docker/babashka-pod-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Support Index cli (#2)

Browse Source 
* Add sbom support from index-cli

* Drop error channel

* return value is treated as an Invoke Op

* Add the index-cli-plugin

* Fix sample again

* Build platforms in multi-arch Docker build

* change go.sh for /bin/sh env in alpine

* Add workflow
This commit is contained in:
Jim Clark
2023-01-17 20:28:17 -08:00
committed by GitHub
parent b2d8fdbbd5
commit 5df70f8d7f
16 changed files with 2552 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.dockerignore Normal file
View File

@@ -0,0 +1 @@
pod-atomisthq-tools.docker

32
.github/workflows/release.yml vendored Normal file
View File

@@ -0,0 +1,32 @@
name: Release
on:
push:
branches:
- main
jobs:
releases-matrix:
name: Release Go Binary
runs-on: ubuntu-latest
strategy:
matrix:
# build and publish in parallel: linux/386, linux/amd64, linux/arm64, windows/386, windows/amd64, darwin/amd64, darwin/arm64
goos: [linux, windows, darwin]
goarch: [amd64, arm64]
exclude:
- goarch: arm64
goos: windows
steps:
- uses: actions/checkout@v3
- uses: wangyoucao577/go-release-action@v1.35
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
goos: ${{ matrix.goos }}
goarch: ${{ matrix.goarch }}
goversion: 1.19.1
binary_name: "pod-atomisthq-tools.docker"
release_tag: "v0.1.0"
overwrite: TRUE
compress_assets: OFF

4
.gitignore vendored
View File

@@ -6,3 +6,7 @@
/pod-babashka-docker-0.1.0-macos-aarch64.zip
/pod-atomisthq-docker
/pod-atomisthq-docker-0.1.0-macos-aarch64.zip
/.nrepl-port
/pod-atomisthq-tools.docker
/pod-atomisthq-tools.docker-0.1.0-macos-aarch64.zip
/pod-atomisthq-tools.docker-0.1.0-macos-arm64.zip

20
Dockerfile Normal file
View File

@@ -0,0 +1,20 @@
FROM golang:1.19-alpine AS build
WORKDIR /app
COPY go.mod ./
COPY go.sum ./
RUN go mod download
COPY main.go ./
COPY docker/ ./docker/
COPY babashka/ ./babashka/
RUN CGO_ENABLED=0 go build -o pod-atomisthq-tools.docker
FROM alpine:3.17
COPY repository/ /root/.babashka/pods/repository
COPY --from=build /app/pod-atomisthq-tools.docker /root/.babashka/pods/repository/atomisthq/tools.docker/0.1.0
RUN chmod 755 /root/.babashka/pods/repository/atomisthq/tools.docker/0.1.0/pod-atomisthq-tools.docker

