Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
"""
INPUT_IMAGE: Input image can be in the following formats: Image Digest, ImageID or registry/repo:tag
VULN_TYPE: VULN_TYPE: Vulnerability type can be one of the following types:
- os: CVE/distro vulnerabilities against operating system packages
"""
ecode = 0
try:
itype, image, imageDigest = anchorecli.cli.utils.discover_inputimage(config, input_image)
if not imageDigest:
ecode = 1
raise Exception("cannot use input image string (no discovered imageDigest)")
else:
ret = anchorecli.clients.apiexternal.query_image(config, imageDigest=imageDigest, query_group='vuln', query_type=vuln_type, vendor_only=vendor_only)
ecode = anchorecli.cli.utils.get_ecode(ret)
if ret:
if ret['success']:
print(anchorecli.cli.utils.format_output(config, 'image_vuln', {'query_type':vuln_type}, ret['payload']))
else:
raise Exception (json.dumps(ret['error'], indent=4))
else:
raise Exception("operation failed with empty response")
except Exception as err:
print(anchorecli.cli.utils.format_error_output(config, 'image_vuln', {}, err))
if not ecode:
ecode = 2
anchorecli.cli.utils.doexit(ecode)
- gem: Ruby GEM
- files: Files
"""
ecode = 0
try:
itype, image, imageDigest = anchorecli.cli.utils.discover_inputimage(config, input_image)
_logger.debug("discovery from input: " + str(itype) + " : " + str(image) + " : " + str(imageDigest))
if not imageDigest:
ecode = 1
raise Exception("cannot use input image string (no discovered imageDigest)")
else:
ret = anchorecli.clients.apiexternal.query_image(config, imageDigest=imageDigest, query_group='content', query_type=content_type)
ecode = anchorecli.cli.utils.get_ecode(ret)
if ret:
if ret['success']:
print(anchorecli.cli.utils.format_output(config, 'image_content', {'query_type':content_type}, ret['payload']))
else:
raise Exception (json.dumps(ret['error'], indent=4))
else:
raise Exception("operation failed with empty response")
except Exception as err:
print(anchorecli.cli.utils.format_error_output(config, 'image_content', {}, err))
if not ecode:
ecode = 2
anchorecli.cli.utils.doexit(ecode)
INPUT_IMAGE: Input image can be in the following formats: Image Digest, ImageID or registry/repo:tag
METADATA_TYPE: The metadata type can be one of the types returned by running without a type specified
"""
ecode = 0
try:
itype, image, imageDigest = anchorecli.cli.utils.discover_inputimage(config, input_image)
_logger.debug("discovery from input: " + str(itype) + " : " + str(image) + " : " + str(imageDigest))
if not imageDigest:
ecode = 1
raise Exception("cannot use input image string (no discovered imageDigest)")
else:
ret = anchorecli.clients.apiexternal.query_image(config, imageDigest=imageDigest, query_group='metadata', query_type=metadata_type)
ecode = anchorecli.cli.utils.get_ecode(ret)
if ret:
if ret['success']:
if metadata_type in ['manifest', 'docker_history']:
o = json.loads(anchorecli.cli.utils.format_output(config, 'image_metadata', {'query_type':metadata_type}, ret['payload']))
print(json.dumps(o, indent=4))
else:
print(anchorecli.cli.utils.format_output(config, 'image_metadata', {'query_type':metadata_type}, ret['payload']))
else:
raise Exception (json.dumps(ret['error'], indent=4))
else:
raise Exception("operation failed with empty response")
except Exception as err:
print(anchorecli.cli.utils.format_error_output(config, 'image_metadata', {}, err))
if not ecode: