Using vanilla docker to build and PUSH to AWS ECR failing


#1

Hi,

Most of the tutorials talk about PULLING a private registry, I don’t want to do that, I want to use a public docker image to build and then PUSH to AWS ECR.

I have tried setting the AWS integration, I have tried adding the AWS_XYZ environment variables in the settings and I have tried hard coding the environment variables using the environment tag. Whatever I do I end up with the same error when I push:

#!/bin/sh -eo pipefail
login = "$(aws ecr get-login)"
${login}
docker tag xxxxx:latest xxxxx.dkr.ecr.xxx.amazonaws.com/xxxx:latest
docker push xxxx.dkr.xxx.amazonaws.com/xxxx:latest

Password: 

Login timed out after 60 seconds

The push refers to a repository [xxxx.dkr.ecr.x.amazonaws.com/xxxx]

<snip/>

no basic auth credentials
Exited with code 1

The entire config.yml:

version: 2
jobs:
  build:
    docker:
      - image: docker:17.05.0-ce-git
        environment:
          AWS_ACCESS_KEY_ID: xxx
          AWS_SECRET_ACCESS_KEY: xxx
          AWS_DEFAULT_REGION: xxx
    steps:
      - checkout
      - setup_remote_docker
      - run:
          name: Install dependencies
          command: |
            apk add --no-cache \
              py-pip=9.0.0-r1
            pip install \
              docker-compose==1.12.0 \
              awscli==1.11.76
      - run:
          name: Build docker image
          command: |
            docker build -t xxx .
      - deploy:
          name: Push to AWS
          command: |
            login = "$(aws ecr get-login)"
            ${login}
            docker tag xxx
            docker push xxx

I know it is something stupid I am doing, but I can’t see it…

Help :slight_smile:


Using 'docker login' with 'setup_remote_docker' to push to a private repository?
#2

I do something similar with CodeFresh, I wonder if it is how you are storing your env vars? Mine are in the app rather than the config.yml.

I log in like so:

docker login -u username -p ${CODEFRESH_REGISTRY_TOKEN} r.cfcr.io

And then I set the CODEFRESH_REGISTRY_TOKEN env var here:

Settings (account) > (project) > Environment Variables

If that does not help, can aws print more verbose errors, using a console switch? Maybe try setting a new dummy var and echo it at the point of need, in case there is a reason they are not in force where you need them?


#3

I usually use $(aws ecr get-login --region=$AWS_REGION --no-include-email)


#4

Thanks both. I have given up with aws and using a third party registry which doesn’t require their own tooling. I can still only get it to work by inlining the -u and -p though.


#5

This topic was automatically closed 41 days after the last reply. New replies are no longer allowed.