stackoom
  简体   繁体   中英

ansible aws ecr login without using docker command

 原文  2020-09-03 12:27:11       docker/ ansible/ amazon-ecr

Question

I want to login in aws docker ecr registry using ansible

    # return  docker login -u AWS -p <token> 
   -name: dget docker command
    shell: "aws ecr get-login --region {{ aws_region }}"
    register: docker_login_command
    
   -name: docker login 
    shell: "{{docker_login_command.output}}"

this will required docker cli install in our machine.but we are using docker container to run ansible with share docker socket. is there way to not use docker cli for this?

3 answers

solution1
 2  2020-09-03 12:31:40

try this. this work for me.

  - name: ecr docker get-authorization-token
    shell: "aws ecr get-authorization-token  \
    --profile {{ envsettings.infra.aws_profile }} --region {{ envsettings.infra.aws_region }}"
    register: ecr_command
  
  - set_fact:
      ecr_authorization_data: "{{ (ecr_command.stdout | from_json).authorizationData[0] }}"
  
  - set_fact:
      ecr_credentials: "{{ (ecr_authorization_data.authorizationToken | b64decode).split(':') }}"
  
  - name: docker_repository - Log into ECR registry and force re-authorization
    docker_login:
      registry_url: "{{ ecr_authorization_data.proxyEndpoint.rpartition('//')[2] }}"
      username: "{{ ecr_credentials[0] }}"
      password: "{{ ecr_credentials[1] }}"
      reauthorize: yes

it required docker pip python module. install before above code

  - name: install required packages for this role
    pip:
      state: present
      name: docker
      executable: /usr/bin/pip3

solution2
 0  2021-03-21 22:23:21

This worked for me \\o/

- name: "Teili e zaga"
  shell: "{{ item }}"
  with_items:    
   - $(aws ecr get-login --no-include-email --region us-east-1)

psicopante

solution3
 0  2022-10-04 12:53:14

Another solution, maybe easier, is to rely on get-login-password rather than get-authorization-token

For example, basing on instance profile:

- name: Get instance profile info
  amazon.aws.aws_caller_info:
  register: aws_info

- set_fact:
    ecr_registry_url: "{{ aws_info.account }}.dkr.ecr.eu-west-1.amazonaws.com"

- name: Get ECR token
  shell: "aws ecr get-login-password --region eu-west-1"
  register: ecr_token

- name: Log into ECR registry
  docker_login:
    registry_url: "{{ ecr_registry_url }}"
    debug: yes
    username: "AWS"
    password: "{{ ecr_token.stdout }}"
    reauthorize: yes

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question AWS ECR Get login command - No such file or directory via ansible Not able to login to AWS ECR Repository through docker login command Is it possible to pull images from ECR without using docker login AWS ECR login command pipe in mac os Is it possible to pull image from ECR in a EC2 without using docker login? Terraform deployment of Docker Containers to aws ecr Cannot pull image from AWS ECR repository using docker with VirtualBox or Colima Bitbucket pipelines: Docker login to private ECR succeeds, but pull fails Problem in getting result from 'aws ecr get-login' Using docker for aws command line utility
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM