Compare commits

..

3 Commits

Author SHA1 Message Date
Ompragash Viswanathan 0d0510f029 Updated cmd/kaniko-ecr/main.go 2025-03-20 09:37:21 +05:30
Ompragash Viswanathan e09b2ad589 Updated cmd/kaniko-ecr/main.go 2025-03-17 14:02:36 +05:30
Ompragash Viswanathan 5b4ff345a7 Add support for tar-path, source-tar-path and push-only operations 2025-03-11 17:34:03 +05:30
2 changed files with 46 additions and 16 deletions
+26
View File
@@ -12,6 +12,32 @@ pipeline:
build: <+input>
sparseCheckout: []
stages:
- stage:
name: Manager Approval
identifier: Manager_Approval
description: ""
type: Approval
spec:
execution:
steps:
- step:
name: CI Manager Approval
identifier: CI_Manager_Approval
type: HarnessApproval
timeout: 1d
spec:
approvalMessage: |-
Please review the following information
and approve the pipeline progression
includePipelineExecutionHistory: true
approvers:
minimumCount: 1
disallowPipelineExecutor: false
userGroups:
- CI_Manager
isAutoRejectEnabled: false
approverInputs: []
tags: {}
- parallel:
- stage:
name: linux-amd64
+20 -16
View File
@@ -879,18 +879,6 @@ func getOidcCreds(oidcToken, assumeRole string) (string, string, string, error)
return *result.Credentials.AccessKeyId, *result.Credentials.SecretAccessKey, *result.Credentials.SessionToken, nil
}
func createECRSession(region, accessKey, secretKey, sessionToken string) *ecrv1.ECR {
sess := session.Must(session.NewSession(&awsv1.Config{
Region: awsv1.String(region),
Credentials: credentials.NewStaticCredentials(
accessKey,
secretKey,
sessionToken,
),
}))
return ecrv1.New(sess)
}
func handlePushOnly(c *cli.Context) error {
sourceTarPath := c.String("source-tar-path")
if sourceTarPath == "" {
@@ -921,15 +909,31 @@ func handlePushOnly(c *cli.Context) error {
if err != nil {
return fmt.Errorf("failed to get OIDC credentials: %v", err)
}
svc = createECRSession(c.String("region"), accessKey, secretKey, sessionToken)
sess := session.Must(session.NewSession(&awsv1.Config{
Region: awsv1.String(c.String("region")),
Credentials: credentials.NewStaticCredentials(
accessKey,
secretKey,
sessionToken,
),
}))
svc = ecrv1.New(sess)
} else if assumeRole := c.String("assume-role"); assumeRole != "" {
accessKey, secretKey, sessionToken, err := getAssumeRoleCreds(c.String("region"), assumeRole, c.String("external-id"), "")
if err != nil {
return fmt.Errorf("failed to get assume role credentials: %v", err)
}
svc = createECRSession(c.String("region"), accessKey, secretKey, sessionToken)
sess := session.Must(session.NewSession(&awsv1.Config{
Region: awsv1.String(c.String("region")),
Credentials: credentials.NewStaticCredentials(
accessKey,
secretKey,
sessionToken,
),
}))
svc = ecrv1.New(sess)
} else {
// Use direct credentials or IAM role
sess := session.Must(session.NewSession(&awsv1.Config{