New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Uploading Docker container to AWS ECR using shell-local post-processor #3644
Comments
Shell local run once per file in the artifact. But This could be seen as a Atlas specific issue. |
In those configs/logs I provided I used What lines in packer debug log should I look for? |
Could you provide a full |
Hey, sorry for a delay, I'll try to provide those/logs soon. |
@iroller my solution is a bash script: build.sh:
My template.json post processor step looks like this: "post-processors": [
[
{
"type": "docker-tag",
"repository": "123123123.dkr.ecr.us-west-2.amazonaws.com/myrep}",
"tag": "latest"
},
{
"type": "docker-push",
"login_server": "https://123123123.dkr.ecr.us-west-2.amazonaws.com/"
}
]
] Works great! :) |
@bobbydeveaux thanks, in my case I run packer in Atlas and don't think I can use the way you described. Still looking into getting |
As @rickard-von-essen said, "Shell local run once per file in the artifact. But amazon builders artifacts have no files. Thus it never executes." I found that I could work around that behavior, with an "artifice post-processor [to] override the artifact list from an upstream builder or post-processor"(Artiface post-processor) like so:
|
@iroller. I tried to do mimic your method with Packer 0.10.1 but did not work for me, details below Error
build.sh COMMAND=`eval aws ecr get-login --region us-west-2`
echo `eval $COMMAND`
echo "Building via Packer"
packer build data-exchange-packer.json packer JSON file snippet "post-processors": [
[
{
"type":"docker-tag",
"repository" : "<acctid>.dkr.ecr.us-east-1.amazonaws.com/sbg_cloudinfra_sse_data_exchange",
"tag" : "data-exchange-{{user `version`}}"
},
{
"type":"docker-push",
"login_server": "https://182570719012.dkr.ecr.us-east-1.amazonaws.com"
}
]
] |
And improved ECR support not requiring to use |
Closing this since native ECR support was added in #3856. |
Latest Packer in Atlas
I've been using packer-tag and packer-push as it suggested in docs to upload a Docker container built with Packer to Amazon EC2 Container Registry. It works fine but it requires me to manually update
login_password
usingaws ec2 ecr-login
every 12 hours since the token provided by amazon is temporary.Since I can provide Packer with AWS keys there should be a way for it to obtain a new token on each execution.
I've tried to use
shell-local
instead ofpacker-tag
andpacker-push
to get this working:Packer build completes with no errors. However the image is not being uploaded and there's no related output even with
PACKER_LOG=debug
. The only thing I see in logs isAny suggestions on how to get it working?
Better way would be to keep docker-tag and docker-push post-processors but provide the output of
AWS_ACCESS_KEY_ID=123 AWS_SECRET_ACCESS_KEY=123 aws ecr get-authorization-token --output text --query "authorizationData[].authorizationToken"
tologin_password
field somehow. The question is how to do that.The text was updated successfully, but these errors were encountered: