Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def delete(input_image, force):
"""
INPUT_IMAGE: Input image can be in the following formats: Image Digest, ImageID or registry/repo:tag
"""
ecode = 0
try:
itype, image, imageDigest = anchorecli.cli.utils.discover_inputimage(config, input_image)
if imageDigest:
ret = anchorecli.clients.apiexternal.delete_image(config, imageDigest=imageDigest, force=force)
ecode = anchorecli.cli.utils.get_ecode(ret)
else:
ecode = 1
raise Exception("cannot use input image string: no discovered imageDigest")
if ret:
if ret['success']:
print(anchorecli.cli.utils.format_output(config, 'image_delete', {}, ret['payload']))
else:
raise Exception(json.dumps(ret['error'], indent=4))
else:
raise Exception("operation failed with empty response")
def check(input_image, show_history, detail, tag, policy):
"""
INPUT_IMAGE: Input image can be in the following formats: Image Digest, ImageID or registry/repo:tag
"""
ecode = 0
try:
itype, image, imageDigest = anchorecli.cli.utils.discover_inputimage(config, input_image)
if imageDigest:
thetag = input_image
if tag:
thetag = tag
elif itype == 'tag':
thetag = image
else:
raise Exception("input image name is not a tag, and no --tag is specified")
ret = anchorecli.clients.apiexternal.check_eval(config, imageDigest=imageDigest, history=show_history, detail=detail, tag=thetag, policyId=policy)
ecode = anchorecli.cli.utils.get_ecode(ret)
if ret['success']:
print(anchorecli.cli.utils.format_output(config, 'evaluate_check', {'detail': detail, 'history': show_history, 'tag': thetag}, ret['payload']))
ecode = anchorecli.cli.utils.get_eval_ecode(ret['payload'], anchorecli.cli.utils.unquote_plus(imageDigest))
else:
def query_vuln(input_image, vuln_type, vendor_only):
"""
INPUT_IMAGE: Input image can be in the following formats: Image Digest, ImageID or registry/repo:tag
VULN_TYPE: VULN_TYPE: Vulnerability type can be one of the following types:
- os: CVE/distro vulnerabilities against operating system packages
"""
ecode = 0
try:
itype, image, imageDigest = anchorecli.cli.utils.discover_inputimage(config, input_image)
if not imageDigest:
ecode = 1
raise Exception("cannot use input image string (no discovered imageDigest)")
else:
ret = anchorecli.clients.apiexternal.query_image(config, imageDigest=imageDigest, query_group='vuln', query_type=vuln_type, vendor_only=vendor_only)
ecode = anchorecli.cli.utils.get_ecode(ret)
if ret:
if ret['success']:
print(anchorecli.cli.utils.format_output(config, 'image_vuln', {'query_type':vuln_type}, ret['payload']))
else:
raise Exception (json.dumps(ret['error'], indent=4))
else:
raise Exception("operation failed with empty response")
INPUT_IMAGE: Input image can be in the following formats: Image Digest, ImageID or registry/repo:tag
CONTENT_TYPE: The content type can be one of the following types:
- os: Operating System Packages
- npm: Node.JS NPM Module
- gem: Ruby GEM
- files: Files
"""
ecode = 0
try:
itype, image, imageDigest = anchorecli.cli.utils.discover_inputimage(config, input_image)
_logger.debug("discovery from input: " + str(itype) + " : " + str(image) + " : " + str(imageDigest))
if not imageDigest:
ecode = 1
raise Exception("cannot use input image string (no discovered imageDigest)")
else:
ret = anchorecli.clients.apiexternal.query_image(config, imageDigest=imageDigest, query_group='content', query_type=content_type)
ecode = anchorecli.cli.utils.get_ecode(ret)
if ret:
if ret['success']:
print(anchorecli.cli.utils.format_output(config, 'image_content', {'query_type':content_type}, ret['payload']))
else:
raise Exception (json.dumps(ret['error'], indent=4))
else:
raise Exception("operation failed with empty response")
def query_metadata(input_image, metadata_type):
"""
INPUT_IMAGE: Input image can be in the following formats: Image Digest, ImageID or registry/repo:tag
METADATA_TYPE: The metadata type can be one of the types returned by running without a type specified
"""
ecode = 0
try:
itype, image, imageDigest = anchorecli.cli.utils.discover_inputimage(config, input_image)
_logger.debug("discovery from input: " + str(itype) + " : " + str(image) + " : " + str(imageDigest))
if not imageDigest:
ecode = 1
raise Exception("cannot use input image string (no discovered imageDigest)")
else:
ret = anchorecli.clients.apiexternal.query_image(config, imageDigest=imageDigest, query_group='metadata', query_type=metadata_type)
ecode = anchorecli.cli.utils.get_ecode(ret)
if ret:
if ret['success']:
if metadata_type in ['manifest', 'docker_history']:
o = json.loads(anchorecli.cli.utils.format_output(config, 'image_metadata', {'query_type':metadata_type}, ret['payload']))
print(json.dumps(o, indent=4))
else:
print(anchorecli.cli.utils.format_output(config, 'image_metadata', {'query_type':metadata_type}, ret['payload']))
else: