From b5b34938c5ff651c4d3df01b0d51cb887e9278e8 Mon Sep 17 00:00:00 2001 From: Joe Walton Date: Wed, 24 Apr 2019 13:31:46 +0100 Subject: [PATCH 1/5] Add Assume Role Option For ECR Pushes --- cmd/drone-ecr/main.go | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/cmd/drone-ecr/main.go b/cmd/drone-ecr/main.go index 0df3fac..0fda28d 100644 --- a/cmd/drone-ecr/main.go +++ b/cmd/drone-ecr/main.go @@ -12,6 +12,7 @@ import ( "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/aws/aws-sdk-go/aws/credentials/stscreds" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/ecr" ) @@ -27,6 +28,7 @@ func main() { create = parseBoolOrDefault(false, getenv("PLUGIN_CREATE_REPOSITORY", "ECR_CREATE_REPOSITORY")) lifecyclePolicy = getenv("PLUGIN_LIFECYCLE_POLICY") repositoryPolicy = getenv("PLUGIN_REPOSITORY_POLICY") + assumeRole = getenv("PLUGIN_ASSUME_ROLE") ) // set the region @@ -42,12 +44,12 @@ func main() { } sess, err := session.NewSession(&aws.Config{Region: ®ion}) - + if err != nil { log.Fatal(fmt.Sprintf("error creating aws session: %v", err)) } - svc := ecr.New(sess) + svc := getECRClient(sess, assumeRole) username, password, registry, err := getAuthInfo(svc) if err != nil { log.Fatal(fmt.Sprintf("error getting ECR auth: %v", err)) @@ -178,3 +180,11 @@ func getenv(key ...string) (s string) { } return } + +func getECRClient(sess *session.Session, role string) *ecr.ECR { + if role == "" { + return ecr.New(sess) + } + creds := stscreds.NewCredentials(sess, role) + return ecr.New(sess, &aws.Config{Credentials: creds}) +} From e8be4981da2b379fa810b1d075ca8e9332b670fe Mon Sep 17 00:00:00 2001 From: Thomas Boerger Date: Wed, 7 Aug 2019 09:48:46 +0200 Subject: [PATCH 2/5] Revert "Revert "append tags with autotag instead of replacing"" --- cmd/drone-docker/main.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cmd/drone-docker/main.go b/cmd/drone-docker/main.go index 712ace4..9055279 100644 --- a/cmd/drone-docker/main.go +++ b/cmd/drone-docker/main.go @@ -280,10 +280,10 @@ func run(c *cli.Context) error { c.String("commit.ref"), c.String("repo.branch"), ) { - plugin.Build.Tags = docker.DefaultTagSuffix( + plugin.Build.Tags = append(plugin.Build.Tags, docker.DefaultTagSuffix( c.String("commit.ref"), c.String("tags.suffix"), - ) + )...) } else { logrus.Printf("skipping automated docker build for %s", c.String("commit.ref")) return nil From 261afaa9ed23adac449936368ec92f32b67ddefc Mon Sep 17 00:00:00 2001 From: Brad Rydzewski Date: Thu, 15 Aug 2019 10:54:51 -0700 Subject: [PATCH 3/5] use nanoserver for 1809 --- docker/docker/Dockerfile.windows.1809 | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docker/docker/Dockerfile.windows.1809 b/docker/docker/Dockerfile.windows.1809 index 647ec42..bffc4b4 100644 --- a/docker/docker/Dockerfile.windows.1809 +++ b/docker/docker/Dockerfile.windows.1809 @@ -13,7 +13,8 @@ RUN [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tl Invoke-WebRequest $('https://github.com/docker/toolbox/releases/download/v{0}/DockerToolbox-{0}.exe' -f $env:DOCKER_VERSION) -OutFile 'dockertoolbox.exe' -UseBasicParsing RUN /innoextract.exe dockertoolbox.exe -FROM plugins/base:windows-1809 +FROM mcr.microsoft.com/windows/nanoserver:1809 +USER ContainerAdministrator LABEL maintainer="Drone.IO Community " ` org.label-schema.name="Drone Docker" ` From aa2a9477829cc5ee0fbeb660be39288aaf4a634a Mon Sep 17 00:00:00 2001 From: Thomas Boerger Date: Thu, 10 Oct 2019 09:32:09 +0200 Subject: [PATCH 4/5] Revert Reapply append tags with autotag instead of replacing --- cmd/drone-docker/main.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cmd/drone-docker/main.go b/cmd/drone-docker/main.go index 9055279..712ace4 100644 --- a/cmd/drone-docker/main.go +++ b/cmd/drone-docker/main.go @@ -280,10 +280,10 @@ func run(c *cli.Context) error { c.String("commit.ref"), c.String("repo.branch"), ) { - plugin.Build.Tags = append(plugin.Build.Tags, docker.DefaultTagSuffix( + plugin.Build.Tags = docker.DefaultTagSuffix( c.String("commit.ref"), c.String("tags.suffix"), - )...) + ) } else { logrus.Printf("skipping automated docker build for %s", c.String("commit.ref")) return nil From 2184682042dc0e3eab93bb112746a55100e082e2 Mon Sep 17 00:00:00 2001 From: Joe Walton Date: Mon, 14 Oct 2019 10:20:32 +0100 Subject: [PATCH 5/5] Apply suggestions from code review Co-Authored-By: Lauris BH --- cmd/drone-ecr/main.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cmd/drone-ecr/main.go b/cmd/drone-ecr/main.go index 0fda28d..7a66f97 100644 --- a/cmd/drone-ecr/main.go +++ b/cmd/drone-ecr/main.go @@ -44,7 +44,6 @@ func main() { } sess, err := session.NewSession(&aws.Config{Region: ®ion}) - if err != nil { log.Fatal(fmt.Sprintf("error creating aws session: %v", err)) } @@ -185,6 +184,7 @@ func getECRClient(sess *session.Session, role string) *ecr.ECR { if role == "" { return ecr.New(sess) } - creds := stscreds.NewCredentials(sess, role) - return ecr.New(sess, &aws.Config{Credentials: creds}) + return ecr.New(sess, &aws.Config{ + Credentials: stscreds.NewCredentials(sess, role), + }) }