renovate/lib/modules/datasource/aws-machine-image
2023-03-10 09:34:40 +01:00
..
index.spec.ts refactor(datasource): use packageName and not depName for datasource lookups () 2023-03-10 09:34:40 +01:00
index.ts refactor: rename lookupName -> packageName () 2022-03-04 09:04:02 +01:00
readme.md docs: fix aws-machine-image datasource usage () 2022-04-09 09:36:34 +02:00

!!! warning This datasource is experimental. Its syntax and behavior may change at any time!

This datasource returns the latest Amazon Machine Image via the AWS API.

Because the datasource uses the AWS-SDK for JavaScript, you can configure it like other AWS Tools. You can use common AWS configuration options, for example (partial list):

  • Setting the region via AWS_REGION (environment variable) or your ~/.aws/config file
  • Provide credentials via AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY (environment variable) or your ~/.aws/credentials file
  • Select the profile to use via AWS_PROFILE environment variable

Read the Developer guide for more information on configuration options.

The least IAM privileges required for this datasource are:

{
  "Sid": "AllowEc2ImageLookup",
  "Effect": "Allow",
  "Action": ["ec2:DescribeImages"],
  "Resource": "*"
}

Read the AWS IAM Reference for more information.

Because there is no general packageName, you have to use the describe images filter as minified JSON as a packageName.

Example:

# Getting the latest official EKS image from AWS (account '602401143452' for eu-central-1) for EKS 1.21 (name matches 'amazon-eks-node-1.21-*') would look as a describe images filter like:

[
  {
    "Name": "owner-id",
    "Values": [ "602401143452" ]
  },
  {
    "Name": "name",
    "Values": [ "amazon-eks-node-1.21-*" ]
  }
]

# In order to use it with this datasource, you have to minify it:

[{"Name":"owner-id","Values":["602401143452"]},{"Name":"name","Values":["amazon-eks-node-1.21-*"]}]

At the moment, this datasource has no "manager". You have to use the regex manager for this.

Usage Example

Here's an example of using the regex manager:

module.exports = {
  regexManagers: [
    {
      fileMatch: ['.*'],
      matchStrings: [
        '.*amiFilter=(?<packageName>.*?)\n(.*currentImageName=(?<currentDigest>.*?)\n)?(.*\n)?.*?(?<depName>[a-zA-Z0-9-_:]*)[ ]*?[:|=][ ]*?["|\']?(?<currentValue>ami-[a-z0-9]{17})["|\']?.*',
      ],
      datasourceTemplate: 'aws-machine-image',
      versioningTemplate: 'aws-machine-image',
    },
  ],
};

Or as JSON:

{
  'regexManagers':
    [
      {
        'fileMatch': ['.*'],
        'matchStrings':
          [
            ".*amiFilter=(?<packageName>.*?)\n(.*currentImageName=(?<currentDigest>.*?)\n)?(.*\n)?.*?(?<depName>[a-zA-Z0-9-_:]*)[ ]*?[:|=][ ]*?[\"|']?(?<currentValue>ami-[a-z0-9]{17})[\"|']?.*",
          ],
        'datasourceTemplate': 'aws-machine-image',
        'versioningTemplate': 'aws-machine-image',
      },
    ],
}

This would match every file, and would recognize the following lines:

# With AMI name mentioned in the comments
# amiFilter=[{"Name":"owner-id","Values":["602401143452"]},{"Name":"name","Values":["amazon-eks-node-1.21-*"]}]
# currentImageName=unknown
my_ami1: ami-02ce3d9008cab69cb
# Only AMI, no name mentioned
# amiFilter=[{"Name":"owner-id","Values":["602401143452"]},{"Name":"name","Values":["amazon-eks-node-1.20-*"]}]
# currentImageName=unknown
my_ami2: ami-0083e9407e275acf2
const myConfigObject = {
  // With AMI name mentioned in the comments
  // amiFilter=[{"Name":"owner-id","Values":["602401143452"]},{"Name":"name","Values":["amazon-eks-node-1.21-*"]}]
  // currentImageName=unknown
  my_ami1: 'ami-02ce3d9008cab69cb',
};

/**
 * Only AMI, no AMI name mentioned
 * amiFilter=[{"Name":"owner-id","Values":["602401143452"]},{"Name":"name","Values":["amazon-eks-node-1.20-*"]}]
 * currentImageName=unknown
 */
const my_ami2 = 'ami-0083e9407e275acf2';
resource "aws_instance" "web" {

    # Only AMI, no name mentioned
    # amiFilter=[{"Name":"owner-id","Values":["602401143452"]},{"Name":"name","Values":["amazon-eks-node-1.20-*"]}]
    # currentImageName=unknown
    ami = "ami-0083e9407e275acf2"

    count = 2
    source_dest_check = false

    connection {
        user = "root"
    }
}