-
Notifications
You must be signed in to change notification settings - Fork 4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[assets] set up docker login when docker base image is in ecr #11544
Comments
The way to do the login directly via a command execution before the creation of the pipeline:
fails with the error message:
To modify the
also doesn't solve the problem. It gets kind of ignored. There is also something like this available:
But here I don't know how to set the credentials for the repo or if this is even a valid way to handle repos in cdk. Setting the policy to allow the pull would also not work:
This results in the error:
But according to the pr #9527 at least the setup of the policy should work. At the moment our pipeline is stuck because of the docker rate limit. |
Could please provide an example on how to implement ecr pull via ecs in cdk. Basically we need to be able to allow the See this |
Before this is implemented, you should be able to login to ECR before running |
Hello @eladb Thank you for your answer. But we need to do the login inside the pipeline. Locally it's working fine and we are able to login before But when we try to do it before the synth step inside the pipeline, we're getting this error:
So is there a way to login during the pipeline is running? |
@rix0rrr any idea why |
There are some issues are being confused here. Can't use ECR images as an asset baseAsset building happens in an Asset CodeBuild job, and you have no control over the commands that get run there. Changing the command in the Synth job will not affect the command that gets run in the asset job. There is no way to run Cannot read property 'roleName' of undefined.You reported you get this error if you specify It seems we have a test for that, so I'm mystified why that wouldn't work for you. Can you paste a stack trace? |
Hello We were finally able to pull from our own ecr. But we needed to set this policy manually in our pipeline-role via iam in management console:
and change the
Now we are getting confused. If we remove the manually added ecr-policy from our role and set it programmatically and run Maybe the role problem got fixed in the meantime? Or is this kind of a caching problem? Regards |
|
@eladb but now both issues are closed... |
Which issues? |
sorry, i mean this one #10999. It's also closed, so where to continue this discussion? |
#10999 is open as far as I can tell. |
sorry, my fault ;-). checked the wrong tag |
+1 Push, we need this.... CDK Docker Assets are not usable without it for our team. |
When the base image in the Dockerfile is an image from a private ECR repository, run the
docker login
command as part of asset creation during synthesis.The command looks something like
This is a 🚀 Feature Request
The text was updated successfully, but these errors were encountered: