Amazon EC2 Container Registry
How to use the Amazon Docker Registry in Codefresh
Go to your Account Configuration, by clicking on Account Settings on the left sidebar. On the first section called Integrations click the Configure button next to Docker Registry.
To configure ECR first select Amazon ECR from the new registry drop down and then provide the following
- Registry Name - A unique name for this configuration
- Access Key ID - AWS accessKeyId
- Secret Access Key - AWS accessKeyId
- Region - AWS region
Codefresh makes sure to automatically refresh the AWS token for you.
For more information on how to obtain the needed tokens read the AWS documentation.
You need to have an active registry all set up in AWS.
Amazon ECR Push/Pull operations can be provide by two permission options: user-based and resource-based.
- User-based permissions: User account need to apply AmazonEC2ContainerRegistryPowerUser policy (or custom based on that policy). More information and examples can be found here
- For resource-based users require permissions to call ecr:GetAuthorizationToken before they can authenticate to a registry and push or pull any images from any Amazon ECR repository, than you need provide push/pull permissions to specific registry. More information and examples can be found here.
Pushing Docker images to Amazon ECR
There are 3 ways to push images
- Using the YAML push step (recommended)
- Using the GUI pipeline (shown below)
- Promoting manually an image (shown below)
An example repository can be found at https://github.com/codefreshdemo/react-starter-kit
Pushing a Docker image via the Pipeline GUI
In the Pipelines view, you can configure to which registry the build image will be pushed to.
- Select your repository
- Select the registry to where the build image will be pushed
Make sure the repository exists in ECR
- Save and build the pipeline
The image will be pushed to your registry. You can see the build log to for details.
Manually promoting an image
The Images view has an option to manually push images to a registry.
- Click on the Promote button
- On the promotion dialog set
- Repository Name - name of your repository as it set in ECR
- Tag - select a tag (the tag will appear after the
- Registry - your ECR configuration
- Click the Promote button
It is possible to change the image name if you want, but make sure that the new name exist as a repository in ECR