Skip to content

Commit aa2614b

Browse files
renkohrenkoh
committed
use get-login-password for all aws-cli versions, add region specification from plugin config
1 parent 13835df commit aa2614b

File tree

3 files changed

+49
-40
lines changed

3 files changed

+49
-40
lines changed

hooks/lib/ecr-registry-provider.bash

Lines changed: 11 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -1,18 +1,16 @@
11
login() {
2-
local aws_cli_version=$(aws --version 2>&1 | cut -d " " -f1 | cut -d "/" -f2)
2+
local account_id=$(aws sts get-caller-identity --query Account --output text)
3+
local region=$(get_ecr_region)
34

4-
if [[ $aws_cli_version =~ ^1 ]]; then
5-
$(aws ecr get-login --no-include-email)
6-
else
7-
local account_id=$(aws sts get-caller-identity --query Account --output text)
8-
local region=$AWS_REGION
9-
10-
aws ecr get-login-password \
11-
--region "${region}" \
12-
| docker login \
13-
--username AWS \
14-
--password-stdin "${account_id}".dkr.ecr."${region}".amazonaws.com
15-
fi
5+
aws ecr get-login-password \
6+
--region "${region}" \
7+
| docker login \
8+
--username AWS \
9+
--password-stdin "${account_id}".dkr.ecr."${region}".amazonaws.com
10+
}
11+
12+
get_ecr_region() {
13+
echo "${BUILDKITE_PLUGIN_DOCKER_ECR_CACHE_REGION:-${AWS_DEFAULT_REGION:-eu-west-1}}"
1614
}
1715

1816
get_registry_url() {

plugin.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,4 +31,6 @@ configuration:
3131
type: string
3232
registry-hostname:
3333
type: string
34+
region:
35+
type: string
3436
required: []

tests/ecr-registry-provider.bats

Lines changed: 36 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -9,22 +9,23 @@ load "$PWD/hooks/lib/ecr-registry-provider.bash"
99

1010
pre_command_hook="$PWD/hooks/pre-command"
1111

12-
@test "ECR: Applies lifecycle policy to existing repositories with aws-cli v1" {
12+
@test "ECR: Applies lifecycle policy to existing repositories" {
13+
export AWS_DEFAULT_REGION="ap-southeast-2"
1314
export BUILDKITE_ORGANIZATION_SLUG="example-org"
1415
export BUILDKITE_PIPELINE_SLUG="example-pipeline"
1516
local expected_repository_name="build-cache/example-org/example-pipeline"
1617

1718
stub aws \
18-
"--version : echo 'aws-cli/1.22.58 Python/3.9.2 Linux/5.10.76-linuxkit botocore/1.24.3'" \
19-
"ecr get-login --no-include-email : echo docker login -u AWS -p 1234 https://1234567891012.dkr.ecr.ap-southeast-2.amazonaws.com" \
19+
"sts get-caller-identity --query Account --output text : echo 1234567891012" \
20+
"ecr get-login-password --region ap-southeast-2 : echo secure-ecr-password" \
2021
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].registryId : echo looked up repository" \
2122
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].repositoryArn : echo arn:aws:ecr:ap-southeast-2:1234567891012:repository/${expected_repository_name}" \
2223
"ecr tag-resource * : echo tag existing resource" \
2324
"ecr put-lifecycle-policy * : echo put lifecycle policy" \
2425
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].repositoryUri : echo https://1234567891012.dkr.ecr.ap-southeast-2.amazonaws.com"
2526

2627
stub docker \
27-
"login -u AWS -p 1234 https://1234567891012.dkr.ecr.ap-southeast-2.amazonaws.com : echo logging in to docker" \
28+
"login --username AWS --password-stdin 1234567891012.dkr.ecr.ap-southeast-2.amazonaws.com : echo logging in to docker" \
2829
"pull : echo pulled image"
2930

3031
stub sha1sum \
@@ -47,22 +48,24 @@ pre_command_hook="$PWD/hooks/pre-command"
4748
unstub sha1sum
4849
}
4950

50-
@test "ECR: Builds new images with tags with aws-cli v1" {
51+
@test "ECR: Builds new images with tags" {
52+
export AWS_DEFAULT_REGION="ap-southeast-2"
5153
export BUILDKITE_ORGANIZATION_SLUG="example-org"
5254
export BUILDKITE_PIPELINE_SLUG="example-pipeline"
5355
local expected_repository_name="build-cache/example-org/example-pipeline"
5456
local repository_uri="1234567891012.dkr.ecr.ap-southeast-2.amazonaws.com/${expected_repository_name}"
5557

5658
stub aws \
57-
"--version : echo 'aws-cli/1.22.58 Python/3.9.2 Linux/5.10.76-linuxkit botocore/1.24.3'" \
58-
"ecr get-login --no-include-email : echo docker login -u AWS -p 1234 https://1234567891012.dkr.ecr.ap-southeast-2.amazonaws.com" \
59+
"sts get-caller-identity --query Account --output text : echo 1234567891012" \
60+
"ecr get-login-password --region ap-southeast-2 : echo secure-ecr-password" \
5961
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].registryId : echo looked up repository" \
6062
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].repositoryArn : echo arn:aws:ecr:ap-southeast-2:1234567891012:repository/${expected_repository_name}" \
6163
"ecr tag-resource * : echo tag existing resource" \
6264
"ecr put-lifecycle-policy * : echo put lifecycle policy" \
63-
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].repositoryUri : echo ${repository_uri}"
65+
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].repositoryUri : echo ${repository_uri}" \
66+
6467
stub docker \
65-
"login -u AWS -p 1234 https://1234567891012.dkr.ecr.ap-southeast-2.amazonaws.com : echo logging in to docker" \
68+
"login --username AWS --password-stdin 1234567891012.dkr.ecr.ap-southeast-2.amazonaws.com : echo logging in to docker" \
6669
"pull : echo not found && false" \
6770
"build * : echo building docker image" \
6871
"tag ${repository_uri}:deadbee ${repository_uri}:latest : echo tagged latest" \
@@ -92,65 +95,71 @@ pre_command_hook="$PWD/hooks/pre-command"
9295
unstub sha1sum
9396
}
9497

95-
@test "ECR: Applies lifecycle policy to existing repositories with aws-cli v2" {
96-
export AWS_REGION="ap-southeast-2"
98+
@test "ECR: Uses correct region when region not specified and AWS_DEFAULT_REGION not set" {
9799
export BUILDKITE_ORGANIZATION_SLUG="example-org"
98100
export BUILDKITE_PIPELINE_SLUG="example-pipeline"
99101
local expected_repository_name="build-cache/example-org/example-pipeline"
102+
local repository_uri="1234567891012.dkr.ecr.eu-west-1.amazonaws.com/${expected_repository_name}"
100103

101104
stub aws \
102-
"--version : echo 'aws-cli/2.4.15 Python/3.9.2 Linux/5.10.76-linuxkit botocore/1.24.3'" \
103105
"sts get-caller-identity --query Account --output text : echo 1234567891012" \
104-
"ecr get-login-password --region ap-southeast-2 : echo secure-ecr-password" \
106+
"ecr get-login-password --region eu-west-1 : echo secure-ecr-password" \
105107
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].registryId : echo looked up repository" \
106-
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].repositoryArn : echo arn:aws:ecr:ap-southeast-2:1234567891012:repository/${expected_repository_name}" \
108+
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].repositoryArn : echo arn:aws:ecr:eu-west-1:1234567891012:repository/${expected_repository_name}" \
107109
"ecr tag-resource * : echo tag existing resource" \
108110
"ecr put-lifecycle-policy * : echo put lifecycle policy" \
109-
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].repositoryUri : echo https://1234567891012.dkr.ecr.ap-southeast-2.amazonaws.com"
110-
111+
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].repositoryUri : echo ${repository_uri}" \
112+
111113
stub docker \
112-
"login --username AWS --password-stdin 1234567891012.dkr.ecr.ap-southeast-2.amazonaws.com : echo logging in to docker" \
113-
"pull : echo pulled image"
114+
"login --username AWS --password-stdin 1234567891012.dkr.ecr.eu-west-1.amazonaws.com : echo logging in to docker" \
115+
"pull : echo not found && false" \
116+
"build * : echo building docker image" \
117+
"tag ${repository_uri}:deadbee ${repository_uri}:latest : echo tagged latest" \
118+
"push ${repository_uri}:deadbee : echo pushed deadbeef" \
119+
"push ${repository_uri}:latest : echo pushed latest"
114120

115121
stub sha1sum \
116122
"Dockerfile : echo 'sha1sum(Dockerfile)'" \
117123
": echo sha1sum" \
118124
": echo sha1sum" \
119-
": echo sha1sum"
125+
": echo deadbeef"
120126

121127
run "${pre_command_hook}"
122128

123129
assert_success
124130
assert_output --partial "logging in to docker"
125-
assert_output --partial "pulled image"
126131
assert_output --partial "looked up repository"
132+
assert_output --partial "building docker image"
127133
assert_output --partial "tag existing resource"
128134
assert_output --partial "put lifecycle policy"
135+
assert_output --partial "tagged latest"
136+
assert_output --partial "pushed deadbeef"
137+
assert_output --partial "pushed latest"
129138

130139
unstub aws
131140
unstub docker
132141
unstub sha1sum
133142
}
134143

135-
@test "ECR: Builds new images with tags with aws-cli v2" {
136-
export AWS_REGION="ap-southeast-2"
144+
@test "ECR: Uses correct region when region is specified" {
145+
export AWS_DEFAULT_REGION="ap-southeast-2"
146+
export BUILDKITE_PLUGIN_DOCKER_ECR_CACHE_REGION="ap-southeast-1"
137147
export BUILDKITE_ORGANIZATION_SLUG="example-org"
138148
export BUILDKITE_PIPELINE_SLUG="example-pipeline"
139149
local expected_repository_name="build-cache/example-org/example-pipeline"
140-
local repository_uri="1234567891012.dkr.ecr.ap-southeast-2.amazonaws.com/${expected_repository_name}"
150+
local repository_uri="1234567891012.dkr.ecr.ap-southeast-1.amazonaws.com/${expected_repository_name}"
141151

142152
stub aws \
143-
"--version : echo 'aws-cli/2.4.15 Python/3.9.2 Linux/5.10.76-linuxkit botocore/1.24.3'" \
144153
"sts get-caller-identity --query Account --output text : echo 1234567891012" \
145-
"ecr get-login-password --region ap-southeast-2 : echo secure-ecr-password" \
154+
"ecr get-login-password --region ap-southeast-1 : echo secure-ecr-password" \
146155
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].registryId : echo looked up repository" \
147-
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].repositoryArn : echo arn:aws:ecr:ap-southeast-2:1234567891012:repository/${expected_repository_name}" \
156+
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].repositoryArn : echo arn:aws:ecr:ap-southeast-1:1234567891012:repository/${expected_repository_name}" \
148157
"ecr tag-resource * : echo tag existing resource" \
149158
"ecr put-lifecycle-policy * : echo put lifecycle policy" \
150159
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].repositoryUri : echo ${repository_uri}" \
151160

152161
stub docker \
153-
"login --username AWS --password-stdin 1234567891012.dkr.ecr.ap-southeast-2.amazonaws.com : echo logging in to docker" \
162+
"login --username AWS --password-stdin 1234567891012.dkr.ecr.ap-southeast-1.amazonaws.com : echo logging in to docker" \
154163
"pull : echo not found && false" \
155164
"build * : echo building docker image" \
156165
"tag ${repository_uri}:deadbee ${repository_uri}:latest : echo tagged latest" \

0 commit comments

Comments
 (0)