6
README.md
View File

@@ -41,6 +41,12 @@ To build the golang `parser` binary locally, run `go build`.
go build -o pod-babashka-docker
```
Create `vonwig/pod-atomisthq-tools.docker` which is a manifest list with pod binaries for both `amd64` and `arm64`. This image is a good way to pull the pod binaries into skill containers.
```bash
bb build-pod-image
```
## Contributing
You can find information about contributing to this project in the CONTRIBUTING.md

14
babashka/ops.go
View File

@@ -71,6 +71,20 @@ func WriteInvokeResponse(inputMessage *Message, value any) error {
return nil
}
func WriteNotDoneInvokeResponse(inputMessage *Message, value any) error {
if value == nil {
return nil
}
resultValue, err := json.Marshal(value)
if err != nil {
return err
}
response := InvokeResponse{Id: inputMessage.Id, Status: []string{}, Value: string(resultValue)}
writeResponse(response)
return nil
}
func WriteErrorResponse(inputMessage *Message, err error) {
errorResponse := ErrorResponse{Id: inputMessage.Id, Status: []string{"done", "error"}, ExMessage: err.Error()}
writeResponse(errorResponse)

29
bb.edn
View File

@@ -1,15 +1,26 @@
{:tasks
{:requires ([babashka.fs :as fs])
:init (do
:init (do
(def n "pod-atomisthq-tools.docker")
(def os "macos")
(def version "0.1.0"))
build (shell (format "go build -o %s" n))
aarch64 (do
(shell (format "zip %s-%s-%s-%s.zip %s" n version os "aarch64" n) {}))
x86 (do
(shell (format "zip %s-%s-%s-%s.zip %s" n version os "x86_64" n) {}))
linux-x86
(do
(shell (format "zip %s-%s-%s-%s.zip %s" n version "linux" "amd64" n) {}))}}
check-for-builder {:task (-> (shell "docker buildx inspect buildx-multi-arch"))}
setup-builder {:task (if (= 1 (:exit check-for-builder))
(shell {:continue true} "docker buildx create --name=buildx-multi-arch --driver=docker-container --driver-opt=network=host")
(println "buildx-multi-arch is already running"))
:depends [check-for-builder]}
build-pod-image {:task (shell "docker buildx build --builder=buildx-multi-arch --push --platform=linux/amd64,linux/arm64 --tag=vonwig/pod-atomisthq-tools.docker .")
:depends [setup-builder]}
build (do (shell (format "go build -o %s" n))
(fs/copy "pod-atomisthq-tools.docker" "/Users/slim/.babashka/pods/repository/atomisthq/tools.docker/0.1.0/" {:replace-existing true})
(fs/copy "pod-atomisthq-tools.docker" "/Users/slim/.vscode/extensions/docker.slim-docker-lsp-client-0.0.1/" {:replace-existing true})
(fs/copy "pod-atomisthq-tools.docker" "/Users/slim/kipz/docker-vscode-project-extension/" {:replace-existing true}))
aarch64 (do
(shell (format "zip %s-%s-%s-%s.zip %s" n version os "aarch64" n) {}))
x86 (do
(shell (format "zip %s-%s-%s-%s.zip %s" n version os "x86_64" n) {}))
linux-x86
(do
(shell (format "zip %s-%s-%s-%s.zip %s" n version "linux" "amd64" n) {}))}}

5
deps.edn
View File

@@ -1,3 +1,6 @@
{:sources ["dev"]
:deps {babashka/babashka.pods {:mvn/version "0.1.0"}
com.cognitect/transit-clj {:mvn/version "1.0.324"}}}
babashka/process {:mvn/version "0.4.13"}
com.cognitect/transit-clj {:mvn/version "1.0.324"}}
:aliases {:main {:extra-paths ["main"]
:exec-fn user1/transact-hashes}}}

12
dev/user.clj
View File

@@ -1,16 +1,17 @@
(ns user
(:require [babashka.pods :as pods]))
(:require [babashka.pods :as pods]
[clojure.edn :as edn]))
(pods/load-pod 'atomisthq/tools.docker "0.1.0")
(require '[pod.atomisthq.docker :as docker])
;; parse image names using github.com/docker/distribution
;; turns golang structs into clojure maps
(docker/parse-image-name "gcr.io/whatever:tag")
(docker/parse-image-name "gcr.io/whatever:tag")
;; automatically turns golang errors into Exceptions
(try
(docker/parse-image-name "gcr.io/whatever/:tag")
(catch Exception e
(catch Exception e
;; invalid reference format
(println (.getMessage e))))
@@ -18,3 +19,8 @@
;; returns the Result struct transformed to a clojure map
(docker/parse-dockerfile "FROM \\\n gcr.io/whatever:tag\nCMD [\"run\"]")
;; run sbom generation on local image
(docker/sbom "vonwig/clojure-base:jdk17" (fn [event] (println event)))
(docker/hashes "vonwig/malware1:latest" (fn [event] (println event)))

111
docker/ops.go
View File

@@ -2,6 +2,7 @@ package docker
import (
"github.com/docker/distribution/reference"
"github.com/docker/index-cli-plugin/sbom"
"github.com/moby/buildkit/frontend/dockerfile/parser"
//"reflect"
@@ -34,7 +35,7 @@ func parse_uri(s string) (Reference, error) {
ref, err := reference.Parse(s)
if err != nil {
return Reference{},err;
return Reference{}, err
}
//fmt.Printf("%s\n", reflect.TypeOf(ref));
@@ -49,9 +50,52 @@ func parse_uri(s string) (Reference, error) {
digest = digested.Digest().String()
}
//u, err := json.Marshal(Reference{Path: path, Domain: domain, Tag: tag, Digest: digest})
return Reference{Path: path, Domain: domain, Tag: tag, Digest: digest}, err;
return Reference{Path: path, Domain: domain, Tag: tag, Digest: digest}, err
}
func generate_sbom(message *babashka.Message, s string) error {
tx_channel := make(chan string)
go func() error {
for {
tx := <-tx_channel
if tx != "" {
err := babashka.WriteNotDoneInvokeResponse(message, tx)
if err != nil {
babashka.WriteErrorResponse(message, err)
}
} else {
break
}
}
return nil
}()
return sbom.Send(s, tx_channel)
}
func generate_hashes(message *babashka.Message, s string) error {
tx_channel := make(chan string)
go func() error {
for {
tx := <-tx_channel
if tx != "" {
err := babashka.WriteNotDoneInvokeResponse(message, tx)
if err != nil {
babashka.WriteErrorResponse(message, err)
}
} else {
break
}
}
return nil
}()
return sbom.SendFileHashes(s, tx_channel)
}
func ProcessMessage(message *babashka.Message) (any, error) {
switch message.Op {
@@ -68,6 +112,42 @@ func ProcessMessage(message *babashka.Message) (any, error) {
{
Name: "parse-dockerfile",
},
{
Name: "sbom",
Code: `
(defn sbom
([image cb]
(sbom image cb {}))
([image cb opts]
(babashka.pods/invoke
"pod.atomisthq.docker"
'pod.atomisthq.docker/-generate-sbom
[image]
{:handlers {:success (fn [event]
(cb event))
:error (fn [{:keys [:ex-message :ex-data]}]
(binding [*out* *err*]
(println "ERROR:" ex-message)))
:done (fn [] (println "Done callback"))}})))`,
},
{
Name: "hashes",
Code: `
(defn hashes
([image cb]
(hashes image cb {}))
([image cb opts]
(babashka.pods/invoke
"pod.atomisthq.docker"
'pod.atomisthq.docker/-generate-hashes
[image]
{:handlers {:success (fn [event]
(cb event))
:error (fn [{:keys [:ex-message :ex-data]}]
(binding [*out* *err*]
(println "ERROR:" ex-message)))
:done (fn [] (cb {:status "done"}))}})))`,
},
},
},
},
@@ -86,8 +166,33 @@ func ProcessMessage(message *babashka.Message) (any, error) {
if err := json.Unmarshal([]byte(message.Args), &args); err != nil {
return nil, err
}
reader := strings.NewReader(args[0])
reader := strings.NewReader(args[0])
return parser.Parse(reader)
case "pod.atomisthq.docker/-generate-sbom":
args := []string{}
if err := json.Unmarshal([]byte(message.Args), &args); err != nil {
return nil, err
}
err := generate_sbom(message, args[0])
if err != nil {
babashka.WriteErrorResponse(message, err)
}
return "done", nil
case "pod.atomisthq.docker/-generate-hashes":
args := []string{}
if err := json.Unmarshal([]byte(message.Args), &args); err != nil {
return nil, err
}
err := generate_hashes(message, args[0])
if err != nil {
babashka.WriteErrorResponse(message, err)
}
return "done", nil
default:
return nil, fmt.Errorf("Unknown var %s", message.Var)

203
go.mod
View File

@@ -9,10 +9,211 @@ require (
)
require (
cloud.google.com/go/compute v1.10.0 // indirect
github.com/Azure/azure-sdk-for-go v66.0.0+incompatible // indirect
github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
github.com/Azure/go-autorest v14.2.0+incompatible // indirect
github.com/Azure/go-autorest/autorest v0.11.28 // indirect
github.com/Azure/go-autorest/autorest/adal v0.9.21 // indirect
github.com/Azure/go-autorest/autorest/azure/auth v0.5.11 // indirect
github.com/Azure/go-autorest/autorest/azure/cli v0.4.6 // indirect
github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect
github.com/Azure/go-autorest/logger v0.2.1 // indirect
github.com/Azure/go-autorest/tracing v0.6.0 // indirect
github.com/CycloneDX/cyclonedx-go v0.6.0 // indirect
github.com/DataDog/zstd v1.4.5 // indirect
github.com/GoogleCloudPlatform/docker-credential-gcr v2.0.5+incompatible // indirect
github.com/Masterminds/goutils v1.1.1 // indirect
github.com/Masterminds/semver/v3 v3.1.1 // indirect
github.com/Masterminds/sprig/v3 v3.2.2 // indirect
github.com/Microsoft/go-winio v0.5.2 // indirect
github.com/Microsoft/hcsshim v0.9.4 // indirect
github.com/ProtonMail/go-crypto v0.0.0-20220824120805-4b6e5c587895 // indirect
github.com/acobaugh/osrelease v0.1.0 // indirect
github.com/acomagu/bufpipe v1.0.3 // indirect
github.com/anchore/go-logger v0.0.0-20220728155337-03b66a5207d8 // indirect
github.com/anchore/go-macholibre v0.0.0-20220308212642-53e6d0aaf6fb // indirect
github.com/anchore/packageurl-go v0.1.1-0.20220428202044-a072fa3cb6d7 // indirect
github.com/anchore/stereoscope v0.0.0-20221006201143-d24c9d626b33 // indirect
github.com/anchore/syft v0.62.1 // indirect
github.com/andybalholm/brotli v1.0.4 // indirect
github.com/aquasecurity/go-dep-parser v0.0.0-20220626060741-179d0b167e5f // indirect
github.com/aquasecurity/trivy v0.30.4 // indirect
github.com/aquasecurity/trivy-db v0.0.0-20220627104749-930461748b63 // indirect
github.com/atomist-skills/go-skill v0.0.6-0.20221221214636-a7de163fd901 // indirect
github.com/aws/aws-sdk-go v1.44.46 // indirect
github.com/beorn7/perks v1.0.1 // indirect
github.com/bmatcuk/doublestar/v4 v4.0.2 // indirect
github.com/briandowns/spinner v1.12.0 // indirect
github.com/cespare/xxhash/v2 v2.1.2 // indirect
github.com/cloudflare/circl v1.1.0 // indirect
github.com/containerd/cgroups v1.0.4 // indirect
github.com/containerd/containerd v1.6.8 // indirect
github.com/containerd/continuity v0.3.0 // indirect
github.com/containerd/fifo v1.0.0 // indirect
github.com/containerd/stargz-snapshotter/estargz v0.12.0 // indirect
github.com/containerd/ttrpc v1.1.1-0.20220420014843-944ef4a40df3 // indirect
github.com/containerd/typeurl v1.0.2 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/dgryski/go-minhash v0.0.0-20170608043002-7fe510aff544 // indirect
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
github.com/dimchansky/utfbom v1.1.1 // indirect
github.com/docker/cli v20.10.21+incompatible // indirect
github.com/docker/docker v20.10.17+incompatible // indirect
github.com/docker/docker-credential-helpers v0.6.4 // indirect
github.com/docker/go v1.5.1-1.0.20160303222718-d30aec9fd63c // indirect
github.com/docker/go-connections v0.4.0 // indirect
github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c // indirect
github.com/docker/go-metrics v0.0.1 // indirect
github.com/docker/go-units v0.5.0 // indirect
github.com/docker/index-cli-plugin v0.0.27-0.20230104225926-3eb6de3c7d6b // indirect
github.com/dsnet/compress v0.0.2-0.20210315054119-f66993602bf5 // indirect
github.com/dustin/go-humanize v1.0.0 // indirect
github.com/ekzhu/minhash-lsh v0.0.0-20171225071031-5c06ee8586a1 // indirect
github.com/emirpasic/gods v1.12.0 // indirect
github.com/facebookincubator/nvdtools v0.1.4 // indirect
