Examples with DockerRegistry com.epam.pipeline.entity.pipeline.DockerRegistry used on opensource projects

Search in sources :

Example 21 with DockerRegistry

use of com.epam.pipeline.entity.pipeline.DockerRegistry in project cloud-pipeline by epam.

the class DockerRegistryMapperTest method shouldMapDockerRegistry.

@Test
void shouldMapDockerRegistry() throws IOException {
    DockerRegistryMapper mapper = new DockerRegistryMapper();
    DockerRegistry registry = new DockerRegistry();
    registry.setId(1L);
    registry.setDescription(TEST_DESCRIPTION);
    registry.setName(TEST_NAME);
    registry.setPath(TEST_PATH);
    registry.setUserName(USER_NAME);
    EntityContainer<DockerRegistry> container = EntityContainer.<DockerRegistry>builder().entity(registry).owner(USER).metadata(METADATA).permissions(PERMISSIONS_CONTAINER).build();
    XContentBuilder contentBuilder = mapper.map(container);
    verifyDockerRegistry(registry, contentBuilder);
    verifyPipelineUser(USER, contentBuilder);
    verifyPermissions(PERMISSIONS_CONTAINER, contentBuilder);
    verifyMetadata(EXPECTED_METADATA, contentBuilder);
}
Also used : DockerRegistry(com.epam.pipeline.entity.pipeline.DockerRegistry) MapperVerificationUtils.verifyDockerRegistry(com.epam.pipeline.elasticsearchagent.MapperVerificationUtils.verifyDockerRegistry) XContentBuilder(org.elasticsearch.common.xcontent.XContentBuilder) Test(org.junit.jupiter.api.Test)

Example 22 with DockerRegistry

use of com.epam.pipeline.entity.pipeline.DockerRegistry in project cloud-pipeline by epam.

the class ToolDao method basicInitTool.

private static Tool basicInitTool(ResultSet rs, Tool tool) throws SQLException {
    tool.setId(rs.getLong(ToolParameters.ID.name()));
    tool.setImage(rs.getString(ToolParameters.IMAGE.name()));
    tool.setCpu(rs.getString(ToolParameters.CPU.name()));
    tool.setRam(rs.getString(ToolParameters.RAM.name()));
    tool.setRegistryId(rs.getLong(ToolParameters.REGISTRY_ID.name()));
    tool.setToolGroupId(rs.getLong(ToolParameters.TOOL_GROUP_ID.name()));
    tool.setRegistry(rs.getString(ToolParameters.REGISTRY.name()));
    tool.setSecretName(rs.getString(ToolParameters.SECRET_NAME.name()));
    tool.setDescription(rs.getString(ToolParameters.DESCRIPTION.name()));
    tool.setShortDescription(rs.getString(ToolParameters.SHORT_DESCRIPTION.name()));
    tool.setDefaultCommand(rs.getString(ToolParameters.DEFAULT_COMMAND.name()));
    tool.setOwner(rs.getString(ToolParameters.OWNER.name()));
    tool.setDisk(rs.getInt(ToolParameters.DISK.name()));
    tool.setInstanceType(rs.getString(ToolParameters.INSTANCE_TYPE.name()));
    long longVal = rs.getLong(ToolParameters.ICON_ID.name());
    tool.setHasIcon(!rs.wasNull());
    tool.setIconId(longVal);
    Array labelsSqlArray = rs.getArray(ToolParameters.LABELS.name());
    if (labelsSqlArray != null) {
        List<String> labels = Arrays.asList((String[]) labelsSqlArray.getArray());
        tool.setLabels(labels);
    }
    Array endpointsSqlArray = rs.getArray(ToolParameters.ENDPOINTS.name());
    if (endpointsSqlArray != null) {
        List<String> endpoints = Arrays.asList((String[]) endpointsSqlArray.getArray());
        tool.setEndpoints(endpoints);
    }
    // restore parent hierarchy
    if (tool.getToolGroupId() != null) {
        tool.setParent(new ToolGroup(tool.getToolGroupId()));
        if (tool.getRegistryId() != null) {
            tool.getParent().setParent(new DockerRegistry(tool.getRegistryId()));
        }
    }
    return tool;
}
Also used : Array(java.sql.Array) DockerRegistry(com.epam.pipeline.entity.pipeline.DockerRegistry) ToolGroup(com.epam.pipeline.entity.pipeline.ToolGroup)

Example 23 with DockerRegistry

use of com.epam.pipeline.entity.pipeline.DockerRegistry in project cloud-pipeline by epam.

the class AggregatingToolScanManager method fetchLayers.

