Use correct registries to integrate with new packages workflows

pkg/curatedpackages/packagecontrollerclient.go

@@ -241,26 +241,26 @@ func (pc *PackageControllerClient) Enable(ctx context.Context) error {
 
 // GetCuratedPackagesRegistries gets value for configurable registries from PBC.
 func (pc *PackageControllerClient) GetCuratedPackagesRegistries(ctx context.Context) (sourceRegistry, defaultRegistry, defaultImageRegistry string) {
-	sourceRegistry = publicProdECR
-	defaultImageRegistry = packageProdDomain
-	accountName := prodAccount
-	if strings.Contains(pc.chart.Image(), devAccount) {
-		accountName = devAccount
-		defaultImageRegistry = packageDevDomain
-		sourceRegistry = publicDevECR
-	}
-	if strings.Contains(pc.chart.Image(), stagingAccount) {
-		accountName = stagingAccount
-		defaultImageRegistry = packageProdDomain
-		sourceRegistry = publicStagingECR
+	sourceRegistry = prodPublicRegistryURI
+	defaultImageRegistry = prodNonRegionalPrivateRegistryURI
+	registry := prodPublicRegistryAlias
+	if strings.Contains(pc.chart.Image(), devNonRegionalPublicRegistryAlias) {
+		registry = devRegionalPublicRegistryAlias
+		defaultImageRegistry = devRegionalPrivateRegistryURI
+		sourceRegistry = devRegionalPublicRegistryURI
+	}
+	if strings.Contains(pc.chart.Image(), stagingPublicRegistryAlias) {
+		registry = stagingPublicRegistryAlias
+		defaultImageRegistry = devRegionalPrivateRegistryURI
+		sourceRegistry = stagingPublicRegistryURI
 	}
 	defaultRegistry = sourceRegistry
 
 	if pc.registryMirror != nil {
-		// account is added as part of registry name in package controller helm chart
+		// registry name is added as part of sourceRegistry field in package controller helm chart
 		// https://github.com/aws/eks-anywhere-packages/blob/main/charts/eks-anywhere-packages/values.yaml#L15-L18
-		sourceRegistry = fmt.Sprintf("%s/%s", pc.registryMirror.CoreEKSAMirror(), accountName)
-		defaultRegistry = fmt.Sprintf("%s/%s", pc.registryMirror.CoreEKSAMirror(), accountName)
+		sourceRegistry = fmt.Sprintf("%s/%s", pc.registryMirror.CoreEKSAMirror(), registry)
+		defaultRegistry = fmt.Sprintf("%s/%s", pc.registryMirror.CoreEKSAMirror(), registry)
 		if gatedOCINamespace := pc.registryMirror.CuratedPackagesMirror(); gatedOCINamespace != "" {
 			defaultImageRegistry = gatedOCINamespace
 		}
@@ -273,12 +273,6 @@ func (pc *PackageControllerClient) GetCuratedPackagesRegistries(ctx context.Cont
 		if err := pc.registryAccessTester.Test(ctx, pc.eksaAccessKeyID, pc.eksaSecretAccessKey, pc.eksaRegion, pc.eksaAwsConfig, regionalRegistry); err == nil {
 			// use regional registry when the above credential is good
 			logger.V(6).Info("Using regional registry")
-			// In the dev case, we use a separate public ECR registry in the
-			// beta packages account to source the packages controller and
-			// credential provider package
-			if regionalRegistry == devRegionalECR {
-				sourceRegistry = devRegionalPublicECR
-			}
 			defaultRegistry = regionalRegistry
 			defaultImageRegistry = regionalRegistry
 		} else {

pkg/curatedpackages/packagecontrollerclient_test.go

@@ -1287,7 +1287,7 @@ func TestGetCuratedPackagesRegistries(s *testing.T) {
 		}
 	})
 
-	s.Run("get regional registries", func(t *testing.T) {
+	s.Run("get prod regional registries", func(t *testing.T) {
 		ctrl := gomock.NewController(t)
 		k := mocks.NewMockKubectlRunner(ctrl)
 		cm := mocks.NewMockChartManager(ctrl)
@@ -1315,6 +1315,35 @@ func TestGetCuratedPackagesRegistries(s *testing.T) {
 			t.Errorf("expected %q, got %q", expected, actualImageRegistry)
 		}
 	})
+
+	s.Run("get staging regional registries", func(t *testing.T) {
+		ctrl := gomock.NewController(t)
+		k := mocks.NewMockKubectlRunner(ctrl)
+		cm := mocks.NewMockChartManager(ctrl)
+		kubeConfig := "kubeconfig.kubeconfig"
+		chart := &artifactsv1.Image{
+			Name: "test_controller",
+			URI:  "test_registry/w9m0f3l5/eks-anywhere-packages:v1",
+		}
+		clusterName := "billy"
+		writer, _ := filewriter.NewWriter(clusterName)
+		client := curatedpackages.NewPackageControllerClient(
+			cm, k, clusterName, kubeConfig, chart, nil,
+			curatedpackages.WithManagementClusterName(clusterName),
+			curatedpackages.WithValuesFileWriter(writer),
+			curatedpackages.WithRegistryAccessTester(&stubRegistryAccessTester{}),
+		)
+
+		expected := "724423470321.dkr.ecr.us-west-2.amazonaws.com"
+		_, actualDefaultRegistry, actualImageRegistry := client.GetCuratedPackagesRegistries(context.Background())
+
+		if actualDefaultRegistry != expected {
+			t.Errorf("expected %q, got %q", expected, actualDefaultRegistry)
+		}
+		if actualImageRegistry != expected {
+			t.Errorf("expected %q, got %q", expected, actualImageRegistry)
+		}
+	})
 }
 
 func TestReconcile(s *testing.T) {

pkg/curatedpackages/packagereader_test.go

@@ -82,6 +82,22 @@ func TestPackageReader_ReadImagesFromBundles(t *testing.T) {
 	tt.Expect(images).NotTo(BeEmpty())
 }
 
+func TestPackageReader_ReadImagesFromBundlesStaging(t *testing.T) {
+	tt := newPackageReaderTest(t)
+	artifact := registry.NewArtifactFromURI("public.ecr.aws/w9m0f3l5/eks-anywhere-packages-bundles:v1-21-latest")
+	repo, err := remote.NewRepository("owner/name")
+	assert.NoError(t, err)
+	tt.storageClient.EXPECT().GetStorage(tt.ctx, gomock.Any()).Return(repo, nil)
+	tt.storageClient.EXPECT().FetchBytes(tt.ctx, gomock.Any(), artifact).Return(desc, imageManifest, nil)
+	tt.storageClient.EXPECT().FetchBlob(tt.ctx, gomock.Any(), gomock.Any()).Return(packageBundle, nil)
+	tt.bundles.Spec.VersionsBundles[0].PackageController.Controller.URI = tt.registryName + "/w9m0f3l5/ctrl:v1"
+
+	images, err := tt.command.ReadImagesFromBundles(tt.ctx, tt.bundles)
+
+	tt.Expect(err).To(BeNil())
+	tt.Expect(images).NotTo(BeEmpty())
+}
+
 func TestPackageReader_ReadImagesFromBundlesProduction(t *testing.T) {
 	tt := newPackageReaderTest(t)
 	artifact := registry.NewArtifactFromURI("public.ecr.aws/eks-anywhere/eks-anywhere-packages-bundles:v1-21-latest")
@@ -159,6 +175,21 @@ func TestPackageReader_ReadChartsFromBundles(t *testing.T) {
 	tt.Expect(images).NotTo(BeEmpty())
 }
 
+func TestPackageReader_ReadChartsFromBundlesStaging(t *testing.T) {
+	tt := newPackageReaderTest(t)
+	artifact := registry.NewArtifactFromURI("public.ecr.aws/w9m0f3l5/eks-anywhere-packages-bundles:v1-21-latest")
+	repo, err := remote.NewRepository("owner/name")
+	assert.NoError(t, err)
+	tt.storageClient.EXPECT().GetStorage(tt.ctx, gomock.Any()).Return(repo, nil)
+	tt.storageClient.EXPECT().FetchBytes(tt.ctx, gomock.Any(), artifact).Return(desc, imageManifest, nil)
+	tt.storageClient.EXPECT().FetchBlob(tt.ctx, gomock.Any(), gomock.Any()).Return(packageBundle, nil)
+	tt.bundles.Spec.VersionsBundles[0].PackageController.Controller.URI = tt.registryName + "/w9m0f3l5/ctrl:v1"
+
+	images := tt.command.ReadChartsFromBundles(tt.ctx, tt.bundles)
+
+	tt.Expect(images).NotTo(BeEmpty())
+}
+
 func TestPackageReader_ReadChartsFromBundlesProduction(t *testing.T) {
 	tt := newPackageReaderTest(t)
 	artifact := registry.NewArtifactFromURI("public.ecr.aws/eks-anywhere/eks-anywhere-packages-bundles:v1-21-latest")

pkg/curatedpackages/reader.go

@@ -14,19 +14,6 @@ import (
 	releasev1 "github.com/aws/eks-anywhere/release/api/v1alpha1"
 )
 
-// Temporary: Curated packages dev and prod accounts are currently hard coded
-// This is because there is no mechanism to extract these values as of now.
-const (
-	prodAccount       = "eks-anywhere"
-	devAccount        = "l0g8r8j6"
-	stagingAccount    = "w9m0f3l5"
-	publicProdECR     = "public.ecr.aws/" + prodAccount
-	publicDevECR      = "public.ecr.aws/" + devAccount
-	publicStagingECR  = "public.ecr.aws/" + stagingAccount
-	packageProdDomain = "783794618700.dkr.ecr.us-west-2.amazonaws.com"
-	packageDevDomain  = "857151390494.dkr.ecr.us-west-2.amazonaws.com"
-)
-
 type PackageReader struct {
 	cache           *registry.Cache
 	credentialStore *registry.CredentialStore
@@ -146,15 +133,21 @@ func removeDuplicateImages(images []registry.Artifact) []registry.Artifact {
 }
 
 func getChartRegistry(uri string) string {
-	if strings.Contains(uri, publicProdECR) {
-		return publicProdECR
+	if strings.Contains(uri, prodPublicRegistryURI) {
+		return prodPublicRegistryURI
 	}
-	return publicDevECR
+	if strings.Contains(uri, stagingPublicRegistryURI) {
+		return stagingPublicRegistryURI
+	}
+	return devRegionalPublicRegistryURI
 }
 
 func getImageRegistry(uri, awsRegion string) string {
-	if strings.Contains(uri, publicProdECR) {
-		return strings.ReplaceAll(packageProdDomain, eksaDefaultRegion, awsRegion)
+	if strings.Contains(uri, prodPublicRegistryURI) {
+		return strings.ReplaceAll(prodNonRegionalPrivateRegistryURI, eksaDefaultRegion, awsRegion)
+	}
+	if strings.Contains(uri, stagingPublicRegistryURI) {
+		return strings.ReplaceAll(stagingRegionalPrivateRegistryURI, eksaDefaultRegion, awsRegion)
 	}
-	return strings.ReplaceAll(packageDevDomain, eksaDefaultRegion, awsRegion)
+	return strings.ReplaceAll(devRegionalPrivateRegistryURI, eksaDefaultRegion, awsRegion)
 }

pkg/curatedpackages/regional_registry.go

@@ -14,42 +14,6 @@
 	"github.com/aws/aws-sdk-go-v2/service/ecr"
 )
 
-const (
-	devRegionalECR       string = "067575901363.dkr.ecr.us-west-2.amazonaws.com"
-	devRegionalPublicECR string = "public.ecr.aws/x3k6m8v0"
-	stagingRegionalECR   string = "067575901363.dkr.ecr.us-west-2.amazonaws.com"
-)
-
-var prodRegionalECRMap = map[string]string{
-	"af-south-1":     "783635962247.dkr.ecr.af-south-1.amazonaws.com",
-	"ap-east-1":      "804323328300.dkr.ecr.ap-east-1.amazonaws.com",
-	"ap-northeast-1": "143143237519.dkr.ecr.ap-northeast-1.amazonaws.com",
-	"ap-northeast-2": "447311122189.dkr.ecr.ap-northeast-2.amazonaws.com",
-	"ap-northeast-3": "376465423944.dkr.ecr.ap-northeast-3.amazonaws.com",
-	"ap-south-1":     "357015164304.dkr.ecr.ap-south-1.amazonaws.com",
-	"ap-south-2":     "388483641499.dkr.ecr.ap-south-2.amazonaws.com",
-	"ap-southeast-1": "654894141437.dkr.ecr.ap-southeast-1.amazonaws.com",
-	"ap-southeast-2": "299286866837.dkr.ecr.ap-southeast-2.amazonaws.com",
-	"ap-southeast-3": "703305448174.dkr.ecr.ap-southeast-3.amazonaws.com",
-	"ap-southeast-4": "106475008004.dkr.ecr.ap-southeast-4.amazonaws.com",
-	"ca-central-1":   "064352486547.dkr.ecr.ca-central-1.amazonaws.com",
-	"eu-central-1":   "364992945014.dkr.ecr.eu-central-1.amazonaws.com",
-	"eu-central-2":   "551422459769.dkr.ecr.eu-central-2.amazonaws.com",
-	"eu-north-1":     "826441621985.dkr.ecr.eu-north-1.amazonaws.com",
-	"eu-south-1":     "787863792200.dkr.ecr.eu-south-1.amazonaws.com",
-	"eu-west-1":      "090204409458.dkr.ecr.eu-west-1.amazonaws.com",
-	"eu-west-2":      "371148654473.dkr.ecr.eu-west-2.amazonaws.com",
-	"eu-west-3":      "282646289008.dkr.ecr.eu-west-3.amazonaws.com",
-	"il-central-1":   "131750224677.dkr.ecr.il-central-1.amazonaws.com",
-	"me-central-1":   "454241080883.dkr.ecr.me-central-1.amazonaws.com",
-	"me-south-1":     "158698011868.dkr.ecr.me-south-1.amazonaws.com",
-	"sa-east-1":      "517745584577.dkr.ecr.sa-east-1.amazonaws.com",
-	"us-east-1":      "331113665574.dkr.ecr.us-east-1.amazonaws.com",
-	"us-east-2":      "297090588151.dkr.ecr.us-east-2.amazonaws.com",
-	"us-west-1":      "440460740297.dkr.ecr.us-west-1.amazonaws.com",
-	"us-west-2":      "346438352937.dkr.ecr.us-west-2.amazonaws.com",
-}
-
 // RegistryAccessTester test if AWS credentials has valid permission to access an ECR registry.
 type RegistryAccessTester interface {
 	Test(ctx context.Context, accessKey, secret, region, awsConfig, registry string) error
@@ -101,13 +65,13 @@
 
 // GetRegionalRegistry get the regional registry corresponding to defaultRegistry in a specific region.
 func GetRegionalRegistry(defaultRegistry, region string) string {
-	if strings.Contains(defaultRegistry, devAccount) {
-		return devRegionalECR
+	if strings.Contains(defaultRegistry, devNonRegionalPublicRegistryAlias) {
+		return devRegionalPrivateRegistryURI
 	}
-	if strings.Contains(defaultRegistry, stagingAccount) {
-		return stagingRegionalECR
+	if strings.Contains(defaultRegistry, stagingPublicRegistryAlias) {
+		return stagingRegionalPrivateRegistryURI
 	}
-	return prodRegionalECRMap[region]
+	return prodRegionalPrivateRegistryURIByRegion[region]
 }
 
 // RegistryAuthTokenProvider provides auth token for registry access.

pkg/curatedpackages/registry_constants.go

@@ -0,0 +1,45 @@
+package curatedpackages
+
+const (
+	devNonRegionalPublicRegistryAlias = "l0g8r8j6"
+	devRegionalPublicRegistryAlias    = "x3k6m8v0"
+	stagingPublicRegistryAlias        = "w9m0f3l5"
+	prodPublicRegistryAlias           = "eks-anywhere"
+	devNonRegionalPublicRegistryURI   = "public.ecr.aws/" + devNonRegionalPublicRegistryAlias
+	devRegionalPublicRegistryURI      = "public.ecr.aws/" + devRegionalPublicRegistryAlias
+	stagingPublicRegistryURI          = "public.ecr.aws/" + stagingPublicRegistryAlias
+	prodPublicRegistryURI             = "public.ecr.aws/" + prodPublicRegistryAlias
+	prodNonRegionalPrivateRegistryURI = "783794618700.dkr.ecr.us-west-2.amazonaws.com"
+	devRegionalPrivateRegistryURI     = "067575901363.dkr.ecr.us-west-2.amazonaws.com"
+	stagingRegionalPrivateRegistryURI = "724423470321.dkr.ecr.us-west-2.amazonaws.com"
+)
+
+var prodRegionalPrivateRegistryURIByRegion = map[string]string{
+	"af-south-1":     "783635962247.dkr.ecr.af-south-1.amazonaws.com",
+	"ap-east-1":      "804323328300.dkr.ecr.ap-east-1.amazonaws.com",
+	"ap-northeast-1": "143143237519.dkr.ecr.ap-northeast-1.amazonaws.com",
+	"ap-northeast-2": "447311122189.dkr.ecr.ap-northeast-2.amazonaws.com",
+	"ap-northeast-3": "376465423944.dkr.ecr.ap-northeast-3.amazonaws.com",
+	"ap-south-1":     "357015164304.dkr.ecr.ap-south-1.amazonaws.com",
+	"ap-south-2":     "388483641499.dkr.ecr.ap-south-2.amazonaws.com",
+	"ap-southeast-1": "654894141437.dkr.ecr.ap-southeast-1.amazonaws.com",
+	"ap-southeast-2": "299286866837.dkr.ecr.ap-southeast-2.amazonaws.com",
+	"ap-southeast-3": "703305448174.dkr.ecr.ap-southeast-3.amazonaws.com",
+	"ap-southeast-4": "106475008004.dkr.ecr.ap-southeast-4.amazonaws.com",
+	"ca-central-1":   "064352486547.dkr.ecr.ca-central-1.amazonaws.com",
+	"eu-central-1":   "364992945014.dkr.ecr.eu-central-1.amazonaws.com",
+	"eu-central-2":   "551422459769.dkr.ecr.eu-central-2.amazonaws.com",
+	"eu-north-1":     "826441621985.dkr.ecr.eu-north-1.amazonaws.com",
+	"eu-south-1":     "787863792200.dkr.ecr.eu-south-1.amazonaws.com",
+	"eu-west-1":      "090204409458.dkr.ecr.eu-west-1.amazonaws.com",
+	"eu-west-2":      "371148654473.dkr.ecr.eu-west-2.amazonaws.com",
+	"eu-west-3":      "282646289008.dkr.ecr.eu-west-3.amazonaws.com",
+	"il-central-1":   "131750224677.dkr.ecr.il-central-1.amazonaws.com",
+	"me-central-1":   "454241080883.dkr.ecr.me-central-1.amazonaws.com",
+	"me-south-1":     "158698011868.dkr.ecr.me-south-1.amazonaws.com",
+	"sa-east-1":      "517745584577.dkr.ecr.sa-east-1.amazonaws.com",
+	"us-east-1":      "331113665574.dkr.ecr.us-east-1.amazonaws.com",
+	"us-east-2":      "297090588151.dkr.ecr.us-east-2.amazonaws.com",
+	"us-west-1":      "440460740297.dkr.ecr.us-west-1.amazonaws.com",
+	"us-west-2":      "346438352937.dkr.ecr.us-west-2.amazonaws.com",
+}

pkg/docker/registry.go

@@ -16,9 +16,9 @@ import (
 // doesn't have support for root level.
 const (
 	packageProdDomain = "783794618700.dkr.ecr.us-west-2.amazonaws.com"
-	packageDevDomain  = "857151390494.dkr.ecr.us-west-2.amazonaws.com"
+	packageDevDomain  = "067575901363.dkr.ecr.us-west-2.amazonaws.com"
 	publicProdECRName = "eks-anywhere"
-	publicDevECRName  = "l0g8r8j6"
+	publicDevECRName  = "x3k6m8v0"
 )
 
 // ImageRegistryDestination implements the ImageDestination interface, writing images and tags from

pkg/docker/registry_test.go

@@ -53,8 +53,8 @@ func TestNewRegistryDestinationWhenPackagesDevProvided(t *testing.T) {
 	client := mocks.NewMockImageTaggerPusher(ctrl)
 
 	registry := "https://registry"
-	expectedRegistry := "https://registry/l0g8r8j6"
-	image := "857151390494.dkr.ecr.us-west-2.amazonaws.com:v1"
+	expectedRegistry := "https://registry/x3k6m8v0"
+	image := "067575901363.dkr.ecr.us-west-2.amazonaws.com:v1"
 	ctx := context.Background()
 	dstLoader := docker.NewRegistryDestination(client, registry)
 	client.EXPECT().TagImage(test.AContext(), image, expectedRegistry)

pkg/executables/docker.go

@@ -15,7 +15,7 @@ const (
 	dockerPath        = "docker"
 	defaultRegistry   = "public.ecr.aws"
 	packageProdDomain = "783794618700.dkr.ecr.us-west-2.amazonaws.com"
-	packageDevDomain  = "857151390494.dkr.ecr.us-west-2.amazonaws.com"
+	packageDevDomain  = "067575901363.dkr.ecr.us-west-2.amazonaws.com"
 )
 
 type Docker struct {