github.com/fatih/color v1.13.0 // indirect
github.com/fvbommel/sortorder v1.0.2 // indirect
github.com/gabriel-vasile/mimetype v1.4.0 // indirect
github.com/go-enry/go-license-detector/v4 v4.3.0 // indirect
github.com/go-git/gcfg v1.5.0 // indirect
github.com/go-git/go-billy/v5 v5.3.1 // indirect
github.com/go-git/go-git/v5 v5.4.2 // indirect
github.com/go-redis/redis/v8 v8.11.5 // indirect
github.com/go-restruct/restruct v1.2.0-alpha // indirect
github.com/gogo/googleapis v1.4.1 // indirect
github.com/gogo/protobuf v1.3.2 // indirect
github.com/golang-jwt/jwt/v4 v4.4.2 // indirect
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
github.com/golang/protobuf v1.5.2 // indirect
github.com/golang/snappy v0.0.4 // indirect
github.com/google/go-cmp v0.5.9 // indirect
github.com/google/go-containerregistry v0.11.0 // indirect
github.com/google/licenseclassifier/v2 v2.0.0-pre5 // indirect
github.com/google/uuid v1.3.0 // indirect
github.com/gookit/color v1.5.2 // indirect
github.com/gorilla/mux v1.8.0 // indirect
github.com/hashicorp/errwrap v1.1.0 // indirect
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
github.com/hashicorp/go-multierror v1.1.1 // indirect
github.com/hashicorp/go-retryablehttp v0.7.1 // indirect
github.com/hasura/go-graphql-client v0.8.1 // indirect
github.com/hhatto/gorst v0.0.0-20181029133204-ca9f730cac5b // indirect
github.com/huandu/xstrings v1.3.2 // indirect
github.com/imdario/mergo v0.3.13 // indirect
github.com/inconshreveable/mousetrap v1.0.1 // indirect
github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
github.com/jdkato/prose v1.1.0 // indirect
github.com/jedib0t/go-pretty/v6 v6.4.0 // indirect
github.com/jinzhu/copier v0.3.2 // indirect
github.com/jmespath/go-jmespath v0.4.0 // indirect
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 // indirect
github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351 // indirect
github.com/klauspost/compress v1.15.12 // indirect
github.com/klauspost/pgzip v1.2.5 // indirect
github.com/knqyf263/go-rpmdb v0.0.0-20221030135625-4082a22221ce // indirect
github.com/knqyf263/nested v0.0.1 // indirect
github.com/mattn/go-colorable v0.1.13 // indirect
github.com/mattn/go-isatty v0.0.16 // indirect
github.com/mattn/go-runewidth v0.0.13 // indirect
github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect
github.com/mholt/archiver/v3 v3.5.1 // indirect
github.com/microsoft/go-rustaudit v0.0.0-20220730194248-4b17361d90a5 // indirect
github.com/miekg/pkcs11 v1.1.1 // indirect
github.com/mitchellh/copystructure v1.2.0 // indirect
github.com/mitchellh/go-homedir v1.1.0 // indirect
github.com/mitchellh/hashstructure/v2 v2.0.2 // indirect
github.com/mitchellh/mapstructure v1.5.0 // indirect
github.com/mitchellh/reflectwalk v1.0.2 // indirect
github.com/moby/locker v1.0.1 // indirect
github.com/moby/sys/mount v0.3.3 // indirect
github.com/moby/sys/mountinfo v0.6.2 // indirect
github.com/moby/sys/signal v0.7.0 // indirect
github.com/moby/term v0.0.0-20220808134915-39b0c02b01ae // indirect
github.com/montanaflynn/stats v0.0.0-20151014174947-eeaced052adb // indirect
github.com/morikuni/aec v1.0.0 // indirect
github.com/nwaples/rardecode v1.1.0 // indirect
github.com/olekukonko/tablewriter v0.0.5 // indirect
github.com/opencontainers/go-digest v1.0.0 // indirect
github.com/opencontainers/image-spec v1.0.3-0.20220303224323-02efb9a75ee1 // indirect
github.com/opencontainers/runc v1.1.3 // indirect
github.com/opencontainers/runtime-spec v1.0.3-0.20220311020903-6969a0a09ab1 // indirect
github.com/opencontainers/selinux v1.10.1 // indirect
github.com/pelletier/go-toml v1.9.5 // indirect
github.com/pierrec/lz4/v4 v4.1.15 // indirect
github.com/pkg/errors v0.9.1 // indirect
google.golang.org/protobuf v1.27.1 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/prometheus/client_golang v1.13.0 // indirect
github.com/prometheus/client_model v0.2.0 // indirect
github.com/prometheus/common v0.37.0 // indirect
github.com/prometheus/procfs v0.8.0 // indirect
github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0 // indirect
github.com/rivo/uniseg v0.2.0 // indirect
github.com/russross/blackfriday/v2 v2.1.0 // indirect
github.com/samber/lo v1.24.0 // indirect
github.com/saracen/walker v0.0.0-20191201085201-324a081bae7e // indirect
github.com/sassoftware/go-rpmutils v0.2.0 // indirect
github.com/scylladb/go-set v1.0.3-0.20200225121959-cc7b2070d91e // indirect
github.com/sergi/go-diff v1.2.0 // indirect
github.com/shogo82148/go-shuffle v0.0.0-20170808115208-59829097ff3b // indirect
github.com/shopspring/decimal v1.2.0 // indirect
github.com/sirupsen/logrus v1.9.0 // indirect
github.com/spdx/tools-golang v0.3.1-0.20221108182156-8a01147e6342 // indirect
github.com/spf13/afero v1.8.2 // indirect
github.com/spf13/cast v1.5.0 // indirect
github.com/spf13/cobra v1.6.0 // indirect
github.com/spf13/pflag v1.0.5 // indirect
github.com/stretchr/objx v0.4.0 // indirect
github.com/stretchr/testify v1.8.0 // indirect
github.com/sylabs/sif/v2 v2.8.1 // indirect
github.com/sylabs/squashfs v0.6.1 // indirect
github.com/therootcompany/xz v1.0.1 // indirect
github.com/theupdateframework/notary v0.7.0 // indirect
github.com/ulikunitz/xz v0.5.10 // indirect
github.com/vbatts/go-mtree v0.5.0 // indirect
github.com/vbatts/tar-split v0.11.2 // indirect
github.com/vifraa/gopom v0.1.0 // indirect
github.com/wagoodman/go-partybus v0.0.0-20210627031916-db1f5573bbc5 // indirect
github.com/wagoodman/go-progress v0.0.0-20200731105512-1020f39e6240 // indirect
github.com/xanzy/ssh-agent v0.3.0 // indirect
github.com/xeonx/timeago v1.0.0-rc5 // indirect
github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect
github.com/xo/terminfo v0.0.0-20210125001918-ca9a967f8778 // indirect
go.etcd.io/bbolt v1.3.6 // indirect
go.opencensus.io v0.23.0 // indirect
go.uber.org/atomic v1.10.0 // indirect
go.uber.org/multierr v1.8.0 // indirect
go.uber.org/zap v1.23.0 // indirect
golang.org/x/crypto v0.0.0-20220926161630-eccd6366d1be // indirect
golang.org/x/exp v0.0.0-20220823124025-807a23277127 // indirect
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4 // indirect
golang.org/x/net v0.0.0-20221012135044-0b7e1fb9d458 // indirect
golang.org/x/oauth2 v0.0.0-20221006150949-b44042a4b9c1 // indirect
golang.org/x/sync v0.0.0-20220929204114-8fcdb60fdcc0 // indirect
golang.org/x/sys v0.0.0-20220928140112-f11e5e49a4ec // indirect
golang.org/x/term v0.0.0-20220919170432-7a66f970e087 // indirect
golang.org/x/text v0.3.8-0.20211004125949-5bd84dd9b33b // indirect
golang.org/x/tools v0.1.12 // indirect
golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
gonum.org/v1/gonum v0.7.0 // indirect
google.golang.org/appengine v1.6.7 // indirect
google.golang.org/genproto v0.0.0-20221010155953-15ba04fc1c0e // indirect
google.golang.org/grpc v1.50.1 // indirect
google.golang.org/protobuf v1.28.1 // indirect
gopkg.in/neurosnap/sentences.v1 v1.0.6 // indirect
gopkg.in/warnings.v0 v0.1.2 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
lukechampine.com/uint128 v1.1.1 // indirect
modernc.org/cc/v3 v3.36.0 // indirect
modernc.org/ccgo/v3 v3.16.6 // indirect
modernc.org/libc v1.16.7 // indirect
modernc.org/mathutil v1.4.1 // indirect
modernc.org/memory v1.1.1 // indirect
modernc.org/opt v0.1.1 // indirect
modernc.org/sqlite v1.17.3 // indirect
modernc.org/strutil v1.1.1 // indirect
modernc.org/token v1.0.0 // indirect
nhooyr.io/websocket v1.8.7 // indirect
olympos.io/encoding/edn v0.0.0-20201019073823-d3554ca0b0a3 // indirect
)

2046
go.sum
View File

File diff suppressed because it is too large Load Diff

57
main.clj Normal file
View File

@@ -0,0 +1,57 @@
(ns main
(:require [babashka.pods :as pods]
[clojure.edn :as edn]
[babashka.curl :as curl]
[clojure.string :as string]))
(def x (pods/load-pod 'atomisthq/tools.docker "0.1.0"))
(require '[pod.atomisthq.docker :as docker])
(defn do-transaction [all-hashes transactions m token digest]
(let [tx-data (->> @all-hashes
(filter (fn [{:keys [path]}] (if path (string/includes? path ".exe"))))
(mapcat (fn [{:keys [hash diff-id]}]
(let [blob-digest (get m diff-id)]
(if blob-digest
[{:schema/entity blob-digest
:schema/entity-type :docker.image/blob
:docker.image.blob/digest blob-digest}
{:schema/entity-type :docker.image.blob/file
:docker.image.blob.file/sha256 hash
:docker.image.blob.file/blob blob-digest}]
(do
(println diff-id "not in " m)
[])))))
(into []))]
(try
(println "tx-data" tx-data)
(println
(curl/post transactions
{:body (pr-str {:transactions [{:data tx-data}]})
:headers {"Authorization" (format "Bearer %s" token)
"Content-Type" "application/edn"}}))
(println
(curl/post transactions
{:body (pr-str {:transactions [{:data [{:docker.image/digest digest
:schema/entity-type :docker/image
:malware.status/indexed :malware.status.indexed/complete}]}]})
:headers {"Authorization" (format "Bearer %s" token)
"Content-Type" "application/edn"}}))
(System/exit 0)
(catch Throwable t
(println "error " t)
(System/exit 1)))))
(defn transact-hashes [{:keys [image digest m transactions token]}]
(println image digest transactions)
(let [all-hashes (atom [])]
(docker/hashes image (fn [event]
(if (= "done" (:status event))
(do-transaction all-hashes transactions m token digest)
(swap! all-hashes conj (edn/read-string event)))))))
#_(let [[image digest m transaction-url token] *command-line-args*]
(transact-hashes {:image image :digest digest :diff-id->digest (edn/read-string m) :transaction-url transaction-url :token token}))
(transact-hashes (edn/read-string (slurp "/Users/slim/atmhq/malware/test1.edn")))
(while true (Thread/sleep 5000))

1
main.go
View File

@@ -24,6 +24,7 @@ func main() {
babashka.WriteDescribeResponse(describeres)
continue
}
// TODO don't write done responses when callback is running
babashka.WriteInvokeResponse(message, res)
}
}

4
repository/atomisthq/tools.docker/0.1.0/go.sh Executable file
View File

@@ -0,0 +1,4 @@
#!/bin/sh
export ATOMIST_LOG_LEVEL=warn; $(dirname "$0")/pod-atomisthq-tools.docker

24
repository/atomisthq/tools.docker/0.1.0/manifest.edn Normal file
View File

@@ -0,0 +1,24 @@
{:pod/name atomisthq/tools.docker
:pod/description "docker golang utils for clojure"
:pod/version "0.1.0"
:pod/license "Apache"
:pod/example "https://raw.githubusercontent.com/atomisthq/pod-atomisthq-tools.docker/main/dev/user.clj"
:pod/language "go"
:pod/artifacts
[{:os/name "Linux.*"
:os/arch "amd64"
:artifact/url "https://github.com/atomisthq/pod-atomisthq-tools.docker/releases/download/v0.1.0/pod-atomisthq-tools.docker-0.1.0-linux-amd64.zip"
:artifact/executable "go.sh"}
{:os/name "Mac.*"
:os/arch "x86_64"
:artifact/url "https://github.com/atomisthq/pod-atomisthq-tools.docker/releases/download/v0.1.0/pod-atomisthq-tools.docker-0.1.0-macos-x86_64.zip"
:artifact/executable "go.sh"}
{:os/name "Mac.*"
:os/arch "aarch64"
:artifact/url "https://github.com/atomisthq/pod-atomisthq-tools.docker/releases/download/v0.1.0/pod-atomisthq-tools.docker-0.1.0-macos-arm64.zip"
:artifact/executable "go.sh"}
{:os/name "Linux.*"
:os/arch "aarch64"
:artifact/url "https://github.com/atomisthq/pod-atomisthq-tools.docker/releases/download/v0.1.0/pod-atomisthq-tools.docker-0.1.0-linux-arm64.zip"
:artifact/executable "go.sh"}]}