Merge pull request #226 from mhumeSF/repo-lifecycle-policy-addition

Add ability to append lifecycle and repository policies for ECR
This commit is contained in:
Thomas Boerger 2019-03-07 10:21:53 +01:00 committed by GitHub
commit fe2bf98530
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -3,6 +3,7 @@ package main
import ( import (
"encoding/base64" "encoding/base64"
"fmt" "fmt"
"io/ioutil"
"log" "log"
"os" "os"
"os/exec" "os/exec"
@ -19,11 +20,13 @@ const defaultRegion = "us-east-1"
func main() { func main() {
var ( var (
repo = getenv("PLUGIN_REPO") repo = getenv("PLUGIN_REPO")
region = getenv("PLUGIN_REGION", "ECR_REGION", "AWS_REGION") region = getenv("PLUGIN_REGION", "ECR_REGION", "AWS_REGION")
key = getenv("PLUGIN_ACCESS_KEY", "ECR_ACCESS_KEY", "AWS_ACCESS_KEY_ID") key = getenv("PLUGIN_ACCESS_KEY", "ECR_ACCESS_KEY", "AWS_ACCESS_KEY_ID")
secret = getenv("PLUGIN_SECRET_KEY", "ECR_SECRET_KEY", "AWS_SECRET_ACCESS_KEY") secret = getenv("PLUGIN_SECRET_KEY", "ECR_SECRET_KEY", "AWS_SECRET_ACCESS_KEY")
create = parseBoolOrDefault(false, getenv("PLUGIN_CREATE_REPOSITORY", "ECR_CREATE_REPOSITORY")) create = parseBoolOrDefault(false, getenv("PLUGIN_CREATE_REPOSITORY", "ECR_CREATE_REPOSITORY"))
lifecyclePolicy = getenv("PLUGIN_LIFECYCLE_POLICY")
repositoryPolicy = getenv("PLUGIN_REPOSITORY_POLICY")
) )
// set the region // set the region
@ -61,6 +64,26 @@ func main() {
} }
} }
if lifecyclePolicy != "" {
p, err := ioutil.ReadFile(lifecyclePolicy)
if err != nil {
log.Fatal(err)
}
if err := uploadLifeCyclePolicy(svc, string(p), trimHostname(repo, registry)); err != nil {
log.Fatal(fmt.Sprintf("error uploading ECR lifecycle policy: %v", err))
}
}
if repositoryPolicy != "" {
p, err := ioutil.ReadFile(repositoryPolicy)
if err != nil {
log.Fatal(err)
}
if err := uploadRepositoryPolicy(svc, string(p), trimHostname(repo, registry)); err != nil {
log.Fatal(fmt.Sprintf("error uploading ECR repository policy. %v", err))
}
}
os.Setenv("PLUGIN_REPO", repo) os.Setenv("PLUGIN_REPO", repo)
os.Setenv("PLUGIN_REGISTRY", registry) os.Setenv("PLUGIN_REGISTRY", registry)
os.Setenv("DOCKER_USERNAME", username) os.Setenv("DOCKER_USERNAME", username)
@ -95,6 +118,24 @@ func ensureRepoExists(svc *ecr.ECR, name string) (err error) {
return return
} }
func uploadLifeCyclePolicy(svc *ecr.ECR, lifecyclePolicy string, name string) (err error) {
input := &ecr.PutLifecyclePolicyInput{}
input.SetLifecyclePolicyText(lifecyclePolicy)
input.SetRepositoryName(name)
_, err = svc.PutLifecyclePolicy(input)
return err
}
func uploadRepositoryPolicy(svc *ecr.ECR, repositoryPolicy string, name string) (err error) {
input := &ecr.SetRepositoryPolicyInput{}
input.SetPolicyText(repositoryPolicy)
input.SetRepositoryName(name)
_, err = svc.SetRepositoryPolicy(input)
return err
}
func getAuthInfo(svc *ecr.ECR) (username, password, registry string, err error) { func getAuthInfo(svc *ecr.ECR) (username, password, registry string, err error) {
var result *ecr.GetAuthorizationTokenOutput var result *ecr.GetAuthorizationTokenOutput
var decoded []byte var decoded []byte