cdk-ecr-deployment 2.3.0 → 2.4.0

package/.jsii

@@ -2872,7 +2872,7 @@
   },
   "name": "cdk-ecr-deployment",
   "readme": {
-    "markdown": "# cdk-ecr-deployment\n\n[![Release](https://github.com/wchaws/cdk-ecr-deployment/actions/workflows/release.yml/badge.svg)](https://github.com/wchaws/cdk-ecr-deployment/actions/workflows/release.yml)\n[![npm version](https://img.shields.io/npm/v/cdk-ecr-deployment)](https://www.npmjs.com/package/cdk-ecr-deployment)\n[![PyPI](https://img.shields.io/pypi/v/cdk-ecr-deployment)](https://pypi.org/project/cdk-ecr-deployment)\n[![npm](https://img.shields.io/npm/dw/cdk-ecr-deployment?label=npm%20downloads)](https://www.npmjs.com/package/cdk-ecr-deployment)\n[![PyPI - Downloads](https://img.shields.io/pypi/dw/cdk-ecr-deployment?label=pypi%20downloads)](https://pypi.org/project/cdk-ecr-deployment)\n\nCDK construct to deploy docker image to Amazon ECR\n\n⚠️ Please use ^1.0.0 for cdk version 1.x.x, use ^2.0.0 for cdk version 2.x.x\n\n## Features\n\n- Copy an ECR image to another\n- Copy docker hub image to ECR\n- Copy an archive tarball image from s3 to ECR\n\n## Examples\n\nRun [test/integ.ecr-deployment.ts](./test/integ.ecr-deployment.ts)\n\n```shell\nNO_PREBUILT_LAMBDA=1 npx cdk deploy -a \"npx ts-node -P tsconfig.dev.json --prefer-ts-exts test/integ.ecr-deployment.ts\"\n```\n\n## Tech Details & Contribution\n\nThe core of this project relies on https://github.com/containers/image which is used by https://github.com/containers/skopeo.\nPlease take a look at those projects before contribution.\n\nTo support a new docker image source(like docker tarball in s3), you need to implement [image transport interface](https://github.com/containers/image/blob/master/types/types.go). You could take a look at [docker-archive](https://github.com/containers/image/blob/ccb87a8d0f45cf28846e307eb0ec2b9d38a458c2/docker/archive/transport.go) transport for a good start.\n\nTo test the `lambda` folder, `make test`.\n"
+    "markdown": "# cdk-ecr-deployment\n\n[![Release](https://github.com/wchaws/cdk-ecr-deployment/actions/workflows/release.yml/badge.svg)](https://github.com/wchaws/cdk-ecr-deployment/actions/workflows/release.yml)\n[![npm version](https://img.shields.io/npm/v/cdk-ecr-deployment)](https://www.npmjs.com/package/cdk-ecr-deployment)\n[![PyPI](https://img.shields.io/pypi/v/cdk-ecr-deployment)](https://pypi.org/project/cdk-ecr-deployment)\n[![npm](https://img.shields.io/npm/dw/cdk-ecr-deployment?label=npm%20downloads)](https://www.npmjs.com/package/cdk-ecr-deployment)\n[![PyPI - Downloads](https://img.shields.io/pypi/dw/cdk-ecr-deployment?label=pypi%20downloads)](https://pypi.org/project/cdk-ecr-deployment)\n\nCDK construct to synchronize single docker image between docker registries.\n\n⚠️ Please use ^1.0.0 for cdk version 1.x.x, use ^2.0.0 for cdk version 2.x.x\n\n## Features\n\n- Copy image from ECR/external registry to (another) ECR/external registry\n- Copy an archive tarball image from s3 to ECR/external registry\n\n⚠️ Currently construct can authenticate to external registry only with basic auth, but credentials are put as plain text to template and logs. See issue [#171](https://github.com/cdklabs/cdk-ecr-deployment/issues/171).\n\n## Examples\n\nRun [test/integ.ecr-deployment.ts](./test/integ.ecr-deployment.ts)\n\n```shell\nNO_PREBUILT_LAMBDA=1 npx cdk deploy -a \"npx ts-node -P tsconfig.dev.json --prefer-ts-exts test/integ.ecr-deployment.ts\"\n```\n\n## Tech Details & Contribution\n\nThe core of this project relies on [containers/image](https://github.com/containers/image) which is used by [Skopeo](https://github.com/containers/skopeo).\nPlease take a look at those projects before contribution.\n\nTo support a new docker image source(like docker tarball in s3), you need to implement [image transport interface](https://github.com/containers/image/blob/master/types/types.go). You could take a look at [docker-archive](https://github.com/containers/image/blob/ccb87a8d0f45cf28846e307eb0ec2b9d38a458c2/docker/archive/transport.go) transport for a good start.\n\nTo test the `lambda` folder, `make test`.\n"
   },
   "repository": {
     "type": "git",
@@ -2901,7 +2901,7 @@
         },
         "locationInModule": {
           "filename": "src/index.ts",
-          "line": 111
+          "line": 117
         },
         "parameters": [
           {
@@ -2925,7 +2925,7 @@
       "kind": "class",
       "locationInModule": {
         "filename": "src/index.ts",
-        "line": 110
+        "line": 116
       },
       "name": "DockerImageName",
       "properties": [
@@ -2938,7 +2938,7 @@
           "immutable": true,
           "locationInModule": {
             "filename": "src/index.ts",
-            "line": 112
+            "line": 118
           },
           "name": "uri",
           "overrides": "cdk-ecr-deployment.IImageName",
@@ -2952,7 +2952,7 @@
           },
           "locationInModule": {
             "filename": "src/index.ts",
-            "line": 111
+            "line": 117
           },
           "name": "creds",
           "optional": true,
@@ -2977,7 +2977,7 @@
         },
         "locationInModule": {
           "filename": "src/index.ts",
-          "line": 127
+          "line": 135
         },
         "parameters": [
           {
