Skip to content

Commit 55c2f53

Browse files
renkohrenkoh
authored
Merge pull request #39 from seek-oss/aws-cli-v2-support
aws cli v2 support
2 parents e16bb9b + 51c995c commit 55c2f53

File tree

4 files changed

+137
-8
lines changed

4 files changed

+137
-8
lines changed

README.md

Lines changed: 14 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -280,7 +280,7 @@ steps:
280280

281281
### Changing the name of exported variable
282282

283-
By default image name and computed tag are exported to the Docker buildkite plugin env variable `BUILDKITE_PLUGIN_DOCKER_IMAGE`. In order to chain the plugin with a different plugin, this can be changed by specifying a `export-env-variable` parameter:
283+
By default, image name and computed tag are exported to the Docker buildkite plugin env variable `BUILDKITE_PLUGIN_DOCKER_IMAGE`. In order to chain the plugin with a different plugin, this can be changed by specifying a `export-env-variable` parameter:
284284

285285
```yaml
286286
steps:
@@ -311,6 +311,19 @@ steps:
311311
- docker#v3.8.0
312312
```
313313

314+
#### Specifying a region
315+
316+
By default, the plugin uses the region specified in the `AWS_DEFAULT_REGION` environment variable. If this environment variable is not present, it defaults to the `eu-west-1` region. You can optionally specify the region in which you would like your cache to reside in:
317+
318+
```yaml
319+
steps:
320+
- command: echo wow
321+
plugins:
322+
- seek-oss/docker-ecr-cache#v1.11.0:
323+
region: ap-southeast-2
324+
- docker#v3.8.0
325+
```
326+
314327
#### Required permissions
315328

316329
Below is a sample set of IAM policy statements that will allow this plugin to work:

hooks/lib/ecr-registry-provider.bash

Lines changed: 15 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,19 @@
11
login() {
2-
$(aws ecr get-login --no-include-email)
2+
local account_id
3+
local region
4+
5+
account_id=$(aws sts get-caller-identity --query Account --output text)
6+
region=$(get_ecr_region)
7+
8+
aws ecr get-login-password \
9+
--region "${region}" \
10+
| docker login \
11+
--username AWS \
12+
--password-stdin "${account_id}.dkr.ecr.${region}.amazonaws.com"
13+
}
14+
15+
get_ecr_region() {
16+
echo "${BUILDKITE_PLUGIN_DOCKER_ECR_CACHE_REGION:-${AWS_DEFAULT_REGION:-eu-west-1}}"
317
}
418

519
get_registry_url() {

plugin.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,4 +31,6 @@ configuration:
3131
type: string
3232
registry-hostname:
3333
type: string
34+
region:
35+
type: string
3436
required: []

tests/ecr-registry-provider.bats

Lines changed: 106 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -10,19 +10,22 @@ load "$PWD/hooks/lib/ecr-registry-provider.bash"
1010
pre_command_hook="$PWD/hooks/pre-command"
1111

1212
@test "ECR: Applies lifecycle policy to existing repositories" {
13+
export AWS_DEFAULT_REGION="ap-southeast-2"
1314
export BUILDKITE_ORGANIZATION_SLUG="example-org"
1415
export BUILDKITE_PIPELINE_SLUG="example-pipeline"
1516
local expected_repository_name="build-cache/example-org/example-pipeline"
1617

