mirror of
				https://github.com/docker/login-action.git
				synced 2025-10-25 20:37:39 +08:00 
			
		
		
		
	Handle AWS credentials
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
This commit is contained in:
		
							parent
							
								
									39ef12fb7a
								
							
						
					
					
						commit
						5df5104555
					
				
							
								
								
									
										
											BIN
										
									
								
								.github/docker-login.png
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										
											BIN
										
									
								
								.github/docker-login.png
									
									
									
									
										vendored
									
									
								
							
										
											Binary file not shown.
										
									
								
							| Before Width: | Height: | Size: 5.0 KiB After Width: | Height: | Size: 5.0 KiB | 
							
								
								
									
										31
									
								
								.github/workflows/ci.yml
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										31
									
								
								.github/workflows/ci.yml
									
									
									
									
										vendored
									
									
								
							| @ -117,3 +117,34 @@ jobs: | |||||||
| #        if: always() | #        if: always() | ||||||
| #        run: | | #        run: | | ||||||
| #          rm -f ${HOME}/.docker/config.json | #          rm -f ${HOME}/.docker/config.json | ||||||
|  | # | ||||||
|  | #  ecr-aws-creds: | ||||||
|  | #    runs-on: ${{ matrix.os }} | ||||||
|  | #    strategy: | ||||||
|  | #      fail-fast: false | ||||||
|  | #      matrix: | ||||||
|  | #        os: | ||||||
|  | #          - ubuntu-20.04 | ||||||
|  | #          - ubuntu-18.04 | ||||||
|  | #          - ubuntu-16.04 | ||||||
|  | #    steps: | ||||||
|  | #      - | ||||||
|  | #        name: Checkout | ||||||
|  | #        uses: actions/checkout@v2.3.1 | ||||||
|  | #      - | ||||||
|  | #        name: Configure AWS Credentials | ||||||
|  | #        uses: aws-actions/configure-aws-credentials@v1 | ||||||
|  | #        with: | ||||||
|  | #          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | ||||||
|  | #          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | ||||||
|  | #          aws-region: ${{ secrets.AWS_REGION }} | ||||||
|  | #      - | ||||||
|  | #        name: Login to ECR | ||||||
|  | #        uses: ./ | ||||||
|  | #        with: | ||||||
|  | #          registry: ${{ secrets.AWS_ACCOUNT_NUMBER }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com | ||||||
|  | #      - | ||||||
|  | #        name: Clear | ||||||
|  | #        if: always() | ||||||
|  | #        run: | | ||||||
|  | #          rm -f ${HOME}/.docker/config.json | ||||||
|  | |||||||
							
								
								
									
										28
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										28
									
								
								README.md
									
									
									
									
									
