[atomic scan] Get image name in atomic scanner

[navidshaikh]

I am writing an atomic scanner for a use case where the scanner needs to know the image_name being processed.

Now, I get the image name by explicitly setting an env variable while invoking the atomic scan command like

IMAGE_NAME=<image_name> atomic scan [..]

what's the better way to get image_name without explicitly have to ask for providing env var along with atomic scan command?

[rhatdan]

Currently I don't believe we leak that information into the container? @baude PTAL

[navidshaikh]

There is (meta)data with the image itself which could help atomic scanners to implement different use cases. For example, accessing Labels of image under-scan, within atomic scanner for processing.

How I am achieving that right now is

• Provide env var specifying image name while invoking atomic scan and os.environ.get within scanner
• Using Atomic.run.Run().get_label() to access the Labels.

If we can provide an interface for atomic scanners (say via Atomic) to retrieve metadata related information for image under scan, that should be helpful.

[baude]

@navidshaikh do you want only on the image name ?

[baude]

@navidshaikh and you want all this before the scan is run correct?

[navidshaikh]

@baude

do you want only on the image name?

1. Image name
2. The dictionary/hash printed by docker inspect (only interested in the Labels part right now, but other information can be useful as well)

Labels part can be achieved, if image name can be retrieved. Like:

from Atomic import run
run_object = run.Run()
run_object.image = IMAGE_NAME
label = run_object.get_label("LABEL_NAME")

and you want all this before the scan is run correct?

Correct. Basically, a way to access that information in the atomic scanner itself.

For eg: My use case is, write an atomic scanner which reads Labels of image under test and perform foo, bar actions based on data in Labels.