mirror of https://github.com/portainer/portainer
61 lines
1.7 KiB
Go
61 lines
1.7 KiB
Go
package registryutils
|
|
|
|
import (
|
|
"time"
|
|
|
|
portainer "github.com/portainer/portainer/api"
|
|
"github.com/portainer/portainer/api/aws/ecr"
|
|
"github.com/portainer/portainer/api/dataservices"
|
|
|
|
"github.com/rs/zerolog/log"
|
|
)
|
|
|
|
func isRegTokenValid(registry *portainer.Registry) (valid bool) {
|
|
return registry.AccessToken != "" && registry.AccessTokenExpiry > time.Now().Unix()
|
|
}
|
|
|
|
func doGetRegToken(dataStore dataservices.DataStore, registry *portainer.Registry) (err error) {
|
|
ecrClient := ecr.NewService(registry.Username, registry.Password, registry.Ecr.Region)
|
|
accessToken, expiryAt, err := ecrClient.GetAuthorizationToken()
|
|
if err != nil {
|
|
return
|
|
}
|
|
|
|
registry.AccessToken = *accessToken
|
|
registry.AccessTokenExpiry = expiryAt.Unix()
|
|
|
|
err = dataStore.Registry().Update(registry.ID, registry)
|
|
|
|
return
|
|
}
|
|
|
|
func parseRegToken(registry *portainer.Registry) (username, password string, err error) {
|
|
ecrClient := ecr.NewService(registry.Username, registry.Password, registry.Ecr.Region)
|
|
return ecrClient.ParseAuthorizationToken(registry.AccessToken)
|
|
}
|
|
|
|
func EnsureRegTokenValid(dataStore dataservices.DataStore, registry *portainer.Registry) (err error) {
|
|
if registry.Type == portainer.EcrRegistry {
|
|
if isRegTokenValid(registry) {
|
|
log.Debug().Msg("current ECR token is still valid")
|
|
} else {
|
|
err = doGetRegToken(dataStore, registry)
|
|
if err != nil {
|
|
log.Debug().Msg("refresh ECR token")
|
|
}
|
|
}
|
|
}
|
|
|
|
return
|
|
}
|
|
|
|
func GetRegEffectiveCredential(registry *portainer.Registry) (username, password string, err error) {
|
|
if registry.Type == portainer.EcrRegistry {
|
|
username, password, err = parseRegToken(registry)
|
|
} else {
|
|
username = registry.Username
|
|
password = registry.Password
|
|
}
|
|
return
|
|
}
|