-
Notifications
You must be signed in to change notification settings - Fork 1
/
registry.py
112 lines (98 loc) · 4.16 KB
/
registry.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
#!/usr/bin/env python3
import traceback
import datetime
from os.path import isfile, join, basename
import tempfile
class Registry:
def __init__(self, client, registry_string, default_registry):
try:
self.username = registry_string.split(":")[0]
self.password = registry_string.split(":")[1].split("@")[0]
self.registry = registry_string.split("@")[1]
self.client = client
self.default_registry = default_registry
except Exception as e:
print("Exception: " + str(e))
print("Wrong format in the registry credentials")
raise e
def name(self):
return "unknown"
def login(self):
try:
self.client.login(
username=self.username, password=self.password, registry=self.registry
)
except Exception as e:
print("Login failed: {}".format(e))
raise e
def last_build_commit(self, namespace, repo, tag):
return None
def build_docker(self, namespace, base_path, worker_path, flavor, git_commit_sha):
worker_name = basename(worker_path)
def build(dockerfile):
try:
(image, output) = self.client.images.build(
path=join(base_path, worker_path),
dockerfile=dockerfile,
pull=True,
labels={
"schema-version": "1.0",
"org.label-schema.build-date": datetime.datetime.now().isoformat(
"T"
)
+ "Z",
"org.label-schema.name": worker_name,
"org.label-schema.description": flavor["description"].replace(
"'", "''"
)[:100],
"org.label-schema.url": "https://thehive-project.org",
"org.label-schema.vcs-url": "https://github.com/TheHive-Project/Cortex-Analyzers",
"org.label-schema.vcs-ref": git_commit_sha,
"org.label-schema.vendor": "TheHive Project",
"org.label-schema.version": flavor["version"],
},
tag="{}/{}".format(namespace, flavor["repo"]),
)
for line in output:
if "stream" in line:
print(" > {}".format(line["stream"].strip()))
except Exception as e:
print("build failed for worker {}".format(worker_name))
traceback.print_exc()
raise e
if isfile(join(base_path, worker_path, "Dockerfile")):
build(None)
else:
dockerfile_content = """
FROM python:3
WORKDIR /worker
COPY . {worker_name}
RUN test ! -e {worker_name}/requirements.txt || pip install --no-cache-dir -r {worker_name}/requirements.txt
ENTRYPOINT {command}
""".format(
worker_name=worker_name, command=flavor["command"]
)
with tempfile.NamedTemporaryFile() as f:
f.write(str.encode(dockerfile_content))
f.flush()
build(f.name)
def push_image(self, namespace, repo, tag):
return None
def get_remote_image_id(self, namespace, repo, tag):
return None
def correctly_pushed(self, namespace, repo, tag):
image_tag = "{}/{}:{}".format(namespace, repo, tag)
if not self.default_registry:
image_tag = "{}/{}".format(self.registry, image_tag)
local_id = self.client.images.get_registry_data(
image_tag,
auth_config={"username": self.username, "password": self.password},
).id
remote_id = self.get_remote_image_id(namespace, repo, tag)
if remote_id is None:
return True
try:
print(f"DEBUG: Comparing local_id and remote_id, local_id: {local_id}, remote_id: {remote_id}")
except NameError as e:
print(f"Error: {e}. Ensure 'local_id' and 'remote_id' are defined before comparing.")
return local_id == remote_id