cdk-ecr-deployment 3.1.13 → 3.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.jsii +20 -20
- package/.jsii.tabl.json +1 -1
- package/API.md +30 -5
- package/README.md +3 -1
- package/lambda/go.mod +128 -11
- package/lambda/go.sum +261 -4810
- package/lambda/install.js +21 -6
- package/lambda/internal/tarfile/s3file.go +1 -1
- package/lambda/main.go +4 -0
- package/lambda/utils.go +17 -0
- package/lambda/utils_test.go +30 -0
- package/lib/index.d.ts +6 -1
- package/lib/index.js +4 -4
- package/package.json +1 -1
package/.jsii
CHANGED
|
@@ -3472,7 +3472,7 @@
|
|
|
3472
3472
|
},
|
|
3473
3473
|
"name": "cdk-ecr-deployment",
|
|
3474
3474
|
"readme": {
|
|
3475
|
-
"markdown": "# cdk-ecr-deployment\n\n[](https://github.com/cdklabs/cdk-ecr-deployment/actions/workflows/release.yml)\n[](https://www.npmjs.com/package/cdk-ecr-deployment)\n[](https://pypi.org/project/cdk-ecr-deployment)\n[](https://www.npmjs.com/package/cdk-ecr-deployment)\n[](https://pypi.org/project/cdk-ecr-deployment)\n\nCDK construct to synchronize single docker image between docker registries.\n\n**Only use v3 of this package**\n\n⚠️ Version 2.* is no longer supported, as the Go.1.x runtime is no longer supported in AWS Lambda.\\\n⚠️ Version 1.* is no longer supported, as CDK v1 has reached the end-of-life\nstage.\n\n## Features\n\n- Copy image from ECR/external registry to (another) ECR/external registry\n- Copy an archive tarball image from s3 to ECR/external registry\n\n## Environment variables\n\nEnable flags: `true`, `1`. e.g. `export CI=1`\n\n- `CI` indicate if it's CI environment. This flag will enable building lambda from scratch.\n- `NO_PREBUILT_LAMBDA` disable using prebuilt lambda.\n- `FORCE_PREBUILT_LAMBDA` force using prebuilt lambda.\n\n⚠️ If you want to force using prebuilt lambda in CI environment to reduce build time. Try `export FORCE_PREBUILT_LAMBDA=1`.\n\n## Examples\n\n```ts\nimport { DockerImageAsset } from 'aws-cdk-lib/aws-ecr-assets';\n\nconst image = new DockerImageAsset(this, 'CDKDockerImage', {\n directory: path.join(__dirname, 'docker'),\n});\n\n// Copy from cdk docker image asset to another ECR.\nnew ecrdeploy.ECRDeployment(this, 'DeployDockerImage1', {\n src: new ecrdeploy.DockerImageName(image.imageUri),\n dest: new ecrdeploy.DockerImageName(`${cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx:latest`),\n});\n\n// Copy from docker registry to ECR.\nnew ecrdeploy.ECRDeployment(this, 'DeployDockerImage2', {\n src: new ecrdeploy.DockerImageName('nginx:latest'),\n dest: new ecrdeploy.DockerImageName(`${cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx2:latest`),\n});\n\n// Copy from private docker registry to ECR.\n// The format of secret in aws secrets manager must be plain text
|
|
3475
|
+
"markdown": "# cdk-ecr-deployment\n\n[](https://github.com/cdklabs/cdk-ecr-deployment/actions/workflows/release.yml)\n[](https://www.npmjs.com/package/cdk-ecr-deployment)\n[](https://pypi.org/project/cdk-ecr-deployment)\n[](https://www.npmjs.com/package/cdk-ecr-deployment)\n[](https://pypi.org/project/cdk-ecr-deployment)\n\nCDK construct to synchronize single docker image between docker registries.\n\n**Only use v3 of this package**\n\n⚠️ Version 2.* is no longer supported, as the Go.1.x runtime is no longer supported in AWS Lambda.\\\n⚠️ Version 1.* is no longer supported, as CDK v1 has reached the end-of-life\nstage.\n\n## Features\n\n- Copy image from ECR/external registry to (another) ECR/external registry\n- Copy an archive tarball image from s3 to ECR/external registry\n\n## Environment variables\n\nEnable flags: `true`, `1`. e.g. `export CI=1`\n\n- `CI` indicate if it's CI environment. This flag will enable building lambda from scratch.\n- `NO_PREBUILT_LAMBDA` disable using prebuilt lambda.\n- `FORCE_PREBUILT_LAMBDA` force using prebuilt lambda.\n\n⚠️ If you want to force using prebuilt lambda in CI environment to reduce build time. Try `export FORCE_PREBUILT_LAMBDA=1`.\n\n## Examples\n\n```ts\nimport { DockerImageAsset } from 'aws-cdk-lib/aws-ecr-assets';\n\nconst image = new DockerImageAsset(this, 'CDKDockerImage', {\n directory: path.join(__dirname, 'docker'),\n});\n\n// Copy from cdk docker image asset to another ECR.\nnew ecrdeploy.ECRDeployment(this, 'DeployDockerImage1', {\n src: new ecrdeploy.DockerImageName(image.imageUri),\n dest: new ecrdeploy.DockerImageName(`${cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx:latest`),\n});\n\n// Copy from docker registry to ECR.\nnew ecrdeploy.ECRDeployment(this, 'DeployDockerImage2', {\n src: new ecrdeploy.DockerImageName('nginx:latest'),\n dest: new ecrdeploy.DockerImageName(`${cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx2:latest`),\n});\n\n// Copy from private docker registry to ECR.\n// The format of secret in aws secrets manager must be either:\n// - plain text in format <username>:<password>\n// - json in format {\"username\":\"<username>\",\"password\":\"<password>\"}\nnew ecrdeploy.ECRDeployment(this, 'DeployDockerImage3', {\n src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'username:password'),\n // src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'aws-secrets-manager-secret-name'),\n // src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'arn:aws:secretsmanager:us-west-2:000000000000:secret:id'),\n dest: new ecrdeploy.DockerImageName(`${cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx3:latest`),\n}).addToPrincipalPolicy(new iam.PolicyStatement({\n effect: iam.Effect.ALLOW,\n actions: [\n 'secretsmanager:GetSecretValue',\n ],\n resources: ['*'],\n}));\n```\n\n## Sample: [test/example.ecr-deployment.ts](./test/example.ecr-deployment.ts)\n\n```shell\n# Run the following command to try the sample.\nNO_PREBUILT_LAMBDA=1 npx cdk deploy -a \"npx ts-node -P tsconfig.dev.json --prefer-ts-exts test/example.ecr-deployment.ts\"\n```\n\n## [API](./API.md)\n\n## Tech Details & Contribution\n\nThe core of this project relies on [containers/image](https://github.com/containers/image) which is used by [Skopeo](https://github.com/containers/skopeo).\nPlease take a look at those projects before contribution.\n\nTo support a new docker image source(like docker tarball in s3), you need to implement [image transport interface](https://github.com/containers/image/blob/master/types/types.go). You could take a look at [docker-archive](https://github.com/containers/image/blob/ccb87a8d0f45cf28846e307eb0ec2b9d38a458c2/docker/archive/transport.go) transport for a good start.\n\nTo test the `lambda` folder, `make test`.\n"
|
|
3476
3476
|
},
|
|
3477
3477
|
"repository": {
|
|
3478
3478
|
"type": "git",
|
|
@@ -3515,7 +3515,7 @@
|
|
|
3515
3515
|
},
|
|
3516
3516
|
"locationInModule": {
|
|
3517
3517
|
"filename": "src/index.ts",
|
|
3518
|
-
"line":
|
|
3518
|
+
"line": 152
|
|
3519
3519
|
},
|
|
3520
3520
|
"parameters": [
|
|
3521
3521
|
{
|
|
@@ -3526,7 +3526,7 @@
|
|
|
3526
3526
|
},
|
|
3527
3527
|
{
|
|
3528
3528
|
"docs": {
|
|
3529
|
-
"remarks": "Format `user:password` or `AWS Secrets Manager secret arn` or `AWS Secrets Manager secret name`",
|
|
3529
|
+
"remarks": "Format `user:password` or `AWS Secrets Manager secret arn` or `AWS Secrets Manager secret name`.\n\nIf specifying an AWS Secrets Manager secret, the format of the secret should be either plain text (`user:password`) or\nJSON (`{\"username\":\"<username>\",\"password\":\"<password>\"}`).\n\nFor more details on JSON format, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/private-auth.html",
|
|
3530
3530
|
"summary": "The credentials of the docker image."
|
|
3531
3531
|
},
|
|
3532
3532
|
"name": "creds",
|
|
@@ -3543,7 +3543,7 @@
|
|
|
3543
3543
|
"kind": "class",
|
|
3544
3544
|
"locationInModule": {
|
|
3545
3545
|
"filename": "src/index.ts",
|
|
3546
|
-
"line":
|
|
3546
|
+
"line": 151
|
|
3547
3547
|
},
|
|
3548
3548
|
"name": "DockerImageName",
|
|
3549
3549
|
"properties": [
|
|
@@ -3556,7 +3556,7 @@
|
|
|
3556
3556
|
"immutable": true,
|
|
3557
3557
|
"locationInModule": {
|
|
3558
3558
|
"filename": "src/index.ts",
|
|
3559
|
-
"line":
|
|
3559
|
+
"line": 153
|
|
3560
3560
|
},
|
|
3561
3561
|
"name": "uri",
|
|
3562
3562
|
"overrides": "cdk-ecr-deployment.IImageName",
|
|
@@ -3566,13 +3566,13 @@
|
|
|
3566
3566
|
},
|
|
3567
3567
|
{
|
|
3568
3568
|
"docs": {
|
|
3569
|
-
"remarks": "Format `user:password` or `AWS Secrets Manager secret arn` or `AWS Secrets Manager secret name`",
|
|
3569
|
+
"remarks": "Format `user:password` or `AWS Secrets Manager secret arn` or `AWS Secrets Manager secret name`.\n\nIf specifying an AWS Secrets Manager secret, the format of the secret should be either plain text (`user:password`) or\nJSON (`{\"username\":\"<username>\",\"password\":\"<password>\"}`).\n\nFor more details on JSON format, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/private-auth.html",
|
|
3570
3570
|
"stability": "stable",
|
|
3571
3571
|
"summary": "The credentials of the docker image."
|
|
3572
3572
|
},
|
|
3573
3573
|
"locationInModule": {
|
|
3574
3574
|
"filename": "src/index.ts",
|
|
3575
|
-
"line":
|
|
3575
|
+
"line": 152
|
|
3576
3576
|
},
|
|
3577
3577
|
"name": "creds",
|
|
3578
3578
|
"optional": true,
|
|
@@ -3597,7 +3597,7 @@
|
|
|
3597
3597
|
},
|
|
3598
3598
|
"locationInModule": {
|
|
3599
3599
|
"filename": "src/index.ts",
|
|
3600
|
-
"line":
|
|
3600
|
+
"line": 170
|
|
3601
3601
|
},
|
|
3602
3602
|
"parameters": [
|
|
3603
3603
|
{
|
|
@@ -3623,7 +3623,7 @@
|
|
|
3623
3623
|
"kind": "class",
|
|
3624
3624
|
"locationInModule": {
|
|
3625
3625
|
"filename": "src/index.ts",
|
|
3626
|
-
"line":
|
|
3626
|
+
"line": 167
|
|
3627
3627
|
},
|
|
3628
3628
|
"methods": [
|
|
3629
3629
|
{
|
|
@@ -3632,7 +3632,7 @@
|
|
|
3632
3632
|
},
|
|
3633
3633
|
"locationInModule": {
|
|
3634
3634
|
"filename": "src/index.ts",
|
|
3635
|
-
"line":
|
|
3635
|
+
"line": 239
|
|
3636
3636
|
},
|
|
3637
3637
|
"name": "addToPrincipalPolicy",
|
|
3638
3638
|
"parameters": [
|
|
@@ -3934,13 +3934,13 @@
|
|
|
3934
3934
|
{
|
|
3935
3935
|
"abstract": true,
|
|
3936
3936
|
"docs": {
|
|
3937
|
-
"remarks": "Format `user:password` or `AWS Secrets Manager secret arn` or `AWS Secrets Manager secret name`",
|
|
3937
|
+
"remarks": "Format `user:password` or `AWS Secrets Manager secret arn` or `AWS Secrets Manager secret name`.\n\nIf specifying an AWS Secrets Manager secret, the format of the secret should be either plain text (`user:password`) or\nJSON (`{\"username\":\"<username>\",\"password\":\"<password>\"}`).\n\nFor more details on JSON format, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/private-auth.html",
|
|
3938
3938
|
"stability": "stable",
|
|
3939
3939
|
"summary": "The credentials of the docker image."
|
|
3940
3940
|
},
|
|
3941
3941
|
"locationInModule": {
|
|
3942
3942
|
"filename": "src/index.ts",
|
|
3943
|
-
"line":
|
|
3943
|
+
"line": 128
|
|
3944
3944
|
},
|
|
3945
3945
|
"name": "creds",
|
|
3946
3946
|
"optional": true,
|
|
@@ -3963,7 +3963,7 @@
|
|
|
3963
3963
|
},
|
|
3964
3964
|
"locationInModule": {
|
|
3965
3965
|
"filename": "src/index.ts",
|
|
3966
|
-
"line":
|
|
3966
|
+
"line": 158
|
|
3967
3967
|
},
|
|
3968
3968
|
"parameters": [
|
|
3969
3969
|
{
|
|
@@ -3981,7 +3981,7 @@
|
|
|
3981
3981
|
},
|
|
3982
3982
|
{
|
|
3983
3983
|
"docs": {
|
|
3984
|
-
"remarks": "Format `user:password` or `AWS Secrets Manager secret arn` or `AWS Secrets Manager secret name`",
|
|
3984
|
+
"remarks": "Format `user:password` or `AWS Secrets Manager secret arn` or `AWS Secrets Manager secret name`.\n\nIf specifying an AWS Secrets Manager secret, the format of the secret should be either plain text (`user:password`) or\nJSON (`{\"username\":\"<username>\",\"password\":\"<password>\"}`).\n\nFor more details on JSON format, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/private-auth.html",
|
|
3985
3985
|
"summary": "The credentials of the docker image."
|
|
3986
3986
|
},
|
|
3987
3987
|
"name": "creds",
|
|
@@ -3998,7 +3998,7 @@
|
|
|
3998
3998
|
"kind": "class",
|
|
3999
3999
|
"locationInModule": {
|
|
4000
4000
|
"filename": "src/index.ts",
|
|
4001
|
-
"line":
|
|
4001
|
+
"line": 156
|
|
4002
4002
|
},
|
|
4003
4003
|
"name": "S3ArchiveName",
|
|
4004
4004
|
"properties": [
|
|
@@ -4011,7 +4011,7 @@
|
|
|
4011
4011
|
"immutable": true,
|
|
4012
4012
|
"locationInModule": {
|
|
4013
4013
|
"filename": "src/index.ts",
|
|
4014
|
-
"line":
|
|
4014
|
+
"line": 164
|
|
4015
4015
|
},
|
|
4016
4016
|
"name": "uri",
|
|
4017
4017
|
"overrides": "cdk-ecr-deployment.IImageName",
|
|
@@ -4021,13 +4021,13 @@
|
|
|
4021
4021
|
},
|
|
4022
4022
|
{
|
|
4023
4023
|
"docs": {
|
|
4024
|
-
"remarks": "Format `user:password` or `AWS Secrets Manager secret arn` or `AWS Secrets Manager secret name`",
|
|
4024
|
+
"remarks": "Format `user:password` or `AWS Secrets Manager secret arn` or `AWS Secrets Manager secret name`.\n\nIf specifying an AWS Secrets Manager secret, the format of the secret should be either plain text (`user:password`) or\nJSON (`{\"username\":\"<username>\",\"password\":\"<password>\"}`).\n\nFor more details on JSON format, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/private-auth.html",
|
|
4025
4025
|
"stability": "stable",
|
|
4026
4026
|
"summary": "The credentials of the docker image."