@@ -3003,8 +3003,33 @@
       "kind": "class",
       "locationInModule": {
         "filename": "src/index.ts",
-        "line": 126
+        "line": 132
       },
+      "methods": [
+        {
+          "docs": {
+            "stability": "stable"
+          },
+          "locationInModule": {
+            "filename": "src/index.ts",
+            "line": 196
+          },
+          "name": "addToPrincipalPolicy",
+          "parameters": [
+            {
+              "name": "statement",
+              "type": {
+                "fqn": "aws-cdk-lib.aws_iam.PolicyStatement"
+              }
+            }
+          ],
+          "returns": {
+            "type": {
+              "fqn": "aws-cdk-lib.aws_iam.AddToPrincipalPolicyResult"
+            }
+          }
+        }
+      ],
       "name": "ECRDeployment",
       "symbolId": "src/index:ECRDeployment"
     },
@@ -3018,7 +3043,7 @@
       "kind": "interface",
       "locationInModule": {
         "filename": "src/index.ts",
-        "line": 10
+        "line": 11
       },
       "name": "ECRDeploymentProps",
       "properties": [
@@ -3031,7 +3056,7 @@
           "immutable": true,
           "locationInModule": {
             "filename": "src/index.ts",
-            "line": 30
+            "line": 31
           },
           "name": "dest",
           "type": {
@@ -3047,7 +3072,7 @@
           "immutable": true,
           "locationInModule": {
             "filename": "src/index.ts",
-            "line": 25
+            "line": 26
           },
           "name": "src",
           "type": {
@@ -3065,7 +3090,7 @@
           "immutable": true,
           "locationInModule": {
             "filename": "src/index.ts",
-            "line": 21
+            "line": 22
           },
           "name": "buildImage",
           "optional": true,
@@ -3082,7 +3107,7 @@
           "immutable": true,
           "locationInModule": {
             "filename": "src/index.ts",
-            "line": 68
+            "line": 69
           },
           "name": "environment",
           "optional": true,
@@ -3106,7 +3131,7 @@
           "immutable": true,
           "locationInModule": {
             "filename": "src/index.ts",
-            "line": 41
+            "line": 42
           },
           "name": "memoryLimit",
           "optional": true,
@@ -3124,7 +3149,7 @@
           "immutable": true,
           "locationInModule": {
             "filename": "src/index.ts",
-            "line": 48
+            "line": 49
           },
           "name": "role",
           "optional": true,
@@ -3142,7 +3167,7 @@
           "immutable": true,
           "locationInModule": {
             "filename": "src/index.ts",
-            "line": 55
+            "line": 56
           },
           "name": "vpc",
           "optional": true,
@@ -3161,7 +3186,7 @@
           "immutable": true,
           "locationInModule": {
             "filename": "src/index.ts",
-            "line": 63
+            "line": 64
           },
           "name": "vpcSubnets",
           "optional": true,
@@ -3181,7 +3206,7 @@
       "kind": "interface",
       "locationInModule": {
         "filename": "src/index.ts",
-        "line": 71
+        "line": 72
       },
       "name": "IImageName",
       "properties": [
@@ -3195,7 +3220,7 @@
           "immutable": true,
           "locationInModule": {
             "filename": "src/index.ts",
-            "line": 77
+            "line": 78
           },
           "name": "uri",
           "type": {
@@ -3205,13 +3230,13 @@
         {
           "abstract": true,
           "docs": {
-            "remarks": "Format `user:[password]`",
+            "remarks": "Format `user:password` or `AWS Secrets Manager secret arn` or `AWS Secrets Manager secret name`",
             "stability": "stable",
             "summary": "The credentials of the docker image."
           },
           "locationInModule": {
             "filename": "src/index.ts",
-            "line": 82
+            "line": 83
           },
           "name": "creds",
           "optional": true,
@@ -3234,7 +3259,7 @@
         },
         "locationInModule": {
           "filename": "src/index.ts",
-          "line": 117
+          "line": 123
         },
         "parameters": [
           {
@@ -3265,7 +3290,7 @@
       "kind": "class",
       "locationInModule": {
         "filename": "src/index.ts",
-        "line": 115
+        "line": 121
       },
       "name": "S3ArchiveName",
       "properties": [
@@ -3278,7 +3303,7 @@
           "immutable": true,
           "locationInModule": {
             "filename": "src/index.ts",
-            "line": 123
+            "line": 129
           },
           "name": "uri",
           "overrides": "cdk-ecr-deployment.IImageName",
@@ -3292,7 +3317,7 @@
           },
           "locationInModule": {
             "filename": "src/index.ts",
-            "line": 117
+            "line": 123
           },
           "name": "creds",
           "optional": true,
@@ -3305,6 +3330,6 @@
       "symbolId": "src/index:S3ArchiveName"
     }
   },
-  "version": "2.3.0",
-  "fingerprint": "qBdf3qBhZ5hHJxW8B+60YXpttQavTX7mFvE34S/Hhmw="
+  "version": "2.4.0",
+  "fingerprint": "d5kP3wOkagNaML4hX/yNBeSbDzUd8ZQTzfYJ5ZG/XOQ="
 }

