Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

no basic auth for ECR push causing failure

I have a java service that I am trying to create a pipeline to build, create a docker image, tag and push to my ECR.


Steps so far: 

Created IAM account with AmazonEC2ContainerRegistryPowerUser privileges.

Created the following repository variables in Bitbucket: 


I have the following bitbucket-pipelines.yml:

image: openjdk:8

- step:
- gradle
- bash ./gradlew build -x test
- step:
image: openjdk:8
- docker
- docker version
- echo "This script runs only on commit to the develop branch."
- bash ./gradlew build -x test

# Login to AWS
# - export LOGIN=$(aws ecr get-login --no-include-email --region us-west-1)
# - $LOGIN
- eval $(aws ecr get-login --region ${AWS_DEFAULT_REGION} --no-include-email)

# build docker image
- docker build -t my-image .

# tag and push docker images to ECR
- docker tag icverify-gateway:latest
- docker push

# register the ECS task definition and capture the version
- export
- export TASK_VERSION=$(aws ecs register-task-definition --family my-image -- container-definitions "[]")

I then get the following on code commit:

+ docker push
The push refers to repository []
ac079aa23bfa: Preparing
ceaf9e1ebef5: Preparing
9b9b7f3d56a0: Preparing
f1b5933fe4b5: Preparing
no basic auth credentials


2 answers

There seems to be two main reasons this issue occurs. Both possible issues are with the aws ecr get-login command. Make sure yours is formatted like this:

eval $(aws ecr get-login --no-include-email --region YOUR-REGION-HERE | sed 's|https://||')

Note: make sure to change the region from YOUR-REGION-HERE to the one you are trying to deploy to. For me this is --region ap-southeast-2


Here is a more detailed explanation of what could be going on:

1. the docker command given by aws cli is slightly off. (as mentioned here)

While you can read the full reasoning in the post I linked all you need to know is that the aws ecr get-login command needs to be wrapped like so (see parts in bold):

eval $(aws ecr get-login --no-include-email --region ap-southeast-2 | sed 's|https://||')

^ make sure to change your region to the correct one as I will talk about below.

2. No region is specified so it defaults to us-east. In my case, I wanted to deploy to ap-southeast-2 but I didn't specify it. make sure to include the following flag after your get-login statement.

--region ap-southeast-2 

Here are my working bitbucket-pipelines for an ECR deploy:

image: python:3.7.4-alpine3.10




      - step:


            - docker


            - pip


            - pip3 install awscli

            - IMAGE=""


            - aws configure set aws_access_key_id "${AWS_KEY}"

            - aws configure set aws_secret_access_key "${AWS_SECRET}"

            - eval $(aws ecr get-login --no-include-email --region ap-southeast-2 | sed 's|https://||')

            - docker build -t $IMAGE:$TAG .

            - docker push $IMAGE:$TAG
0 votes
davina Atlassian Team Jun 25, 2019


Hey @dclark_talentwave 

It's hard to say without seeing all the details, but a common fix is adding `| sed 's|https://||'` to your `eval` command.

You might find more clues in this thread.

Thank you, I added that to my login but I get the same error.  I am strictly using user/pass for authentication here - but is a cert required for this to work?  

Like Sarah Dwyer likes this

Did you find a solution? I'm having the same issue.

Like Sarah Dwyer likes this

Likewise I'm encountering the very same issue, can the documentation be updated to reflect the pipeline requirements?

Like Todd_Schroeder likes this

Same issue here...

@davina  This is what I am getting from the output before the "no basic auth credentials":


eval $(aws ecr get-login-password --region us-east-2 | docker login --username AWS --password-stdin ${AWS_REGISTRY_URL}) | sed 's|https://||'


bash: aws: command not foundError: Cannot perform an interactive login from a non TTY device

Suggest an answer

Log in or Sign up to answer
Community showcase
Published in Bitbucket

📣 Calling Bitbucket Data Center customers to participate in research

Hi everyone, Are you Bitbucket DC customer? If so, we'd love to talk to you! Our team wants to dive deep to understand your long-term plans regarding Bitbucket DC and Atlassian Cloud. Do you plan...

184 views 2 4
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you