In our pipeline we would like to build a docker image that uses a base image from a private AWS ECR and then push the build image to our AWS ECR. However when doing that following the standard setup, we got following error:
docker build -t <image-name> .
Sending build context to Docker daemon 3.072kB
Step 1/6 : FROM <AWS-ECR>/<base-image>
Head FROM <AWS-ECR>/v2/<base-image>/manifests/latest: no basic auth credentials
custom:
build_and_push_to_ecr:
- step:
service:
- docker
script:
- export AWS_REGION=<AWS-REGION>
- export AWS_ACCESS_KEY_ID=<AWS-ACCESS-KEY-ID_THEIRS>
- export AWS_SECRET_ACCESS_KEY=<AWS-SECRET-ACCESS-KEY_THEIRS>
- docker build -t <image-name> .
- pipe: atlassian/aws-ecr-push-image:1.4.2
variables:
AWS_ACCESS_KEY_ID: <AWS-ACCESS-KEY-ID_OURS>
AWS_SECRET_ACCESS_KEY: <AWS-SECRET-ACCESS-KEY_OURS>
AWS_DEFAULT_REGION: <AWS-REGION>
DEBUG: 'true'
IMAGE_NAME: <NAME>
TAGS: ${BITBUCKET_BRANCH}
The Dockerfile we want to build looks like
FROM <AWS-ECR>/<base-image>
...
So is it possible for the docker service to build with a private base image or it must be public?
Your docker is not logged in with the AWS ECR credentials. You need to add the below line to the script before `docker build`:
aws ecr get-login-password --region $AWS_REGION | docker login --username AWS --password-stdin $AWS_ECR
Thanks!
That did the trick
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Could you please share which image you have taken and how do you implemented it? What is the value of $AWR_ECR and where you added this command? a sample bitucket-pipelines.yml could be a great resource to learn
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.