tricks/scripts/oras.py

import os
import subprocess
from datetime import datetime

"""
Oras class

This class should provide the basic methods required by the command line
interface.
"""
class Oras:
    """
    Oras class
    """
    def __init__(self, image: str, tag: str):
        self.image = image
        self.tag = tag
        self.registry_username = os.environ.get("REGISTRY_USERNAME", None)
        self.registry_password = os.environ.get("REGISTRY_PASSWORD", None)

    def check_downloaded_file(self):
        cwd = os.getcwd()
        result = f"{cwd}/result.cdx"
        print(f"Checking if '{result}' exists...")
        return os.path.isfile(result)

    def clean_downloaded_file(self):
        cwd = os.getcwd()
        result = f"{cwd}/result.cdx"
        print(f"Removing '{result}'...")
        try:
            os.remove(result)
        except FileNotFoundError:
            return self.error()

        return self.success()

    def os_system(self, base: str, suffix: str):
        extra_vars = None
        if self.registry_username and self.registry_password:
            extra_vars = f"--username {self.registry_username} --password {self.registry_password}"

        cmd = f"{base} {suffix}"
        if extra_vars:
            cmd = f"{base} {extra_vars} {suffix}"
        cmd_result = subprocess.run(cmd.split(" "), stdout=subprocess.PIPE)
        return cmd_result.stdout.decode("utf-8"), cmd_result.returncode

    def get_attached_cdx_digest(self):
        base = "oras discover"
        suffix = f"--artifact-type application/json {self.image}:{self.tag}"

        print(f"Retrieving attached digest {self.image}:{self.tag}...")
        cmd_reply, return_code = self.os_system(base, suffix)

        if return_code != 0:
            return False

        return cmd_reply.split("\n")[-2].split(" ")[-1]

    def get_attached_file(self):
        base = "oras pull"
        digest = self.get_attached_cdx_digest()
        suffix = f"{self.image}:@{digest}"

        print(f"Downloading attached file {self.image}:@{digest}...")
        cmd_reply, _ = self.os_system(base, suffix)

        return cmd_reply

    def post_attached_file(self, git_tag: str = None):
        if not git_tag:
            print("Error: Please provide a git tag...")
            return self.error()
        base = "oras attach"
        suffix = f"--artifact-type application/json {self.image}:{self.tag} result.cdx"

        dt = datetime.now()

        annotations = f"-a 'org.opencontainers.trivy.created={dt.isoformat()}"
        annotations = f"{annotations} -a 'org.opencontainers.trivy.status=Passed"
        annotations = f"{annotations} -a 'org.opencontainers.trivy.tag={git_tag}"

        base = f"{base} {annotations}"

        print(f"Attaching result report file to digest {self.image}:{self.tag}...")
        cmd_reply, return_code = self.os_system(base, suffix)

        if return_code != 0:
            return self.error()
        return self.success()

    def check_scan_report(self):
        get_result = self.get_attached_file()
        if not get_result:
            return self.error()
        if not self.check_downloaded_file():
            return self.error()
        else:
            print("Results file found...")

        self.clean_downloaded_file()
        return self.success()

    def success(self):
        return True

    def error(self):
        return False
chore(): Migrating to testing python automation 2023-07-05 20:56:03 +00:00			`import os`
			`import subprocess`
			`from datetime import datetime`

			`"""`
			`Oras class`

			`This class should provide the basic methods required by the command line`
			`interface.`
			`"""`
			`class Oras:`
			`"""`
			`Oras class`
			`"""`
			`def __init__(self, image: str, tag: str):`
			`self.image = image`
			`self.tag = tag`
			`self.registry_username = os.environ.get("REGISTRY_USERNAME", None)`
			`self.registry_password = os.environ.get("REGISTRY_PASSWORD", None)`

			`def check_downloaded_file(self):`
			`cwd = os.getcwd()`
			`result = f"{cwd}/result.cdx"`
			`print(f"Checking if '{result}' exists...")`
			`return os.path.isfile(result)`

			`def clean_downloaded_file(self):`
			`cwd = os.getcwd()`
			`result = f"{cwd}/result.cdx"`
			`print(f"Removing '{result}'...")`
			`try:`
			`os.remove(result)`
			`except FileNotFoundError:`
			`return self.error()`

			`return self.success()`

			`def os_system(self, base: str, suffix: str):`
			`extra_vars = None`
			`if self.registry_username and self.registry_password:`
			`extra_vars = f"--username {self.registry_username} --password {self.registry_password}"`

			`cmd = f"{base} {suffix}"`
			`if extra_vars:`
			`cmd = f"{base} {extra_vars} {suffix}"`
			`cmd_result = subprocess.run(cmd.split(" "), stdout=subprocess.PIPE)`
			`return cmd_result.stdout.decode("utf-8"), cmd_result.returncode`

			`def get_attached_cdx_digest(self):`
			`base = "oras discover"`
			`suffix = f"--artifact-type application/json {self.image}:{self.tag}"`

			`print(f"Retrieving attached digest {self.image}:{self.tag}...")`
			`cmd_reply, return_code = self.os_system(base, suffix)`

			`if return_code != 0:`
			`return False`

			`return cmd_reply.split("\n")[-2].split(" ")[-1]`

			`def get_attached_file(self):`
			`base = "oras pull"`
			`digest = self.get_attached_cdx_digest()`
			`suffix = f"{self.image}:@{digest}"`

			`print(f"Downloading attached file {self.image}:@{digest}...")`
			`cmd_reply, _ = self.os_system(base, suffix)`

			`return cmd_reply`

			`def post_attached_file(self, git_tag: str = None):`
			`if not git_tag:`
			`print("Error: Please provide a git tag...")`
			`return self.error()`
			`base = "oras attach"`
			`suffix = f"--artifact-type application/json {self.image}:{self.tag} result.cdx"`

			`dt = datetime.now()`

			`annotations = f"-a 'org.opencontainers.trivy.created={dt.isoformat()}"`
			`annotations = f"{annotations} -a 'org.opencontainers.trivy.status=Passed"`
			`annotations = f"{annotations} -a 'org.opencontainers.trivy.tag={git_tag}"`

			`base = f"{base} {annotations}"`

			`print(f"Attaching result report file to digest {self.image}:{self.tag}...")`
			`cmd_reply, return_code = self.os_system(base, suffix)`

			`if return_code != 0:`
			`return self.error()`
			`return self.success()`

			`def check_scan_report(self):`
			`get_result = self.get_attached_file()`
			`if not get_result:`
			`return self.error()`
			`if not self.check_downloaded_file():`
			`return self.error()`
			`else:`
			`print("Results file found...")`

			`self.clean_downloaded_file()`
			`return self.success()`

			`def success(self):`
			`return True`

			`def error(self):`
			`return False`