本文整理汇总了Python中Atomic.trust.Trust类的典型用法代码示例。如果您正苦于以下问题:Python Trust类的具体用法?Python Trust怎么用?Python Trust使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了Trust类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: pull_image
def pull_image(self, image, remote_image_obj, **kwargs):
assert(isinstance(remote_image_obj, Image))
debug = kwargs.get('debug', False)
if image.startswith("dockertar:"):
path = image.replace("dockertar:", "", 1)
with open(path, 'rb') as f:
self.d.load_image(data=f)
return 0
fq_name = remote_image_obj.fq_name
local_image = self.has_image(image)
if local_image is not None:
if self.already_has_image(local_image, remote_image_obj):
raise util.ImageAlreadyExists(image)
registry, _, _, tag, _ = util.Decompose(fq_name).all
image = "docker-daemon:{}".format(fq_name)
if not image.endswith(tag):
image += ":{}".format(tag)
if '@sha256:' in image:
image = image.replace("@sha256:", ":")
src_creds = kwargs.get('src_creds')
insecure = True if util.is_insecure_registry(self.d.info()['RegistryConfig'], registry) else False
trust = Trust()
trust.discover_sigstore(fq_name)
util.write_out("Pulling {} ...".format(fq_name))
util.skopeo_copy("docker://{}".format(fq_name), image, debug=debug, insecure=insecure,
policy_filename=trust.policy_filename, src_creds=src_creds)
return 0示例2: pull_image
def pull_image(self, image, remote_image_obj, **kwargs):
"""
Pulls an image to the backend
:param image:
:param pull_args:
:return:
"""
debug = kwargs.get('debug', False)
fq_name = remote_image_obj.fq_name
registry, _, _, tag, _ = util.Decompose(fq_name).all
if not image.endswith(tag):
image += ":{}".format(tag)
if '@sha256:' in image:
image = image.replace("@sha256:", ":")
insecure = False
registries_config = util.load_registries_from_yaml()
if "insecure_registries" in registries_config:
if registry in registries_config['insecure_registries']:
insecure = True
source = "docker://{}".format(image)
dest = "containers-storage:{}".format(image)
trust = Trust()
trust.discover_sigstore(fq_name)
util.write_out("Pulling {} ...".format(fq_name))
util.skopeo_copy(source, dest, debug=debug, insecure=insecure, policy_filename=trust.policy_filename)
return 0示例3: TrustDelete
def TrustDelete(self, registry, sigstoretype):
trust = Trust()
args = self.Args()
args.sigstoretype = sigstoretype
args.registry = registry
trust.set_args(args)
trust.delete()示例4: test_trust_gpg_email_id
def test_trust_gpg_email_id(self):
args = self.Args()
testobj = Trust(policy_filename=os.path.join(FIXTURE_DIR, "show_policy.json"))
testobj.atomic_config = util.get_atomic_config(atomic_config=os.path.join(FIXTURE_DIR, "atomic.conf"))
testobj.set_args(args)
actual = testobj.get_gpg_id(args.pubkeys)
self.assertEqual("[email protected]", actual)示例5: pull_image
def pull_image(self, image, **kwargs):
debug = kwargs.get("debug", False)
if image.startswith("dockertar:"):
path = image.replace("dockertar:", "", 1)
with open(path, "rb") as f:
self.d.load_image(data=f)
return 0
remote_image = self.make_remote_image(image)
fq_name = remote_image.fq_name
local_image = self.has_image(image)
if local_image is not None:
if self.already_has_image(local_image, remote_image):
raise ValueError("Latest version of {} already present.".format(image))
registry, _, _, tag, _ = util.Decompose(fq_name).all
image = "docker-daemon:{}".format(image)
if not image.endswith(tag):
image += ":{}".format(tag)
insecure = (
True if util.is_insecure_registry(self.d.info()["RegistryConfig"], util.strip_port(registry)) else False
)
trust = Trust()
trust.discover_sigstore(fq_name)
util.write_out("Pulling {} ...".format(fq_name))
util.skopeo_copy(
"docker://{}".format(fq_name), image, debug=debug, insecure=insecure, policy_filename=trust.policy_filename
)
return 0示例6: test_add_repo_sigstore
def test_add_repo_sigstore(self):
testobj = Trust(policy_filename=TEST_POLICY)
testobj.atomic_config = util.get_atomic_config(atomic_config=os.path.join(FIXTURE_DIR, "atomic.conf"))
testobj.modify_registry_config("docker.io/repo", "docker", "https://sigstore.acme.com/sigs")
with open(os.path.join(FIXTURE_DIR, "configs/docker.io-repo.yaml"), "r") as f:
conf_expected = yaml.load(f)
with open(os.path.join(FIXTURE_DIR, "etc/containers/registries.d/docker.io-repo.yaml"), "r") as f:
conf_modified = yaml.load(f)
self.assertEqual(conf_expected, conf_modified)示例7: test_setup_default_policy
def test_setup_default_policy(self):
args = self.Args()
args.sigstoretype = "web"
testobj = Trust()
testobj.set_args(args)
with open(os.path.join(FIXTURE_DIR, "default_policy.json"), "r") as default:
policy_default = json.load(default)
policy_default = testobj.check_policy(policy_default, "docker")
policy_expected = {"default": [{"type": "insecureAcceptAnything"}], "transports": {"docker": {}}}
self.assertEqual(policy_default, policy_expected)示例8: TrustAdd
def TrustAdd(self, registry, trusttype, pubkeys, keytype, sigstore, sigstoretype):
trust = Trust()
args = self.Args()
args.registry = registry
args.pubkeys = pubkeys
args.keytype = keytype
args.trust_type = trusttype
args.sigstoretype = sigstoretype
args.sigstore = sigstore
trust.set_args(args)
trust.add()示例9: pull_image
def pull_image(self, image, pull_args):
