Amazon EC2 Container Registry

How to use the Amazon Docker Registry in Codefresh

Go to your Account Configuration, by clicking on Account Settings on the left sidebar. On the first section called Integrations click the Configure button next to Docker Registry.

To configure ECR first select Amazon ECR from the new registry drop down and then provide the following

  • Registry Name - A unique name for this configuration
  • Access Key ID - AWS accessKeyId
  • Secret Access Key - AWS accessKeyId
  • Region - AWS region

Add Amazon EC2 Container Registry

Codefresh makes sure to automatically refresh the AWS token for you.

For more information on how to obtain the needed tokens read the AWS documentation.

Note

You need to have an active registry all set up in AWS.

Amazon ECR Push/Pull operations can be provide by two permission options: user-based and resource-based.

  1. User-based permissions: User account need to apply AmazonEC2ContainerRegistryPowerUser policy (or custom based on that policy). More information and examples can be found here
  2. For resource-based users require permissions to call ecr:GetAuthorizationToken before they can authenticate to a registry and push or pull any images from any Amazon ECR repository, than you need provide push/pull permissions to specific registry. More information and examples can be found here.

Pushing Docker images to Amazon ECR

There are 3 ways to push images

  1. Using the YAML push step (recommended)
  2. Using the GUI pipeline (shown below)
  3. Promoting manually an image (shown below)

An example repository can be found at https://github.com/codefreshdemo/react-starter-kit

Pushing a Docker image via the Pipeline GUI

In the Pipelines view, you can configure to which registry the build image will be pushed to.

  1. Select your repository

select repo.png

  1. Select the registry to where the build image will be pushed

Make sure the repository exists in ECR

save-reg.png

  1. Save and build the pipeline

The image will be pushed to your registry. You can see the build log to for details.

Manually promoting an image

The Images view has an option to manually push images to a registry.

  1. Click on the Promote button

promote.png

  1. On the promotion dialog set
    • Repository Name - name of your repository as it set in ECR

ecr2.png

  • Tag - select a tag (the tag will appear after the : e.g. repository-name:tag)
  • Registry - your ECR configuration

ecr3.png

  1. Click the Promote button

It is possible to change the image name if you want, but make sure that the new name exist as a repository in ECR