From 5df51045558cd7ffd02f8d12f1c5cd790a0dec1a Mon Sep 17 00:00:00 2001 From: CrazyMax Date: Tue, 20 Oct 2020 14:41:56 +0200 Subject: [PATCH 1/2] Handle AWS credentials Signed-off-by: CrazyMax --- .github/docker-login.png | Bin 5147 -> 5134 bytes .github/workflows/ci.yml | 31 +++++++++++++++++++++++++++++++ README.md | 28 ++++++++++++++++++++++++++++ __tests__/context.test.ts | 15 +-------------- __tests__/main.test.ts | 20 +++----------------- action.yml | 4 ++-- dist/index.js | 15 ++++++++------- src/context.ts | 4 ++-- src/docker.ts | 12 +++++++----- 9 files changed, 82 insertions(+), 47 deletions(-) diff --git a/.github/docker-login.png b/.github/docker-login.png index 580bc18683526a3584ec88683ef34cf5ccdce4e6..b6ef96381d555d036a2330619af973f4ef0d5328 100644 GIT binary patch literal 5134 zcmY*dcU03`vyFfhse;l$dR36#3`$o)K%@vHh|>8{f+SSwMLI%MItl_3N)$pUq4y%? z3PR`@h=2r8l+Xk3-nYEp``)Z|=A1KY)~vJk>^*;+L~~Ok<_o+RKp+tFo!j~rAkaC| z-;0l)`tQg{J0uANqRKEgu{02qmXlWn6Nu|a$0uUaK`?2#N+KrRQclb=s}e5vs-RR% z`k@#cLqG?a{gdeqL$5ECy7wU;9(5<0AxFieqx*>KmBe*<)x_Y&vtlQ3q$)UlXk9+8 z7pe-rB`rr7%7T^>2t-Wr5+SntBzve!R`zEDV4#t}!a&n;Ot_(UM^POt#KSz730gQN1UC};kXh;QtVmUNF)1lp zrpqw&XmK2>sI**M_PVf?9Jj=^yA0e^R8*$LXO-|EMqVi~NnvJo!3JTbxljNfM%irG*twuM}j~Rpw3WGQwXTT2V`XrvN8r4gF&*=poeWc3Lwx$^*j1HmO-OgXe`=}Oa=B_a!Xg( zeppohk~aHCLqZ}?=Bg%{vi;~AH$kxCH zu&10!yK-D~!vifLF!(40Q*=|AU1`hM-aw|NO``w;O{M1Y#$?M$W82HD&C%Qv0XFlP5VDHs*O>wSIZ) z+F<+w*QBCL-Xc65x7Xhb%4u+TxE}n7>4KFL&Fc2Ydx#S6o3^CM(B1T({*g+LJ;nsE zXkga8{c>K>GEeCC$lPNIdrzLV zRMAj7{gYsdqux(`giq@9>sh3S;9RNCGw*nHsd#UHK&@L8OB^%O=hF=ovVYJ1*8NfX1rJ;;efS~I&c-Q) zQQgc4EBc$v%lgZ=WvVy%920`^CS_^=_IuB(J}DnK_f3CXp#Y8G){Li2!;?bAbENu5 zu6kMqemJnk0)e!#OBuOlf>q591MQfs>(M28!O0|pA}r^ zzmH0Ks|zv3eQ~Fz2l|o6rO%}cd99%uEk+{ zqog(C7_%Lx!3P67nVOW=IcO;LAVkUrb|by-(F@12>Hh6rc#N6{JcF+&8sOf{HxNu* z$25nw!vh?G8{EbR7K?HvHMOQ3)2?KnMetW&J1m}`8D2j$k-z}9&;z0wbZ+G?%cvvo zo0rR&K#hE-U5|>`^Mg;3Ic<+CNjLkqXH}Z_4cBpqo-Cu6ljN)vm`7kW07p&LJpFv< zWsqI6OwVT-f0t-~25(r6F&0or(6J@HHXG#{O!V}Ckt=3a1!?e;J8Fgtxmqdn0L9`P zhGQA$`y1y%MvG(FpwmuCQo1_H!fEk3Z23sW2(BgU#r!HJ3CJ#XK9I;~;efmzVb()z z?kwM5@pYAqf07$oSQ~*-b(W7fy5YxAON}OoyCRs+TjR51fK7JzmT&5D)MwdNIR?a4 z^cE?hX*uQ*MwmLZ+<6W4U}jKzpuWjEaeU>{-M=Jh-xKZfADdghJUV*o6)mQp4a6_x zo;wuT#a1^Za~TBug`Ic)#(L>3P1uvaHh9m30(PLEz`QYK-8mgkjpeMQKrK@xX6n(@K|{3)*BP-)lu?lPZ7w0@IM}PcMln z;=Li~4wYqJ*P<3t+$m$qqr&yMFCV(b`%&DdGt3QUU z;Z=u)Is1E8JElGh7W~cEYb)FD zFIK6V&{~wfVS=R|a9>zKl3p$a_$xF$-sQ@2wWD{M)8N+SF;F{&Qzjj%rA?Yus z)dSJ7=8&b(u@?mF5GncbGBSx`7X+RM9e#V>Dkh4 z-7!u5#KCdVStT;<%n>;Sdp$AeLC1?4ElM8Vv~hb`+MaX_-Q^PDWC*>x$UjxmCuMS5BP~)lH781<{Bht zGAdB&Q73NO#;)BkX{fLF6Y&OrvYO_04f>d~Z9hZgpitsJ2>*eCcvB&;OO!fAg_2!H z$4|@^XgGbMyo?