|
|
4027
4027
|
},
|
|
4028
4028
|
"locationInModule": {
|
|
4029
4029
|
"filename": "src/index.ts",
|
|
4030
|
-
"line":
|
|
4030
|
+
"line": 158
|
|
4031
4031
|
},
|
|
4032
4032
|
"name": "creds",
|
|
4033
4033
|
"optional": true,
|
|
@@ -4040,6 +4040,6 @@
|
|
|
4040
4040
|
"symbolId": "src/index:S3ArchiveName"
|
|
4041
4041
|
}
|
|
4042
4042
|
},
|
|
4043
|
-
"version": "3.1
|
|
4044
|
-
"fingerprint": "
|
|
4043
|
+
"version": "3.2.1",
|
|
4044
|
+
"fingerprint": "4bSRiKQ84kafoVB105sB4gNTjcd0Ck4yLU2zAoM2kKs="
|
|
4045
4045
|
}
|
package/.jsii.tabl.json
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":"2","toolVersion":"5.7.8","snippets":{"33850328020507963bc7787401a169bb06e49f6132425a6d1529815c1554c645":{"translations":{"python":{"source":"from aws_cdk.aws_ecr_assets import DockerImageAsset\n\n\nimage = DockerImageAsset(self, \"CDKDockerImage\",\n directory=path.join(__dirname, \"docker\")\n)\n\n# Copy from cdk docker image asset to another ECR.\necrdeploy.ECRDeployment(self, \"DeployDockerImage1\",\n src=ecrdeploy.DockerImageName(image.image_uri),\n dest=ecrdeploy.DockerImageName(f\"{cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx:latest\")\n)\n\n# Copy from docker registry to ECR.\necrdeploy.ECRDeployment(self, \"DeployDockerImage2\",\n src=ecrdeploy.DockerImageName(\"nginx:latest\"),\n dest=ecrdeploy.DockerImageName(f\"{cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx2:latest\")\n)\n\n# Copy from private docker registry to ECR.\n# The format of secret in aws secrets manager must be plain text! e.g. <username>:<password>\necrdeploy.ECRDeployment(self, \"DeployDockerImage3\",\n src=ecrdeploy.DockerImageName(\"javacs3/nginx:latest\", \"username:password\"),\n # src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'aws-secrets-manager-secret-name'),\n # src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'arn:aws:secretsmanager:us-west-2:000000000000:secret:id'),\n dest=ecrdeploy.DockerImageName(f\"{cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx3:latest\")\n).add_to_principal_policy(iam.PolicyStatement(\n effect=iam.Effect.ALLOW,\n actions=[\"secretsmanager:GetSecretValue\"\n ],\n resources=[\"*\"]\n))","version":"2"},"csharp":{"source":"using Amazon.CDK.AWS.Ecr.Assets;\n\n\nvar image = new DockerImageAsset(this, \"CDKDockerImage\", new DockerImageAssetProps {\n Directory = Join(__dirname, \"docker\")\n});\n\n// Copy from cdk docker image asset to another ECR.\n// Copy from cdk docker image asset to another ECR.\nnew ECRDeployment(this, \"DeployDockerImage1\", new ECRDeploymentProps {\n Src = new DockerImageName(image.ImageUri),\n Dest = new DockerImageName($\"{cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx:latest\")\n});\n\n// Copy from docker registry to ECR.\n// Copy from docker registry to ECR.\nnew ECRDeployment(this, \"DeployDockerImage2\", new ECRDeploymentProps {\n Src = new DockerImageName(\"nginx:latest\"),\n Dest = new DockerImageName($\"{cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx2:latest\")\n});\n\n// Copy from private docker registry to ECR.\n// The format of secret in aws secrets manager must be plain text! e.g. <username>:<password>\n// Copy from private docker registry to ECR.\n// The format of secret in aws secrets manager must be plain text! e.g. <username>:<password>\nnew ECRDeployment(this, \"DeployDockerImage3\", new ECRDeploymentProps {\n Src = new DockerImageName(\"javacs3/nginx:latest\", \"username:password\"),\n // src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'aws-secrets-manager-secret-name'),\n // src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'arn:aws:secretsmanager:us-west-2:000000000000:secret:id'),\n Dest = new DockerImageName($\"{cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx3:latest\")\n}).AddToPrincipalPolicy(new PolicyStatement(new PolicyStatementProps {\n Effect = Effect.ALLOW,\n Actions = new [] { \"secretsmanager:GetSecretValue\" },\n Resources = new [] { \"*\" }\n}));","version":"1"},"java":{"source":"import software.amazon.awscdk.services.ecr.assets.DockerImageAsset;\n\n\nDockerImageAsset image = DockerImageAsset.Builder.create(this, \"CDKDockerImage\")\n .directory(join(__dirname, \"docker\"))\n .build();\n\n// Copy from cdk docker image asset to another ECR.\n// Copy from cdk docker image asset to another ECR.\nECRDeployment.Builder.create(this, \"DeployDockerImage1\")\n .src(new DockerImageName(image.getImageUri()))\n .dest(new DockerImageName(String.format(\"%s.dkr.ecr.us-west-2.amazonaws.com/my-nginx:latest\", Aws.ACCOUNT_ID)))\n .build();\n\n// Copy from docker registry to ECR.\n// Copy from docker registry to ECR.\nECRDeployment.Builder.create(this, \"DeployDockerImage2\")\n .src(new DockerImageName(\"nginx:latest\"))\n .dest(new DockerImageName(String.format(\"%s.dkr.ecr.us-west-2.amazonaws.com/my-nginx2:latest\", Aws.ACCOUNT_ID)))\n .build();\n\n// Copy from private docker registry to ECR.\n// The format of secret in aws secrets manager must be plain text! e.g. <username>:<password>\n// Copy from private docker registry to ECR.\n// The format of secret in aws secrets manager must be plain text! e.g. <username>:<password>\nECRDeployment.Builder.create(this, \"DeployDockerImage3\")\n .src(new DockerImageName(\"javacs3/nginx:latest\", \"username:password\"))\n // src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'aws-secrets-manager-secret-name'),\n // src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'arn:aws:secretsmanager:us-west-2:000000000000:secret:id'),\n .dest(new DockerImageName(String.format(\"%s.dkr.ecr.us-west-2.amazonaws.com/my-nginx3:latest\", Aws.ACCOUNT_ID)))\n .build().addToPrincipalPolicy(PolicyStatement.Builder.create()\n .effect(Effect.ALLOW)\n .actions(List.of(\"secretsmanager:GetSecretValue\"))\n .resources(List.of(\"*\"))\n .build());","version":"1"},"go":{"source":"import \"github.com/aws/aws-cdk-go/awscdk\"\n\n\nimage := awscdk.NewDockerImageAsset(this, jsii.String(\"CDKDockerImage\"), &DockerImageAssetProps{\n\tDirectory: path.join(__dirname, jsii.String(\"docker\")),\n})\n\n// Copy from cdk docker image asset to another ECR.\n// Copy from cdk docker image asset to another ECR.\necrdeploy.NewECRDeployment(this, jsii.String(\"DeployDockerImage1\"), &ECRDeploymentProps{\n\tSrc: ecrdeploy.NewDockerImageName(image.ImageUri),\n\tDest: ecrdeploy.NewDockerImageName(fmt.Sprintf(\"%v.dkr.ecr.us-west-2.amazonaws.com/my-nginx:latest\", cdk.Aws_ACCOUNT_ID())),\n})\n\n// Copy from docker registry to ECR.\n// Copy from docker registry to ECR.