文档 AWS SDK 示例 GitHub 存储库中还有更多 [S AWS DK 示例](https://github.com/awsdocs/aws-doc-sdk-examples)。
本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
# 使用 Amazon ECR 的代码示例 AWS SDKs
以下代码示例向您展示如何使用带有 AWS 软件开发套件 (SDK) 的 Amazon Elastic Container Registry。
*基本功能*是向您展示如何在服务中执行基本操作的代码示例。
*操作*是大型程序的代码摘录,必须在上下文中运行。您可以通过操作了解如何调用单个服务函数,还可以通过函数相关场景的上下文查看操作。
**更多资源**
+ **[Amazon ECR 用户指南](https://docs.aws.amazon.com/AmazonECR/latest/userguide/what-is-ecr.html)**——有关 Amazon ECR 的更多信息。
+ **[Amazon ECR API 参考](https://docs.aws.amazon.com/AmazonECR/latest/APIReference/Welcome.html)**——有关所有可用的 Amazon ECR 操作的详细信息。
+ **[AWS 开发者中心](https://aws.amazon.com/developer/code-examples/?awsf.sdk-code-examples-product=product%23ecr)** — 您可以按类别或全文搜索筛选的代码示例。
+ **[AWS SDK 示例](https://github.com/awsdocs/aws-doc-sdk-examples)** — 包含首选语言完整代码的 GitHub 存储库。包括有关设置和运行代码的说明。
**Contents**
+ [基本功能](ecr_code_examples_basics.md)
+ [Hello Amazon ECR](ecr_example_ecr_Hello_section.md)
+ [了解基本功能](ecr_example_ecr_Scenario_RepositoryManagement_section.md)
+ [操作](ecr_code_examples_actions.md)
+ [`CreateRepository`](ecr_example_ecr_CreateRepository_section.md)
+ [`DeleteRepository`](ecr_example_ecr_DeleteRepository_section.md)
+ [`DescribeImages`](ecr_example_ecr_DescribeImages_section.md)
+ [`DescribeRepositories`](ecr_example_ecr_DescribeRepositories_section.md)
+ [`GetAuthorizationToken`](ecr_example_ecr_GetAuthorizationToken_section.md)
+ [`GetRepositoryPolicy`](ecr_example_ecr_GetRepositoryPolicy_section.md)
+ [`ListImages`](ecr_example_ecr_ListImages_section.md)
+ [`PushImageCmd`](ecr_example_ecr_PushImageCmd_section.md)
+ [`PutLifeCyclePolicy`](ecr_example_ecr_PutLifeCyclePolicy_section.md)
+ [`SetRepositoryPolicy`](ecr_example_ecr_SetRepositoryPolicy_section.md)
+ [`StartLifecyclePolicyPreview`](ecr_example_ecr_StartLifecyclePolicyPreview_section.md)
# 使用 Amazon ECR 的基本示例 AWS SDKs
以下代码示例展示了如何使用 Amazon 弹性容器注册表的基础知识 AWS SDKs。
**Contents**
+ [Hello Amazon ECR](ecr_example_ecr_Hello_section.md)
+ [了解基本功能](ecr_example_ecr_Scenario_RepositoryManagement_section.md)
+ [操作](ecr_code_examples_actions.md)
+ [`CreateRepository`](ecr_example_ecr_CreateRepository_section.md)
+ [`DeleteRepository`](ecr_example_ecr_DeleteRepository_section.md)
+ [`DescribeImages`](ecr_example_ecr_DescribeImages_section.md)
+ [`DescribeRepositories`](ecr_example_ecr_DescribeRepositories_section.md)
+ [`GetAuthorizationToken`](ecr_example_ecr_GetAuthorizationToken_section.md)
+ [`GetRepositoryPolicy`](ecr_example_ecr_GetRepositoryPolicy_section.md)
+ [`ListImages`](ecr_example_ecr_ListImages_section.md)
+ [`PushImageCmd`](ecr_example_ecr_PushImageCmd_section.md)
+ [`PutLifeCyclePolicy`](ecr_example_ecr_PutLifeCyclePolicy_section.md)
+ [`SetRepositoryPolicy`](ecr_example_ecr_SetRepositoryPolicy_section.md)
+ [`StartLifecyclePolicyPreview`](ecr_example_ecr_StartLifecyclePolicyPreview_section.md)
# Hello Amazon ECR
以下代码示例展示了如何开始使用 Amazon ECR。
------
#### [ Java ]
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.ecr.EcrClient;
import software.amazon.awssdk.services.ecr.model.EcrException;
import software.amazon.awssdk.services.ecr.model.ListImagesRequest;
import software.amazon.awssdk.services.ecr.paginators.ListImagesIterable;
public class HelloECR {
public static void main(String[] args) {
final String usage = """
Usage:
Where:
repositoryName - The name of the Amazon ECR repository.
""";
if (args.length != 1) {
System.out.println(usage);
System.exit(1);
}
String repoName = args[0];
EcrClient ecrClient = EcrClient.builder()
.region(Region.US_EAST_1)
.build();
listImageTags(ecrClient, repoName);
}
public static void listImageTags(EcrClient ecrClient, String repoName){
ListImagesRequest listImagesPaginator = ListImagesRequest.builder()
.repositoryName(repoName)
.build();
ListImagesIterable imagesIterable = ecrClient.listImagesPaginator(listImagesPaginator);
imagesIterable.stream()
.flatMap(r -> r.imageIds().stream())
.forEach(image -> System.out.println("The docker image tag is: " +image.imageTag()));
}
}
```
+ 有关 API 详细信息,请参阅《AWS SDK for Java 2.x API Reference》**中的 [listImages](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/listImages)。
------
#### [ Kotlin ]
**适用于 Kotlin 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
import aws.sdk.kotlin.services.ecr.EcrClient
import aws.sdk.kotlin.services.ecr.model.ListImagesRequest
import kotlin.system.exitProcess
suspend fun main(args: Array) {
val usage = """
Usage:
Where:
repositoryName - The name of the Amazon ECR repository.
""".trimIndent()
if (args.size != 1) {
println(usage)
exitProcess(1)
}
val repoName = args[0]
listImageTags(repoName)
}
suspend fun listImageTags(repoName: String?) {
val listImages =
ListImagesRequest {
repositoryName = repoName
}
EcrClient.fromEnvironment { region = "us-east-1" }.use { ecrClient ->
val imageResponse = ecrClient.listImages(listImages)
imageResponse.imageIds?.forEach { imageId ->
println("Image tag: ${imageId.imageTag}")
}
}
}
```
+ 有关 API 详细信息,请参阅《AWS SDK for Kotlin API Reference》**中的 [listImages](https://sdk.amazonaws.com/kotlin/api/latest/index.html)。
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
import boto3
import argparse
from boto3 import client
def hello_ecr(ecr_client: client, repository_name: str) -> None:
"""
Use the AWS SDK for Python (Boto3) to create an Amazon Elastic Container Registry (Amazon ECR)
client and list the images in a repository.
This example uses the default settings specified in your shared credentials
and config files.
:param ecr_client: A Boto3 Amazon ECR Client object. This object wraps
the low-level Amazon ECR service API.
:param repository_name: The name of an Amazon ECR repository in your account.
"""
print(
f"Hello, Amazon ECR! Let's list some images in the repository '{repository_name}':\n"
)
paginator = ecr_client.get_paginator("list_images")
page_iterator = paginator.paginate(
repositoryName=repository_name, PaginationConfig={"MaxItems": 10}
)
image_names: [str] = []
for page in page_iterator:
for schedule in page["imageIds"]:
image_names.append(schedule["imageTag"])
print(f"{len(image_names)} image(s) retrieved.")
for schedule_name in image_names:
print(f"\t{schedule_name}")
if __name__ == "__main__":
parser = argparse.ArgumentParser(description="Run hello Amazon ECR.")
parser.add_argument(
"--repository-name",
type=str,
help="the name of an Amazon ECR repository in your account.",
required=True,
)
args = parser.parse_args()
hello_ecr(boto3.client("ecr"), args.repository_name)
```
+ 有关 API 详细信息,请参阅《AWS SDK for Python (Boto3) API Reference》**中的 [listImages](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/listImages)。
------
# 使用软件开发工具包学习 Amazon ECR 的基础知识 AWS
以下代码示例演示了如何:
+ 创建 Amazon ECR 存储库。
+ 设置存储库策略。
+ 检索存储库 URIs。
+ 获取 Amazon ECR 授权令牌。
+ 设置 Amazon ECR 存储库的生命周期策略。
+ 将 Docker 映像推送到 Amazon ECR 存储库。
+ 验证 Amazon ECR 存储库中是否存在映像。
+ 列出您账户的 Amazon ECR 存储库,并获取有关它们的详细信息。
+ 删除 Amazon ECR 存储库。
------
#### [ Java ]
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
运行一个交互式场景,演示 Amazon ECR 的功能。
```
import software.amazon.awssdk.services.ecr.model.EcrException;
import software.amazon.awssdk.services.ecr.model.RepositoryPolicyNotFoundException;
import java.util.Scanner;
/**
* Before running this Java V2 code example, set up your development
* environment, including your credentials.
*
* For more information, see the following documentation topic:
*
* https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html
*
* This Java code example requires an IAM Role that has permissions to interact with the Amazon ECR service.
*
* To create an IAM role, see:
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create.html
*
* This Java scenario example requires a local docker image named echo-text. Without a local image,
* this Java program will not successfully run. For more information including how to create the local
* image, see:
*
* /scenarios/basics/ecr/README
*
*/
public class ECRScenario {
public static final String DASHES = new String(new char[80]).replace("\0", "-");
public static void main(String[] args) {
final String usage = """
Usage:
Where:
iamRoleARN - The IAM role ARN that has the necessary permissions to access and manage the Amazon ECR repository.
accountId - Your AWS account number.
""";
if (args.length != 2) {
System.out.println(usage);
return;
}
ECRActions ecrActions = new ECRActions();
String iamRole = args[0];
String accountId = args[1];
String localImageName;
Scanner scanner = new Scanner(System.in);
System.out.println("""
The Amazon Elastic Container Registry (ECR) is a fully-managed Docker container registry
service provided by AWS. It allows developers and organizations to securely
store, manage, and deploy Docker container images.
ECR provides a simple and scalable way to manage container images throughout their lifecycle,
from building and testing to production deployment.\s
The `EcrAsyncClient` interface in the AWS SDK for Java 2.x provides a set of methods to
programmatically interact with the Amazon ECR service. This allows developers to
automate the storage, retrieval, and management of container images as part of their application
deployment pipelines. With ECR, teams can focus on building and deploying their
applications without having to worry about the underlying infrastructure required to
host and manage a container registry.
This scenario walks you through how to perform key operations for this service.
Let's get started...
You have two choices:
1 - Run the entire program.
2 - Delete an existing Amazon ECR repository named echo-text (created from a previous execution of
this program that did not complete).
""");
while (true) {
String input = scanner.nextLine();
if (input.trim().equalsIgnoreCase("1")) {
System.out.println("Continuing with the program...");
System.out.println("");
break;
} else if (input.trim().equalsIgnoreCase("2")) {
String repoName = "echo-text";
ecrActions.deleteECRRepository(repoName);
return;
} else {
// Handle invalid input.
System.out.println("Invalid input. Please try again.");
}
}
waitForInputToContinue(scanner);
System.out.println(DASHES);
System.out.println("""
1. Create an ECR repository.
The first task is to ensure we have a local Docker image named echo-text.
If this image exists, then an Amazon ECR repository is created.
An ECR repository is a private Docker container repository provided
by Amazon Web Services (AWS). It is a managed service that makes it easy
to store, manage, and deploy Docker container images.\s
""" );
// Ensure that a local docker image named echo-text exists.
boolean doesExist = ecrActions.isEchoTextImagePresent();
String repoName;
if (!doesExist){
System.out.println("The local image named echo-text does not exist");
return;
} else {
localImageName = "echo-text";
repoName = "echo-text";
}
try {
String repoArn = ecrActions.createECRRepository(repoName);
System.out.println("The ARN of the ECR repository is " + repoArn);
} catch (IllegalArgumentException e) {
System.err.println("Invalid repository name: " + e.getMessage());
return;
} catch (RuntimeException e) {
System.err.println("An error occurred while creating the ECR repository: " + e.getMessage());
e.printStackTrace();
return;
}
waitForInputToContinue(scanner);
System.out.println(DASHES);
System.out.println("""
2. Set an ECR repository policy.
Setting an ECR repository policy using the `setRepositoryPolicy` function is crucial for maintaining
the security and integrity of your container images. The repository policy allows you to
define specific rules and restrictions for accessing and managing the images stored within your ECR
repository.
""");
waitForInputToContinue(scanner);
try {
ecrActions.setRepoPolicy(repoName, iamRole);
} catch (RepositoryPolicyNotFoundException e) {
System.err.println("Invalid repository name: " + e.getMessage());
return;
} catch (EcrException e) {
System.err.println("An ECR exception occurred: " + e.getMessage());
return;
} catch (RuntimeException e) {
System.err.println("An error occurred while creating the ECR repository: " + e.getMessage());
return;
}
waitForInputToContinue(scanner);
System.out.println(DASHES);
System.out.println("""
3. Display ECR repository policy.
Now we will retrieve the ECR policy to ensure it was successfully set.
""");
waitForInputToContinue(scanner);
try {
String policyText = ecrActions.getRepoPolicy(repoName);
System.out.println("Policy Text:");
System.out.println(policyText);
} catch (EcrException e) {
System.err.println("An ECR exception occurred: " + e.getMessage());
return;
} catch (RuntimeException e) {
System.err.println("An error occurred while creating the ECR repository: " + e.getMessage());
return;
}
waitForInputToContinue(scanner);
System.out.println(DASHES);
System.out.println("""
4. Retrieve an ECR authorization token.
You need an authorization token to securely access and interact with the Amazon ECR registry.
The `getAuthorizationToken` method of the `EcrAsyncClient` is responsible for securely accessing
and interacting with an Amazon ECR repository. This operation is responsible for obtaining a
valid authorization token, which is required to authenticate your requests to the ECR service.
Without a valid authorization token, you would not be able to perform any operations on the
ECR repository, such as pushing, pulling, or managing your Docker images.
""");
waitForInputToContinue(scanner);
try {
ecrActions.getAuthToken();
} catch (EcrException e) {
System.err.println("An ECR exception occurred: " + e.getMessage());
return;
} catch (RuntimeException e) {
System.err.println("An error occurred while retrieving the authorization token: " + e.getMessage());
return;
}
waitForInputToContinue(scanner);
System.out.println(DASHES);
System.out.println("""
5. Get the ECR Repository URI.
The URI of an Amazon ECR repository is important. When you want to deploy a container image to
a container orchestration platform like Amazon Elastic Kubernetes Service (EKS)
or Amazon Elastic Container Service (ECS), you need to specify the full image URI,
which includes the ECR repository URI. This allows the container runtime to pull the
correct container image from the ECR repository.
""");
waitForInputToContinue(scanner);
try {
ecrActions.getRepositoryURI(repoName);
} catch (EcrException e) {
System.err.println("An ECR exception occurred: " + e.getMessage());
return;
} catch (RuntimeException e) {
System.err.println("An error occurred while retrieving the URI: " + e.getMessage());
return;
}
waitForInputToContinue(scanner);
System.out.println(DASHES);
System.out.println("""
6. Set an ECR Lifecycle Policy.
An ECR Lifecycle Policy is used to manage the lifecycle of Docker images stored in your ECR repositories.
These policies allow you to automatically remove old or unused Docker images from your repositories,
freeing up storage space and reducing costs.
This example policy helps to maintain the size and efficiency of the container registry
by automatically removing older and potentially unused images, ensuring that the
storage is optimized and the registry remains up-to-date.
""");
waitForInputToContinue(scanner);
try {
ecrActions.setLifeCyclePolicy(repoName);
} catch (RuntimeException e) {
System.err.println("An error occurred while setting the lifecycle policy: " + e.getMessage());
e.printStackTrace();
return;
}
waitForInputToContinue(scanner);
System.out.println(DASHES);
System.out.println("""
7. Push a docker image to the Amazon ECR Repository.
The `pushImageCmd()` method pushes a local Docker image to an Amazon ECR repository.
It sets up the Docker client by connecting to the local Docker host using the default port.
It then retrieves the authorization token for the ECR repository by making a call to the AWS SDK.
The method uses the authorization token to create an `AuthConfig` object, which is used to authenticate
the Docker client when pushing the image. Finally, the method tags the Docker image with the specified
repository name and image tag, and then pushes the image to the ECR repository using the Docker client.
If the push operation is successful, the method prints a message indicating that the image was pushed to ECR.
""");
waitForInputToContinue(scanner);
try {
ecrActions.pushDockerImage(repoName, localImageName);
} catch (RuntimeException e) {
System.err.println("An error occurred while pushing a local Docker image to Amazon ECR: " + e.getMessage());
e.printStackTrace();
return;
}
waitForInputToContinue(scanner);
System.out.println(DASHES);
System.out.println("8. Verify if the image is in the ECR Repository.");
waitForInputToContinue(scanner);
try {
ecrActions.verifyImage(repoName, localImageName);
} catch (EcrException e) {
System.err.println("An ECR exception occurred: " + e.getMessage());
return;
} catch (RuntimeException e) {
System.err.println("An error occurred " + e.getMessage());
e.printStackTrace();
return;
}
waitForInputToContinue(scanner);
System.out.println(DASHES);
System.out.println("9. As an optional step, you can interact with the image in Amazon ECR by using the CLI.");
System.out.println("Would you like to view instructions on how to use the CLI to run the image? (y/n)");
String ans = scanner.nextLine().trim();
if (ans.equalsIgnoreCase("y")) {
String instructions = """
1. Authenticate with ECR - Before you can pull the image from Amazon ECR, you need to authenticate with the registry. You can do this using the AWS CLI:
aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin %s.dkr.ecr.us-east-1.amazonaws.com
2. Describe the image using this command:
aws ecr describe-images --repository-name %s --image-ids imageTag=%s
3. Run the Docker container and view the output using this command:
docker run --rm %s.dkr.ecr.us-east-1.amazonaws.com/%s:%s
""";
instructions = String.format(instructions, accountId, repoName, localImageName, accountId, repoName, localImageName);
System.out.println(instructions);
}
waitForInputToContinue(scanner);
System.out.println(DASHES);
System.out.println("10. Delete the ECR Repository.");
System.out.println(
"""
If the repository isn't empty, you must either delete the contents of the repository
or use the force option (used in this scenario) to delete the repository and have Amazon ECR delete all of its contents
on your behalf.
""");
System.out.println("Would you like to delete the Amazon ECR Repository? (y/n)");
String delAns = scanner.nextLine().trim();
if (delAns.equalsIgnoreCase("y")) {
System.out.println("You selected to delete the AWS ECR resources.");
try {
ecrActions.deleteECRRepository(repoName);
} catch (EcrException e) {
System.err.println("An ECR exception occurred: " + e.getMessage());
return;
} catch (RuntimeException e) {
System.err.println("An error occurred while deleting the Docker image: " + e.getMessage());
e.printStackTrace();
return;
}
}
System.out.println(DASHES);
System.out.println("This concludes the Amazon ECR SDK scenario");
System.out.println(DASHES);
}
private static void waitForInputToContinue(Scanner scanner) {
while (true) {
System.out.println("");
System.out.println("Enter 'c' followed by to continue:");
String input = scanner.nextLine();
if (input.trim().equalsIgnoreCase("c")) {
System.out.println("Continuing with the program...");
System.out.println("");
break;
} else {
// Handle invalid input.
System.out.println("Invalid input. Please try again.");
}
}
}
}
```
Amazon ECR SDK 方法的封装类。
```
import com.github.dockerjava.api.DockerClient;
import com.github.dockerjava.api.exception.DockerClientException;
import com.github.dockerjava.api.model.AuthConfig;
import com.github.dockerjava.api.model.Image;
import com.github.dockerjava.core.DockerClientBuilder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import software.amazon.awssdk.core.client.config.ClientOverrideConfiguration;
import software.amazon.awssdk.http.async.SdkAsyncHttpClient;
import software.amazon.awssdk.http.nio.netty.NettyNioAsyncHttpClient;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.ecr.EcrAsyncClient;
import software.amazon.awssdk.services.ecr.model.AuthorizationData;
import software.amazon.awssdk.services.ecr.model.CreateRepositoryRequest;
import software.amazon.awssdk.services.ecr.model.CreateRepositoryResponse;
import software.amazon.awssdk.services.ecr.model.DeleteRepositoryRequest;
import software.amazon.awssdk.services.ecr.model.DeleteRepositoryResponse;
import software.amazon.awssdk.services.ecr.model.DescribeImagesRequest;
import software.amazon.awssdk.services.ecr.model.DescribeImagesResponse;
import software.amazon.awssdk.services.ecr.model.DescribeRepositoriesRequest;
import software.amazon.awssdk.services.ecr.model.DescribeRepositoriesResponse;
import software.amazon.awssdk.services.ecr.model.EcrException;
import software.amazon.awssdk.services.ecr.model.GetAuthorizationTokenResponse;
import software.amazon.awssdk.services.ecr.model.GetRepositoryPolicyRequest;
import software.amazon.awssdk.services.ecr.model.GetRepositoryPolicyResponse;
import software.amazon.awssdk.services.ecr.model.ImageIdentifier;
import software.amazon.awssdk.services.ecr.model.Repository;
import software.amazon.awssdk.services.ecr.model.RepositoryPolicyNotFoundException;
import software.amazon.awssdk.services.ecr.model.SetRepositoryPolicyRequest;
import software.amazon.awssdk.services.ecr.model.SetRepositoryPolicyResponse;
import software.amazon.awssdk.services.ecr.model.StartLifecyclePolicyPreviewRequest;
import software.amazon.awssdk.services.ecr.model.StartLifecyclePolicyPreviewResponse;
import com.github.dockerjava.api.command.DockerCmdExecFactory;
import com.github.dockerjava.netty.NettyDockerCmdExecFactory;
import java.time.Duration;
import java.util.Base64;
import java.util.List;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.CompletionException;
public class ECRActions {
private static EcrAsyncClient ecrClient;
private static DockerClient dockerClient;
private static Logger logger = LoggerFactory.getLogger(ECRActions.class);
/**
* Creates an Amazon Elastic Container Registry (Amazon ECR) repository.
*
* @param repoName the name of the repository to create.
* @return the Amazon Resource Name (ARN) of the created repository, or an empty string if the operation failed.
* @throws IllegalArgumentException If repository name is invalid.
* @throws RuntimeException if an error occurs while creating the repository.
*/
public String createECRRepository(String repoName) {
if (repoName == null || repoName.isEmpty()) {
throw new IllegalArgumentException("Repository name cannot be null or empty");
}
CreateRepositoryRequest request = CreateRepositoryRequest.builder()
.repositoryName(repoName)
.build();
CompletableFuture response = getAsyncClient().createRepository(request);
try {
CreateRepositoryResponse result = response.join();
if (result != null) {
System.out.println("The " + repoName + " repository was created successfully.");
return result.repository().repositoryArn();
} else {
throw new RuntimeException("Unexpected response type");
}
} catch (CompletionException e) {
Throwable cause = e.getCause();
if (cause instanceof EcrException ex) {
if ("RepositoryAlreadyExistsException".equals(ex.awsErrorDetails().errorCode())) {
System.out.println("The Amazon ECR repository already exists, moving on...");
DescribeRepositoriesRequest describeRequest = DescribeRepositoriesRequest.builder()
.repositoryNames(repoName)
.build();
DescribeRepositoriesResponse describeResponse = getAsyncClient().describeRepositories(describeRequest).join();
return describeResponse.repositories().get(0).repositoryArn();
} else {
throw new RuntimeException(ex);
}
} else {
throw new RuntimeException(e);
}
}
}
/**
* Deletes an ECR (Elastic Container Registry) repository.
*
* @param repoName the name of the repository to delete.
* @throws IllegalArgumentException if the repository name is null or empty.
* @throws EcrException if there is an error deleting the repository.
* @throws RuntimeException if an unexpected error occurs during the deletion process.
*/
public void deleteECRRepository(String repoName) {
if (repoName == null || repoName.isEmpty()) {
throw new IllegalArgumentException("Repository name cannot be null or empty");
}
DeleteRepositoryRequest repositoryRequest = DeleteRepositoryRequest.builder()
.force(true)
.repositoryName(repoName)
.build();
CompletableFuture response = getAsyncClient().deleteRepository(repositoryRequest);
response.whenComplete((deleteRepositoryResponse, ex) -> {
if (deleteRepositoryResponse != null) {
System.out.println("You have successfully deleted the " + repoName + " repository");
} else {
Throwable cause = ex.getCause();
if (cause instanceof EcrException) {
throw (EcrException) cause;
} else {
throw new RuntimeException("Unexpected error: " + cause.getMessage(), cause);
}
}
});
// Wait for the CompletableFuture to complete
response.join();
}
private static DockerClient getDockerClient() {
String osName = System.getProperty("os.name");
if (osName.startsWith("Windows")) {
// Make sure Docker Desktop is running.
String dockerHost = "tcp://localhost:2375"; // Use the Docker Desktop default port.
DockerCmdExecFactory dockerCmdExecFactory = new NettyDockerCmdExecFactory().withReadTimeout(20000).withConnectTimeout(20000);
dockerClient = DockerClientBuilder.getInstance(dockerHost).withDockerCmdExecFactory(dockerCmdExecFactory).build();
} else {
dockerClient = DockerClientBuilder.getInstance().build();
}
return dockerClient;
}
/**
* Retrieves an asynchronous Amazon Elastic Container Registry (ECR) client.
*
* @return the configured ECR asynchronous client.
*/
private static EcrAsyncClient getAsyncClient() {
/*
The `NettyNioAsyncHttpClient` class is part of the AWS SDK for Java, version 2,
and it is designed to provide a high-performance, asynchronous HTTP client for interacting with AWS services.
It uses the Netty framework to handle the underlying network communication and the Java NIO API to
provide a non-blocking, event-driven approach to HTTP requests and responses.
*/
SdkAsyncHttpClient httpClient = NettyNioAsyncHttpClient.builder()
.maxConcurrency(50) // Adjust as needed.
.connectionTimeout(Duration.ofSeconds(60)) // Set the connection timeout.
.readTimeout(Duration.ofSeconds(60)) // Set the read timeout.
.writeTimeout(Duration.ofSeconds(60)) // Set the write timeout.
.build();
ClientOverrideConfiguration overrideConfig = ClientOverrideConfiguration.builder()
.apiCallTimeout(Duration.ofMinutes(2)) // Set the overall API call timeout.
.apiCallAttemptTimeout(Duration.ofSeconds(90)) // Set the individual call attempt timeout.
.build();
if (ecrClient == null) {
ecrClient = EcrAsyncClient.builder()
.region(Region.US_EAST_1)
.httpClient(httpClient)
.overrideConfiguration(overrideConfig)
.build();
}
return ecrClient;
}
/**
* Sets the lifecycle policy for the specified repository.
*
* @param repoName the name of the repository for which to set the lifecycle policy.
*/
public void setLifeCyclePolicy(String repoName) {
/*
This policy helps to maintain the size and efficiency of the container registry
by automatically removing older and potentially unused images,
ensuring that the storage is optimized and the registry remains up-to-date.
*/
String polText = """
{
"rules": [
{
"rulePriority": 1,
"description": "Expire images older than 14 days",
"selection": {
"tagStatus": "any",
"countType": "sinceImagePushed",
"countUnit": "days",
"countNumber": 14
},
"action": {
"type": "expire"
}
}
]
}
""";
StartLifecyclePolicyPreviewRequest lifecyclePolicyPreviewRequest = StartLifecyclePolicyPreviewRequest.builder()
.lifecyclePolicyText(polText)
.repositoryName(repoName)
.build();
CompletableFuture response = getAsyncClient().startLifecyclePolicyPreview(lifecyclePolicyPreviewRequest);
response.whenComplete((lifecyclePolicyPreviewResponse, ex) -> {
if (lifecyclePolicyPreviewResponse != null) {
System.out.println("Lifecycle policy preview started successfully.");
} else {
if (ex.getCause() instanceof EcrException) {
throw (EcrException) ex.getCause();
} else {
String errorMessage = "Unexpected error occurred: " + ex.getMessage();
throw new RuntimeException(errorMessage, ex);
}
}
});
// Wait for the CompletableFuture to complete.
response.join();
}
/**
* Verifies the existence of an image in an Amazon Elastic Container Registry (Amazon ECR) repository asynchronously.
*
* @param repositoryName The name of the Amazon ECR repository.
* @param imageTag The tag of the image to verify.
* @throws EcrException if there is an error retrieving the image information from Amazon ECR.
* @throws CompletionException if the asynchronous operation completes exceptionally.
*/
public void verifyImage(String repositoryName, String imageTag) {
DescribeImagesRequest request = DescribeImagesRequest.builder()
.repositoryName(repositoryName)
.imageIds(ImageIdentifier.builder().imageTag(imageTag).build())
.build();
CompletableFuture response = getAsyncClient().describeImages(request);
response.whenComplete((describeImagesResponse, ex) -> {
if (ex != null) {
if (ex instanceof CompletionException) {
Throwable cause = ex.getCause();
if (cause instanceof EcrException) {
throw (EcrException) cause;
} else {
throw new RuntimeException("Unexpected error: " + cause.getMessage(), cause);
}
} else {
throw new RuntimeException("Unexpected error: " + ex.getCause());
}
} else if (describeImagesResponse != null && !describeImagesResponse.imageDetails().isEmpty()) {
System.out.println("Image is present in the repository.");
} else {
System.out.println("Image is not present in the repository.");
}
});
// Wait for the CompletableFuture to complete.
response.join();
}
/**
* Retrieves the repository URI for the specified repository name.
*
* @param repoName the name of the repository to retrieve the URI for.
* @return the repository URI for the specified repository name.
* @throws EcrException if there is an error retrieving the repository information.
* @throws CompletionException if the asynchronous operation completes exceptionally.
*/
public void getRepositoryURI(String repoName) {
DescribeRepositoriesRequest request = DescribeRepositoriesRequest.builder()
.repositoryNames(repoName)
.build();
CompletableFuture response = getAsyncClient().describeRepositories(request);
response.whenComplete((describeRepositoriesResponse, ex) -> {
if (ex != null) {
Throwable cause = ex.getCause();
if (cause instanceof InterruptedException) {
Thread.currentThread().interrupt();
String errorMessage = "Thread interrupted while waiting for asynchronous operation: " + cause.getMessage();
throw new RuntimeException(errorMessage, cause);
} else if (cause instanceof EcrException) {
throw (EcrException) cause;
} else {
String errorMessage = "Unexpected error: " + cause.getMessage();
throw new RuntimeException(errorMessage, cause);
}
} else {
if (describeRepositoriesResponse != null) {
if (!describeRepositoriesResponse.repositories().isEmpty()) {
String repositoryUri = describeRepositoriesResponse.repositories().get(0).repositoryUri();
System.out.println("Repository URI found: " + repositoryUri);
} else {
System.out.println("No repositories found for the given name.");
}
} else {
System.err.println("No response received from describeRepositories.");
}
}
});
response.join();
}
/**
* Retrieves the authorization token for Amazon Elastic Container Registry (ECR).
* This method makes an asynchronous call to the ECR client to retrieve the authorization token.
* If the operation is successful, the method prints the token to the console.
* If an exception occurs, the method handles the exception and prints the error message.
*
* @throws EcrException if there is an error retrieving the authorization token from ECR.
* @throws RuntimeException if there is an unexpected error during the operation.
*/
public void getAuthToken() {
CompletableFuture response = getAsyncClient().getAuthorizationToken();
response.whenComplete((authorizationTokenResponse, ex) -> {
if (authorizationTokenResponse != null) {
AuthorizationData authorizationData = authorizationTokenResponse.authorizationData().get(0);
String token = authorizationData.authorizationToken();
if (!token.isEmpty()) {
System.out.println("The token was successfully retrieved.");
}
} else {
if (ex.getCause() instanceof EcrException) {
throw (EcrException) ex.getCause();
} else {
String errorMessage = "Unexpected error occurred: " + ex.getMessage();
throw new RuntimeException(errorMessage, ex); // Rethrow the exception
}
}
});
response.join();
}
/**
* Gets the repository policy for the specified repository.
*
* @param repoName the name of the repository.
* @throws EcrException if an AWS error occurs while getting the repository policy.
