Bitbucket pipeline AWS ECR image name error

Nehemias Herrera September 30, 2022

I am trying to write a bitbucket-pipeline that uses the public AWS ECR image 

public.ecr.aws/sam/build-python3.9:1.58.0-20220929223133
but I am getting the error:

Configuration error

Invalid AWS Elastic Container Registry image name at [pipelines > custom > build-test-lambda-python-layer > 2 > step > image > name]. Expecting "<accountId>.dkr.ecr.<region>.amazonaws.com/<image-name>"

 

How can I reference this public image to avoid getting the Configuration error ? thanks

 

Screen Shot 2022-09-30 at 20.37.26.png

1 answer

0 votes
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 3, 2022

Hi @Nehemias Herrera,

I have no issues using this image as a build container in a Pipelines build with a configuration as follows:

pipelines:
default:
- step:
image: public.ecr.aws/sam/build-python3.9:1.58.0-20220929223133
script:
- echo "hello"

Do you have additional details in your configuration? E.g. are you providing an access key and secret key?

Kind regards,
Theodora

Nehemias Herrera October 3, 2022

Theodora, thanks for you reply,

Yes, we are providing our access and secrets keys but those are not needed since public.ecr.aws is a public registry and does not require credentials (.i.e. just try running docker pull public.ecr.aws/sam/build-python3.9:1.58.0-20220929223133 to verify this image can be downloaded without logging in to the public.ecr.aws registry.

 

Nehemias ✌️

Nehemias Herrera October 3, 2022

I see, maybe the credentials are the problem, will try getting rid of them and let you know

Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 4, 2022

Hi Nehemias,

Yes, I think that's what's causing the issue; since you provide an access key and secret key, the yml file expects a private aws image with a name in the form of <accountId>.dkr.ecr.<region>.amazonaws.com/<image-name>

Please feel free to let me know if it works without the configuration for access and secret keys.

Kind regards,
Theodora

Sergey Akopov
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
April 23, 2024

@Theodora Boudale Removing credentials is not a solution in this case. The image is for AWS SAM which requires AWS credentials to execute commands against AWS. 

Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 24, 2024

Hi Sergey,

The variables with the credentials need to be removed only from the image definition. Instead of

image:
name: public.ecr.aws/sam/build-python3.9:1.58.0-20220929223133
aws:
access-key: $AWS_ACCESS_KEY
secret-key: $AWS_SECRET_KEY

you need to use the following for public images

image:
name: public.ecr.aws/sam/build-python3.9:1.58.0-20220929223133

or

image: public.ecr.aws/sam/build-python3.9:1.58.0-20220929223133

If you have added the variables $AWS_ACCESS_KEY and $AWS_SECRET_KEY as Repository, Workspace, or Deployment variables, you can still use them in the commands of the step's script in order to authenticate to AWS.

Kind regards,
Theodora

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
TAGS
AUG Leaders

Atlassian Community Events