\necrdeploy.NewECRDeployment(this, jsii.String(\"DeployDockerImage2\"), &ECRDeploymentProps{\n\tSrc: ecrdeploy.NewDockerImageName(jsii.String(\"nginx:latest\")),\n\tDest: ecrdeploy.NewDockerImageName(fmt.Sprintf(\"%v.dkr.ecr.us-west-2.amazonaws.com/my-nginx2:latest\", cdk.Aws_ACCOUNT_ID())),\n})\n\n// Copy from private docker registry to ECR.\n// The format of secret in aws secrets manager must be plain text! e.g. <username>:<password>\n// Copy from private docker registry to ECR.\n// The format of secret in aws secrets manager must be plain text! e.g. <username>:<password>\necrdeploy.NewECRDeployment(this, jsii.String(\"DeployDockerImage3\"), &ECRDeploymentProps{\n\tSrc: ecrdeploy.NewDockerImageName(jsii.String(\"javacs3/nginx:latest\"), jsii.String(\"username:password\")),\n\t// src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'aws-secrets-manager-secret-name'),\n\t// src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'arn:aws:secretsmanager:us-west-2:000000000000:secret:id'),\n\tDest: ecrdeploy.NewDockerImageName(fmt.Sprintf(\"%v.dkr.ecr.us-west-2.amazonaws.com/my-nginx3:latest\", cdk.Aws_ACCOUNT_ID())),\n}).AddToPrincipalPolicy(awscdk.Aws_iam.NewPolicyStatement(&PolicyStatementProps{\n\tEffect: awscdk.*Aws_iam.Effect_ALLOW,\n\tActions: []*string{\n\t\tjsii.String(\"secretsmanager:GetSecretValue\"),\n\t},\n\tResources: []*string{\n\t\tjsii.String(\"*\"),\n\t},\n}))","version":"1"},"$":{"source":"import { DockerImageAsset } from 'aws-cdk-lib/aws-ecr-assets';\n\nconst image = new DockerImageAsset(this, 'CDKDockerImage', {\n directory: path.join(__dirname, 'docker'),\n});\n\n// Copy from cdk docker image asset to another ECR.\nnew ecrdeploy.ECRDeployment(this, 'DeployDockerImage1', {\n src: new ecrdeploy.DockerImageName(image.imageUri),\n dest: new ecrdeploy.DockerImageName(`${cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx:latest`),\n});\n\n// Copy from docker registry to ECR.\nnew ecrdeploy.ECRDeployment(this, 'DeployDockerImage2', {\n src: new ecrdeploy.DockerImageName('nginx:latest'),\n dest: new ecrdeploy.DockerImageName(`${cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx2:latest`),\n});\n\n// Copy from private docker registry to ECR.\n// The format of secret in aws secrets manager must be plain text! e.g. <username>:<password>\nnew ecrdeploy.ECRDeployment(this, 'DeployDockerImage3', {\n src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'username:password'),\n // src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'aws-secrets-manager-secret-name'),\n // src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'arn:aws:secretsmanager:us-west-2:000000000000:secret:id'),\n dest: new ecrdeploy.DockerImageName(`${cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx3:latest`),\n}).addToPrincipalPolicy(new iam.PolicyStatement({\n effect: iam.Effect.ALLOW,\n actions: [\n 'secretsmanager:GetSecretValue',\n ],\n resources: ['*'],\n}));","version":"0"}},"location":{"api":{"api":"moduleReadme","moduleFqn":"cdk-ecr-deployment"},"field":{"field":"markdown","line":34}},"didCompile":true,"fqnsReferenced":["aws-cdk-lib.aws_ecr_assets.DockerImageAsset","aws-cdk-lib.aws_ecr_assets.DockerImageAsset#imageUri","aws-cdk-lib.aws_ecr_assets.DockerImageAssetProps","aws-cdk-lib.aws_iam.Effect","aws-cdk-lib.aws_iam.Effect#ALLOW","aws-cdk-lib.aws_iam.PolicyStatement","aws-cdk-lib.aws_iam.PolicyStatementProps","cdk-ecr-deployment.DockerImageName","cdk-ecr-deployment.ECRDeployment","cdk-ecr-deployment.ECRDeployment#addToPrincipalPolicy","cdk-ecr-deployment.ECRDeploymentProps","cdk-ecr-deployment.IImageName"],"fullSource":"// Hoisted imports begin after !show marker below\n/// !show\nimport { DockerImageAsset } from 'aws-cdk-lib/aws-ecr-assets';\n/// !hide\n// Hoisted imports ended before !hide marker above\n// Fixture with packages imported, but nothing else\nimport * as path from 'node:path';\nimport { Construct } from 'constructs';\n import * as ecrdeploy from 'cdk-ecr-deployment';\nimport {\n Stack,\n aws_iam as iam,\n} from 'aws-cdk-lib';\nimport * as cdk from 'aws-cdk-lib';\n\nclass Fixture extends Stack {\n constructor(scope: Construct, id: string) {\n super(scope, id);\n\n // Code snippet begins after !show marker below\n/// !show\n\n\nconst image = new DockerImageAsset(this, 'CDKDockerImage', {\n directory: path.join(__dirname, 'docker'),\n});\n\n// Copy from cdk docker image asset to another ECR.\nnew ecrdeploy.ECRDeployment(this, 'DeployDockerImage1', {\n src: new ecrdeploy.DockerImageName(image.imageUri),\n dest: new ecrdeploy.DockerImageName(`${cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx:latest`),\n});\n\n// Copy from docker registry to ECR.\nnew ecrdeploy.ECRDeployment(this, 'DeployDockerImage2', {\n src: new ecrdeploy.DockerImageName('nginx:latest'),\n dest: new ecrdeploy.DockerImageName(`${cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx2:latest`),\n});\n\n// Copy from private docker registry to ECR.\n// The format of secret in aws secrets manager must be plain text! e.g. <username>:<password>\nnew ecrdeploy.ECRDeployment(this, 'DeployDockerImage3', {\n src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'username:password'),\n // src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'aws-secrets-manager-secret-name'),\n // src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'arn:aws:secretsmanager:us-west-2:000000000000:secret:id'),\n dest: new ecrdeploy.DockerImageName(`${cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx3:latest`),\n}).addToPrincipalPolicy(new iam.PolicyStatement({\n effect: iam.Effect.ALLOW,\n actions: [\n 'secretsmanager:GetSecretValue',\n ],\n resources: ['*'],\n}));\n/// !hide\n// Code snippet ended before !hide marker above\n }\n}","syntaxKindCounter":{"11":11,"16":3,"18":3,"80":51,"110":4,"209":2,"210":5,"211":21,"213":2,"214":11,"228":3,"239":3,"243":1,"244":3,"260":1,"261":1,"272":1,"273":1,"275":1,"276":1,"303":10,"307":1},"fqnsFingerprint":"b2b5036b1bfc508279d58dec7b8bdd00caa0f71123068dc963187960f976dddb"}}}
|
|
1
|
+
{"version":"2","toolVersion":"5.7.8","snippets":{"88f2a76686f9322de44e83005e6c8c011aa9eec372ebd359095f8b90c3440a65":{"translations":{"python":{"source":"from aws_cdk.aws_ecr_assets import DockerImageAsset\n\n\nimage = DockerImageAsset(self, \"CDKDockerImage\",\n directory=path.join(__dirname, \"docker\")\n)\n\n# Copy from cdk docker image asset to another ECR.\necrdeploy.ECRDeployment(self, \"DeployDockerImage1\",\n src=ecrdeploy.DockerImageName(image.image_uri),\n dest=ecrdeploy.DockerImageName(f\"{cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx:latest\")\n)\n\n# Copy from docker registry to ECR.\necrdeploy.ECRDeployment(self, \"DeployDockerImage2\",\n src=ecrdeploy.DockerImageName(\"nginx:latest\"),\n dest=ecrdeploy.DockerImageName(f\"{cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx2:latest\")\n)\n\n# Copy from private docker registry to ECR.\n# The format of secret in aws secrets manager must be either:\n# - plain text in format <username>:<password>\n# - json in format {\"username\":\"<username>\",\"password\":\"<password>\"}\necrdeploy.ECRDeployment(self, \"DeployDockerImage3\",\n src=ecrdeploy.DockerImageName(\"javacs3/nginx:latest\", \"username:password\"),\n # src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'aws-secrets-manager-secret-name'),\n # src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'arn:aws:secretsmanager:us-west-2:000000000000:secret:id'),\n dest=ecrdeploy.DockerImageName(f\"{cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx3:latest\")\n).add_to_principal_policy(iam.PolicyStatement(\n effect=iam.Effect.ALLOW,\n actions=[\"secretsmanager:GetSecretValue\"\n ],\n resources=[\"*\"]\n))","version":"2"},"csharp":{"source":"using Amazon.CDK.AWS.Ecr.Assets;\n\n\nvar image = new DockerImageAsset(this, \"CDKDockerImage\", new DockerImageAssetProps {\n Directory = Join(__dirname, \"docker\")\n});\n\n// Copy from cdk docker image asset to another ECR.\n// Copy from cdk docker image asset to another ECR.\nnew ECRDeployment(this, \"DeployDockerImage1\", new ECRDeploymentProps {\n Src = new DockerImageName(image.ImageUri),\n Dest = new DockerImageName($\"{cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx:latest\")\n});\n\n// Copy from docker registry to ECR.\n// Copy from docker registry to ECR.\nnew ECRDeployment(this, \"DeployDockerImage2\", new ECRDeploymentProps {\n Src = new DockerImageName(\"nginx:latest\"),\n Dest = new DockerImageName($\"{cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx2:latest\")\n});\n\n// Copy from private docker registry to ECR.\n// The format of secret in aws secrets manager must be either:\n// - plain text in format <username>:<password>\n// - json in format {\"username\":\"<username>\",\"password\":\"<password>\"}\n// Copy from private docker registry to ECR.\n// The format of secret in aws secrets manager must be either:\n// - plain text in format <username>:<password>\n// - json in format {\"username\":\"<username>\",\"password\":\"<password>\"}\nnew ECRDeployment(this, \"DeployDockerImage3\", new ECRDeploymentProps {\n Src = new DockerImageName(\"javacs3/nginx:latest\", \"username:password\"),\n // src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'aws-secrets-manager-secret-name'),\n // src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'arn:aws:secretsmanager:us-west-2:000000000000:secret:id'),\n Dest = new DockerImageName($\"{cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx3:latest\")\n}).AddToPrincipalPolicy(new PolicyStatement(new PolicyStatementProps {\n Effect = Effect.ALLOW,\n Actions = new [] { \"secretsmanager:GetSecretValue\" },\n Resources = new [] { \"*\" }\n}));","version":"1"},"java":{"source":"import software.amazon.awscdk.services.ecr.assets.DockerImageAsset;\n\n\nDockerImageAsset image = DockerImageAsset.Builder.create(this, \"CDKDockerImage\")\n .directory(join(__dirname, \"docker\"))\n .build();\n\n// Copy from cdk docker image asset to another ECR.\n// Copy from cdk docker image asset to another ECR.\nECRDeployment.Builder.create(this, \"DeployDockerImage1\")\n .src(new DockerImageName(image.getImageUri()))\n .dest(new DockerImageName(String.format(\"%s.dkr.ecr.us-west-2.amazonaws.com/my-nginx:latest\", Aws.ACCOUNT_ID)))\n .build();\n\n// Copy from docker registry to ECR.\n// Copy from docker registry to ECR.\nECRDeployment.Builder.create(this, \"DeployDockerImage2\")\n .src(new DockerImageName(\"nginx:latest\"))\n .dest(new DockerImageName(String.format(\"%s.dkr.ecr.us-west-2.amazonaws.com/my-nginx2:latest\", Aws.ACCOUNT_ID)))\n .build();\n\n// Copy from private docker registry to ECR.\n// The format of secret in aws secrets manager must be either:\n// - plain text in format <username>:<password>\n// - json in format {\"username\":\"<username>\",\"password\":\"<password>\"}\n// Copy from private docker registry to ECR.\n// The format of secret in aws secrets manager must be either:\n// - plain text in format <username>:<password>\n// - json in format {\"username\":\"<username>\",\"password\":\"<password>\"}\nECRDeployment.Builder.create(this, \"DeployDockerImage3\")\n .src(new DockerImageName(\"javacs3/nginx:latest\", \"username:password\"))\n // src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'aws-secrets-manager-secret-name'),\n // src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'arn:aws:secretsmanager:us-west-2:000000000000:secret:id'),\n .dest(new DockerImageName(String.format(\"%s.dkr.ecr.us-west-2.amazonaws.com/my-nginx3:latest\", Aws.ACCOUNT_ID)))\n .build().addToPrincipalPolicy(PolicyStatement.Builder.create()\n .effect(Effect.ALLOW)\n .actions(List.of(\"secretsmanager:GetSecretValue\"))\n .resources(List.of(\"*\"))\n .build());","version":"1"},"go":{"source":"import \"github.com/aws/aws-cdk-go/awscdk\"\n\n\nimage := awscdk.NewDockerImageAsset(this, jsii.String(\"CDKDockerImage\"), &DockerImageAssetProps{\n\tDirectory: path.join(__dirname, jsii.String(\"docker\")),\n})\n\n// Copy from cdk docker image asset to another ECR.\n// Copy from cdk docker image asset to another ECR.\necrdeploy.NewECRDeployment(this, jsii.String(\"DeployDockerImage1\"), &ECRDeploymentProps{\n\tSrc: ecrdeploy.NewDockerImageName(image.ImageUri),\n\tDest: ecrdeploy.NewDockerImageName(fmt.Sprintf(\"%v.dkr.ecr.us-west-2.amazonaws.com/my-nginx:latest\", cdk.Aws_ACCOUNT_ID())),\n})\n\n// Copy from docker registry to ECR.\n// Copy from docker registry to ECR.\necrdeploy.NewECRDeployment(this, jsii.String(\"DeployDockerImage2\"), &ECRDeploymentProps{\n\tSrc: ecrdeploy.NewDockerImageName(jsii.String(\"nginx:latest\")),\n\tDest: ecrdeploy.NewDockerImageName(fmt.Sprintf(\"%v.dkr.ecr.us-west-2.amazonaws.com/my-nginx2:latest\", cdk.Aws_ACCOUNT_ID())),\n})\n\n// Copy from private docker registry to ECR.\n// The format of secret in aws secrets manager must be either:\n// - plain text in format <username>:<password>\n// - json in format {\"username\":\"<username>\",\"password\":\"<password>\"}\n// Copy from private docker registry to ECR.