Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

more information around errors with dmverity-vhd #35

Merged
merged 1 commit into from
Aug 31, 2023
Merged

more information around errors with dmverity-vhd #35

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 9 additions & 1 deletion src/confcom/azext_confcom/init_checks.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,11 +51,19 @@ def docker_permissions() -> str:
docker_group = None
# check if the user is in the docker group and if not an admin
if is_linux() and not is_admin():
client = None
try:
docker_group = grp.getgrnam("docker")
client = docker.from_env()
# need any command that will show the docker daemon is
client.containers.list()
except KeyError:
return "The docker group was not found"

except docker.errors.DockerException as e:
return f"Docker error: {e.args[0]}"
finally:
if client:
client.close()
if getpass.getuser() not in docker_group.gr_mem:
return """The current user does not have permission to run Docker.
Run 'sudo usermod -aG docker' to add them to the docker group."""
Expand Down
37 changes: 21 additions & 16 deletions src/confcom/azext_confcom/rootfs_proxy.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,18 +3,22 @@
# Licensed under the MIT License. See License.txt in the project root for license information.
# --------------------------------------------------------------------------------------------


import subprocess
from typing import List
import os
import sys
import stat
from pathlib import Path
import platform
import requests
from knack.log import get_logger
from azext_confcom.errors import eprint


host_os = platform.system()
machine = platform.machine()
logger = get_logger(__name__)


class SecurityPolicyProxy: # pylint: disable=too-few-public-methods
Expand Down Expand Up @@ -106,30 +110,31 @@ def get_policy_image_layers(
# add the image to the end of the parameter list
arg_list += ["roothash", "-i", f"{image_name}"]

outputlines = None
err = None

with subprocess.Popen(
item = subprocess.run(
arg_list,
executable=policy_bin_str,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
) as layers:
outputlines, err = layers.communicate()
capture_output=True,
check=False,
)

output = []
if outputlines is None:
eprint("Null pointer detected.")
elif len(outputlines) > 0:
output = outputlines.decode("utf8").strip("\n").split("\n")
if item.returncode != 0:
if item.stderr.decode("utf-8") != "" and item.stderr.decode("utf-8") is not None:
logger.warning(item.stderr.decode("utf-8"))
if item.returncode == -9:
logger.warning(
"System does not have enough memory to calculate layer hashes for image: %s. %s",
image_name,
"Please try increasing the amount of system memory."
)
sys.exit(item.returncode)
elif len(item.stdout) > 0:
output = item.stdout.decode("utf8").strip("\n").split("\n")
output = [i.split(": ", 1)[1] for i in output if len(i.split(": ", 1)) > 1]
else:
eprint(
"Cannot get layer hashes"
"Could not get layer hashes"
)

if err.decode("utf8") != "":
eprint(err.decode("utf8"))
# cache output layers
self.layer_cache[image_name] = output
return output