Efficient and Secure Integration of Jeninks with ECR

  • AWS CLI
  • AWS ROLE
  • AWS ECR Plugin
aws ecr get-login
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ecr:GetAuthorizationToken",
"ecr:BatchCheckLayerAvailability",
"ecr:GetDownloadUrlForLayer",
"ecr:GetRepositoryPolicy",
"ecr:DescribeRepositories",
"ecr:ListImages",
"ecr:DescribeImages",
"ecr:BatchGetImage",
"ecr:GetLifecyclePolicy",
"ecr:GetLifecyclePolicyPreview",
"ecr:ListTagsForResource",
"ecr:DescribeImageScanFindings",
"ecr:InitiateLayerUpload",
"ecr:UploadLayerPart",
"ecr:CompleteLayerUpload",
"ecr:PutImage"
],
"Resource": "*"
}
]
}
git clone https://github.com/awslabs/amazon-ecr-credential-helper.gitcd amazon-ecr-credential-helper/make docker
mkdir -p bin
docker run --rm \
-e TARGET_GOOS= \
-e TARGET_GOARCH= \
-v '/root/amazon-ecr-credential-helper/bin':/go/src/github.com/awslabs/amazon-ecr-credential-helper/bin \
sha256:f40028122007c4597897a7950d160497ee9963827ac218cc9e37176a21f65b25
./scripts/build_binary.sh ./bin/local 0.5.0 c5b4d8f
go: downloading github.com/aws/aws-sdk-go v1.38.44
go: downloading github.com/docker/docker-credential-helpers v0.6.3
go: downloading github.com/mitchellh/go-homedir v1.1.0
go: downloading github.com/pkg/errors v0.9.1
go: extracting github.com/pkg/errors v0.9.1
go: extracting github.com/mitchellh/go-homedir v1.1.0
go: downloading github.com/sirupsen/logrus v1.4.2
go: extracting github.com/sirupsen/logrus v1.4.2
go: downloading golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f
go: extracting github.com/docker/docker-credential-helpers v0.6.3
go: extracting golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f
go: extracting github.com/aws/aws-sdk-go v1.38.44
go: downloading github.com/jmespath/go-jmespath v0.4.0
go: extracting github.com/jmespath/go-jmespath v0.4.0
go: finding github.com/docker/docker-credential-helpers v0.6.3
go: finding github.com/mitchellh/go-homedir v1.1.0
go: finding github.com/aws/aws-sdk-go v1.38.44
go: finding github.com/sirupsen/logrus v1.4.2
go: finding golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f
go: finding github.com/jmespath/go-jmespath v0.4.0
go: finding github.com/pkg/errors v0.9.1
Built ecr-login
[root@ip-10-0-0-216 amazon-ecr-credential-helper]# cd bin/local/
[root@ip-10-0-0-216 local]# ls
docker-credential-ecr-login
vim /var/lib/jenkins/.docker/config.json.
{
"credsStore": "ecr-login"
}
docker push ${AWS_ECR_REPO}/${REPO_NAME}:${currentBuild.number}docker pull ${AWS_ECR_REPO}/${REPO_NAME}:${currentBuild.number}

--

--

--

DevOps Engineer with 10+ years of experience in the IT Industry. In-depth experience in building highly complex, scalable, secure and distributed systems.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Are point release upgrades as easy as Umbraco claim?

Deep Dive Into Nmap Scan Techniques

#1 culture hack that is amiss in today’s startups and developers

MVC Core Bootstrapping and Request / Response process

Introduction to presenting with Jupyter with Reveal.js

Under the Hood: Unix Remix

3 small tools to turbocharge your mapping efficiency in ArcGIS

Using Kali-linux in any debian based linux using Docker

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Ankur

Ankur

DevOps Engineer with 10+ years of experience in the IT Industry. In-depth experience in building highly complex, scalable, secure and distributed systems.

More from Medium

Writing better puppet manifests

[AWS security]Secure an API with Amazon API Gateway!

Deploy Jenkins agents using EC2 Spot instances

Networking on AWS — AWS Roadmap