-
Notifications
You must be signed in to change notification settings - Fork 174
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: logout docker registries in post step (#70)
* feat: logout docker registries in post step * attempt to logout all registries, even if some fail Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
- Loading branch information
1 parent
a004fcf
commit 6cfbb32
Showing
7 changed files
with
211 additions
and
9 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -13,3 +13,4 @@ outputs: | |
runs: | ||
using: 'node12' | ||
main: 'dist/index.js' | ||
post: 'dist/cleanup/index.js' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
const core = require('@actions/core'); | ||
const exec = require('@actions/exec'); | ||
|
||
/** | ||
* When the GitHub Actions job is done, remove saved ECR credentials from the | ||
* local Docker engine in the job's environment. | ||
*/ | ||
|
||
async function cleanup() { | ||
try { | ||
const registriesState = core.getState('registries'); | ||
if (registriesState) { | ||
const registries = registriesState.split(','); | ||
const failedLogouts = []; | ||
|
||
for (const registry of registries) { | ||
core.debug(`Logging out registry ${registry}`); | ||
|
||
// Execute the docker logout command | ||
let doLogoutStdout = ''; | ||
let doLogoutStderr = ''; | ||
const exitCode = await exec.exec('docker logout', [registry], { | ||
silent: true, | ||
ignoreReturnCode: true, | ||
listeners: { | ||
stdout: (data) => { | ||
doLogoutStdout += data.toString(); | ||
}, | ||
stderr: (data) => { | ||
doLogoutStderr += data.toString(); | ||
} | ||
} | ||
}); | ||
|
||
if (exitCode != 0) { | ||
core.debug(doLogoutStdout); | ||
core.error(`Could not logout registry ${registry}: ${doLogoutStderr}`); | ||
failedLogouts.push(registry); | ||
} | ||
} | ||
|
||
if (failedLogouts.length) { | ||
throw new Error(`Failed to logout: ${failedLogouts.join(',')}`); | ||
} | ||
} | ||
} | ||
catch (error) { | ||
core.setFailed(error.message); | ||
} | ||
} | ||
|
||
module.exports = cleanup; | ||
|
||
/* istanbul ignore next */ | ||
if (require.main === module) { | ||
cleanup(); | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,85 @@ | ||
const cleanup = require('./cleanup.js'); | ||
const core = require('@actions/core'); | ||
const exec = require('@actions/exec'); | ||
|
||
jest.mock('@actions/core'); | ||
jest.mock('@actions/exec'); | ||
|
||
describe('Logout from ECR', () => { | ||
|
||
beforeEach(() => { | ||
jest.clearAllMocks(); | ||
|
||
core.getState.mockReturnValue( | ||
'123456789012.dkr.ecr.aws-region-1.amazonaws.com,111111111111.dkr.ecr.aws-region-1.amazonaws.com'); | ||
exec.exec.mockReturnValue(0); | ||
}); | ||
|
||
test('logs out docker client for registries in action state', async () => { | ||
await cleanup(); | ||
|
||
expect(core.getState).toHaveBeenCalledWith('registries'); | ||
|
||
expect(exec.exec).toHaveBeenCalledTimes(2); | ||
expect(exec.exec).toHaveBeenNthCalledWith(1, | ||
'docker logout', | ||
['123456789012.dkr.ecr.aws-region-1.amazonaws.com'], | ||
expect.anything()); | ||
expect(exec.exec).toHaveBeenNthCalledWith(2, | ||
'docker logout', | ||
['111111111111.dkr.ecr.aws-region-1.amazonaws.com'], | ||
expect.anything()); | ||
|
||
expect(core.setFailed).toHaveBeenCalledTimes(0); | ||
}); | ||
|
||
test('handles zero registries', async () => { | ||
core.getState.mockReturnValue(''); | ||
|
||
await cleanup(); | ||
|
||
expect(core.getState).toHaveBeenCalledWith('registries'); | ||
|
||
expect(exec.exec).toHaveBeenCalledTimes(0); | ||
expect(core.setFailed).toHaveBeenCalledTimes(0); | ||
}); | ||
|
||
test('error is caught by core.setFailed for failed docker logout', async () => { | ||
exec.exec.mockReturnValue(1); | ||
|
||
await cleanup(); | ||
|
||
expect(core.setFailed).toBeCalled(); | ||
}); | ||
|
||
test('continues to attempt logouts after a failed logout', async () => { | ||
core.getState.mockReturnValue( | ||
'123456789012.dkr.ecr.aws-region-1.amazonaws.com,111111111111.dkr.ecr.aws-region-1.amazonaws.com,222222222222.dkr.ecr.aws-region-1.amazonaws.com'); | ||
exec.exec.mockReturnValueOnce(1).mockReturnValueOnce(1).mockReturnValueOnce(0); | ||
|
||
await cleanup(); | ||
|
||
expect(core.getState).toHaveBeenCalledWith('registries'); | ||
|
||
expect(exec.exec).toHaveBeenCalledTimes(3); | ||
expect(exec.exec).toHaveBeenNthCalledWith(1, | ||
'docker logout', | ||
['123456789012.dkr.ecr.aws-region-1.amazonaws.com'], | ||
expect.anything()); | ||
expect(exec.exec).toHaveBeenNthCalledWith(2, | ||
'docker logout', | ||
['111111111111.dkr.ecr.aws-region-1.amazonaws.com'], | ||
expect.anything()); | ||
expect(exec.exec).toHaveBeenNthCalledWith(3, | ||
'docker logout', | ||
['222222222222.dkr.ecr.aws-region-1.amazonaws.com'], | ||
expect.anything()); | ||
|
||
expect(core.error).toHaveBeenCalledTimes(2); | ||
expect(core.error).toHaveBeenNthCalledWith(1, 'Could not logout registry 123456789012.dkr.ecr.aws-region-1.amazonaws.com: '); | ||
expect(core.error).toHaveBeenNthCalledWith(2, 'Could not logout registry 111111111111.dkr.ecr.aws-region-1.amazonaws.com: '); | ||
|
||
expect(core.setFailed).toHaveBeenCalledTimes(1); | ||
expect(core.setFailed).toHaveBeenCalledWith('Failed to logout: 123456789012.dkr.ecr.aws-region-1.amazonaws.com,111111111111.dkr.ecr.aws-region-1.amazonaws.com'); | ||
}); | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters