The task is to create an AWS ECR repository and add a Jenkins job to build and deploy Docker images to this repository.
AWS ECR
Go to the ECR, click Get Started, set a new repository name:
Lave Mutable, so you’ll be able to push images with the same tag if it is already present in the repository:
Done:
IAM
Go to the IAM, create an additional user:
Attach the AmazonEC2ContainerRegistryFullAccess policy:
Save users access keys:
Configure AWS CLI profile:
$ aws configure --profile bttrm-backend-ecr
AWS Access Key ID [None]: AKI\*\*\*6EZ
AWS Secret Access Key [None]: PpN\*\*\*GNr
Default region name [None]: us-east-2
Default output format [None]: json
Get access token:
$ aws --profile bttrm-backend-ecr ecr get-login --no-include-email --region us-east-2
docker login -u AWS -p eyJ\*\*\*M30= https://534\*\*\*385.dkr.ecr.us-east-2.amazonaws.com
Log in:
$ docker login -u AWS -p eyJ\*\*\*M30= https://534\*\*\*385.dkr.ecr.us-east-2.amazonaws.com
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /home/setevoy/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
Find any existing Docker image on your workstation:
$ docker images | grep nginx
nginx alpine 031c45582fce 5 months ago 16.1MB
nginx latest 06144b287844 12 months ago 109MB
Tag it with the new repository URL and name:
$ docker tag nginx:latest 534\*\*\*385.dkr.ecr.us-east-2.amazonaws.com/test:latest
Push this image:
$ docker push 534\*\*\*385.dkr.ecr.us-east-2.amazonaws.com/test:latest
The push refers to repository [534\*\*\*385.dkr.ecr.us-east-2.amazonaws.com/test]
579c75bb43c0: Pushed
67d3ae5dfa34: Pushed
8b15606a9e3e: Pushed
latest: digest: sha256:c0b69559d28fb325a64c6c8f47d14c26b95aa047312b29c699da10380e90b4d7 size: 948
Okay – everything works here.
Jenkins
The next step will be to create a Jenkins job to build and push images.
Amazon ECR authentication
For ECR authentication – need to execute an AWS CLI aws ecr get-login command to get a token to be used during docker login.
To avoid calling aws ecr get-login each time – the Amazon ECR plugin can be used here.
Install it:
Add new credentials – go to the Credentials – Add credentials, chose type AWS Credentials:
Create a new Pipeline-job:
And script:
node {
def app
stage('Clone repository') {
git branch: "master", url: "git@github.com:example-dev/go-queue-consumer.git", credentialsId: "jenkins-example-github"
}
stage('Build image') {
sh "docker build --build-arg APP_NAME=receipts -t 534***385.dkr.ecr.us-east-2.amazonaws.com/bttrm-receipt-consumer:latest -f docker/prod/Dockerfile ."
}
stage('Push image') {
docker.withRegistry('https://534***385.dkr.ecr.us-east-2.amazonaws.com', 'ecr:us-east-2:bttrm-backend-ecr') {
sh "docker push 534***385.dkr.ecr.us-east-2.amazonaws.com/bttrm-receipt-consumer:latest"
}
}
}
Run build:
Done.
Similar posts
- 09/23/2019 AWS: создание Elastic Container Registry и деплой из Jenkins
- 08/16/2017 Docker: retag образа
- 10/12/2016 Jenkins: запуск на AWS EC2 + Pipeline Plugin + Docker Pipeline Plugin
- 04/16/2019 Jenkins: a job to check a Github organization’s public repositories list
- 08/15/2019 Kubernetes: part 3 – AWS EKS overview and manual EKS cluster set up
Top comments (0)