![](/img/trans.png)
[英]AWS ECR Get login command - No such file or directory via ansible
[英]ansible aws ecr login without using docker command
我想使用 ansible 登錄 aws docker ecr 注冊表
# return docker login -u AWS -p <token>
-name: dget docker command
shell: "aws ecr get-login --region {{ aws_region }}"
register: docker_login_command
-name: docker login
shell: "{{docker_login_command.output}}"
這將需要在我們的機器上安裝 docker cli。但我們正在使用 docker 容器來運行 ansible 並共享 docker 套接字。 有沒有辦法不為此使用 docker cli?
嘗試這個。 這對我有用。
- name: ecr docker get-authorization-token
shell: "aws ecr get-authorization-token \
--profile {{ envsettings.infra.aws_profile }} --region {{ envsettings.infra.aws_region }}"
register: ecr_command
- set_fact:
ecr_authorization_data: "{{ (ecr_command.stdout | from_json).authorizationData[0] }}"
- set_fact:
ecr_credentials: "{{ (ecr_authorization_data.authorizationToken | b64decode).split(':') }}"
- name: docker_repository - Log into ECR registry and force re-authorization
docker_login:
registry_url: "{{ ecr_authorization_data.proxyEndpoint.rpartition('//')[2] }}"
username: "{{ ecr_credentials[0] }}"
password: "{{ ecr_credentials[1] }}"
reauthorize: yes
它需要 docker pip python 模塊。 在上面的代碼之前安裝
- name: install required packages for this role
pip:
state: present
name: docker
executable: /usr/bin/pip3
這對我有用 \\o/
- name: "Teili e zaga"
shell: "{{ item }}"
with_items:
- $(aws ecr get-login --no-include-email --region us-east-1)
psicopante
另一個可能更簡單的解決方案是依賴get-login-password
而不是get-authorization-token
例如,基於實例配置文件:
- name: Get instance profile info
amazon.aws.aws_caller_info:
register: aws_info
- set_fact:
ecr_registry_url: "{{ aws_info.account }}.dkr.ecr.eu-west-1.amazonaws.com"
- name: Get ECR token
shell: "aws ecr get-login-password --region eu-west-1"
register: ecr_token
- name: Log into ECR registry
docker_login:
registry_url: "{{ ecr_registry_url }}"
debug: yes
username: "AWS"
password: "{{ ecr_token.stdout }}"
reauthorize: yes
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.