docker/login-action
1
0
Fork 0
mirror of https://github.com/docker/login-action.git synced 2025-03-26 08:40:05 +01:00
Code Activity
login-action/__tests__/aws.test.ts
Helen Lim a98cecd3e7 feature: Support multi reagion login for AWS ECR 
This adds support for allowing AWS ECR logins via multiple regions.

Functionality is quite similar to the existing support for multi-AWS
accounts. This adds in a new valid environment variable `AWS_REGIONS`
that can additionally be used to run the login against multiple regions.

Main changes are in `aws.ts` where `getRegion` is replaced by
`getRegions` which will construct and return a list rather than a
string. Since `getRegistriesData` already returns `regDatas` in a list
due to its support for multi-aws-accounts, all I really needed to add
was a `for-loop` wrapper to iterate on regions around the existing loop
that iterates on account IDs.

Signed-off-by: Helen Lim <hlim2@atlassian.com>
2025-02-28 11:42:01 -05:00

262 lines
8 KiB
TypeScript
Raw Blame History

import {beforeEach, describe, expect, jest, test} from '@jest/globals';
import {AuthorizationData} from '@aws-sdk/client-ecr';
import * as aws from '../src/aws';
describe('isECR', () => {
test.each([
['registry.gitlab.com', false],
['gcr.io', false],
['012345678901.dkr.ecr.eu-west-3.amazonaws.com', true],
['876820548815.dkr.ecr.cn-north-1.amazonaws.com.cn', true],
['390948362332.dkr.ecr.cn-northwest-1.amazonaws.com.cn', true],
['public.ecr.aws', true]
])('given registry %p', async (registry, expected) => {
expect(aws.isECR(registry)).toEqual(expected);
});
});
describe('isPubECR', () => {
test.each([
['registry.gitlab.com', false],
['gcr.io', false],
['012345678901.dkr.ecr.eu-west-3.amazonaws.com', false],
['876820548815.dkr.ecr.cn-north-1.amazonaws.com.cn', false],
['390948362332.dkr.ecr.cn-northwest-1.amazonaws.com.cn', false],
['public.ecr.aws', true]
])('given registry %p', async (registry, expected) => {
expect(aws.isPubECR(registry)).toEqual(expected);
});
});
describe('getRegions', () => {
test.each([
['012345678901.dkr.ecr.eu-west-3.amazonaws.com', undefined, ['eu-west-3']],
['876820548815.dkr.ecr.cn-north-1.amazonaws.com.cn', undefined, ['cn-north-1']],
['390948362332.dkr.ecr.cn-northwest-1.amazonaws.com.cn', undefined, ['cn-northwest-1']],
['public.ecr.aws', undefined, ['us-east-1']],
['012345678901.dkr.ecr.eu-west-3.amazonaws.com', 'us-west-1,us-east-1', ['eu-west-3', 'us-west-1', 'us-east-1']],
['012345678901.dkr.ecr.eu-west-3.amazonaws.com', 'us-west-1,eu-west-3,us-east-1', ['eu-west-3', 'us-west-1', 'us-east-1']],
['', 'us-west-1,us-east-1', ['us-west-1', 'us-east-1']],
['', 'us-west-1,us-east-1,us-east-1', ['us-west-1', 'us-east-1']]
])('given registry %p', async (registry, regionsEnv, expected) => {
if (regionsEnv) {
process.env.AWS_REGIONS = regionsEnv;
}
expect(aws.getRegions(registry)).toEqual(expected);
});
});
describe('getAccountIDs', () => {
test.each([
['012345678901.dkr.ecr.eu-west-3.amazonaws.com', undefined, ['012345678901']],
['012345678901.dkr.ecr.eu-west-3.amazonaws.com', '012345678910,023456789012', ['012345678901', '012345678910', '023456789012']],
['012345678901.dkr.ecr.eu-west-3.amazonaws.com', '012345678901,012345678910,023456789012', ['012345678901', '012345678910', '023456789012']],
['390948362332.dkr.ecr.cn-northwest-1.amazonaws.com.cn', '012345678910,023456789012', ['390948362332', '012345678910', '023456789012']],
['public.ecr.aws', undefined, []]
])('given registry %p', async (registry, accountIDsEnv, expected) => {
if (accountIDsEnv) {
process.env.AWS_ACCOUNT_IDS = accountIDsEnv;
}
expect(aws.getAccountIDs(registry)).toEqual(expected);
});
});
const mockEcrGetAuthToken = jest.fn();
const mockEcrPublicGetAuthToken = jest.fn();
jest.mock('@aws-sdk/client-ecr', () => {
return {
ECR: jest.fn(() => ({
getAuthorizationToken: mockEcrGetAuthToken
}))
};
});
jest.mock('@aws-sdk/client-ecr-public', () => {
