From e56233ce4352657de40ab78ea2e30fc8cd7788c5 Mon Sep 17 00:00:00 2001 From: CrazyMax Date: Fri, 21 Aug 2020 16:29:54 +0200 Subject: [PATCH] Add example for Azure Container Registry (ACR) --- README.md | 37 +++++++++++++++++++++++++++++++++++-- __tests__/aws.test.ts | 4 ++-- dist/index.js | 16 ++++++++-------- src/aws.ts | 10 +++++----- src/docker.ts | 5 ++--- 5 files changed, 52 insertions(+), 20 deletions(-) diff --git a/README.md b/README.md index 915f5cd..813b68c 100644 --- a/README.md +++ b/README.md @@ -3,6 +3,7 @@ [![CI workflow](https://img.shields.io/github/workflow/status/crazy-max/ghaction-docker-login/test?label=ci&logo=github&style=flat-square)](https://github.com/crazy-max/ghaction-docker-login/actions?workflow=ci) [![Test workflow](https://img.shields.io/github/workflow/status/crazy-max/ghaction-docker-login/test?label=test&logo=github&style=flat-square)](https://github.com/crazy-max/ghaction-docker-login/actions?workflow=test) [![Codecov](https://img.shields.io/codecov/c/github/crazy-max/ghaction-docker-login?logo=codecov&style=flat-square)](https://codecov.io/gh/crazy-max/ghaction-docker-login) + [![Become a sponsor](https://img.shields.io/badge/sponsor-crazy--max-181717.svg?logo=github&style=flat-square)](https://github.com/sponsors/crazy-max) [![Paypal Donate](https://img.shields.io/badge/donate-paypal-00457c.svg?logo=paypal&style=flat-square)](https://www.paypal.me/crazyws) @@ -20,8 +21,9 @@ ___ * [DockerHub](#dockerhub) * [GitHub Package Registry](#github-package-registry) * [GitLab](#gitlab) - * [Google Container Registry (GCR)](#gitlab) - * [AWS Elastic Container Registry (ECR)](#gitlab) + * [Azure Container Registry (ACR)](#azure-container-registry-acr) + * [Google Container Registry (GCR)](#google-container-registry-gcr) + * [AWS Elastic Container Registry (ECR)](#aws-elastic-container-registry-ecr) * [Customizing](#customizing) * [inputs](#inputs) * [Keep up-to-date with GitHub Dependabot](#keep-up-to-date-with-github-dependabot) @@ -105,6 +107,37 @@ jobs: password: ${{ secrets.GITLAB_PASSWORD }} ``` +### Azure Container Registry (ACR) + +[Create a service principal](https://docs.microsoft.com/en-us/azure/container-registry/container-registry-auth-service-principal#create-a-service-principal) +with access to your container registry through the [Azure CLI](https://docs.microsoft.com/en-us/cli/azure/install-azure-cli) +and take note of the generated service principal's ID (also called _client ID_) and password (also called _client secret_). + +```yaml +name: ci + +on: + push: + branches: master + +jobs: + login: + runs-on: ubuntu-latest + steps: + - + name: Checkout + uses: actions/checkout@v2 + - + name: Login to ACR + uses: crazy-max/ghaction-docker-login@v1 + with: + registry: .azurecr.io + username: ${{ secrets.AZURE_CLIENT_ID }} + password: ${{ secrets.AZURE_CLIENT_SECRET }} +``` + +> Replace `` with the name of your registry. + ### Google Container Registry (GCR) Use a service account with the ability to push to GCR and [configure access control](https://cloud.google.com/container-registry/docs/access-control). diff --git a/__tests__/aws.test.ts b/__tests__/aws.test.ts index 07c734c..5209176 100644 --- a/__tests__/aws.test.ts +++ b/__tests__/aws.test.ts @@ -19,9 +19,9 @@ describe('getCLI', () => { }); }); -describe('getCLICmdOutput', () => { +describe('execCLI', () => { it('--version not empty', async () => { - const cliCmdOutput = await aws.getCLICmdOutput(['--version']); + const cliCmdOutput = await aws.execCLI(['--version']); console.log(`cliCmdOutput: ${cliCmdOutput}`); expect(cliCmdOutput).not.toEqual(''); }); diff --git a/dist/index.js b/dist/index.js index 66383bb..70629c9 100644 --- a/dist/index.js +++ b/dist/index.js @@ -3020,11 +3020,11 @@ function loginECR(registry, username, password) { const cliPath = yield aws.getCLI(); const cliVersion = yield aws.getCLIVersion(); const region = yield aws.getRegion(registry); - core.info(`💡 AWS ECR registry detected with ${region} region`); + core.info(`💡 AWS ECR detected with ${region} region`); process.env.AWS_ACCESS_KEY_ID = username; process.env.AWS_SECRET_ACCESS_KEY = password; core.info(`⬇️ Retrieving docker login command through AWS CLI ${cliVersion} (${cliPath})...`); - const loginCmd = yield aws.getECRLoginCmd(cliVersion, registry, region); + const loginCmd = yield aws.getDockerLoginCmd(cliVersion, registry, region); core.info(`🔑 Logging into ${registry}...`); execm.exec(loginCmd, [], true).then(res => { if (res.stderr != '' && !res.success) { @@ -4098,7 +4098,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge }); }; Object.defineProperty(exports, "__esModule", { value: true }); -exports.getECRLoginCmd = exports.parseCLIVersion = exports.getCLIVersion = exports.getCLICmdOutput = exports.getCLI = exports.getRegion = exports.isECR = void 0; +exports.getDockerLoginCmd = exports.parseCLIVersion = exports.getCLIVersion = exports.execCLI = exports.getCLI = exports.getRegion = exports.isECR = void 0; const semver = __importStar(__webpack_require__(383)); const io = __importStar(__webpack_require__(436)); const execm = __importStar(__webpack_require__(757)); @@ -4111,7 +4111,7 @@ exports.getRegion = (registry) => __awaiter(void 0, void 0, void 0, function* () exports.getCLI = () => __awaiter(void 0, void 0, void 0, function* () { return io.which('aws', true); }); -exports.getCLICmdOutput = (args) => __awaiter(void 0, void 0, void 0, function* () { +exports.execCLI = (args) => __awaiter(void 0, void 0, void 0, function* () { return execm.exec(yield exports.getCLI(), args, true).then(res => { if (res.stderr != '' && !res.success) { throw new Error(res.stderr); @@ -4125,7 +4125,7 @@ exports.getCLICmdOutput = (args) => __awaiter(void 0, void 0, void 0, function* }); }); exports.getCLIVersion = () => __awaiter(void 0, void 0, void 0, function* () { - return exports.parseCLIVersion(yield exports.getCLICmdOutput(['--version'])); + return exports.parseCLIVersion(yield exports.execCLI(['--version'])); }); exports.parseCLIVersion = (stdout) => __awaiter(void 0, void 0, void 0, function* () { const matches = /aws-cli\/([0-9.]+)/.exec(stdout); @@ -4134,14 +4134,14 @@ exports.parseCLIVersion = (stdout) => __awaiter(void 0, void 0, void 0, function } return semver.clean(matches[1]); }); -exports.getECRLoginCmd = (cliVersion, registry, region) => __awaiter(void 0, void 0, void 0, function* () { +exports.getDockerLoginCmd = (cliVersion, registry, region) => __awaiter(void 0, void 0, void 0, function* () { if (semver.satisfies(cliVersion, '>=2.0.0')) { - return exports.getCLICmdOutput(['ecr', 'get-login-password', '--region', region]).then(pwd => { + return exports.execCLI(['ecr', 'get-login-password', '--region', region]).then(pwd => { return `docker login --username AWS --password ${pwd} ${registry}`; }); } else { - return exports.getCLICmdOutput(['ecr', 'get-login', '--region', region, '--no-include-email']).then(dockerLoginCmd => { + return exports.execCLI(['ecr', 'get-login', '--region', region, '--no-include-email']).then(dockerLoginCmd => { return dockerLoginCmd; }); } diff --git a/src/aws.ts b/src/aws.ts index 775eb19..bab461f 100644 --- a/src/aws.ts +++ b/src/aws.ts @@ -14,7 +14,7 @@ export const getCLI = async (): Promise => { return io.which('aws', true); }; -export const getCLICmdOutput = async (args: string[]): Promise => { +export const execCLI = async (args: string[]): Promise => { return execm.exec(await getCLI(), args, true).then(res => { if (res.stderr != '' && !res.success) { throw new Error(res.stderr); @@ -27,7 +27,7 @@ export const getCLICmdOutput = async (args: string[]): Promise => { }; export const getCLIVersion = async (): Promise => { - return parseCLIVersion(await getCLICmdOutput(['--version'])); + return parseCLIVersion(await execCLI(['--version'])); }; export const parseCLIVersion = async (stdout: string): Promise => { @@ -38,13 +38,13 @@ export const parseCLIVersion = async (stdout: string): Promise => { return semver.clean(matches[1]); }; -export const getECRLoginCmd = async (cliVersion: string, registry: string, region: string): Promise => { +export const getDockerLoginCmd = async (cliVersion: string, registry: string, region: string): Promise => { if (semver.satisfies(cliVersion, '>=2.0.0')) { - return getCLICmdOutput(['ecr', 'get-login-password', '--region', region]).then(pwd => { + return execCLI(['ecr', 'get-login-password', '--region', region]).then(pwd => { return `docker login --username AWS --password ${pwd} ${registry}`; }); } else { - return getCLICmdOutput(['ecr', 'get-login', '--region', region, '--no-include-email']).then(dockerLoginCmd => { + return execCLI(['ecr', 'get-login', '--region', region, '--no-include-email']).then(dockerLoginCmd => { return dockerLoginCmd; }); } diff --git a/src/docker.ts b/src/docker.ts index 7ea9cb2..d276cbe 100644 --- a/src/docker.ts +++ b/src/docker.ts @@ -1,4 +1,3 @@ -import * as exec from '@actions/exec'; import * as core from '@actions/core'; import * as aws from './aws'; import * as execm from './exec'; @@ -43,13 +42,13 @@ export async function loginECR(registry: string, username: string, password: str const cliPath = await aws.getCLI(); const cliVersion = await aws.getCLIVersion(); const region = await aws.getRegion(registry); - core.info(`💡 AWS ECR registry detected with ${region} region`); + core.info(`💡 AWS ECR detected with ${region} region`); process.env.AWS_ACCESS_KEY_ID = username; process.env.AWS_SECRET_ACCESS_KEY = password; core.info(`⬇️ Retrieving docker login command through AWS CLI ${cliVersion} (${cliPath})...`); - const loginCmd = await aws.getECRLoginCmd(cliVersion, registry, region); + const loginCmd = await aws.getDockerLoginCmd(cliVersion, registry, region); core.info(`🔑 Logging into ${registry}...`); execm.exec(loginCmd, [], true).then(res => {