\n// The format of secret in aws secrets manager must be either:\n// - plain text in format <username>:<password>\n// - json in format {\"username\":\"<username>\",\"password\":\"<password>\"}\necrdeploy.NewECRDeployment(this, jsii.String(\"DeployDockerImage3\"), &ECRDeploymentProps{\n\tSrc: ecrdeploy.NewDockerImageName(jsii.String(\"javacs3/nginx:latest\"), jsii.String(\"username:password\")),\n\t// src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'aws-secrets-manager-secret-name'),\n\t// src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'arn:aws:secretsmanager:us-west-2:000000000000:secret:id'),\n\tDest: ecrdeploy.NewDockerImageName(fmt.Sprintf(\"%v.dkr.ecr.us-west-2.amazonaws.com/my-nginx3:latest\", cdk.Aws_ACCOUNT_ID())),\n}).AddToPrincipalPolicy(awscdk.Aws_iam.NewPolicyStatement(&PolicyStatementProps{\n\tEffect: awscdk.*Aws_iam.Effect_ALLOW,\n\tActions: []*string{\n\t\tjsii.String(\"secretsmanager:GetSecretValue\"),\n\t},\n\tResources: []*string{\n\t\tjsii.String(\"*\"),\n\t},\n}))","version":"1"},"$":{"source":"import { DockerImageAsset } from 'aws-cdk-lib/aws-ecr-assets';\n\nconst image = new DockerImageAsset(this, 'CDKDockerImage', {\n directory: path.join(__dirname, 'docker'),\n});\n\n// Copy from cdk docker image asset to another ECR.\nnew ecrdeploy.ECRDeployment(this, 'DeployDockerImage1', {\n src: new ecrdeploy.DockerImageName(image.imageUri),\n dest: new ecrdeploy.DockerImageName(`${cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx:latest`),\n});\n\n// Copy from docker registry to ECR.\nnew ecrdeploy.ECRDeployment(this, 'DeployDockerImage2', {\n src: new ecrdeploy.DockerImageName('nginx:latest'),\n dest: new ecrdeploy.DockerImageName(`${cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx2:latest`),\n});\n\n// Copy from private docker registry to ECR.\n// The format of secret in aws secrets manager must be either:\n// - plain text in format <username>:<password>\n// - json in format {\"username\":\"<username>\",\"password\":\"<password>\"}\nnew ecrdeploy.ECRDeployment(this, 'DeployDockerImage3', {\n src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'username:password'),\n // src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'aws-secrets-manager-secret-name'),\n // src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'arn:aws:secretsmanager:us-west-2:000000000000:secret:id'),\n dest: new ecrdeploy.DockerImageName(`${cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx3:latest`),\n}).addToPrincipalPolicy(new iam.PolicyStatement({\n effect: iam.Effect.ALLOW,\n actions: [\n 'secretsmanager:GetSecretValue',\n ],\n resources: ['*'],\n}));","version":"0"}},"location":{"api":{"api":"moduleReadme","moduleFqn":"cdk-ecr-deployment"},"field":{"field":"markdown","line":34}},"didCompile":true,"fqnsReferenced":["aws-cdk-lib.aws_ecr_assets.DockerImageAsset","aws-cdk-lib.aws_ecr_assets.DockerImageAsset#imageUri","aws-cdk-lib.aws_ecr_assets.DockerImageAssetProps","aws-cdk-lib.aws_iam.Effect","aws-cdk-lib.aws_iam.Effect#ALLOW","aws-cdk-lib.aws_iam.PolicyStatement","aws-cdk-lib.aws_iam.PolicyStatementProps","cdk-ecr-deployment.DockerImageName","cdk-ecr-deployment.ECRDeployment","cdk-ecr-deployment.ECRDeployment#addToPrincipalPolicy","cdk-ecr-deployment.ECRDeploymentProps","cdk-ecr-deployment.IImageName"],"fullSource":"// Hoisted imports begin after !show marker below\n/// !show\nimport { DockerImageAsset } from 'aws-cdk-lib/aws-ecr-assets';\n/// !hide\n// Hoisted imports ended before !hide marker above\n// Fixture with packages imported, but nothing else\nimport * as path from 'node:path';\nimport { Construct } from 'constructs';\n import * as ecrdeploy from 'cdk-ecr-deployment';\nimport {\n Stack,\n aws_iam as iam,\n} from 'aws-cdk-lib';\nimport * as cdk from 'aws-cdk-lib';\n\nclass Fixture extends Stack {\n constructor(scope: Construct, id: string) {\n super(scope, id);\n\n // Code snippet begins after !show marker below\n/// !show\n\n\nconst image = new DockerImageAsset(this, 'CDKDockerImage', {\n directory: path.join(__dirname, 'docker'),\n});\n\n// Copy from cdk docker image asset to another ECR.\nnew ecrdeploy.ECRDeployment(this, 'DeployDockerImage1', {\n src: new ecrdeploy.DockerImageName(image.imageUri),\n dest: new ecrdeploy.DockerImageName(`${cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx:latest`),\n});\n\n// Copy from docker registry to ECR.\nnew ecrdeploy.ECRDeployment(this, 'DeployDockerImage2', {\n src: new ecrdeploy.DockerImageName('nginx:latest'),\n dest: new ecrdeploy.DockerImageName(`${cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx2:latest`),\n});\n\n// Copy from private docker registry to ECR.\n// The format of secret in aws secrets manager must be either:\n// - plain text in format <username>:<password>\n// - json in format {\"username\":\"<username>\",\"password\":\"<password>\"}\nnew ecrdeploy.ECRDeployment(this, 'DeployDockerImage3', {\n src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'username:password'),\n // src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'aws-secrets-manager-secret-name'),\n // src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'arn:aws:secretsmanager:us-west-2:000000000000:secret:id'),\n dest: new ecrdeploy.DockerImageName(`${cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx3:latest`),\n}).addToPrincipalPolicy(new iam.PolicyStatement({\n effect: iam.Effect.ALLOW,\n actions: [\n 'secretsmanager:GetSecretValue',\n ],\n resources: ['*'],\n}));\n/// !hide\n// Code snippet ended before !hide marker above\n }\n}","syntaxKindCounter":{"11":11,"16":3,"18":3,"80":51,"110":4,"209":2,"210":5,"211":21,"213":2,"214":11,"228":3,"239":3,"243":1,"244":3,"260":1,"261":1,"272":1,"273":1,"275":1,"276":1,"303":10,"307":1},"fqnsFingerprint":"b2b5036b1bfc508279d58dec7b8bdd00caa0f71123068dc963187960f976dddb"}}}
|
package/API.md
CHANGED
|
@@ -348,7 +348,12 @@ new DockerImageName(name: string, creds?: string)
|
|
|
348
348
|
|
|
349
349
|
The credentials of the docker image.
|
|
350
350
|
|
|
351
|
-
Format `user:password` or `AWS Secrets Manager secret arn` or `AWS Secrets Manager secret name
|
|
351
|
+
Format `user:password` or `AWS Secrets Manager secret arn` or `AWS Secrets Manager secret name`.
|
|
352
|
+
|
|
353
|
+
If specifying an AWS Secrets Manager secret, the format of the secret should be either plain text (`user:password`) or
|
|
354
|
+
JSON (`{"username":"<username>","password":"<password>"}`).
|
|
355
|
+
|
|
356
|
+
For more details on JSON format, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/private-auth.html
|
|
352
357
|
|
|
353
358
|
---
|
|
354
359
|
|
|
@@ -387,7 +392,12 @@ public readonly creds: string;
|
|
|
387
392
|
|
|
388
393
|
The credentials of the docker image.
|
|
389
394
|
|
|
390
|
-
Format `user:password` or `AWS Secrets Manager secret arn` or `AWS Secrets Manager secret name
|
|
395
|
+
Format `user:password` or `AWS Secrets Manager secret arn` or `AWS Secrets Manager secret name`.
|
|
396
|
+
|
|
397
|
+
If specifying an AWS Secrets Manager secret, the format of the secret should be either plain text (`user:password`) or
|
|
398
|
+
JSON (`{"username":"<username>","password":"<password>"}`).
|
|
399
|
+
|
|
400
|
+
For more details on JSON format, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/private-auth.html
|
|
391
401
|
|
|
392
402
|
---
|
|
393
403
|
|
|
@@ -430,7 +440,12 @@ new S3ArchiveName(p: string, ref?: string, creds?: string)
|
|
|
430
440
|
|
|
431
441
|
The credentials of the docker image.
|
|
432
442
|
|
|
433
|
-
Format `user:password` or `AWS Secrets Manager secret arn` or `AWS Secrets Manager secret name
|
|
443
|
+
Format `user:password` or `AWS Secrets Manager secret arn` or `AWS Secrets Manager secret name`.
|
|
444
|
+
|
|
445
|
+
If specifying an AWS Secrets Manager secret, the format of the secret should be either plain text (`user:password`) or
|
|
446
|
+
JSON (`{"username":"<username>","password":"<password>"}`).
|
|
447
|
+
|
|
448
|
+
For more details on JSON format, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/private-auth.html
|
|
434
449
|
|
|
435
450
|
---
|
|
436
451
|
|
|
@@ -469,7 +484,12 @@ public readonly creds: string;
|
|
|
469
484
|
|
|
470
485
|
The credentials of the docker image.
|
|
471
486
|
|
|
472
|
-
Format `user:password` or `AWS Secrets Manager secret arn` or `AWS Secrets Manager secret name
|
|
487
|
+
Format `user:password` or `AWS Secrets Manager secret arn` or `AWS Secrets Manager secret name`.
|
|
488
|
+
|
|
489
|
+
If specifying an AWS Secrets Manager secret, the format of the secret should be either plain text (`user:password`) or
|
|
490
|
+
JSON (`{"username":"<username>","password":"<password>"}`).
|
|
491
|
+
|
|
492
|
+
For more details on JSON format, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/private-auth.html
|
|
473
493
|
|
|
474
494
|
---
|
|
475
495
|
|
|
@@ -514,7 +534,12 @@ public readonly creds: string;
|
|
|
514
534
|
|
|
515
535
|
The credentials of the docker image.
|
|
516
536
|
|
|
517
|
-
Format `user:password` or `AWS Secrets Manager secret arn` or `AWS Secrets Manager secret name
|
|
537
|
+
Format `user:password` or `AWS Secrets Manager secret arn` or `AWS Secrets Manager secret name`.
|
|
538
|
+
|
|
539
|
+
If specifying an AWS Secrets Manager secret, the format of the secret should be either plain text (`user:password`) or
|
|
540
|
+
JSON (`{"username":"<username>","password":"<password>"}`).
|
|
541
|
+
|
|
542
|
+
For more details on JSON format, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/private-auth.html
|
|
518
543
|
|
|
519
544
|
---
|
|
520
545
|
|
package/README.md
CHANGED
|
@@ -51,7 +51,9 @@ new ecrdeploy.ECRDeployment(this, 'DeployDockerImage2', {
|
|
|
51
51
|
});
|
|
52
52
|
|
|
53
53
|
// Copy from private docker registry to ECR.
|
|
54
|
-
// The format of secret in aws secrets manager must be
|
|
54
|
+
// The format of secret in aws secrets manager must be either:
|
|
55
|
+
// - plain text in format <username>:<password>
|
|
56
|
+
// - json in format {"username":"<username>","password":"<password>"}
|
|
55
57
|
new ecrdeploy.ECRDeployment(this, 'DeployDockerImage3', {
|
|
56
58
|
src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'username:password'),
|
|
57
59
|
// src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'aws-secrets-manager-secret-name'),
|
package/lambda/go.mod
CHANGED
|
@@ -1,19 +1,136 @@
|
|
|
1
1
|
module cdk-ecr-deployment-handler
|
|
2
2
|
|
|
3
|
-
go 1.
|
|
3
|
+
go 1.24.1
|
|
4
4
|
|
|
5
5
|
require (
|
|
6
|
-
github.com/aws/aws-lambda-go v1.
|
|
7
|
-
github.com/aws/aws-sdk-go-v2 v1.
|
|
8
|
-
github.com/aws/aws-sdk-go-v2/config v1.
|
|
9
|
-
github.com/aws/aws-sdk-go-v2/service/ecr v1.
|
|
10
|
-
github.com/aws/aws-sdk-go-v2/service/s3 v1.
|
|
11
|
-
github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.
|
|
12
|
-
github.com/containers/image/v5 v5.
|
|
13
|
-
github.com/golang/groupcache v0.0.0-
|
|
6
|
+
github.com/aws/aws-lambda-go v1.47.0
|
|
7
|
+
github.com/aws/aws-sdk-go-v2 v1.36.3
|
|
8
|
+
github.com/aws/aws-sdk-go-v2/config v1.29.9
|
|
9
|
+
github.com/aws/aws-sdk-go-v2/service/ecr v1.43.0
|
|
10
|
+
github.com/aws/aws-sdk-go-v2/service/s3 v1.78.2
|
|
11
|
+
github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.35.2
|
|
12
|
+
github.com/containers/image/v5 v5.34.2
|
|
13
|
+
github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8
|
|
14
14
|
github.com/opencontainers/go-digest v1.0.0
|
|
15
15
|
github.com/pkg/errors v0.9.1
|
|
16
16
|
github.com/sirupsen/logrus v1.9.3
|
|
17
|
-
github.com/stretchr/testify v1.
