SSPROD-2436 : add get scan result (#103)

haresh-suresh · Davide Schiera · commit bb5cd208d262 · 2019-11-14T17:38:33.000-08:00
diff --git a/examples/get_image_info_by_id.py b/examples/get_image_info_by_id.py
@@ -0,0 +1,41 @@
+#!/usr/bin/env python
+#
+# Get an image scan result given image id
+#
+
+import os
+import sys
+sys.path.insert(0, os.path.join(os.path.dirname(os.path.realpath(sys.argv[0])), '..'))
+from sdcclient import SdScanningClient
+
+
+def usage():
+    print('usage: %s <sysdig-token> <image_id_sha>' % sys.argv[0])
+    print('You can find your token at https://secure.sysdig.com/#/settings/user')
+    sys.exit(1)
+
+
+#
+# Parse arguments
+#
+if len(sys.argv) != 3:
+    usage()
+
+sdc_token = sys.argv[1]
+image_id_sha = sys.argv[2]
+
+#
+# Instantiate the SDC client
+#
+sdclient = SdScanningClient(sdc_token, 'https://secure.sysdig.com')
+
+ok, res = sdclient.get_image_info_by_id(image_id_sha)
+
+#
+# Return the result
+#
+if ok:
+    print("Image Info %s" % res)
+else:
+    print(res)
+    sys.exit(1)
diff --git a/examples/get_image_scan_result_by_id.py b/examples/get_image_scan_result_by_id.py
@@ -0,0 +1,42 @@
+#!/usr/bin/env python
+#
+# Get an image scan result given image id
+#
+
+import os
+import sys
+sys.path.insert(0, os.path.join(os.path.dirname(os.path.realpath(sys.argv[0])), '..'))
+from sdcclient import SdScanningClient
+
+
+def usage():
+    print('usage: %s <sysdig-token> <image_id> <full_tag_name>' % sys.argv[0])
+    print('You can find your token at https://secure.sysdig.com/#/settings/user')
+    sys.exit(1)
+
+
+#
+# Parse arguments
+#
+if len(sys.argv) != 4:
+    usage()
+
+sdc_token = sys.argv[1]
+image_id = sys.argv[2]
+full_tag_name = sys.argv[3]
+
+#
+# Instantiate the SDC client
+#
+sdclient = SdScanningClient(sdc_token, 'https://secure.sysdig.com')
+
+ok, res = sdclient.get_image_scan_result_by_id(image_id, full_tag_name)
+
+#
+# Return the result
+#
+if ok:
+    print("Image Scan Result %s" % res)
+else:
+    print(res)
+    sys.exit(1)
diff --git a/sdcclient/_scanning.py b/sdcclient/_scanning.py
@@ -321,7 +321,7 @@ def import_image(self, infile):
             m = MultipartEncoder(
                 fields={'archive_file': (infile, open(infile, 'rb'), 'text/plain')}
             )
-            url = self.url+"/api/scanning/v1/import/images"
+            url = self.url + "/api/scanning/v1/anchore/import/images"
 
             headers = {'Authorization': 'Bearer ' + self.token, 'Content-Type': m.content_type}
             res = requests.post(url, data=m, headers=headers, verify=self.ssl_verify)
@@ -350,6 +350,46 @@ def get_anchore_users_account(self):
 
         return [True, res.json()]
 
+    def get_image_scan_result_by_id(self, image_id, full_tag_name):
+        '''**Description**
+            Get the anchore image scan result for an image id.
+
+        **Arguments**
+            - image_id: Docker image id of the image whose scan result is to be fetched.
+            - full_tag_name: The complete tag name of the image for e.g. docker.io/alpine:3.10.
+
+        **Success Return Value**
+            A JSON object containing pass/fail status of image scan policy.
+        '''
+        url = "{base_url}/api/scanning/v1/anchore/images/by_id/{image_id}/check?tag={full_tag_name}&detail=false".format(
+                base_url=self.url,
+                image_id=image_id,
+                full_tag_name=full_tag_name)
+        res = requests.get(url, headers=self.hdrs, verify=self.ssl_verify)
+        if not self._checkResponse(res):
+            return [False, self.lasterr]
+
+        return [True, res.json()]
+
+    def get_image_info_by_id(self, image_id_sha):
+        '''**Description**
+            Get the anchore image info for an image id sha.
+
+        **Arguments**
+            - image_id: Image id sha of the image.
+
+        **Success Return Value**
+            A JSON object containing metadata about the image.
+        '''
+        url = "{base_url}/api/scanning/v1/anchore/images/{image_id_sha}".format(
+            base_url=self.url,
+            image_id_sha=image_id_sha)
+        res = requests.get(url, headers=self.hdrs, verify=self.ssl_verify)
+        if not self._checkResponse(res):
+            return [False, self.lasterr]
+
+        return [True, res.json()]
+
     def add_registry(self, registry, registry_user, registry_pass, insecure=False, registry_type="docker_v2", validate=True):
         '''**Description**
             Add image registry
diff --git a/test/test_secure_apis.sh b/test/test_secure_apis.sh
@@ -40,7 +40,7 @@ diff /tmp/falco_rules.yaml /tmp/test_apis_user_rules.yaml
 # Delete all policies and then get them. There should be none.
 $SCRIPTDIR/../examples/delete_all_policies.py $PYTHON_SDC_TEST_API_TOKEN
 OUT=`$SCRIPTDIR/../examples/list_policies.py $PYTHON_SDC_TEST_API_TOKEN`
-if [[ $OUT != *"\"policies\": []"* ]]; then
+if [[ $OUT != *"[]"* ]]; then
     echo "Unexpected output after deleting all policies"
     exit 1
 fi
