Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for Logon to Amazon EC2 Container Registry #29579

Closed
ansibot opened this issue Sep 11, 2017 · 12 comments · Fixed by #63158
Closed

Support for Logon to Amazon EC2 Container Registry #29579

ansibot opened this issue Sep 11, 2017 · 12 comments · Fixed by #63158
Labels
affects_2.1 This issue/PR affects Ansible v2.1 c:inventory/contrib_script cloud docker docs This issue/PR relates to or includes documentation. docsite This issue/PR relates to the documentation website. feature This issue/PR relates to a feature request. has_pr This issue has an associated PR. inventory Inventory category module This issue/PR relates to a module. support:community This issue/PR relates to code supported by the Ansible community. test This PR relates to tests.

Comments

@ansibot
Copy link
Contributor

ansibot commented Sep 11, 2017

From @osiegmar on 2016-10-16T15:34:56Z

ISSUE TYPE
  • Feature Idea
COMPONENT NAME

docker_login

ANSIBLE VERSION
2.1.1.0
SUMMARY

As far as I know, the only way to logon to (and pull docker images from / push to) Amazon ECR is via the shell module. It would be nice if the docker_login module supports logon to ECR so that further ansible docker tasks can directly work with ECR.

This is how I handle this currently:

- name: ECR login
  shell: "$(aws ecr get-login --region eu-central-1)"
- name: Pull image from ECR
  shell: "docker pull myid.dkr.ecr.eu-central-1.amazonaws.com/my-app:latest"

The output from aws ecr get-login is:

docker login -u AWS -p [VERY-LONG-PASSWORD] -e none https://myid.dkr.ecr.eu-central-1.amazonaws.com

The generated password is valid for 12 hours.

Of course, I could use awk to get the password from the output and then use docker_login. But the output format may change...

Copied from original issue: ansible/ansible-modules-core#5277
@ansibot
Copy link
Contributor Author

ansibot commented Sep 11, 2017

From @ansibot on 2016-10-16T15:34:56Z

@olsaki ping, this issue is waiting for your response.
click here for bot help

@ansibot ansibot added the affects_2.1 This issue/PR affects Ansible v2.1 label Sep 11, 2017
@ansibot
Copy link
Contributor Author

ansibot commented Sep 11, 2017

From @leedm777 on 2016-10-16T15:34:56Z

@osiegmar Have you tried amazon-ecr-credential-helper?

@ansibot ansibot mentioned this issue Sep 11, 2017
Closed
@ansibot
Copy link
Contributor Author

ansibot commented Sep 11, 2017

cc @jctanner
click here for bot help

@ansibot ansibot added cloud docker feature_idea module This issue/PR relates to a module. support:community This issue/PR relates to code supported by the Ansible community. labels Sep 11, 2017
@alexfoxgill
Copy link

Of course, I could use awk to get the password from the output and then use docker_login. But the output format may change...

you can use get-authorization-token with a query specifier to get the result that you want:

aws ecr get-authorization-token --region eu-west-1 --query 'authorizationData[].authorizationToken' --output text | base64 --decode | cut -d: -f2

(the result is returned base64 encoded with a AWS: prefix, hence the two piped commands)

@ansibot
Copy link
Contributor Author

ansibot commented Oct 8, 2017

cc @chouseknecht
click here for bot help

@ansibot ansibot added feature This issue/PR relates to a feature request. and removed feature_idea labels Mar 2, 2018
@ansibot ansibot added support:core This issue/PR relates to code supported by the Ansible Engineering Team. and removed support:community This issue/PR relates to code supported by the Ansible community. labels Sep 19, 2018
@ansibot
Copy link
Contributor Author

ansibot commented Oct 5, 2018

cc @felixfontein
click here for bot help

@ansibot ansibot added needs_maintainer Ansibot is unable to identify maintainers for this PR. (Check `author` in docs or BOTMETA.yml) support:community This issue/PR relates to code supported by the Ansible community. and removed support:core This issue/PR relates to code supported by the Ansible Engineering Team. labels Oct 5, 2018
@ansibot
Copy link
Contributor Author

ansibot commented Nov 2, 2018

cc @akshay196 @danihodovic @dariko @jwitko @kassiansun @tbouvet
click here for bot help

@ansibot ansibot removed the needs_maintainer Ansibot is unable to identify maintainers for this PR. (Check `author` in docs or BOTMETA.yml) label Nov 2, 2018
@felixfontein
Copy link
Contributor

felixfontein commented Nov 29, 2018
edited

needs_contributor

@ansibot ansibot added the waiting_on_contributor This would be accepted but there are no plans to actively work on it. label Nov 29, 2018
@ansibot
Copy link
Contributor Author

ansibot commented Dec 15, 2018

cc @DBendit
click here for bot help

@ansibot
Copy link
Contributor Author

ansibot commented Feb 2, 2019

cc @acozine
click here for bot help

@ansibot ansibot added c:inventory/contrib_script docs This issue/PR relates to or includes documentation. docsite This issue/PR relates to the documentation website. inventory Inventory category labels Feb 2, 2019
@ansibot ansibot added the test This PR relates to tests. label Feb 2, 2019
@ansibot
Copy link
Contributor Author

ansibot commented Feb 10, 2019

cc @WojciechowskiPiotr
click here for bot help

@felixfontein felixfontein mentioned this issue Oct 5, 2019
Merged
@felixfontein
Copy link
Contributor

Hello all! There's a PR which should fix this if used with https://github.com/awslabs/amazon-ecr-credential-helper (or some other credential helper for Amazon ECR, if there's one): #63158

Could you please give it a try and see whether it works for you?

@ansibot ansibot added the has_pr This issue has an associated PR. label Oct 5, 2019
@ansible ansible locked and limited conversation to collaborators Dec 9, 2019
@sivel sivel removed the waiting_on_contributor This would be accepted but there are no plans to actively work on it. label Dec 3, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
affects_2.1 This issue/PR affects Ansible v2.1 c:inventory/contrib_script cloud docker docs This issue/PR relates to or includes documentation. docsite This issue/PR relates to the documentation website. feature This issue/PR relates to a feature request. has_pr This issue has an associated PR. inventory Inventory category module This issue/PR relates to a module. support:community This issue/PR relates to code supported by the Ansible community. test This PR relates to tests.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

docker_login: allow to function with credential helpers felixfontein/ansible
4 participants
@sivel @alexfoxgill @felixfontein @ansibot