								
							| @ -213,6 +213,34 @@ jobs: | |||||||
|           password: ${{ secrets.AWS_SECRET_ACCESS_KEY }} |           password: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | ||||||
| ``` | ``` | ||||||
| 
 | 
 | ||||||
|  | You can also use the [Configure AWS Credentials](https://github.com/aws-actions/configure-aws-credentials) action in | ||||||
|  | combination with this action: | ||||||
|  | 
 | ||||||
|  | ```yaml | ||||||
|  | name: ci | ||||||
|  | 
 | ||||||
|  | on: | ||||||
|  |   push: | ||||||
|  |     branches: master | ||||||
|  | 
 | ||||||
|  | jobs: | ||||||
|  |   login: | ||||||
|  |     runs-on: ubuntu-latest | ||||||
|  |     steps: | ||||||
|  |       - | ||||||
|  |         name: Configure AWS Credentials | ||||||
|  |         uses: aws-actions/configure-aws-credentials@v1 | ||||||
|  |         with: | ||||||
|  |           aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | ||||||
|  |           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | ||||||
|  |           aws-region: <region> | ||||||
|  |       - | ||||||
|  |         name: Login to ECR | ||||||
|  |         uses: docker/login-action@v1 | ||||||
|  |         with: | ||||||
|  |           registry: <aws-account-number>.dkr.ecr.<region>.amazonaws.com | ||||||
|  | ``` | ||||||
|  | 
 | ||||||
| > Replace `<aws-account-number>` and `<region>` with their respective values. | > Replace `<aws-account-number>` and `<region>` with their respective values. | ||||||
| 
 | 
 | ||||||
| ## Customizing | ## Customizing | ||||||
|  | |||||||
| @ -2,20 +2,7 @@ import osm = require('os'); | |||||||
| 
 | 
 | ||||||
| import {getInputs} from '../src/context'; | import {getInputs} from '../src/context'; | ||||||
| 
 | 
 | ||||||
| test('without username getInputs throws errors', async () => { | test('with password and username getInputs does not throw error', async () => { | ||||||
|   expect(() => { |  | ||||||
|     getInputs(); |  | ||||||
|   }).toThrowError('Input required and not supplied: username'); |  | ||||||
| }); |  | ||||||
| 
 |  | ||||||
| test('without password getInputs throws errors', async () => { |  | ||||||
|   process.env['INPUT_USERNAME'] = 'dbowie'; |  | ||||||
|   expect(() => { |  | ||||||
|     getInputs(); |  | ||||||
|   }).toThrowError('Input required and not supplied: password'); |  | ||||||
| }); |  | ||||||
| 
 |  | ||||||
| test('with password and username getInputs does not error', async () => { |  | ||||||
|   process.env['INPUT_USERNAME'] = 'dbowie'; |   process.env['INPUT_USERNAME'] = 'dbowie'; | ||||||
|   process.env['INPUT_PASSWORD'] = 'groundcontrol'; |   process.env['INPUT_PASSWORD'] = 'groundcontrol'; | ||||||
|   expect(() => { |   expect(() => { | ||||||
|  | |||||||
| @ -17,7 +17,7 @@ test('errors when not run on linux platform', async () => { | |||||||
|   expect(coreSpy).toHaveBeenCalledWith('Only supported on linux platform'); |   expect(coreSpy).toHaveBeenCalledWith('Only supported on linux platform'); | ||||||
| }); | }); | ||||||
| 
 | 
 | ||||||
| test('errors without username', async () => { | test('errors without username and password', async () => { | ||||||
|   const platSpy = jest.spyOn(osm, 'platform'); |   const platSpy = jest.spyOn(osm, 'platform'); | ||||||
|   platSpy.mockImplementation(() => 'linux'); |   platSpy.mockImplementation(() => 'linux'); | ||||||
| 
 | 
 | ||||||
| @ -25,21 +25,7 @@ test('errors without username', async () => { | |||||||
| 
 | 
 | ||||||
|   await run(); |   await run(); | ||||||
| 
 | 
 | ||||||
|   expect(coreSpy).toHaveBeenCalledWith('Input required and not supplied: username'); |   expect(coreSpy).toHaveBeenCalledWith('Username and password required'); | ||||||
| }); |  | ||||||
| 
 |  | ||||||
| test('errors without password', async () => { |  | ||||||
|   const platSpy = jest.spyOn(osm, 'platform'); |  | ||||||
|   platSpy.mockImplementation(() => 'linux'); |  | ||||||
| 
 |  | ||||||
|   const coreSpy: jest.SpyInstance = jest.spyOn(core, 'setFailed'); |  | ||||||
| 
 |  | ||||||
|   const username: string = 'dbowie'; |  | ||||||
|   process.env[`INPUT_USERNAME`] = username; |  | ||||||
| 
 |  | ||||||
|   await run(); |  | ||||||
| 
 |  | ||||||
|   expect(coreSpy).toHaveBeenCalledWith('Input required and not supplied: password'); |  | ||||||
| }); | }); | ||||||
| 
 | 
 | ||||||
| test('successful with username and password', async () => { | test('successful with username and password', async () => { | ||||||
| @ -79,7 +65,7 @@ test('calls docker login', async () => { | |||||||
|   const password: string = 'groundcontrol'; |   const password: string = 'groundcontrol'; | ||||||
|   process.env[`INPUT_PASSWORD`] = password; |   process.env[`INPUT_PASSWORD`] = password; | ||||||
| 
 | 
 | ||||||
|   const registry: string = 'https://ghcr.io'; |   const registry: string = 'ghcr.io'; | ||||||
|   process.env[`INPUT_REGISTRY`] = registry; |   process.env[`INPUT_REGISTRY`] = registry; | ||||||
| 
 | 
 | ||||||
|   const logout: string = 'true'; |   const logout: string = 'true'; | ||||||
|  | |||||||
| @ -12,10 +12,10 @@ inputs: | |||||||
|     required: false |     required: false | ||||||
|   username: |   username: | ||||||
|     description: 'Username used to log against the Docker registry' |     description: 'Username used to log against the Docker registry' | ||||||
|     required: true |     required: false | ||||||
|   password: |   password: | ||||||
|     description: 'Password or personal access token used to log against the Docker registry' |     description: 'Password or personal access token used to log against the Docker registry' | ||||||
|     required: true |     required: false | ||||||
|   logout: |   logout: | ||||||
|     description: 'Log out from the Docker registry at the end of a job' |     description: 'Log out from the Docker registry at the end of a job' | ||||||
|     default: 'true' |     default: 'true' | ||||||
|  | |||||||
							
