mirror of
				https://github.com/docker/login-action.git
				synced 2025-10-26 21:07:36 +08:00 
			
		
		
		
	Handle AWS credentials
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
This commit is contained in:
		
							parent
							
								
									39ef12fb7a
								
							
						
					
					
						commit
						5df5104555
					
				
							
								
								
									
										
											BIN
										
									
								
								.github/docker-login.png
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										
											BIN
										
									
								
								.github/docker-login.png
									
									
									
									
										vendored
									
									
								
							
										
											Binary file not shown.
										
									
								
							| Before Width: | Height: | Size: 5.0 KiB After Width: | Height: | Size: 5.0 KiB | 
							
								
								
									
										31
									
								
								.github/workflows/ci.yml
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										31
									
								
								.github/workflows/ci.yml
									
									
									
									
										vendored
									
									
								
							| @ -117,3 +117,34 @@ jobs: | ||||
| #        if: always() | ||||
| #        run: | | ||||
| #          rm -f ${HOME}/.docker/config.json | ||||
| # | ||||
| #  ecr-aws-creds: | ||||
| #    runs-on: ${{ matrix.os }} | ||||
| #    strategy: | ||||
| #      fail-fast: false | ||||
| #      matrix: | ||||
| #        os: | ||||
| #          - ubuntu-20.04 | ||||
| #          - ubuntu-18.04 | ||||
| #          - ubuntu-16.04 | ||||
| #    steps: | ||||
| #      - | ||||
| #        name: Checkout | ||||
| #        uses: actions/checkout@v2.3.1 | ||||
| #      - | ||||
| #        name: Configure AWS Credentials | ||||
| #        uses: aws-actions/configure-aws-credentials@v1 | ||||
| #        with: | ||||
| #          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | ||||
| #          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | ||||
| #          aws-region: ${{ secrets.AWS_REGION }} | ||||
| #      - | ||||
| #        name: Login to ECR | ||||
| #        uses: ./ | ||||
| #        with: | ||||
| #          registry: ${{ secrets.AWS_ACCOUNT_NUMBER }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com | ||||
| #      - | ||||
| #        name: Clear | ||||
| #        if: always() | ||||
| #        run: | | ||||
| #          rm -f ${HOME}/.docker/config.json | ||||
|  | ||||
							
								
								
									
										28
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										28
									
								
								README.md
									
									
									
									
									
								
							| @ -213,6 +213,34 @@ jobs: | ||||
|           password: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | ||||
| ``` | ||||
| 
 | ||||
| You can also use the [Configure AWS Credentials](https://github.com/aws-actions/configure-aws-credentials) action in | ||||
| combination with this action: | ||||
| 
 | ||||
| ```yaml | ||||
| name: ci | ||||
| 
 | ||||
| on: | ||||
|   push: | ||||
|     branches: master | ||||
| 
 | ||||
| jobs: | ||||
|   login: | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - | ||||
|         name: Configure AWS Credentials | ||||
|         uses: aws-actions/configure-aws-credentials@v1 | ||||
|         with: | ||||
|           aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | ||||
|           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | ||||
|           aws-region: <region> | ||||
|       - | ||||
|         name: Login to ECR | ||||
|         uses: docker/login-action@v1 | ||||
|         with: | ||||
|           registry: <aws-account-number>.dkr.ecr.<region>.amazonaws.com | ||||
| ``` | ||||
| 
 | ||||
| > Replace `<aws-account-number>` and `<region>` with their respective values. | ||||
| 
 | ||||
| ## Customizing | ||||
|  | ||||
| @ -2,20 +2,7 @@ import osm = require('os'); | ||||
| 
 | ||||
| import {getInputs} from '../src/context'; | ||||
| 
 | ||||
| test('without username getInputs throws errors', async () => { | ||||
|   expect(() => { | ||||
|     getInputs(); | ||||
|   }).toThrowError('Input required and not supplied: username'); | ||||
| }); | ||||
| 
 | ||||
| test('without password getInputs throws errors', async () => { | ||||
|   process.env['INPUT_USERNAME'] = 'dbowie'; | ||||
|   expect(() => { | ||||
|     getInputs(); | ||||
|   }).toThrowError('Input required and not supplied: password'); | ||||
| }); | ||||
| 
 | ||||
| test('with password and username getInputs does not error', async () => { | ||||
| test('with password and username getInputs does not throw error', async () => { | ||||
|   process.env['INPUT_USERNAME'] = 'dbowie'; | ||||
|   process.env['INPUT_PASSWORD'] = 'groundcontrol'; | ||||
|   expect(() => { | ||||
|  | ||||
| @ -17,7 +17,7 @@ test('errors when not run on linux platform', async () => { | ||||
|   expect(coreSpy).toHaveBeenCalledWith('Only supported on linux platform'); | ||||
| }); | ||||
| 
 | ||||
| test('errors without username', async () => { | ||||
| test('errors without username and password', async () => { | ||||
|   const platSpy = jest.spyOn(osm, 'platform'); | ||||
|   platSpy.mockImplementation(() => 'linux'); | ||||
| 
 | ||||
| @ -25,21 +25,7 @@ test('errors without username', async () => { | ||||
| 
 | ||||
|   await run(); | ||||
| 
 | ||||
|   expect(coreSpy).toHaveBeenCalledWith('Input required and not supplied: username'); | ||||
| }); | ||||
| 
 | ||||
| test('errors without password', async () => { | ||||
|   const platSpy = jest.spyOn(osm, 'platform'); | ||||
|   platSpy.mockImplementation(() => 'linux'); | ||||
| 
 | ||||
|   const coreSpy: jest.SpyInstance = jest.spyOn(core, 'setFailed'); | ||||
| 
 | ||||
|   const username: string = 'dbowie'; | ||||
|   process.env[`INPUT_USERNAME`] = username; | ||||
| 
 | ||||
|   await run(); | ||||
| 
 | ||||
|   expect(coreSpy).toHaveBeenCalledWith('Input required and not supplied: password'); | ||||
|   expect(coreSpy).toHaveBeenCalledWith('Username and password required'); | ||||
| }); | ||||
| 
 | ||||
| test('successful with username and password', async () => { | ||||
| @ -79,7 +65,7 @@ test('calls docker login', async () => { | ||||
|   const password: string = 'groundcontrol'; | ||||
|   process.env[`INPUT_PASSWORD`] = password; | ||||
| 
 | ||||
|   const registry: string = 'https://ghcr.io'; | ||||
|   const registry: string = 'ghcr.io'; | ||||
|   process.env[`INPUT_REGISTRY`] = registry; | ||||
| 
 | ||||
|   const logout: string = 'true'; | ||||
|  | ||||
| @ -12,10 +12,10 @@ inputs: | ||||
|     required: false | ||||
|   username: | ||||
|     description: 'Username used to log against the Docker registry' | ||||
|     required: true | ||||
|     required: false | ||||
|   password: | ||||
|     description: 'Password or personal access token used to log against the Docker registry' | ||||
|     required: true | ||||
|     required: false | ||||
|   logout: | ||||
|     description: 'Log out from the Docker registry at the end of a job' | ||||
|     default: 'true' | ||||
|  | ||||
							
								
								
									
										15
									
								
								dist/index.js
									
									
									
										generated
									
									
										vendored
									
									
								
							
							
						
						
									
										15
									
								
								dist/index.js
									
									
									
										generated
									
									
										vendored
									
									
								
							| @ -3062,10 +3062,11 @@ function logout(registry) { | ||||
| exports.logout = logout; | ||||
| function loginStandard(registry, username, password) { | ||||
|     return __awaiter(this, void 0, void 0, function* () { | ||||
|         let loginArgs = ['login', '--password-stdin']; | ||||
|         if (username) { | ||||
|             loginArgs.push('--username', username); | ||||
|         if (!username || !password) { | ||||
|             throw new Error('Username and password required'); | ||||
|         } | ||||
|         let loginArgs = ['login', '--password-stdin']; | ||||
|         loginArgs.push('--username', username); | ||||
|         loginArgs.push(registry); | ||||
|         if (registry) { | ||||
|             core.info(`🔑 Logging into ${registry}...`); | ||||
| @ -3088,8 +3089,8 @@ function loginECR(registry, username, password) { | ||||
|         const cliVersion = yield aws.getCLIVersion(); | ||||
|         const region = yield aws.getRegion(registry); | ||||
|         core.info(`💡 AWS ECR detected with ${region} region`); | ||||
|         process.env.AWS_ACCESS_KEY_ID = username; | ||||
|         process.env.AWS_SECRET_ACCESS_KEY = password; | ||||
|         process.env.AWS_ACCESS_KEY_ID = username || process.env.AWS_ACCESS_KEY_ID; | ||||
|         process.env.AWS_SECRET_ACCESS_KEY = password || process.env.AWS_SECRET_ACCESS_KEY; | ||||
|         core.info(`⬇️ Retrieving docker login command through AWS CLI ${cliVersion} (${cliPath})...`); | ||||
|         const loginCmd = yield aws.getDockerLoginCmd(cliVersion, registry, region); | ||||
|         core.info(`🔑 Logging into ${registry}...`); | ||||
| @ -3647,8 +3648,8 @@ const core = __importStar(__webpack_require__(186)); | ||||
| function getInputs() { | ||||
|     return { | ||||
|         registry: core.getInput('registry'), | ||||
|         username: core.getInput('username', { required: true }), | ||||
|         password: core.getInput('password', { required: true }), | ||||
|         username: core.getInput('username'), | ||||
|         password: core.getInput('password'), | ||||
|         logout: core.getInput('logout') | ||||
|     }; | ||||
| } | ||||
|  | ||||
| @ -10,8 +10,8 @@ export interface Inputs { | ||||
| export function getInputs(): Inputs { | ||||
|   return { | ||||
|     registry: core.getInput('registry'), | ||||
|     username: core.getInput('username', {required: true}), | ||||
|     password: core.getInput('password', {required: true}), | ||||
|     username: core.getInput('username'), | ||||
|     password: core.getInput('password'), | ||||
|     logout: core.getInput('logout') | ||||
|   }; | ||||
| } | ||||
|  | ||||
| @ -19,10 +19,12 @@ export async function logout(registry: string): Promise<void> { | ||||
| } | ||||
| 
 | ||||
| export async function loginStandard(registry: string, username: string, password: string): Promise<void> { | ||||
|   let loginArgs: Array<string> = ['login', '--password-stdin']; | ||||
|   if (username) { | ||||
|     loginArgs.push('--username', username); | ||||
|   if (!username || !password) { | ||||
|     throw new Error('Username and password required'); | ||||
|   } | ||||
| 
 | ||||
|   let loginArgs: Array<string> = ['login', '--password-stdin']; | ||||
|   loginArgs.push('--username', username); | ||||
|   loginArgs.push(registry); | ||||
| 
 | ||||
|   if (registry) { | ||||
| @ -44,8 +46,8 @@ export async function loginECR(registry: string, username: string, password: str | ||||
|   const region = await aws.getRegion(registry); | ||||
|   core.info(`💡 AWS ECR detected with ${region} region`); | ||||
| 
 | ||||
|   process.env.AWS_ACCESS_KEY_ID = username; | ||||
|   process.env.AWS_SECRET_ACCESS_KEY = password; | ||||
|   process.env.AWS_ACCESS_KEY_ID = username || process.env.AWS_ACCESS_KEY_ID; | ||||
|   process.env.AWS_SECRET_ACCESS_KEY = password || process.env.AWS_SECRET_ACCESS_KEY; | ||||
| 
 | ||||
|   core.info(`⬇️ Retrieving docker login command through AWS CLI ${cliVersion} (${cliPath})...`); | ||||
|   const loginCmd = await aws.getDockerLoginCmd(cliVersion, registry, region); | ||||
|  | ||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user
	 CrazyMax
						CrazyMax