Skip to content
This repository was archived by the owner on Jul 18, 2025. It is now read-only.

Commit 5df70f8

Browse files
Support Index cli (#2)
* Add sbom support from index-cli * Drop error channel * return value is treated as an Invoke Op * Add the index-cli-plugin * Fix sample again * Build platforms in multi-arch Docker build * change go.sh for /bin/sh env in alpine * Add workflow
1 parent b2d8fdb commit 5df70f8

16 files changed

Lines changed: 2550 additions & 15 deletions

File tree

.dockerignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
pod-atomisthq-tools.docker

.github/workflows/release.yml

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,32 @@
1+
name: Release
2+
3+
on:
4+
push:
5+
branches:
6+
- main
7+
8+
jobs:
9+
releases-matrix:
10+
name: Release Go Binary
11+
runs-on: ubuntu-latest
12+
strategy:
13+
matrix:
14+
# build and publish in parallel: linux/386, linux/amd64, linux/arm64, windows/386, windows/amd64, darwin/amd64, darwin/arm64
15+
goos: [linux, windows, darwin]
16+
goarch: [amd64, arm64]
17+
exclude:
18+
- goarch: arm64
19+
goos: windows
20+
steps:
21+
- uses: actions/checkout@v3
22+
- uses: wangyoucao577/go-release-action@v1.35
23+
with:
24+
github_token: ${{ secrets.GITHUB_TOKEN }}
25+
goos: ${{ matrix.goos }}
26+
goarch: ${{ matrix.goarch }}
27+
goversion: 1.19.1
28+
binary_name: "pod-atomisthq-tools.docker"
29+
release_tag: "v0.1.0"
30+
overwrite: TRUE
31+
compress_assets: OFF
32+

.gitignore

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,3 +6,7 @@
66
/pod-babashka-docker-0.1.0-macos-aarch64.zip
77
/pod-atomisthq-docker
88
/pod-atomisthq-docker-0.1.0-macos-aarch64.zip
9+
/.nrepl-port
10+
/pod-atomisthq-tools.docker
11+
/pod-atomisthq-tools.docker-0.1.0-macos-aarch64.zip
12+
/pod-atomisthq-tools.docker-0.1.0-macos-arm64.zip

Dockerfile

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,20 @@
1+
FROM golang:1.19-alpine AS build
2+
3+
WORKDIR /app
4+
5+
COPY go.mod ./
6+
COPY go.sum ./
7+
8+
RUN go mod download
9+
10+
COPY main.go ./
11+
COPY docker/ ./docker/
12+
COPY babashka/ ./babashka/
13+
14+
RUN CGO_ENABLED=0 go build -o pod-atomisthq-tools.docker
15+
16+
FROM alpine:3.17
17+
18+
COPY repository/ /root/.babashka/pods/repository
19+
COPY --from=build /app/pod-atomisthq-tools.docker /root/.babashka/pods/repository/atomisthq/tools.docker/0.1.0
20+
RUN chmod 755 /root/.babashka/pods/repository/atomisthq/tools.docker/0.1.0/pod-atomisthq-tools.docker

README.md

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -41,6 +41,12 @@ To build the golang `parser` binary locally, run `go build`.
4141
go build -o pod-babashka-docker
4242
```
4343

44+
Create `vonwig/pod-atomisthq-tools.docker` which is a manifest list with pod binaries for both `amd64` and `arm64`. This image is a good way to pull the pod binaries into skill containers.
45+
46+
```bash
47+
bb build-pod-image
48+
```
49+
4450
## Contributing
4551

4652
You can find information about contributing to this project in the CONTRIBUTING.md

babashka/ops.go

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -71,6 +71,20 @@ func WriteInvokeResponse(inputMessage *Message, value any) error {
7171
return nil
7272
}
7373

74+
func WriteNotDoneInvokeResponse(inputMessage *Message, value any) error {
75+
if value == nil {
76+
return nil
77+
}
78+
resultValue, err := json.Marshal(value)
79+
if err != nil {
80+
return err
81+
}
82+
response := InvokeResponse{Id: inputMessage.Id, Status: []string{}, Value: string(resultValue)}
83+
writeResponse(response)
84+
85+
return nil
86+
}
87+
7488
func WriteErrorResponse(inputMessage *Message, err error) {
7589
errorResponse := ErrorResponse{Id: inputMessage.Id, Status: []string{"done", "error"}, ExMessage: err.Error()}
7690
writeResponse(errorResponse)

bb.edn

Lines changed: 18 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,15 +1,26 @@
11
{:tasks
22
{:requires ([babashka.fs :as fs])
3-
:init (do
3+
:init (do
44
(def n "pod-atomisthq-tools.docker")
55
(def os "macos")
66
(def version "0.1.0"))
7-
build (shell (format "go build -o %s" n))
8-
aarch64 (do
7+
check-for-builder {:task (-> (shell "docker buildx inspect buildx-multi-arch"))}
8+
setup-builder {:task (if (= 1 (:exit check-for-builder))
9+
(shell {:continue true} "docker buildx create --name=buildx-multi-arch --driver=docker-container --driver-opt=network=host")
10+
(println "buildx-multi-arch is already running"))
11+
:depends [check-for-builder]}
12+
build-pod-image {:task (shell "docker buildx build --builder=buildx-multi-arch --push --platform=linux/amd64,linux/arm64 --tag=vonwig/pod-atomisthq-tools.docker .")
13+
:depends [setup-builder]}
14+
15+
build (do (shell (format "go build -o %s" n))
16+
(fs/copy "pod-atomisthq-tools.docker" "/Users/slim/.babashka/pods/repository/atomisthq/tools.docker/0.1.0/" {:replace-existing true})
17+
(fs/copy "pod-atomisthq-tools.docker" "/Users/slim/.vscode/extensions/docker.slim-docker-lsp-client-0.0.1/" {:replace-existing true})
18+
(fs/copy "pod-atomisthq-tools.docker" "/Users/slim/kipz/docker-vscode-project-extension/" {:replace-existing true}))
19+
aarch64 (do
920
(shell (format "zip %s-%s-%s-%s.zip %s" n version os "aarch64" n) {}))
10-
x86 (do
21+
x86 (do
1122
(shell (format "zip %s-%s-%s-%s.zip %s" n version os "x86_64" n) {}))
12-
linux-x86
13-
(do
14-
(shell (format "zip %s-%s-%s-%s.zip %s" n version "linux" "amd64" n) {}))}}
23+
linux-x86
24+
(do
25+
(shell (format "zip %s-%s-%s-%s.zip %s" n version "linux" "amd64" n) {}))}}
1526

deps.edn

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,6 @@
11
{:sources ["dev"]
22
:deps {babashka/babashka.pods {:mvn/version "0.1.0"}
3-
com.cognitect/transit-clj {:mvn/version "1.0.324"}}}
3+
babashka/process {:mvn/version "0.4.13"}
4+
com.cognitect/transit-clj {:mvn/version "1.0.324"}}
5+
:aliases {:main {:extra-paths ["main"]
6+
:exec-fn user1/transact-hashes}}}

dev/user.clj

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,20 +1,26 @@
11
(ns user
2-
(:require [babashka.pods :as pods]))
2+
(:require [babashka.pods :as pods]
3+
[clojure.edn :as edn]))
34

45
(pods/load-pod 'atomisthq/tools.docker "0.1.0")
56
(require '[pod.atomisthq.docker :as docker])
67

78
;; parse image names using github.com/docker/distribution
89
;; turns golang structs into clojure maps
9-
(docker/parse-image-name "gcr.io/whatever:tag")
10+
(docker/parse-image-name "gcr.io/whatever:tag")
1011
;; automatically turns golang errors into Exceptions
1112
(try
1213
(docker/parse-image-name "gcr.io/whatever/:tag")
13-
(catch Exception e
14+
(catch Exception e
1415
;; invalid reference format
1516
(println (.getMessage e))))
1617

1718
;; parse dockerfiles using github.com/moby/buildkit
1819
;; returns the Result struct transformed to a clojure map
1920
