tyler.durden
/
compose
mirror of https://github.com/docker/compose.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

cleanup 

Signed-off-by: aiordache <anca.iordache@docker.com>
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
This commit is contained in:
aiordache 2020-05-06 15:15:46 +02:00 committed by Nicolas De Loof
parent d09c8c7236
commit 3a678fd7dc
No known key found for this signature in database
GPG Key ID: 9858809D6F8F6E7E
2 changed files with 7 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ecs/pkg/amazon/cloudformation.go
View File

@ -63,7 +63,7 @@ func (c client) Convert(ctx context.Context, project *compose.Project) (*cloudfo
if policy != nil { if policy != nil {
rolePolicies = append(rolePolicies, iam.Role_Policy{ rolePolicies = append(rolePolicies, iam.Role_Policy{
PolicyDocument: policy, PolicyDocument: policy,
PolicyName: taskExecutionRole, PolicyName: fmt.Sprintf("%sGrantAccessToSecrets", service.Name),
}) })
} }

28
ecs/pkg/amazon/convert.go
View File

@ -19,14 +19,8 @@ func Convert(project *compose.Project, service types.ServiceConfig) (*ecs.TaskDe
if err != nil { if err != nil {
return nil, err return nil, err
} }
credential, err := getRepoCredentials(service) credential := getRepoCredentials(service)
if err != nil {
return nil, err
}
secrets, err := getSecrets(service)
if err != nil {
return nil, err
}
return &ecs.TaskDefinition{ return &ecs.TaskDefinition{
ContainerDefinitions: []ecs.TaskDefinition_ContainerDefinition{ ContainerDefinitions: []ecs.TaskDefinition_ContainerDefinition{
// Here we can declare sidecars and init-containers using https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#container_definition_dependson // Here we can declare sidecars and init-containers using https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#container_definition_dependson
@ -64,7 +58,6 @@ func Convert(project *compose.Project, service types.ServiceConfig) (*ecs.TaskDe
ReadonlyRootFilesystem: service.ReadOnly, ReadonlyRootFilesystem: service.ReadOnly,
RepositoryCredentials: credential, RepositoryCredentials: credential,
ResourceRequirements: nil, ResourceRequirements: nil,
Secrets: secrets,
StartTimeout: 0, StartTimeout: 0,
StopTimeout: durationToInt(service.StopGracePeriod), StopTimeout: durationToInt(service.StopGracePeriod),
SystemControls: nil, SystemControls: nil,
@ -293,25 +286,16 @@ func getImage(image string) string {
} }
} }
func getRepoCredentials(service types.ServiceConfig) (*ecs.TaskDefinition_RepositoryCredentials, error) { func getRepoCredentials(service types.ServiceConfig) *ecs.TaskDefinition_RepositoryCredentials {
// extract registry and namespace string from image name // extract registry and namespace string from image name
credential := "" credential := ""
for key, value := range service.Extras { for key, value := range service.Extras {
if strings.HasPrefix(key, "x-aws-pull_credentials") { if key == "x-aws-pull_credentials" {
credential = value.(string) credential = value.(string)
} }
} }
if credential != "" { if credential != "" {
return &ecs.TaskDefinition_RepositoryCredentials{CredentialsParameter: credential}, nil return &ecs.TaskDefinition_RepositoryCredentials{CredentialsParameter: credential}
} }
return nil, nil return nil
}
func getSecrets(service types.ServiceConfig) ([]ecs.TaskDefinition_Secret, error) {
secrets := []ecs.TaskDefinition_Secret{}
for _, secret := range service.Secrets {
secrets = append(secrets, ecs.TaskDefinition_Secret{Name: secret.Target, ValueFrom: secret.Source})
}
return secrets, nil
} }