Update CHANGELOG

Add example for Google Container Registry (GCR)

.github/workflows/ci.yml

@@ -18,7 +18,7 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@v2.3.1
+        uses: actions/checkout@v2.3.2
       -
         name: Login to DockerHub
         uses: ./
@@ -43,7 +43,7 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@v2.3.1
+        uses: actions/checkout@v2.3.2
       -
         name: Login to GitHub Package Registry
         uses: ./
@@ -69,7 +69,7 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@v2.3.1
+        uses: actions/checkout@v2.3.2
       -
         name: Login to GitLab
         uses: ./
@@ -83,3 +83,29 @@ jobs:
         if: always()
         run: |
           rm -f ${HOME}/.docker/config.json
+
+  ecr:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        logout:
+          - true
+          - false
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v2.3.1
+      -
+        name: Login to ECR
+        uses: ./
+        with:
+          registry: ${{ secrets.AWS_ACCOUNT_NUMBER }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com
+          username: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          password: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          logout: ${{ matrix.logout }}
+      -
+        name: Clear
+        if: always()
+        run: |
+          rm -f ${HOME}/.docker/config.json

.github/workflows/labels.yml

@@ -14,7 +14,7 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@v2.3.1
+        uses: actions/checkout@v2.3.2
       -
         name: Run Labeler
         if: success()

.github/workflows/pre-checkin.yml

@@ -14,7 +14,7 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@v2.3.1
+        uses: actions/checkout@v2.3.2
       -
         name: Install
         run: yarn install

CHANGELOG.md

@@ -1,5 +1,10 @@
 # Changelog
 
+## 1.2.0 (2020/08/20)
+
+* Add support for AWS Elastic Container Registry (ECR)
+* Add example for Google Container Registry (GCR)
+
 ## 1.1.1 (2020/08/16)
 
 * Typo

README.md

@@ -18,6 +18,8 @@ ___
   * [DockerHub](#dockerhub)
   * [GitHub Package Registry](#github-package-registry)
   * [GitLab](#gitlab)
+  * [Google Container Registry (GCR)](#gitlab)
+  * [AWS Elastic Container Registry (ECR)](#gitlab)
 * [Customizing](#customizing)
   * [inputs](#inputs)
 * [Limitation](#limitation)
@@ -34,7 +36,6 @@ name: ci
 on:
   push:
     branches: master
-    tags:
 
 jobs:
   login:
@@ -59,7 +60,6 @@ name: ci
 on:
   push:
     branches: master
-    tags:
 
 jobs:
   login:
@@ -85,7 +85,6 @@ name: ci
 on:
   push:
     branches: master
-    tags:
 
 jobs:
   login:
@@ -103,6 +102,67 @@ jobs:
           password: ${{ secrets.GITLAB_PASSWORD }}
 ```
 
+### Google Container Registry (GCR)
+
+Use a service account with the ability to push to GCR and [configure access control](https://cloud.google.com/container-registry/docs/access-control).
+Then create and download the JSON key for this service account and save content of `.json` file
+[as a secret](https://docs.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets#creating-encrypted-secrets-for-a-repository)
+called `GCR_JSON_KEY` in your GitHub repo. Ensure you set the username to `_json_key`.
+
+```yaml
+name: ci
+
+on:
+  push:
+    branches: master
+
+jobs:
+  login:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v2
+      -
+        name: Login to GCR
+        uses: crazy-max/ghaction-docker-login@v1
+        with:
+          registry: gcr.io
+          username: _json_key
+          password: ${{ secrets.GCR_JSON_KEY }}
+```
+
+### AWS Elastic Container Registry (ECR)
+
+Use an IAM user with the [ability to push to ECR](https://docs.aws.amazon.com/AmazonECR/latest/userguide/ecr_managed_policies.html).
+Then create and download access keys and save `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` [as secrets](https://docs.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets#creating-encrypted-secrets-for-a-repository)
+in your GitHub repo.
+
+```yaml
+name: ci
+
+on:
+  push:
+    branches: master
+
+jobs:
+  login:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v2
+      -
+        name: Login to ECR
+        uses: crazy-max/ghaction-docker-login@v1
+        with:
+          registry: <aws-account-number>.dkr.ecr.<region>.amazonaws.com
+          username: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          password: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+```
+
+> Replace `<aws-account-number>` and `<region>` with their respective values.
+
 ## Customizing
 
 ### inputs

dist/index.js

@@ -953,6 +953,32 @@ class ExecState extends events.EventEmitter {
 
 /***/ }),
 
+/***/ 34:
+/***/ (function(__unusedmodule, exports) {
+
+"use strict";
+
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getRegion = exports.isECR = void 0;
+exports.isECR = (registry) => __awaiter(void 0, void 0, void 0, function* () {
+    return registry.includes('amazonaws');
+});
+exports.getRegion = (registry) => __awaiter(void 0, void 0, void 0, function* () {
+    return registry.substring(registry.indexOf('ecr.') + 4, registry.indexOf('.amazonaws'));
+});
+//# sourceMappingURL=ecr.js.map
+
+/***/ }),
+
 /***/ 87:
 /***/ (function(module) {
 
@@ -1048,7 +1074,8 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 Object.defineProperty(exports, "__esModule", { value: true });
 const os = __importStar(__webpack_require__(87));
 const core = __importStar(__webpack_require__(470));
-const exec = __importStar(__webpack_require__(807));
+const context_1 = __webpack_require__(482);
+const docker = __importStar(__webpack_require__(231));
 const stateHelper = __importStar(__webpack_require__(153));
 function run() {
     return __awaiter(this, void 0, void 0, function* () {
@@ -1057,22 +1084,10 @@ function run() {
                 core.setFailed('Only supported on linux platform');
                 return;
             }
-            const registry = core.getInput('registry');
-            stateHelper.setRegistry(registry);
-            stateHelper.setLogout(core.getInput('logout'));
-            const username = core.getInput('username');
-            const password = core.getInput('password', { required: true });
-            let loginArgs = ['login', '--password', password];
-            if (username) {
-                loginArgs.push('--username', username);
-            }
-            loginArgs.push(registry);
-            yield exec.exec('docker', loginArgs, true).then(res => {
-                if (res.stderr != '' && !res.success) {
-                    throw new Error(res.stderr);
-                }
-                core.info('🎉 Login Succeeded!');
-            });
+            let inputs = yield context_1.getInputs();
+            stateHelper.setRegistry(inputs.registry);
+            stateHelper.setLogout(inputs.logout);
+            yield docker.login(inputs.registry, inputs.username, inputs.password);
         }
         catch (error) {
             core.setFailed(error.message);
