From e1e113e8de049182c4ec97299466761ad4adf86d Mon Sep 17 00:00:00 2001
From: DominiqueDevinci <dominique.blaze@edu.devinci.fr>
Date: Sat, 2 Nov 2019 11:44:26 +0100
Subject: [PATCH] install oscap-docker.in + pep8 compliance

---
 utils/oscap-docker.in |  49 +++++++++++++---
 utils/oscap-docker.py | 128 ------------------------------------------
 2 files changed, 40 insertions(+), 137 deletions(-)
 delete mode 100644 utils/oscap-docker.py

diff --git a/utils/oscap-docker.in b/utils/oscap-docker.in
index 158e868b7a..c33fceaa34 100644
--- a/utils/oscap-docker.in
+++ b/utils/oscap-docker.in
@@ -1,7 +1,7 @@
 #!@OSCAP_DOCKER_PYTHON@
 
 # Copyright (C) 2015 Brent Baude <bbaude@redhat.com>
-# Copyright (C) 2019 Dominique Blaze <contact@d0m.tech>
+# Copyright (C) 2019 Dominique Blaze <bbaude@redhat.com>
 #
 # This library is free software; you can redistribute it and/or
 # modify it under the terms of the GNU Lesser General Public
@@ -44,12 +44,13 @@ if __name__ == '__main__':
                                      epilog='See `man oscap` to learn \
                                      more about OSCAP-ARGUMENTS')
     parser.add_argument('--oscap', dest='oscap_binary', default='', help='Set the oscap binary to use')
+    parser.add_argument('--disable-atomic', dest='noatomic', action='store_true', help="Force to use native docker API instead of atomic")
     subparser = parser.add_subparsers(help="commands")
 
     # Scan CVEs in image
     image_cve = subparser.add_parser('image-cve', help='Scan a docker image \
                                     for known vulnerabilities.')
-    image_cve.set_defaults(func=OscapScan.scan_cve)
+    image_cve.set_defaults(action="scan_cve", is_image=True)
     image_cve.add_argument('scan_target', help='Container or image to scan')
 
     # Scan an Image
@@ -57,26 +58,26 @@ if __name__ == '__main__':
     image.add_argument('scan_target',
                        help='Container or image to scan')
 
-    image.set_defaults(func=OscapScan.scan)
+    image.set_defaults(action="scan", is_image=True)
     # Scan a container
     container = subparser.add_parser('container', help='Scan a running docker\
                                       container of given name.')
     container.add_argument('scan_target',
                            help='Container or image to scan')
-    container.set_defaults(func=OscapScan.scan)
+    container.set_defaults(action="scan", is_image=False)
 
     # Scan CVEs in container
     container_cve = subparser.add_parser('container-cve', help='Scan a \
                                          running container for known \
                                          vulnerabilities.')
 
-    container_cve.set_defaults(func=OscapScan.scan_cve)
+    container_cve.set_defaults(action="scan_cve", is_image=False)
     container_cve.add_argument('scan_target',
                                help='Container or image to scan')
 
     args, leftover_args = parser.parse_known_args()
 
-    if "func" not in args:
+    if "action" not in args:
         parser.print_help()
         sys.exit(2)
 
@@ -88,10 +89,40 @@ if __name__ == '__main__':
         sys.exit(1)
 
     try:
-        OS = OscapScan(oscap_binary=args.oscap_binary)
-        rc = args.func(OS, args.scan_target, leftover_args)
+        if isAtomicLoaded and not args.noatomic:
+            OS = OscapAtomicScan(oscap_binary=args.oscap_binary)
+            if args.action == "scan":
+                rc = OscapAtomicScan.scan(OS, args.scan_target, leftover_args)
+            elif args.action == "scan_cve":
+                rc = OscapAtomicScan.scan_cve(OS, args.scan_target, leftover_args)
+            else:
+                parser.print_help()
+                sys.exit(2)
+                
+        else:  # without atomic
+            if args.noatomic:
+                print("Running oscap-docker with native docker api instead of atomic ...")
+                
+            ODS = OscapDockerScan(args.scan_target, args.is_image, args.oscap_binary)
+            if args.action == "scan":
+                rc = OscapDockerScan.scan(ODS, leftover_args)
+            elif args.action == "scan_cve":
+                print("Scan cve !")
+                rc = OscapDockerScan.scan_cve(ODS, leftover_args)
+            else:
+                parser.print_help()
+                sys.exit(2)
+    
+    except ValueError as e:
+        raise e
+        sys.exit(255)
+    except RuntimeError as e:
+        raise e
+        sys.exit(255)
     except Exception as exc:
+        traceback.print_exc(file=sys.stdout)
+        sys.stderr.write("!!! WARNING !!! This software have crash, so you should "
+        "check that no temporary container is still running\n")
         sys.exit(255)
-        raise exc
 
     sys.exit(rc)
diff --git a/utils/oscap-docker.py b/utils/oscap-docker.py
deleted file mode 100644
index c33fceaa34..0000000000
--- a/utils/oscap-docker.py
+++ /dev/null
@@ -1,128 +0,0 @@
-#!@OSCAP_DOCKER_PYTHON@
-
-# Copyright (C) 2015 Brent Baude <bbaude@redhat.com>
-# Copyright (C) 2019 Dominique Blaze <bbaude@redhat.com>
-#
-# This library is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser General Public
-# License as published by the Free Software Foundation; either
-# version 2 of the License, or (at your option) any later version.
-#
-# This library is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-# Lesser General Public License for more details.
-#
-# You should have received a copy of the GNU Lesser General Public
-# License along with this library; if not, write to the
-# Free Software Foundation, Inc., 59 Temple Place - Suite 330,
-# Boston, MA 02111-1307, USA.
-
-''' oscap docker command '''
-
-import argparse
-from oscap_docker_python.oscap_docker_util import OscapAtomicScan,\
-OscapDockerScan, isAtomicLoaded
-import docker
-import sys
-from requests import exceptions
-
-
-def ping_docker():
-    ''' Simple check if the docker daemon is running '''
-    # Class docker.Client was renamed to docker.APIClient in
-    # python-docker-py 2.0.0.
-    try:
-        client = docker.APIClient()
-    except AttributeError:
-        client = docker.Client()
-    client.ping()
-
-
-if __name__ == '__main__':
-    parser = argparse.ArgumentParser(description='oscap docker',
-                                     epilog='See `man oscap` to learn \
-                                     more about OSCAP-ARGUMENTS')
-    parser.add_argument('--oscap', dest='oscap_binary', default='', help='Set the oscap binary to use')
-    parser.add_argument('--disable-atomic', dest='noatomic', action='store_true', help="Force to use native docker API instead of atomic")
-    subparser = parser.add_subparsers(help="commands")
-
-    # Scan CVEs in image
-    image_cve = subparser.add_parser('image-cve', help='Scan a docker image \
-                                    for known vulnerabilities.')
-    image_cve.set_defaults(action="scan_cve", is_image=True)
-    image_cve.add_argument('scan_target', help='Container or image to scan')
-
-    # Scan an Image
-    image = subparser.add_parser('image', help='Scan a docker image')
-    image.add_argument('scan_target',
-                       help='Container or image to scan')
-
-    image.set_defaults(action="scan", is_image=True)
-    # Scan a container
-    container = subparser.add_parser('container', help='Scan a running docker\
-                                      container of given name.')
-    container.add_argument('scan_target',
-                           help='Container or image to scan')
-    container.set_defaults(action="scan", is_image=False)
-
-    # Scan CVEs in container
-    container_cve = subparser.add_parser('container-cve', help='Scan a \
-                                         running container for known \
-                                         vulnerabilities.')
-
-    container_cve.set_defaults(action="scan_cve", is_image=False)
-    container_cve.add_argument('scan_target',
-                               help='Container or image to scan')
-
-    args, leftover_args = parser.parse_known_args()
-
-    if "action" not in args:
-        parser.print_help()
-        sys.exit(2)
-
-    try:
-        ping_docker()
-
-    except exceptions.ConnectionError:
-        print("The docker daemon does not appear to be running")
-        sys.exit(1)
-
-    try:
-        if isAtomicLoaded and not args.noatomic:
-            OS = OscapAtomicScan(oscap_binary=args.oscap_binary)
-            if args.action == "scan":
-                rc = OscapAtomicScan.scan(OS, args.scan_target, leftover_args)
-            elif args.action == "scan_cve":
-                rc = OscapAtomicScan.scan_cve(OS, args.scan_target, leftover_args)
-            else:
-                parser.print_help()
-                sys.exit(2)
-                
-        else:  # without atomic
-            if args.noatomic:
-                print("Running oscap-docker with native docker api instead of atomic ...")
-                
-            ODS = OscapDockerScan(args.scan_target, args.is_image, args.oscap_binary)
-            if args.action == "scan":
-                rc = OscapDockerScan.scan(ODS, leftover_args)
-            elif args.action == "scan_cve":
-                print("Scan cve !")
-                rc = OscapDockerScan.scan_cve(ODS, leftover_args)
-            else:
-                parser.print_help()
-                sys.exit(2)
-    
-    except ValueError as e:
-        raise e
-        sys.exit(255)
-    except RuntimeError as e:
-        raise e
-        sys.exit(255)
-    except Exception as exc:
-        traceback.print_exc(file=sys.stdout)
-        sys.stderr.write("!!! WARNING !!! This software have crash, so you should "
-        "check that no temporary container is still running\n")
-        sys.exit(255)
-
-    sys.exit(rc)