^gSKUloehes2Ko0E?+&y8es&#t7#&@1jh6m z<8JVE+^QNXxTJl3K&4_>w)Gp~KD8PQIzfC<3dabvyasbMTulDQqwiqT$iWb1VzfU2&hwGetTcogM zocYR1`cd^$>&GHl)3I4hCp zMX2Lk-~4D-$2pLse1hx8xUwW5Pa^3d{{G$=E^kUy0CdOrb_|2PpaVKf58vl^e(O`% zwAF0@|77OAH)IKC#W9%%T>2Wb^$CITr<_*0{0I#WhjO`C;@jI=m0+#VWb|F`uI_AC zi(vXelR7gji4yp=J+}Xx;$wjIpqH#&&}8A}*MMLiLwjQ4@jk(ZSWNtJxwHCSl3|={ zA!$`=mSTYiV)6@vQaCUf`;V}@M;M9zT15G7Xt5i*IZv*t8f|} zA#OiMQL-p^`Vs0$s*BhjeJF{})LDY_7kgKjx$egmJ3BaX3f&od*~8;F-xz`~m8p?5 z(?l!C^a-ghrb@G7l+q=oiQxo20M zC8`ud;Z=*K?#F8I+$#4vA^vDHl-XCQ;92|hu#56d{lZvx*cFOm5LjHFW5V$f@DhPez4~hIrK{ThMdktq{BERG?ydD%>T(0iRF@1;J9FB zcDq#vqlmWE*@J^XX^-gtFzzJ9Eaa=({y6nbWS-!G?eT60;9f#!@UMvfjEaA*ij7z8 zURjky41C~Ay7<}_tW4Z<<7Co8Z<%{-k8~%A#hy&rkc6)GZ4@ss&Ncho6kC872>rSS zak^zAH>BnM8da*7+x4Ne-K|JbIHXHDHdd(K@z-s4&M;MW(E~}N5`osh*7aSOYrpQx zz;II6w2VP}tg|&241>bG-Ap+-e4LY%p8%-?5*u08G8|TLX`EZjR4p!(7hXEF01TZk zMw~YXnJn7|%koCLMQnMM(%%Ppe-DEKy7;?uawnrIEL-qUYOAZPAlVt!?0(#K<~G#H z@AU&^`j~6|*jUG|C!yo5a9br-&P1>E5L7jwkr|9zx19%{FN=v&SyW+i+!P{vvvpKi|Uz`4jeEgFq}X<&9SP z?VH!beTc)tm-}~ZUHtm3edgGH*sTsWe)~DtI%LpSm;$*Kr1jzjypxd5_ho&C<%eC$ zj9*}tKc4u{@4gcieGo8VxGMP~EiMhW;+v&Qw{L(IXkS6Ed4)A=K`{;A3 z>q(!3il#WvdjwULShmQZ2-<}zSM&iPD z=Ep)pN1*7;Qh-Yiv8B|=*%P>RfqaGfJ~O^Z;}2N@;fFIx=TKz~sQ|Qe zPI5Q<-iH*xS_F@~<ImH~6n(0#oo zwGU0I?d>7*17=yjW~#1U{d5n)QV0}(H9xWwRZ5a_3RmR=)w!|S%ioZ%BDub3q^R3} z!&mByWZV{GPyDm>e5M+#-NjqJyuq9;BBH!f+Gdm;cp0+6t+f`lDq6sJ(J~46$FaRW6U;DK2VEThs|p z>s>6b^oAI}x!_Ve*nimj{=t{gI=PI?b{C=)XOwXvejV}M0pfLmzH6B?=Gy$6&i&^Q zDw;es%30-4wQ4tGIR~^QxT$#(qD@RHtHXBMItE=lm~8nRMYWEB5IR&wz@6B>sAv4O zRV!gwY%Nk{mkh5qQMG**VLAB*LgSTc`qXi588HbE{ctYLn-VR zA#}7P1`PsP!bCdc#v+=V~esl~*B9YlOb`2h|hqXMZ>E?5cG> zqiQXt{b^zC^4CU|=Ps(qH+ce?2loEH*;WGe)SMigp@MDIbVeq8T>dH%B=T9A@~ r+3KF}s_qnSSmuAxR{u%+0o^6}o3uuW;*b9R=L6j_Fx5xvI!6Bwje7Q` literal 5147 zcmb7IXH*l|whmoD!J!u^a~Va1p%ZE(j0n=DNQa0B(n1hIZ$<%85C##V21t|+LPUB( zK%@)7C@Lis0STdn7CIp>v+j>~-+FJ&z3;~<>#TG3S!;j$?C(4K(REw%Gkj8f007{O z#Whn00Dx_SHLp9x&gvToF+;3D4Sv-XekI(`2ObCum3In+`T-(*psMm3I`TfSE<9Xb zQ(aSCUPIeJN6SD%U0zvTLtTCJ;(b}xQ69L3%~hVCrvy*yh&-P+Kh0X=4ZG$R0RZp| z{ngmMOeGz&7CG;j*qE@c&E`M$;Q|1JVHTz)PB9Z}Q_ujJ(Zaq>a<5?He66ppZ9$9- z`CYKNUb}@&+v`xLcQqbk64p~UJij^9|DiJ|hWe8m>5B0RUI32YU=O_8_UozY{I~pm zK9D>c=L~S2cL+qxQXHY-s@Alg@8>obbjHNcE}BxH&wODhxaX5V7nK|O7DIcXCAg={ z)Q^aSK_M_1z)ghvXgmNAz{@TJP%*)9+&g~?4tUFn5CG)Mli1!1aT)+z?}K>&R%fYz zoBwl@>3Md-B9HlQW}?paan~r)nKpb{-0l04bhJx;Et+<6i32xF0ptqVR%RJT^aWa{MWvo7cR3MV(7PJ3MkYuNQ~9_@)xyY8ua0r1A){b?a3uX-Cl(%5(^!s zl*YDId$ZToN32R>r%uClv5Wxc6Bks)LW{$zzG1ehX-U9!vn&Yycg?0pfiU56crSom3%V+ZktALw|D2~L- zQb;$6wWMSKhM*z<2e^9u$2k3GV3x8o#x}Z%)uW;9N$+A5Ft>9%lK0+gK`e@hyma}# z!U95cd>m#iSQm&lO0GMSmb^!-5~j9`apKmanRPL9_;Mlt4EDsCAM{&i8-plm*;72Z zw$ym2m};HUCpP%KMg(nt#*V4C!Eh-Vr}HI-4xyflQ1>247Esk(2bC8E0Rhs%90a%2 z>3)VhaYae=@TyOmk=bHiDFBRjm7wbPlBPEE!{keC5Vo-bm@6Ut^r7`|4cKFYSQ+a! zy+x7rRQ4&QUgY|xtV@oM1-}Bom%s7Se}FR1`1X-oR2qY#%m)~!WYa^FY{lP@o`9o= z&$zd9fXPmZB&aFN;Df&d0nfqsk?XOHo}rg23c?AB08*3~&mqFRIiYxW5*swb{E+WO z0NF(oi~%I?eD1>&hMmz#{{)N?v9?|oWEdB$##mdFovy>@%4}RdpVsjU7s*1DpPuX6 zi9WF_SXZ95UH3(uEU!FN1GUYsO_bUNCBNc49O2nJr}woXRV*PP_62yaC^$jl_M#tC zT{Cf*sz70bJEgJ{)>rew^<@njd{;Uj>e8`GiP+r{yC7sx$5BO-e-}E$vxD|Z2W?D< z8fi+jai=ct*_)z&`3}9xQHZ_6jw>-hB!$Ghj+E=)p|{tNf!1xC{lVlygH4wjZpj)N_aEP!437Axq^)k{BeW4Z)AvhR47!7hhOYjc1$wLY{7 zre%(9eKB1}8QdxqR}2a+QPrL=V7)48{zuL@=E0!w;=`HKm!X?mV>&wfILxLdDq*`90!^aUC<5CXDH+*``p_R&`QW8tS(+{{B$#6S^#Q~~ zqIu`T%R$@y2pV^@#svi%_^<|Lr03D{jtN4)2f_xwmdDO;-?yMXz(VkvlaQ9iX{fYr z;uegN+}6MxX+8OLveUTNJlbA&cgoxjbo{yYcjmi@kv{x)LQ@hMeW6*N6IV3)M6ib_ zN?!I) z8{%OHx(wx7tv!Z8Vm$Fcf6U`(@=EY%tygo>APqF|`)vWZUzmcdj~@p?<4%mypC?dD zi@}}rQO>#U67VNI#e20?))>4m)#rwH*&oLApZSrxNeB0l6b4%L_{dItk|%k8;BaCu zs5!}v{FcxhsPG4-`U-h=zM(VMnG>hoRGff%dNg(}3wgl|GWYrREjqU-(-us(86T%; zH;LX8sItZI6sw*{#BFXJzjs7=$7~rt*qYoKufZOl$Tc1B6niwUjh*xtlc`HMHI zGa9~-kASZOhB{FdPSjaC_2iYNNRd9NxHN$OX}gUDBp=SydRZZWN>ThZ@Ky_E+`be& zzPNgxgs81_z%+lLt)WgRghj%|d$Q7U3fAFO#*QWco(V-v z*ZXb{)Eg!rbq))5H2SZJ%O$^Fd_jPE7Ij#}VAYTa4h`E1kNsoy3Z<+k^5UVB%{Yigcw654R95uLcfuS2qHODH>j$6p!?(jck*E-|l8V*<-O z1>~?QQ+lF}7r1aFC&pLnjbnVX*!>SiZ%7RORLMQa-s1O|(LLpRH!iOHIXHL)n-)kD zS&bDR*`9AFV1qinw23S382muBX_fKrmzY(vu#r`uqNPoxFyXd1JIK{}tTc4p9Z+ra z9Xyk~F`iS`T&Nvw8Cibw6JEl&y~|oHhq5zf^ZDZK;?>aG@aq9;nZ0GfH9d-tZ32ZG z&)FFj!V^c?U7_KVBA{@34?0tm+Og~xK=mJy>{Axo%3X}mG9*9UY@^ja{!aK? zQ~sLIPq{s&l>uU`*LvhGPW6ULe;xLgkx?V(J<4#rGW;wf!aj2SrL>jTb-nWNiL+uq zqXNU1vv3#@d%1>E6hbyq-czBGS!w0s!7sPCqIi$*oi1rA&Fupfp_RP)>smRY6FA)o_=V{r*>vNpXXtMjoY!r3xp4M+*~8UJ zODSa#f=ZyoP~@8+;WP}=!seGrYEsiTs&f*N}o>w z?;X_D4v}bJyUGMdF(_x;_252=Jyz6`+d$M{8vjVOjG41H_mUFsLcPv#9I5PyX~;S(;AQ+q zLhzVIvNPEHh|+vDZok~z`3H&LKGb-^0VhO#&yoFq>*jw6in!{;?cUaGmtijnT9O^$ zjphwL`pGtu(Q$;0LB7pO)M!qKcI)s!mGqm8rEopQdo_ z&5VuA@4PWw{PKvO|L}eZP?`vgJ5P5Uzz4WJ0d|4U$$c>}zATa)Hxa})1Qy4agnkOc z>6bScPOf2$nir7H?