in aws-ecr-repository/src/main/java/software/amazon/ecr/repository/UpdateHandler.java [30:112]
protected ProgressEvent<ResourceModel, CallbackContext> handleRequest(
final AmazonWebServicesClientProxy proxy,
final ResourceHandlerRequest<ResourceModel> request,
final CallbackContext callbackContext,
final ProxyClient<EcrClient> proxyClient,
final Logger logger) {
final ResourceModel model = request.getDesiredResourceState();
final String accountId = request.getAwsAccountId();
final String repositoryName = model.getRepositoryName();
this.client = proxyClient.client();
this.proxy = proxy;
try {
final ResourceModel previousModel = request.getPreviousResourceState();
if (model.getEncryptionConfiguration() != null) {
if (!model.getEncryptionConfiguration().equals(previousModel.getEncryptionConfiguration())) {
return ProgressEvent.<ResourceModel, CallbackContext>builder()
.errorCode(HandlerErrorCode.NotUpdatable)
.status(OperationStatus.FAILED)
.message("The encryption settings cannot be changed after the repository is created.")
.build();
}
} else if (previousModel.getEncryptionConfiguration() != null) {
return ProgressEvent.<ResourceModel, CallbackContext>builder()
.errorCode(HandlerErrorCode.NotUpdatable)
.status(OperationStatus.FAILED)
.message("The encryption settings cannot be changed after the repository is created.")
.build();
}
if (model.getRepositoryPolicyText() != null) {
proxy.injectCredentialsAndInvokeV2(Translator.setRepositoryPolicyRequest(model), client::setRepositoryPolicy);
} else {
try {
// Read call is necessary to avoid exception during update if role does not have DeleteRepositoryPolicy permission.
proxy.injectCredentialsAndInvokeV2(Translator.getRepositoryPolicyRequest(repositoryName, accountId), client::getRepositoryPolicy);
proxy.injectCredentialsAndInvokeV2(Translator.deleteRepositoryPolicyRequest(model), client::deleteRepositoryPolicy);
} catch (RepositoryPolicyNotFoundException e) {
// there's no policy to delete
}
}
if (model.getLifecyclePolicy() != null) {
proxy.injectCredentialsAndInvokeV2(Translator.putLifecyclePolicyRequest(model), client::putLifecyclePolicy);
} else {
try {
// Read call is necessary to avoid exception during update if role does not have DeleteLifecyclePolicy permission.
proxy.injectCredentialsAndInvokeV2(Translator.getLifecyclePolicyRequest(repositoryName, accountId), client::getLifecyclePolicy);
proxy.injectCredentialsAndInvokeV2(Translator.deleteLifecyclePolicyRequest(model), client::deleteLifecyclePolicy);
} catch (LifecyclePolicyNotFoundException e) {
// there's no policy to delete
}
}
if (model.getImageTagMutability() != null) {
proxy.injectCredentialsAndInvokeV2(Translator.putImageTagMutabilityRequest(model, accountId), client::putImageTagMutability);
}
if (model.getImageScanningConfiguration() != null) {
proxy.injectCredentialsAndInvokeV2(Translator.putImageScanningConfigurationRequest(model, accountId), client::putImageScanningConfiguration);
}
final DescribeRepositoriesResponse describeResponse = proxy.injectCredentialsAndInvokeV2(Translator.describeRepositoriesRequest(model), client::describeRepositories);
final String arn = describeResponse.repositories().get(0).repositoryArn();
final String uri = describeResponse.repositories().get(0).repositoryUri();
model.setArn(arn);
model.setRepositoryUri(uri);
handleTagging(request.getDesiredResourceTags(), arn);
logger.log(String.format("%s [%s] Update Successful", ResourceModel.TYPE_NAME, model.getRepositoryName()));
} catch (RepositoryNotFoundException e) {
return ProgressEvent.<ResourceModel, CallbackContext>builder()
.errorCode(HandlerErrorCode.NotFound)
.status(OperationStatus.FAILED)
.message(e.getMessage())
.build();
}
return ProgressEvent.<ResourceModel, CallbackContext>builder()
.resourceModel(model)
.status(OperationStatus.SUCCESS)
.build();
}