renovate
Version:
Automated dependency updates. Flexible so you don't need to be.
42 lines (41 loc) • 1.83 kB
JavaScript
import { regEx } from "../../../util/regex.js";
import { addSecretForSanitizing } from "../../../util/sanitize.js";
import { logger } from "../../../logger/index.js";
import { ECR } from "@aws-sdk/client-ecr";
//#region lib/modules/datasource/docker/ecr.ts
const ecrRegex = regEx(/\d+\.(?:dkr\.ecr|dkr-ecr)(?:-fips)?\.([-a-z0-9]+)\.(?:amazonaws\.com|on\.aws)/);
const ecrPublicRegex = regEx(/public\.ecr\.aws|ecr-public\.aws\.com/);
async function getECRAuthToken(region, opts) {
const config = { region };
if (opts.username === `AWS` && opts.password) {
logger.trace(`AWS user specified, encoding basic auth credentials for ECR registry`);
return Buffer.from(`AWS:${opts.password}`).toString("base64");
} else if (opts.username && opts.password) {
logger.trace(`Using AWS accessKey to get Authorization token for ECR registry`);
config.credentials = {
accessKeyId: opts.username,
secretAccessKey: opts.password,
...opts.token && { sessionToken: opts.token }
};
}
const ecr = new ECR(config);
try {
const authorizationToken = (await ecr.getAuthorizationToken({}))?.authorizationData?.[0]?.authorizationToken;
if (authorizationToken) {
addSecretForSanitizing(authorizationToken);
return authorizationToken;
}
logger.warn("Could not extract authorizationToken from ECR getAuthorizationToken response");
} catch (err) {
logger.trace({ err }, "err");
logger.warn("ECR getAuthorizationToken error");
}
return null;
}
function isECRMaxResultsError(err) {
const resp = err.response;
return !!(resp?.statusCode === 405 && resp.headers?.["docker-distribution-api-version"] && resp.body?.errors?.[0]?.message?.includes("Member must have value less than or equal to 1000"));
}
//#endregion
export { ecrPublicRegex, ecrRegex, getECRAuthToken, isECRMaxResultsError };
//# sourceMappingURL=ecr.js.map