There were three unused verification options normally available to the
atomic CLI but absent in the dbus API: no_validate, verbose, and
storage. These were added to the dbus client and server.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #1086
Approved by: rhatdan
Fix test failures after updating papr to test with f26 atomic/cloud
images instead of f25, with the following changes:
1. Remove dependency on docker hub tester image. Instead, mimic
what ostree/rpm-ostree does and use a recursive .papr.sh script
to install the necessary packages to the base f26 image in the
fedora registry. This fixes tests on the atomic host since python3.6
is being used, and prevents future tests from testing the wrong
version. (Note this is slightly slower due to having to install
packages during the test rather than using a pre-built image).
2. Fix some pylint errors, and mask others for now
3. Fix failing integration tests due to inter-test interference
4. Remove unnecessary deepcopy in container filter
5. Add compatibility for both c-s-s and d-s-s in storage
6. Update expected sha256 values for dockertar test
Remaining issues:
1. test_storage should possibly be reworked. The current test
setup is conflicting with the new default of overlay as a driver.
For now, the test for generated d-s-s is disabled.
2. some storage commands are still using "docker-storage-setup"
instead of "container-storage-setup". There is a backward
compatible check in place that should be reworked in the future
3. some masked pylint errors should be further investigated
4. keep the dockerfile for the project atomic tester image for now
(bump to 26), since its a little easier and faster to set up with
Signed-off-by: Yu Qi Zhang <jerzhang@redhat.com>
Closes: #1076
Approved by: baude
When pushing an image to registry anonymously, the check for user and
password should not fail. This was reported in BZ #1453135.
Added ImagePush() to dbus_client which was lacking.
Closes: #1015
Approved by: giuseppe
We need to make sure the atomic_dbus_client code works and if something
in atomic_dbus.py changes, the client should either be updated or still
work.
Closes: #975
Approved by: rhatdan
The commit c134ee5 broke the ability for atomic install to pull an image
if it isnt present.
Also, changed the flow in install.py to use more of the backend
objects when determining the backend, the image object, and the
remote image objects.
Closes: #973
Approved by: rhatdan
Added an --anonymous switch to the push command to allow users
to push anonymously without having to be prompted for a username
and password.
Closes: #964
Approved by: rhatdan
If HTTP[S]_PROXY is defined, honor it in python requests usage
as well as pass it on to skopeo.
If http[s]_proxy is defined in atomic.conf, use it; however, environment
variables will override these if defined.
Added --insecure to Atomic push so the user can override the logic
(or lack thereof) around deducing if a registry is insecure. Also
needed for integration tests.
Closes: #964
Approved by: rhatdan
When installing an image, we now write a small bit of json
to /var/lib/atomic/install.json. The json format is:
{
<image_name>: {
id: <image_id>,
install_date: <install_date_in_utc
}
}
This will be used in update, run, etc to ensure that any image
with an INSTALL label is first installed.
Closes: #950
Approved by: giuseppe
For potential cockpit use, we have enabled atomic push. It returns
a 0 if successful or throws a dbus Exception upon failure. Added
a series of integrations tests as well.
Closes: #907
Approved by: rhatdan
The following integration tests have been added:
* ScanList
* ImagePull
* ImageUpdate
* ImageUpate when at latest
* ImagePull when already at latest
* Run
* ContainersDelete
* ContainersDelete when container doesnt exist
Closes: #904
Approved by: rhatdan
Users like cockpit need to be able to submit scan jobs and not
tie up the dbus bus while waiting for results. They also want
to be able to check the status of active scans.
We now have an AsyncScan method that takes an image|container
id in string format as input. It will then thread the scan
and return. The scan can then be monitored through dbus
signals.
Results can be obtained using the GetScanResultsByID method.
There is also an ActiveScans method that allows you to check
the active scans. It returns a list of container|image ids
that are being scanned.
Closes: #885
Approved by: baude
There was a bug in the update code where passing the
kwargs and the named variable force resulted in a TypeError
for multiple values existing.
Fixed by not passing the force keyword to _docker.py and
extracting the keyword from the kwargs.
Closes: #881
Approved by: rhatdan
In the case of cockpit, it would be preferable to be able
to lookup scan results by a container or image's id. If the
container or image has not been scanned, we throw an exception;
otherwise we return the resulting json file as a str.
One other possible exception can be thrown when attempting to read
the desired file from the filesystem. If the file cannot be read,
an exception will be thrown. Either way, it is a clear indicator
that the object needs to be scanned for fresh results.