@@ -1084,11 +1099,7 @@ function logout() {
         if (!stateHelper.logout) {
             return;
         }
-        yield exec.exec('docker', ['logout', stateHelper.registry], false).then(res => {
-            if (res.stderr != '' && !res.success) {
-                core.warning(res.stderr);
-            }
-        });
+        yield docker.logout(stateHelper.registry);
     });
 }
 if (!stateHelper.IsPost) {
@@ -1101,6 +1112,114 @@ else {
 
 /***/ }),
 
+/***/ 231:
+/***/ (function(__unusedmodule, exports, __webpack_require__) {
+
+"use strict";
+
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.loginECR = exports.loginStandard = exports.logout = exports.login = void 0;
+const exec = __importStar(__webpack_require__(986));
+const core = __importStar(__webpack_require__(470));
+const ecr = __importStar(__webpack_require__(34));
+const execm = __importStar(__webpack_require__(807));
+function login(registry, username, password) {
+    return __awaiter(this, void 0, void 0, function* () {
+        if (yield ecr.isECR(registry)) {
+            yield loginECR(registry, username, password);
+        }
+        else {
+            yield loginStandard(registry, username, password);
+        }
+    });
+}
+exports.login = login;
+function logout(registry) {
+    return __awaiter(this, void 0, void 0, function* () {
+        yield execm.exec('docker', ['logout', registry], false).then(res => {
+            if (res.stderr != '' && !res.success) {
+                core.warning(res.stderr);
+            }
+        });
+    });
+}
+exports.logout = logout;
+function loginStandard(registry, username, password) {
+    return __awaiter(this, void 0, void 0, function* () {
+        let loginArgs = ['login', '--password', password];
+        if (username) {
+            loginArgs.push('--username', username);
+        }
+        loginArgs.push(registry);
+        if (registry) {
+            core.info(`🔑 Logging into ${registry}...`);
+        }
+        else {
+            core.info(`🔑 Logging into DockerHub...`);
+        }
+        yield execm.exec('docker', loginArgs, true).then(res => {
+            if (res.stderr != '' && !res.success) {
+                throw new Error(res.stderr);
+            }
+            core.info('🎉 Login Succeeded!');
+        });
+    });
+}
+exports.loginStandard = loginStandard;
+function loginECR(registry, username, password) {
+    return __awaiter(this, void 0, void 0, function* () {
+        yield exec.exec('aws', ['--version']);
+        const ecrRegion = yield ecr.getRegion(registry);
+        process.env.AWS_ACCESS_KEY_ID = username;
+        process.env.AWS_SECRET_ACCESS_KEY = password;
+        core.info(`⬇️ Retrieving docker login command for ECR region ${ecrRegion}...`);
+        yield execm.exec('aws', ['ecr', 'get-login', '--region', ecrRegion, '--no-include-email'], true).then(res => {
+            if (res.stderr != '' && !res.success) {
+                throw new Error(res.stderr);
+            }
+            core.info(`🔑 Logging into ${registry}...`);
+            execm.exec(res.stdout, [], true).then(res => {
+                if (res.stderr != '' && !res.success) {
+                    throw new Error(res.stderr);
+                }
+                core.info('🎉 Login Succeeded!');
+            });
+        });
+    });
+}
+exports.loginECR = loginECR;
+//# sourceMappingURL=docker.js.map
+
+/***/ }),
+
 /***/ 357:
 /***/ (function(module) {
 
@@ -1436,6 +1555,57 @@ exports.getState = getState;
 
 /***/ }),
 
+/***/ 482:
+/***/ (function(__unusedmodule, exports, __webpack_require__) {
+
+"use strict";
+
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getInputs = void 0;
+const core = __importStar(__webpack_require__(470));
+function getInputs() {
+    return __awaiter(this, void 0, void 0, function* () {
+        return {
+            registry: core.getInput('registry'),
+            username: core.getInput('username'),
+            password: core.getInput('password', { required: true }),
+            logout: core.getInput('logout')
+        };
+    });
+}
+exports.getInputs = getInputs;
+//# sourceMappingURL=context.js.map
+
+/***/ }),
+
 /***/ 614:
 /***/ (function(module) {
 

src/context.ts

@@ -0,0 +1,17 @@
+import * as core from '@actions/core';
+
+export interface Inputs {
+  registry: string;
+  username: string;
+  password: string;
+  logout: string;