								
								
									
										15
									
								
								dist/index.js
									
									
									
										generated
									
									
										vendored
									
									
								
							
							
						
						
									
										15
									
								
								dist/index.js
									
									
									
										generated
									
									
										vendored
									
									
								
							| @ -3062,10 +3062,11 @@ function logout(registry) { | |||||||
| exports.logout = logout; | exports.logout = logout; | ||||||
| function loginStandard(registry, username, password) { | function loginStandard(registry, username, password) { | ||||||
|     return __awaiter(this, void 0, void 0, function* () { |     return __awaiter(this, void 0, void 0, function* () { | ||||||
|         let loginArgs = ['login', '--password-stdin']; |         if (!username || !password) { | ||||||
|         if (username) { |             throw new Error('Username and password required'); | ||||||
|             loginArgs.push('--username', username); |  | ||||||
|         } |         } | ||||||
|  |         let loginArgs = ['login', '--password-stdin']; | ||||||
|  |         loginArgs.push('--username', username); | ||||||
|         loginArgs.push(registry); |         loginArgs.push(registry); | ||||||
|         if (registry) { |         if (registry) { | ||||||
|             core.info(`🔑 Logging into ${registry}...`); |             core.info(`🔑 Logging into ${registry}...`); | ||||||
| @ -3088,8 +3089,8 @@ function loginECR(registry, username, password) { | |||||||
|         const cliVersion = yield aws.getCLIVersion(); |         const cliVersion = yield aws.getCLIVersion(); | ||||||
|         const region = yield aws.getRegion(registry); |         const region = yield aws.getRegion(registry); | ||||||
|         core.info(`💡 AWS ECR detected with ${region} region`); |         core.info(`💡 AWS ECR detected with ${region} region`); | ||||||
|         process.env.AWS_ACCESS_KEY_ID = username; |         process.env.AWS_ACCESS_KEY_ID = username || process.env.AWS_ACCESS_KEY_ID; | ||||||
|         process.env.AWS_SECRET_ACCESS_KEY = password; |         process.env.AWS_SECRET_ACCESS_KEY = password || process.env.AWS_SECRET_ACCESS_KEY; | ||||||
|         core.info(`⬇️ Retrieving docker login command through AWS CLI ${cliVersion} (${cliPath})...`); |         core.info(`⬇️ Retrieving docker login command through AWS CLI ${cliVersion} (${cliPath})...`); | ||||||
|         const loginCmd = yield aws.getDockerLoginCmd(cliVersion, registry, region); |         const loginCmd = yield aws.getDockerLoginCmd(cliVersion, registry, region); | ||||||
|         core.info(`🔑 Logging into ${registry}...`); |         core.info(`🔑 Logging into ${registry}...`); | ||||||
| @ -3647,8 +3648,8 @@ const core = __importStar(__webpack_require__(186)); | |||||||
| function getInputs() { | function getInputs() { | ||||||
|     return { |     return { | ||||||
|         registry: core.getInput('registry'), |         registry: core.getInput('registry'), | ||||||
|         username: core.getInput('username', { required: true }), |         username: core.getInput('username'), | ||||||
|         password: core.getInput('password', { required: true }), |         password: core.getInput('password'), | ||||||
|         logout: core.getInput('logout') |         logout: core.getInput('logout') | ||||||
|     }; |     }; | ||||||
| } | } | ||||||
|  | |||||||
| @ -10,8 +10,8 @@ export interface Inputs { | |||||||
| export function getInputs(): Inputs { | export function getInputs(): Inputs { | ||||||
|   return { |   return { | ||||||
|     registry: core.getInput('registry'), |     registry: core.getInput('registry'), | ||||||
|     username: core.getInput('username', {required: true}), |     username: core.getInput('username'), | ||||||
|     password: core.getInput('password', {required: true}), |     password: core.getInput('password'), | ||||||
|     logout: core.getInput('logout') |     logout: core.getInput('logout') | ||||||
|   }; |   }; | ||||||
| } | } | ||||||
|  | |||||||
| @ -19,10 +19,12 @@ export async function logout(registry: string): Promise<void> { | |||||||
| } | } | ||||||
| 
 | 
 | ||||||
| export async function loginStandard(registry: string, username: string, password: string): Promise<void> { | export async function loginStandard(registry: string, username: string, password: string): Promise<void> { | ||||||
|   let loginArgs: Array<string> = ['login', '--password-stdin']; |   if (!username || !password) { | ||||||
|   if (username) { |     throw new Error('Username and password required'); | ||||||
|     loginArgs.push('--username', username); |  | ||||||
|   } |   } | ||||||
|  | 
 | ||||||
|  |   let loginArgs: Array<string> = ['login', '--password-stdin']; | ||||||
|  |   loginArgs.push('--username', username); | ||||||
|   loginArgs.push(registry); |   loginArgs.push(registry); | ||||||
| 
 | 
 | ||||||
|   if (registry) { |   if (registry) { | ||||||
| @ -44,8 +46,8 @@ export async function loginECR(registry: string, username: string, password: str | |||||||
|   const region = await aws.getRegion(registry); |   const region = await aws.getRegion(registry); | ||||||
|   core.info(`💡 AWS ECR detected with ${region} region`); |   core.info(`💡 AWS ECR detected with ${region} region`); | ||||||
| 
 | 
 | ||||||
|   process.env.AWS_ACCESS_KEY_ID = username; |   process.env.AWS_ACCESS_KEY_ID = username || process.env.AWS_ACCESS_KEY_ID; | ||||||
|   process.env.AWS_SECRET_ACCESS_KEY = password; |   process.env.AWS_SECRET_ACCESS_KEY = password || process.env.AWS_SECRET_ACCESS_KEY; | ||||||
| 
 | 
 | ||||||
|   core.info(`⬇️ Retrieving docker login command through AWS CLI ${cliVersion} (${cliPath})...`); |   core.info(`⬇️ Retrieving docker login command through AWS CLI ${cliVersion} (${cliPath})...`); | ||||||
|   const loginCmd = await aws.getDockerLoginCmd(cliVersion, registry, region); |   const loginCmd = await aws.getDockerLoginCmd(cliVersion, registry, region); | ||||||
|  | |||||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user
	 CrazyMax
						CrazyMax