Hi All, I have this setup for creating images in ECR

import * as awsx from '@pulumi/awsx';
const repository = new awsx.ecr.Repository('repo', {
    name: 'myrepo',
    imageScanningConfiguration: {. scanOnPush: true },
    imageTagMutability: 'MUTABLE',
    forceDelete: true,
});

const image = new awsx.ecr.Image('image', {
    repositoryUrl: repository.url,
    context: process.env.REPO_PATH,
    platform: 'linux/amd64',
    imageName: 'samplewebapp',
    imageTag: 'from-githhash',
});

and below in my bitbucket pipeline

pipelines:
    custom:
        up-dev:
            - step:
                  name: Pulumi infra creation
                  oidc: true
                  deployment: development
                  options:
                      docker: true
                  services:
                      - docker
                  caches:
                      - docker
                      - node
                  script:
                      - *pulumi_aws_config
                      - pulumi up --yes -s minions/sampleapp/dev

When i do

pulumi up

on my local machine pulumi was able to create and publish images to

aws

ECR. But when i run the same through bitbucket pipeline it is failing with this error,

docker-build:index:Image (samplewebapp):
 error: booting builder: Error response from daemon: authorization denied by plugin pipelines: --privileged=true is not allowed

Is there a way to pass

privileged

false to

awsx.ecr.Image

?

Sorry to hear you're running into issues here! The error message

authorization denied by plugin pipelines: --privileged=true is not allowed

indicates that the provider couldn't find an existing buildkit builder and instead tried to boot one in a docker container. This requires

privileged

, which BitBucket doesn't allow. I'd have expected it to find a buildkit builder, given that BitBucket uses dockerbuild by default now. Do you mind running

docker buildx ls

in your bitbucket pipeline and pasting the output here?