def get_registry_info(rid): creds = aws.ecr.get_credentials(registry_id=rid) decoded = base64.b64decode(creds.authorization_token).decode() parts = decoded.split(':') if len(parts) != 2: raise Exception("Invalid credentials") return docker.ImageRegistry(creds.proxy_endpoint, parts[0], parts[1])
def getRegistryInfo(info): # We are given a Docker creds file; parse it to find the temp username/password. auth_json = info[0] auths = json.loads(auth_json) server_url = info[1] auth_token = auths['auths'][server_url]['auth'] decoded = base64.b64decode(auth_token).decode() parts = decoded.split(':') if len(parts) != 2: raise Exception('Invalid credentials') return docker.ImageRegistry(server_url, parts[0], parts[1])
def get_registry_info(creds): decoded = base64.b64decode(creds.authorization_token).decode() parts = decoded.split(':') if len(parts) != 2: raise Exception("Invalid credentials") username = parts[0] password = parts[1] return docker.ImageRegistry( server=creds.proxy_endpoint, username=username, password=password)
sku=containerregistry.SkuArgs(name="Basic"), admin_user_enabled=True) credentials = pulumi.Output.all(resource_group.name, registry.name).apply( lambda args: containerregistry.list_registry_credentials(resource_group_name=args[0], registry_name=args[1])) admin_username = credentials.username admin_password = credentials.passwords[0]["value"] custom_image = "node-app" my_image = docker.Image(custom_image, image_name=registry.login_server.apply( lambda login_server: f"{login_server}/{custom_image}:v1.0.0"), build=docker.DockerBuild(context=f"./{custom_image}"), registry=docker.ImageRegistry( server=registry.login_server, username=admin_username, password=admin_password)) container_app = web.ContainerApp("app", resource_group_name=resource_group.name, kube_environment_id=kube_env.id, configuration=web.ConfigurationArgs( ingress=web.IngressArgs( external=True, target_port=80 ), registries=[ web.RegistryCredentialsArgs( server=registry.login_server, username=admin_username, password_secret_ref="pwd")
value=random.RandomPassword( 'mypass', length=32, opts=pulumi.ResourceOptions( additional_secret_outputs=['result'])).result, end_date_relative='8760h', ) sp_auth = azure.authorization.Assignment( 'myauth', scope=registry.id, role_definition_name='acrpush', principal_id=sp.id, ) registry_info = docker.ImageRegistry( server=registry.login_server, username=sp.application_id, password=sp_auth.id.apply(lambda _: sp_password.value), ) else: registry_info = docker.ImageRegistry(server=registry.login_server, username=registry.admin_username, password=registry.admin_password) # Build and publish the image. image = docker.Image( 'my-image', build='app', image_name=image_name, registry=registry_info, )
import pulumi_docker as docker from pulumi_kubernetes.apps.v1 import Deployment from pulumi_kubernetes.core.v1 import Secret, Service # Fetch the Docker Hub auth info from config. config = pulumi.Config() username = config.require('dockerUsername') password = config.require_secret('dockerPassword') # Build and publish the image. image = docker.Image('my-image', build='app', image_name=f'{username}/myapp', registry=password.apply(lambda pwd: docker.ImageRegistry( server='docker.io', username=username, password=pwd, )), ) # Ensure we can pull from the Docker Hub. pull_secret = Secret('my-regcred', type='kubernetes.io/dockerconfigjson', string_data={ '.dockerconfigjson': password.apply(lambda pwd: json.dumps({ 'auths': { 'https://index.docker.io/v1/': { 'username': username, 'password': pwd, 'auth': str(base64.b64encode(f'{username}:{pwd}'.encode('utf-8')), 'utf-8'), },
def create_image_registry(rid): creds = ecr.get_credentials(rid) decoded = base64.b64decode(creds.authorization_token).decode('utf-8') username, password = decoded.split(':') return docker.ImageRegistry(creds.proxy_endpoint, username, password)
import pulumi import pulumi_aws as aws import pulumi_docker as docker bucket = aws.s3.Bucket("bucket") repo = aws.ecr.Repository("sampleapp") ecr_creds = aws.ecr.get_authorization_token() image = docker.Image("sampleapp", build="./build-ffmpeg", image_name=repo.repository_url, registry=docker.ImageRegistry( server=repo.repository_url, username=ecr_creds.user_name, password=ecr_creds.password)) role = aws.iam.Role("thumbnailerRole", assume_role_policy=f"""{{ "Version": "2012-10-17", "Statement": [ {{ "Effect": "Allow", "Principal": {{ "Service": "lambda.amazonaws.com" }}, "Action": "sts:AssumeRole" }} ] }}""") aws.iam.RolePolicyAttachment( "lambdaFullAccess",
"""An Azure Python Pulumi program""" import pulumi from pulumi_azure import core, containerservice import pulumi_docker # Create an Azure Resource Group resource_group = core.ResourceGroup('miw_20200729') # Create registry registry = containerservice.Registry('registry', admin_enabled=True, sku='Basic', resource_group_name=resource_group.name) # ImageRegistry r = pulumi.Output.all( registry.login_server, registry.admin_username, registry.admin_password).apply( lambda a: pulumi_docker.ImageRegistry(a[0], a[1], a[2])) # Build and publish image image = pulumi_docker.Image( "my-app", image_name=registry.login_server.apply(lambda s: f'{s}/my-app:v1.0.0'), build=pulumi_docker.DockerBuild(context='./my-app'), registry=r)
def get_registry_info(token): return docker.ImageRegistry( server='docker.io', username=username, password=token, )