Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

adding support for externalId #333

Merged
merged 1 commit into from
Sep 23, 2021

Conversation

jimsheldon
Copy link

Greetings!

This change adds external ID support to plugins/ecr. With this change, our engineering teams will be able to use the instance role of our agents to push ECR images to their accounts more securely.

I tested to ensure this doesn't break existing assume role functionality.

@eoinmcafee00 eoinmcafee00 merged commit 607b04a into drone-plugins:master Sep 23, 2021
@jimsheldon jimsheldon deleted the ecr-externalid branch September 23, 2021 15:04
@tphoney tphoney added the enhancement New feature or request label Oct 13, 2021
wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf pushed a commit to wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf/drone-docker that referenced this pull request Oct 16, 2021
wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf added a commit to wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf/drone-docker that referenced this pull request Oct 22, 2021
rebased on master + applied the previous changes

commit b96d524
Author: surtur <[email protected]>
Date:   Fri Oct 22 14:28:24 2021 +0200

    chore: bump dind to 20.10.9

commit ca9cfe9
Author: surtur <[email protected]>
Date:   Tue Jun 8 22:32:45 2021 +0200

    chore: bump docker to 20.10.7-dind

commit 5dc2b56
Author: surtur <[email protected]>
Date:   Tue Apr 13 10:00:07 2021 +0200

    chore: bump docker to 20.10.6-dind

commit 6dc63b2
Author: surtur <[email protected]>
Date:   Wed Mar 17 02:35:29 2021 +0100

    chore: bump docker to 20.10.5-dind

commit 1ae4536
Author: surtur <[email protected]>
Date:   Wed Mar 17 01:11:36 2021 +0100

    docker: add multiple different image tags

    rolling:
    * latest
    * edge-dind

    fixed to a commit:
    * ${DRONE_COMMIT_SHA:0:8}
    * ${DRONE_COMMIT_SHA:0:8}-edge-dind
    * ${DRONE_COMMIT_SHA:0:8}-linux-amd64

commit 6b86978
Author: surtur <[email protected]>
Date:   Wed Mar 17 02:22:36 2021 +0100

    ci: use plugins/docker:linux-amd64

    * bump from :18
    * add repo tag for dry_run

commit 2a52c7e
Author: surtur <[email protected]>
Date:   Tue Mar 16 22:26:30 2021 +0100

    chore: bump docker to 19.03.15-dind

commit e5693c3
Author: surtur <[email protected]>
Date:   Tue Mar 16 21:53:51 2021 +0100

    ci: dry-run on push+publish to immawanderer

commit 07c40b4
Author: surtur <[email protected]>
Date:   Tue Mar 16 19:59:34 2021 +0100

    jsonnet: thow out {arm,gcr,acr,heroku} stuff

commit f005615
Author: surtur <[email protected]>
Date:   Tue Mar 16 19:26:12 2021 +0100

    ci: edit .drone.yml to only build for linux-amd64

    * rm windows pipelines as I don't have any windows runners
    * rm arm/arm64 pipelines as I don't have any arm runners
    * rm {ecr,acr,whatever} publish steps as we're not publishing anything
      just yet
    * tag the image under immawanderer, not the official plugins repo
    * run as a dry_run (cause we're not really publishing, right?)

commit 6ec5e71
Merge: 88f8bf1 0911e6a
Author: TP Honey <[email protected]>
Date:   Wed Oct 13 17:19:30 2021 +0100

    Merge pull request drone-plugins#338 from tphoney/bump-go-1.13

    (maint) bump git to 1.13 for build and test

commit 0911e6a
Author: TP Honey <[email protected]>
Date:   Wed Oct 13 14:49:29 2021 +0100

    (maint) bump git to 1.13 for build and test

commit 88f8bf1
Merge: 607b04a 2d70a1f
Author: TP Honey <[email protected]>
Date:   Wed Oct 13 14:32:03 2021 +0100

    Merge pull request drone-plugins#337 from tphoney/prep_v19.03.9

    (maint) v19.03.9 release prep

commit 2d70a1f
Author: TP Honey <[email protected]>
Date:   Wed Oct 13 14:24:58 2021 +0100

    (maint) v19.03.9 release prep

commit 607b04a
Merge: 72ef7b1 e44c2d4
Author: Eoin McAfee <[email protected]>
Date:   Thu Sep 23 15:52:24 2021 +0100

    Merge pull request drone-plugins#333 from jimsheldon/ecr-externalid

    adding support for externalId

commit e44c2d4
Author: Jim Sheldon <[email protected]>
Date:   Fri Sep 17 15:33:05 2021 -0400

    adding support for externalId

commit 72ef7b1
Author: Brad Rydzewski <[email protected]>
Date:   Mon Aug 2 22:15:39 2021 -0400

    log available credentials before login

commit fbbeec5
Author: Brad Rydzewski <[email protected]>
Date:   Mon Aug 2 21:42:22 2021 -0400

    use Replace instead of ReplaceAll

commit b1d8698
Author: Brad Rydzewski <[email protected]>
Date:   Mon Aug 2 21:28:37 2021 -0400

    print login failure reason to output

commit d4cf9f2
Author: Brad Rydzewski <[email protected]>
Date:   Sun Jul 11 15:50:43 2021 -0400

    remove pull always

commit f753800
Merge: dd359df c10d367
Author: Brad Rydzewski <[email protected]>
Date:   Sun Jul 11 15:39:35 2021 -0400

    Merge pull request drone-plugins#325 from drone-plugins/revert-322-update-seccomp

    Revert "Update seccomp to 20.10 docker"

commit c10d367
Author: Brad Rydzewski <[email protected]>
Date:   Sun Jul 11 15:38:04 2021 -0400

    Revert "Update seccomp to 20.10 docker (drone-plugins#322)"

    This reverts commit dd359df.

commit dd359df
Author: techknowlogick <[email protected]>
Date:   Wed Jul 7 15:03:54 2021 -0400

    Update seccomp to 20.10 docker (drone-plugins#322)

    * Update seccomp to 20.10 docker

commit 729aa5d
Merge: f08821b db5c216
Author: TP Honey <[email protected]>
Date:   Wed Jul 7 19:52:19 2021 +0100

    Merge pull request drone-plugins#323 from tphoney/docker_rate_limit

    (maint) CI, remove the dry run steps, due to rate limiting

commit db5c216
Author: TP Honey <[email protected]>
Date:   Wed Jul 7 19:37:30 2021 +0100

    (maint) CI, remove the dry run steps, due to rate limiting

commit f08821b
Merge: 0f6bd8a 5760e7b
Author: Brad Rydzewski <[email protected]>
Date:   Tue Apr 6 15:55:56 2021 -0400

    Merge pull request drone-plugins#300 from rvoitenko/ecr_scan_on_push

    ECR: adding setting to enable image scanning while repo creation

commit 5760e7b
Merge: 3501d9a 7ade37a
Author: Roman Voitenko <[email protected]>
Date:   Sat Feb 20 13:32:16 2021 +0100

    Merge branch 'master' into ecr_scan_on_push

commit 3501d9a
Author: Roman Voitenko <[email protected]>
Date:   Thu Oct 1 10:43:25 2020 +0200

    add possibility to turn on/off image scanning not only during repo creation, but when repo already created

commit d8b6b48
Author: Roman Voitenko <[email protected]>
Date:   Wed Sep 30 23:32:23 2020 +0200

    add possibility to turn on ECR image scanning for repos created by ecr plugin
wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf pushed a commit to wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf/drone-docker that referenced this pull request Nov 5, 2021
wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf pushed a commit to wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf/drone-docker that referenced this pull request Feb 21, 2022
wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf added a commit to wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf/drone-docker that referenced this pull request Apr 1, 2022
rebased on master + applied the previous changes

commit b96d524
Author: surtur <[email protected]>
Date:   Fri Oct 22 14:28:24 2021 +0200

    chore: bump dind to 20.10.9

commit ca9cfe9
Author: surtur <[email protected]>
Date:   Tue Jun 8 22:32:45 2021 +0200

    chore: bump docker to 20.10.7-dind

commit 5dc2b56
Author: surtur <[email protected]>
Date:   Tue Apr 13 10:00:07 2021 +0200

    chore: bump docker to 20.10.6-dind

commit 6dc63b2
Author: surtur <[email protected]>
Date:   Wed Mar 17 02:35:29 2021 +0100

    chore: bump docker to 20.10.5-dind

commit 1ae4536
Author: surtur <[email protected]>
Date:   Wed Mar 17 01:11:36 2021 +0100

    docker: add multiple different image tags

    rolling:
    * latest
    * edge-dind

    fixed to a commit:
    * ${DRONE_COMMIT_SHA:0:8}
    * ${DRONE_COMMIT_SHA:0:8}-edge-dind
    * ${DRONE_COMMIT_SHA:0:8}-linux-amd64

commit 6b86978
Author: surtur <[email protected]>
Date:   Wed Mar 17 02:22:36 2021 +0100

    ci: use plugins/docker:linux-amd64

    * bump from :18
    * add repo tag for dry_run

commit 2a52c7e
Author: surtur <[email protected]>
Date:   Tue Mar 16 22:26:30 2021 +0100

    chore: bump docker to 19.03.15-dind

commit e5693c3
Author: surtur <[email protected]>
Date:   Tue Mar 16 21:53:51 2021 +0100

    ci: dry-run on push+publish to immawanderer

commit 07c40b4
Author: surtur <[email protected]>
Date:   Tue Mar 16 19:59:34 2021 +0100

    jsonnet: thow out {arm,gcr,acr,heroku} stuff

commit f005615
Author: surtur <[email protected]>
Date:   Tue Mar 16 19:26:12 2021 +0100

    ci: edit .drone.yml to only build for linux-amd64

    * rm windows pipelines as I don't have any windows runners
    * rm arm/arm64 pipelines as I don't have any arm runners
    * rm {ecr,acr,whatever} publish steps as we're not publishing anything
      just yet
    * tag the image under immawanderer, not the official plugins repo
    * run as a dry_run (cause we're not really publishing, right?)

commit 6ec5e71
Merge: 88f8bf1 0911e6a
Author: TP Honey <[email protected]>
Date:   Wed Oct 13 17:19:30 2021 +0100

    Merge pull request drone-plugins#338 from tphoney/bump-go-1.13

    (maint) bump git to 1.13 for build and test

commit 0911e6a
Author: TP Honey <[email protected]>
Date:   Wed Oct 13 14:49:29 2021 +0100

    (maint) bump git to 1.13 for build and test

commit 88f8bf1
Merge: 607b04a 2d70a1f
Author: TP Honey <[email protected]>
Date:   Wed Oct 13 14:32:03 2021 +0100

    Merge pull request drone-plugins#337 from tphoney/prep_v19.03.9

    (maint) v19.03.9 release prep

commit 2d70a1f
Author: TP Honey <[email protected]>
Date:   Wed Oct 13 14:24:58 2021 +0100

    (maint) v19.03.9 release prep

commit 607b04a
Merge: 72ef7b1 e44c2d4
Author: Eoin McAfee <[email protected]>
Date:   Thu Sep 23 15:52:24 2021 +0100

    Merge pull request drone-plugins#333 from jimsheldon/ecr-externalid

    adding support for externalId

commit e44c2d4
Author: Jim Sheldon <[email protected]>
Date:   Fri Sep 17 15:33:05 2021 -0400

    adding support for externalId

commit 72ef7b1
Author: Brad Rydzewski <[email protected]>
Date:   Mon Aug 2 22:15:39 2021 -0400

    log available credentials before login

commit fbbeec5
Author: Brad Rydzewski <[email protected]>
Date:   Mon Aug 2 21:42:22 2021 -0400

    use Replace instead of ReplaceAll

commit b1d8698
Author: Brad Rydzewski <[email protected]>
Date:   Mon Aug 2 21:28:37 2021 -0400

    print login failure reason to output

commit d4cf9f2
Author: Brad Rydzewski <[email protected]>
Date:   Sun Jul 11 15:50:43 2021 -0400

    remove pull always

commit f753800
Merge: dd359df c10d367
Author: Brad Rydzewski <[email protected]>
Date:   Sun Jul 11 15:39:35 2021 -0400

    Merge pull request drone-plugins#325 from drone-plugins/revert-322-update-seccomp

    Revert "Update seccomp to 20.10 docker"

commit c10d367
Author: Brad Rydzewski <[email protected]>
Date:   Sun Jul 11 15:38:04 2021 -0400

    Revert "Update seccomp to 20.10 docker (drone-plugins#322)"

    This reverts commit dd359df.

commit dd359df
Author: techknowlogick <[email protected]>
Date:   Wed Jul 7 15:03:54 2021 -0400

    Update seccomp to 20.10 docker (drone-plugins#322)

    * Update seccomp to 20.10 docker

commit 729aa5d
Merge: f08821b db5c216
Author: TP Honey <[email protected]>
Date:   Wed Jul 7 19:52:19 2021 +0100

    Merge pull request drone-plugins#323 from tphoney/docker_rate_limit

    (maint) CI, remove the dry run steps, due to rate limiting

commit db5c216
Author: TP Honey <[email protected]>
Date:   Wed Jul 7 19:37:30 2021 +0100

    (maint) CI, remove the dry run steps, due to rate limiting

commit f08821b
Merge: 0f6bd8a 5760e7b
Author: Brad Rydzewski <[email protected]>
Date:   Tue Apr 6 15:55:56 2021 -0400

    Merge pull request drone-plugins#300 from rvoitenko/ecr_scan_on_push

    ECR: adding setting to enable image scanning while repo creation

commit 5760e7b
Merge: 3501d9a 7ade37a
Author: Roman Voitenko <[email protected]>
Date:   Sat Feb 20 13:32:16 2021 +0100

    Merge branch 'master' into ecr_scan_on_push

commit 3501d9a
Author: Roman Voitenko <[email protected]>
Date:   Thu Oct 1 10:43:25 2020 +0200

    add possibility to turn on/off image scanning not only during repo creation, but when repo already created

commit d8b6b48
Author: Roman Voitenko <[email protected]>
Date:   Wed Sep 30 23:32:23 2020 +0200

    add possibility to turn on ECR image scanning for repos created by ecr plugin
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants