312
if (not self.dockerfile)and (not self.base_image):
@@ -316,7 +338,9 @@ def get_base_layers(self):
316338
self.docker.unravel_container()
317339
manifest = self.docker.read_manifest()
318340
print(manifest)
319-
base_layers.extend(manifest[0]['Layers'])
341+
config = self.docker.read_config()
342+
print(config)
343+
base_layers.extend(config['rootfs']['diff_ids'])
320344
return base_layers
321345

322346

@@ -337,7 +361,8 @@ def scan_container_image_with_dockerfile(imagespec, dockerfile, base_image, omit
337361
hub = HubInstance()
338362
scanner = ContainerImageScanner(hub, imagespec, dockerfile=dockerfile, base_image=base_image, omit_base_layers=omit_base_layers)
339363
base_layers = scanner.get_base_layers()
340-
print (base_layers)
364+
print (json.dumps(base_layers, indent=2))
365+
# sys.exit()
341366
scanner.prepare_container_image()
342367
scanner.process_container_image()
343368
scanner.generate_project_structures(base_layers)

0 commit comments

Comments
 (0)