# Add this when atomic registry is incorporated.
# if self.args.reg_type == "atomic":
# pull_uri = 'atomic:'
# else:
# pull_uri = 'docker://'
img_obj = self._make_remote_image(image)
fq_name = img_obj.fq_name
insecure = True if util.is_insecure_registry(self.d.info()['RegistryConfig'], util.strip_port(img_obj.registry)) else False
# This needs to be re-enabled with Aaron's help
trust = Trust()
trust.set_args(pull_args)
trust.discover_sigstore(fq_name)
util.write_out("Pulling {} ...".format(fq_name))
util.skopeo_copy("docker://{}".format(fq_name),
"docker-daemon:{}".format(image),
debug=pull_args.debug, insecure=insecure,
policy_filename=pull_args.policy_filename)示例10: test_add_trust_keys
def test_add_trust_keys(self):
args = self.Args()
args.sigstore = None
testobj = Trust(policy_filename = TEST_POLICY)
testobj.atomic_config = util.get_atomic_config(atomic_config = os.path.join(FIXTURE_DIR, "atomic.conf"))
testobj.set_args(args)
testobj.add()
with open(testobj.policy_filename, 'r') as f:
d = json.load(f)
self.assertEqual(d["transports"]["atomic"]["docker.io"][0]["keyPath"],
os.path.join(FIXTURE_DIR, "key1.pub"))示例11: test_trust_show
def test_trust_show(self):
args = self.Args()
testobj = Trust(policy_filename=os.path.join(FIXTURE_DIR, "show_policy.json"))
testobj.atomic_config = util.get_atomic_config(atomic_config=os.path.join(FIXTURE_DIR, "atomic.conf"))
testobj.set_args(args)
with self.captured_output() as (out, _):
testobj.show()
with open(os.path.join(FIXTURE_DIR, "show_policy.output"), "r") as f:
expected = f.read()
actual = out.getvalue()
self.assertEqual(expected, actual)示例12: test_delete_trust
def test_delete_trust(self):
args = self.Args()
args.pubkeys = []
args.sigstoretype = "web"
args.registry = "registry.example.com/foo"
args.pubkeys = None
testobj = Trust(policy_filename=TEST_POLICY)
testobj.atomic_config = util.get_atomic_config(atomic_config=os.path.join(FIXTURE_DIR, "atomic.conf"))
testobj.set_args(args)
testobj.delete()
with open(testobj.policy_filename, "r") as f:
d = json.load(f)
self.assertNotIn(args.registry, d["transports"]["docker"])示例13: test_add_reject_type
def test_add_reject_type(self):
args = self.Args()
args.trust_type = "reject"
args.sigstoretype = "web"
args.pubkeys = []
args.registry = "registry.example.com/foo"
testobj = Trust(policy_filename=TEST_POLICY)
testobj.atomic_config = util.get_atomic_config(atomic_config=os.path.join(FIXTURE_DIR, "atomic.conf"))
testobj.set_args(args)
testobj.add()
with open(testobj.policy_filename, "r") as f:
d = json.load(f)
self.assertEqual(d["transports"]["docker"][args.registry][0]["type"], args.trust_type)示例14: TrustDefaultPolicy
def TrustDefaultPolicy(self, default_policy):
trust = Trust()
args = self.Args()
args.default_policy = default_policy
trust.set_args(args)
return trust.modify_default()示例15: TrustShow
def TrustShow(self):
trust = Trust()
args = self.Args()
trust.set_args(args)
return json.dumps(trust.show_json())