Blame - build/pin-images.py - atmosphere

blob: 5f9341bdace52571591c3c9e3daf9e5e5f8b523a [file] [log] [blame]

Mohammed Naser	8613c86	2023-04-24 17:26:51 -0400	[diff] [blame]	1	#!/usr/bin/env python3
				2
				3	import argparse
				4	import functools
				5
				6	from docker_image import reference
				7	from oslo_config import cfg
				8	from oslo_log import log as logging
				9	from ruyaml import YAML
				10	import requests
				11
				12	LOG = logging.getLogger(__name__)
				13	CONF = cfg.CONF
				14
				15
				16	@functools.cache
				17	def get_pinned_image(image_src):
				18	image_ref = reference.Reference.parse(image_src)
				19
				20	if image_ref.domain() == "quay.io":
				21	r = requests.get(
				22	f"https://quay.io/api/v1/repository/{image_ref.path()}/tag/",
				23	params={"specificTag": image_ref["tag"]},
				24	)
				25	r.raise_for_status()
				26	digest = r.json()["tags"][0]["manifest_digest"]
				27
Mohammed Naser	49e6637	2023-07-10 14:57:00 -0400	[diff] [blame]	28	if image_ref.domain() == "docker.io":
				29	# Get token for docker.io
				30	r = requests.get(
				31	"https://auth.docker.io/token",
Mohammed Naser	16baaab	2023-07-10 15:07:11 -0400	[diff] [blame]	32	params={
				33	"service": "registry.docker.io",
				34	"scope": f"repository:{image_ref.path()}:pull",
				35	},
Mohammed Naser	49e6637	2023-07-10 14:57:00 -0400	[diff] [blame]	36	)
				37	r.raise_for_status()
				38	token = r.json()["token"]
				39
				40	r = requests.get(
				41	f"https://registry-1.docker.io/v2/{image_ref.path()}/manifests/{image_ref['tag']}",
Mohammed Naser	16baaab	2023-07-10 15:07:11 -0400	[diff] [blame]	42	headers={
				43	"Accept": "application/vnd.docker.distribution.manifest.v2+json",
				44	"Authorization": f"Bearer {token}",
				45	},
Mohammed Naser	49e6637	2023-07-10 14:57:00 -0400	[diff] [blame]	46	)
				47	r.raise_for_status()
				48	digest = r.headers["Docker-Content-Digest"]
				49
Mohammed Naser	8613c86	2023-04-24 17:26:51 -0400	[diff] [blame]	50	return f"{image_ref.domain()}/{image_ref.path()}@{digest}"
				51
				52
				53	def main():
				54	logging.register_options(CONF)
				55	logging.setup(CONF, "atmosphere-bump-images")
				56
				57	parser = argparse.ArgumentParser("bump-images")
				58	parser.add_argument(
				59	"src", help="Path for default values file", type=argparse.FileType("r")
				60	)
				61	parser.add_argument("dst", help="Path for output file", type=argparse.FileType("w"))
				62
				63	args = parser.parse_args()
				64
				65	yaml = YAML(typ="rt")
				66	data = yaml.load(args.src)
				67
ricolin	b8ab017	2023-06-01 15:41:02 +0800	[diff] [blame]	68	for image in data["_atmosphere_images"].ca.items:
				69	token = data["_atmosphere_images"].ca.get(image, 2).value
Mohammed Naser	8613c86	2023-04-24 17:26:51 -0400	[diff] [blame]	70	if not token.startswith("# image-source: "):
				71	LOG.info("Skipping image %s", image)
				72	continue
				73
				74	image_src = token.replace("# image-source: ", "").strip()
				75	pinned_image = get_pinned_image(image_src)
				76
				77	LOG.info("Pinning image %s from %s to %s", image, image_src, pinned_image)
ricolin	b8ab017	2023-06-01 15:41:02 +0800	[diff] [blame]	78	data["_atmosphere_images"][image] = pinned_image
Mohammed Naser	8613c86	2023-04-24 17:26:51 -0400	[diff] [blame]	79
				80	yaml.dump(data, args.dst)
				81
				82
				83	if __name__ == "__main__":
				84	main()