*/
public String getRepoPolicy(String repoName) {
if (repoName == null || repoName.isEmpty()) {
throw new IllegalArgumentException("Repository name cannot be null or empty");
}
GetRepositoryPolicyRequest getRepositoryPolicyRequest = GetRepositoryPolicyRequest.builder()
.repositoryName(repoName)
.build();
CompletableFuture response = getAsyncClient().getRepositoryPolicy(getRepositoryPolicyRequest);
response.whenComplete((resp, ex) -> {
if (resp != null) {
System.out.println("Repository policy retrieved successfully.");
} else {
if (ex.getCause() instanceof EcrException) {
throw (EcrException) ex.getCause();
} else {
String errorMessage = "Unexpected error occurred: " + ex.getMessage();
throw new RuntimeException(errorMessage, ex);
}
}
});
GetRepositoryPolicyResponse result = response.join();
return result != null ? result.policyText() : null;
}
/**
* Sets the repository policy for the specified ECR repository.
*
* @param repoName the name of the ECR repository.
* @param iamRole the IAM role to be granted access to the repository.
* @throws RepositoryPolicyNotFoundException if the repository policy does not exist.
* @throws EcrException if there is an unexpected error setting the repository policy.
*/
public void setRepoPolicy(String repoName, String iamRole) {
/*
This example policy document grants the specified AWS principal the permission to perform the
`ecr:BatchGetImage` action. This policy is designed to allow the specified principal
to retrieve Docker images from the ECR repository.
*/
String policyDocumentTemplate = """
{
"Version":"2012-10-17",
"Statement" : [ {
"Sid" : "new statement",
"Effect" : "Allow",
"Principal" : {
"AWS" : "%s"
},
"Action" : "ecr:BatchGetImage"
} ]
}
""";
String policyDocument = String.format(policyDocumentTemplate, iamRole);
SetRepositoryPolicyRequest setRepositoryPolicyRequest = SetRepositoryPolicyRequest.builder()
.repositoryName(repoName)
.policyText(policyDocument)
.build();
CompletableFuture response = getAsyncClient().setRepositoryPolicy(setRepositoryPolicyRequest);
response.whenComplete((resp, ex) -> {
if (resp != null) {
System.out.println("Repository policy set successfully.");
} else {
Throwable cause = ex.getCause();
if (cause instanceof RepositoryPolicyNotFoundException) {
throw (RepositoryPolicyNotFoundException) cause;
} else if (cause instanceof EcrException) {
throw (EcrException) cause;
} else {
String errorMessage = "Unexpected error: " + cause.getMessage();
throw new RuntimeException(errorMessage, cause);
}
}
});
response.join();
}
/**
* Pushes a Docker image to an Amazon Elastic Container Registry (ECR) repository.
*
* @param repoName the name of the ECR repository to push the image to.
* @param imageName the name of the Docker image.
*/
public void pushDockerImage(String repoName, String imageName) {
System.out.println("Pushing " + imageName + " to Amazon ECR will take a few seconds.");
CompletableFuture authResponseFuture = getAsyncClient().getAuthorizationToken()
.thenApply(response -> {
String token = response.authorizationData().get(0).authorizationToken();
String decodedToken = new String(Base64.getDecoder().decode(token));
String password = decodedToken.substring(4);
DescribeRepositoriesResponse descrRepoResponse = getAsyncClient().describeRepositories(b -> b.repositoryNames(repoName)).join();
Repository repoData = descrRepoResponse.repositories().stream().filter(r -> r.repositoryName().equals(repoName)).findFirst().orElse(null);
assert repoData != null;
String registryURL = repoData.repositoryUri().split("/")[0];
AuthConfig authConfig = new AuthConfig()
.withUsername("AWS")
.withPassword(password)
.withRegistryAddress(registryURL);
return authConfig;
})
.thenCompose(authConfig -> {
DescribeRepositoriesResponse descrRepoResponse = getAsyncClient().describeRepositories(b -> b.repositoryNames(repoName)).join();
Repository repoData = descrRepoResponse.repositories().stream().filter(r -> r.repositoryName().equals(repoName)).findFirst().orElse(null);
getDockerClient().tagImageCmd(imageName + ":latest", repoData.repositoryUri() + ":latest", imageName).exec();
try {
getDockerClient().pushImageCmd(repoData.repositoryUri()).withTag("echo-text").withAuthConfig(authConfig).start().awaitCompletion();
System.out.println("The " + imageName + " was pushed to ECR");
} catch (InterruptedException e) {
throw (RuntimeException) e.getCause();
}
return CompletableFuture.completedFuture(authConfig);
});
authResponseFuture.join();
}
// Make sure local image echo-text exists.
public boolean isEchoTextImagePresent() {
try {
List images = getDockerClient().listImagesCmd().exec();
boolean helloWorldFound = false;
for (Image image : images) {
String[] repoTags = image.getRepoTags();
if (repoTags != null) {
for (String tag : repoTags) {
if (tag.startsWith("echo-text")) {
System.out.println(tag);
helloWorldFound = true;
}
}
}
}
if (helloWorldFound) {
System.out.println("The local image named echo-text exists.");
return true;
} else {
System.out.println("The local image named echo-text does not exist.");
return false;
}
} catch (DockerClientException ex) {
logger.error("ERROR: " + ex.getMessage());
return false;
}
}
}
```
+ 有关 API 详细信息,请参阅《AWS SDK for Java 2.x API Reference》**中的以下主题。
+ [CreateRepository](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/CreateRepository)
+ [DeleteRepository](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/DeleteRepository)
+ [DescribeImages](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/DescribeImages)
+ [DescribeRepositories](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/DescribeRepositories)
+ [GetAuthorizationToken](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/GetAuthorizationToken)
+ [GetRepositoryPolicy](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/GetRepositoryPolicy)
+ [SetRepositoryPolicy](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/SetRepositoryPolicy)
+ [StartLifecyclePolicyPreview](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/StartLifecyclePolicyPreview)
------
#### [ Kotlin ]
**适用于 Kotlin 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
运行一个交互式场景,演示 Amazon ECR 的功能。
```
import java.util.Scanner
/**
* Before running this Kotlin code example, set up your development environment, including your credentials.
*
* For more information, see the following documentation topic:
*
* https://docs.aws.amazon.com/sdk-for-kotlin/latest/developer-guide/setup.html
*
* This code example requires an IAM Role that has permissions to interact with the Amazon ECR service.
*
* To create an IAM role, see:
*
* https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create.html
*
* This code example requires a local docker image named echo-text. Without a local image,
* this program will not successfully run. For more information including how to create the local
* image, see:
*
* /scenarios/basics/ecr/README
*
*/
val DASHES = String(CharArray(80)).replace("\u0000", "-")
suspend fun main(args: Array) {
val usage =
"""
Usage:
Where:
iamRoleARN - The IAM role ARN that has the necessary permissions to access and manage the Amazon ECR repository.
accountId - Your AWS account number.
""".trimIndent()
if (args.size != 2) {
println(usage)
return
}
var iamRole = args[0]
var localImageName: String
var accountId = args[1]
val ecrActions = ECRActions()
val scanner = Scanner(System.`in`)
println(
"""
The Amazon Elastic Container Registry (ECR) is a fully-managed Docker container registry
service provided by AWS. It allows developers and organizations to securely
store, manage, and deploy Docker container images.
ECR provides a simple and scalable way to manage container images throughout their lifecycle,
from building and testing to production deployment.
The `EcrClient` service client that is part of the AWS SDK for Kotlin provides a set of methods to
programmatically interact with the Amazon ECR service. This allows developers to
automate the storage, retrieval, and management of container images as part of their application
deployment pipelines. With ECR, teams can focus on building and deploying their
applications without having to worry about the underlying infrastructure required to
host and manage a container registry.
This scenario walks you through how to perform key operations for this service.
Let's get started...
You have two choices:
1 - Run the entire program.
2 - Delete an existing Amazon ECR repository named echo-text (created from a previous execution of
this program that did not complete).
""".trimIndent(),
)
while (true) {
val input = scanner.nextLine()
if (input.trim { it <= ' ' }.equals("1", ignoreCase = true)) {
println("Continuing with the program...")
println("")
break
} else if (input.trim { it <= ' ' }.equals("2", ignoreCase = true)) {
val repoName = "echo-text"
ecrActions.deleteECRRepository(repoName)
return
} else {
// Handle invalid input.
println("Invalid input. Please try again.")
}
}
waitForInputToContinue(scanner)
println(DASHES)
println(
"""
1. Create an ECR repository.
The first task is to ensure we have a local Docker image named echo-text.
If this image exists, then an Amazon ECR repository is created.
An ECR repository is a private Docker container repository provided
by Amazon Web Services (AWS). It is a managed service that makes it easy
to store, manage, and deploy Docker container images.
""".trimIndent(),
)
// Ensure that a local docker image named echo-text exists.
val doesExist = ecrActions.listLocalImages()
val repoName: String
if (!doesExist) {
println("The local image named echo-text does not exist")
return
} else {
localImageName = "echo-text"
repoName = "echo-text"
}
val repoArn = ecrActions.createECRRepository(repoName).toString()
println("The ARN of the ECR repository is $repoArn")
waitForInputToContinue(scanner)
println(DASHES)
println(
"""
2. Set an ECR repository policy.
Setting an ECR repository policy using the `setRepositoryPolicy` function is crucial for maintaining
the security and integrity of your container images. The repository policy allows you to
define specific rules and restrictions for accessing and managing the images stored within your ECR
repository.
""".trimIndent(),
)
waitForInputToContinue(scanner)
ecrActions.setRepoPolicy(repoName, iamRole)
waitForInputToContinue(scanner)
println(DASHES)
println(
"""
3. Display ECR repository policy.
Now we will retrieve the ECR policy to ensure it was successfully set.
""".trimIndent(),
)
waitForInputToContinue(scanner)
val policyText = ecrActions.getRepoPolicy(repoName)
println("Policy Text:")
println(policyText)
waitForInputToContinue(scanner)
println(DASHES)
println(
"""
4. Retrieve an ECR authorization token.
You need an authorization token to securely access and interact with the Amazon ECR registry.
The `getAuthorizationToken` method of the `EcrAsyncClient` is responsible for securely accessing
and interacting with an Amazon ECR repository. This operation is responsible for obtaining a
valid authorization token, which is required to authenticate your requests to the ECR service.
Without a valid authorization token, you would not be able to perform any operations on the
ECR repository, such as pushing, pulling, or managing your Docker images.
""".trimIndent(),
)
waitForInputToContinue(scanner)
ecrActions.getAuthToken()
waitForInputToContinue(scanner)
println(DASHES)
println(
"""
5. Get the ECR Repository URI.
The URI of an Amazon ECR repository is important. When you want to deploy a container image to
a container orchestration platform like Amazon Elastic Kubernetes Service (EKS)
or Amazon Elastic Container Service (ECS), you need to specify the full image URI,
which includes the ECR repository URI. This allows the container runtime to pull the
correct container image from the ECR repository.
""".trimIndent(),
)
waitForInputToContinue(scanner)
val repositoryURI: String? = ecrActions.getRepositoryURI(repoName)
println("The repository URI is $repositoryURI")
waitForInputToContinue(scanner)
println(DASHES)
println(
"""
6. Set an ECR Lifecycle Policy.
An ECR Lifecycle Policy is used to manage the lifecycle of Docker images stored in your ECR repositories.
These policies allow you to automatically remove old or unused Docker images from your repositories,
freeing up storage space and reducing costs.
""".trimIndent(),
)
waitForInputToContinue(scanner)
val pol = ecrActions.setLifeCyclePolicy(repoName)
println(pol)
waitForInputToContinue(scanner)
println(DASHES)
println(
"""
7. Push a docker image to the Amazon ECR Repository.
The `pushImageCmd()` method pushes a local Docker image to an Amazon ECR repository.
It sets up the Docker client by connecting to the local Docker host using the default port.
It then retrieves the authorization token for the ECR repository by making a call to the AWS SDK.
The method uses the authorization token to create an `AuthConfig` object, which is used to authenticate
the Docker client when pushing the image. Finally, the method tags the Docker image with the specified
repository name and image tag, and then pushes the image to the ECR repository using the Docker client.
If the push operation is successful, the method prints a message indicating that the image was pushed to ECR.
""".trimIndent(),
)
waitForInputToContinue(scanner)
ecrActions.pushDockerImage(repoName, localImageName)
waitForInputToContinue(scanner)
println(DASHES)
println("8. Verify if the image is in the ECR Repository.")
waitForInputToContinue(scanner)
ecrActions.verifyImage(repoName, localImageName)
waitForInputToContinue(scanner)
println(DASHES)
println("9. As an optional step, you can interact with the image in Amazon ECR by using the CLI.")
println("Would you like to view instructions on how to use the CLI to run the image? (y/n)")
val ans = scanner.nextLine().trim()
if (ans.equals("y", true)) {
val instructions = """
1. Authenticate with ECR - Before you can pull the image from Amazon ECR, you need to authenticate with the registry. You can do this using the AWS CLI:
aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin $accountId.dkr.ecr.us-east-1.amazonaws.com
2. Describe the image using this command:
aws ecr describe-images --repository-name $repoName --image-ids imageTag=$localImageName
3. Run the Docker container and view the output using this command:
docker run --rm $accountId.dkr.ecr.us-east-1.amazonaws.com/$repoName:$localImageName
"""
println(instructions)
}
waitForInputToContinue(scanner)
println(DASHES)
println("10. Delete the ECR Repository.")
println(
"""
If the repository isn't empty, you must either delete the contents of the repository
or use the force option (used in this scenario) to delete the repository and have Amazon ECR delete all of its contents
on your behalf.
""".trimIndent(),
)
println("Would you like to delete the Amazon ECR Repository? (y/n)")
val delAns = scanner.nextLine().trim { it <= ' ' }
if (delAns.equals("y", ignoreCase = true)) {
println("You selected to delete the AWS ECR resources.")
waitForInputToContinue(scanner)
ecrActions.deleteECRRepository(repoName)
}
println(DASHES)
println("This concludes the Amazon ECR SDK scenario")
println(DASHES)
}
private fun waitForInputToContinue(scanner: Scanner) {
while (true) {
println("")
println("Enter 'c' followed by to continue:")
val input = scanner.nextLine()
if (input.trim { it <= ' ' }.equals("c", ignoreCase = true)) {
println("Continuing with the program...")
println("")
break
} else {
// Handle invalid input.
println("Invalid input. Please try again.")
}
}
}
```
Amazon ECR SDK 方法的封装类。
```
import aws.sdk.kotlin.services.ecr.EcrClient
import aws.sdk.kotlin.services.ecr.model.CreateRepositoryRequest
import aws.sdk.kotlin.services.ecr.model.DeleteRepositoryRequest
import aws.sdk.kotlin.services.ecr.model.DescribeImagesRequest
import aws.sdk.kotlin.services.ecr.model.DescribeRepositoriesRequest
import aws.sdk.kotlin.services.ecr.model.EcrException
import aws.sdk.kotlin.services.ecr.model.GetRepositoryPolicyRequest
import aws.sdk.kotlin.services.ecr.model.ImageIdentifier
import aws.sdk.kotlin.services.ecr.model.RepositoryAlreadyExistsException
import aws.sdk.kotlin.services.ecr.model.SetRepositoryPolicyRequest
import aws.sdk.kotlin.services.ecr.model.StartLifecyclePolicyPreviewRequest
import com.github.dockerjava.api.DockerClient
import com.github.dockerjava.api.command.DockerCmdExecFactory
import com.github.dockerjava.api.model.AuthConfig
import com.github.dockerjava.core.DockerClientBuilder
import com.github.dockerjava.netty.NettyDockerCmdExecFactory
import java.io.IOException
import java.util.Base64
class ECRActions {
private var dockerClient: DockerClient? = null
private fun getDockerClient(): DockerClient? {
val osName = System.getProperty("os.name")
if (osName.startsWith("Windows")) {
// Make sure Docker Desktop is running.
val dockerHost = "tcp://localhost:2375" // Use the Docker Desktop default port.
val dockerCmdExecFactory: DockerCmdExecFactory =
NettyDockerCmdExecFactory().withReadTimeout(20000).withConnectTimeout(20000)
dockerClient = DockerClientBuilder.getInstance(dockerHost).withDockerCmdExecFactory(dockerCmdExecFactory).build()
} else {
dockerClient = DockerClientBuilder.getInstance().build()
}
return dockerClient
}
/**
* Sets the lifecycle policy for the specified repository.
*
* @param repoName the name of the repository for which to set the lifecycle policy.
*/
suspend fun setLifeCyclePolicy(repoName: String): String? {
val polText =
"""
{
"rules": [
{
"rulePriority": 1,
"description": "Expire images older than 14 days",
"selection": {
"tagStatus": "any",
"countType": "sinceImagePushed",
"countUnit": "days",
"countNumber": 14
},
"action": {
"type": "expire"
}
}
]
}
""".trimIndent()
val lifecyclePolicyPreviewRequest =
StartLifecyclePolicyPreviewRequest {
lifecyclePolicyText = polText
repositoryName = repoName
}
// Execute the request asynchronously.
EcrClient.fromEnvironment { region = "us-east-1" }.use { ecrClient ->
val response = ecrClient.startLifecyclePolicyPreview(lifecyclePolicyPreviewRequest)
return response.lifecyclePolicyText
}
}
/**
* Retrieves the repository URI for the specified repository name.
*
* @param repoName the name of the repository to retrieve the URI for.
* @return the repository URI for the specified repository name.
*/
suspend fun getRepositoryURI(repoName: String?): String? {
require(!(repoName == null || repoName.isEmpty())) { "Repository name cannot be null or empty" }
val request =
DescribeRepositoriesRequest {
repositoryNames = listOf(repoName)
}
EcrClient.fromEnvironment { region = "us-east-1" }.use { ecrClient ->
val describeRepositoriesResponse = ecrClient.describeRepositories(request)
if (!describeRepositoriesResponse.repositories?.isEmpty()!!) {
return describeRepositoriesResponse?.repositories?.get(0)?.repositoryUri
} else {
println("No repositories found for the given name.")
return ""
}
}
}
/**
* Retrieves the authorization token for Amazon Elastic Container Registry (ECR).
*
*/
suspend fun getAuthToken() {
EcrClient.fromEnvironment { region = "us-east-1" }.use { ecrClient ->
// Retrieve the authorization token for ECR.
val response = ecrClient.getAuthorizationToken()
val authorizationData = response.authorizationData?.get(0)
val token = authorizationData?.authorizationToken
if (token != null) {
println("The token was successfully retrieved.")
}
}
}
/**
* Gets the repository policy for the specified repository.
*
* @param repoName the name of the repository.
*/
suspend fun getRepoPolicy(repoName: String?): String? {
require(!(repoName == null || repoName.isEmpty())) { "Repository name cannot be null or empty" }
// Create the request
val getRepositoryPolicyRequest =
GetRepositoryPolicyRequest {
repositoryName = repoName
}
EcrClient.fromEnvironment { region = "us-east-1" }.use { ecrClient ->
val response = ecrClient.getRepositoryPolicy(getRepositoryPolicyRequest)
val responseText = response.policyText
return responseText
}
}
/**
* Sets the repository policy for the specified ECR repository.
*
* @param repoName the name of the ECR repository.
* @param iamRole the IAM role to be granted access to the repository.
*/
suspend fun setRepoPolicy(
repoName: String?,
iamRole: String?,
) {
val policyDocumentTemplate =
"""
{
"Version":"2012-10-17",
"Statement" : [ {
"Sid" : "new statement",
"Effect" : "Allow",
"Principal" : {
"AWS" : "$iamRole"
},
"Action" : "ecr:BatchGetImage"
} ]
}
""".trimIndent()
val setRepositoryPolicyRequest =
SetRepositoryPolicyRequest {
repositoryName = repoName
policyText = policyDocumentTemplate
}
EcrClient.fromEnvironment { region = "us-east-1" }.use { ecrClient ->
val response = ecrClient.setRepositoryPolicy(setRepositoryPolicyRequest)
if (response != null) {
println("Repository policy set successfully.")
}
}
}
/**
* Creates an Amazon Elastic Container Registry (Amazon ECR) repository.
*
* @param repoName the name of the repository to create.
* @return the Amazon Resource Name (ARN) of the created repository, or an empty string if the operation failed.
* @throws RepositoryAlreadyExistsException if the repository exists.
* @throws EcrException if an error occurs while creating the repository.
*/
suspend fun createECRRepository(repoName: String?): String? {
val request =
CreateRepositoryRequest {
repositoryName = repoName
}
return try {
EcrClient.fromEnvironment { region = "us-east-1" }.use { ecrClient ->
val response = ecrClient.createRepository(request)
response.repository?.repositoryArn
}
} catch (e: RepositoryAlreadyExistsException) {
println("Repository already exists: $repoName")
repoName?.let { getRepoARN(it) }
} catch (e: EcrException) {
println("An error occurred: ${e.message}")
null
}
}
suspend fun getRepoARN(repoName: String): String? {
// Fetch the existing repository's ARN.
val describeRequest =
DescribeRepositoriesRequest {
repositoryNames = listOf(repoName)
}
EcrClient.fromEnvironment { region = "us-east-1" }.use { ecrClient ->
val describeResponse = ecrClient.describeRepositories(describeRequest)
return describeResponse.repositories?.get(0)?.repositoryArn
}
}
fun listLocalImages(): Boolean = try {
val images = getDockerClient()?.listImagesCmd()?.exec()
images?.any { image ->
image.repoTags?.any { tag -> tag.startsWith("echo-text") } ?: false
} ?: false
} catch (ex: Exception) {
println("ERROR: ${ex.message}")
false
}
/**
* Pushes a Docker image to an Amazon Elastic Container Registry (ECR) repository.
*
* @param repoName the name of the ECR repository to push the image to.
* @param imageName the name of the Docker image.
*/
suspend fun pushDockerImage(
repoName: String,
imageName: String,
) {
println("Pushing $imageName to $repoName will take a few seconds")
val authConfig = getAuthConfig(repoName)
EcrClient.fromEnvironment { region = "us-east-1" }.use { ecrClient ->
val desRequest =
DescribeRepositoriesRequest {
repositoryNames = listOf(repoName)
}
val describeRepoResponse = ecrClient.describeRepositories(desRequest)
val repoData =
describeRepoResponse.repositories?.firstOrNull { it.repositoryName == repoName }
?: throw RuntimeException("Repository not found: $repoName")
val tagImageCmd = getDockerClient()?.tagImageCmd("$imageName", "${repoData.repositoryUri}", imageName)
if (tagImageCmd != null) {
tagImageCmd.exec()
}
val pushImageCmd =
repoData.repositoryUri?.let {
dockerClient?.pushImageCmd(it)
// ?.withTag("latest")
?.withAuthConfig(authConfig)
}
try {
if (pushImageCmd != null) {
pushImageCmd.start().awaitCompletion()
}
println("The $imageName was pushed to Amazon ECR")
} catch (e: IOException) {
throw RuntimeException(e)
}
}
}
/**
* Verifies the existence of an image in an Amazon Elastic Container Registry (Amazon ECR) repository asynchronously.
*
* @param repositoryName The name of the Amazon ECR repository.
* @param imageTag The tag of the image to verify.
*/
suspend fun verifyImage(
repoName: String?,
imageTagVal: String?,
) {
require(!(repoName == null || repoName.isEmpty())) { "Repository name cannot be null or empty" }
require(!(imageTagVal == null || imageTagVal.isEmpty())) { "Image tag cannot be null or empty" }
val imageId =
ImageIdentifier {
imageTag = imageTagVal
}
val request =
DescribeImagesRequest {
repositoryName = repoName
imageIds = listOf(imageId)
}
EcrClient.fromEnvironment { region = "us-east-1" }.use { ecrClient ->
val describeImagesResponse = ecrClient.describeImages(request)
if (describeImagesResponse != null && !describeImagesResponse.imageDetails?.isEmpty()!!) {
println("Image is present in the repository.")
} else {
println("Image is not present in the repository.")
}
}
}
/**
* Deletes an ECR (Elastic Container Registry) repository.
*
* @param repoName the name of the repository to delete.
*/
suspend fun deleteECRRepository(repoName: String) {
if (repoName.isNullOrEmpty()) {
throw IllegalArgumentException("Repository name cannot be null or empty")
}
val repositoryRequest =
DeleteRepositoryRequest {
force = true
repositoryName = repoName
}
EcrClient.fromEnvironment { region = "us-east-1" }.use { ecrClient ->
ecrClient.deleteRepository(repositoryRequest)
println("You have successfully deleted the $repoName repository")
}
}
// Return an AuthConfig.
private suspend fun getAuthConfig(repoName: String): AuthConfig {
EcrClient.fromEnvironment { region = "us-east-1" }.use { ecrClient ->
// Retrieve the authorization token for ECR.
val response = ecrClient.getAuthorizationToken()
val authorizationData = response.authorizationData?.get(0)
val token = authorizationData?.authorizationToken
val decodedToken = String(Base64.getDecoder().decode(token))
val password = decodedToken.substring(4)
val request =
DescribeRepositoriesRequest {
repositoryNames = listOf(repoName)
}
val descrRepoResponse = ecrClient.describeRepositories(request)
val repoData = descrRepoResponse.repositories?.firstOrNull { it.repositoryName == repoName }
val registryURL: String = repoData?.repositoryUri?.split("/")?.get(0) ?: ""
return AuthConfig()
.withUsername("AWS")
.withPassword(password)
.withRegistryAddress(registryURL)
}
}
}
```
+ 有关 API 详细信息,请参阅《AWS SDK for Kotlin API Reference》**中的以下主题。
+ [CreateRepository](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [DeleteRepository](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [DescribeImages](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [DescribeRepositories](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [GetAuthorizationToken](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [GetRepositoryPolicy](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [SetRepositoryPolicy](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
+ [StartLifecyclePolicyPreview](https://sdk.amazonaws.com/kotlin/api/latest/index.html)
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
在命令提示符中运行交互式场景。
```
class ECRGettingStarted:
"""
A scenario that demonstrates how to use Boto3 to perform basic operations using
Amazon ECR.
"""
def __init__(
self,
ecr_wrapper: ECRWrapper,
docker_client: docker.DockerClient,
):
self.ecr_wrapper = ecr_wrapper
self.docker_client = docker_client
self.tag = "echo-text"
self.repository_name = "ecr-basics"
self.docker_image = None
self.full_tag_name = None
self.repository = None
def run(self, role_arn: str) -> None:
"""
Runs the scenario.
"""
print(
"""
The Amazon Elastic Container Registry (ECR) is a fully-managed Docker container registry
service provided by AWS. It allows developers and organizations to securely
store, manage, and deploy Docker container images.
ECR provides a simple and scalable way to manage container images throughout their lifecycle,
from building and testing to production deployment.
The `ECRWrapper' class is a wrapper for the Boto3 'ecr' client. The 'ecr' client provides a set of methods to
programmatically interact with the Amazon ECR service. This allows developers to
automate the storage, retrieval, and management of container images as part of their application
deployment pipelines. With ECR, teams can focus on building and deploying their
applications without having to worry about the underlying infrastructure required to
host and manage a container registry.
This scenario walks you through how to perform key operations for this service.
Let's get started...
"""
)
press_enter_to_continue()
print_dashes()
print(
f"""
* Create an ECR repository.
An ECR repository is a private Docker container repository provided
by Amazon Web Services (AWS). It is a managed service that makes it easy
to store, manage, and deploy Docker container images.
"""
)
print(f"Creating a repository named {self.repository_name}")
self.repository = self.ecr_wrapper.create_repository(self.repository_name)
print(f"The ARN of the ECR repository is {self.repository['repositoryArn']}")
repository_uri = self.repository["repositoryUri"]
press_enter_to_continue()
print_dashes()
print(
f"""
* Build a Docker image.
Create a local Docker image if it does not already exist.
A Python Docker client is used to execute Docker commands.
You must have Docker installed and running.
"""
)
print(f"Building a docker image from 'docker_files/Dockerfile'")
self.full_tag_name = f"{repository_uri}:{self.tag}"
self.docker_image = self.docker_client.images.build(
path="docker_files", tag=self.full_tag_name
)[0]
print(f"Docker image {self.full_tag_name} successfully built.")
press_enter_to_continue()
print_dashes()
if role_arn is None:
print(
"""
* Because an IAM role ARN was not provided, a role policy will not be set for this repository.
"""
)
else:
print(
"""
* Set an ECR repository policy.
Setting an ECR repository policy using the `setRepositoryPolicy` function is crucial for maintaining
the security and integrity of your container images. The repository policy allows you to
define specific rules and restrictions for accessing and managing the images stored within your ECR
repository.
"""
)
self.grant_role_download_access(role_arn)
print(f"Download access granted to the IAM role ARN {role_arn}")
press_enter_to_continue()
print_dashes()
print(
"""
* Display ECR repository policy.
Now we will retrieve the ECR policy to ensure it was successfully set.
"""
)
policy_text = self.ecr_wrapper.get_repository_policy(self.repository_name)
print("Policy Text:")
print(f"{policy_text}")
press_enter_to_continue()
print_dashes()
print(
"""
* Retrieve an ECR authorization token.
You need an authorization token to securely access and interact with the Amazon ECR registry.
The `get_authorization_token` method of the `ecr` client is responsible for securely accessing
and interacting with an Amazon ECR repository. This operation is responsible for obtaining a
valid authorization token, which is required to authenticate your requests to the ECR service.
Without a valid authorization token, you would not be able to perform any operations on the
ECR repository, such as pushing, pulling, or managing your Docker images.
"""
)
authorization_token = self.ecr_wrapper.get_authorization_token()
print("Authorization token retrieved.")
press_enter_to_continue()
print_dashes()
print(
"""
* Get the ECR Repository URI.
The URI of an Amazon ECR repository is important. When you want to deploy a container image to
a container orchestration platform like Amazon Elastic Kubernetes Service (EKS)
or Amazon Elastic Container Service (ECS), you need to specify the full image URI,
which includes the ECR repository URI. This allows the container runtime to pull the
correct container image from the ECR repository.
"""
)
repository_descriptions = self.ecr_wrapper.describe_repositories(
[self.repository_name]
)
repository_uri = repository_descriptions[0]["repositoryUri"]
print(f"Repository URI found: {repository_uri}")
press_enter_to_continue()
print_dashes()
print(
"""
* Set an ECR Lifecycle Policy.
An ECR Lifecycle Policy is used to manage the lifecycle of Docker images stored in your ECR repositories.
These policies allow you to automatically remove old or unused Docker images from your repositories,
freeing up storage space and reducing costs.
This example policy helps to maintain the size and efficiency of the container registry
by automatically removing older and potentially unused images, ensuring that the
storage is optimized and the registry remains up-to-date.
"""
)
press_enter_to_continue()
self.put_expiration_policy()
print(f"An expiration policy was added to the repository.")
print_dashes()
print(
"""
* Push a docker image to the Amazon ECR Repository.
The Docker client uses the authorization token is used to authenticate the when pushing the image to the
ECR repository.
"""
)
decoded_authorization = base64.b64decode(authorization_token).decode("utf-8")
username, password = decoded_authorization.split(":")
resp = self.docker_client.api.push(
repository=repository_uri,
auth_config={"username": username, "password": password},
tag=self.tag,
stream=True,
decode=True,
)
for line in resp:
print(line)
print_dashes()
print("* Verify if the image is in the ECR Repository.")
image_descriptions = self.ecr_wrapper.describe_images(
self.repository_name, [self.tag]
)
if len(image_descriptions) > 0:
print("Image found in ECR Repository.")
else:
print("Image not found in ECR Repository.")
press_enter_to_continue()
print_dashes()
print(
"* As an optional step, you can interact with the image in Amazon ECR by using the CLI."
)
if q.ask(
"Would you like to view instructions on how to use the CLI to run the image? (y/n)",
q.is_yesno,
):
print(
f"""
1. Authenticate with ECR - Before you can pull the image from Amazon ECR, you need to authenticate with the registry. You can do this using the AWS CLI:
aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin {repository_uri.split("/")[0]}
2. Describe the image using this command:
aws ecr describe-images --repository-name {self.repository_name} --image-ids imageTag={self.tag}
3. Run the Docker container and view the output using this command:
docker run --rm {self.full_tag_name}
"""
)
self.cleanup(True)
def cleanup(self, ask: bool):
"""
Deletes the resources created in this scenario.
:param ask: If True, prompts the user to confirm before deleting the resources.
"""
if self.repository is not None and (
not ask
or q.ask(
f"Would you like to delete the ECR repository '{self.repository_name}? (y/n) "
)
):
print(f"Deleting the ECR repository '{self.repository_name}'.")
self.ecr_wrapper.delete_repository(self.repository_name)
if self.full_tag_name is not None and (
not ask
or q.ask(
f"Would you like to delete the local Docker image '{self.full_tag_name}? (y/n) "
)
):
print(f"Deleting the docker image '{self.full_tag_name}'.")
self.docker_client.images.remove(self.full_tag_name)
def grant_role_download_access(self, role_arn: str):
"""
Grants the specified role access to download images from the ECR repository.