|
|
18
|
-
|
|
17
|
+
github.com/stretchr/testify v1.10.0
|
|
18
|
+
)
|
|
19
|
+
|
|
20
|
+
require (
|
|
21
|
+
dario.cat/mergo v1.0.1 // indirect
|
|
22
|
+
github.com/BurntSushi/toml v1.4.0 // indirect
|
|
23
|
+
github.com/Microsoft/go-winio v0.6.2 // indirect
|
|
24
|
+
github.com/Microsoft/hcsshim v0.12.9 // indirect
|
|
25
|
+
github.com/VividCortex/ewma v1.2.0 // indirect
|
|
26
|
+
github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d // indirect
|
|
27
|
+
github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
|
|
28
|
+
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.10 // indirect
|
|
29
|
+
github.com/aws/aws-sdk-go-v2/credentials v1.17.62 // indirect
|
|
30
|
+
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.30 // indirect
|
|
31
|
+
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.34 // indirect
|
|
32
|
+
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.34 // indirect
|
|
33
|
+
github.com/aws/aws-sdk-go-v2/internal/ini v1.8.3 // indirect
|
|
34
|
+
github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.34 // indirect
|
|
35
|
+
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.3 // indirect
|
|
36
|
+
github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.7.0 // indirect
|
|
37
|
+
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.15 // indirect
|
|
38
|
+
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.15 // indirect
|
|
39
|
+
github.com/aws/aws-sdk-go-v2/service/sso v1.25.1 // indirect
|
|
40
|
+
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.29.1 // indirect
|
|
41
|
+
github.com/aws/aws-sdk-go-v2/service/sts v1.33.17 // indirect
|
|
42
|
+
github.com/aws/smithy-go v1.22.2 // indirect
|
|
43
|
+
github.com/containerd/cgroups/v3 v3.0.3 // indirect
|
|
44
|
+
github.com/containerd/errdefs v0.3.0 // indirect
|
|
45
|
+
github.com/containerd/errdefs/pkg v0.3.0 // indirect
|
|
46
|
+
github.com/containerd/stargz-snapshotter/estargz v0.16.3 // indirect
|
|
47
|
+
github.com/containerd/typeurl/v2 v2.2.3 // indirect
|
|
48
|
+
github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 // indirect
|
|
49
|
+
github.com/containers/ocicrypt v1.2.1 // indirect
|
|
50
|
+
github.com/containers/storage v1.57.2 // indirect
|
|
51
|
+
github.com/cyberphone/json-canonicalization v0.0.0-20231217050601-ba74d44ecf5f // indirect
|
|
52
|
+
github.com/cyphar/filepath-securejoin v0.3.6 // indirect
|
|
53
|
+
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
|
|
54
|
+
github.com/distribution/reference v0.6.0 // indirect
|
|
55
|
+
github.com/docker/distribution v2.8.3+incompatible // indirect
|
|
56
|
+
github.com/docker/docker v27.5.1+incompatible // indirect
|
|
57
|
+
github.com/docker/docker-credential-helpers v0.8.2 // indirect
|
|
58
|
+
github.com/docker/go-connections v0.5.0 // indirect
|
|
59
|
+
github.com/docker/go-units v0.5.0 // indirect
|
|
60
|
+
github.com/felixge/httpsnoop v1.0.4 // indirect
|
|
61
|
+
github.com/go-jose/go-jose/v4 v4.0.4 // indirect
|
|
62
|
+
github.com/go-logr/logr v1.4.2 // indirect
|
|
63
|
+
github.com/go-logr/stdr v1.2.2 // indirect
|
|
64
|
+
github.com/go-openapi/analysis v0.23.0 // indirect
|
|
65
|
+
github.com/go-openapi/errors v0.22.0 // indirect
|
|
66
|
+
github.com/go-openapi/jsonpointer v0.21.0 // indirect
|
|
67
|
+
github.com/go-openapi/jsonreference v0.21.0 // indirect
|
|
68
|
+
github.com/go-openapi/loads v0.22.0 // indirect
|
|
69
|
+
github.com/go-openapi/runtime v0.28.0 // indirect
|
|
70
|
+
github.com/go-openapi/spec v0.21.0 // indirect
|
|
71
|
+
github.com/go-openapi/strfmt v0.23.0 // indirect
|
|
72
|
+
github.com/go-openapi/swag v0.23.0 // indirect
|
|
73
|
+
github.com/go-openapi/validate v0.24.0 // indirect
|
|
74
|
+
github.com/gogo/protobuf v1.3.2 // indirect
|
|
75
|
+
github.com/golang/protobuf v1.5.4 // indirect
|
|
76
|
+
github.com/google/go-containerregistry v0.20.2 // indirect
|
|
77
|
+
github.com/google/go-intervals v0.0.2 // indirect
|
|
78
|
+
github.com/google/uuid v1.6.0 // indirect
|
|
79
|
+
github.com/gorilla/mux v1.8.1 // indirect
|
|
80
|
+
github.com/hashicorp/errwrap v1.1.0 // indirect
|
|
81
|
+
github.com/hashicorp/go-multierror v1.1.1 // indirect
|
|
82
|
+
github.com/josharian/intern v1.0.0 // indirect
|
|
83
|
+
github.com/json-iterator/go v1.1.12 // indirect
|
|
84
|
+
github.com/klauspost/compress v1.17.11 // indirect
|
|
85
|
+
github.com/klauspost/pgzip v1.2.6 // indirect
|
|
86
|
+
github.com/letsencrypt/boulder v0.0.0-20240620165639-de9c06129bec // indirect
|
|
87
|
+
github.com/mailru/easyjson v0.7.7 // indirect
|
|
88
|
+
github.com/mattn/go-runewidth v0.0.16 // indirect
|
|
89
|
+
github.com/mattn/go-sqlite3 v1.14.24 // indirect
|
|
90
|
+
github.com/miekg/pkcs11 v1.1.1 // indirect
|
|
91
|
+
github.com/mistifyio/go-zfs/v3 v3.0.1 // indirect
|
|
92
|
+
github.com/mitchellh/mapstructure v1.5.0 // indirect
|
|
93
|
+
github.com/moby/docker-image-spec v1.3.1 // indirect
|
|
94
|
+
github.com/moby/sys/capability v0.4.0 // indirect
|
|
95
|
+
github.com/moby/sys/mountinfo v0.7.2 // indirect
|
|
96
|
+
github.com/moby/sys/user v0.3.0 // indirect
|
|
97
|
+
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
|
|
98
|
+
github.com/modern-go/reflect2 v1.0.2 // indirect
|
|
99
|
+
github.com/oklog/ulid v1.3.1 // indirect
|
|
100
|
+
github.com/opencontainers/image-spec v1.1.0 // indirect
|
|
101
|
+
github.com/opencontainers/runtime-spec v1.2.0 // indirect
|
|
102
|
+
github.com/opencontainers/selinux v1.11.1 // indirect
|
|
103
|
+
github.com/ostreedev/ostree-go v0.0.0-20210805093236-719684c64e4f // indirect
|
|
104
|
+
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
|
|
105
|
+
github.com/proglottis/gpgme v0.1.4 // indirect
|
|
106
|
+
github.com/rivo/uniseg v0.4.7 // indirect
|
|
107
|
+
github.com/secure-systems-lab/go-securesystemslib v0.9.0 // indirect
|
|
108
|
+
github.com/sigstore/fulcio v1.6.4 // indirect
|
|
109
|
+
github.com/sigstore/rekor v1.3.8 // indirect
|
|
110
|
+
github.com/sigstore/sigstore v1.8.12 // indirect
|
|
111
|
+
github.com/smallstep/pkcs7 v0.1.1 // indirect
|
|
112
|
+
github.com/stefanberger/go-pkcs11uri v0.0.0-20230803200340-78284954bff6 // indirect
|
|
113
|
+
github.com/sylabs/sif/v2 v2.20.2 // indirect
|
|
114
|
+
github.com/tchap/go-patricia/v2 v2.3.2 // indirect
|
|
115
|
+
github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 // indirect
|
|
116
|
+
github.com/ulikunitz/xz v0.5.12 // indirect
|
|
117
|
+
github.com/vbatts/tar-split v0.11.7 // indirect
|
|
118
|
+
github.com/vbauerster/mpb/v8 v8.9.1 // indirect
|
|
119
|
+
go.mongodb.org/mongo-driver v1.14.0 // indirect
|
|
120
|
+
go.opencensus.io v0.24.0 // indirect
|
|
121
|
+
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.54.0 // indirect
|
|
122
|
+
go.opentelemetry.io/otel v1.31.0 // indirect
|
|
123
|
+
go.opentelemetry.io/otel/metric v1.31.0 // indirect
|
|
124
|
+
go.opentelemetry.io/otel/trace v1.31.0 // indirect
|
|
125
|
+
golang.org/x/crypto v0.35.0 // indirect
|
|
126
|
+
golang.org/x/exp v0.0.0-20241217172543-b2144cdd0a67 // indirect
|
|
127
|
+
golang.org/x/net v0.36.0 // indirect
|
|
128
|
+
golang.org/x/sync v0.11.0 // indirect
|
|
129
|
+
golang.org/x/sys v0.30.0 // indirect
|
|
130
|
+
golang.org/x/term v0.29.0 // indirect
|
|
131
|
+
golang.org/x/text v0.22.0 // indirect
|
|
132
|
+
google.golang.org/genproto/googleapis/rpc v0.0.0-20250102185135-69823020774d // indirect
|
|
133
|
+
google.golang.org/grpc v1.69.4 // indirect
|
|
134
|
+
google.golang.org/protobuf v1.36.2 // indirect
|
|
135
|
+
gopkg.in/yaml.v3 v3.0.1 // indirect
|
|
19
136
|
)
|