fix: hardcoded AWS region

fixes estahn#20 estahn#17

.k8s-image-swapper.yml

@@ -1,6 +1,6 @@
 dryRun: true
 
-logLevel: debug
+logLevel: trace
 logFormat: console
 
 source:
@@ -24,17 +24,16 @@ source:
 
 target:
   type: aws
-  registry:
-    aws:
-      accountId: 123456789
-      region: ap-southeast-2
-      ecrOptions:
-        tags: []
-        imageTagMutability: MUTABLE
-        imageScanningConfiguration:
-          imageScanOnPush: true
-        encryptionConfiguration:
-          encryptionType: AES256
-#          kmsKey: string
+  aws:
+    accountId: 123456789
+    region: ap-southeast-2
+    ecrOptions:
+      tags: []
+      imageTagMutability: MUTABLE
+      imageScanningConfiguration:
+        imageScanOnPush: true
+      encryptionConfiguration:
+        encryptionType: AES256
+        kmsKey: string
 #    dockerio:
 #    quayio:

cmd/root.go

@@ -32,6 +32,7 @@ import (
 	"os"
 
 	"github.com/estahn/k8s-image-swapper/pkg"
+	"github.com/estahn/k8s-image-swapper/pkg/registry"
 	"github.com/estahn/k8s-image-swapper/pkg/webhook"
 	homedir "github.com/mitchellh/go-homedir"
 	"github.com/prometheus/client_golang/prometheus/promhttp"
@@ -57,8 +58,15 @@ A mutating webhook for Kubernetes, pointing the images to a new location.`,
 	Run: func(cmd *cobra.Command, args []string) {
 		//promReg := prometheus.NewRegistry()
 		//metricsRec := metrics.NewPrometheus(promReg)
+		log.Trace().Interface("config", cfg).Msg("config")
 
-		wh, err := webhook.NewImageSwapperWebhook(cfg.Target.Registry.AWS.EcrDomain(), cfg.Source.Filters)
+		rClient, err := registry.NewECRClient(cfg.Target.AWS.Region, cfg.Target.AWS.EcrDomain())
+		if err != nil {
+			log.Err(err).Msg("error connecting to registry client")
+			os.Exit(1)
+		}
+
+		wh, err := webhook.NewImageSwapperWebhook(rClient, cfg.Source.Filters)
 		if err != nil {
 			log.Err(err).Msg("error creating webhook")
 			os.Exit(1)

go.mod

@@ -3,9 +3,11 @@ module github.com/estahn/k8s-image-swapper
 go 1.12
 
 require (
+	github.com/alitto/pond v1.4.0
 	github.com/aws/aws-sdk-go v1.32.3
 	github.com/containers/image/v5 v5.9.0
 	github.com/davecgh/go-spew v1.1.1
+	github.com/dgraph-io/ristretto v0.0.3
 	github.com/go-playground/validator/v10 v10.4.1
 	github.com/gorilla/mux v1.8.0 // indirect
 	github.com/jmespath/go-jmespath v0.4.0

go.sum

@@ -57,6 +57,8 @@ github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuy
 github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
 github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
 github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho=
+github.com/alitto/pond v1.4.0 h1:tTkN+6edFsWXIxIwpUj5ouSQgj5BPhN6K61+UTlFocU=
+github.com/alitto/pond v1.4.0/go.mod h1:VkhnWZhFBtkzZgpjXEyQ4Skyf8nfcGXsZ7PTklN29a4=
 github.com/andybalholm/brotli v1.0.0/go.mod h1:loMXtMfwqflxFJPmdbJO0a3KNoPuLBgiu3qAvBg8x/Y=
 github.com/apache/thrift v0.12.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ=
 github.com/apache/thrift v0.13.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ=
@@ -133,7 +135,10 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/denis-tingajkin/go-header v0.3.1/go.mod h1:sq/2IxMhaZX+RRcgHfCRx/m0M5na0fBt4/CRe7Lrji0=
+github.com/dgraph-io/ristretto v0.0.3 h1:jh22xisGBjrEVnRZ1DVTpBVQm0Xndu8sMl0CWDzSIBI=
+github.com/dgraph-io/ristretto v0.0.3/go.mod h1:KPxhHT9ZxKefz+PCeOGsrHpl1qZ7i70dGTu2u+Ahh6E=
 github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
+github.com/dgryski/go-farm v0.0.0-20190423205320-6a90982ecee2/go.mod h1:SqUrOPUnsFjfmXRMNPybcSiG0BgUW2AuFH8PAnS2iTw=
 github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no=
 github.com/docker/distribution v2.7.1+incompatible h1:a5mlkVzth6W5A4fOsS3D2EO5BUmsJpcB+cRlLU7cSug=
 github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=

pkg/registry/client.go

@@ -0,0 +1,15 @@
+package registry
+
+// Client provides methods required to be implemented by the various target registry clients, e.g. ECR, Docker, Quay.
+type Client interface {
+	CreateRepository(string) error
+	RepositoryExists() bool
+	CopyImage() error
+	PullImage() error
+	PutImage() error
+	ImageExists() bool
+
+	// Endpoint returns the domain of the registry
+	Endpoint() string
+	Credentials() string
+}

pkg/registry/ecr.go

@@ -0,0 +1,107 @@
+package registry
+
+import (
+	"encoding/base64"
+
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/aws/awserr"
+	"github.com/aws/aws-sdk-go/aws/session"
+	"github.com/aws/aws-sdk-go/service/ecr"
+	"github.com/dgraph-io/ristretto"
+)
+
+type ECRClient struct {
+	client    *ecr.ECR
+	ecrDomain string
+	authToken []byte
+	cache     *ristretto.Cache
+}
+
+func (e *ECRClient) Credentials() string {
+	return string(e.authToken)
+}
+
+func (e *ECRClient) CreateRepository(name string) error {
+	if _, found := e.cache.Get(name); found {
+		return nil
+	}
+
+	_, err := e.client.CreateRepository(&ecr.CreateRepositoryInput{
+		RepositoryName: aws.String(name),
+	})
+	if err != nil {
+		if aerr, ok := err.(awserr.Error); ok {
+			switch aerr.Code() {
+			case ecr.ErrCodeRepositoryAlreadyExistsException:
+				// We ignore this case as it is valid.
+			default:
+				return err
+			}
+		} else {
+			// Print the error, cast err to awserr.Error to get the Code and
+			// Message from an error.
+			return err
+		}
+	}
+
+	e.cache.Set(name, "", 1)
+
+	return nil
+}
+
+func (e *ECRClient) RepositoryExists() bool {
+	panic("implement me")
+}
+
+func (e *ECRClient) CopyImage() error {
+	panic("implement me")
+}
+
+func (e *ECRClient) PullImage() error {
+	panic("implement me")
+}
+
+func (e *ECRClient) PutImage() error {
+	panic("implement me")
+}
+
+func (e *ECRClient) ImageExists() bool {
+	panic("implement me")
+}
+
+func (e *ECRClient) Endpoint() string {
+	return e.ecrDomain
+}
+
+func NewECRClient(region string, ecrDomain string) (*ECRClient, error) {
+	sess := session.Must(session.NewSessionWithOptions(session.Options{
+		SharedConfigState: session.SharedConfigEnable,
+	}))
+	ecrClient := ecr.New(sess, &aws.Config{Region: aws.String(region)})
+
+	getAuthTokenOutput, err := ecrClient.GetAuthorizationToken(&ecr.GetAuthorizationTokenInput{})
+	if err != nil {
+		return nil, err
+	}
+
+	authToken, err := base64.StdEncoding.DecodeString(*getAuthTokenOutput.AuthorizationData[0].AuthorizationToken)
+	if err != nil {
+		return nil, err
+	}
+
+	cache, err := ristretto.NewCache(&ristretto.Config{
+		NumCounters: 1e7,     // number of keys to track frequency of (10M).
+		MaxCost:     1 << 30, // maximum cost of cache (1GB).
+		BufferItems: 64,      // number of keys per Get buffer.
+	})
+	if err != nil {
+		panic(err)
+	}
+
+	return &ECRClient{
+		client:    ecrClient,
+		ecrDomain: ecrDomain,
+		authToken: authToken,
+		cache: cache,
+	}, nil
+}

pkg/registry/inmemory.go

@@ -0,0 +1,2 @@
+package registry
+