Compare commits

...

99 Commits
v1.9.0 ... v1

Author SHA1 Message Date
CrazyMax
dd4fa0671b Merge pull request #160 from crazy-max/node12
Some checks failed
test / test (push) Has been cancelled
ci / stop-docker (push) Has been cancelled
ci / logout (false) (push) Has been cancelled
ci / logout (true) (push) Has been cancelled
ci / dind (push) Has been cancelled
ci / acr (push) Has been cancelled
ci / dockerhub (ubuntu-latest) (push) Has been cancelled
ci / dockerhub (windows-latest) (push) Has been cancelled
ci / ecr (ubuntu-latest) (push) Has been cancelled
ci / ecr (windows-latest) (push) Has been cancelled
ci / ecr-aws-creds (ubuntu-latest) (push) Has been cancelled
ci / ecr-aws-creds (windows-latest) (push) Has been cancelled
ci / ecr-public (ubuntu-latest) (push) Has been cancelled
ci / ecr-public (windows-latest) (push) Has been cancelled
ci / ecr-public-aws-creds (ubuntu-latest) (push) Has been cancelled
ci / ecr-public-aws-creds (windows-latest) (push) Has been cancelled
ci / github-container (ubuntu-latest) (push) Has been cancelled
ci / github-container (windows-latest) (push) Has been cancelled
ci / gitlab (ubuntu-latest) (push) Has been cancelled
ci / gitlab (windows-latest) (push) Has been cancelled
ci / google-artifact (ubuntu-latest) (push) Has been cancelled
ci / google-artifact (windows-latest) (push) Has been cancelled
ci / google-container (ubuntu-latest) (push) Has been cancelled
ci / google-container (windows-latest) (push) Has been cancelled
Revert to Node 12 as default runtime
2022-03-01 20:54:30 +01:00
CrazyMax
4e3538592e Revert to Node 12 as default runtime
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-03-01 20:51:18 +01:00
CrazyMax
bb984efc56 Merge pull request #156 from docker/dependabot/npm_and_yarn/aws-sdk/client-ecr-public-3.53.0
Bump @aws-sdk/client-ecr-public from 3.45.0 to 3.53.0
2022-02-28 09:04:17 +01:00
CrazyMax
722888132b Update generated content
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-02-28 08:54:17 +01:00
dependabot[bot]
17780b56b7 Bump @aws-sdk/client-ecr-public from 3.45.0 to 3.53.0
Bumps [@aws-sdk/client-ecr-public](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-ecr-public) from 3.45.0 to 3.53.0.
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-ecr-public/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.53.0/clients/client-ecr-public)

---
updated-dependencies:
- dependency-name: "@aws-sdk/client-ecr-public"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-02-28 07:53:18 +00:00
CrazyMax
39857b3b45 Merge pull request #157 from docker/dependabot/npm_and_yarn/aws-sdk/client-ecr-3.53.0
Bump @aws-sdk/client-ecr from 3.45.0 to 3.53.0
2022-02-28 08:51:21 +01:00
CrazyMax
5fcc728422 Update generated content
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-02-28 08:49:13 +01:00
dependabot[bot]
9fb8721eb9 Bump @aws-sdk/client-ecr from 3.45.0 to 3.53.0
Bumps [@aws-sdk/client-ecr](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-ecr) from 3.45.0 to 3.53.0.
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-ecr/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.53.0/clients/client-ecr)

---
updated-dependencies:
- dependency-name: "@aws-sdk/client-ecr"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-02-28 07:45:26 +00:00
CrazyMax
4e3c9375bb Merge pull request #158 from crazy-max/node-16
update to node 16
2022-02-28 08:43:40 +01:00
CrazyMax
4b59a429db update to node 16
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-02-28 08:29:00 +01:00
CrazyMax
6af3c118c8 Merge pull request #152 from crazy-max/aws-sdk-proxy
handle proxy settings for aws-sdk
2022-02-17 11:30:34 +01:00
CrazyMax
caca3368ce handle proxy settings for aws-sdk
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-02-16 13:53:16 +01:00
CrazyMax
17f28ab24d Merge pull request #112 from dineshba/workload-identity-gcr-gar
Update readme with workload identity based authentication for GCR and GAR
2022-02-03 17:48:36 +01:00
Dinesh B
a875dd0e21 Update readme with workload identity based authentication for GCR and GAR
Signed-off-by: Dinesh B <dineshudt17@gmail.com>
Signed-off-by: Dinesh <dineshb@thoughtworks.com>
2022-02-03 20:57:42 +05:30
CrazyMax
7948fffc49 Merge pull request #49 from crazy-max/e2e-acr
Test login against ACR
2022-01-27 13:07:02 +01:00
CrazyMax
5fcefb941d Merge pull request #131 from docker/dependabot/npm_and_yarn/aws-sdk/client-ecr-public-3.45.0
Bump @aws-sdk/client-ecr-public from 3.43.0 to 3.45.0
2021-12-30 20:49:49 +01:00
CrazyMax
3bb2d084df Update generated content
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-12-30 20:43:44 +01:00
dependabot[bot]
242fb9a356 Bump @aws-sdk/client-ecr-public from 3.43.0 to 3.45.0
Bumps [@aws-sdk/client-ecr-public](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-ecr-public) from 3.43.0 to 3.45.0.
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-ecr-public/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.45.0/clients/client-ecr-public)

---
updated-dependencies:
- dependency-name: "@aws-sdk/client-ecr-public"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-30 19:41:46 +00:00
CrazyMax
fa72313bc3 Merge pull request #132 from docker/dependabot/npm_and_yarn/aws-sdk/client-ecr-3.45.0
Bump @aws-sdk/client-ecr from 3.44.0 to 3.45.0
2021-12-30 20:39:56 +01:00
CrazyMax
088f62a4f2 Update generated content
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-12-30 19:35:40 +01:00
dependabot[bot]
7929ac7647 Bump @aws-sdk/client-ecr from 3.44.0 to 3.45.0
Bumps [@aws-sdk/client-ecr](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-ecr) from 3.44.0 to 3.45.0.
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-ecr/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.45.0/clients/client-ecr)

---
updated-dependencies:
- dependency-name: "@aws-sdk/client-ecr"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-24 05:13:23 +00:00
CrazyMax
42d299face Merge pull request #130 from crazy-max/ci-workflow
Update ci workflow
2021-12-20 14:29:48 +01:00
CrazyMax
4858b0b5ea Update ci workflow
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-12-20 14:27:18 +01:00
CrazyMax
1d7d8649e7 Merge pull request #128 from Flydiverny/aws-sdk-v3
fix(ecr): only set credentials if username & password if specified, refactor to use aws-sdk v3
2021-12-20 14:25:33 +01:00
Markus Maga
58855695bb refactor: use v3 sdk
Signed-off-by: Markus Maga <markus@maga.se>
2021-12-20 13:46:08 +01:00
CrazyMax
d9927c4142 Merge pull request #123 from crazy-max/ecr-input
ecr input to specify whether the given registry is ECR
2021-12-20 11:05:56 +01:00
CrazyMax
b9a4d91ee5 ecr input to specify whether the given registry is ECR
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-12-20 10:59:20 +01:00
CrazyMax
b20b9f5e31 Merge pull request #126 from crazy-max/aws-sdk
ecr: switch implementation to use the AWS SDK
2021-12-20 10:51:10 +01:00
CrazyMax
cb21399f71 ci: test against windows runner
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-12-20 10:43:27 +01:00
CrazyMax
faae4d6665 ecr: switch implementation to use the AWS SDK
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-12-20 10:43:26 +01:00
CrazyMax
4d84a3c20f Merge pull request #127 from crazy-max/carry-124
Update instructions for Google registry
2021-12-19 22:47:40 +01:00
CrazyMax
6f7ca8828b Update instructions for Google registry
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-12-19 22:44:48 +01:00
CrazyMax
b776a64ec0 Merge pull request #114 from Flydiverny/fix-ec2-instance-credentials
fix(ecr): use ec2 instance credentials when no credentials are provided
2021-12-16 13:31:05 +01:00
Markus Maga
f6476db6e9 chore: update dist
Signed-off-by: Markus Maga <markus@maga.se>
2021-12-14 14:39:35 +01:00
Markus Maga
46ab6d5c3c fix(ecr): use ec2 instance credentials when no credentials are provided
Signed-off-by: Markus Maga <markus@maga.se>
2021-12-06 11:28:43 +01:00
CrazyMax
1cce1654e0 Merge pull request #111 from crazy-max/update-wrokflow
dev: update workflow
2021-11-16 21:47:03 +01:00
CrazyMax
9537342dee dev: update workflow
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-11-16 21:40:03 +01:00
CrazyMax
7f47463f56 Merge pull request #103 from docker/dependabot/npm_and_yarn/actions/core-1.6.0
Bump @actions/core from 1.5.0 to 1.6.0
2021-10-04 13:16:56 +02:00
CrazyMax
8807319764 Update generated content
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-10-04 13:14:44 +02:00
CrazyMax
ebac4bd30d Merge pull request #84 from crazy-max/depre-ubuntu-1604
Ubuntu 16.04 runner deprecated
2021-10-03 19:48:27 +02:00
dependabot[bot]
499663a42c Bump @actions/core from 1.5.0 to 1.6.0
Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.5.0 to 1.6.0.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

