Merge pull request #599 from docker/dependabot/npm_and_yarn/aws-sdk-dependencies-44d897a124

build(deps): bump the aws-sdk-dependencies group with 2 updates

.eslintignore

@@ -0,0 +1,3 @@
+/dist/**
+/coverage/**
+/node_modules/**

.eslintrc.json

@@ -1,11 +1,12 @@
 {
   "env": {
     "node": true,
-    "es2021": true,
+    "es6": true,
     "jest": true
   },
   "extends": [
     "eslint:recommended",
+    "plugin:@typescript-eslint/eslint-recommended",
     "plugin:@typescript-eslint/recommended",
     "plugin:jest/recommended",
     "plugin:prettier/recommended"

.github/CODEOWNERS

@@ -1 +0,0 @@
-*	@crazy-max

.github/dependabot.yml

@@ -11,6 +11,14 @@ updates:
     directory: "/"
     schedule:
       interval: "daily"
+    versioning-strategy: "increase"
+    groups:
+      aws-sdk-dependencies:
+        patterns:
+          - "*aws-sdk*"
+      proxy-agent-dependencies:
+        patterns:
+          - "*-proxy-agent"
     allow:
       - dependency-type: "production"
     labels:

.github/workflows/ci.yml

@@ -1,5 +1,9 @@
 name: ci
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
 on:
   workflow_dispatch:
   schedule:
@@ -15,7 +19,7 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       -
         name: Stop docker
         run: |
@@ -39,7 +43,7 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       -
         name: Login to GitHub Container Registry
         uses: ./
@@ -56,7 +60,7 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       -
         name: Login to GitHub Container Registry
         uses: ./
@@ -81,7 +85,7 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       -
         name: Login to ACR
         uses: ./
@@ -101,7 +105,7 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       -
         name: Login to Docker Hub
         uses: ./
@@ -120,7 +124,7 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       -
         name: Login to ECR
         uses: ./
@@ -140,10 +144,10 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       -
         name: Configure AWS Credentials
-        uses: aws-actions/configure-aws-credentials@v2
+        uses: aws-actions/configure-aws-credentials@v4
         with:
           aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -165,7 +169,7 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       -
         name: Login to Public ECR
         uses: ./
@@ -187,10 +191,10 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       -
         name: Configure AWS Credentials
-        uses: aws-actions/configure-aws-credentials@v2
+        uses: aws-actions/configure-aws-credentials@v4
         with:
           aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -212,7 +216,7 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       -
         name: Login to GitHub Container Registry
         uses: ./
@@ -232,7 +236,7 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       -
         name: Login to GitLab
         uses: ./
@@ -252,7 +256,7 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       -
         name: Login to Google Artifact Registry
         uses: ./
@@ -272,7 +276,7 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       -
         name: Login to Google Container Registry
         uses: ./

.github/workflows/test.yml

@@ -1,5 +1,9 @@
 name: test
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
 on:
   push:
     branches:
@@ -13,7 +17,7 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       -
         name: Test
         uses: docker/bake-action@v3

.github/workflows/validate.yml

@@ -1,5 +1,9 @@
 name: validate
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
 on:
   push:
     branches:
@@ -15,7 +19,7 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       -
         name: Targets matrix
         id: targets
@@ -33,7 +37,7 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       -
         name: Validate
         uses: docker/bake-action@v3

__tests__/aws.test.ts

@@ -1,5 +1,6 @@
 import {beforeEach, describe, expect, jest, test} from '@jest/globals';
 import {AuthorizationData} from '@aws-sdk/client-ecr';
+
 import * as aws from '../src/aws';
 
 describe('isECR', () => {

__tests__/context.test.ts

@@ -1,4 +1,5 @@
 import {expect, test} from '@jest/globals';
+
 import {getInputs} from '../src/context';
 
 test('with password and username getInputs does not throw error', async () => {

__tests__/docker.test.ts

@@ -1,14 +1,15 @@
 import {expect, jest, test} from '@jest/globals';
-import {loginStandard, logout} from '../src/docker';
 import * as path from 'path';
-import * as exec from '@actions/exec';
+
+import {loginStandard, logout} from '../src/docker';
+import {Exec} from '@docker/actions-toolkit/lib/exec';
 
 process.env['RUNNER_TEMP'] = path.join(__dirname, 'runner');
 
 test('loginStandard calls exec', async () => {
   // eslint-disable-next-line @typescript-eslint/ban-ts-comment
   // @ts-ignore
-  const execSpy = jest.spyOn(exec, 'getExecOutput').mockImplementation(async () => {
+  const execSpy = jest.spyOn(Exec, 'getExecOutput').mockImplementation(async () => {
     return {
       exitCode: expect.any(Number),
       stdout: expect.any(Function),
@@ -32,7 +33,7 @@ test('loginStandard calls exec', async () => {
 test('logout calls exec', async () => {
   // eslint-disable-next-line @typescript-eslint/ban-ts-comment
   // @ts-ignore
-  const execSpy = jest.spyOn(exec, 'getExecOutput').mockImplementation(async () => {
+  const execSpy = jest.spyOn(Exec, 'getExecOutput').mockImplementation(async () => {
     return {
       exitCode: expect.any(Number),
       stdout: expect.any(Function),

