public static async Task PushDockerImageToEcr(string accountID, string registryAddress, AWSCredentials credentials, string repositoryName, string tag) { var amazonECRClient = new AmazonECRClient(credentials); var response = await amazonECRClient.GetAuthorizationTokenAsync(new GetAuthorizationTokenRequest { RegistryIds = new List <string> { accountID } }); string[] tokens = Encoding.UTF8.GetString(Convert.FromBase64String(response.AuthorizationData.First().AuthorizationToken)).Split(":"); var authconfig = new AuthConfig { Username = tokens[0], Password = tokens[1], }; using (DockerClient dockerClientNew = GetDockerClient()) { await dockerClientNew.Images.TagImageAsync($"{repositoryName}:{tag}", new ImageTagParameters { RepositoryName = $"{registryAddress}/{repositoryName}", Tag = tag }); await dockerClientNew.Images.PushImageAsync($"{registryAddress}/{repositoryName}:{tag}", new ImagePushParameters(), authconfig, new Progress <JSONMessage>(LogJsonMessage)); } }
public override void Invoke(AWSCredentials creds, RegionEndpoint region, int maxItems) { AmazonECRConfig config = new AmazonECRConfig(); config.RegionEndpoint = region; ConfigureClient(config); AmazonECRClient client = new AmazonECRClient(creds, config); DescribeRepositoriesResponse resp = new DescribeRepositoriesResponse(); do { DescribeRepositoriesRequest req = new DescribeRepositoriesRequest { NextToken = resp.NextToken , MaxResults = maxItems }; resp = client.DescribeRepositories(req); CheckError(resp.HttpStatusCode, "200"); foreach (var obj in resp.Repositories) { AddObject(obj); } }while (!string.IsNullOrEmpty(resp.NextToken)); }
public EcrRegistryClient( ILogger <EcrRegistryClient> log, AmazonECRClient client ) { _log = log; _client = client; }
public void ECRGetAuthorizationToken() { #region getauthorizationtoken-example-1470867047084 var client = new AmazonECRClient(); var response = client.GetAuthorizationToken(new GetAuthorizationTokenRequest { }); List <AuthorizationData> authorizationData = response.AuthorizationData; #endregion }
public void ECRDescribeRepositories() { #region describe-repositories-1470856017467 var client = new AmazonECRClient(); var response = client.DescribeRepositories(new DescribeRepositoriesRequest { }); List <Repository> repositories = response.Repositories; #endregion }
public EcrRegistryClient BuildClient(ContainerRegistrySettings registrySettings) { var awsCredentials = new BasicAWSCredentials( registrySettings.Ecr.AccessKey, registrySettings.Ecr.SecretKey ); var regionEndpoint = RegionEndpoint.GetBySystemName(registrySettings.Ecr.Region); var client = new AmazonECRClient(awsCredentials, regionEndpoint); var repositories = client.DescribeRepositoriesAsync(new DescribeRepositoriesRequest()).Result; return(new EcrRegistryClient(_serviceProvider.GetService <ILogger <EcrRegistryClient> >(), client)); }
protected IAmazonECR CreateClient(AWSCredentials credentials, RegionEndpoint region) { var config = new AmazonECRConfig { RegionEndpoint = region }; Amazon.PowerShell.Utils.Common.PopulateConfig(this, config); this.CustomizeClientConfig(config); var client = new AmazonECRClient(credentials, config); client.BeforeRequestEvent += RequestEventHandler; client.AfterResponseEvent += ResponseEventHandler; return(client); }
public void ECRCreateRepository() { #region createrepository-example-1470863688724 var client = new AmazonECRClient(); var response = client.CreateRepository(new CreateRepositoryRequest { RepositoryName = "project-a/nginx-web-app" }); Repository repository = response.Repository; #endregion }
public void ECRListImages() { #region listimages-example-1470868161594 var client = new AmazonECRClient(); var response = client.ListImages(new ListImagesRequest { RepositoryName = "ubuntu" }); List <ImageIdentifier> imageIds = response.ImageIds; #endregion }
