There is an option in ECR to use immutable repositories which is a best practice to use. Pushing an image with an existing tag gives you an error, which is expected.
However, this is not compatible with re-running builds. There should be an option in this pipe to ignore uploading an image if the tag already exists.
The only alternative is to tag the image with a unique tag for each build.
Hi @Tarek Abdel Sater ,
As we investigated:
to support immutable AWS ECR and re-running builds you could provide build with unique tags by passing TAGS parameter:
script: # build the image - docker build -t my-docker-image . # use the pipe to push to AWS ECR - pipe: atlassian/aws-ecr-push-image:1.3.0 variables: AWS_ACCESS_KEY_ID: $AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY: $AWS_SECRET_ACCESS_KEY AWS_DEFAULT_REGION: $AWS_DEFAULT_REGION IMAGE_NAME: my-docker-image TAGS: '${BITBUCKET_STEP_UUID}-<timestamp>'
Or setup your AWS ECR to use mutable tags, so you always have fresh version after re-running a build.
To help you, we need to understand what is your case, provide us with more details please (your pipelines configuration, main workflow, used parameters) ?
Cheers,
Oleksandr Kyrdan
Hi,
We re-evaluated our requirements and concluded that ignoring failure to push to immutable tags is a bad practice.
The solution is, as you said, including a unique tag for each build. However, we ended up going with MUTABLE tags because we don't want to deal with noisy Docker tags.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thank you for your question!
Good suggestion, we'll investigate this feature for the aws-ecr-push-image pipe and notify you.
Cheers,
Oleksandr Kyrdan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.