---
updated-dependencies:
- dependency-name: "@actions/core"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-29 05:09:54 +00:00
CrazyMax
70b0f7898e Merge pull request #101 from docker/dependabot/npm_and_yarn/ansi-regex-5.0.1
Bump ansi-regex from 5.0.0 to 5.0.1
2021-09-24 14:53:27 +02:00
dependabot[bot]
885923496b Bump ansi-regex from 5.0.0 to 5.0.1
Bumps [ansi-regex](https://github.com/chalk/ansi-regex) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/chalk/ansi-regex/releases)
- [Commits](https://github.com/chalk/ansi-regex/compare/v5.0.0...v5.0.1)

---
updated-dependencies:
- dependency-name: ansi-regex
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-24 12:07:37 +00:00
CrazyMax
ab92432d0b Merge pull request #100 from docker/dependabot/npm_and_yarn/tmpl-1.0.5
Bump tmpl from 1.0.4 to 1.0.5
2021-09-24 14:07:10 +02:00
dependabot[bot]
1828bf2d51 Bump tmpl from 1.0.4 to 1.0.5
Bumps [tmpl](https://github.com/daaku/nodejs-tmpl) from 1.0.4 to 1.0.5.
- [Release notes](https://github.com/daaku/nodejs-tmpl/releases)
- [Commits](https://github.com/daaku/nodejs-tmpl/commits/v1.0.5)

---
updated-dependencies:
- dependency-name: tmpl
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-22 01:49:39 +00:00
CrazyMax
25c0ca8bab Merge pull request #99 from crazy-max/fix-dep-labels
Fix Dependabot labels
2021-09-03 13:19:27 +02:00
CrazyMax
f11d2ba650 Fix Dependabot labels
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-09-03 13:17:39 +02:00
CrazyMax
3f83d7b89c Merge pull request #94 from docker/dependabot/npm_and_yarn/actions/core-1.5.0
Bump @actions/core from 1.4.0 to 1.5.0
2021-08-20 10:36:40 +02:00
CrazyMax
c9c0083563 Update generated content
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-08-20 10:34:52 +02:00
dependabot[bot]
f694e84504 Bump @actions/core from 1.4.0 to 1.5.0
Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

---
updated-dependencies:
- dependency-name: "@actions/core"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-08-20 05:10:32 +00:00
CrazyMax
b30d77254f Merge pull request #91 from cs278/patch-1
Add link to GitHub documentation
2021-08-10 11:53:58 +02:00
Chris Smith
95778bc566 Replace GIF with link to GitHub documentation
Signed-off-by: Chris Smith <chris.smith@widerplan.com>
2021-08-10 10:45:00 +01:00
CrazyMax
2c6df6a22f Merge pull request #88 from docker/dependabot/github_actions/codecov/codecov-action-2.0.1
Bump codecov/codecov-action from 1 to 2.0.1
2021-07-23 12:57:07 +02:00
CrazyMax
c41c9a5c65 Use major
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-07-23 12:55:26 +02:00
CrazyMax
fc6fe565d2 Merge pull request #89 from crazy-max/update-deps
Use official images
2021-07-20 10:36:07 +02:00
CrazyMax
10428f39dc Use official images
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-07-20 10:27:09 +02:00
dependabot[bot]
1b4cf55146 Bump codecov/codecov-action from 1 to 2.0.1
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 1 to 2.0.1.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v1...v2.0.1)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-07-20 05:09:16 +00:00
CrazyMax
5bcefc987c Merge pull request #86 from crazy-max/ghrc-readme
Small changes for GHCR doc
2021-07-06 20:33:57 +02:00
CrazyMax
169057673d Small changes for GHCR doc
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-07-06 20:32:11 +02:00
CrazyMax
5d62c58fc3 Merge pull request #85 from crazy-max/dev-deps
Update dev deps
2021-07-06 20:26:29 +02:00
CrazyMax
73cda5dad9 Update dev deps
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-07-06 20:24:15 +02:00
CrazyMax
5ffec3343b Merge pull request #83 from docker/dependabot/npm_and_yarn/hosted-git-info-2.8.9
Bump hosted-git-info from 2.8.8 to 2.8.9
2021-06-23 14:08:18 +02:00
CrazyMax
305d960cac Merge pull request #82 from docker/dependabot/npm_and_yarn/node-notifier-8.0.2
Bump node-notifier from 8.0.0 to 8.0.2
2021-06-23 14:08:05 +02:00
CrazyMax
9a9ae26c89 Merge pull request #81 from docker/dependabot/npm_and_yarn/ws-7.5.0
Bump ws from 7.3.1 to 7.5.0
2021-06-23 14:07:50 +02:00
CrazyMax
48af9f2a97 Merge pull request #80 from docker/dependabot/npm_and_yarn/lodash-4.17.21
Bump lodash from 4.17.20 to 4.17.21
2021-06-23 14:07:37 +02:00
CrazyMax
c08e3a84a9 Merge pull request #79 from docker/dependabot/npm_and_yarn/y18n-4.0.3
Bump y18n from 4.0.0 to 4.0.3
2021-06-23 14:07:23 +02:00
CrazyMax
f12fe5c78d Ubuntu 16.04 runner deprecated
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-06-23 14:05:59 +02:00
dependabot[bot]
b566635cc9 Bump hosted-git-info from 2.8.8 to 2.8.9
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.8.8 to 2.8.9.
- [Release notes](https://github.com/npm/hosted-git-info/releases)
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md)
- [Commits](https://github.com/npm/hosted-git-info/compare/v2.8.8...v2.8.9)

---
updated-dependencies:
- dependency-name: hosted-git-info
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-23 12:04:15 +00:00
dependabot[bot]
b8e54a5ea5 Bump node-notifier from 8.0.0 to 8.0.2
Bumps [node-notifier](https://github.com/mikaelbr/node-notifier) from 8.0.0 to 8.0.2.
- [Release notes](https://github.com/mikaelbr/node-notifier/releases)
- [Changelog](https://github.com/mikaelbr/node-notifier/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mikaelbr/node-notifier/compare/v8.0.0...v8.0.2)

---
updated-dependencies:
- dependency-name: node-notifier
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-23 12:04:11 +00:00
dependabot[bot]
d64238b93b Bump ws from 7.3.1 to 7.5.0
Bumps [ws](https://github.com/websockets/ws) from 7.3.1 to 7.5.0.
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](https://github.com/websockets/ws/compare/7.3.1...7.5.0)

---
updated-dependencies:
- dependency-name: ws
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-23 12:03:59 +00:00
dependabot[bot]
763661a124 Bump lodash from 4.17.20 to 4.17.21
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.20 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.20...4.17.21)

---
updated-dependencies:
- dependency-name: lodash
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-23 12:03:56 +00:00
dependabot[bot]
41fba5a8c6 Bump y18n from 4.0.0 to 4.0.3
Bumps [y18n](https://github.com/yargs/y18n) from 4.0.0 to 4.0.3.
- [Release notes](https://github.com/yargs/y18n/releases)
- [Changelog](https://github.com/yargs/y18n/blob/y18n-v4.0.3/CHANGELOG.md)
- [Commits](https://github.com/yargs/y18n/compare/v4.0.0...y18n-v4.0.3)

---
updated-dependencies:
- dependency-name: y18n
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-23 12:03:51 +00:00
CrazyMax
f054a8b539 Merge pull request #78 from crazy-max/remove-github-pkg
Remove GitHub Packages Docker Registry
2021-06-22 12:40:38 +02:00
CrazyMax
0644d98afe Remove GitHub Packages Docker Registry
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-06-22 11:25:58 +02:00
CrazyMax
9e433e18cf Merge pull request #77 from crazy-max/exec-output
Use built-in `getExecOutput`
2021-06-22 11:18:22 +02:00
CrazyMax
39efbd2c12 Use built-in getExecOutput
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-06-22 11:09:31 +02:00
CrazyMax
4608add020 Merge pull request #76 from crazy-max/bool-input
Use `core.getBooleanInput`
2021-06-22 10:43:05 +02:00
CrazyMax
4fd5d8ead6 Use core.getBooleanInput
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-06-22 10:40:00 +02:00
CrazyMax
e2346b6971 Merge pull request #73 from docker/dependabot/npm_and_yarn/actions/exec-1.1.0
Bump @actions/exec from 1.0.4 to 1.1.0
2021-06-22 10:01:44 +02:00
CrazyMax
2051808c83 Update generated content
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-06-22 10:00:24 +02:00
dependabot[bot]
7c220e1b8d Bump @actions/exec from 1.0.4 to 1.1.0
Bumps [@actions/exec](https://github.com/actions/toolkit/tree/HEAD/packages/exec) from 1.0.4 to 1.1.0.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/exec/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/@actions/core@1.1.0/packages/exec)

