-
-
Save fabidick22/6a1962697357360f0d73e01950ae962b to your computer and use it in GitHub Desktop.
""" | |
MIT License | |
Copyright (c) 2021 fabidick22 | |
Permission is hereby granted, free of charge, to any person obtaining a copy | |
of this software and associated documentation files (the "Software"), to deal | |
in the Software without restriction, including without limitation the rights | |
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | |
copies of the Software, and to permit persons to whom the Software is | |
furnished to do so, subject to the following conditions: | |
The above copyright notice and this permission notice shall be included in all | |
copies or substantial portions of the Software. | |
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | |
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | |
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | |
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | |
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | |
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE | |
SOFTWARE. | |
""" | |
import docker | |
import sys | |
import boto3 as b3 | |
import json | |
ECR_URI = "{}.dkr.ecr.{}.amazonaws.com/{}" | |
TAG_URI = "{}:{}" | |
class Repository: | |
def __init__(self, repository_name: str, region: str, account_id: str, specific_tag=None, profile="default"): | |
self.repository_name = repository_name | |
self.region = region | |
self.account_id = account_id | |
self.specific_tag = specific_tag | |
self.profile = profile | |
def get_uri(self) -> str: | |
base = ECR_URI.format(self.account_id, self.region, self.repository_name) | |
return TAG_URI.format(base, self.specific_tag) if self.specific_tag else base | |
def __str__(self): | |
return json.dumps(self.__dict__) | |
class MigrationECR: | |
def __init__(self, ecr_from: Repository = None, ecr_to: Repository = None, verbose: bool = False,): | |
self.ecr_from = ecr_from | |
self.ecr_to = ecr_to | |
self.client = docker.from_env() | |
self.ta = docker.APIClient | |
self.verbose = verbose | |
@staticmethod | |
def get_images(ecr: Repository, limit=123) -> list: | |
b3.setup_default_session(profile_name=ecr.profile) | |
cli = b3.client("ecr", region_name=ecr.region) | |
response = cli.list_images(repositoryName=ecr.repository_name, maxResults=limit) | |
if ecr.specific_tag: | |
return list( | |
filter(lambda img: img.get("imageTag", None) == ecr.specific_tag, response.get("imageIds", None))) | |
return response.get("imageIds", None) | |
def push_images(self, ecr: Repository): | |
if ecr.specific_tag: | |
b3.setup_default_session(profile_name=ecr.profile) | |
push_details = self.client.images.push(ecr.get_uri()) | |
if self.verbose: | |
print("PUSH: {}".format(push_details)) | |
else: | |
raise Exception("Tag not found! ({})".format(ecr.specific_tag)) | |
def pull_and_tag(self): | |
try: | |
b3.setup_default_session(profile_name=self.ecr_from.profile) | |
image_from = self.client.images.pull(self.ecr_from.get_uri()) | |
image_from.tag(self.ecr_to.get_uri()) | |
if self.verbose: | |
print("PULL: {}".format(image_from)) | |
except docker.errors.APIError as e: | |
print("""Error: {} \n\nMake sure you are authenticated with AWS ECR: \n$(aws ecr get-login --region REGIN --no-include-email --profile PROFILE) | |
""".format(e)) | |
sys.exit(1) | |
def migrate(self): | |
if self.ecr_from and self.ecr_to: | |
list_images_from = self.get_images(self.ecr_from) | |
for image in list_images_from: | |
print("image to pushed: {}".format(json.dumps(image))) | |
self.ecr_from.specific_tag = image.get("imageTag") | |
self.ecr_to.specific_tag = image.get("imageTag") | |
print("FROM: {}".format(self.ecr_from)) | |
print("TO: {}".format(self.ecr_to)) | |
self.pull_and_tag() | |
self.push_images(self.ecr_to) | |
else: | |
raise Exception("Missing variables: {} or {}".format("ecr_from", "ecr_to")) | |
# for test | |
r1_from = Repository("ecr_repo_name", "us-west-2", "629xxxxxxxx", specific_tag="v1.1", profile="ccc-prod") | |
r2_to = Repository("ecr_repo_name", "us-west-1", "804xxxxxxxxx", specific_tag="v1.1", profile="ccc-uat") | |
migration = MigrationECR(r1_from, r2_to, verbose=True) | |
migration.migrate() |
Hi, thanks for the awesome script. I'm able to run it fine and don't see any exceptions on the terminal, tho I can't actually see the specific tag of the source image in the target repository (╯°□°)╯︵ ┻━┻.
I authenticated with the src repo by running AWS_PROFILE=staging aws ecr get-login-password --region eu-west-1 | docker login --username AWS --password-stdin ****.dkr.ecr.eu-west-1.amazonaws.com
then ran the py script interactively inside virtualenv, setting r1_from
to Repository("<repo_name>", "eu-west-1", "<account_num>", specific_tag="<some_tag>", profile="staging")
and similar for r2_to
except another repo in another region (but same account).
Script runs fine
>>> migration.migrate()
image to pushed: {'imageDigest': 'sha256:<some_sha>', 'imageTag': '<tag>'}
>>>
but nothing appears in the r2_to
repo.
I even tried putting
b3.setup_default_session(profile_name=ecr.profile)
self.client.images.push(ecr.get_uri())
inside a try/except in case something on the push wasn't getting caught (since pull looks ok) but nothing.
Any clues? wondering whether I could add more logging somewhere, especially on image_push
@samanrj try to migrate to another repository in the same region to rule out connection problems (the script was updated).
As alternative skopeo can be used for migration images.
Hi, this is a useful gist.
It currently does not appear to have a license associated with it. I would like to use this code if it has an open source license. Would you be able to let me know what license this code is under? I’m a big fan of the MIT license if you are looking for suggestions. (See https://choosealicense.com/licenses/mit/ )
Thanks!
@dealyb99 Done
@dealyb99 Done
Thanks!!
Exactly what I need. Thanks