=RW+fTJ(bh0qv}Jq7D*CoNJ>9Ldh&F83>$EbN?UVEl&Y0-zV}ld8dM*usZ??}ZtCX_W1Xnrz&w6CfPTG*{zAJ68U1*!_ty)-atRFg1DMJdY_F%<$avoDKKZ%* z8!E>yJ1N#V6JKfG%S)1|BBLL^yILyYp9u9~wm7A#OaY}qzFw%%eTS8x!_;)8CNm{3 zhtMy;7mkxMheMMhTzsq;Xugj+MVzkp2}XJ4X$x>*a##7_@F(7bTH)+)j(_{ZqYM3a zW)fW&3U*2ix$ObG#tQeb4b%N-rc2sUhK{Co?9mCqZ>DgdlP4Jaun^thnx`tN1@yQr zDpZsg_{6<#>Fa|#p>LqlCI#Lh8Gf4Tk$3I}RSa}bKD043@Wj~MK{hV>6-7Kqmv%G4 zbpy4GK-J5fxVfLMpVeB@qu$m(p-mOZQV((Pxwo}1^SR^t+$9QOSF?22tRHd^Y%=OW zB#+664s>Xl6=M416Sp4lx?y}N)rF*FI0ouVLk*1IHrW&nA$>mRX^ma{Z8hcOXMyIF zp;mB2&{_)KRE2j+Mr*0yT3fk!xo4>jG_LnS*Xq+r|031%EqdZ=_G-gZFU~<#lnqRz z$Xe5-KYv$?RC2Fvg16F~?|g^I2BK=0aQru(HY^AO)7#{_zR}UDwf-M)y2kmLLLTW& zrx#*p74+A7M7`zkkvHPpA3-1YwS^@tb9pv!rOaz>XIZsOSWz7k;y>Q~_2gw!_Ub8m zFORAi^Q>1Qk9oWoXuqwGrm<)g7Ts2_BTfE#a04W_pS_ct5_Pd#sM|2}IMpoT64bwn zjR+*FmNvX7wHgQvg?}m>i^<<^xvQzwR6bD}aO+FKEo69J10|!cKr8qFNV=w)_||rE zYmVDuB759rq@cnGv}~~@HGohZRK*4v6u=(z^I2f{P0ygXOZRIWi9R}rcr zajoC4U7r5=K)uT+*H_%!3;M368;FwKrmT1oi7Bdn(|5-qXQ4MwV)`&1kawEyAc~81{7Oi&*3(!<)OuSli92@!Jde*moAo1wV2THFev4A7 zA$~y6WXmXnc5#x|$XZg2jf}DY_|>>LhcA9ZQVUW>S1{#m{W}0$uHK~@$Uag4ez#iz zXfM~UKC0YgM)@MprujHJ9NO6{iRQS+Vt;}f8`0T%xubcI$cg2fr8jci-_IzW- z@(V#pQBXrQvnI#z+)Eb8DbKimeXIe8c2v3eoQR2V5L^faqY&9mg6veJeeM2BXX+BH zOoaRl|6AjWVk@HI*(s4cZ*I!2liBM#=6PJae}N@6nAMw=dPb=BXzptRP*qLkVqd&# zYP=(_N4qBmRXq-$N+oCS4efs~PiI&gfbJNDyrbPx@Gd?RTv9$+cC4wLZMU#f+oU3c ze!&5n8C3T`Et4yYWnON-o@L{QTj}GS^?5UHgq@!-ZG0B5?9sk;u7=z%6CcOUPMD$# zCk2PzYbdsHdd!uabx-x*m8JfLURkxPIVPJM*j30=QWM51#Q`j?+M3q>ar6Fv0pDKN AO8@`> diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 831e1e1..fdae2bb 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -117,3 +117,34 @@ jobs: # if: always() # run: | # rm -f ${HOME}/.docker/config.json +# +# ecr-aws-creds: +# runs-on: ${{ matrix.os }} +# strategy: +# fail-fast: false +# matrix: +# os: +# - ubuntu-20.04 +# - ubuntu-18.04 +# - ubuntu-16.04 +# steps: +# - +# name: Checkout +# uses: actions/checkout@v2.3.1 +# - +# name: Configure AWS Credentials +# uses: aws-actions/configure-aws-credentials@v1 +# with: +# aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} +# aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} +# aws-region: ${{ secrets.AWS_REGION }} +# - +# name: Login to ECR +# uses: ./ +# with: +# registry: ${{ secrets.AWS_ACCOUNT_NUMBER }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com +# - +# name: Clear +# if: always() +# run: | +# rm -f ${HOME}/.docker/config.json diff --git a/README.md b/README.md