:param role_arn: The ARN of the role to grant access to.
"""
policy_json = {
"Version":"2012-10-17",
"Statement": [
{
"Sid": "AllowDownload",
"Effect": "Allow",
"Principal": {"AWS": role_arn},
"Action": ["ecr:BatchGetImage"],
}
],
}
self.ecr_wrapper.set_repository_policy(
self.repository_name, json.dumps(policy_json)
)
def put_expiration_policy(self):
"""
Puts an expiration policy on the ECR repository.
"""
policy_json = {
"rules": [
{
"rulePriority": 1,
"description": "Expire images older than 14 days",
"selection": {
"tagStatus": "any",
"countType": "sinceImagePushed",
"countUnit": "days",
"countNumber": 14,
},
"action": {"type": "expire"},
}
]
}
self.ecr_wrapper.put_lifecycle_policy(
self.repository_name, json.dumps(policy_json)
)
if __name__ == "__main__":
parser = argparse.ArgumentParser(
description="Run Amazon ECR getting started scenario."
)
parser.add_argument(
"--iam-role-arn",
type=str,
default=None,
help="an optional IAM role ARN that will be granted access to download images from a repository.",
required=False,
)
parser.add_argument(
"--no-art",
action="store_true",
help="accessibility setting that suppresses art in the console output.",
)
args = parser.parse_args()
no_art = args.no_art
iam_role_arn = args.iam_role_arn
demo = None
a_docker_client = None
try:
a_docker_client = docker.from_env()
if not a_docker_client.ping():
raise docker.errors.DockerException("Docker is not running.")
except docker.errors.DockerException as err:
logging.error(
"""
The Python Docker client could not be created.
Do you have Docker installed and running?
Here is the error message:
%s
""",
err,
)
sys.exit("Error with Docker.")
try:
an_ecr_wrapper = ECRWrapper.from_client()
demo = ECRGettingStarted(an_ecr_wrapper, a_docker_client)
demo.run(iam_role_arn)
except Exception as exception:
logging.exception("Something went wrong with the demo!")
if demo is not None:
demo.cleanup(False)
```
ECRWrapper 封装 Amazon ECR 操作的类。
```
class ECRWrapper:
def __init__(self, ecr_client: client):
self.ecr_client = ecr_client
@classmethod
def from_client(cls) -> "ECRWrapper":
"""
Creates a ECRWrapper instance with a default Amazon ECR client.
:return: An instance of ECRWrapper initialized with the default Amazon ECR client.
"""
ecr_client = boto3.client("ecr")
return cls(ecr_client)
def create_repository(self, repository_name: str) -> dict[str, any]:
"""
Creates an ECR repository.
:param repository_name: The name of the repository to create.
:return: A dictionary of the created repository.
"""
try:
response = self.ecr_client.create_repository(repositoryName=repository_name)
return response["repository"]
except ClientError as err:
if err.response["Error"]["Code"] == "RepositoryAlreadyExistsException":
print(f"Repository {repository_name} already exists.")
response = self.ecr_client.describe_repositories(
repositoryNames=[repository_name]
)
return self.describe_repositories([repository_name])[0]
else:
logger.error(
"Error creating repository %s. Here's why %s",
repository_name,
err.response["Error"]["Message"],
)
raise
def delete_repository(self, repository_name: str):
"""
Deletes an ECR repository.
:param repository_name: The name of the repository to delete.
"""
try:
self.ecr_client.delete_repository(
repositoryName=repository_name, force=True
)
print(f"Deleted repository {repository_name}.")
except ClientError as err:
logger.error(
"Couldn't delete repository %s.. Here's why %s",
repository_name,
err.response["Error"]["Message"],
)
raise
def set_repository_policy(self, repository_name: str, policy_text: str):
"""
Sets the policy for an ECR repository.
:param repository_name: The name of the repository to set the policy for.
:param policy_text: The policy text to set.
"""
try:
self.ecr_client.set_repository_policy(
repositoryName=repository_name, policyText=policy_text
)
print(f"Set repository policy for repository {repository_name}.")
except ClientError as err:
if err.response["Error"]["Code"] == "RepositoryPolicyNotFoundException":
logger.error("Repository does not exist. %s.", repository_name)
raise
else:
logger.error(
"Couldn't set repository policy for repository %s. Here's why %s",
repository_name,
err.response["Error"]["Message"],
)
raise
def get_repository_policy(self, repository_name: str) -> str:
"""
Gets the policy for an ECR repository.
:param repository_name: The name of the repository to get the policy for.
:return: The policy text.
"""
try:
response = self.ecr_client.get_repository_policy(
repositoryName=repository_name
)
return response["policyText"]
except ClientError as err:
if err.response["Error"]["Code"] == "RepositoryPolicyNotFoundException":
logger.error("Repository does not exist. %s.", repository_name)
raise
else:
logger.error(
"Couldn't get repository policy for repository %s. Here's why %s",
repository_name,
err.response["Error"]["Message"],
)
raise
def get_authorization_token(self) -> str:
"""
Gets an authorization token for an ECR repository.
:return: The authorization token.
"""
try:
response = self.ecr_client.get_authorization_token()
return response["authorizationData"][0]["authorizationToken"]
except ClientError as err:
logger.error(
"Couldn't get authorization token. Here's why %s",
err.response["Error"]["Message"],
)
raise
def describe_repositories(self, repository_names: list[str]) -> list[dict]:
"""
Describes ECR repositories.
:param repository_names: The names of the repositories to describe.
:return: The list of repository descriptions.
"""
try:
response = self.ecr_client.describe_repositories(
repositoryNames=repository_names
)
return response["repositories"]
except ClientError as err:
logger.error(
"Couldn't describe repositories. Here's why %s",
err.response["Error"]["Message"],
)
raise
def put_lifecycle_policy(self, repository_name: str, lifecycle_policy_text: str):
"""
Puts a lifecycle policy for an ECR repository.
:param repository_name: The name of the repository to put the lifecycle policy for.
:param lifecycle_policy_text: The lifecycle policy text to put.
"""
try:
self.ecr_client.put_lifecycle_policy(
repositoryName=repository_name,
lifecyclePolicyText=lifecycle_policy_text,
)
print(f"Put lifecycle policy for repository {repository_name}.")
except ClientError as err:
logger.error(
"Couldn't put lifecycle policy for repository %s. Here's why %s",
repository_name,
err.response["Error"]["Message"],
)
raise
def describe_images(
self, repository_name: str, image_ids: list[str] = None
) -> list[dict]:
"""
Describes ECR images.
:param repository_name: The name of the repository to describe images for.
:param image_ids: The optional IDs of images to describe.
:return: The list of image descriptions.
"""
try:
params = {
"repositoryName": repository_name,
}
if image_ids is not None:
params["imageIds"] = [{"imageTag": tag} for tag in image_ids]
paginator = self.ecr_client.get_paginator("describe_images")
image_descriptions = []
for page in paginator.paginate(**params):
image_descriptions.extend(page["imageDetails"])
return image_descriptions
except ClientError as err:
logger.error(
"Couldn't describe images. Here's why %s",
err.response["Error"]["Message"],
)
raise
```
+ 有关 API 详细信息,请参阅《AWS SDK for Python (Boto3) API Reference》**中的以下主题。
+ [CreateRepository](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/CreateRepository)
+ [DeleteRepository](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/DeleteRepository)
+ [DescribeImages](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/DescribeImages)
+ [DescribeRepositories](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/DescribeRepositories)
+ [GetAuthorizationToken](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/GetAuthorizationToken)
+ [GetRepositoryPolicy](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/GetRepositoryPolicy)
+ [SetRepositoryPolicy](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/SetRepositoryPolicy)
+ [StartLifecyclePolicyPreview](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/StartLifecyclePolicyPreview)
------
# 使用 Amazon ECR 执行的操作 AWS SDKs
以下代码示例演示了如何使用执行单个 Amazon ECR 操作。 AWS SDKs每个示例都包含一个指向的链接 GitHub,您可以在其中找到有关设置和运行代码的说明。
以下示例仅包括最常用的操作。有关完整列表,请参阅《[Amazon Elastic Container Registry API Reference](https://docs.aws.amazon.com/AmazonECR/latest/APIReference/Welcome.html)》。
**Topics**
+ [`CreateRepository`](ecr_example_ecr_CreateRepository_section.md)
+ [`DeleteRepository`](ecr_example_ecr_DeleteRepository_section.md)
+ [`DescribeImages`](ecr_example_ecr_DescribeImages_section.md)
+ [`DescribeRepositories`](ecr_example_ecr_DescribeRepositories_section.md)
+ [`GetAuthorizationToken`](ecr_example_ecr_GetAuthorizationToken_section.md)
+ [`GetRepositoryPolicy`](ecr_example_ecr_GetRepositoryPolicy_section.md)
+ [`ListImages`](ecr_example_ecr_ListImages_section.md)
+ [`PushImageCmd`](ecr_example_ecr_PushImageCmd_section.md)
+ [`PutLifeCyclePolicy`](ecr_example_ecr_PutLifeCyclePolicy_section.md)
+ [`SetRepositoryPolicy`](ecr_example_ecr_SetRepositoryPolicy_section.md)
+ [`StartLifecyclePolicyPreview`](ecr_example_ecr_StartLifecyclePolicyPreview_section.md)
# `CreateRepository`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `CreateRepository`。
操作示例是大型程序的代码摘录,必须在上下文中运行。在以下代码示例中,您可以查看此操作的上下文:
+ [了解基本功能](ecr_example_ecr_Scenario_RepositoryManagement_section.md)
------
#### [ CLI ]
**AWS CLI**
**示例 1:创建存储库**
以下 `create-repository` 示例将在账户默认注册表中的指定命名空间内创建存储库。
```
aws ecr create-repository \
--repository-name project-a/sample-repo
```
输出:
```
{
"repository": {
"registryId": "123456789012",
"repositoryName": "project-a/sample-repo",
"repositoryArn": "arn:aws:ecr:us-west-2:123456789012:repository/project-a/sample-repo"
}
}
```
有关更多信息,请参阅《Amazon ECR 用户指南》**中的[创建存储库](https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-create.html)。
**示例 2:创建配置了映像标签不可变性的存储库**
以下 `create-repository` 示例将在账户的默认注册表中创建已配置标签不可变性的存储库。
```
aws ecr create-repository \
--repository-name project-a/sample-repo \
--image-tag-mutability IMMUTABLE
```
输出:
```
{
"repository": {
"registryId": "123456789012",
"repositoryName": "project-a/sample-repo",
"repositoryArn": "arn:aws:ecr:us-west-2:123456789012:repository/project-a/sample-repo",
"imageTagMutability": "IMMUTABLE"
}
}
```
有关更多信息,请参阅《Amazon ECR 用户指南》**中的[映像标签可变性](https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-tag-mutability.html)。
**示例 3:创建已配置扫描配置的存储库**
以下 `create-repository` 示例将在账户的默认注册表中创建配置为在映像推送中执行漏洞扫描的存储库。
```
aws ecr create-repository \
--repository-name project-a/sample-repo \
--image-scanning-configuration scanOnPush=true
```
输出:
```
{
"repository": {
"registryId": "123456789012",
"repositoryName": "project-a/sample-repo",
"repositoryArn": "arn:aws:ecr:us-west-2:123456789012:repository/project-a/sample-repo",
"imageScanningConfiguration": {
"scanOnPush": true
}
}
}
```
有关更多信息,请参阅《Amazon ECR 用户指南》**中的[映像扫描](https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-scanning.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[CreateRepository](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ecr/create-repository.html)*中的。
------
#### [ Java ]
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Creates an Amazon Elastic Container Registry (Amazon ECR) repository.
*
* @param repoName the name of the repository to create.
* @return the Amazon Resource Name (ARN) of the created repository, or an empty string if the operation failed.
* @throws IllegalArgumentException If repository name is invalid.
* @throws RuntimeException if an error occurs while creating the repository.
*/
public String createECRRepository(String repoName) {
if (repoName == null || repoName.isEmpty()) {
throw new IllegalArgumentException("Repository name cannot be null or empty");
}
CreateRepositoryRequest request = CreateRepositoryRequest.builder()
.repositoryName(repoName)
.build();
CompletableFuture response = getAsyncClient().createRepository(request);
try {
CreateRepositoryResponse result = response.join();
if (result != null) {
System.out.println("The " + repoName + " repository was created successfully.");
return result.repository().repositoryArn();
} else {
throw new RuntimeException("Unexpected response type");
}
} catch (CompletionException e) {
Throwable cause = e.getCause();
if (cause instanceof EcrException ex) {
if ("RepositoryAlreadyExistsException".equals(ex.awsErrorDetails().errorCode())) {
System.out.println("The Amazon ECR repository already exists, moving on...");
DescribeRepositoriesRequest describeRequest = DescribeRepositoriesRequest.builder()
.repositoryNames(repoName)
.build();
DescribeRepositoriesResponse describeResponse = getAsyncClient().describeRepositories(describeRequest).join();
return describeResponse.repositories().get(0).repositoryArn();
} else {
throw new RuntimeException(ex);
}
} else {
throw new RuntimeException(e);
}
}
}
```
+ 有关 API 的详细信息,请参阅 *AWS SDK for Java 2.x API 参考[CreateRepository](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/CreateRepository)*中的。
------
#### [ Kotlin ]
**适用于 Kotlin 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Creates an Amazon Elastic Container Registry (Amazon ECR) repository.
*
* @param repoName the name of the repository to create.
* @return the Amazon Resource Name (ARN) of the created repository, or an empty string if the operation failed.
* @throws RepositoryAlreadyExistsException if the repository exists.
* @throws EcrException if an error occurs while creating the repository.
*/
suspend fun createECRRepository(repoName: String?): String? {
val request =
CreateRepositoryRequest {
repositoryName = repoName
}
return try {
EcrClient.fromEnvironment { region = "us-east-1" }.use { ecrClient ->
val response = ecrClient.createRepository(request)
response.repository?.repositoryArn
}
} catch (e: RepositoryAlreadyExistsException) {
println("Repository already exists: $repoName")
repoName?.let { getRepoARN(it) }
} catch (e: EcrException) {
println("An error occurred: ${e.message}")
null
}
}
```
+ 有关 API 的详细信息,请参阅适用[CreateRepository](https://sdk.amazonaws.com/kotlin/api/latest/index.html)于 K *otlin 的AWS SDK API 参考*。
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
class ECRWrapper:
def __init__(self, ecr_client: client):
self.ecr_client = ecr_client
@classmethod
def from_client(cls) -> "ECRWrapper":
"""
Creates a ECRWrapper instance with a default Amazon ECR client.
:return: An instance of ECRWrapper initialized with the default Amazon ECR client.
"""
ecr_client = boto3.client("ecr")
return cls(ecr_client)
def create_repository(self, repository_name: str) -> dict[str, any]:
"""
Creates an ECR repository.
:param repository_name: The name of the repository to create.
:return: A dictionary of the created repository.
"""
try:
response = self.ecr_client.create_repository(repositoryName=repository_name)
return response["repository"]
except ClientError as err:
if err.response["Error"]["Code"] == "RepositoryAlreadyExistsException":
print(f"Repository {repository_name} already exists.")
response = self.ecr_client.describe_repositories(
repositoryNames=[repository_name]
)
return self.describe_repositories([repository_name])[0]
else:
logger.error(
"Error creating repository %s. Here's why %s",
repository_name,
err.response["Error"]["Message"],
)
raise
```
+ 有关 API 的详细信息,请参阅适用[CreateRepository](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/CreateRepository)于 *Python 的AWS SDK (Boto3) API 参考*。
------
#### [ SAP ABAP ]
**适用于 SAP ABAP 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
TRY.
" iv_repository_name = 'my-repository'
oo_result = lo_ecr->createrepository(
iv_repositoryname = iv_repository_name ).
DATA(lv_repository_uri) = oo_result->get_repository( )->get_repositoryuri( ).
MESSAGE |Repository created with URI: { lv_repository_uri }| TYPE 'I'.
CATCH /aws1/cx_ecrrepositoryalrexex.
" If repository already exists, retrieve it
DATA lt_repo_names TYPE /aws1/cl_ecrrepositorynamels00=>tt_repositorynamelist.
APPEND NEW /aws1/cl_ecrrepositorynamels00( iv_value = iv_repository_name ) TO lt_repo_names.
