@@ -33,9 +33,6 @@ Environment variables:
3333 Default: $DEFAULT_CHART_REPOSITORY
3434 CHART_TAG: Controller Helm Chart tag
3535 Default: Based on \$ PULL_BASE_REF
36- ECR_PUBLISH_ROLE_ARN IAM Role ARN for the Role that has permission to
37- publish to the image and Helm chart repositories on ECR Public. This role is
38- assumed by this script in order to upload artifacts.
3936"
4037
4138# find out the service name and semver tag from the CI environment variable if not specified
@@ -97,34 +94,17 @@ IMAGE_TAG=${IMAGE_TAG:-$VERSION}
9794CHART_REPOSITORY=${CHART_REPOSITORY:- $DEFAULT_CHART_REPOSITORY }
9895CHART_REGISTRY=${CHART_REGISTRY:- $DEFAULT_CHART_REGISTRY }
9996
100- ECR_PUBLISH_ROLE_ARN=${ECR_PUBLISH_ROLE_ARN:- " undefined"
101-
102- if [[ " $ECR_PUBLISH_ROLE_ARN " = undefined ]]; then
103- error_msg " Please set the ECR_PUBLISH_ROLE_ARN environment variable to the IAM Role ARN"
104- error_msg " that has permissions to upload artifacts to the ECR Public registry for"
105- error_msg " $IMAGE_REPOSITORY "
106- exit 2
107- fi
108-
10997echo " VERSION is $VERSION "
11098
111- # TODO(jaypipes): If we move to Prow setup like ACK, uncomment this. For now,
112- # just pass in ECR_PUBLISH_ROLE_ARN manually.
113- # ASSUME_EXIT_VALUE=0
114- # ECR_PUBLISH_ROLE_ARN=$(aws ssm get-parameter --name /ack/prow/cd/public_ecr/publish_role --query Parameter.Value --output text 2>/dev/null) || ASSUME_EXIT_VALUE=$?
115- # if [ "$ASSUME_EXIT_VALUE" -ne 0 ]; then
116- # echo "release-controller.sh] [SETUP] Could not find the iam role to publish images to public ecr repository"
117- # exit 1
118- # fi
119- export ECR_PUBLISH_ROLE_ARN
120- echo " release-controller.sh] [SETUP] exported ECR_PUBLISH_ROLE_ARN"
121-
99+ # This Role has permission to publish to the image and Helm chart repositories on ECR public registry in 606627242267 account.
100+ # Make sure the aws principal you use to run this script has permission to assume this role
101+ ECR_PUBLISH_ROLE_ARN=arn:aws:iam::606627242267:role/ECRPublisher
122102ASSUME_COMMAND=$( aws --output json sts assume-role --role-arn $ECR_PUBLISH_ROLE_ARN --role-session-name ' publish-images' | jq -r ' .Credentials | "export AWS_ACCESS_KEY_ID=\(.AccessKeyId)\nexport AWS_SECRET_ACCESS_KEY=\(.SecretAccessKey)\nexport AWS_SESSION_TOKEN=\(.SessionToken)\n"' )
123103eval $ASSUME_COMMAND
124104echo " release-controller.sh] [SETUP] Assumed ECR_PUBLISH_ROLE_ARN"
125105
126- # Setup the destination repository for buildah and helm
127- perform_buildah_and_helm_login
106+ # Setup the destination repository for docker and helm
107+ perform_docker_and_helm_login
128108
129109# Do not rebuild controller image for stable releases
130110if [[ " $SKIP_IMAGE_BUILD " != " 1" ; then
@@ -147,9 +127,7 @@ if [[ "$SKIP_IMAGE_BUILD" != "1" ]]; then
147127 fi
148128
149129 # build controller image
150- buildah bud \
151- --quiet=" $QUIET "
152- -t " $IMG "
130+ docker build -t " $IMG "
153131 -f " $CONTROLLER_IMAGE_DOCKERFILE_PATH "
154132 --build-arg service_controller_git_version=" $VERSION "
155133 --build-arg service_controller_git_commit=" $CONTROLLER_GIT_COMMIT "
@@ -162,7 +140,7 @@ if [[ "$SKIP_IMAGE_BUILD" != "1" ]]; then
162140
163141 echo " Pushing aws-gateway-controller image with tag: ${IMG} "
164142
165- buildah push " ${IMG} "
143+ docker push " ${IMG} "
166144
167145 if [ $? -ne 0 ]; then
168146 exit 2
0 commit comments