---
updated-dependencies:
- dependency-name: "@actions/exec"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-22 07:57:42 +00:00
CrazyMax
f4cae19820 Merge pull request #75 from docker/dependabot/npm_and_yarn/actions/io-1.1.1
Bump @actions/io from 1.1.0 to 1.1.1
2021-06-22 09:54:39 +02:00
CrazyMax
e5ad366574 Update generated content
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-06-22 09:52:14 +02:00
dependabot[bot]
45bc0ebd6b Bump @actions/io from 1.1.0 to 1.1.1
Bumps [@actions/io](https://github.com/actions/toolkit/tree/HEAD/packages/io) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/io/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/@actions/tool-cache@1.1.1/packages/io)

---
updated-dependencies:
- dependency-name: "@actions/io"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-22 07:51:48 +00:00
CrazyMax
79068f5240 Merge pull request #74 from docker/dependabot/npm_and_yarn/actions/core-1.4.0
Bump @actions/core from 1.3.0 to 1.4.0
2021-06-22 09:49:46 +02:00
CrazyMax
8e670da7a1 Update generated content
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-06-22 09:47:22 +02:00
dependabot[bot]
76901a9025 Bump @actions/core from 1.3.0 to 1.4.0
Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.3.0 to 1.4.0.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

---
updated-dependencies:
- dependency-name: "@actions/core"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-08 06:56:06 +00:00
CrazyMax
31f1bb4610 Merge pull request #70 from docker/dependabot/npm_and_yarn/actions/core-1.3.0
Bump @actions/core from 1.2.6 to 1.3.0
2021-05-25 01:10:03 +02:00
CrazyMax
28eb30dcb6 Update generated content
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-05-25 01:08:08 +02:00
dependabot[bot]
03b00fbeba Bump @actions/core from 1.2.6 to 1.3.0
Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.2.6 to 1.3.0.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

Signed-off-by: dependabot[bot] <support@github.com>
2021-05-24 23:02:08 +00:00
CrazyMax
5934fe3407 Merge pull request #71 from docker/dependabot/npm_and_yarn/actions/io-1.1.0
Bump @actions/io from 1.0.2 to 1.1.0
2021-05-25 00:59:47 +02:00
CrazyMax
3cba154eb7 Update generated content
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-05-25 00:48:47 +02:00
dependabot[bot]
986a54f35b Bump @actions/io from 1.0.2 to 1.1.0
Bumps [@actions/io](https://github.com/actions/toolkit/tree/HEAD/packages/io) from 1.0.2 to 1.1.0.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/io/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/@actions/core@1.1.0/packages/io)

Signed-off-by: dependabot[bot] <support@github.com>
2021-05-24 22:47:36 +00:00
CrazyMax
fdb725ed4b Merge pull request #69 from docker/dependabot/npm_and_yarn/semver-7.3.5
Bump semver from 7.3.2 to 7.3.5
2021-05-25 00:45:34 +02:00
CrazyMax
bab7dcbf29 Update generated content
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-05-25 00:44:03 +02:00
dependabot[bot]
c0d23108f7 Bump semver from 7.3.2 to 7.3.5
Bumps [semver](https://github.com/npm/node-semver) from 7.3.2 to 7.3.5.
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/master/CHANGELOG.md)
- [Commits](https://github.com/npm/node-semver/compare/v7.3.2...v7.3.5)

Signed-off-by: dependabot[bot] <support@github.com>
2021-05-24 22:38:59 +00:00
CrazyMax
c902ecc709 Merge pull request #68 from crazy-max/dependabot-config
Update dependabot config
2021-05-25 00:37:20 +02:00
CrazyMax
b612a76a31 Update dependabot config
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-05-25 00:33:43 +02:00
CrazyMax
9376d24995 Test login against ACR
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2020-12-22 11:30:57 +01:00
28 changed files with 34208 additions and 6107 deletions

View File

@@ -4,19 +4,15 @@ updates:
directory: "/"
schedule:
interval: "daily"
time: "06:00"
timezone: "Europe/Paris"
labels:
- ":game_die: dependencies"
- ":robot: bot"
- "dependencies"
- "bot"
- package-ecosystem: "npm"
directory: "/"
schedule:
interval: "daily"
time: "06:00"
timezone: "Europe/Paris"
allow:
- dependency-type: "production"
labels:
- ":game_die: dependencies"
- ":robot: bot"
- "dependencies"
- "bot"

Binary file not shown.

Before

Width:  |  Height:  |  Size: 99 KiB

View File

@@ -3,7 +3,7 @@ name: ci
on:
workflow_dispatch:
schedule:
- cron: '0 10 * * *' # everyday at 10am
- cron: '0 10 * * *'
push:
branches:
- 'master'
@@ -25,9 +25,30 @@ jobs:
uses: ./
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
logout:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
logout:
- false
- true
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Login to GitHub Container Registry
uses: ./
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
logout: ${{ matrix.logout }}
dind:
runs-on: ubuntu-latest
env:
@@ -55,15 +76,28 @@ jobs:
docker image prune -a -f >/dev/null 2>&1
docker pull ghcr.io/docker-ghactiontest/test
acr:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Login to ACR
uses: ./
with:
registry: ${{ secrets.AZURE_REGISTRY_NAME }}.azurecr.io
username: ${{ secrets.AZURE_CLIENT_ID }}
password: ${{ secrets.AZURE_CLIENT_SECRET }}
dockerhub:
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os:
- ubuntu-20.04
- ubuntu-18.04
- ubuntu-16.04
- ubuntu-latest
- windows-latest
steps:
-
name: Checkout
@@ -81,9 +115,8 @@ jobs:
fail-fast: false
matrix:
os:
- ubuntu-20.04
- ubuntu-18.04
- ubuntu-16.04
- ubuntu-latest
- windows-latest
steps:
-
name: Checkout
@@ -92,7 +125,7 @@ jobs:
name: Login to ECR
uses: ./
with:
registry: ${{ secrets.AWS_ACCOUNT_NUMBER }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com
registry: ${{ secrets.AWS_ACCOUNT_NUMBER }}.dkr.ecr.us-east-1.amazonaws.com
username: ${{ secrets.AWS_ACCESS_KEY_ID }}
password: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -102,9 +135,8 @@ jobs:
fail-fast: false
matrix:
os:
- ubuntu-20.04
- ubuntu-18.04
- ubuntu-16.04
- ubuntu-latest
- windows-latest
steps:
-
name: Checkout
@@ -115,12 +147,12 @@ jobs:
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
aws-region: us-east-1
-
name: Login to ECR
uses: ./
with:
registry: ${{ secrets.AWS_ACCOUNT_NUMBER }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com
registry: ${{ secrets.AWS_ACCOUNT_NUMBER }}.dkr.ecr.us-east-1.amazonaws.com
ecr-public:
runs-on: ${{ matrix.os }}
@@ -128,9 +160,8 @@ jobs:
fail-fast: false
matrix:
os:
- ubuntu-20.04
- ubuntu-18.04
- ubuntu-16.04
- ubuntu-latest
- windows-latest
steps:
-
name: Checkout
@@ -142,23 +173,42 @@ jobs:
registry: public.ecr.aws
username: ${{ secrets.AWS_ACCESS_KEY_ID }}
password: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
env:
AWS_REGION: us-east-1
github-package:
runs-on: ubuntu-latest
ecr-public-aws-creds:
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os:
- ubuntu-latest
- windows-latest
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Login to GitHub Package Registry
name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
-
name: Login to ECR
uses: ./
with:
registry: docker.pkg.github.com
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
registry: public.ecr.aws
github-container:
runs-on: ubuntu-latest
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os:
- ubuntu-latest
- windows-latest
steps:
-
name: Checkout
@@ -168,11 +218,17 @@ jobs:
uses: ./
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
gitlab:
runs-on: ubuntu-latest
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os:
- ubuntu-latest
- windows-latest
steps:
-
name: Checkout
@@ -186,7 +242,13 @@ jobs:
password: ${{ secrets.GITLAB_TOKEN }}
google-artifact:
runs-on: ubuntu-latest
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os:
- ubuntu-latest
- windows-latest
steps:
-
name: Checkout
@@ -200,7 +262,13 @@ jobs:
password: ${{ secrets.GAR_JSON_KEY }}
google-container:
runs-on: ubuntu-latest
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os:
- ubuntu-latest
- windows-latest
steps:
-
name: Checkout

View File

@@ -29,6 +29,6 @@ jobs:
targets: test
-
name: Upload coverage
uses: codecov/codecov-action@v1
uses: codecov/codecov-action@v2
with:
file: ./coverage/clover.xml

View File

@@ -1,5 +1,5 @@
{
"printWidth": 120,
"printWidth": 240,
"tabWidth": 2,
"useTabs": false,
"semi": true,

164
README.md
View File

@@ -14,7 +14,6 @@ ___
* [Usage](#usage)
* [Docker Hub](#docker-hub)
* [GitHub Packages Docker Registry](#github-packages-docker-registry)
* [GitHub Container Registry](#github-container-registry)
* [GitLab](#gitlab)
* [Azure Container Registry (ACR)](#azure-container-registry-acr)
@@ -40,7 +39,7 @@ name: ci
on:
push:
branches: master
branches: main
jobs:
login:
@@ -54,40 +53,9 @@ jobs:
password: ${{ secrets.DOCKERHUB_TOKEN }}
```
### GitHub Packages Docker Registry
> :warning: GitHub Packages Docker Registry (aka `docker.pkg.github.com`) **is deprecated** and will sunset early next
> year. It's strongly advised to [migrate to GitHub Container Registry](https://docs.github.com/en/packages/getting-started-with-github-container-registry/migrating-to-github-container-registry-for-docker-images)
> instead.
You can configure the Docker client to use [GitHub Packages to publish and retrieve docker images](https://docs.github.com/en/packages/using-github-packages-with-your-projects-ecosystem/configuring-docker-for-use-with-github-packages).
```yaml
name: ci
on:
push:
branches: master
jobs:
login:
runs-on: ubuntu-latest
steps:
-
name: Login to GitHub Packages Docker Registry
uses: docker/login-action@v1
with:
registry: docker.pkg.github.com
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
```
### GitHub Container Registry
To use the [GitHub Container Registry](https://docs.github.com/en/packages/getting-started-with-github-container-registry),
you need to [enable this feature for your personal or organization account](https://docs.github.com/en/packages/guides/enabling-improved-container-support).
To [authenticate against it](https://docs.github.com/en/packages/guides/migrating-to-github-container-registry-for-docker-images#authenticating-with-the-container-registry),
To authenticate against the [GitHub Container Registry](https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-container-registry),
use the [`GITHUB_TOKEN`](https://docs.github.com/en/actions/reference/authentication-in-a-workflow) for the best
security and experience.
@@ -96,7 +64,7 @@ name: ci
on:
push:
branches: master
branches: main
jobs:
login:
@@ -107,13 +75,12 @@ jobs:
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
```
You may need to manage write and read access of GitHub Actions for repositories in the container settings:
![Manage Actions access](.github/ghcr-manage-actions-access.gif)
You may need to [manage write and read access of GitHub Actions](https://docs.github.com/en/packages/managing-github-packages-using-github-actions-workflows/publishing-and-installing-a-package-with-github-actions#upgrading-a-workflow-that-accesses-ghcrio)
for repositories in the container settings.
You can also use a [personal access token (PAT)](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token)
with the [appropriate scopes](https://docs.github.com/en/packages/getting-started-with-github-container-registry/migrating-to-github-container-registry-for-docker-images#authenticating-with-the-container-registry).
@@ -125,7 +92,7 @@ name: ci
on:
push:
branches: master
branches: main
jobs:
login:
@@ -151,7 +118,7 @@ name: ci
on:
push:
branches: master
branches: main
jobs:
login:
@@ -175,17 +142,57 @@ jobs:
> Google Container Registry, use the information [on this page](https://cloud.google.com/artifact-registry/docs/transition/transition-from-gcr)
> to learn about transitioning to Google Artifact Registry.
Use a service account with the ability to push to GCR and [configure access control](https://cloud.google.com/container-registry/docs/access-control).
Then create and download the JSON key for this service account and save content of `.json` file
[as a secret](https://docs.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets#creating-encrypted-secrets-for-a-repository)
called `GCR_JSON_KEY` in your GitHub repo. Ensure you set the username to `_json_key`.
You can use either workload identity federation based keyless authentication or service account based authentication.
#### Workload identity federation based authentication
Configure the workload identity federation for github actions in gcloud (for steps, [refer here](https://github.com/google-github-actions/auth#setting-up-workload-identity-federation)). In the steps, your service account should the ability to push to GCR. Then use google-github-actions/auth action for authentication using workload identity like below:
```yaml
name: ci
on:
push:
branches: master
branches: main
jobs:
login:
runs-on: ubuntu-latest
steps:
- id: 'auth'
name: 'Authenticate to Google Cloud'
uses: 'google-github-actions/auth@v0'
with:
token_format: 'access_token'
workload_identity_provider: '<workload_identity_provider>'
service_account: '<service_account>'
- name: Login to GCR
uses: docker/login-action@v1
with:
registry: gcr.io
username: oauth2accesstoken
password: ${{ steps.auth.outputs.access_token }}
```
> Replace `<workload_identity_provider>` with configured workload identity provider. For steps to configure, [refer here](https://github.com/google-github-actions/auth#setting-up-workload-identity-federation).
> Replace `<service_account>` with configured service account in workload identity provider which has access to push to GCR
#### Service account based authentication
Use a service account with the ability to push to GCR and [configure access control](https://cloud.google.com/container-registry/docs/access-control).
Then create and download the JSON key for this service account and save content of `.json` file
[as a secret](https://docs.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets#creating-encrypted-secrets-for-a-repository)
called `GCR_JSON_KEY` in your GitHub repo. Ensure you set the username to `_json_key`,
or `_json_key_base64` if you use a base64-encoded key.
```yaml
name: ci
on:
push:
branches: main
jobs:
login:
@@ -202,17 +209,59 @@ jobs:
### Google Artifact Registry (GAR)
Use a service account with the ability to push to GAR and [configure access control](https://cloud.google.com/artifact-registry/docs/access-control).
Then create and download the JSON key for this service account and save content of `.json` file
[as a secret](https://docs.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets#creating-encrypted-secrets-for-a-repository)
called `GAR_JSON_KEY` in your GitHub repo. Ensure you set the username to `_json_key`.
You can use either workload identity federation based keyless authentication or service account based authentication.
#### Workload identity federation based authentication
Configure the workload identity federation for github actions in gcloud (for steps, [refer here](https://github.com/google-github-actions/auth#setting-up-workload-identity-federation)). In the steps, your service account should the ability to push to GAR. Then use google-github-actions/auth action for authentication using workload identity like below:
```yaml
name: ci
on:
push:
branches: master
branches: main
jobs:
login:
runs-on: ubuntu-latest
steps:
- id: 'auth'
name: 'Authenticate to Google Cloud'
uses: 'google-github-actions/auth@v0'
with:
token_format: 'access_token'
workload_identity_provider: '<workload_identity_provider>'
service_account: '<service_account>'
- name: Login to GAR
uses: docker/login-action@v1
with:
registry: <location>-docker.pkg.dev
username: oauth2accesstoken
password: ${{ steps.auth.outputs.access_token }}
```
> Replace `<workload_identity_provider>` with configured workload identity provider
> Replace `<service_account>` with configured service account in workload identity provider which has access to push to GCR
> Replace `<location>` with the regional or multi-regional [location](https://cloud.google.com/artifact-registry/docs/repo-organize#locations)
> of the repository where the image is stored.
#### Service account based authentication
Use a service account with the ability to push to GAR and [configure access control](https://cloud.google.com/artifact-registry/docs/access-control).
Then create and download the JSON key for this service account and save content of `.json` file
[as a secret](https://docs.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets#creating-encrypted-secrets-for-a-repository)
called `GAR_JSON_KEY` in your GitHub repo. Ensure you set the username to `_json_key`,
or `_json_key_base64` if you use a base64-encoded key.
```yaml
name: ci
on:
push:
branches: main
jobs:
login:
@@ -241,7 +290,7 @@ name: ci
on:
push:
branches: master
branches: main
jobs:
login:
@@ -264,7 +313,7 @@ name: ci
on:
push:
branches: master
branches: main
jobs:
login:
@@ -291,7 +340,7 @@ name: ci
on:
push:
branches: master
branches: main
jobs:
login:
@@ -324,7 +373,7 @@ name: ci
on:
push:
branches: master
branches: main
jobs:
login:
@@ -358,7 +407,7 @@ name: ci
on:
push:
branches: master
branches: main
jobs:
login:
@@ -384,7 +433,7 @@ name: ci
on:
push:
branches: master
branches: main
jobs:
login:
@@ -410,6 +459,7 @@ Following inputs can be used as `step.with` keys
| `registry` | String | | Server address of Docker registry. If not set then will default to Docker Hub |
| `username` | String | | Username used to log against the Docker registry |
| `password` | String | | Password or personal access token used to log against the Docker registry |
| `ecr` | String | `auto` | Specifies whether the given registry is ECR (`auto`, `true` or `false`) |
| `logout` | Bool | `true` | Log out from the Docker registry at the end of a job |
## Keep up-to-date with GitHub Dependabot

View File

@@ -1,4 +1,5 @@
import * as semver from 'semver';
import {beforeEach, describe, expect, jest, test} from '@jest/globals';
import {AuthorizationData} from '@aws-sdk/client-ecr';
import * as aws from '../src/aws';
describe('isECR', () => {
@@ -10,7 +11,7 @@ describe('isECR', () => {
['390948362332.dkr.ecr.cn-northwest-1.amazonaws.com.cn', true],
['public.ecr.aws', true]
])('given registry %p', async (registry, expected) => {
expect(await aws.isECR(registry)).toEqual(expected);
expect(aws.isECR(registry)).toEqual(expected);
});
});
@@ -23,40 +24,7 @@ describe('isPubECR', () => {
['390948362332.dkr.ecr.cn-northwest-1.amazonaws.com.cn', false],
['public.ecr.aws', true]
])('given registry %p', async (registry, expected) => {
expect(await aws.isPubECR(registry)).toEqual(expected);
});
});
describe('getCLI', () => {
it('exists', async () => {
const awsPath = await aws.getCLI();
console.log(`awsPath: ${awsPath}`);
expect(awsPath).not.toEqual('');
});
});
describe('execCLI', () => {
it('--version not empty', async () => {
const cliCmdOutput = await aws.execCLI(['--version']);
console.log(`cliCmdOutput: ${cliCmdOutput}`);
expect(cliCmdOutput).not.toEqual('');
}, 100000);
});
describe('getCLIVersion', () => {
it('valid', async () => {
const cliVersion = await aws.getCLIVersion();
console.log(`cliVersion: ${cliVersion}`);
expect(semver.valid(cliVersion)).not.toBeNull();
}, 100000);
});
describe('parseCLIVersion', () => {
test.each([
['v1', 'aws-cli/1.18.120 Python/2.7.17 Linux/5.3.0-1034-azure botocore/1.17.43', '1.18.120'],
['v2', 'aws-cli/2.0.41 Python/3.7.3 Linux/4.19.104-microsoft-standard exe/x86_64.ubuntu.18', '2.0.41']
])('given aws %p', async (version, stdout, expected) => {
expect(await aws.parseCLIVersion(stdout)).toEqual(expected);
expect(aws.isPubECR(registry)).toEqual(expected);
});
});
@@ -67,33 +35,122 @@ describe('getRegion', () => {
['390948362332.dkr.ecr.cn-northwest-1.amazonaws.com.cn', 'cn-northwest-1'],
['public.ecr.aws', 'us-east-1']
])('given registry %p', async (registry, expected) => {
expect(await aws.getRegion(registry)).toEqual(expected);
expect(aws.getRegion(registry)).toEqual(expected);
});
});
describe('getAccountIDs', () => {
test.each([
['012345678901.dkr.ecr.eu-west-3.amazonaws.com', undefined, ['012345678901']],
[
'012345678901.dkr.ecr.eu-west-3.amazonaws.com',
'012345678910,023456789012',
['012345678901', '012345678910', '023456789012']
],
[
'012345678901.dkr.ecr.eu-west-3.amazonaws.com',
'012345678901,012345678910,023456789012',
['012345678901', '012345678910', '023456789012']
],
[
'390948362332.dkr.ecr.cn-northwest-1.amazonaws.com.cn',
'012345678910,023456789012',
['390948362332', '012345678910', '023456789012']
],
['012345678901.dkr.ecr.eu-west-3.amazonaws.com', '012345678910,023456789012', ['012345678901', '012345678910', '023456789012']],
['012345678901.dkr.ecr.eu-west-3.amazonaws.com', '012345678901,012345678910,023456789012', ['012345678901', '012345678910', '023456789012']],
['390948362332.dkr.ecr.cn-northwest-1.amazonaws.com.cn', '012345678910,023456789012', ['390948362332', '012345678910', '023456789012']],
['public.ecr.aws', undefined, []]
])('given registry %p', async (registry, accountIDsEnv, expected) => {
if (accountIDsEnv) {
process.env.AWS_ACCOUNT_IDS = accountIDsEnv;
}
expect(await aws.getAccountIDs(registry)).toEqual(expected);
expect(aws.getAccountIDs(registry)).toEqual(expected);
});
});
const mockEcrGetAuthToken = jest.fn();
const mockEcrPublicGetAuthToken = jest.fn();
jest.mock('@aws-sdk/client-ecr', () => {
return {
ECR: jest.fn(() => ({
getAuthorizationToken: mockEcrGetAuthToken
}))
};
});
jest.mock('@aws-sdk/client-ecr-public', () => {
return {
ECRPUBLIC: jest.fn(() => ({
getAuthorizationToken: mockEcrPublicGetAuthToken
}))
};
});
describe('getRegistriesData', () => {
beforeEach(() => {
jest.clearAllMocks();
delete process.env.AWS_ACCOUNT_IDS;
});
// prettier-ignore
test.each([
[
'012345678901.dkr.ecr.aws-region-1.amazonaws.com',
'dkr.ecr.aws-region-1.amazonaws.com', undefined,
[
{
registry: '012345678901.dkr.ecr.aws-region-1.amazonaws.com',
username: '012345678901',
password: 'world'
}
]
],
[
'012345678901.dkr.ecr.eu-west-3.amazonaws.com',
'dkr.ecr.eu-west-3.amazonaws.com',
'012345678910,023456789012',
[
{
registry: '012345678901.dkr.ecr.eu-west-3.amazonaws.com',
username: '012345678901',
password: 'world'
},
{
registry: '012345678910.dkr.ecr.eu-west-3.amazonaws.com',
username: '012345678910',
password: 'world'
},
{
registry: '023456789012.dkr.ecr.eu-west-3.amazonaws.com',
username: '023456789012',
password: 'world'
}
]
],
[
'public.ecr.aws',
undefined,
undefined,
[
{
registry: 'public.ecr.aws',
username: 'AWS',
password: 'world'
}
]
]
])('given registry %p', async (registry, fqdn, accountIDsEnv, expected: aws.RegistryData[]) => {
if (accountIDsEnv) {
process.env.AWS_ACCOUNT_IDS = accountIDsEnv;
}
const accountIDs = aws.getAccountIDs(registry);
const authData: AuthorizationData[] = [];
if (accountIDs.length == 0) {
mockEcrPublicGetAuthToken.mockImplementation(() => {
return Promise.resolve({
authorizationData: {
authorizationToken: Buffer.from(`AWS:world`).toString('base64'),
}
});
});
} else {
aws.getAccountIDs(registry).forEach(accountID => {
authData.push({
authorizationToken: Buffer.from(`${accountID}:world`).toString('base64'),
proxyEndpoint: `${accountID}.${fqdn}`
});
});
mockEcrGetAuthToken.mockImplementation(() => {
return Promise.resolve({
authorizationData: authData
});
});
}
const regData = await aws.getRegistriesData(registry);
expect(regData).toEqual(expected);
});
});

View File

@@ -1,10 +1,10 @@
import osm = require('os');
import {expect, test} from '@jest/globals';
import {getInputs} from '../src/context';
test('with password and username getInputs does not throw error', async () => {
process.env['INPUT_USERNAME'] = 'dbowie';
process.env['INPUT_PASSWORD'] = 'groundcontrol';
process.env['INPUT_LOGOUT'] = 'true';
expect(() => {
getInputs();
}).not.toThrowError();

View File

@@ -1,15 +1,19 @@
import {expect, jest, test} from '@jest/globals';
import {loginStandard, logout} from '../src/docker';
import * as path from 'path';
import * as exec from '@actions/exec';
process.env['RUNNER_TEMP'] = path.join(__dirname, 'runner');
test('loginStandard calls exec', async () => {
const execSpy: jest.SpyInstance = jest.spyOn(exec, 'exec');
// don't let exec try to actually run the commands
execSpy.mockImplementation(() => {});
// @ts-ignore
const execSpy = jest.spyOn(exec, 'getExecOutput').mockImplementation(async () => {
return {
exitCode: expect.any(Number),
stdout: expect.any(Function),
stderr: expect.any(Function)
};
});
const username: string = 'dbowie';
const password: string = 'groundcontrol';
@@ -20,30 +24,25 @@ test('loginStandard calls exec', async () => {
expect(execSpy).toHaveBeenCalledWith(`docker`, ['login', '--password-stdin', '--username', username, registry], {
input: Buffer.from(password),
silent: true,
ignoreReturnCode: true,
listeners: expect.objectContaining({
stdout: expect.any(Function),
stderr: expect.any(Function)
})
ignoreReturnCode: true
});
});
test('logout calls exec', async () => {
const execSpy: jest.SpyInstance = jest.spyOn(exec, 'exec');
// don't let exec try to actually run the commands
execSpy.mockImplementation(() => {});
// @ts-ignore
const execSpy = jest.spyOn(exec, 'getExecOutput').mockImplementation(async () => {
return {
exitCode: expect.any(Number),
stdout: expect.any(Function),
stderr: expect.any(Function)
};
});
const registry: string = 'https://ghcr.io';
await logout(registry);
expect(execSpy).toHaveBeenCalledWith(`docker`, ['logout', registry], {
silent: false,
ignoreReturnCode: true,
input: Buffer.from(''),
listeners: expect.objectContaining({
stdout: expect.any(Function),
stderr: expect.any(Function)
})
ignoreReturnCode: true
});
});

