From 26b952e66dda8b02ec841fccd49da2c331076014 Mon Sep 17 00:00:00 2001 From: Adrien Delorme Date: Fri, 5 Feb 2021 14:53:38 +0100 Subject: [PATCH] docker builder remove aws ref --- builder/docker/config.go | 3 +- builder/docker/config.hcl2spec.go | 8 --- builder/docker/ecr_login.go | 86 ------------------------------- builder/docker/step_pull.go | 13 +---- 4 files changed, 2 insertions(+), 108 deletions(-) delete mode 100644 builder/docker/ecr_login.go diff --git a/builder/docker/config.go b/builder/docker/config.go index 4b860ba1e..4cbbf911d 100644 --- a/builder/docker/config.go +++ b/builder/docker/config.go @@ -114,8 +114,7 @@ type Config struct { // for the duration of the pull. If true login_server is required and // login, login_username, and login_password will be ignored. For more // information see the section on ECR. - EcrLogin bool `mapstructure:"ecr_login" required:"false"` - AwsAccessConfig `mapstructure:",squash"` + EcrLogin bool `mapstructure:"ecr_login" required:"false"` ctx interpolate.Context } diff --git a/builder/docker/config.hcl2spec.go b/builder/docker/config.hcl2spec.go index f393c9bfe..a7259ffa1 100644 --- a/builder/docker/config.hcl2spec.go +++ b/builder/docker/config.hcl2spec.go @@ -92,10 +92,6 @@ type FlatConfig struct { LoginServer *string `mapstructure:"login_server" required:"false" cty:"login_server" hcl:"login_server"` LoginUsername *string `mapstructure:"login_username" required:"false" cty:"login_username" hcl:"login_username"` EcrLogin *bool `mapstructure:"ecr_login" required:"false" cty:"ecr_login" hcl:"ecr_login"` - AccessKey *string `mapstructure:"aws_access_key" required:"false" cty:"aws_access_key" hcl:"aws_access_key"` - SecretKey *string `mapstructure:"aws_secret_key" required:"false" cty:"aws_secret_key" hcl:"aws_secret_key"` - Token *string `mapstructure:"aws_token" required:"false" cty:"aws_token" hcl:"aws_token"` - Profile *string `mapstructure:"aws_profile" required:"false" cty:"aws_profile" hcl:"aws_profile"` } // FlatMapstructure returns a new FlatConfig. @@ -192,10 +188,6 @@ func (*FlatConfig) HCL2Spec() map[string]hcldec.Spec { "login_server": &hcldec.AttrSpec{Name: "login_server", Type: cty.String, Required: false}, "login_username": &hcldec.AttrSpec{Name: "login_username", Type: cty.String, Required: false}, "ecr_login": &hcldec.AttrSpec{Name: "ecr_login", Type: cty.Bool, Required: false}, - "aws_access_key": &hcldec.AttrSpec{Name: "aws_access_key", Type: cty.String, Required: false}, - "aws_secret_key": &hcldec.AttrSpec{Name: "aws_secret_key", Type: cty.String, Required: false}, - "aws_token": &hcldec.AttrSpec{Name: "aws_token", Type: cty.String, Required: false}, - "aws_profile": &hcldec.AttrSpec{Name: "aws_profile", Type: cty.String, Required: false}, } return s } diff --git a/builder/docker/ecr_login.go b/builder/docker/ecr_login.go deleted file mode 100644 index f553d6021..000000000 --- a/builder/docker/ecr_login.go +++ /dev/null @@ -1,86 +0,0 @@ -//go:generate struct-markdown - -package docker - -import ( - "encoding/base64" - "fmt" - "log" - "regexp" - "strings" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/ecr" - "github.com/hashicorp/packer/builder/amazon/common" -) - -type AwsAccessConfig struct { - // The AWS access key used to communicate with - // AWS. Learn how to set - // this. - AccessKey string `mapstructure:"aws_access_key" required:"false"` - // The AWS secret key used to communicate with - // AWS. Learn how to set - // this. - SecretKey string `mapstructure:"aws_secret_key" required:"false"` - // The AWS access token to use. This is different from - // the access key and secret key. If you're not sure what this is, then you - // probably don't need it. This will also be read from the AWS_SESSION_TOKEN - // environmental variable. - Token string `mapstructure:"aws_token" required:"false"` - // The AWS shared credentials profile used to - // communicate with AWS. Learn how to set - // this. - Profile string `mapstructure:"aws_profile" required:"false"` - cfg *common.AccessConfig -} - -// Get a login token for Amazon AWS ECR. Returns username and password -// or an error. -func (c *AwsAccessConfig) EcrGetLogin(ecrUrl string) (string, string, error) { - - exp := regexp.MustCompile(`(?:http://|https://|)([0-9]*)\.dkr\.ecr\.(.*)\.amazonaws\.com.*`) - splitUrl := exp.FindStringSubmatch(ecrUrl) - if len(splitUrl) != 3 { - return "", "", fmt.Errorf("Failed to parse the ECR URL: %s it should be on the form .dkr.ecr..amazonaws.com", ecrUrl) - } - accountId := splitUrl[1] - region := splitUrl[2] - - log.Println(fmt.Sprintf("Getting ECR token for account: %s in %s..", accountId, region)) - - c.cfg = &common.AccessConfig{ - AccessKey: c.AccessKey, - ProfileName: c.Profile, - RawRegion: region, - SecretKey: c.SecretKey, - Token: c.Token, - } - - session, err := c.cfg.Session() - if err != nil { - return "", "", fmt.Errorf("failed to create session: %s", err) - } - - service := ecr.New(session) - - params := &ecr.GetAuthorizationTokenInput{ - RegistryIds: []*string{ - aws.String(accountId), - }, - } - resp, err := service.GetAuthorizationToken(params) - if err != nil { - return "", "", fmt.Errorf(err.Error()) - } - - auth, err := base64.StdEncoding.DecodeString(*resp.AuthorizationData[0].AuthorizationToken) - if err != nil { - return "", "", fmt.Errorf("Error decoding ECR AuthorizationToken: %s", err) - } - - authParts := strings.SplitN(string(auth), ":", 2) - log.Printf("Successfully got login for ECR: %s", ecrUrl) - - return authParts[0], authParts[1], nil -} diff --git a/builder/docker/step_pull.go b/builder/docker/step_pull.go index 682949133..dbad72eb1 100644 --- a/builder/docker/step_pull.go +++ b/builder/docker/step_pull.go @@ -29,18 +29,7 @@ func (s *StepPull) Run(ctx context.Context, state multistep.StateBag) multistep. ui.Say(fmt.Sprintf("Pulling Docker image: %s", config.Image)) if config.EcrLogin { - ui.Message("Fetching ECR credentials...") - - username, password, err := config.EcrGetLogin(config.LoginServer) - if err != nil { - err := fmt.Errorf("Error fetching ECR credentials: %s", err) - state.Put("error", err) - ui.Error(err.Error()) - return multistep.ActionHalt - } - - config.LoginUsername = username - config.LoginPassword = password + panic("to reimplement") } driver := state.Get("driver").(Driver)