Join GitHub today
[Feature request] ECR support - create repos in ECR API before push #504
The OpenFaaS Cloud CI/CD pipeline creates Docker images in a remote registry and those image tags are dynamic. ECR doesn't support this behaviour in the same way as the Docker Hub or other registries we've used so far.
As an AWS user, I should be able to use AWS ECR for my images
ECR won't work because an API call is required to create each image name, before it's pushed.
The repo needs to be created before the build is carried out, which would mean adding code to
An initial working prototype may alter buildshiprun directly, but a more polished solution may deploy yet another OFC function, or exist in a separate generic library and be vendored in.
An AWS IAM role will be required.
@mhausenblas (AWS) was very helpful
Once added the code will need to accept a new access key ID and secret access key for the ECR API, this will also have to be inputted via ofc-bootstrap
Customers on AWS tend to want to use ECR
If you want this, or want to help build it please comment
Here's the bad news.. the push token has to be renewed every 12 hours https://docs.aws.amazon.com/AmazonECR/latest/userguide/docker-basics.html
FluxCD have created a registry package that manages the auth and handles the token refresh: https://github.com/fluxcd/flux/tree/master/registry