Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ECR repository behind friendly URL throws errors #6885

Closed
jonathanmorley opened this issue Jul 29, 2020 · 10 comments · Fixed by #13531
Closed

ECR repository behind friendly URL throws errors #6885

jonathanmorley opened this issue Jul 29, 2020 · 10 comments · Fixed by #13531
Labels
datasource:docker help wanted Help is needed or welcomed on this issue priority-3-medium Default priority, "should be done" but isn't prioritised ahead of others type:feature Feature (new functionality)

Comments

@jonathanmorley
Copy link

This is the same as #3800, but with the addition of friendly URLs in front of ECR.

Proposal

Add a config value to be able to manually drop the docker limits value from

renovate/lib/datasource/docker/index.js

Line 276 in 6de255e

const limit = ecrRegex.test(registry) ? 1000 : 10000;

@rarkins
Copy link
Collaborator

rarkins commented Aug 5, 2020

Alternatively is there anything in the headers that are returned from the rejection that we can detect/parse and retry with 1000 instead of 10000 ?

@rarkins rarkins added datasource:docker priority-3-medium Default priority, "should be done" but isn't prioritised ahead of others labels Aug 5, 2020
@viceice
Copy link
Member

viceice commented Aug 6, 2020

@jonathanmorley Do you know any public ecr docker repo we can test against ?

@viceice
Copy link
Member

viceice commented Aug 6, 2020

Idea: check for amazon headers in getAuthHeaders, eg: x-amzn-requestid and return reduced tags limit

@rarkins rarkins added the status:requirements Full requirements are not yet known, so implementation should not be started label Jan 12, 2021
@jonathanmorley
Copy link
Author

I don't know of any public ECR docker repo we could use for this, but I can say that our proxy that fronts ECR does not respond with any headers identifying it as fronting AWS or the limit it supports

@jonathanmorley
Copy link
Author

jonathanmorley commented Jan 27, 2021
edited
Loading

We could recognise the specific error message that ECR throws:

{"errors":[{"code":"UNSUPPORTED","message":"Invalid parameter at 'maxResults' failed to satisfy constraint: 'Member must have value less than or equal to 1000'"}]}

Headers:

HTTP/1.1 405 Method Not Allowed
Content-Type: application/json; charset=utf-8
Date: Wed, 27 Jan 2021 21:46:48 GMT
Docker-Distribution-Api-Version: registry/2.0
Content-Length: 164
Connection: keep-alive

And handle it by dropping the limit down

@rarkins rarkins added status:ready and removed status:requirements Full requirements are not yet known, so implementation should not be started labels Jan 28, 2021
@rarkins rarkins added the type:feature Feature (new functionality) label Feb 7, 2021
@HonkingGoose
Copy link
Collaborator

There's a typo in the PR title:

Change reopsitory -> repository

@viceice viceice changed the title ECR reopsitory behind friendly URL throws errors ECR repository behind friendly URL throws errors Mar 8, 2021
@viceice viceice added the help wanted Help is needed or welcomed on this issue label Mar 8, 2021
@rarkins
Copy link
Collaborator

rarkins commented Aug 18, 2021

Related: #11322 (might be the solution for this issue)

@michaelheyman
Copy link
Contributor

We are also blocked from using the docker datasource because of this issue.

The related issue suggests that this is a policy issue, which is not the case for us.

Ideally, like this issue suggests, we would be able to somehow configure which ecrRegex where the tag list replacement is being done, or check against the 405 and maybe the Docker-Distribution-Api-Version header before retrying with a <=1000 value.

Looking forward to updates on this.

@rarkins
Copy link
Collaborator

rarkins commented Dec 23, 2021

PRs welcome. It needs someone using this setup of ECR to fix and verify it.

@michaelheyman michaelheyman mentioned this issue Jan 12, 2022
Merged
6 tasks
@renovate-release
Copy link
Collaborator

🎉 This issue has been resolved in version 31.45.0 🎉

The release is available on:

Your semantic-release bot 📦🚀

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Feb 23, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
datasource:docker help wanted Help is needed or welcomed on this issue priority-3-medium Default priority, "should be done" but isn't prioritised ahead of others type:feature Feature (new functionality)
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat(docker): Change limit when interacting with ECR proxy michaelheyman/renovate
6 participants
@jonathanmorley @viceice @michaelheyman @rarkins @HonkingGoose @renovate-release