go.mondoo.com/cnquery@v0.0.0-20231005093811-59568235f6ea/providers/os/resources/discovery/docker_engine/images.go (about) 1 // Copyright (c) Mondoo, Inc. 2 // SPDX-License-Identifier: BUSL-1.1 3 4 package docker_engine 5 6 import ( 7 "context" 8 "strings" 9 10 "github.com/docker/docker/api/types" 11 "github.com/rs/zerolog/log" 12 "go.mondoo.com/cnquery/providers-sdk/v1/inventory" 13 ) 14 15 // be aware that images are prefixed with sha256:, while containers are not 16 func (e *dockerEngineDiscovery) imageList() ([]types.ImageSummary, error) { 17 dc, err := e.client() 18 if err != nil { 19 return nil, err 20 } 21 22 return dc.ImageList(context.Background(), types.ImageListOptions{}) 23 } 24 25 func (e *dockerEngineDiscovery) ListImageShas() ([]string, error) { 26 images, err := e.imageList() 27 if err != nil { 28 return []string{}, err 29 } 30 31 imagesShas := []string{} 32 for i := range images { 33 imagesShas = append(imagesShas, images[i].ID) 34 } 35 36 return imagesShas, nil 37 } 38 39 func (e *dockerEngineDiscovery) ListImages() ([]*inventory.Asset, error) { 40 dImages, err := e.imageList() 41 if err != nil { 42 return nil, err 43 } 44 imgs := make([]*inventory.Asset, len(dImages)) 45 for i, dImg := range dImages { 46 47 // TODO: we need to use the digest sha 48 // docker does not always have a repo sha: docker images --digests 49 digest := digest(dImg.RepoDigests) 50 // fallback to docker id 51 if len(digest) == 0 { 52 digest = dImg.ID 53 } 54 55 asset := &inventory.Asset{ 56 Connections: []*inventory.Config{ 57 { 58 Type: "docker-image", 59 Host: dImg.ID, 60 }, 61 }, 62 } 63 log.Debug().Str("container", dImg.ID).Msg("discovered container-image") 64 65 imgs[i] = asset 66 } 67 68 return imgs, nil 69 } 70 71 func digest(repoDigest []string) string { 72 for i := range repoDigest { 73 74 m := strings.Split(repoDigest[i], "sha256:") 75 if len(m) == 2 { 76 return "sha256:" + m[1] 77 } 78 } 79 80 return "" 81 }