I want to login in aws docker ecr registry using ansible
# return docker login -u AWS -p <token>
-name: dget docker command
shell: "aws ecr get-login --region {{ aws_region }}"
register: docker_login_command
-name: docker login
shell: "{{docker_login_command.output}}"
this will required docker cli install in our machine.but we are using docker container to run ansible with share docker socket. is there way to not use docker cli for this?
try this. this work for me.
- name: ecr docker get-authorization-token
shell: "aws ecr get-authorization-token \
--profile {{ envsettings.infra.aws_profile }} --region {{ envsettings.infra.aws_region }}"
register: ecr_command
- set_fact:
ecr_authorization_data: "{{ (ecr_command.stdout | from_json).authorizationData[0] }}"
- set_fact:
ecr_credentials: "{{ (ecr_authorization_data.authorizationToken | b64decode).split(':') }}"
- name: docker_repository - Log into ECR registry and force re-authorization
docker_login:
registry_url: "{{ ecr_authorization_data.proxyEndpoint.rpartition('//')[2] }}"
username: "{{ ecr_credentials[0] }}"
password: "{{ ecr_credentials[1] }}"
reauthorize: yes
it required docker pip python module. install before above code
- name: install required packages for this role
pip:
state: present
name: docker
executable: /usr/bin/pip3
This worked for me \\o/
- name: "Teili e zaga"
shell: "{{ item }}"
with_items:
- $(aws ecr get-login --no-include-email --region us-east-1)
psicopante
Another solution, maybe easier, is to rely on get-login-password
rather than get-authorization-token
For example, basing on instance profile:
- name: Get instance profile info
amazon.aws.aws_caller_info:
register: aws_info
- set_fact:
ecr_registry_url: "{{ aws_info.account }}.dkr.ecr.eu-west-1.amazonaws.com"
- name: Get ECR token
shell: "aws ecr get-login-password --region eu-west-1"
register: ecr_token
- name: Log into ECR registry
docker_login:
registry_url: "{{ ecr_registry_url }}"
debug: yes
username: "AWS"
password: "{{ ecr_token.stdout }}"
reauthorize: yes
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.