package/API.md

@@ -83,6 +83,22 @@ new ECRDeployment(scope: Construct, id: string, props: ECRDeploymentProps)
   * **vpcSubnets** (<code>[aws_ec2.SubnetSelection](#aws-cdk-lib-aws-ec2-subnetselection)</code>)  Where in the VPC to place the deployment lambda handler. __*Default*__: the Vpc default strategy if not specified
 
 
+### Methods
+
+
+#### addToPrincipalPolicy(statement) <a id="cdk-ecr-deployment-ecrdeployment-addtoprincipalpolicy"></a>
+
+
+
+```ts
+addToPrincipalPolicy(statement: PolicyStatement): AddToPrincipalPolicyResult
+```
+
+* **statement** (<code>[aws_iam.PolicyStatement](#aws-cdk-lib-aws-iam-policystatement)</code>)  *No description*
+
+__Returns__:
+* <code>[aws_iam.AddToPrincipalPolicyResult](#aws-cdk-lib-aws-iam-addtoprincipalpolicyresult)</code>
+
 
 
 ## class S3ArchiveName  <a id="cdk-ecr-deployment-s3archivename"></a>

package/README.md

@@ -6,15 +6,16 @@
 [![npm](https://img.shields.io/npm/dw/cdk-ecr-deployment?label=npm%20downloads)](https://www.npmjs.com/package/cdk-ecr-deployment)
 [![PyPI - Downloads](https://img.shields.io/pypi/dw/cdk-ecr-deployment?label=pypi%20downloads)](https://pypi.org/project/cdk-ecr-deployment)
 
-CDK construct to deploy docker image to Amazon ECR
+CDK construct to synchronize single docker image between docker registries.
 
 ⚠️ Please use ^1.0.0 for cdk version 1.x.x, use ^2.0.0 for cdk version 2.x.x
 
 ## Features
 
-- Copy an ECR image to another
-- Copy docker hub image to ECR
-- Copy an archive tarball image from s3 to ECR
+- Copy image from ECR/external registry to (another) ECR/external registry
+- Copy an archive tarball image from s3 to ECR/external registry
+
+⚠️ Currently construct can authenticate to external registry only with basic auth, but credentials are put as plain text to template and logs. See issue [#171](https://github.com/cdklabs/cdk-ecr-deployment/issues/171).
 
 ## Examples
 
@@ -26,7 +27,7 @@ NO_PREBUILT_LAMBDA=1 npx cdk deploy -a "npx ts-node -P tsconfig.dev.json --prefe
 
 ## Tech Details & Contribution
 
-The core of this project relies on https://github.com/containers/image which is used by https://github.com/containers/skopeo.
+The core of this project relies on [containers/image](https://github.com/containers/image) which is used by [Skopeo](https://github.com/containers/skopeo).
 Please take a look at those projects before contribution.
 
 To support a new docker image source(like docker tarball in s3), you need to implement [image transport interface](https://github.com/containers/image/blob/master/types/types.go). You could take a look at [docker-archive](https://github.com/containers/image/blob/ccb87a8d0f45cf28846e307eb0ec2b9d38a458c2/docker/archive/transport.go) transport for a good start.

package/changelog.md

@@ -1,7 +1,7 @@
 
-## [2.3.0](https://github.com/cdklabs/cdk-ecr-deployment/compare/v2.2.0...v2.3.0) (2022-03-05)
+## [2.4.0](https://github.com/cdklabs/cdk-ecr-deployment/compare/v2.3.2...v2.4.0) (2022-03-06)
 
 
 ### Features
 
-* Allow definition of used base image for lambda build ([#174](https://github.com/cdklabs/cdk-ecr-deployment/issues/174)) ([2964a18](https://github.com/cdklabs/cdk-ecr-deployment/commit/2964a18dcd7b9f649bd064ef29baf0b785f7abd8)), closes [#170](https://github.com/cdklabs/cdk-ecr-deployment/issues/170)
+* support getting external registry credentials from secrets/parameter store ([5824d07](https://github.com/cdklabs/cdk-ecr-deployment/commit/5824d0780819115a3bd7e4fb430077d256ba8796))

package/lambda/go.mod

@@ -3,20 +3,39 @@ module cdk-ecr-deployment-handler
 go 1.15
 
 require (
+	github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
+	github.com/Microsoft/go-winio v0.5.1 // indirect
+	github.com/Microsoft/hcsshim v0.9.2 // indirect
 	github.com/aws/aws-lambda-go v1.23.0
-	github.com/aws/aws-sdk-go-v2 v1.3.2
+	github.com/aws/aws-sdk-go-v2 v1.14.0
 	github.com/aws/aws-sdk-go-v2/config v1.1.6
+	github.com/aws/aws-sdk-go-v2/internal/ini v1.3.6 // indirect
 	github.com/aws/aws-sdk-go-v2/service/ecr v1.2.2
 	github.com/aws/aws-sdk-go-v2/service/s3 v1.5.0
-	github.com/containerd/containerd v1.5.9 // indirect
+	github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.14.0
+	github.com/cespare/xxhash/v2 v2.1.2 // indirect
+	github.com/containerd/cgroups v1.0.3 // indirect
+	github.com/containerd/containerd v1.5.10 // indirect
 	github.com/containers/image/v5 v5.17.0
 	github.com/docker/distribution v2.8.0+incompatible // indirect
 	github.com/docker/docker v20.10.12+incompatible // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da
+	github.com/hashicorp/errwrap v1.1.0 // indirect
+	github.com/moby/term v0.0.0-20210610120745-9d4ed1856297 // indirect
 	github.com/opencontainers/go-digest v1.0.0
 	github.com/opencontainers/image-spec v1.0.3-0.20211202193544-a5463b7f9c84 // indirect
-	github.com/opencontainers/runc v1.0.3 // indirect
+	github.com/opencontainers/runc v1.1.0 // indirect
 	github.com/pkg/errors v0.9.1
+	github.com/prometheus/common v0.30.0 // indirect
+	github.com/prometheus/procfs v0.7.3 // indirect
 	github.com/sirupsen/logrus v1.8.1
 	github.com/stretchr/testify v1.7.0
+	golang.org/x/crypto v0.0.0-20210817164053-32db794688a5 // indirect
+	golang.org/x/net v0.0.0-20211216030914-fe4d6282115f // indirect
+	golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b // indirect
+	golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac // indirect
+	google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa // indirect
+	google.golang.org/grpc v1.43.0 // indirect
+	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
+	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
 )