DATA(lo_describe_result) = lo_ecr->describerepositories( it_repositorynames = lt_repo_names ).
DATA(lt_repos) = lo_describe_result->get_repositories( ).
IF lines( lt_repos ) > 0.
READ TABLE lt_repos INDEX 1 INTO DATA(lo_repo).
oo_result = NEW /aws1/cl_ecrcrerepositoryrsp( io_repository = lo_repo ).
MESSAGE |Repository { iv_repository_name } already exists.| TYPE 'I'.
ENDIF.
ENDTRY.
```
+ 有关 API 的详细信息,请参阅适用[CreateRepository](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)于 S *AP 的AWS SDK ABAP API 参考*。
------
# `DeleteRepository`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `DeleteRepository`。
操作示例是大型程序的代码摘录,必须在上下文中运行。在以下代码示例中,您可以查看此操作的上下文:
+ [了解基本功能](ecr_example_ecr_Scenario_RepositoryManagement_section.md)
------
#### [ CLI ]
**AWS CLI**
**删除存储库**
以下 `delete-repository` 示例命令将强制删除账户默认注册表中指定的存储库。如果存储库包含映像,则需要 `--force` 标志。
```
aws ecr delete-repository \
--repository-name ubuntu \
--force
```
输出:
```
{
"repository": {
"registryId": "123456789012",
"repositoryName": "ubuntu",
"repositoryArn": "arn:aws:ecr:us-west-2:123456789012:repository/ubuntu"
}
}
```
有关更多信息,请参阅《Amazon ECR 用户指南》**中的[删除存储库](https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-delete.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DeleteRepository](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ecr/delete-repository.html)*中的。
------
#### [ Java ]
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Deletes an ECR (Elastic Container Registry) repository.
*
* @param repoName the name of the repository to delete.
* @throws IllegalArgumentException if the repository name is null or empty.
* @throws EcrException if there is an error deleting the repository.
* @throws RuntimeException if an unexpected error occurs during the deletion process.
*/
public void deleteECRRepository(String repoName) {
if (repoName == null || repoName.isEmpty()) {
throw new IllegalArgumentException("Repository name cannot be null or empty");
}
DeleteRepositoryRequest repositoryRequest = DeleteRepositoryRequest.builder()
.force(true)
.repositoryName(repoName)
.build();
CompletableFuture response = getAsyncClient().deleteRepository(repositoryRequest);
response.whenComplete((deleteRepositoryResponse, ex) -> {
if (deleteRepositoryResponse != null) {
System.out.println("You have successfully deleted the " + repoName + " repository");
} else {
Throwable cause = ex.getCause();
if (cause instanceof EcrException) {
throw (EcrException) cause;
} else {
throw new RuntimeException("Unexpected error: " + cause.getMessage(), cause);
}
}
});
// Wait for the CompletableFuture to complete
response.join();
}
```
+ 有关 API 的详细信息,请参阅 *AWS SDK for Java 2.x API 参考[DeleteRepository](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/DeleteRepository)*中的。
------
#### [ Kotlin ]
**适用于 Kotlin 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Deletes an ECR (Elastic Container Registry) repository.
*
* @param repoName the name of the repository to delete.
*/
suspend fun deleteECRRepository(repoName: String) {
if (repoName.isNullOrEmpty()) {
throw IllegalArgumentException("Repository name cannot be null or empty")
}
val repositoryRequest =
DeleteRepositoryRequest {
force = true
repositoryName = repoName
}
EcrClient.fromEnvironment { region = "us-east-1" }.use { ecrClient ->
ecrClient.deleteRepository(repositoryRequest)
println("You have successfully deleted the $repoName repository")
}
}
```
+ 有关 API 的详细信息,请参阅适用[DeleteRepository](https://sdk.amazonaws.com/kotlin/api/latest/index.html)于 K *otlin 的AWS SDK API 参考*。
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
class ECRWrapper:
def __init__(self, ecr_client: client):
self.ecr_client = ecr_client
@classmethod
def from_client(cls) -> "ECRWrapper":
"""
Creates a ECRWrapper instance with a default Amazon ECR client.
:return: An instance of ECRWrapper initialized with the default Amazon ECR client.
"""
ecr_client = boto3.client("ecr")
return cls(ecr_client)
def delete_repository(self, repository_name: str):
"""
Deletes an ECR repository.
:param repository_name: The name of the repository to delete.
"""
try:
self.ecr_client.delete_repository(
repositoryName=repository_name, force=True
)
print(f"Deleted repository {repository_name}.")
except ClientError as err:
logger.error(
"Couldn't delete repository %s.. Here's why %s",
repository_name,
err.response["Error"]["Message"],
)
raise
```
+ 有关 API 的详细信息,请参阅适用[DeleteRepository](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/DeleteRepository)于 *Python 的AWS SDK (Boto3) API 参考*。
------
#### [ SAP ABAP ]
**适用于 SAP ABAP 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
TRY.
" iv_repository_name = 'my-repository'
lo_ecr->deleterepository(
iv_repositoryname = iv_repository_name
iv_force = abap_true ).
MESSAGE |Repository { iv_repository_name } deleted.| TYPE 'I'.
CATCH /aws1/cx_ecrrepositorynotfndex.
MESSAGE 'Repository not found.' TYPE 'I'.
ENDTRY.
```
+ 有关 API 的详细信息,请参阅适用[DeleteRepository](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)于 S *AP 的AWS SDK ABAP API 参考*。
------
# `DescribeImages`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `DescribeImages`。
操作示例是大型程序的代码摘录,必须在上下文中运行。在以下代码示例中,您可以查看此操作的上下文:
+ [了解基本功能](ecr_example_ecr_Scenario_RepositoryManagement_section.md)
------
#### [ CLI ]
**AWS CLI**
**要描述存储库中的映像**
以下 `describe-images` 示例显示具有标签 `v1.13.6` 的 `cluster-autoscaler` 存储库中某个映像的相关详细信息。
```
aws ecr describe-images \
--repository-name cluster-autoscaler \
--image-ids imageTag=v1.13.6
```
输出:
```
{
"imageDetails": [
{
"registryId": "012345678910",
"repositoryName": "cluster-autoscaler",
"imageDigest": "sha256:4a1c6567c38904384ebc64e35b7eeddd8451110c299e3368d2210066487d97e5",
"imageTags": [
"v1.13.6"
],
"imageSizeInBytes": 48318255,
"imagePushedAt": 1565128275.0
}
]
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DescribeImages](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ecr/describe-images.html)*中的。
------
#### [ Java ]
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Verifies the existence of an image in an Amazon Elastic Container Registry (Amazon ECR) repository asynchronously.
*
* @param repositoryName The name of the Amazon ECR repository.
* @param imageTag The tag of the image to verify.
* @throws EcrException if there is an error retrieving the image information from Amazon ECR.
* @throws CompletionException if the asynchronous operation completes exceptionally.
*/
public void verifyImage(String repositoryName, String imageTag) {
DescribeImagesRequest request = DescribeImagesRequest.builder()
.repositoryName(repositoryName)
.imageIds(ImageIdentifier.builder().imageTag(imageTag).build())
.build();
CompletableFuture response = getAsyncClient().describeImages(request);
response.whenComplete((describeImagesResponse, ex) -> {
if (ex != null) {
if (ex instanceof CompletionException) {
Throwable cause = ex.getCause();
if (cause instanceof EcrException) {
throw (EcrException) cause;
} else {
throw new RuntimeException("Unexpected error: " + cause.getMessage(), cause);
}
} else {
throw new RuntimeException("Unexpected error: " + ex.getCause());
}
} else if (describeImagesResponse != null && !describeImagesResponse.imageDetails().isEmpty()) {
System.out.println("Image is present in the repository.");
} else {
System.out.println("Image is not present in the repository.");
}
});
// Wait for the CompletableFuture to complete.
response.join();
}
```
+ 有关 API 的详细信息,请参阅 *AWS SDK for Java 2.x API 参考[DescribeImages](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/DescribeImages)*中的。
------
#### [ Kotlin ]
**适用于 Kotlin 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Verifies the existence of an image in an Amazon Elastic Container Registry (Amazon ECR) repository asynchronously.
*
* @param repositoryName The name of the Amazon ECR repository.
* @param imageTag The tag of the image to verify.
*/
suspend fun verifyImage(
repoName: String?,
imageTagVal: String?,
) {
require(!(repoName == null || repoName.isEmpty())) { "Repository name cannot be null or empty" }
require(!(imageTagVal == null || imageTagVal.isEmpty())) { "Image tag cannot be null or empty" }
val imageId =
ImageIdentifier {
imageTag = imageTagVal
}
val request =
DescribeImagesRequest {
repositoryName = repoName
imageIds = listOf(imageId)
}
EcrClient.fromEnvironment { region = "us-east-1" }.use { ecrClient ->
val describeImagesResponse = ecrClient.describeImages(request)
if (describeImagesResponse != null && !describeImagesResponse.imageDetails?.isEmpty()!!) {
println("Image is present in the repository.")
} else {
println("Image is not present in the repository.")
}
}
}
```
+ 有关 API 的详细信息,请参阅适用[DescribeImages](https://sdk.amazonaws.com/kotlin/api/latest/index.html)于 K *otlin 的AWS SDK API 参考*。
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
class ECRWrapper:
def __init__(self, ecr_client: client):
self.ecr_client = ecr_client
@classmethod
def from_client(cls) -> "ECRWrapper":
"""
Creates a ECRWrapper instance with a default Amazon ECR client.
:return: An instance of ECRWrapper initialized with the default Amazon ECR client.
"""
ecr_client = boto3.client("ecr")
return cls(ecr_client)
def describe_images(
self, repository_name: str, image_ids: list[str] = None
) -> list[dict]:
"""
Describes ECR images.
:param repository_name: The name of the repository to describe images for.
:param image_ids: The optional IDs of images to describe.
:return: The list of image descriptions.
"""
try:
params = {
"repositoryName": repository_name,
}
if image_ids is not None:
params["imageIds"] = [{"imageTag": tag} for tag in image_ids]
paginator = self.ecr_client.get_paginator("describe_images")
image_descriptions = []
for page in paginator.paginate(**params):
image_descriptions.extend(page["imageDetails"])
return image_descriptions
except ClientError as err:
logger.error(
"Couldn't describe images. Here's why %s",
err.response["Error"]["Message"],
)
raise
```
+ 有关 API 的详细信息,请参阅适用[DescribeImages](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/DescribeImages)于 *Python 的AWS SDK (Boto3) API 参考*。
------
#### [ SAP ABAP ]
**适用于 SAP ABAP 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
TRY.
" iv_repository_name = 'my-repository'
" it_image_ids = VALUE #( ( NEW /aws1/cl_ecrimageidentifier( iv_imagetag = 'latest' ) ) )
IF it_image_ids IS NOT INITIAL.
oo_result = lo_ecr->describeimages(
iv_repositoryname = iv_repository_name
it_imageids = it_image_ids ).
ELSE.
oo_result = lo_ecr->describeimages(
iv_repositoryname = iv_repository_name ).
ENDIF.
DATA(lt_image_details) = oo_result->get_imagedetails( ).
MESSAGE |Found { lines( lt_image_details ) } images in repository.| TYPE 'I'.
CATCH /aws1/cx_ecrrepositorynotfndex.
MESSAGE 'Repository not found.' TYPE 'I'.
CATCH /aws1/cx_ecrimagenotfoundex.
MESSAGE 'Image not found.' TYPE 'I'.
CATCH /aws1/cx_ecrinvalidparameterex.
MESSAGE 'Invalid parameter provided.' TYPE 'I'.
ENDTRY.
```
+ 有关 API 的详细信息,请参阅适用[DescribeImages](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)于 S *AP 的AWS SDK ABAP API 参考*。
------
# `DescribeRepositories`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `DescribeRepositories`。
操作示例是大型程序的代码摘录,必须在上下文中运行。在以下代码示例中,您可以查看此操作的上下文:
+ [了解基本功能](ecr_example_ecr_Scenario_RepositoryManagement_section.md)
------
#### [ CLI ]
**AWS CLI**
**描述注册表中的存储库**
此示例将描述账户默认注册表中的存储库。
命令:
```
aws ecr describe-repositories
```
输出:
```
{
"repositories": [
{
"registryId": "012345678910",
"repositoryName": "ubuntu",
"repositoryArn": "arn:aws:ecr:us-west-2:012345678910:repository/ubuntu"
},
{
"registryId": "012345678910",
"repositoryName": "test",
"repositoryArn": "arn:aws:ecr:us-west-2:012345678910:repository/test"
}
]
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[DescribeRepositories](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ecr/describe-repositories.html)*中的。
------
#### [ Java ]
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Retrieves the repository URI for the specified repository name.
*
* @param repoName the name of the repository to retrieve the URI for.
* @return the repository URI for the specified repository name.
* @throws EcrException if there is an error retrieving the repository information.
* @throws CompletionException if the asynchronous operation completes exceptionally.
*/
public void getRepositoryURI(String repoName) {
DescribeRepositoriesRequest request = DescribeRepositoriesRequest.builder()
.repositoryNames(repoName)
.build();
CompletableFuture response = getAsyncClient().describeRepositories(request);
response.whenComplete((describeRepositoriesResponse, ex) -> {
if (ex != null) {
Throwable cause = ex.getCause();
if (cause instanceof InterruptedException) {
Thread.currentThread().interrupt();
String errorMessage = "Thread interrupted while waiting for asynchronous operation: " + cause.getMessage();
throw new RuntimeException(errorMessage, cause);
} else if (cause instanceof EcrException) {
throw (EcrException) cause;
} else {
String errorMessage = "Unexpected error: " + cause.getMessage();
throw new RuntimeException(errorMessage, cause);
}
} else {
if (describeRepositoriesResponse != null) {
if (!describeRepositoriesResponse.repositories().isEmpty()) {
String repositoryUri = describeRepositoriesResponse.repositories().get(0).repositoryUri();
System.out.println("Repository URI found: " + repositoryUri);
} else {
System.out.println("No repositories found for the given name.");
}
} else {
System.err.println("No response received from describeRepositories.");
}
}
});
response.join();
}
```
+ 有关 API 的详细信息,请参阅 *AWS SDK for Java 2.x API 参考[DescribeRepositories](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/DescribeRepositories)*中的。
------
#### [ Kotlin ]
**适用于 Kotlin 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Retrieves the repository URI for the specified repository name.
*
* @param repoName the name of the repository to retrieve the URI for.
* @return the repository URI for the specified repository name.
*/
suspend fun getRepositoryURI(repoName: String?): String? {
require(!(repoName == null || repoName.isEmpty())) { "Repository name cannot be null or empty" }
val request =
DescribeRepositoriesRequest {
repositoryNames = listOf(repoName)
}
EcrClient.fromEnvironment { region = "us-east-1" }.use { ecrClient ->
val describeRepositoriesResponse = ecrClient.describeRepositories(request)
if (!describeRepositoriesResponse.repositories?.isEmpty()!!) {
return describeRepositoriesResponse?.repositories?.get(0)?.repositoryUri
} else {
println("No repositories found for the given name.")
return ""
}
}
}
```
+ 有关 API 的详细信息,请参阅适用[DescribeRepositories](https://sdk.amazonaws.com/kotlin/api/latest/index.html)于 K *otlin 的AWS SDK API 参考*。
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
class ECRWrapper:
def __init__(self, ecr_client: client):
self.ecr_client = ecr_client
@classmethod
def from_client(cls) -> "ECRWrapper":
"""
Creates a ECRWrapper instance with a default Amazon ECR client.
:return: An instance of ECRWrapper initialized with the default Amazon ECR client.
"""
ecr_client = boto3.client("ecr")
return cls(ecr_client)
def describe_repositories(self, repository_names: list[str]) -> list[dict]:
"""
Describes ECR repositories.
:param repository_names: The names of the repositories to describe.
:return: The list of repository descriptions.
"""
try:
response = self.ecr_client.describe_repositories(
repositoryNames=repository_names
)
return response["repositories"]
except ClientError as err:
logger.error(
"Couldn't describe repositories. Here's why %s",
err.response["Error"]["Message"],
)
raise
```
+ 有关 API 的详细信息,请参阅适用[DescribeRepositories](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/DescribeRepositories)于 *Python 的AWS SDK (Boto3) API 参考*。
------
#### [ Rust ]
**适用于 Rust 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
async fn show_repos(client: &aws_sdk_ecr::Client) -> Result<(), aws_sdk_ecr::Error> {
let rsp = client.describe_repositories().send().await?;
let repos = rsp.repositories();
println!("Found {} repositories:", repos.len());
for repo in repos {
println!(" ARN: {}", repo.repository_arn().unwrap());
println!(" Name: {}", repo.repository_name().unwrap());
}
Ok(())
}
```
+ 有关 API 的详细信息,请参阅适用[DescribeRepositories](https://docs.rs/aws-sdk-ecr/latest/aws_sdk_ecr/client/struct.Client.html#method.describe_repositories)于 *Rust 的AWS SDK API 参考*。
------
#### [ SAP ABAP ]
**适用于 SAP ABAP 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
TRY.
" it_repository_names = VALUE #( ( NEW /aws1/cl_ecrrepositorynamels00( iv_value = 'my-repository' ) ) )
oo_result = lo_ecr->describerepositories(
it_repositorynames = it_repository_names ).
DATA(lt_repositories) = oo_result->get_repositories( ).
MESSAGE |Found { lines( lt_repositories ) } repositories.| TYPE 'I'.
CATCH /aws1/cx_ecrrepositorynotfndex.
MESSAGE 'Repository not found.' TYPE 'I'.
ENDTRY.
```
+ 有关 API 的详细信息,请参阅适用[DescribeRepositories](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)于 S *AP 的AWS SDK ABAP API 参考*。
------
# `GetAuthorizationToken`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `GetAuthorizationToken`。
操作示例是大型程序的代码摘录,必须在上下文中运行。在以下代码示例中,您可以查看此操作的上下文:
+ [了解基本功能](ecr_example_ecr_Scenario_RepositoryManagement_section.md)
------
#### [ CLI ]
**AWS CLI**
**要获取默认注册表的授权令牌**
以下 `get-authorization-token` 示例命令可获取默认注册表的授权令牌。
```
aws ecr get-authorization-token
```
输出:
```
{
"authorizationData": [
{
"authorizationToken": "QVdTOkN...",
"expiresAt": 1448875853.241,
"proxyEndpoint": "https://123456789012.dkr.ecr.us-west-2.amazonaws.com"
}
]
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[GetAuthorizationToken](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ecr/get-authorization-token.html)*中的。
------
#### [ Java ]
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Retrieves the authorization token for Amazon Elastic Container Registry (ECR).
* This method makes an asynchronous call to the ECR client to retrieve the authorization token.
* If the operation is successful, the method prints the token to the console.
* If an exception occurs, the method handles the exception and prints the error message.
*
* @throws EcrException if there is an error retrieving the authorization token from ECR.
* @throws RuntimeException if there is an unexpected error during the operation.
*/
public void getAuthToken() {
CompletableFuture response = getAsyncClient().getAuthorizationToken();
response.whenComplete((authorizationTokenResponse, ex) -> {
if (authorizationTokenResponse != null) {
AuthorizationData authorizationData = authorizationTokenResponse.authorizationData().get(0);
String token = authorizationData.authorizationToken();
if (!token.isEmpty()) {
System.out.println("The token was successfully retrieved.");
}
} else {
if (ex.getCause() instanceof EcrException) {
throw (EcrException) ex.getCause();
} else {
String errorMessage = "Unexpected error occurred: " + ex.getMessage();
throw new RuntimeException(errorMessage, ex); // Rethrow the exception
}
}
});
response.join();
}
```
+ 有关 API 的详细信息,请参阅 *AWS SDK for Java 2.x API 参考[GetAuthorizationToken](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/GetAuthorizationToken)*中的。
------
#### [ Kotlin ]
**适用于 Kotlin 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Retrieves the authorization token for Amazon Elastic Container Registry (ECR).
*
*/
suspend fun getAuthToken() {
EcrClient.fromEnvironment { region = "us-east-1" }.use { ecrClient ->
// Retrieve the authorization token for ECR.
val response = ecrClient.getAuthorizationToken()
val authorizationData = response.authorizationData?.get(0)
val token = authorizationData?.authorizationToken
if (token != null) {
println("The token was successfully retrieved.")
}
}
}
```
+ 有关 API 的详细信息,请参阅适用[GetAuthorizationToken](https://sdk.amazonaws.com/kotlin/api/latest/index.html)于 K *otlin 的AWS SDK API 参考*。
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
class ECRWrapper:
def __init__(self, ecr_client: client):
self.ecr_client = ecr_client
@classmethod
def from_client(cls) -> "ECRWrapper":
"""
Creates a ECRWrapper instance with a default Amazon ECR client.
:return: An instance of ECRWrapper initialized with the default Amazon ECR client.
"""
ecr_client = boto3.client("ecr")
return cls(ecr_client)
def get_authorization_token(self) -> str:
"""
Gets an authorization token for an ECR repository.
:return: The authorization token.
"""
try:
response = self.ecr_client.get_authorization_token()
return response["authorizationData"][0]["authorizationToken"]
except ClientError as err:
logger.error(
"Couldn't get authorization token. Here's why %s",
err.response["Error"]["Message"],
)
raise
```
+ 有关 API 的详细信息,请参阅适用[GetAuthorizationToken](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/GetAuthorizationToken)于 *Python 的AWS SDK (Boto3) API 参考*。
------
#### [ SAP ABAP ]
**适用于 SAP ABAP 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
TRY.
oo_result = lo_ecr->getauthorizationtoken( ).
DATA(lt_auth_data) = oo_result->get_authorizationdata( ).
IF lines( lt_auth_data ) > 0.
READ TABLE lt_auth_data INDEX 1 INTO DATA(lo_auth_data).
DATA(lv_token) = lo_auth_data->get_authorizationtoken( ).
MESSAGE 'Authorization token retrieved.' TYPE 'I'.
ENDIF.
CATCH /aws1/cx_ecrserverexception.
MESSAGE 'Server exception occurred.' TYPE 'I'.
ENDTRY.
```
+ 有关 API 的详细信息,请参阅适用[GetAuthorizationToken](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)于 S *AP 的AWS SDK ABAP API 参考*。
------
# `GetRepositoryPolicy`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `GetRepositoryPolicy`。
操作示例是大型程序的代码摘录,必须在上下文中运行。在以下代码示例中,您可以查看此操作的上下文:
+ [了解基本功能](ecr_example_ecr_Scenario_RepositoryManagement_section.md)
------
#### [ CLI ]
**AWS CLI**
**要检索用于存储库的存储库策略**
以下 `get-repository-policy` 示例显示 `cluster-autoscaler` 存储库的存储库策略的相关详细信息。
```
aws ecr get-repository-policy \
--repository-name cluster-autoscaler
```
输出:
```
{
"registryId": "012345678910",
"repositoryName": "cluster-autoscaler",
"policyText": "{\n \"Version\" : \"2008-10-17\",\n \"Statement\" : [ {\n \"Sid\" : \"allow public pull\",\n \"Effect\" : \"Allow\",\n \"Principal\" : \"*\",\n \"Action\" : [ \"ecr:BatchCheckLayerAvailability\", \"ecr:BatchGetImage\", \"ecr:GetDownloadUrlForLayer\" ]\n } ]\n}"
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[GetRepositoryPolicy](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ecr/get-repository-policy.html)*中的。
------
#### [ Java ]
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Gets the repository policy for the specified repository.
*
* @param repoName the name of the repository.
* @throws EcrException if an AWS error occurs while getting the repository policy.
*/
public String getRepoPolicy(String repoName) {
if (repoName == null || repoName.isEmpty()) {
throw new IllegalArgumentException("Repository name cannot be null or empty");
}
GetRepositoryPolicyRequest getRepositoryPolicyRequest = GetRepositoryPolicyRequest.builder()
.repositoryName(repoName)
.build();
CompletableFuture response = getAsyncClient().getRepositoryPolicy(getRepositoryPolicyRequest);
response.whenComplete((resp, ex) -> {
if (resp != null) {
System.out.println("Repository policy retrieved successfully.");
} else {
if (ex.getCause() instanceof EcrException) {
throw (EcrException) ex.getCause();
} else {
String errorMessage = "Unexpected error occurred: " + ex.getMessage();
throw new RuntimeException(errorMessage, ex);
}
}
});
GetRepositoryPolicyResponse result = response.join();
return result != null ? result.policyText() : null;
}
```
+ 有关 API 的详细信息,请参阅 *AWS SDK for Java 2.x API 参考[GetRepositoryPolicy](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/GetRepositoryPolicy)*中的。
------
#### [ Kotlin ]
**适用于 Kotlin 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Gets the repository policy for the specified repository.
*
* @param repoName the name of the repository.
*/
suspend fun getRepoPolicy(repoName: String?): String? {
require(!(repoName == null || repoName.isEmpty())) { "Repository name cannot be null or empty" }
// Create the request
val getRepositoryPolicyRequest =
GetRepositoryPolicyRequest {
repositoryName = repoName
}
EcrClient.fromEnvironment { region = "us-east-1" }.use { ecrClient ->
val response = ecrClient.getRepositoryPolicy(getRepositoryPolicyRequest)
val responseText = response.policyText
return responseText
}
}
```
+ 有关 API 的详细信息,请参阅适用[GetRepositoryPolicy](https://sdk.amazonaws.com/kotlin/api/latest/index.html)于 K *otlin 的AWS SDK API 参考*。
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
class ECRWrapper:
def __init__(self, ecr_client: client):
self.ecr_client = ecr_client
@classmethod
def from_client(cls) -> "ECRWrapper":
"""
Creates a ECRWrapper instance with a default Amazon ECR client.
:return: An instance of ECRWrapper initialized with the default Amazon ECR client.
"""
ecr_client = boto3.client("ecr")
return cls(ecr_client)
def get_repository_policy(self, repository_name: str) -> str:
"""
Gets the policy for an ECR repository.
:param repository_name: The name of the repository to get the policy for.
:return: The policy text.
"""
try:
response = self.ecr_client.get_repository_policy(
repositoryName=repository_name
)
return response["policyText"]
except ClientError as err:
if err.response["Error"]["Code"] == "RepositoryPolicyNotFoundException":
logger.error("Repository does not exist. %s.", repository_name)
raise
else:
logger.error(
"Couldn't get repository policy for repository %s. Here's why %s",
repository_name,
err.response["Error"]["Message"],
)
raise
```
+ 有关 API 的详细信息,请参阅适用[GetRepositoryPolicy](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/GetRepositoryPolicy)于 *Python 的AWS SDK (Boto3) API 参考*。
------
#### [ SAP ABAP ]
**适用于 SAP ABAP 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
TRY.
" iv_repository_name = 'my-repository'
oo_result = lo_ecr->getrepositorypolicy(
iv_repositoryname = iv_repository_name ).
DATA(lv_policy_text) = oo_result->get_policytext( ).
MESSAGE 'Repository policy retrieved.' TYPE 'I'.
CATCH /aws1/cx_ecrrepositorynotfndex.
MESSAGE 'Repository not found.' TYPE 'I'.
CATCH /aws1/cx_ecrrepositoryplynot00.
MESSAGE 'Repository policy not found.' TYPE 'I'.
ENDTRY.
```
+ 有关 API 的详细信息,请参阅适用[GetRepositoryPolicy](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)于 S *AP 的AWS SDK ABAP API 参考*。
------
# `ListImages`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `ListImages`。
------
#### [ CLI ]
**AWS CLI**
**列出存储库的映像**
以下 `list-images` 示例将显示 `cluster-autoscaler` 存储库的映像列表。
```
aws ecr list-images \
--repository-name cluster-autoscaler
```
输出:
```
{
"imageIds": [
{
"imageDigest": "sha256:99c6fb4377e9a420a1eb3b410a951c9f464eff3b7dbc76c65e434e39b94b6570",
"imageTag": "v1.13.8"
},
{
"imageDigest": "sha256:99c6fb4377e9a420a1eb3b410a951c9f464eff3b7dbc76c65e434e39b94b6570",
"imageTag": "v1.13.7"
},
{
"imageDigest": "sha256:4a1c6567c38904384ebc64e35b7eeddd8451110c299e3368d2210066487d97e5",
"imageTag": "v1.13.6"
}
]
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[ListImages](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ecr/list-images.html)*中的。
------
#### [ Rust ]
**适用于 Rust 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/rustv1/examples/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
async fn show_images(
client: &aws_sdk_ecr::Client,
repository: &str,
) -> Result<(), aws_sdk_ecr::Error> {
let rsp = client
.list_images()
.repository_name(repository)
.send()
.await?;
let images = rsp.image_ids();
println!("found {} images", images.len());
for image in images {
println!(
"image: {}:{}",
image.image_tag().unwrap(),
image.image_digest().unwrap()
);
}
Ok(())
}
```
+ 有关 API 的详细信息,请参阅适用[ListImages](https://docs.rs/aws-sdk-ecr/latest/aws_sdk_ecr/client/struct.Client.html#method.list_images)于 *Rust 的AWS SDK API 参考*。
------
# `PushImageCmd`与 AWS SDK 一起使用
以下代码示例演示如何使用 `PushImageCmd`。
------
#### [ Java ]
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Pushes a Docker image to an Amazon Elastic Container Registry (ECR) repository.
*
* @param repoName the name of the ECR repository to push the image to.
* @param imageName the name of the Docker image.
*/
public void pushDockerImage(String repoName, String imageName) {
System.out.println("Pushing " + imageName + " to Amazon ECR will take a few seconds.");
CompletableFuture authResponseFuture = getAsyncClient().getAuthorizationToken()
.thenApply(response -> {
String token = response.authorizationData().get(0).authorizationToken();
String decodedToken = new String(Base64.getDecoder().decode(token));
String password = decodedToken.substring(4);
DescribeRepositoriesResponse descrRepoResponse = getAsyncClient().describeRepositories(b -> b.repositoryNames(repoName)).join();
Repository repoData = descrRepoResponse.repositories().stream().filter(r -> r.repositoryName().equals(repoName)).findFirst().orElse(null);
assert repoData != null;
String registryURL = repoData.repositoryUri().split("/")[0];
AuthConfig authConfig = new AuthConfig()
.withUsername("AWS")
.withPassword(password)
.withRegistryAddress(registryURL);
return authConfig;
})
.thenCompose(authConfig -> {
DescribeRepositoriesResponse descrRepoResponse = getAsyncClient().describeRepositories(b -> b.repositoryNames(repoName)).join();
Repository repoData = descrRepoResponse.repositories().stream().filter(r -> r.repositoryName().equals(repoName)).findFirst().orElse(null);
getDockerClient().tagImageCmd(imageName + ":latest", repoData.repositoryUri() + ":latest", imageName).exec();
try {
getDockerClient().pushImageCmd(repoData.repositoryUri()).withTag("echo-text").withAuthConfig(authConfig).start().awaitCompletion();
System.out.println("The " + imageName + " was pushed to ECR");
} catch (InterruptedException e) {
throw (RuntimeException) e.getCause();
}
return CompletableFuture.completedFuture(authConfig);
});
authResponseFuture.join();
}
```
+ 有关 API 的详细信息,请参阅 *AWS SDK for Java 2.x API 参考[PushImageCmd](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/PushImageCmd)*中的。
------
#### [ Kotlin ]
**适用于 Kotlin 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Pushes a Docker image to an Amazon Elastic Container Registry (ECR) repository.
*
* @param repoName the name of the ECR repository to push the image to.
* @param imageName the name of the Docker image.
*/
suspend fun pushDockerImage(
repoName: String,
imageName: String,
) {
println("Pushing $imageName to $repoName will take a few seconds")
val authConfig = getAuthConfig(repoName)
EcrClient.fromEnvironment { region = "us-east-1" }.use { ecrClient ->
val desRequest =
DescribeRepositoriesRequest {
repositoryNames = listOf(repoName)
}
val describeRepoResponse = ecrClient.describeRepositories(desRequest)
val repoData =
describeRepoResponse.repositories?.firstOrNull { it.repositoryName == repoName }
?: throw RuntimeException("Repository not found: $repoName")
val tagImageCmd = getDockerClient()?.tagImageCmd("$imageName", "${repoData.repositoryUri}", imageName)
if (tagImageCmd != null) {
tagImageCmd.exec()
}
val pushImageCmd =
repoData.repositoryUri?.let {
dockerClient?.pushImageCmd(it)
// ?.withTag("latest")
?.withAuthConfig(authConfig)
}
try {
if (pushImageCmd != null) {
pushImageCmd.start().awaitCompletion()
}
println("The $imageName was pushed to Amazon ECR")
} catch (e: IOException) {
throw RuntimeException(e)
}
}
}
```
+ 有关 API 的详细信息,请参阅适用[PushImageCmd](https://sdk.amazonaws.com/kotlin/api/latest/index.html)于 K *otlin 的AWS SDK API 参考*。
------
# `PutLifeCyclePolicy`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `PutLifeCyclePolicy`。
------
#### [ CLI ]
**AWS CLI**
**创建生命周期策略**
以下 `put-lifecycle-policy` 示例为账户的默认注册表中的指定存储库创建生命周期策略。
```
aws ecr put-lifecycle-policy \
--repository-name "project-a/amazon-ecs-sample" \
--lifecycle-policy-text "file://policy.json"
```
`policy.json` 的内容:
```
{
"rules": [
{
"rulePriority": 1,
"description": "Expire images older than 14 days",
"selection": {
"tagStatus": "untagged",
"countType": "sinceImagePushed",
"countUnit": "days",
"countNumber": 14
},
"action": {
"type": "expire"
}
}
]
}
```
输出:
```
{
"registryId": "",
"repositoryName": "project-a/amazon-ecs-sample",
"lifecyclePolicyText": "{\"rules\":[{\"rulePriority\":1,\"description\":\"Expire images older than 14 days\",\"selection\":{\"tagStatus\":\"untagged\",\"countType\":\"sinceImagePushed\",\"countUnit\":\"days\",\"countNumber\":14},\"action\":{\"type\":\"expire\"}}]}"
}
```
有关更多信息,请参阅《Amazon ECR 用户指南》**中的[生命周期策略](https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html)。
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[PutLifeCyclePolicy](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ecr/put-life-cycle-policy.html)*中的。
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
class ECRWrapper:
def __init__(self, ecr_client: client):
self.ecr_client = ecr_client
@classmethod
def from_client(cls) -> "ECRWrapper":
"""
Creates a ECRWrapper instance with a default Amazon ECR client.
:return: An instance of ECRWrapper initialized with the default Amazon ECR client.
"""
ecr_client = boto3.client("ecr")
return cls(ecr_client)
def put_lifecycle_policy(self, repository_name: str, lifecycle_policy_text: str):
"""
Puts a lifecycle policy for an ECR repository.
:param repository_name: The name of the repository to put the lifecycle policy for.
:param lifecycle_policy_text: The lifecycle policy text to put.
"""
try:
self.ecr_client.put_lifecycle_policy(
repositoryName=repository_name,
lifecyclePolicyText=lifecycle_policy_text,
)
print(f"Put lifecycle policy for repository {repository_name}.")
except ClientError as err:
logger.error(
"Couldn't put lifecycle policy for repository %s. Here's why %s",
repository_name,
err.response["Error"]["Message"],
)
raise
```
放置到期日期策略的示例。
```
def put_expiration_policy(self):
"""
Puts an expiration policy on the ECR repository.
"""
policy_json = {
"rules": [
{
"rulePriority": 1,
"description": "Expire images older than 14 days",
"selection": {
"tagStatus": "any",
"countType": "sinceImagePushed",
"countUnit": "days",
"countNumber": 14,
},
"action": {"type": "expire"},
}
]
}
self.ecr_wrapper.put_lifecycle_policy(
self.repository_name, json.dumps(policy_json)
)
```
+ 有关 API 的详细信息,请参阅适用[PutLifeCyclePolicy](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/PutLifeCyclePolicy)于 *Python 的AWS SDK (Boto3) API 参考*。
------
#### [ SAP ABAP ]
**适用于 SAP ABAP 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
TRY.
" iv_repository_name = 'my-repository'
" iv_lifecycle_policy_text = '{"rules":[{"rulePriority":1,"description":"Expire images older than 14 days",...}]}'
lo_ecr->putlifecyclepolicy(
iv_repositoryname = iv_repository_name
iv_lifecyclepolicytext = iv_lifecycle_policy_text ).
MESSAGE |Lifecycle policy set for repository { iv_repository_name }.| TYPE 'I'.
CATCH /aws1/cx_ecrrepositorynotfndex.
MESSAGE 'Repository not found.' TYPE 'I'.
CATCH /aws1/cx_ecrvalidationex.
MESSAGE 'Invalid lifecycle policy format.' TYPE 'I'.
ENDTRY.
```
+ 有关 API 的详细信息,请参阅适用[PutLifeCyclePolicy](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)于 S *AP 的AWS SDK ABAP API 参考*。
------
# `SetRepositoryPolicy`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `SetRepositoryPolicy`。
操作示例是大型程序的代码摘录,必须在上下文中运行。在以下代码示例中,您可以查看此操作的上下文:
+ [了解基本功能](ecr_example_ecr_Scenario_RepositoryManagement_section.md)
------
#### [ CLI ]
**AWS CLI**
**要为存储库设置存储库策略**
以下 `set-repository-policy` 示例将文件中包含的存储库策略附加到 `cluster-autoscaler` 存储库。
```
aws ecr set-repository-policy \
--repository-name cluster-autoscaler \
--policy-text file://my-policy.json
```
`my-policy.json` 的内容:
```
{
"Version":"2012-10-17",
"Statement" : [
{
"Sid" : "allow public pull",
"Effect" : "Allow",
"Principal" : "*",
"Action" : [
"ecr:BatchCheckLayerAvailability",
"ecr:BatchGetImage",
"ecr:GetDownloadUrlForLayer"
]
}
]
}
```
输出:
```
{
"registryId": "012345678910",
"repositoryName": "cluster-autoscaler",
"policyText": "{\n \"Version\" : \"2008-10-17\",\n \"Statement\" : [ {\n \"Sid\" : \"allow public pull\",\n \"Effect\" : \"Allow\",\n \"Principal\" : \"*\",\n \"Action\" : [ \"ecr:BatchCheckLayerAvailability\", \"ecr:BatchGetImage\", \"ecr:GetDownloadUrlForLayer\" ]\n } ]\n}"
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[SetRepositoryPolicy](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ecr/set-repository-policy.html)*中的。
------
#### [ Java ]
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Sets the repository policy for the specified ECR repository.
*
* @param repoName the name of the ECR repository.
* @param iamRole the IAM role to be granted access to the repository.
* @throws RepositoryPolicyNotFoundException if the repository policy does not exist.
* @throws EcrException if there is an unexpected error setting the repository policy.
*/
public void setRepoPolicy(String repoName, String iamRole) {
/*
This example policy document grants the specified AWS principal the permission to perform the
`ecr:BatchGetImage` action. This policy is designed to allow the specified principal
to retrieve Docker images from the ECR repository.
*/
String policyDocumentTemplate = """
{
"Version":"2012-10-17",
"Statement" : [ {
"Sid" : "new statement",
"Effect" : "Allow",
"Principal" : {
"AWS" : "%s"
},
"Action" : "ecr:BatchGetImage"
} ]
}
""";
String policyDocument = String.format(policyDocumentTemplate, iamRole);
SetRepositoryPolicyRequest setRepositoryPolicyRequest = SetRepositoryPolicyRequest.builder()
.repositoryName(repoName)
.policyText(policyDocument)
.build();
CompletableFuture response = getAsyncClient().setRepositoryPolicy(setRepositoryPolicyRequest);
response.whenComplete((resp, ex) -> {
if (resp != null) {
System.out.println("Repository policy set successfully.");
} else {
Throwable cause = ex.getCause();
if (cause instanceof RepositoryPolicyNotFoundException) {
throw (RepositoryPolicyNotFoundException) cause;
} else if (cause instanceof EcrException) {
throw (EcrException) cause;
} else {
String errorMessage = "Unexpected error: " + cause.getMessage();
throw new RuntimeException(errorMessage, cause);
}
}
});
response.join();
}
```
+ 有关 API 的详细信息,请参阅 *AWS SDK for Java 2.x API 参考[SetRepositoryPolicy](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/SetRepositoryPolicy)*中的。
------
#### [ Kotlin ]
**适用于 Kotlin 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Sets the repository policy for the specified ECR repository.
*
* @param repoName the name of the ECR repository.
* @param iamRole the IAM role to be granted access to the repository.
*/
suspend fun setRepoPolicy(
repoName: String?,
iamRole: String?,
) {
val policyDocumentTemplate =
"""
{
"Version":"2012-10-17",
"Statement" : [ {
"Sid" : "new statement",
"Effect" : "Allow",
"Principal" : {
"AWS" : "$iamRole"
},
"Action" : "ecr:BatchGetImage"
} ]
}
""".trimIndent()
val setRepositoryPolicyRequest =
SetRepositoryPolicyRequest {
repositoryName = repoName
policyText = policyDocumentTemplate
}
EcrClient.fromEnvironment { region = "us-east-1" }.use { ecrClient ->
val response = ecrClient.setRepositoryPolicy(setRepositoryPolicyRequest)
if (response != null) {
println("Repository policy set successfully.")
}
}
}
```
+ 有关 API 的详细信息,请参阅适用[SetRepositoryPolicy](https://sdk.amazonaws.com/kotlin/api/latest/index.html)于 K *otlin 的AWS SDK API 参考*。
------
#### [ Python ]
**适用于 Python 的 SDK(Boto3)**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
class ECRWrapper:
def __init__(self, ecr_client: client):
self.ecr_client = ecr_client
@classmethod
def from_client(cls) -> "ECRWrapper":
"""
Creates a ECRWrapper instance with a default Amazon ECR client.
:return: An instance of ECRWrapper initialized with the default Amazon ECR client.
"""
ecr_client = boto3.client("ecr")
return cls(ecr_client)
def set_repository_policy(self, repository_name: str, policy_text: str):
"""
Sets the policy for an ECR repository.
:param repository_name: The name of the repository to set the policy for.
:param policy_text: The policy text to set.
"""
try:
self.ecr_client.set_repository_policy(
repositoryName=repository_name, policyText=policy_text
)
print(f"Set repository policy for repository {repository_name}.")
except ClientError as err:
if err.response["Error"]["Code"] == "RepositoryPolicyNotFoundException":
logger.error("Repository does not exist. %s.", repository_name)
raise
else:
logger.error(
"Couldn't set repository policy for repository %s. Here's why %s",
repository_name,
err.response["Error"]["Message"],
)
raise
```
向 IAM 角色授予下载访问权限的示例。
```
def grant_role_download_access(self, role_arn: str):
"""
Grants the specified role access to download images from the ECR repository.
:param role_arn: The ARN of the role to grant access to.
"""
policy_json = {
"Version":"2012-10-17",
"Statement": [
{
"Sid": "AllowDownload",
"Effect": "Allow",
"Principal": {"AWS": role_arn},
"Action": ["ecr:BatchGetImage"],
}
],
}
self.ecr_wrapper.set_repository_policy(
self.repository_name, json.dumps(policy_json)
)
```
+ 有关 API 的详细信息,请参阅适用[SetRepositoryPolicy](https://docs.aws.amazon.com/goto/boto3/ecr-2015-09-21/SetRepositoryPolicy)于 *Python 的AWS SDK (Boto3) API 参考*。
------
#### [ SAP ABAP ]
**适用于 SAP ABAP 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
TRY.
" iv_repository_name = 'my-repository'
" iv_policy_text = '{"Version":"2012-10-17", "Statement":[...]}'
lo_ecr->setrepositorypolicy(
iv_repositoryname = iv_repository_name
iv_policytext = iv_policy_text ).
MESSAGE |Policy set for repository { iv_repository_name }.| TYPE 'I'.
CATCH /aws1/cx_ecrrepositorynotfndex.
MESSAGE 'Repository not found.' TYPE 'I'.
ENDTRY.
```
+ 有关 API 的详细信息,请参阅适用[SetRepositoryPolicy](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)于 S *AP 的AWS SDK ABAP API 参考*。
------
# `StartLifecyclePolicyPreview`与 AWS SDK 或 CLI 配合使用
以下代码示例演示如何使用 `StartLifecyclePolicyPreview`。
操作示例是大型程序的代码摘录,必须在上下文中运行。在以下代码示例中,您可以查看此操作的上下文:
+ [了解基本功能](ecr_example_ecr_Scenario_RepositoryManagement_section.md)
------
#### [ CLI ]
**AWS CLI**
**要创建生命周期策略预览**
以下 `start-lifecycle-policy-preview` 示例创建了由指定存储库的 JSON 文件定义的生命周期策略预览。
```
aws ecr start-lifecycle-policy-preview \
--repository-name "project-a/amazon-ecs-sample" \
--lifecycle-policy-text "file://policy.json"
```
`policy.json` 的内容:
```
{
"rules": [
{
"rulePriority": 1,
"description": "Expire images older than 14 days",
"selection": {
"tagStatus": "untagged",
"countType": "sinceImagePushed",
"countUnit": "days",
"countNumber": 14
},
"action": {
"type": "expire"
}
}
]
}
```
输出:
```
{
"registryId": "012345678910",
"repositoryName": "project-a/amazon-ecs-sample",
"lifecyclePolicyText": "{\n \"rules\": [\n {\n \"rulePriority\": 1,\n \"description\": \"Expire images older than 14 days\",\n \"selection\": {\n \"tagStatus\": \"untagged\",\n \"countType\": \"sinceImagePushed\",\n \"countUnit\": \"days\",\n \"countNumber\": 14\n },\n \"action\": {\n \"type\": \"expire\"\n }\n }\n ]\n}\n",
"status": "IN_PROGRESS"
}
```
+ 有关 API 的详细信息,请参阅*AWS CLI 命令参考[StartLifecyclePolicyPreview](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ecr/start-lifecycle-policy-preview.html)*中的。
------
#### [ Java ]
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Verifies the existence of an image in an Amazon Elastic Container Registry (Amazon ECR) repository asynchronously.
*
* @param repositoryName The name of the Amazon ECR repository.
* @param imageTag The tag of the image to verify.
* @throws EcrException if there is an error retrieving the image information from Amazon ECR.
* @throws CompletionException if the asynchronous operation completes exceptionally.
*/
public void verifyImage(String repositoryName, String imageTag) {
DescribeImagesRequest request = DescribeImagesRequest.builder()
.repositoryName(repositoryName)
.imageIds(ImageIdentifier.builder().imageTag(imageTag).build())
.build();
CompletableFuture response = getAsyncClient().describeImages(request);
response.whenComplete((describeImagesResponse, ex) -> {
if (ex != null) {
if (ex instanceof CompletionException) {
Throwable cause = ex.getCause();
if (cause instanceof EcrException) {
throw (EcrException) cause;
} else {
throw new RuntimeException("Unexpected error: " + cause.getMessage(), cause);
}
} else {
throw new RuntimeException("Unexpected error: " + ex.getCause());
}
} else if (describeImagesResponse != null && !describeImagesResponse.imageDetails().isEmpty()) {
System.out.println("Image is present in the repository.");
} else {
System.out.println("Image is not present in the repository.");
}
});
// Wait for the CompletableFuture to complete.
response.join();
}
```
+ 有关 API 的详细信息,请参阅 *AWS SDK for Java 2.x API 参考[StartLifecyclePolicyPreview](https://docs.aws.amazon.com/goto/SdkForJavaV2/ecr-2015-09-21/StartLifecyclePolicyPreview)*中的。
------
#### [ Kotlin ]
**适用于 Kotlin 的 SDK**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/ecr#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Verifies the existence of an image in an Amazon Elastic Container Registry (Amazon ECR) repository asynchronously.
*
* @param repositoryName The name of the Amazon ECR repository.
* @param imageTag The tag of the image to verify.
*/
suspend fun verifyImage(
repoName: String?,
imageTagVal: String?,
) {
require(!(repoName == null || repoName.isEmpty())) { "Repository name cannot be null or empty" }
require(!(imageTagVal == null || imageTagVal.isEmpty())) { "Image tag cannot be null or empty" }
val imageId =
ImageIdentifier {
imageTag = imageTagVal
}
val request =
DescribeImagesRequest {
repositoryName = repoName
imageIds = listOf(imageId)
}
EcrClient.fromEnvironment { region = "us-east-1" }.use { ecrClient ->
val describeImagesResponse = ecrClient.describeImages(request)
if (describeImagesResponse != null && !describeImagesResponse.imageDetails?.isEmpty()!!) {
println("Image is present in the repository.")
} else {
println("Image is not present in the repository.")
}
}
}
```
+ 有关 API 的详细信息,请参阅适用[StartLifecyclePolicyPreview](https://sdk.amazonaws.com/kotlin/api/latest/index.html)于 K *otlin 的AWS SDK API 参考*。
------