index bcd41b1..2f56a89 100644 --- a/README.md +++ b/README.md @@ -213,6 +213,34 @@ jobs: password: ${{ secrets.AWS_SECRET_ACCESS_KEY }} ``` +You can also use the [Configure AWS Credentials](https://github.com/aws-actions/configure-aws-credentials) action in +combination with this action: + +```yaml +name: ci + +on: + push: + branches: master + +jobs: + login: + runs-on: ubuntu-latest + steps: + - + name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: + - + name: Login to ECR + uses: docker/login-action@v1 + with: + registry: .dkr.ecr..amazonaws.com +``` + > Replace `` and `` with their respective values. ## Customizing diff --git a/__tests__/context.test.ts b/__tests__/context.test.ts index 886619b..bd6abe6 100644 --- a/__tests__/context.test.ts +++ b/__tests__/context.test.ts @@ -2,20 +2,7 @@ import osm = require('os'); import {getInputs} from '../src/context'; -test('without username getInputs throws errors', async () => { - expect(() => { - getInputs(); - }).toThrowError('Input required and not supplied: username'); -}); - -test('without password getInputs throws errors', async () => { - process.env['INPUT_USERNAME'] = 'dbowie'; - expect(() => { - getInputs(); - }).toThrowError('Input required and not supplied: password'); -}); - -test('with password and username getInputs does not error', async () => { +test('with password and username getInputs does not throw error', async () => { process.env['INPUT_USERNAME'] = 'dbowie'; process.env['INPUT_PASSWORD'] = 'groundcontrol'; expect(() => { diff --git a/__tests__/main.test.ts b/__tests__/main.test.ts index 062c7c2..7c8782e 100644 --- a/__tests__/main.test.ts +++ b/__tests__/main.test.ts @@ -17,7 +17,7 @@ test('errors when not run on linux platform', async () => { expect(coreSpy).toHaveBeenCalledWith('Only supported on linux platform'); }); -test('errors without username', async () => { +test('errors without username and password', async () => { const platSpy = jest.spyOn(osm, 'platform'); platSpy.mockImplementation(() => 'linux'); @@ -25,21 +25,7 @@ test('errors without username', async () => { await run(); - expect(coreSpy).toHaveBeenCalledWith('Input required and not supplied: username'); -}); - -test('errors without password', async () => { - const platSpy = jest.spyOn(osm, 'platform'); - platSpy.mockImplementation(() => 'linux'); - - const coreSpy: jest.SpyInstance = jest.spyOn(core, 'setFailed'); - - const username: string = 