View File

@@ -1,3 +1,4 @@
import {expect, jest, test} from '@jest/globals';
import osm = require('os');
import {run} from '../src/main';
@@ -7,24 +8,20 @@ import * as stateHelper from '../src/state-helper';
import * as core from '@actions/core';
test('errors without username and password', async () => {
const platSpy = jest.spyOn(osm, 'platform');
platSpy.mockImplementation(() => 'linux');
const platSpy = jest.spyOn(osm, 'platform').mockImplementation(() => 'linux');
const coreSpy: jest.SpyInstance = jest.spyOn(core, 'setFailed');
process.env['INPUT_LOGOUT'] = 'true'; // default value
const coreSpy = jest.spyOn(core, 'setFailed');
await run();
expect(coreSpy).toHaveBeenCalledWith('Username and password required');
});
test('successful with username and password', async () => {
const platSpy = jest.spyOn(osm, 'platform');
platSpy.mockImplementation(() => 'linux');
const setRegistrySpy: jest.SpyInstance = jest.spyOn(stateHelper, 'setRegistry');
const setLogoutSpy: jest.SpyInstance = jest.spyOn(stateHelper, 'setLogout');
const dockerSpy: jest.SpyInstance = jest.spyOn(docker, 'login');
dockerSpy.mockImplementation(() => {});
const platSpy = jest.spyOn(osm, 'platform').mockImplementation(() => 'linux');
const setRegistrySpy = jest.spyOn(stateHelper, 'setRegistry');
const setLogoutSpy = jest.spyOn(stateHelper, 'setLogout');
const dockerSpy = jest.spyOn(docker, 'login').mockImplementation(jest.fn());
const username: string = 'dbowie';
process.env[`INPUT_USERNAME`] = username;
@@ -32,21 +29,25 @@ test('successful with username and password', async () => {
const password: string = 'groundcontrol';
process.env[`INPUT_PASSWORD`] = password;
const ecr: string = 'auto';
process.env['INPUT_ECR'] = ecr;
const logout: boolean = false;
process.env['INPUT_LOGOUT'] = String(logout);
await run();
expect(setRegistrySpy).toHaveBeenCalledWith('');
expect(setLogoutSpy).toHaveBeenCalledWith('');
expect(dockerSpy).toHaveBeenCalledWith('', username, password);
expect(setLogoutSpy).toHaveBeenCalledWith(logout);
expect(dockerSpy).toHaveBeenCalledWith('', username, password, ecr);
});
test('calls docker login', async () => {
const platSpy = jest.spyOn(osm, 'platform');
platSpy.mockImplementation(() => 'linux');
const setRegistrySpy: jest.SpyInstance = jest.spyOn(stateHelper, 'setRegistry');
const setLogoutSpy: jest.SpyInstance = jest.spyOn(stateHelper, 'setLogout');
const dockerSpy: jest.SpyInstance = jest.spyOn(docker, 'login');
dockerSpy.mockImplementation(() => {});
const platSpy = jest.spyOn(osm, 'platform').mockImplementation(() => 'linux');
const setRegistrySpy = jest.spyOn(stateHelper, 'setRegistry');
const setLogoutSpy = jest.spyOn(stateHelper, 'setLogout');
const dockerSpy = jest.spyOn(docker, 'login');
dockerSpy.mockImplementation(jest.fn());
const username: string = 'dbowie';
process.env[`INPUT_USERNAME`] = username;
@@ -57,12 +58,15 @@ test('calls docker login', async () => {
const registry: string = 'ghcr.io';
process.env[`INPUT_REGISTRY`] = registry;
const logout: string = 'true';
process.env['INPUT_LOGOUT'] = logout;
const ecr: string = 'auto';
process.env['INPUT_ECR'] = ecr;
const logout: boolean = true;
process.env['INPUT_LOGOUT'] = String(logout);
await run();
expect(setRegistrySpy).toHaveBeenCalledWith(registry);
expect(setLogoutSpy).toHaveBeenCalledWith(logout);
expect(dockerSpy).toHaveBeenCalledWith(registry, username, password);
expect(dockerSpy).toHaveBeenCalledWith(registry, username, password, ecr);
});

View File

@@ -16,6 +16,10 @@ inputs:
password:
description: 'Password or personal access token used to log against the Docker registry'
required: false
ecr:
description: 'Specifies whether the given registry is ECR (auto, true or false)'
default: 'auto'
required: false
logout:
description: 'Log out from the Docker registry at the end of a job'
default: 'true'

3
codecov.yml Normal file
View File

@@ -0,0 +1,3 @@
comment: false
github_checks:
annotations: false

78
dev.Dockerfile Normal file
View File

@@ -0,0 +1,78 @@
# syntax=docker/dockerfile:1.3-labs
ARG NODE_VERSION=12
ARG DOCKER_VERSION=20.10.10
ARG BUILDX_VERSION=0.7.0
FROM node:${NODE_VERSION}-alpine AS base
RUN apk add --no-cache cpio findutils git
WORKDIR /src
FROM base AS deps
RUN --mount=type=bind,target=.,rw \
--mount=type=cache,target=/src/node_modules \
yarn install && mkdir /vendor && cp yarn.lock /vendor
FROM scratch AS vendor-update
COPY --from=deps /vendor /
FROM deps AS vendor-validate
RUN --mount=type=bind,target=.,rw <<EOT
set -e
git add -A
cp -rf /vendor/* .
if [ -n "$(git status --porcelain -- yarn.lock)" ]; then
echo >&2 'ERROR: Vendor result differs. Please vendor your package with "docker buildx bake vendor-update"'
git status --porcelain -- yarn.lock
exit 1
fi
EOT
FROM deps AS build
RUN --mount=type=bind,target=.,rw \
--mount=type=cache,target=/src/node_modules \
yarn run build && mkdir /out && cp -Rf dist /out/
FROM scratch AS build-update
COPY --from=build /out /
FROM build AS build-validate
RUN --mount=type=bind,target=.,rw <<EOT
set -e
git add -A
cp -rf /out/* .
if [ -n "$(git status --porcelain -- dist)" ]; then
echo >&2 'ERROR: Build result differs. Please build first with "docker buildx bake build"'
git status --porcelain -- dist
exit 1
fi
EOT
FROM deps AS format
RUN --mount=type=bind,target=.,rw \
--mount=type=cache,target=/src/node_modules \
yarn run format \
&& mkdir /out && find . -name '*.ts' -not -path './node_modules/*' | cpio -pdm /out
FROM scratch AS format-update
COPY --from=format /out /
FROM deps AS format-validate
RUN --mount=type=bind,target=.,rw \
--mount=type=cache,target=/src/node_modules \
yarn run format-check
FROM docker:${DOCKER_VERSION} as docker
FROM docker/buildx-bin:${BUILDX_VERSION} as buildx
FROM deps AS test
ENV RUNNER_TEMP=/tmp/github_runner
ENV RUNNER_TOOL_CACHE=/tmp/github_tool_cache
RUN --mount=type=bind,target=.,rw \
--mount=type=cache,target=/src/node_modules \
--mount=type=bind,from=docker,source=/usr/local/bin/docker,target=/usr/bin/docker \
--mount=type=bind,from=buildx,source=/buildx,target=/usr/libexec/docker/cli-plugins/docker-buildx \
yarn run test --coverageDirectory=/tmp/coverage
FROM scratch AS test-coverage
COPY --from=test /tmp/coverage /

34778
dist/index.js generated vendored

File diff suppressed because one or more lines are too long

View File

@@ -1,13 +1,3 @@
variable "NODE_VERSION" {
default = "12"
}
target "node-version" {
args = {
NODE_VERSION = NODE_VERSION
}
}
group "default" {
targets = ["build"]
}
@@ -21,47 +11,43 @@ group "validate" {
}
target "build" {
inherits = ["node-version"]
dockerfile = "./hack/build.Dockerfile"
dockerfile = "dev.Dockerfile"
target = "build-update"
output = ["."]
}
target "build-validate" {
inherits = ["node-version"]
dockerfile = "./hack/build.Dockerfile"
dockerfile = "dev.Dockerfile"
target = "build-validate"
output = ["type=cacheonly"]
}
target "format" {
inherits = ["node-version"]
dockerfile = "./hack/build.Dockerfile"
dockerfile = "dev.Dockerfile"
target = "format-update"
output = ["."]
}
target "format-validate" {
inherits = ["node-version"]
dockerfile = "./hack/build.Dockerfile"
dockerfile = "dev.Dockerfile"
target = "format-validate"
output = ["type=cacheonly"]
}
target "vendor-update" {
inherits = ["node-version"]
dockerfile = "./hack/vendor.Dockerfile"
target = "update"
dockerfile = "dev.Dockerfile"
target = "vendor-update"
output = ["."]
}
target "vendor-validate" {
inherits = ["node-version"]
dockerfile = "./hack/vendor.Dockerfile"
target = "validate"
dockerfile = "dev.Dockerfile"
target = "vendor-validate"
output = ["type=cacheonly"]
}
target "test" {
inherits = ["node-version"]
dockerfile = "./hack/test.Dockerfile"
dockerfile = "dev.Dockerfile"
target = "test-coverage"
output = ["./coverage"]
}

