Amazon EC2 Container Registry
How to use the Amazon Docker Registry in Codefresh
Go to your Account Configuration, by clicking on Account Settings on the left sidebar. On the first section called Integrations click the Configure button next to Docker Registry.
To configure ECR first select Amazon ECR from the new registry drop down and then provided the following:
- Registry Name - unique name for this configuration.
- Access Key ID - AWS accessKeyId.
- Secret Access Key - AWS accessKeyId.
- Region - AWS region.
Codefresh makes sure to automatically refresh the AWS token for you.
For more information on how to obtain the needed tokens read the AWS documentation.
You need to have an active registry all set up in AWS.
Amazon ECR Push/Pull operations can be provide by two permission options: user-based and resource-based.
- User-based permissions: User account need to apply AmazonEC2ContainerRegistryPowerUser policy (or custom based on that policy). More information and examples can be found here
- For resource-based users require permissions to call ecr:GetAuthorizationToken before they can authenticate to a registry and push or pull any images from any Amazon ECR repository, than you need provide push/pull permissions to specific registry. More information and examples can be found here.
Pushing Docker images to Amazon ECR
There are 2 ways to push images
- Using the YAML push step (recommended)
- Promoting manually an image (shown below)
For more details on how to push a Docker image in a pipeline see the build and push example.
Manually promoting an image
The Images view has an option to manually push images to a registry.
- Click on the Promote button
- On the promotion dialog set
- Repository Name - name of your repository as it set in ECR
- Tag - select a tag (the tag will appear after the
- Registry - your ECR configuration
- Click the Promote button
It is possible to change the image name if you want, but make sure that the new name exist as a repository in ECR