From 06d6a831b8df9bc976158e748f726639197850de Mon Sep 17 00:00:00 2001 From: Davlet Panech Date: Wed, 13 Jul 2022 15:17:20 -0400 Subject: [PATCH] retag-images: fix YAML module errors - Don't use yaml.FullLoader class. It's unsafe and doesn't exist in older versions of PyYAML - Fix code that tried to parse Docker REST JSON output using PyYAML. Use the json module instead. TESTS ======================================= Run "retag-images.sh --dryrun" with both tags that already exist and tags that don't exist in DockerHub, and make sure there are no Python exceptions; in the following environments: * CentOS 7 / python 2.7.5 - pyyaml 3.10 (centos) - pyyaml 5.4.1 (pypi.org) * Ubuntu 18 / python 2.7.17 - pyyaml 3.12 (ubuntu) - pyyaml 5.4.1 (pypi.org) Closes-Bug: 1981107 Signed-off-by: Davlet Panech Change-Id: I9a7ecfd51ffb955f3ccc8f9b26ef610740fa400b --- .../build-docker-images/tag-management/retag-images.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/build-tools/build-docker-images/tag-management/retag-images.sh b/build-tools/build-docker-images/tag-management/retag-images.sh index 5459c193..15c06adb 100755 --- a/build-tools/build-docker-images/tag-management/retag-images.sh +++ b/build-tools/build-docker-images/tag-management/retag-images.sh @@ -51,7 +51,7 @@ import yaml for fname in sys.argv[1:]: with open(fname) as f: - imgs = yaml.load_all(f, Loader=yaml.FullLoader) + imgs = yaml.safe_load_all(f) for entry in imgs: for img in entry.get("images"): print ("%s|%s|%s|%s" % ( @@ -108,8 +108,8 @@ function retag_and_push_image { else curl -k -sSL -X GET https://${docker_registry}/v2/${image}/tags/list \ | python -c ' -import sys, yaml, json, re -y=yaml.load(sys.stdin.read(), Loader=yaml.FullLoader) +import sys, json, re +y=json.loads(sys.stdin.read()) RC=1 if y and sys.argv[1] in [img for img in y.get("tags")]: RC=0