return {
ECRPUBLIC: jest.fn(() => ({
getAuthorizationToken: mockEcrPublicGetAuthToken
}))
};
});
describe('getRegistriesData', () => {
beforeEach(() => {
jest.clearAllMocks();
delete process.env.AWS_ACCOUNT_IDS;
delete process.env.AWS_REGIONS;
});
// prettier-ignore
test.each([
[
'012345678901.dkr.ecr.aws-region-1.amazonaws.com',
'dkr.ecr.aws-region-1.amazonaws.com', undefined, undefined,
[
{
registry: '012345678901.dkr.ecr.aws-region-1.amazonaws.com',
username: '012345678901',
password: 'world'
}
]
],
[
'012345678901.dkr.ecr.eu-west-3.amazonaws.com',
'dkr.ecr.eu-west-3.amazonaws.com',
'012345678910,023456789012',
undefined,
[
{
registry: '012345678901.dkr.ecr.eu-west-3.amazonaws.com',
username: '012345678901',
password: 'world'
},
{
registry: '012345678910.dkr.ecr.eu-west-3.amazonaws.com',
username: '012345678910',
password: 'world'
},
{
registry: '023456789012.dkr.ecr.eu-west-3.amazonaws.com',
username: '023456789012',
password: 'world'
}
]
],
[
'public.ecr.aws',
undefined,
undefined,
undefined,
[
{
registry: 'public.ecr.aws',
username: 'AWS',
password: 'world'
}
]
],
[
'012345678901.dkr.ecr.eu-west-3.amazonaws.com',
undefined,
undefined,
'us-west-1,us-east-3',
[
{
registry: '012345678901.dkr.ecr.eu-west-3.amazonaws.com',
username: '012345678901',
password: 'world'
},
{
registry: '012345678901.dkr.ecr.us-west-1.amazonaws.com',
username: '012345678901',
password: 'world'
},
{
registry: '012345678901.dkr.ecr.us-east-3.amazonaws.com',
username: '012345678901',
password: 'world'
}
],
],
[
'012345678901.dkr.ecr.eu-west-3.amazonaws.com',
undefined,
'023456789012',
'us-west-1,us-east-3',
[
{
registry: '012345678901.dkr.ecr.eu-west-3.amazonaws.com',
username: '012345678901',
password: 'world'
},
{
registry: '023456789012.dkr.ecr.eu-west-3.amazonaws.com',
username: '023456789012',
password: 'world'
},
{
registry: '012345678901.dkr.ecr.us-west-1.amazonaws.com',
username: '012345678901',
password: 'world'
},
{
registry: '023456789012.dkr.ecr.us-west-1.amazonaws.com',
username: '023456789012',
password: 'world'
},
{
registry: '012345678901.dkr.ecr.us-east-3.amazonaws.com',
username: '012345678901',
password: 'world'
},
{
registry: '023456789012.dkr.ecr.us-east-3.amazonaws.com',
username: '023456789012',
password: 'world'
}
]
],
[
'',
undefined,
'012345678901,023456789012',
'us-west-1,us-east-3',
[
{
registry: '012345678901.dkr.ecr.us-west-1.amazonaws.com',
username: '012345678901',
password: 'world'
},
{
registry: '023456789012.dkr.ecr.us-west-1.amazonaws.com',
username: '023456789012',
password: 'world'
},
{
registry: '012345678901.dkr.ecr.us-east-3.amazonaws.com',
username: '012345678901',
password: 'world'
},
{
registry: '023456789012.dkr.ecr.us-east-3.amazonaws.com',
username: '023456789012',
password: 'world'
}
]
]
])('given registry %p', async (registry, fqdn, accountIDsEnv, regionsEnv, expected: aws.RegistryData[]) => {
if (accountIDsEnv) {
process.env.AWS_ACCOUNT_IDS = accountIDsEnv;
}
if (regionsEnv) {
process.env.AWS_REGIONS = regionsEnv;
}
const accountIDs = aws.getAccountIDs(registry);
const regions = aws.getRegions(registry);
const authDataByRegion: AuthorizationData[][] = [];
if (accountIDs.length == 0) {
mockEcrPublicGetAuthToken.mockImplementation(() => ({
authorizationData: {
authorizationToken: Buffer.from(`AWS:world`).toString('base64'),
}
}));
} else {
regions.forEach(region => {
const regionAuthData = accountIDs.map(accountID => ({
authorizationToken: Buffer.from(`${accountID}:world`).toString('base64'),
proxyEndpoint: `${accountID}.dkr.ecr.${region}.amazonaws.com`
}));
authDataByRegion.push(regionAuthData);
});
mockEcrGetAuthToken.mockImplementation(() => {
const regionAuthData = authDataByRegion.shift();
return { authorizationData: regionAuthData };
});
}
const regData = await aws.getRegistriesData(registry);
expect(regData).toEqual(expected);
});
});
View git blame Copy permalink