public void ECRDeleteRepository() { #region deleterepository-example-1470863805703 var client = new AmazonECRClient(); var response = client.DeleteRepository(new DeleteRepositoryRequest { Force = true, RepositoryName = "ubuntu" }); Repository repository = response.Repository; #endregion }
public void ECRDeleteRepositoryPolicy() { #region deleterepositorypolicy-example-1470866943748 var client = new AmazonECRClient(); var response = client.DeleteRepositoryPolicy(new DeleteRepositoryPolicyRequest { RepositoryName = "ubuntu" }); string policyText = response.PolicyText; string registryId = response.RegistryId; string repositoryName = response.RepositoryName; #endregion }
public void ECRGetRepositoryPolicy() { #region getrepositorypolicy-example-1470867669211 var client = new AmazonECRClient(); var response = client.GetRepositoryPolicy(new GetRepositoryPolicyRequest { RepositoryName = "ubuntu" }); string policyText = response.PolicyText; string registryId = response.RegistryId; string repositoryName = response.RepositoryName; #endregion }
// This method gets called by the runtime. Use this method to add services to the container. public void ConfigureServices(IServiceCollection services) { services.AddControllersWithViews(); // appsettings.json var awsAccessKeyId = Configuration.GetSection("AwsAccessKeyId").Value; var awsSecretAccessKey = Configuration.GetSection("AwsSecretAccessKey").Value; var keyService = new KeyService(awsAccessKeyId, awsSecretAccessKey); // Amazon clients // `keyService` can be used to pass `AwsAccessKeyId` and `AwsSecretAccessKey` var cloudComputeClient = new AmazonEC2Client(); var containerServiceClient = new AmazonECSClient(); var containerRegistryClient = new AmazonECRClient(); services.AddSingleton <IKeyService>(keyService); services.AddSingleton <IAmazonEC2>(cloudComputeClient); services.AddSingleton <IAmazonECS>(containerServiceClient); services.AddSingleton <IAmazonECR>(containerRegistryClient); // AwsAdmin.Application Services var vpcService = new VpcService(cloudComputeClient); var subnetService = new SubnetService(cloudComputeClient); var routeTableService = new RouteTableService(cloudComputeClient); var internetGatewayService = new InternetGatewayService(cloudComputeClient); var dhcpOptionsSetService = new DhcpOptionsSetService(cloudComputeClient); var networkAclsService = new NetworkAclsService(cloudComputeClient); var securityGroupService = new SecurityGroupService(cloudComputeClient); services.AddSingleton <IVpcService>(vpcService); services.AddSingleton <ISubnetService>(subnetService); services.AddSingleton <IRouteTableService>(routeTableService); services.AddSingleton <IInternetGatewayService>(internetGatewayService); services.AddSingleton <IDhcpOptionsSetService>(dhcpOptionsSetService); services.AddSingleton <INetworkAclsService>(networkAclsService); services.AddSingleton <ISecurityGroupService>(securityGroupService); // Mappers services.AddSingleton <IDescribeVpcMapper, DescribeVpcMapper>(); services.AddSingleton <IDescribeSubnetMapper, DescribeSubnetMapper>(); services.AddSingleton <IDescribeRouteTableMapper, DescribeRouteTableMapper>(); services.AddSingleton <IDhcpOptionsSetsMapper, DhcpOptionsSetsMapper>(); services.AddSingleton <IInternetGatewayMapper, InternetGatewayMapper>(); services.AddSingleton <INetworkAclsMapper, NetworkAclsMapper>(); services.AddSingleton <ISecurityGroupMapper, SecurityGroupMapper>(); }
public void ECRBatchGetImage() { #region batchgetimage-example-1470862771437 var client = new AmazonECRClient(); var response = client.BatchGetImage(new BatchGetImageRequest { ImageIds = new List <ImageIdentifier> { new ImageIdentifier { ImageTag = "precise" } }, RepositoryName = "ubuntu" }); List <ImageFailure> failures = response.Failures; List <Image> images = response.Images; #endregion }