__tests__/main.test.ts

@@ -1,65 +0,0 @@
-import {expect, jest, test} from '@jest/globals';
-import osm = require('os');
-
-import {main} from '../src/main';
-import * as docker from '../src/docker';
-import * as stateHelper from '../src/state-helper';
-
-test('errors without username and password', async () => {
-  jest.spyOn(osm, 'platform').mockImplementation(() => 'linux');
-  process.env['INPUT_LOGOUT'] = 'true'; // default value
-  await expect(main()).rejects.toThrow(new Error('Username and password required'));
-});
-
-test('successful with username and password', async () => {
-  jest.spyOn(osm, 'platform').mockImplementation(() => 'linux');
-  const setRegistrySpy = jest.spyOn(stateHelper, 'setRegistry');
-  const setLogoutSpy = jest.spyOn(stateHelper, 'setLogout');
-  const dockerSpy = jest.spyOn(docker, 'login').mockImplementation(() => Promise.resolve());
-
-  const username = 'dbowie';
-  process.env[`INPUT_USERNAME`] = username;
-
-  const password = 'groundcontrol';
-  process.env[`INPUT_PASSWORD`] = password;
-
-  const ecr = 'auto';
-  process.env['INPUT_ECR'] = ecr;
-
-  const logout = false;
-  process.env['INPUT_LOGOUT'] = String(logout);
-
-  await main();
-
-  expect(setRegistrySpy).toHaveBeenCalledWith('');
-  expect(setLogoutSpy).toHaveBeenCalledWith(logout);
-  expect(dockerSpy).toHaveBeenCalledWith('', username, password, ecr);
-});
-
-test('calls docker login', async () => {
-  jest.spyOn(osm, 'platform').mockImplementation(() => 'linux');
-  const setRegistrySpy = jest.spyOn(stateHelper, 'setRegistry');
-  const setLogoutSpy = jest.spyOn(stateHelper, 'setLogout');
-  const dockerSpy = jest.spyOn(docker, 'login').mockImplementation(() => Promise.resolve());
-
-  const username = 'dbowie';
-  process.env[`INPUT_USERNAME`] = username;
-
-  const password = 'groundcontrol';
-  process.env[`INPUT_PASSWORD`] = password;
-
-  const registry = 'ghcr.io';
-  process.env[`INPUT_REGISTRY`] = registry;
-
-  const ecr = 'auto';
-  process.env['INPUT_ECR'] = ecr;
-
-  const logout = true;
-  process.env['INPUT_LOGOUT'] = String(logout);
-
-  await main();
-
-  expect(setRegistrySpy).toHaveBeenCalledWith(registry);
-  expect(setLogoutSpy).toHaveBeenCalledWith(logout);
-  expect(dockerSpy).toHaveBeenCalledWith(registry, username, password, ecr);
-});

action.yml

@@ -26,6 +26,6 @@ inputs:
     required: false
 
 runs:
-  using: 'node16'
+  using: 'node20'
   main: 'dist/index.js'
   post: 'dist/index.js'

dev.Dockerfile

@@ -1,8 +1,6 @@
 # syntax=docker/dockerfile:1
 
-ARG NODE_VERSION=16
-ARG DOCKER_VERSION=20.10.13
-ARG BUILDX_VERSION=0.8.1
+ARG NODE_VERSION=20
 
 FROM node:${NODE_VERSION}-alpine AS base
 RUN apk add --no-cache cpio findutils git
@@ -18,14 +16,14 @@ COPY --from=deps /vendor /
 
 FROM deps AS vendor-validate
 RUN --mount=type=bind,target=.,rw <<EOT
-set -e
-git add -A
-cp -rf /vendor/* .
-if [ -n "$(git status --porcelain -- yarn.lock)" ]; then
-  echo >&2 'ERROR: Vendor result differs. Please vendor your package with "docker buildx bake vendor-update"'
-  git status --porcelain -- yarn.lock
-  exit 1
-fi
+  set -e
+  git add -A
+  cp -rf /vendor/* .
+  if [ -n "$(git status --porcelain -- yarn.lock)" ]; then
+    echo >&2 'ERROR: Vendor result differs. Please vendor your package with "docker buildx bake vendor-update"'
+    git status --porcelain -- yarn.lock
+    exit 1
+  fi
 EOT
 
 FROM deps AS build
@@ -38,14 +36,14 @@ COPY --from=build /out /
 
 FROM build AS build-validate
 RUN --mount=type=bind,target=.,rw <<EOT
-set -e
-git add -A
-cp -rf /out/* .
-if [ -n "$(git status --porcelain -- dist)" ]; then
-  echo >&2 'ERROR: Build result differs. Please build first with "docker buildx bake build"'
-  git status --porcelain -- dist
-  exit 1
-fi
+  set -e
+  git add -A
+  cp -rf /out/* .
+  if [ -n "$(git status --porcelain -- dist)" ]; then
+    echo >&2 'ERROR: Build result differs. Please build first with "docker buildx bake build"'
+    git status --porcelain -- dist
+    exit 1
+  fi
 EOT
 
 FROM deps AS format
@@ -62,17 +60,12 @@ RUN --mount=type=bind,target=.,rw \
   --mount=type=cache,target=/src/node_modules \
   yarn run lint
 
-FROM docker:${DOCKER_VERSION} as docker
-FROM docker/buildx-bin:${BUILDX_VERSION} as buildx
-
 FROM deps AS test
 ENV RUNNER_TEMP=/tmp/github_runner
 ENV RUNNER_TOOL_CACHE=/tmp/github_tool_cache
 RUN --mount=type=bind,target=.,rw \
   --mount=type=cache,target=/src/node_modules \
-  --mount=type=bind,from=docker,source=/usr/local/bin/docker,target=/usr/bin/docker \
-  --mount=type=bind,from=buildx,source=/buildx,target=/usr/libexec/docker/cli-plugins/docker-buildx \
-  yarn run test --coverageDirectory=/tmp/coverage
+  yarn run test --coverage --coverageDirectory=/tmp/coverage
 
 FROM scratch AS test-coverage
 COPY --from=test /tmp/coverage /

jest.config.ts

@@ -15,6 +15,7 @@ process.env = Object.assign({}, process.env, {
 
 module.exports = {
   clearMocks: true,
+  testEnvironment: 'node',
   moduleFileExtensions: ['js', 'ts'],
   testMatch: ['**/*.test.ts'],
   transform: {

package.json

@@ -4,9 +4,13 @@
   "main": "lib/main.js",
   "scripts": {
     "build": "ncc build src/main.ts --source-map --minify --license licenses.txt",
-    "lint": "eslint src/**/*.ts __tests__/**/*.ts",
-    "format": "eslint --fix src/**/*.ts __tests__/**/*.ts",
-    "test": "jest --coverage",
+    "lint": "yarn run prettier && yarn run eslint",
+    "format": "yarn run prettier:fix && yarn run eslint:fix",
+    "eslint": "eslint --max-warnings=0 .",
+    "eslint:fix": "eslint --fix .",
+    "prettier": "prettier --check \"./**/*.ts\"",
+    "prettier:fix": "prettier --write \"./**/*.ts\"",
+    "test": "jest",
     "all": "yarn run build && yarn run format && yarn test"
   },
   "repository": {
@@ -18,35 +22,29 @@
     "docker",
     "login"
   ],
-  "author": "Docker",
-  "contributors": [
-    {
-      "name": "CrazyMax",
-      "url": "https://crazymax.dev"
-    }
-  ],
-  "license": "MIT",
+  "author": "Docker Inc.",
+  "license": "Apache-2.0",
   "dependencies": {
-    "@actions/core": "^1.10.0",
-    "@aws-sdk/client-ecr": "^3.347.1",
-    "@aws-sdk/client-ecr-public": "^3.347.1",
-    "@docker/actions-toolkit": "^0.2.0",
+    "@actions/core": "^1.10.1",
+    "@aws-sdk/client-ecr": "^3.410.0",
+    "@aws-sdk/client-ecr-public": "^3.410.0",
+    "@docker/actions-toolkit": "^0.12.0",
     "http-proxy-agent": "^7.0.0",
-    "https-proxy-agent": "^7.0.0"
+    "https-proxy-agent": "^7.0.2"
   },
   "devDependencies": {
-    "@types/node": "^16.18.21",
-    "@typescript-eslint/eslint-plugin": "^5.56.0",
-    "@typescript-eslint/parser": "^5.56.0",
-    "@vercel/ncc": "^0.36.1",
-    "eslint": "^8.36.0",
-    "eslint-config-prettier": "^8.8.0",
-    "eslint-plugin-jest": "^27.2.1",
-    "eslint-plugin-prettier": "^4.2.1",
-    "jest": "^29.5.0",
-    "prettier": "^2.8.7",
-    "ts-jest": "^29.0.5",
+    "@types/node": "^20.5.9",
+    "@typescript-eslint/eslint-plugin": "^6.6.0",
+    "@typescript-eslint/parser": "^6.6.0",
+    "@vercel/ncc": "^0.38.0",
+    "eslint": "^8.48.0",
+    "eslint-config-prettier": "^9.0.0",
+    "eslint-plugin-jest": "^27.2.3",
+    "eslint-plugin-prettier": "^5.0.0",
+    "jest": "^29.6.4",
+    "prettier": "^3.0.3",
+    "ts-jest": "^29.1.1",
     "ts-node": "^10.9.1",
-    "typescript": "^4.9.5"
+    "typescript": "^5.2.2"
   }
 }

src/aws.ts

@@ -1,7 +1,7 @@
 import * as core from '@actions/core';
 import {ECR} from '@aws-sdk/client-ecr';
 import {ECRPUBLIC} from '@aws-sdk/client-ecr-public';
-import {NodeHttpHandler} from '@aws-sdk/node-http-handler';
+import {NodeHttpHandler} from '@smithy/node-http-handler';
 import {HttpProxyAgent} from 'http-proxy-agent';
 import {HttpsProxyAgent} from 'https-proxy-agent';