cicd/login-action
1
0
Fork 0
mirror of https://github.com/docker/login-action.git synced 2025-10-31 10:10:09 +08:00
Code Issues Projects Wiki Activity

Add example for Azure Container Registry (ACR)

Browse Source
This commit is contained in:
CrazyMax 2020-08-21 16:29:54 +02:00
parent 1bd3567034
commit e56233ce43
No known key found for this signature in database
GPG Key ID: 3248E46B6BB8C7F7
5 changed files with 52 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
README.md
View File

@ -3,6 +3,7 @@
[![CI workflow](https://img.shields.io/github/workflow/status/crazy-max/ghaction-docker-login/test?label=ci&logo=github&style=flat-square)](https://github.com/crazy-max/ghaction-docker-login/actions?workflow=ci) [![CI workflow](https://img.shields.io/github/workflow/status/crazy-max/ghaction-docker-login/test?label=ci&logo=github&style=flat-square)](https://github.com/crazy-max/ghaction-docker-login/actions?workflow=ci)
[![Test workflow](https://img.shields.io/github/workflow/status/crazy-max/ghaction-docker-login/test?label=test&logo=github&style=flat-square)](https://github.com/crazy-max/ghaction-docker-login/actions?workflow=test) [![Test workflow](https://img.shields.io/github/workflow/status/crazy-max/ghaction-docker-login/test?label=test&logo=github&style=flat-square)](https://github.com/crazy-max/ghaction-docker-login/actions?workflow=test)
[![Codecov](https://img.shields.io/codecov/c/github/crazy-max/ghaction-docker-login?logo=codecov&style=flat-square)](https://codecov.io/gh/crazy-max/ghaction-docker-login) [![Codecov](https://img.shields.io/codecov/c/github/crazy-max/ghaction-docker-login?logo=codecov&style=flat-square)](https://codecov.io/gh/crazy-max/ghaction-docker-login)
[![Become a sponsor](https://img.shields.io/badge/sponsor-crazy--max-181717.svg?logo=github&style=flat-square)](https://github.com/sponsors/crazy-max) [![Become a sponsor](https://img.shields.io/badge/sponsor-crazy--max-181717.svg?logo=github&style=flat-square)](https://github.com/sponsors/crazy-max)
[![Paypal Donate](https://img.shields.io/badge/donate-paypal-00457c.svg?logo=paypal&style=flat-square)](https://www.paypal.me/crazyws) [![Paypal Donate](https://img.shields.io/badge/donate-paypal-00457c.svg?logo=paypal&style=flat-square)](https://www.paypal.me/crazyws)
@ -20,8 +21,9 @@ ___
* [DockerHub](#dockerhub) * [DockerHub](#dockerhub)
* [GitHub Package Registry](#github-package-registry) * [GitHub Package Registry](#github-package-registry)
* [GitLab](#gitlab) * [GitLab](#gitlab)
* [Google Container Registry (GCR)](#gitlab) * [Azure Container Registry (ACR)](#azure-container-registry-acr)
* [AWS Elastic Container Registry (ECR)](#gitlab) * [Google Container Registry (GCR)](#google-container-registry-gcr)
* [AWS Elastic Container Registry (ECR)](#aws-elastic-container-registry-ecr)
* [Customizing](#customizing) * [Customizing](#customizing)
* [inputs](#inputs) * [inputs](#inputs)
* [Keep up-to-date with GitHub Dependabot](#keep-up-to-date-with-github-dependabot) * [Keep up-to-date with GitHub Dependabot](#keep-up-to-date-with-github-dependabot)
@ -105,6 +107,37 @@ jobs:
password: ${{ secrets.GITLAB_PASSWORD }} password: ${{ secrets.GITLAB_PASSWORD }}
``` ```
### Azure Container Registry (ACR)
[Create a service principal](https://docs.microsoft.com/en-us/azure/container-registry/container-registry-auth-service-principal#create-a-service-principal)
with access to your container registry through the [Azure CLI](https://docs.microsoft.com/en-us/cli/azure/install-azure-cli)
and take note of the generated service principal's ID (also called _client ID_) and password (also called _client secret_).
```yaml
name: ci
on:
push:
branches: master
jobs:
login:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Login to ACR
uses: crazy-max/ghaction-docker-login@v1
with:
registry: <registry-name>.azurecr.io
username: ${{ secrets.AZURE_CLIENT_ID }}
password: ${{ secrets.AZURE_CLIENT_SECRET }}
```
> Replace `<registry-name>` with the name of your registry.
### Google Container Registry (GCR) ### Google Container Registry (GCR)
Use a service account with the ability to push to GCR and [configure access control](https://cloud.google.com/container-registry/docs/access-control). Use a service account with the ability to push to GCR and [configure access control](https://cloud.google.com/container-registry/docs/access-control).

4
__tests__/aws.test.ts
View File

@ -19,9 +19,9 @@ describe('getCLI', () => {
}); });
}); });
describe('getCLICmdOutput', () => { describe('execCLI', () => {
it('--version not empty', async () => { it('--version not empty', async () => {
const cliCmdOutput = await aws.getCLICmdOutput(['--version']); const cliCmdOutput = await aws.execCLI(['--version']);
console.log(`cliCmdOutput: ${cliCmdOutput}`); console.log(`cliCmdOutput: ${cliCmdOutput}`);
expect(cliCmdOutput).not.toEqual(''); expect(cliCmdOutput).not.toEqual('');
}); });

16
dist/index.js generated vendored
View File

@ -3020,11 +3020,11 @@ function loginECR(registry, username, password) {
const cliPath = yield aws.getCLI(); const cliPath = yield aws.getCLI();
const cliVersion = yield aws.getCLIVersion(); const cliVersion = yield aws.getCLIVersion();
const region = yield aws.getRegion(registry); const region = yield aws.getRegion(registry);
core.info(`💡 AWS ECR registry detected with ${region} region`); core.info(`💡 AWS ECR detected with ${region} region`);
process.env.AWS_ACCESS_KEY_ID = username; process.env.AWS_ACCESS_KEY_ID = username;
process.env.AWS_SECRET_ACCESS_KEY = password; process.env.AWS_SECRET_ACCESS_KEY = password;
core.info(`⬇️ Retrieving docker login command through AWS CLI ${cliVersion} (${cliPath})...`); core.info(`⬇️ Retrieving docker login command through AWS CLI ${cliVersion} (${cliPath})...`);
const loginCmd = yield aws.getECRLoginCmd(cliVersion, registry, region); const loginCmd = yield aws.getDockerLoginCmd(cliVersion, registry, region);
core.info(`🔑 Logging into ${registry}...`); core.info(`🔑 Logging into ${registry}...`);
execm.exec(loginCmd, [], true).then(res => { execm.exec(loginCmd, [], true).then(res => {
if (res.stderr != '' && !res.success) { if (res.stderr != '' && !res.success) {
@ -4098,7 +4098,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
}); });
}; };
Object.defineProperty(exports, "__esModule", { value: true }); Object.defineProperty(exports, "__esModule", { value: true });
exports.getECRLoginCmd = exports.parseCLIVersion = exports.getCLIVersion = exports.getCLICmdOutput = exports.getCLI = exports.getRegion = exports.isECR = void 0; exports.getDockerLoginCmd = exports.parseCLIVersion = exports.getCLIVersion = exports.execCLI = exports.getCLI = exports.getRegion = exports.isECR = void 0;
const semver = __importStar(__webpack_require__(383)); const semver = __importStar(__webpack_require__(383));
const io = __importStar(__webpack_require__(436)); const io = __importStar(__webpack_require__(436));
const execm = __importStar(__webpack_require__(757)); const execm = __importStar(__webpack_require__(757));
@ -4111,7 +4111,7 @@ exports.getRegion = (registry) => __awaiter(void 0, void 0, void 0, function* ()
exports.getCLI = () => __awaiter(void 0, void 0, void 0, function* () { exports.getCLI = () => __awaiter(void 0, void 0, void 0, function* () {
return io.which('aws', true); return io.which('aws', true);
}); });
exports.getCLICmdOutput = (args) => __awaiter(void 0, void 0, void 0, function* () { exports.execCLI = (args) => __awaiter(void 0, void 0, void 0, function* () {
return execm.exec(yield exports.getCLI(), args, true).then(res => { return execm.exec(yield exports.getCLI(), args, true).then(res => {
if (res.stderr != '' && !res.success) { if (res.stderr != '' && !res.success) {
throw new Error(res.stderr); throw new Error(res.stderr);
@ -4125,7 +4125,7 @@ exports.getCLICmdOutput = (args) => __awaiter(void 0, void 0, void 0, function*
}); });
}); });
exports.getCLIVersion = () => __awaiter(void 0, void 0, void 0, function* () { exports.getCLIVersion = () => __awaiter(void 0, void 0, void 0, function* () {
return exports.parseCLIVersion(yield exports.getCLICmdOutput(['--version'])); return exports.parseCLIVersion(yield exports.execCLI(['--version']));
}); });
exports.parseCLIVersion = (stdout) => __awaiter(void 0, void 0, void 0, function* () { exports.parseCLIVersion = (stdout) => __awaiter(void 0, void 0, void 0, function* () {
const matches = /aws-cli\/([0-9.]+)/.exec(stdout); const matches = /aws-cli\/([0-9.]+)/.exec(stdout);
@ -4134,14 +4134,14 @@ exports.parseCLIVersion = (stdout) => __awaiter(void 0, void 0, void 0, function
} }
return semver.clean(matches[1]); return semver.clean(matches[1]);
}); });
exports.getECRLoginCmd = (cliVersion, registry, region) => __awaiter(void 0, void 0, void 0, function* () { exports.getDockerLoginCmd = (cliVersion, registry, region) => __awaiter(void 0, void 0, void 0, function* () {
if (semver.satisfies(cliVersion, '>=2.0.0')) { if (semver.satisfies(cliVersion, '>=2.0.0')) {
return exports.getCLICmdOutput(['ecr', 'get-login-password', '--region', region]).then(pwd => { return exports.execCLI(['ecr', 'get-login-password', '--region', region]).then(pwd => {
return `docker login --username AWS --password ${pwd} ${registry}`; return `docker login --username AWS --password ${pwd} ${registry}`;
}); });
} }
else { else {
return exports.getCLICmdOutput(['ecr', 'get-login', '--region', region, '--no-include-email']).then(dockerLoginCmd => { return exports.execCLI(['ecr', 'get-login', '--region', region, '--no-include-email']).then(dockerLoginCmd => {
return dockerLoginCmd; return dockerLoginCmd;
}); });
} }

10
src/aws.ts
View File

@ -14,7 +14,7 @@ export const getCLI = async (): Promise<string> => {
return io.which('aws', true); return io.which('aws', true);
}; };
export const getCLICmdOutput = async (args: string[]): Promise<string> => { export const execCLI = async (args: string[]): Promise<string> => {
return execm.exec(await getCLI(), args, true).then(res => { return execm.exec(await getCLI(), args, true).then(res => {
if (res.stderr != '' && !res.success) { if (res.stderr != '' && !res.success) {
throw new Error(res.stderr); throw new Error(res.stderr);
@ -27,7 +27,7 @@ export const getCLICmdOutput = async (args: string[]): Promise<string> => {
}; };
export const getCLIVersion = async (): Promise<string> => { export const getCLIVersion = async (): Promise<string> => {
return parseCLIVersion(await getCLICmdOutput(['--version'])); return parseCLIVersion(await execCLI(['--version']));
}; };
export const parseCLIVersion = async (stdout: string): Promise<string> => { export const parseCLIVersion = async (stdout: string): Promise<string> => {
@ -38,13 +38,13 @@ export const parseCLIVersion = async (stdout: string): Promise<string> => {
return semver.clean(matches[1]); return semver.clean(matches[1]);
}; };
export const getECRLoginCmd = async (cliVersion: string, registry: string, region: string): Promise<string> => { export const getDockerLoginCmd = async (cliVersion: string, registry: string, region: string): Promise<string> => {
if (semver.satisfies(cliVersion, '>=2.0.0')) { if (semver.satisfies(cliVersion, '>=2.0.0')) {
return getCLICmdOutput(['ecr', 'get-login-password', '--region', region]).then(pwd => { return execCLI(['ecr', 'get-login-password', '--region', region]).then(pwd => {
return `docker login --username AWS --password ${pwd} ${registry}`; return `docker login --username AWS --password ${pwd} ${registry}`;
}); });
} else { } else {
return getCLICmdOutput(['ecr', 'get-login', '--region', region, '--no-include-email']).then(dockerLoginCmd => { return execCLI(['ecr', 'get-login', '--region', region, '--no-include-email']).then(dockerLoginCmd => {
return dockerLoginCmd; return dockerLoginCmd;
}); });
} }

5
src/docker.ts
View File

@ -1,4 +1,3 @@
import * as exec from '@actions/exec';
import * as core from '@actions/core'; import * as core from '@actions/core';
import * as aws from './aws'; import * as aws from './aws';
import * as execm from './exec'; import * as execm from './exec';
@ -43,13 +42,13 @@ export async function loginECR(registry: string, username: string, password: str
const cliPath = await aws.getCLI(); const cliPath = await aws.getCLI();
const cliVersion = await aws.getCLIVersion(); const cliVersion = await aws.getCLIVersion();
const region = await aws.getRegion(registry); const region = await aws.getRegion(registry);
core.info(`💡 AWS ECR registry detected with ${region} region`); core.info(`💡 AWS ECR detected with ${region} region`);
process.env.AWS_ACCESS_KEY_ID = username; process.env.AWS_ACCESS_KEY_ID = username;
process.env.AWS_SECRET_ACCESS_KEY = password; process.env.AWS_SECRET_ACCESS_KEY = password;
core.info(`⬇️ Retrieving docker login command through AWS CLI ${cliVersion} (${cliPath})...`); core.info(`⬇️ Retrieving docker login command through AWS CLI ${cliVersion} (${cliPath})...`);
const loginCmd = await aws.getECRLoginCmd(cliVersion, registry, region); const loginCmd = await aws.getDockerLoginCmd(cliVersion, registry, region);
core.info(`🔑 Logging into ${registry}...`); core.info(`🔑 Logging into ${registry}...`);
execm.exec(loginCmd, [], true).then(res => { execm.exec(loginCmd, [], true).then(res => {