'dbowie'; - process.env[`INPUT_USERNAME`] = username; - - await run(); - - expect(coreSpy).toHaveBeenCalledWith('Input required and not supplied: password'); + expect(coreSpy).toHaveBeenCalledWith('Username and password required'); }); test('successful with username and password', async () => { @@ -79,7 +65,7 @@ test('calls docker login', async () => { const password: string = 'groundcontrol'; process.env[`INPUT_PASSWORD`] = password; - const registry: string = 'https://ghcr.io'; + const registry: string = 'ghcr.io'; process.env[`INPUT_REGISTRY`] = registry; const logout: string = 'true'; diff --git a/action.yml b/action.yml index 3766856..039e609 100644 --- a/action.yml +++ b/action.yml @@ -12,10 +12,10 @@ inputs: required: false username: description: 'Username used to log against the Docker registry' - required: true + required: false password: description: 'Password or personal access token used to log against the Docker registry' - required: true + required: false logout: description: 'Log out from the Docker registry at the end of a job' default: 'true' diff --git a/dist/index.js b/dist/index.js index aec5702..8d45f5a 100644 --- a/dist/index.js +++ b/dist/index.js @@ -3062,10 +3062,11 @@ function logout(registry) { exports.logout = logout; function loginStandard(registry, username, password) { return __awaiter(this, void 0, void 0, function* () { - let loginArgs = ['login', '--password-stdin']; - if (username) { - loginArgs.push('--username', username); + if (!username || !password) { + throw new Error('Username and password required'); } + let loginArgs = ['login', '--password-stdin']; + loginArgs.push('--username', username); loginArgs.push(registry); if (registry) { core.info(`🔑 Logging into ${registry}...`); @@ -3088,8 +3089,8 @@ function loginECR(registry, username, password) { const cliVersion = yield aws.getCLIVersion(); const region = yield aws.getRegion(registry); core.info(`💡 AWS ECR detected with ${region} region`); - process.env.AWS_ACCESS_KEY_ID = username; - process.env.AWS_SECRET_ACCESS_KEY = password; + process.env.AWS_ACCESS_KEY_ID = username || process.env.AWS_ACCESS_KEY_ID; + process.env.AWS_SECRET_ACCESS_KEY = password || process.env.AWS_SECRET_ACCESS_KEY; core.info(`⬇️ Retrieving docker login command through AWS CLI ${cliVersion} (${cliPath})...`); const loginCmd = yield aws.getDockerLoginCmd(cliVersion, registry, region); core.info(`🔑 Logging into ${registry}...`); @@ -3647,8 +3648,8 @@ const core = __importStar(__webpack_require__(186)); function getInputs() { return { registry: core.getInput('registry'), - username: core.getInput('username', { required: true }), - password: core.getInput('password', { required: true }), + username: core.getInput('username'), + password: core.getInput('password'), logout: core.getInput('logout') }; } diff --git a/src/context.ts b/src/context.ts index 953ea21..9074f5c 100644 --- a/src/context.ts +++ b/src/context.ts @@ -10,8 +10,8 @@ export interface Inputs { export function getInputs(): Inputs { return { registry: core.getInput('registry'), - username: core.getInput('username', {required: true}), - password: core.getInput('password', {required: true}), + username: core.getInput('username'), + password: core.getInput('password'), logout: core.getInput('logout') }; } diff --git a/src/docker.ts b/src/docker.ts index 369666f..a5de9ea 100644 --- a/src/docker.ts +++ b/src/docker.ts @@ -19,10 +19,12 @@ export async function logout(registry: string): Promise { } export async function loginStandard(registry: string, username: string, password: string): Promise { - let loginArgs: Array = ['login', '--password-stdin']; - if (username) { - loginArgs.push('--username', username); + if (!username || !password) { + throw new Error('Username and password required'); } + + let loginArgs: Array = ['login', '--password-stdin']; + loginArgs.push('--username', username); loginArgs.push(registry); if (registry) { @@ -44,8 +46,8 @@ export async function loginECR(registry: string, username: string, password: str const region = await aws.getRegion(registry); core.info(`💡 AWS ECR detected with ${region} region`); - process.env.AWS_ACCESS_KEY_ID = username; - process.env.AWS_SECRET_ACCESS_KEY = password; + process.env.AWS_ACCESS_KEY_ID = username || process.env.AWS_ACCESS_KEY_ID; + process.env.AWS_SECRET_ACCESS_KEY = password || process.env.AWS_SECRET_ACCESS_KEY; core.info(`⬇️ Retrieving docker login command through AWS CLI ${cliVersion} (${cliPath})...`); const loginCmd = await aws.getDockerLoginCmd(cliVersion, registry, region); From 3b9e1f51cd4f55699aed8821159a5667f57abc0c Mon Sep 17 00:00:00 2001 From: CrazyMax Date: Fri, 23 Oct 2020 16:30:05 +0200 Subject: [PATCH 2/2] Add example for Google Artifact Registry Signed-off-by: CrazyMax --- README.md | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/README.md b/README.md index bcd41b1..7a0019e 100644 --- a/README.md +++ b/README.md @@ -24,6 +24,7 @@ ___ * [GitLab](#gitlab) * [Azure Container Registry (ACR)](#azure-container-registry-acr) * [Google Container Registry (GCR)](#google-container-registry-gcr) + * [Google Artifact Registry (GAR)](#google-artifact-registry-gar) * [AWS Elastic Container Registry (ECR)](#aws-elastic-container-registry-ecr) * [Customizing](#customizing) * [inputs](#inputs) @@ -162,6 +163,11 @@ jobs: ### Google Container Registry (GCR) +> [Google Artifact Registry](#google-artifact-registry-gar) is the evolution of Google Container Registry. As a +> fully-managed service with support for both container images and non-container artifacts. If you currently use +> Google Container Registry, use the information [on this page](https://cloud.google.com/artifact-registry/docs/transition/transition-from-gcr) +> to learn about transitioning to Google Artifact Registry. + Use a service account with the ability to push to GCR and [configure access control](https://cloud.google.com/container-registry/docs/access-control). Then create and download the JSON key for this service account and save content of `.json` file [as a secret](https://docs.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets#creating-encrypted-secrets-for-a-repository) @@ -187,6 +193,36 @@ jobs: password: ${{ secrets.GCR_JSON_KEY }} ``` +### Google Artifact Registry (GAR) + +Use a service account with the ability to push to GAR and [configure access control](https://cloud.google.com/artifact-registry/docs/access-control). +Then create and download the JSON key for this service account and save content of `.json` file +[as a secret](https://docs.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets#creating-encrypted-secrets-for-a-repository) +called `GAR_JSON_KEY` in your GitHub repo. Ensure you set the username to `_json_key`. + +```yaml +name: ci + +on: + push: + branches: master + +jobs: + login: + runs-on: ubuntu-latest + steps: + - + name: Login to GAR + uses: docker/login-action@v1 + with: + registry: -docker.pkg.dev + username: _json_key + password: ${{ secrets.GAR_JSON_KEY }} +``` + +> Replace `` with the regional or multi-regional [location](https://cloud.google.com/artifact-registry/docs/repo-organize#locations) +> of the repository where the image is stored. + ### AWS Elastic Container Registry (ECR) Use an IAM user with the [ability to push to ECR](https://docs.aws.amazon.com/AmazonECR/latest/userguide/ecr_managed_policies.html).