Skip to content

cloudbees-io/configure-ecr-credentials

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
.cloudbees
.cloudbees
 
 
cmd
cmd
 
 
internal/auth
internal/auth
 
 
Dockerfile
Dockerfile
 
 
LICENSE.txt
LICENSE.txt
 
 
Makefile
Makefile
 
 
README.adoc
README.adoc
 
 
VERSION
VERSION
 
 
action.yml
action.yml
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

CloudBees action: Configure Amazon ECR credentials

Use this action to configure Amazon Elastic Container Registry (ECR) credentials for use in CloudBees workflows.

This action logs in a local container configuration file to one or more ECR private registries, or to an ECR public registry.

Prerequisites

Make sure to add the following to your YAML file:

      - name: Check out repo
        uses: actions/checkout@v1

      - name: Configure AWS credentials
        uses: cloudbees-io/configure-aws-credentials@v1
        with:
          role-to-assume: arn:aws:iam::123456789012:role/my-cloudbees-actions-role
          aws-region: aws-region-1

Inputs

Table 1. Input details
Input name Data type Required? Description

registries

String

No

The registry ID.

Usage examples

Log in to ECR, build and push a container image

Log in to an ECR private registry, then build, tag, and push a container image to it.

In your YAML file, add:

      - name: Log in to ECR
        id: login-ecr
        uses: cloudbees-io/configure-ecr-credentials@v1

      - name: Build, tag, and push a container image to ECR
        uses: cloudbees-io/kaniko@v1
        with:
          destination: 123456789012.dkr.ecr.us-east-1.amazonaws.com/my-ecr-repo:latest

Log in to ECR, package and push a Helm chart

Log in to an ECR private registry, and then package and push a Helm chart to it.

In your YAML file, add:

      - name: Log in to ECR
        id: login-ecr
        uses: cloudbees-io/configure-ecr-credentials@v1

      - name: Package and push helm chart to ECR
        env:
          REGISTRY: ${{ steps.login-ecr.outputs.registry }}
          REPOSITORY: my-ecr-repo
        uses: docker://alpine/helm:latest
        run: |
          helm package my-ecr-repo
          helm push my-ecr-repo-0.1.0.tgz oci://123456789012.dkr.ecr.us-east-1.amazonaws.com
Note
 (for Kaniko users) Helm and Kaniko use the same credential store, so you can use the same credentials for both.

Log in to ECR on multiple AWS accounts

Add the AWS credentials configuration action, and then provide cross-account access.

In your YAML file, add:

      - name: Configure AWS credentials
        uses: cloudbees-io/configure-aws-credentials@v1
        with:
          role-to-assume: arn:aws:iam::123456789012:role/my-cloudbees-actions-role
          aws-region: aws-region-1

      - name: Log in to ECR
        id: login-ecr
        uses: cloudbees-io/configure-ecr-credentials@v1
        with:
          registries: "123456789012,998877665544"
Note

The repository on account 998877665544 must explicitly grant access to the arn:aws:iam::123456789012:role/my-cloudbees-actions-role role for cross-account access to work.

Refer to AWS documentation on allowing secondary account access for how to correctly configure ECR policies.

License

This code is made available under the MIT license.

References

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

7 watching

Forks

2 forks
Report repository

Releases 1

v0 Latest
Nov 8, 2023

Packages

No packages published

Contributors 8

Languages