PapaTutuWawa/woodpecker-docker-buildx
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #233 from jwalton9/ecr-assume-role

Browse Source 
Add Assume Role Option For ECR Pushes
This commit is contained in:
Thomas Boerger 2019-10-15 11:30:33 +02:00 committed by GitHub
commit 5be3f2c282
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
cmd/drone-ecr/main.go
View File

@ -12,6 +12,7 @@ import (
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/aws/credentials/stscreds"
"github.com/aws/aws-sdk-go/aws/session"
"github.com/aws/aws-sdk-go/service/ecr"
)
@ -27,6 +28,7 @@ func main() {
create = parseBoolOrDefault(false, getenv("PLUGIN_CREATE_REPOSITORY", "ECR_CREATE_REPOSITORY"))
lifecyclePolicy = getenv("PLUGIN_LIFECYCLE_POLICY")
repositoryPolicy = getenv("PLUGIN_REPOSITORY_POLICY")
assumeRole = getenv("PLUGIN_ASSUME_ROLE")
)
// set the region
@ -42,12 +44,11 @@ func main() {
}
sess, err := session.NewSession(&aws.Config{Region: &region})
if err != nil {
log.Fatal(fmt.Sprintf("error creating aws session: %v", err))
}
svc := ecr.New(sess)
svc := getECRClient(sess, assumeRole)
username, password, registry, err := getAuthInfo(svc)
if err != nil {
log.Fatal(fmt.Sprintf("error getting ECR auth: %v", err))
@ -178,3 +179,12 @@ func getenv(key ...string) (s string) {
}
return
}
func getECRClient(sess *session.Session, role string) *ecr.ECR {
if role == "" {
return ecr.New(sess)
}
return ecr.New(sess, &aws.Config{
Credentials: stscreds.NewCredentials(sess, role),
})
}