private List<String> fetchLayers(Tool tool, String tag, DockerRegistry registry) throws ToolScanExternalServiceException {
    DockerClient dockerClient = getDockerClient(tool.getImage(), registry);
    ManifestV2 manifest = dockerClient.getManifest(registry, tool.getImage(), tag).orElseThrow(() -> new ToolScanExternalServiceException(tool, messageHelper.getMessage(MessageConstants.ERROR_REGISTRY_COULD_NOT_GET_MANIFEST, tool.getImage())));
    return manifest.getLayers().stream().map(c -> c.getDigest()).collect(Collectors.toList());
}
Also used : DockerComponentScanResult(com.epam.pipeline.manager.docker.scan.dockercompscan.DockerComponentScanResult) Arrays(java.util.Arrays) LoggerFactory(org.slf4j.LoggerFactory) SystemPreferences(com.epam.pipeline.manager.preference.SystemPreferences) Autowired(org.springframework.beans.factory.annotation.Autowired) ManifestV2(com.epam.pipeline.entity.docker.ManifestV2) Vulnerability(com.epam.pipeline.entity.scan.Vulnerability) URLUtils(com.epam.pipeline.utils.URLUtils) StringUtils(org.apache.commons.lang3.StringUtils) DeserializationFeature(com.fasterxml.jackson.databind.DeserializationFeature) ToolDependency(com.epam.pipeline.entity.scan.ToolDependency) MessageHelper(com.epam.pipeline.common.MessageHelper) ListUtils(org.apache.commons.collections4.ListUtils) Map(java.util.Map) VulnerabilitySeverity(com.epam.pipeline.entity.scan.VulnerabilitySeverity) DateUtils(com.epam.pipeline.entity.utils.DateUtils) ClairService(com.epam.pipeline.manager.docker.scan.clair.ClairService) UUID(java.util.UUID) Instant(java.time.Instant) Collectors(java.util.stream.Collectors) Retrofit(retrofit2.Retrofit) Tool(com.epam.pipeline.entity.pipeline.Tool) List(java.util.List) ClairScanResult(com.epam.pipeline.manager.docker.scan.clair.ClairScanResult) Stream(java.util.stream.Stream) JacksonConverterFactory(retrofit2.converter.jackson.JacksonConverterFactory) PostConstruct(javax.annotation.PostConstruct) Optional(java.util.Optional) StringPreference(com.epam.pipeline.manager.preference.AbstractSystemPreference.StringPreference) DockerClientFactory(com.epam.pipeline.manager.docker.DockerClientFactory) Call(retrofit2.Call) UnsupportedEncodingException(java.io.UnsupportedEncodingException) ToolScanPolicy(com.epam.pipeline.entity.scan.ToolScanPolicy) MessageConstants(com.epam.pipeline.common.MessageConstants) ToolManager(com.epam.pipeline.manager.pipeline.ToolManager) ToolScanExternalServiceException(com.epam.pipeline.exception.ToolScanExternalServiceException) HashMap(java.util.HashMap) Response(retrofit2.Response) ClairScanRequest(com.epam.pipeline.manager.docker.scan.clair.ClairScanRequest) DockerRegistryManager(com.epam.pipeline.manager.docker.DockerRegistryManager) MapperFeature(com.fasterxml.jackson.databind.MapperFeature) Service(org.springframework.stereotype.Service) DockerComponentScanService(com.epam.pipeline.manager.docker.scan.dockercompscan.DockerComponentScanService) ToolScanStatus(com.epam.pipeline.entity.pipeline.ToolScanStatus) DockerComponentLayerScanResult(com.epam.pipeline.manager.docker.scan.dockercompscan.DockerComponentLayerScanResult) AbstractSystemPreference(com.epam.pipeline.manager.preference.AbstractSystemPreference) PreferenceManager(com.epam.pipeline.manager.preference.PreferenceManager) Logger(org.slf4j.Logger) DockerComponentScanRequest(com.epam.pipeline.manager.docker.scan.dockercompscan.DockerComponentScanRequest) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) IOException(java.io.IOException) TimeUnit(java.util.concurrent.TimeUnit) DockerRegistry(com.epam.pipeline.entity.pipeline.DockerRegistry) URLEncoder(java.net.URLEncoder) OkHttpClient(okhttp3.OkHttpClient) ToolVersionScanResult(com.epam.pipeline.entity.scan.ToolVersionScanResult) DockerClient(com.epam.pipeline.manager.docker.DockerClient) ManifestV2(com.epam.pipeline.entity.docker.ManifestV2) DockerClient(com.epam.pipeline.manager.docker.DockerClient) ToolScanExternalServiceException(com.epam.pipeline.exception.ToolScanExternalServiceException)

Example 24 with DockerRegistry

use of com.epam.pipeline.entity.pipeline.DockerRegistry in project cloud-pipeline by epam.

the class AggregatingToolScanManager method scanTool.

public ToolVersionScanResult scanTool(Tool tool, String tag, Boolean rescan) throws ToolScanExternalServiceException {
    DockerRegistry registry = dockerRegistryManager.load(tool.getRegistryId());
    Optional<ToolVersionScanResult> actualScan = rescan ? Optional.empty() : getActualScan(tool, tag, registry);
    return actualScan.isPresent() ? actualScan.get() : doScan(tool, tag, registry);
}
Also used : DockerRegistry(com.epam.pipeline.entity.pipeline.DockerRegistry) ToolVersionScanResult(com.epam.pipeline.entity.scan.ToolVersionScanResult)

Example 25 with DockerRegistry

use of com.epam.pipeline.entity.pipeline.DockerRegistry in project cloud-pipeline by epam.

the class ToolScanScheduler method scheduledToolScan.

/**
 * A scheduled scan, that runs for all the registries, all tools and all tool versions, sends them to Tool Scanning
 * System and stores scanning results to the database.
 */
public void scheduledToolScan() {
    if (!preferenceManager.getPreference(SystemPreferences.DOCKER_SECURITY_TOOL_SCAN_ENABLED)) {
        LOGGER.info(messageHelper.getMessage(MessageConstants.ERROR_TOOL_SCAN_DISABLED));
        return;
    } else {
        LOGGER.info(messageHelper.getMessage(MessageConstants.INFO_TOOL_SCAN_SCHEDULED_STARTED));
    }
    boolean scanAllRegistries = preferenceManager.getPreference(SystemPreferences.DOCKER_SECURITY_TOOL_SCAN_ALL_REGISTRIES);
    List<DockerRegistry> registries = scanAllRegistries ? dockerRegistryDao.loadAllDockerRegistry() : dockerRegistryDao.loadDockerRegistriesWithSecurityScanEnabled();
    for (DockerRegistry registry : registries) {
        LOGGER.info(messageHelper.getMessage(MessageConstants.INFO_TOOL_SCAN_REGISTRY_STARTED, registry.getPath()));
        for (Tool tool : registry.getTools()) {
            DockerClient dockerClient = getDockerClient(registry, tool);
            try {
                List<String> versions = toolManager.loadTags(tool.getId());
                for (String version : versions) {
                    try {
                        ToolVersionScanResult result = toolScanManager.scanTool(tool, version, false);
                        toolManager.updateToolVulnerabilities(result.getVulnerabilities(), tool.getId(), version);
                        toolManager.updateToolDependencies(result.getDependencies(), tool.getId(), version);
                        toolManager.updateToolVersionScanStatus(tool.getId(), ToolScanStatus.COMPLETED, new Date(), version, result.getLastLayerRef(), result.getDigest());
                        updateToolVersion(tool, version, registry, dockerClient);
                    } catch (ToolScanExternalServiceException e) {
                        LOGGER.error(messageHelper.getMessage(MessageConstants.ERROR_TOOL_SCAN_FAILED, tool.getImage(), version), e);
                        toolManager.updateToolVersionScanStatus(tool.getId(), ToolScanStatus.FAILED, new Date(), version, null, null);
                    }
                }
            } catch (Exception e) {
                LOGGER.error(messageHelper.getMessage(MessageConstants.ERROR_TOOL_SCAN_FAILED, tool.getImage()), e);
                toolManager.updateToolVersionScanStatus(tool.getId(), ToolScanStatus.FAILED, new Date(), "latest", null, null);
            }
        }
    }
    LOGGER.info(messageHelper.getMessage(MessageConstants.INFO_TOOL_SCAN_SCHEDULED_DONE));
}
Also used : DockerRegistry(com.epam.pipeline.entity.pipeline.DockerRegistry) DockerClient(com.epam.pipeline.manager.docker.DockerClient) ToolVersionScanResult(com.epam.pipeline.entity.scan.ToolVersionScanResult) ToolScanExternalServiceException(com.epam.pipeline.exception.ToolScanExternalServiceException) Date(java.util.Date) ToolScanExternalServiceException(com.epam.pipeline.exception.ToolScanExternalServiceException) PipelineException(com.epam.pipeline.exception.PipelineException) Tool(com.epam.pipeline.entity.pipeline.Tool)

Aggregations

DockerRegistry (com.epam.pipeline.entity.pipeline.DockerRegistry)57 Transactional (org.springframework.transaction.annotation.Transactional)24 ToolGroup (com.epam.pipeline.entity.pipeline.ToolGroup)22 Tool (com.epam.pipeline.entity.pipeline.Tool)19 Test (org.junit.Test)14 Before (org.junit.Before)10 AbstractSpringTest (com.epam.pipeline.AbstractSpringTest)7 AbstractManagerTest (com.epam.pipeline.manager.AbstractManagerTest)6 MessageHelper (com.epam.pipeline.common.MessageHelper)4 AclClass (com.epam.pipeline.entity.security.acl.AclClass)4 DockerClient (com.epam.pipeline.manager.docker.DockerClient)4 DockerRegistryManager (com.epam.pipeline.manager.docker.DockerRegistryManager)4 IOException (java.io.IOException)4 List (java.util.List)4 Optional (java.util.Optional)4 Autowired (org.springframework.beans.factory.annotation.Autowired)4 MessageConstants (com.epam.pipeline.common.MessageConstants)3 PermissionGrantVO (com.epam.pipeline.controller.vo.PermissionGrantVO)3 AbstractSecuredEntity (com.epam.pipeline.entity.AbstractSecuredEntity)3 ToolVersionScanResult (com.epam.pipeline.entity.scan.ToolVersionScanResult)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial