Conversation
There was a problem hiding this comment.
Pull request overview
This PR migrates the Docker registry handler’s ECR integration from AWS SDK v1 to AWS SDK v2 to address deprecation and take advantage of the newer SDK’s improvements.
Changes:
- Replaces
aws-sdk-gov1 ECR client/session usage withaws-sdk-go-v2equivalents, including new configuration and credentials providers. - Introduces a local
ECRClientinterface and updates the Docker registry handler and tests to use the new v2 method signatures and types. - Updates
go.moddependencies to remove AWS v1 and add the necessary AWS v2 modules and indirect dependencies.
Reviewed changes
Copilot reviewed 3 out of 537 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| internal/handlers/docker_registry.go | Swaps in AWS SDK v2 for ECR auth, adds an ECRClient interface, and adjusts token handling to v2 APIs. |
| internal/handlers/docker_registry_test.go | Updates the ECR mock and imports to conform to the new v2 client interface and response types. |
| go.mod | Removes AWS SDK v1 and adds AWS SDK v2 core, config, credentials, and ECR service modules plus related indirect deps. |
| rsp, err := ecrSvc.GetAuthorizationToken(context.Background(), &ecr.GetAuthorizationTokenInput{}) | ||
| if err != nil { | ||
| logging.RequestLogf(ctx, "! failed to get ecr authorization token (key_id=%s)", c.username) | ||
| return false | ||
| } |
There was a problem hiding this comment.
Using context.Background() inside a request-handling path makes the ECR call uncancellable and detached from the lifecycle of the incoming HTTP request; it would be better to derive the context from the current request (for example, via the *goproxy.ProxyCtx’s underlying *http.Request) so that client disconnects or timeouts can propagate to this AWS call.
Replace aws-sdk-go with aws-sdk-go-v2 for ECR authentication. Changes: - Use config.LoadDefaultConfig() instead of session.NewSession() - Use credentials.NewStaticCredentialsProvider() for static creds - Add context.Context to GetAuthorizationToken calls - Define ECRClient interface (v2 removed ecriface) - Use aws.ToString() helper for pointer dereferencing - Update AuthorizationData from pointer slice to value slice
JamieMagee
force-pushed
the
jamiemagee/aws-sdk-go-v2
branch
from
32a29c2 to
5211eae
Compare
jeffwidman
left a comment
jeffwidman
left a comment
There was a problem hiding this comment.
👍 Makes sense to me other than the Copilot suggestion. It's been a minute since I worked with go contexts, that what it's suggesting sounds plausible at least. Tag me for an updated review once you address that.
Replaces aws-sdk-go (v1) with aws-sdk-go-v2 for ECR authentication in the Docker registry handler.
What changed
session.NewSession()forconfig.LoadDefaultConfig()credentials.NewStaticCredentialsProvider()GetAuthorizationTokentakes acontext.ContextparameterECRClientinterface since v2 removed theecrifacepackageaws.ToString()helperAuthorizationDatais now a slice of values, not pointersWhy
AWS deprecated v1 in July 2024 and recommends migrating to v2.