Class DockerCredential
Represents credentials used to access a Docker registry.
Inheritance
Namespace: Amazon.CDK.Pipelines
Assembly: Amazon.CDK.Pipelines.dll
Syntax (csharp)
public abstract class DockerCredential : DeputyBase
Syntax (vb)
Public MustInherit Class DockerCredential
Inherits DeputyBase
Remarks
ExampleMetadata: infused
Examples
var dockerHubSecret = Secret.FromSecretCompleteArn(this, "DHSecret", "arn:aws:...");
var customRegSecret = Secret.FromSecretCompleteArn(this, "CRSecret", "arn:aws:...");
var repo1 = Repository.FromRepositoryArn(this, "Repo", "arn:aws:ecr:eu-west-1:0123456789012:repository/Repo1");
var repo2 = Repository.FromRepositoryArn(this, "Repo", "arn:aws:ecr:eu-west-1:0123456789012:repository/Repo2");
var pipeline = new CodePipeline(this, "Pipeline", new CodePipelineProps {
DockerCredentials = new [] { DockerCredential.DockerHub(dockerHubSecret), DockerCredential.CustomRegistry("dockerregistry.example.com", customRegSecret), DockerCredential.Ecr(new [] { repo1, repo2 }) },
Synth = new ShellStep("Synth", new ShellStepProps {
Input = CodePipelineSource.Connection("my-org/my-app", "main", new ConnectionSourceOptions {
ConnectionArn = "arn:aws:codestar-connections:us-east-1:222222222222:connection/7d2469ff-514a-4e4f-9003-5ca4a43cdc41"
}),
Commands = new [] { "npm ci", "npm run build", "npx cdk synth" }
})
});
Synopsis
Constructors
DockerCredential(DockerCredentialUsage[]) | |
DockerCredential(ByRefValue) | Used by jsii to construct an instance of this class from a Javascript-owned object reference |
DockerCredential(DeputyBase.DeputyProps) | Used by jsii to construct an instance of this class from DeputyProps |
Properties
Usages |
Methods
CustomRegistry(String, ISecret, IExternalDockerCredentialOptions) | Creates a DockerCredential for a registry, based on its domain name (e.g., 'www.example.com'). |
DockerHub(ISecret, IExternalDockerCredentialOptions) | Creates a DockerCredential for DockerHub. |
Ecr(IRepository[], IEcrDockerCredentialOptions) | Creates a DockerCredential for one or more ECR repositories. |
GrantRead(IGrantable, DockerCredentialUsage) | Grant read-only access to the registry credentials. |
Constructors
DockerCredential(DockerCredentialUsage[])
protected DockerCredential(DockerCredentialUsage[] usages = null)
Parameters
- usages DockerCredentialUsage[]
DockerCredential(ByRefValue)
Used by jsii to construct an instance of this class from a Javascript-owned object reference
protected DockerCredential(ByRefValue reference)
Parameters
- reference Amazon.JSII.Runtime.Deputy.ByRefValue
The Javascript-owned object reference
DockerCredential(DeputyBase.DeputyProps)
Used by jsii to construct an instance of this class from DeputyProps
protected DockerCredential(DeputyBase.DeputyProps props)
Parameters
- props Amazon.JSII.Runtime.Deputy.DeputyBase.DeputyProps
The deputy props
Properties
Usages
Methods
CustomRegistry(String, ISecret, IExternalDockerCredentialOptions)
Creates a DockerCredential for a registry, based on its domain name (e.g., 'www.example.com').
public static DockerCredential CustomRegistry(string registryDomain, ISecret secret, IExternalDockerCredentialOptions opts = null)
Parameters
- registryDomain System.String
- secret ISecret
- opts IExternalDockerCredentialOptions
Returns
DockerHub(ISecret, IExternalDockerCredentialOptions)
Creates a DockerCredential for DockerHub.
public static DockerCredential DockerHub(ISecret secret, IExternalDockerCredentialOptions opts = null)
Parameters
- secret ISecret
- opts IExternalDockerCredentialOptions
Returns
Remarks
Convenience method for customRegistry('https://index.docker.io/v1/', opts)
.
Ecr(IRepository[], IEcrDockerCredentialOptions)
Creates a DockerCredential for one or more ECR repositories.
public static DockerCredential Ecr(IRepository[] repositories, IEcrDockerCredentialOptions opts = null)
Parameters
- repositories IRepository[]
- opts IEcrDockerCredentialOptions
Returns
Remarks
NOTE - All ECR repositories in the same account and region share a domain name (e.g., 0123456789012.dkr.ecr.eu-west-1.amazonaws.com), and can only have one associated set of credentials (and DockerCredential). Attempting to associate one set of credentials with one ECR repo and another with another ECR repo in the same account and region will result in failures when using these credentials in the pipeline.
GrantRead(IGrantable, DockerCredentialUsage)
Grant read-only access to the registry credentials.
public abstract void GrantRead(IGrantable grantee, DockerCredentialUsage usage)
Parameters
- grantee IGrantable
- usage DockerCredentialUsage
Remarks
This grants read access to any secrets, and pull access to any repositories.