private static async Task <GetAuthorizationTokenResponse> GetAuthorizationToken(string accessKeyId, string secretKey) { Output.Verbose($"Retrieving authorization token {nameof(accessKeyId)}={accessKeyId}, {nameof(secretKey)}={secretKey}."); GetAuthorizationTokenResponse authorizationToken; // We only want to get & save secrets from/to local configuration when we have not provided them var needToStoreSecrets = false; if (accessKeyId == null || secretKey == null) { Output.Verbose("Attempting to load AWS credentials from secrets store."); var securityConfig = GetConfiguration(); if (accessKeyId == null) { accessKeyId = securityConfig[SecretStoreKeys.AccessKeyId]; } if (secretKey == null) { secretKey = securityConfig[SecretStoreKeys.SecretKey]; } } var firstPrompt = true; do { if (accessKeyId == null || secretKey == null) { Output.Verbose("Attempting to prompt for AWS credentials."); needToStoreSecrets = true; if (!ConsoleHelper.IsInteractive) { // CLI is running from within a script in a non-interactive terminal, e.g., from pressing F5 in VS Code. The // auth command will get users to this same code path, but in an interactive terminal. var cliCommand = Program.CliCommandName; var authCommand = new AuthorizeCommand().CommandName; Output.Error(Output.HorizontalLine()); Output.Error("Your machine is missing necessary AWS credentials. Authorize your machine by opening a terminal and " + "running the following commands, then try your actions again. This authorization only needs to be performed once per user/machine:"); Output.Error($"> cd {Directory.GetCurrentDirectory()}"); Output.Error($"> dotnet {cliCommand} {authCommand}"); Output.Error($"If you have further issues, please contact #watch-ops."); Output.Error(Output.HorizontalLine()); return(null); } // TODO add link to docs page for finding/creating AWS access keys and getting help from watch-ops to set up account // or add permissions. if (firstPrompt) { Output.Error("Your machine is missing necessary AWS credentials. The following authorization only needs to be performed " + "once per user/machine. For assistance, please contact #watch-ops."); firstPrompt = false; } Output.Error("Paste in your AWS ACCESS KEY ID:"); accessKeyId = ConsoleHelper.ReadPassword(); Output.Error("Now paste in your AWS SECRET ACCESS KEY:"); secretKey = ConsoleHelper.ReadPassword(); } try { var ecrClient = new AmazonECRClient(accessKeyId, secretKey, _regionEndpoint); // TODO Potentially slow. We might need to create a cached toked since it'll be valid for 12 hours // Another thing is that there is a throttling for GetAuthorizationTokenAsync (1 call / second) // There's not a good way to check the stored credentials without making // an actual call to ECR (e.g. a docker pull). Doing that on every operation // would be relatively slow. Could we write a hidden file on successful auth // check and expire it after 8 hours? Output.Verbose($"Retrieving ECR authentication token"); authorizationToken = await ecrClient.GetAuthorizationTokenAsync(new GetAuthorizationTokenRequest(), new CancellationTokenSource(_awsTimeout).Token); // We have successfully got authorization token let's save our access key and secret in user-secrets. // We only save them when we've not provided access and secret via parameters. if (needToStoreSecrets) { Output.Verbose($"Storing secret {SecretStoreKeys.AccessKeyId}"); await SaveSecret(SecretStoreKeys.AccessKeyId, accessKeyId); Output.Verbose($"Storing secret {SecretStoreKeys.SecretKey}"); await SaveSecret(SecretStoreKeys.SecretKey, secretKey); } break; } catch (Exception e) { var amazonEcrException = e.InnerException as AmazonECRException; if (amazonEcrException != null && amazonEcrException.ErrorCode.Equals("UnrecognizedClientException")) { Output.VerboseException(e); Output.Error("Bad credentials. Please try again."); accessKeyId = null; secretKey = null; continue; } // TODO handle case where permissions are inadequate (?) Output.Error("Something went wrong while connecting to AWS. Please try again later."); Output.Exception(e); throw; } } while (true); return(authorizationToken); }
public ECRHelper(int maxDegreeOfParalelism = 2) { _maxDegreeOfParalelism = maxDegreeOfParalelism; _ECRClient = new AmazonECRClient(); }