+}
+
+export async function getInputs(): Promise<Inputs> {
+  return {
+    registry: core.getInput('registry'),
+    username: core.getInput('username'),
+    password: core.getInput('password', {required: true}),
+    logout: core.getInput('logout')
+  };
+}

src/docker.ts

@@ -0,0 +1,61 @@
+import * as exec from '@actions/exec';
+import * as core from '@actions/core';
+import * as ecr from './ecr';
+import * as execm from './exec';
+
+export async function login(registry: string, username: string, password: string): Promise<void> {
+  if (await ecr.isECR(registry)) {
+    await loginECR(registry, username, password);
+  } else {
+    await loginStandard(registry, username, password);
+  }
+}
+
+export async function logout(registry: string): Promise<void> {
+  await execm.exec('docker', ['logout', registry], false).then(res => {
+    if (res.stderr != '' && !res.success) {
+      core.warning(res.stderr);
+    }
+  });
+}
+
+export async function loginStandard(registry: string, username: string, password: string): Promise<void> {
+  let loginArgs: Array<string> = ['login', '--password', password];
+  if (username) {
+    loginArgs.push('--username', username);
+  }
+  loginArgs.push(registry);
+
+  if (registry) {
+    core.info(`🔑 Logging into ${registry}...`);
+  } else {
+    core.info(`🔑 Logging into DockerHub...`);
+  }
+  await execm.exec('docker', loginArgs, true).then(res => {
+    if (res.stderr != '' && !res.success) {
+      throw new Error(res.stderr);
+    }
+    core.info('🎉 Login Succeeded!');
+  });
+}
+
+export async function loginECR(registry: string, username: string, password: string): Promise<void> {
+  await exec.exec('aws', ['--version']);
+  const ecrRegion = await ecr.getRegion(registry);
+  process.env.AWS_ACCESS_KEY_ID = username;
+  process.env.AWS_SECRET_ACCESS_KEY = password;
+
+  core.info(`⬇️ Retrieving docker login command for ECR region ${ecrRegion}...`);
+  await execm.exec('aws', ['ecr', 'get-login', '--region', ecrRegion, '--no-include-email'], true).then(res => {
+    if (res.stderr != '' && !res.success) {
+      throw new Error(res.stderr);
+    }
+    core.info(`🔑 Logging into ${registry}...`);
+    execm.exec(res.stdout, [], true).then(res => {
+      if (res.stderr != '' && !res.success) {
+        throw new Error(res.stderr);
+      }
+      core.info('🎉 Login Succeeded!');
+    });
+  });
+}

src/ecr.ts

@@ -0,0 +1,7 @@
+export const isECR = async (registry: string): Promise<boolean> => {
+  return registry.includes('amazonaws');
+};
+
+export const getRegion = async (registry: string): Promise<string> => {
+  return registry.substring(registry.indexOf('ecr.') + 4, registry.indexOf('.amazonaws'));
+};

src/main.ts

@@ -1,6 +1,7 @@
 import * as os from 'os';
 import * as core from '@actions/core';
-import * as exec from './exec';
+import {getInputs, Inputs} from './context';
+import * as docker from './docker';
 import * as stateHelper from './state-helper';
 
 async function run(): Promise<void> {
@@ -10,25 +11,10 @@ async function run(): Promise<void> {
       return;
     }
 
-    const registry: string = core.getInput('registry');
-    stateHelper.setRegistry(registry);
-    stateHelper.setLogout(core.getInput('logout'));
-
-    const username: string = core.getInput('username');
-    const password: string = core.getInput('password', {required: true});
-
-    let loginArgs: Array<string> = ['login', '--password', password];
-    if (username) {
-      loginArgs.push('--username', username);
-    }
-    loginArgs.push(registry);
-
-    await exec.exec('docker', loginArgs, true).then(res => {
-      if (res.stderr != '' && !res.success) {
-        throw new Error(res.stderr);
-      }
-      core.info('🎉 Login Succeeded!');
-    });
+    let inputs: Inputs = await getInputs();
+    stateHelper.setRegistry(inputs.registry);
+    stateHelper.setLogout(inputs.logout);
+    await docker.login(inputs.registry, inputs.username, inputs.password);
   } catch (error) {
     core.setFailed(error.message);
   }
@@ -38,11 +24,7 @@ async function logout(): Promise<void> {
   if (!stateHelper.logout) {
     return;
   }
-  await exec.exec('docker', ['logout', stateHelper.registry], false).then(res => {
-    if (res.stderr != '' && !res.success) {
-      core.warning(res.stderr);
-    }
-  });
+  await docker.logout(stateHelper.registry);
 }
 
 if (!stateHelper.IsPost) {