package registryutils
import (
"time"
log "github.com/sirupsen/logrus"
portainer "github.com/portainer/portainer/api"
"github.com/portainer/portainer/api/aws/ecr"
"github.com/portainer/portainer/api/dataservices"
)
func isRegTokenValid(registry *portainer.Registry) (valid bool) {
return registry.AccessToken != "" && registry.AccessTokenExpiry > time.Now().Unix()
}
func doGetRegToken(dataStore dataservices.DataStore, registry *portainer.Registry) (err error) {
ecrClient := ecr.NewService(registry.Username, registry.Password, registry.Ecr.Region)
accessToken, expiryAt, err := ecrClient.GetAuthorizationToken()
if err != nil {
return
registry.AccessToken = *accessToken
registry.AccessTokenExpiry = expiryAt.Unix()
err = dataStore.Registry().UpdateRegistry(registry.ID, registry)
func parseRegToken(registry *portainer.Registry) (username, password string, err error) {
return ecrClient.ParseAuthorizationToken(registry.AccessToken)
func EnsureRegTokenValid(dataStore dataservices.DataStore, registry *portainer.Registry) (err error) {
if registry.Type == portainer.EcrRegistry {
if isRegTokenValid(registry) {
log.Println("[DEBUG] [registry, GetEcrAccessToken] [message: current ECR token is still valid]")
} else {
err = doGetRegToken(dataStore, registry)
log.Println("[DEBUG] [registry, GetEcrAccessToken] [message: refresh ECR token]")
func GetRegEffectiveCredential(registry *portainer.Registry) (username, password string, err error) {
username, password, err = parseRegToken(registry)
username = registry.Username
password = registry.Password