1718
stub aws \
18-
"ecr get-login --no-include-email : echo docker login -u AWS -p 1234 https://1234567891012.dkr.ecr.ap-southeast-2.amazonaws.com" \
19+
"sts get-caller-identity --query Account --output text : echo 1234567891012" \
20+
"ecr get-login-password --region ap-southeast-2 : echo secure-ecr-password" \
1921
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].registryId : echo looked up repository" \
2022
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].repositoryArn : echo arn:aws:ecr:ap-southeast-2:1234567891012:repository/${expected_repository_name}" \
2123
"ecr tag-resource * : echo tag existing resource" \
2224
"ecr put-lifecycle-policy * : echo put lifecycle policy" \
23-
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].repositoryUri : echo https://1234567891012.dkr.ecr.ap-southeast-2.amazonaws.com"
25+
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].repositoryUri : echo https://1234567891012.dkr.ecr.ap-southeast-2.amazonaws.com"
26+
2427
stub docker \
25-
"login -u AWS -p 1234 https://1234567891012.dkr.ecr.ap-southeast-2.amazonaws.com : echo logging in to docker" \
28+
"login --username AWS --password-stdin 1234567891012.dkr.ecr.ap-southeast-2.amazonaws.com : echo logging in to docker" \
2629
"pull : echo pulled image"
2730

2831
stub sha1sum \
@@ -46,20 +49,69 @@ pre_command_hook="$PWD/hooks/pre-command"
4649
}
4750

4851
@test "ECR: Builds new images with tags" {
52+
export AWS_DEFAULT_REGION="ap-southeast-2"
4953
export BUILDKITE_ORGANIZATION_SLUG="example-org"
5054
export BUILDKITE_PIPELINE_SLUG="example-pipeline"
5155
local expected_repository_name="build-cache/example-org/example-pipeline"
5256
local repository_uri="1234567891012.dkr.ecr.ap-southeast-2.amazonaws.com/${expected_repository_name}"
5357

5458
stub aws \
55-
"ecr get-login --no-include-email : echo docker login -u AWS -p 1234 https://1234567891012.dkr.ecr.ap-southeast-2.amazonaws.com" \
59+
"sts get-caller-identity --query Account --output text : echo 1234567891012" \
60+
"ecr get-login-password --region ap-southeast-2 : echo secure-ecr-password" \
5661
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].registryId : echo looked up repository" \
5762
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].repositoryArn : echo arn:aws:ecr:ap-southeast-2:1234567891012:repository/${expected_repository_name}" \
5863
"ecr tag-resource * : echo tag existing resource" \
5964
"ecr put-lifecycle-policy * : echo put lifecycle policy" \
60-
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].repositoryUri : echo ${repository_uri}"
65+
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].repositoryUri : echo ${repository_uri}" \
66+
67+
stub docker \
68+
"login --username AWS --password-stdin 1234567891012.dkr.ecr.ap-southeast-2.amazonaws.com : echo logging in to docker" \
69+
"pull : echo not found && false" \
70+
"build * : echo building docker image" \
71+
"tag ${repository_uri}:deadbee ${repository_uri}:latest : echo tagged latest" \
72+
"push ${repository_uri}:deadbee : echo pushed deadbeef" \
73+
"push ${repository_uri}:latest : echo pushed latest"
74+
75+
stub sha1sum \
76+
"Dockerfile : echo 'sha1sum(Dockerfile)'" \
77+
": echo sha1sum" \
78+
": echo sha1sum" \
79+
": echo deadbeef"
80+
81+
run "${pre_command_hook}"
82+
83+
assert_success
84+
assert_output --partial "logging in to docker"
85+
assert_output --partial "looked up repository"
86+
assert_output --partial "building docker image"
87+
assert_output --partial "tag existing resource"
88+
assert_output --partial "put lifecycle policy"
89+
assert_output --partial "tagged latest"
90+
assert_output --partial "pushed deadbeef"
91+
assert_output --partial "pushed latest"
92+
93+
unstub aws
94+
unstub docker
95+
unstub sha1sum
96+
}
97+
98+
@test "ECR: Uses correct region when region not specified and AWS_DEFAULT_REGION not set" {
99+
export BUILDKITE_ORGANIZATION_SLUG="example-org"
100+
export BUILDKITE_PIPELINE_SLUG="example-pipeline"
101+
local expected_repository_name="build-cache/example-org/example-pipeline"
102+
local repository_uri="1234567891012.dkr.ecr.eu-west-1.amazonaws.com/${expected_repository_name}"
103+
104+
stub aws \
105+
"sts get-caller-identity --query Account --output text : echo 1234567891012" \
106+
"ecr get-login-password --region eu-west-1 : echo secure-ecr-password" \
107+
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].registryId : echo looked up repository" \
108+
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].repositoryArn : echo arn:aws:ecr:eu-west-1:1234567891012:repository/${expected_repository_name}" \
109+
"ecr tag-resource * : echo tag existing resource" \
110+
"ecr put-lifecycle-policy * : echo put lifecycle policy" \
111+
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].repositoryUri : echo ${repository_uri}" \
112+
61113
stub docker \
62-
"login -u AWS -p 1234 https://1234567891012.dkr.ecr.ap-southeast-2.amazonaws.com : echo logging in to docker" \
114+
"login --username AWS --password-stdin 1234567891012.dkr.ecr.eu-west-1.amazonaws.com : echo logging in to docker" \
63115
"pull : echo not found && false" \
64116
"build * : echo building docker image" \
65117
"tag ${repository_uri}:deadbee ${repository_uri}:latest : echo tagged latest" \
@@ -88,3 +140,51 @@ pre_command_hook="$PWD/hooks/pre-command"
88140
unstub docker
89141
unstub sha1sum
90142
}
143+
144+
@test "ECR: Uses correct region when region is specified" {
145+
export AWS_DEFAULT_REGION="ap-southeast-2"
146+
export BUILDKITE_PLUGIN_DOCKER_ECR_CACHE_REGION="ap-southeast-1"
147+
export BUILDKITE_ORGANIZATION_SLUG="example-org"
148+
export BUILDKITE_PIPELINE_SLUG="example-pipeline"
149+
local expected_repository_name="build-cache/example-org/example-pipeline"
150+
local repository_uri="1234567891012.dkr.ecr.ap-southeast-1.amazonaws.com/${expected_repository_name}"
151+
152+
stub aws \
153+
"sts get-caller-identity --query Account --output text : echo 1234567891012" \
154+
"ecr get-login-password --region ap-southeast-1 : echo secure-ecr-password" \
155+
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].registryId : echo looked up repository" \
156+
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].repositoryArn : echo arn:aws:ecr:ap-southeast-1:1234567891012:repository/${expected_repository_name}" \
157+
"ecr tag-resource * : echo tag existing resource" \
158+
"ecr put-lifecycle-policy * : echo put lifecycle policy" \
159+
"ecr describe-repositories --repository-names ${expected_repository_name} --output text --query repositories[0].repositoryUri : echo ${repository_uri}" \
160+
161+
stub docker \
162+
"login --username AWS --password-stdin 1234567891012.dkr.ecr.ap-southeast-1.amazonaws.com : echo logging in to docker" \
163+
"pull : echo not found && false" \
164+
"build * : echo building docker image" \
165+
"tag ${repository_uri}:deadbee ${repository_uri}:latest : echo tagged latest" \
166+
"push ${repository_uri}:deadbee : echo pushed deadbeef" \
167+
"push ${repository_uri}:latest : echo pushed latest"
168+
169+
stub sha1sum \
170+
"Dockerfile : echo 'sha1sum(Dockerfile)'" \
171+
": echo sha1sum" \
172+
": echo sha1sum" \
173+
": echo deadbeef"
174+
175+
run "${pre_command_hook}"
176+
177+
assert_success
178+
assert_output --partial "logging in to docker"
179+
assert_output --partial "looked up repository"
180+
assert_output --partial "building docker image"
181+
assert_output --partial "tag existing resource"
182+
assert_output --partial "put lifecycle policy"
183+
assert_output --partial "tagged latest"
184+
assert_output --partial "pushed deadbeef"
185+
assert_output --partial "pushed latest"
186+
187+
unstub aws
188+
unstub docker
189+
unstub sha1sum
190+
}

0 commit comments

Comments
 (0)