The following is a simple *python* example:
from atomic_dbus_client import AtomicDBus
ad = AtomicDBus()
results = ad.GetScanResultsById('6858a846fb6b557331e068252fd910b5dc93f8e6341e641400bf4582dc34e10d')
Note the use of the full ID. As of now, we only look up against the full id
as opposed to the short id form which is often used.
Closes: #874
Approved by: baude
As of ef984ed, atomic.get_all_vulnerable_info() sometimes returns a JSON
object instead of a string.
Make it always return an object and amend its documentation.
Closes: #817
Approved by: baude
The dbus verify is now similar to the tty version in how it
processes the request. We now return a list of layers and
their comparisons.
Closes: #809
Approved by: rhatdan
Refactor:
`atomic update`
`atomic update --container`
`atomic update --container --rollback`
To:
`atomic images update`
`atomic containers update`
`atomic containers rollback`
And update corresponding tests, docs and auto-complete. Much like
other image commands (info, verify), the base verb is hidden but
still available for use.
Move update functionality from atomic.py to update.py, and use
new backendutils to abstract.
Signed-off-by: Yu Qi Zhang <jerzhang@redhat.com>
Closes: #773
Approved by: rhatdan
Using our refactoring model, verify is now streamlined. We no longer
compare base images as that is not currently possible for both
V1 and V2 schemas.
Verify will now always look at the release and version labels for
comparison. Should those labels not exist, it will use the
manifest digest for ostree; and it will use the image IDs for
docker.
Closes: #785
Approved by: rhatdan
This makes the default SPC_ARGS and RUN_ARGS a bit smarter. We only add
"-t" if we're attached to a terminal, otherwise Docker will fail to
start. We also add a --detach option to passthrough to `docker run`.
These options make atomic easier to use through D-Bus.
Closes: #776
Approved by: rhatdan
The 'user' parameter of Install() is a bool, not a string.
The 'command' parameter of Run() is a list of strings, not a string.
Closes: #776
Approved by: rhatdan
Covers all but verify and generate. This is a refactoring of the
images subverbs (i.e. info, version, delete, ...)
Added in a unittest for list and info.
Closes: #771
Approved by: baude
The call dbus.service.BusName() claims the name while the returned
object is alive. It wasn't stored into a variable, so the name was
released immediately, but the service keeps running (potentially
indefinitely) with no use.
Fix this by calling request_name() directly, so that we can give useful
feedback (and end the process) when the name is already owned by another
process.
Fixes #763
Closes: #770
Approved by: cgwalters
Atomic/backendutils.py: Class for working with unknown backend
Atomic/objects/image|layer|container.py: classes for objects
Atomic/backends/backend|_docker|_ostree.py: Abstract backends for ostree and docker
Closes: #757
Approved by: baude
Rename atomic_client to atomic_dbus_client, so it is easier to understand.
Cleanup a couple of errors causin dbus to break.
Closes: #732
Approved by: rhatdan
The atomic image version subcommand was broken. Among the issues
was it called the wrong method, attempted to obtain the image
if not locally present, and outputted incorrect information. Some
of the problems were described in:
https://github.com/projectatomic/atomic/issues/708
The version method has been redone to obtain the correct information. It
no longer attempts to obtain the image if not present. It raises an
error.
Also, moved the version method into info and performed a pep8 clean up.
Example output now appears like:
```
atomic --debug version -r docker.io/busybox
IMAGE NAME VERSION IMAGE ID
10.3.11.254:5000/baude/busybox:latest None e02e811dd08f
Tag: docker.io/busybox:latest
Tag: localhost:5000/busybox:latest
atomic --debug version -r registry.access.redhat.com/rhel7/rsyslog
IMAGE NAME VERSION IMAGE ID
registry.access.redhat.com/rhel7/rsyslog:latest rhel7/rsyslog-7.2-21 53f20e902da7
registry.access.redhat.com/rhel7.2:7.2-56 rhel7/rhel-7.2-56 1a9b3357bac5
```
Closes: #710
Approved by: baude
Add missing interfaces.
Fix functions to return text, rather then displaying directly.
Change atomic_client.py to take input from command line. These args are translated into function calls in python.
Add tests scripts in tests/integration/dbus directory
Closes: #668
Approved by: rhatdan
As we add more commands related to containers, IE Trim, we need to make
containers be a subcommand and add verbs like list, and trim
Closes: #579
Approved by: giuseppe
Also breakout images handling into a separate python file.
Atomic/images.py
I have switched atomic images generate to generate an images
mtree file for each image in the system.
Closes: #534
Approved by: giuseppe
images now either print to tty or return json data via dbus
Make encoding and decoding work properly for both Python2 and Python3
Create Cockpit JavaScript test client that will call the DBus API
and receive information.
Closes: #494
Approved by: rhatdan
