Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

How to allow Bitbucket-Pipelines to pull images from Amazon EC2 container service (ECR)?

Edited

What I have tried:

- I can successfully push to Amazon ECR (details in this answer I posted on Stack Overflow)
- I am failing to pull the above image in a subsequent pipeline (see example).

Example bitbucket-pipeline.yml

image:
name: <ecr-registry-address>/<repository>:<tag>
aws:
access-key: ${AWS_ACCESS_KEY_ID}
secret-key: ${AWS_SECRET_ACCESS_KEY}

pipelines:
default:
- step:
script:
- echo 'Hello World'

The error I get back:

lz7E8

Finally:

In order to push to the repository, I already setup IAM roles for the bitbucket-pipelines account (AmazonEC2ContainerRegistryPowerUser). Is there any other setup required?

1 answer

Hi Dean,

If you'd like to use environment variables for your ECR image you need to change your YAML to look like this:

image:
name: <imagename>
aws:
access-key: $AWS_ACCESS_KEY_ID
secret-key: $AWS_SECRET_ACCESS_KEY
pipelines:
default:
- step:
script:
- echo 'Hello world'
...

Specifically removing the curly braces around your environment variables and realigning the whitespace (though, that may have been copy/paste).

Hope that helps! :)

Phil

Thank you, I arrived to this conclusion just moments before you replied. Why is the case though? When you say 'fixed', is the ${} now supported?

If not, that notation is supported everywhere else in the bitbucket-pipelines.yml, so I think for consistency it would be a good idea!

I logged the following suggestion (https://jira.atlassian.com/browse/BSERV-10113), to note this limitation (if it is still present) in the documentation and to give a more descriptive error message if this is to occur.

If you have fixed the above, then the above can probably be discarded. But in general, system errors like this should be caught by a syntax validator at least.

Thanks for the support :)

I'm having the same problem and it's unclear to me what the resolution is.

I'm having the same problem, I've already removed the {} but can't get it to work.

I can push and pull with the same credentials from the local machine but not from the pipeline.

Oh good it's not just me!

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Bitbucket

New improvements to user management in Bitbucket Cloud 👥

Hey Community! We’re willing to wager that quite a few of you not only use Bitbucket, but administer it too. Our team is excited to share that we’ll be releasing improvements throughout this month of...

3,717 views 10 16
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you