How to allow Bitbucket-Pipelines to pull images from Amazon EC2 container service (ECR)? Edited

What I have tried:

- I can successfully push to Amazon ECR (details in this answer I posted on Stack Overflow)
- I am failing to pull the above image in a subsequent pipeline (see example).

Example bitbucket-pipeline.yml

image:
name: <ecr-registry-address>/<repository>:<tag>
aws:
access-key: ${AWS_ACCESS_KEY_ID}
secret-key: ${AWS_SECRET_ACCESS_KEY}

pipelines:
default:
- step:
script:
- echo 'Hello World'

The error I get back:

lz7E8

Finally:

In order to push to the repository, I already setup IAM roles for the bitbucket-pipelines account (AmazonEC2ContainerRegistryPowerUser). Is there any other setup required?

1 answer

Hi Dean,

If you'd like to use environment variables for your ECR image you need to change your YAML to look like this:

image:
name: <imagename>
aws:
access-key: $AWS_ACCESS_KEY_ID
secret-key: $AWS_SECRET_ACCESS_KEY
pipelines:
default:
- step:
script:
- echo 'Hello world'
...

Specifically removing the curly braces around your environment variables and realigning the whitespace (though, that may have been copy/paste).

Hope that helps! :)

Phil

Thank you, I arrived to this conclusion just moments before you replied. Why is the case though? When you say 'fixed', is the ${} now supported?

If not, that notation is supported everywhere else in the bitbucket-pipelines.yml, so I think for consistency it would be a good idea!

I logged the following suggestion (https://jira.atlassian.com/browse/BSERV-10113), to note this limitation (if it is still present) in the documentation and to give a more descriptive error message if this is to occur.

If you have fixed the above, then the above can probably be discarded. But in general, system errors like this should be caught by a syntax validator at least.

Thanks for the support :)

I'm having the same problem and it's unclear to me what the resolution is.

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Nov 06, 2018 in Bitbucket

Upgrade Best Practices

Hello! My name is Mark Askew and I am a Premier Support Engineer for products Bitbucket Server/Data Center, Fisheye & Crucible. Today, I want to bring the discussion that Jennifer, Matt, and ...

216 views 3 7
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you