If you are using an Amazon AWS chances are that you already have ECR , Amazon EC2 Container Registry , within your account . Now this is practical if you want to have you own private Docker Registry for saving your docker images .
Now in my case I wanted to be able to push an image to my private Registry within the context of a Jenkins build .
So we will need to do the following :
- Configure AWS credentials on build machine
- Configure Amazon ECR Docker Registry
- Modify our Jenkins pipeline to perform a push
Configure AWS credentials on build machine
1. install the awscli which allows you then to configure your aws account login info on your env , this is done using :
sudo apt install awscli
2. next we do the aws configuration using the following command, (
see AWS CLI official guide ):
aws configure
Here you will need to know your AWS Access Key ID and AWS Secret Access Key .
Note that the Secret Access Key ID is generated only once , so you need to keep it somewhere safe or regenerate a new one .
To get the 2 keys you would need to login to your AWS console and go to :
IAM > Users > Now select one of the users > Click on Security Credentials tab > Now from here you can create a New Access Key
Configure Amazon ECR Docker Registry
1. Login to your AWS console .
2. Choose "EC2 Container Service"
3. Click on Repositories > Create Repository
4. Set a name for your repository
5. Clicking on next will give you all the commands to login to ECR from aws cli , tag and push your image to your repo
For reference the official link to ECR is
here .
Modify our Jenkins pipeline to perform a push
Now that we have aws login configured on build machine and a private docker registry on Amazon we are ready to modify our Jenkins pipeline to perform the push .
Here I assume that you already do have Jenkins job existing and you know your way through the pipeline goovy codes .
So we will add the following :
{
....
}
stage('Publish Docker Image to AWS ECR '){
def loginAwsEcrInfo = sh(returnStdout: true, script: 'aws ecr get-login --region us-east-1').trim()
echo "Retreived AWS Login: ${loginAwsEcrInfo}"
sh '${loginAwsEcrInfo}'
sh 'docker tag tomcat6-atlas:latest XXXXXXXXXXXX.YYY.ZZZ.us-east-1.amazonaws.com/tomcat6-atlas:latest'
sh 'docker push XXXXXXXXXXXX.YYY.ZZZ.us-east-1.amazonaws.com/tomcat6-atlas:latest'
}
Note: Do replace the tag and push command with the actual values as indicated from your Amazon ECR repository page
Notice that I have a loginAwsEcrInfo variable defined in grovy , this is because I need to get the output of the command ' aws ecr get-login --region us-east-1 ' from sh which actually generates the command to login through docker using the aws credentials . This is possible thanks to the returnStdout flag on sh .
That should be it , you should be able to publish your image within your Jenkins job execution .