View File

@@ -1,42 +0,0 @@
# syntax=docker/dockerfile:1.2
ARG NODE_VERSION
FROM node:${NODE_VERSION}-alpine AS base
RUN apk add --no-cache cpio findutils git
WORKDIR /src
FROM base AS deps
RUN --mount=type=bind,target=.,rw \
--mount=type=cache,target=/src/node_modules \
yarn install
FROM deps AS build
RUN --mount=type=bind,target=.,rw \
--mount=type=cache,target=/src/node_modules \
yarn run build && mkdir /out && cp -Rf dist /out/
FROM scratch AS build-update
COPY --from=build /out /
FROM build AS build-validate
RUN --mount=type=bind,target=.,rw \
git add -A && cp -rf /out/* .; \
if [ -n "$(git status --porcelain -- dist)" ]; then \
echo >&2 'ERROR: Build result differs. Please build first with "docker buildx bake build"'; \
git status --porcelain -- dist; \
exit 1; \
fi
FROM deps AS format
RUN --mount=type=bind,target=.,rw \
--mount=type=cache,target=/src/node_modules \
yarn run format \
&& mkdir /out && find . -name '*.ts' -not -path './node_modules/*' | cpio -pdm /out
FROM scratch AS format-update
COPY --from=format /out /
FROM deps AS format-validate
RUN --mount=type=bind,target=.,rw \
--mount=type=cache,target=/src/node_modules \
yarn run format-check \

View File

@@ -1,34 +0,0 @@
# syntax=docker/dockerfile:1.2
ARG NODE_VERSION
FROM node:${NODE_VERSION}-alpine AS base
RUN apk add --no-cache binutils curl git unzip
ENV GLIBC_VER=2.31-r0
RUN curl -sL "https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub" -o "/etc/apk/keys/sgerrand.rsa.pub" \
&& curl -sLO "https://github.com/sgerrand/alpine-pkg-glibc/releases/download/${GLIBC_VER}/glibc-${GLIBC_VER}.apk" \
&& curl -sLO "https://github.com/sgerrand/alpine-pkg-glibc/releases/download/${GLIBC_VER}/glibc-bin-${GLIBC_VER}.apk" \
&& apk add --no-cache \
glibc-${GLIBC_VER}.apk \
glibc-bin-${GLIBC_VER}.apk \
&& curl -sL "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" \
&& unzip -qq "awscliv2.zip" \
&& ./aws/install \
&& aws --version
WORKDIR /src
FROM base AS deps
RUN --mount=type=bind,target=.,rw \
--mount=type=cache,target=/src/node_modules \
yarn install
FROM deps AS test
ENV RUNNER_TEMP=/tmp/github_runner
ENV RUNNER_TOOL_CACHE=/tmp/github_tool_cache
RUN --mount=type=bind,target=.,rw \
--mount=type=cache,target=/src/node_modules \
--mount=type=bind,from=crazymax/docker,source=/usr/libexec/docker/cli-plugins/docker-buildx,target=/usr/libexec/docker/cli-plugins/docker-buildx \
--mount=type=bind,from=crazymax/docker,source=/usr/local/bin/docker,target=/usr/bin/docker \
yarn run test --coverageDirectory=/tmp/coverage
FROM scratch AS test-coverage
COPY --from=test /tmp/coverage /

View File

@@ -1,23 +0,0 @@
# syntax=docker/dockerfile:1.2
ARG NODE_VERSION
FROM node:${NODE_VERSION}-alpine AS base
RUN apk add --no-cache git
WORKDIR /src
FROM base AS vendored
RUN --mount=type=bind,target=.,rw \
--mount=type=cache,target=/src/node_modules \
yarn install && mkdir /out && cp yarn.lock /out
FROM scratch AS update
COPY --from=vendored /out /
FROM vendored AS validate
RUN --mount=type=bind,target=.,rw \
git add -A && cp -rf /out/* .; \
if [ -n "$(git status --porcelain -- yarn.lock)" ]; then \
echo >&2 'ERROR: Vendor result differs. Please vendor your package with "docker buildx bake vendor-update"'; \
git status --porcelain -- yarn.lock; \
exit 1; \
fi

View File

@@ -2,9 +2,7 @@ module.exports = {
clearMocks: true,
moduleFileExtensions: ['js', 'ts'],
setupFiles: ["dotenv/config"],
testEnvironment: 'node',
testMatch: ['**/*.test.ts'],
testRunner: 'jest-circus/runner',
transform: {
'^.+\\.ts$': 'ts-jest'
},

View File

@@ -4,8 +4,8 @@
"main": "lib/main.js",
"scripts": {
"build": "tsc && ncc build",
"format": "prettier --write **/*.ts",
"format-check": "prettier --check **/*.ts",
"format": "prettier --write '**/*.ts'",
"format-check": "prettier --check '**/*.ts'",
"test": "jest --coverage",
"pre-checkin": "yarn run format && yarn run build"
},
@@ -27,22 +27,21 @@
],
"license": "MIT",
"dependencies": {
"@actions/core": "^1.2.6",
"@actions/exec": "^1.0.4",
"@actions/io": "^1.0.2",
"semver": "^7.3.2"
"@actions/core": "^1.6.0",
"@actions/exec": "^1.1.0",
"@actions/io": "^1.1.1",
"@aws-sdk/client-ecr": "^3.53.0",
"@aws-sdk/client-ecr-public": "^3.53.0",
"http-proxy-agent": "^5.0.0",
"https-proxy-agent": "^5.0.0"
},
"devDependencies": {
"@types/jest": "^26.0.3",
"@types/node": "^14.0.14",
"@vercel/ncc": "^0.23.0",
"dotenv": "^8.2.0",
"jest": "^26.1.0",
"jest-circus": "^26.1.0",
"jest-runtime": "^26.1.0",
"prettier": "^2.0.5",
"ts-jest": "^26.1.1",
"typescript": "^3.9.5",
"typescript-formatter": "^7.2.2"
"@types/node": "^16.11.26",
"@vercel/ncc": "^0.33.3",
"dotenv": "^16.0.0",
"jest": "^27.2.5",
"prettier": "^2.5.1",
"ts-jest": "^27.1.2",
"typescript": "^4.4.4"
}
}

View File

@@ -1,6 +1,9 @@
import * as semver from 'semver';
import * as io from '@actions/io';
import * as execm from './exec';
import * as core from '@actions/core';
import {ECR} from '@aws-sdk/client-ecr';
import {ECRPUBLIC} from '@aws-sdk/client-ecr-public';
import {NodeHttpHandler} from '@aws-sdk/node-http-handler';
import {HttpProxyAgent} from 'http-proxy-agent';
import {HttpsProxyAgent} from 'https-proxy-agent';
const ecrRegistryRegex = /^(([0-9]{12})\.dkr\.ecr\.(.+)\.amazonaws\.com(.cn)?)(\/([^:]+)(:.+)?)?$/;
@@ -38,56 +41,93 @@ export const getAccountIDs = (registry: string): string[] => {
return accountIDs.filter((item, index) => accountIDs.indexOf(item) === index);
};
export const getCLI = async (): Promise<string> => {
return io.which('aws', true);
};
export interface RegistryData {
registry: string;
username: string;
password: string;
}
export const execCLI = async (args: string[]): Promise<string> => {
return execm.exec(await getCLI(), args, true).then(res => {
if (res.stderr != '' && !res.success) {
throw new Error(res.stderr);
} else if (res.stderr != '') {
return res.stderr.trim();
export const getRegistriesData = async (registry: string, username?: string, password?: string): Promise<RegistryData[]> => {
const region = getRegion(registry);
const accountIDs = getAccountIDs(registry);
const authTokenRequest = {};
if (accountIDs.length > 0) {
core.debug(`Requesting AWS ECR auth token for ${accountIDs.join(', ')}`);
authTokenRequest['registryIds'] = accountIDs;
}
let httpProxyAgent: any = null;
const httpProxy = process.env.http_proxy || process.env.HTTP_PROXY || '';
if (httpProxy) {
core.debug(`Using http proxy ${httpProxy}`);
httpProxyAgent = new HttpProxyAgent(httpProxy);
}
let httpsProxyAgent: any = null;
const httpsProxy = process.env.https_proxy || process.env.HTTPS_PROXY || '';
if (httpsProxy) {
core.debug(`Using https proxy ${httpsProxy}`);
httpsProxyAgent = new HttpsProxyAgent(httpsProxy);
}
const credentials =
username && password
? {
accessKeyId: username,
secretAccessKey: password
}
: undefined;
if (isPubECR(registry)) {
core.info(`AWS Public ECR detected with ${region} region`);
const ecrPublic = new ECRPUBLIC({
customUserAgent: 'docker-login-action',
credentials,
region: region,
requestHandler: new NodeHttpHandler({
httpAgent: httpProxyAgent,
httpsAgent: httpsProxyAgent
})
});
const authTokenResponse = await ecrPublic.getAuthorizationToken(authTokenRequest);
if (!authTokenResponse.authorizationData || !authTokenResponse.authorizationData.authorizationToken) {
throw new Error('Could not retrieve an authorization token from AWS Public ECR');
}
const authToken = Buffer.from(authTokenResponse.authorizationData.authorizationToken, 'base64').toString('utf-8');
const creds = authToken.split(':', 2);
return [
{
registry: 'public.ecr.aws',
username: creds[0],
password: creds[1]
}
];
} else {
return res.stdout.trim();
}
core.info(`AWS ECR detected with ${region} region`);
const ecr = new ECR({
customUserAgent: 'docker-login-action',
credentials,
region: region,
requestHandler: new NodeHttpHandler({
httpAgent: httpProxyAgent,
httpsAgent: httpsProxyAgent
})
});
};
export const getCLIVersion = async (): Promise<string> => {
return parseCLIVersion(await execCLI(['--version']));
};
export const parseCLIVersion = async (stdout: string): Promise<string> => {
const matches = /aws-cli\/([0-9.]+)/.exec(stdout);
if (!matches) {
throw new Error(`Cannot parse AWS CLI version`);
const authTokenResponse = await ecr.getAuthorizationToken(authTokenRequest);
if (!Array.isArray(authTokenResponse.authorizationData) || !authTokenResponse.authorizationData.length) {
throw new Error('Could not retrieve an authorization token from AWS ECR');
}
return semver.clean(matches[1]);
};
export const getDockerLoginCmds = async (
cliVersion: string,
registry: string,
region: string,
accountIDs: string[]
): Promise<string[]> => {
let ecrCmd = (await isPubECR(registry)) ? 'ecr-public' : 'ecr';
if (semver.satisfies(cliVersion, '>=2.0.0') || (await isPubECR(registry))) {
return execCLI([ecrCmd, 'get-login-password', '--region', region]).then(pwd => {
return [`docker login --username AWS --password ${pwd} ${registry}`];
});
} else {
return execCLI([
ecrCmd,
'get-login',
'--region',
region,
'--registry-ids',
accountIDs.join(' '),
'--no-include-email'
]).then(dockerLoginCmds => {
return dockerLoginCmds.trim().split(`\n`);
const regDatas: RegistryData[] = [];
for (const authData of authTokenResponse.authorizationData) {
const authToken = Buffer.from(authData.authorizationToken || '', 'base64').toString('utf-8');
const creds = authToken.split(':', 2);
regDatas.push({
registry: authData.proxyEndpoint || '',
username: creds[0],
password: creds[1]
});
}
return regDatas;
}
};

View File

@@ -4,7 +4,8 @@ export interface Inputs {
registry: string;
username: string;
password: string;
logout: string;
ecr: string;
logout: boolean;
}
export function getInputs(): Inputs {
@@ -12,6 +13,7 @@ export function getInputs(): Inputs {
registry: core.getInput('registry'),
username: core.getInput('username'),
password: core.getInput('password'),
logout: core.getInput('logout')
ecr: core.getInput('ecr'),
logout: core.getBooleanInput('logout')
};
}

View File

@@ -1,9 +1,9 @@
import * as core from '@actions/core';
import * as aws from './aws';
import * as execm from './exec';
import * as core from '@actions/core';
import * as exec from '@actions/exec';
export async function login(registry: string, username: string, password: string): Promise<void> {
if (await aws.isECR(registry)) {
export async function login(registry: string, username: string, password: string, ecr: string): Promise<void> {
if (/true/i.test(ecr) || (ecr == 'auto' && aws.isECR(registry))) {
await loginECR(registry, username, password);
} else {
await loginStandard(registry, username, password);
@@ -11,9 +11,13 @@ export async function login(registry: string, username: string, password: string
}
export async function logout(registry: string): Promise<void> {
await execm.exec('docker', ['logout', registry], false).then(res => {
if (res.stderr != '' && !res.success) {
core.warning(res.stderr);
await exec
.getExecOutput('docker', ['logout', registry], {
ignoreReturnCode: true
})
.then(res => {
if (res.stderr.length > 0 && res.exitCode != 0) {
core.warning(res.stderr.trim());
}
});
}
@@ -32,43 +36,36 @@ export async function loginStandard(registry: string, username: string, password
} else {
core.info(`Logging into Docker Hub...`);
}
await execm.exec('docker', loginArgs, true, password).then(res => {
if (res.stderr != '' && !res.success) {
throw new Error(res.stderr);
await exec
.getExecOutput('docker', loginArgs, {
ignoreReturnCode: true,
silent: true,
input: Buffer.from(password)
})
.then(res => {
if (res.stderr.length > 0 && res.exitCode != 0) {
throw new Error(res.stderr.trim());
}
core.info(`Login Succeeded!`);
});
}
export async function loginECR(registry: string, username: string, password: string): Promise<void> {
const cliPath = await aws.getCLI();
const cliVersion = await aws.getCLIVersion();
const region = await aws.getRegion(registry);
const accountIDs = await aws.getAccountIDs(registry);
if (await aws.isPubECR(registry)) {
core.info(`AWS Public ECR detected with ${region} region`);
} else {
core.info(`AWS ECR detected with ${region} region`);
core.info(`Retrieving registries data through AWS SDK...`);
const regDatas = await aws.getRegistriesData(registry, username, password);
for (const regData of regDatas) {
core.info(`Logging into ${regData.registry}...`);
await exec
.getExecOutput('docker', ['login', '--password-stdin', '--username', regData.username, regData.registry], {
ignoreReturnCode: true,
silent: true,
input: Buffer.from(regData.password)
})
.then(res => {
if (res.stderr.length > 0 && res.exitCode != 0) {
throw new Error(res.stderr.trim());
}
process.env.AWS_ACCESS_KEY_ID = username || process.env.AWS_ACCESS_KEY_ID;
process.env.AWS_SECRET_ACCESS_KEY = password || process.env.AWS_SECRET_ACCESS_KEY;
core.info(`Retrieving docker login command through AWS CLI ${cliVersion} (${cliPath})...`);
const loginCmds = await aws.getDockerLoginCmds(cliVersion, registry, region, accountIDs);
core.info(`Logging into ${registry}...`);
loginCmds.forEach((loginCmd, index) => {
execm.exec(loginCmd, [], true).then(res => {
if (res.stderr != '' && !res.success) {
throw new Error(res.stderr);
}
if (loginCmds.length > 1) {
core.info(`Login Succeeded! (${index}/${loginCmds.length})`);
} else {
core.info('Login Succeeded!');
}
});
});
}
}

View File

@@ -1,40 +0,0 @@
import * as actionsExec from '@actions/exec';
import {ExecOptions} from '@actions/exec';
export interface ExecResult {
success: boolean;
stdout: string;
stderr: string;
}
export const exec = async (
command: string,
args: string[] = [],
silent: boolean,
stdin?: string
): Promise<ExecResult> => {
let stdout: string = '';
let stderr: string = '';
const options: ExecOptions = {
silent: silent,
ignoreReturnCode: true,
input: Buffer.from(stdin || '')
};
options.listeners = {
stdout: (data: Buffer) => {
stdout += data.toString();
},
stderr: (data: Buffer) => {
stderr += data.toString();
}
};
const returnCode: number = await actionsExec.exec(command, args, options);
return {
success: returnCode === 0,
stdout: stdout.trim(),
stderr: stderr.trim()
};
};

View File

@@ -5,11 +5,11 @@ import * as stateHelper from './state-helper';
export async function run(): Promise<void> {
try {
const {registry, username, password, logout} = context.getInputs();
stateHelper.setRegistry(registry);
stateHelper.setLogout(logout);
await docker.login(registry, username, password);
} catch (error) {
const input: context.Inputs = context.getInputs();
stateHelper.setRegistry(input.registry);
stateHelper.setLogout(input.logout);
await docker.login(input.registry, input.username, input.password, input.ecr);
} catch (error: any) {
core.setFailed(error.message);
}
}

View File

@@ -8,7 +8,7 @@ export function setRegistry(registry: string) {
core.saveState('registry', registry);
}
export function setLogout(logout: string) {
export function setLogout(logout: boolean) {
core.saveState('logout', logout);
}

View File

@@ -1,11 +1,7 @@
{
"compilerOptions": {
"target": "es6",
"target": "esnext",
"module": "commonjs",
"lib": [
"es6",
"dom"
],
"newLine": "lf",
"outDir": "./lib",
"rootDir": "./src",

4399
yarn.lock

File diff suppressed because it is too large Load Diff