class Dependabot::Docker::Utils::CredentialsFinder
Constants
- AWS_ECR_URL
Attributes
credentials[R]
Public Class Methods
new(credentials)
click to toggle source
# File lib/dependabot/docker/utils/credentials_finder.rb, line 14 def initialize(credentials) @credentials = credentials end
Public Instance Methods
credentials_for_registry(registry_hostname)
click to toggle source
# File lib/dependabot/docker/utils/credentials_finder.rb, line 18 def credentials_for_registry(registry_hostname) registry_details = credentials. select { |cred| cred["type"] == "docker_registry" }. find { |cred| cred.fetch("registry") == registry_hostname } return unless registry_details return registry_details unless registry_hostname.match?(AWS_ECR_URL) build_aws_credentials(registry_details) end
Private Instance Methods
build_aws_credentials(registry_details)
click to toggle source
# File lib/dependabot/docker/utils/credentials_finder.rb, line 33 def build_aws_credentials(registry_details) # If credentials have been generated from AWS we can just return them return registry_details if registry_details["username"] == "AWS" # If we don't have credentials, we might get them from the proxy return registry_details if registry_details["username"].nil? # Otherwise, we need to use the provided Access Key ID and secret to # generate a temporary username and password aws_credentials = Aws::Credentials.new( registry_details["username"], registry_details["password"] ) registry_hostname = registry_details.fetch("registry") region = registry_hostname.match(AWS_ECR_URL). named_captures.fetch("region") @authorization_tokens ||= {} @authorization_tokens[registry_hostname] ||= Aws::ECR::Client.new(region: region, credentials: aws_credentials). get_authorization_token.authorization_data.first. authorization_token username, password = Base64.decode64(@authorization_tokens[registry_hostname]).split(":") registry_details.merge("username" => username, "password" => password) rescue Aws::Errors::MissingCredentialsError, Aws::ECR::Errors::UnrecognizedClientException, Aws::ECR::Errors::InvalidSignatureException raise PrivateSourceAuthenticationFailure, registry_hostname end