(docker/parse-dockerfile "FROM \\\n gcr.io/whatever:tag\nCMD [\"run\"]")
2021

22+
;; run sbom generation on local image
23+
(docker/sbom "vonwig/clojure-base:jdk17" (fn [event] (println event)))
24+
25+
(docker/hashes "vonwig/malware1:latest" (fn [event] (println event)))
26+

docker/ops.go

Lines changed: 108 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@ package docker
22

33
import (
44
"github.com/docker/distribution/reference"
5+
"github.com/docker/index-cli-plugin/sbom"
56
"github.com/moby/buildkit/frontend/dockerfile/parser"
67

78
//"reflect"
@@ -34,7 +35,7 @@ func parse_uri(s string) (Reference, error) {
3435

3536
ref, err := reference.Parse(s)
3637
if err != nil {
37-
return Reference{},err;
38+
return Reference{}, err
3839
}
3940
//fmt.Printf("%s\n", reflect.TypeOf(ref));
4041

@@ -49,9 +50,52 @@ func parse_uri(s string) (Reference, error) {
4950
digest = digested.Digest().String()
5051
}
5152
//u, err := json.Marshal(Reference{Path: path, Domain: domain, Tag: tag, Digest: digest})
52-
return Reference{Path: path, Domain: domain, Tag: tag, Digest: digest}, err;
53+
return Reference{Path: path, Domain: domain, Tag: tag, Digest: digest}, err
5354
}
5455

56+
func generate_sbom(message *babashka.Message, s string) error {
57+
tx_channel := make(chan string)
58+
59+
go func() error {
60+
for {
61+
tx := <-tx_channel
62+
if tx != "" {
63+
err := babashka.WriteNotDoneInvokeResponse(message, tx)
64+
if err != nil {
65+
babashka.WriteErrorResponse(message, err)
66+
}
67+
68+
} else {
69+
break
70+
}
71+
}
72+
return nil
73+
}()
74+
75+
return sbom.Send(s, tx_channel)
76+
}
77+
78+
func generate_hashes(message *babashka.Message, s string) error {
79+
tx_channel := make(chan string)
80+
81+
go func() error {
82+
for {
83+
tx := <-tx_channel
84+
if tx != "" {
85+
err := babashka.WriteNotDoneInvokeResponse(message, tx)
86+
if err != nil {
87+
babashka.WriteErrorResponse(message, err)
88+
}
89+
90+
} else {
91+
break
92+
}
93+
}
94+
return nil
95+
}()
96+
97+
return sbom.SendFileHashes(s, tx_channel)
98+
}
5599

56100
func ProcessMessage(message *babashka.Message) (any, error) {
57101
switch message.Op {
@@ -68,6 +112,42 @@ func ProcessMessage(message *babashka.Message) (any, error) {
68112
{
69113
Name: "parse-dockerfile",
70114
},
115+
{
116+
Name: "sbom",
117+
Code: `
118+
(defn sbom
119+
([image cb]
120+
(sbom image cb {}))
121+
([image cb opts]
122+
(babashka.pods/invoke
123+
"pod.atomisthq.docker"
124+
'pod.atomisthq.docker/-generate-sbom
125+
[image]
126+
{:handlers {:success (fn [event]
127+
(cb event))
128+
:error (fn [{:keys [:ex-message :ex-data]}]
129+
(binding [*out* *err*]
130+
(println "ERROR:" ex-message)))
131+
:done (fn [] (println "Done callback"))}})))`,
132+
},
133+
{
134+
Name: "hashes",
135+
Code: `
136+
(defn hashes
137+
([image cb]
138+
(hashes image cb {}))
139+
([image cb opts]
140+
(babashka.pods/invoke
141+
"pod.atomisthq.docker"
142+
'pod.atomisthq.docker/-generate-hashes
143+
[image]
144+
{:handlers {:success (fn [event]
145+
(cb event))
146+
:error (fn [{:keys [:ex-message :ex-data]}]
147+
(binding [*out* *err*]
148+
(println "ERROR:" ex-message)))
149+
:done (fn [] (cb {:status "done"}))}})))`,
150+
},
71151
},
72152
},
73153
},
@@ -86,8 +166,33 @@ func ProcessMessage(message *babashka.Message) (any, error) {
86166
if err := json.Unmarshal([]byte(message.Args), &args); err != nil {
87167
return nil, err
88168
}
89-
reader := strings.NewReader(args[0])
169+
reader := strings.NewReader(args[0])
90170
return parser.Parse(reader)
171+
case "pod.atomisthq.docker/-generate-sbom":
172+
args := []string{}
173+
if err := json.Unmarshal([]byte(message.Args), &args); err != nil {
174+
return nil, err
175+
}
176+
177+
err := generate_sbom(message, args[0])
178+
if err != nil {
179+
babashka.WriteErrorResponse(message, err)
180+
}
181+
182+
return "done", nil
183+
184+
case "pod.atomisthq.docker/-generate-hashes":
185+
args := []string{}
186+
if err := json.Unmarshal([]byte(message.Args), &args); err != nil {
187+
return nil, err
188+
}
189+
190+
err := generate_hashes(message, args[0])
191+
if err != nil {
192+
babashka.WriteErrorResponse(message, err)
193+
}
194+
195+
return "done", nil
91196

92197
default:
93198
return nil, fmt.Errorf("Unknown var %s", message.Var)

0 commit comments

Comments
 (0)