Hi everyone Does anyone know if it is possible to manually t Pulumi Community #aws

Hi everyone, Does anyone know if it is possible t...

wide-whale-78548

11/28/2021, 5:58 PM

Hi everyone, Does anyone know if it is possible to manually tag an image before pushing to ECR? Something like this for instance, but unfortunately the

tag

option does not exist in

buildAndPushImage

method:

Copy code

const repo = new awsx.ecr.Repository(....);       

        const img = repo.buildAndPushImage( {
            context: "path/to/app",
            tag: "some-app/v.some-version",
        });

When I check the command it generates, it adds an auto generated tag, so then I cannot overwrite it even using

extraOptions

if I use

DockerBuild

in it. I want to use the hash value of a folder as the value of the tag, so then I can check if anything in it that folder has actually changed before building a new image and pushing it again to ECR and then making ECS to go through it’s lengthy life-cycle even for non relevant pushes 😄 I can build the Docker image locally in the pipeline and push the image, but I’m looking for a way to do it all in Pulumi, also without having to manually provide repository details/credentials using

docker.Image(…)

🤔

steep-sunset-89396

11/28/2021, 11:32 PM

Hey Pooyan, yes it should be possible to do that.

steep-sunset-89396

11/28/2021, 11:33 PM

If you use

docker.buildAndPushImage()

to biuld the image before pushing to the registry, the first parameter is your image name

steep-sunset-89396

11/28/2021, 11:36 PM

This is a function I wrote in TS

Copy code

private computeImageFromAsset(appPath: string, repositoryUrl: string, registryId: string, parent: pulumi.Resource): pulumi.Output<string> {

        let imageName = this.args.imageName;

        let dockerBuildArgs: any = {};

        let _dockerBuild: docker.DockerBuild = {
            args: dockerBuildArgs,
            context: appPath,
            dockerfile: `${appPath}/Dockerfile`,
            cacheFrom: {},
        };

        const uniqueImageName = docker.buildAndPushImage(imageName, _dockerBuild, repositoryUrl, parent, async () => {

            let credentials = await aws.ecr.getCredentials({
                registryId: registryId
            }, {
                parent, async: true
            });

            let decodedCredentials = Buffer.from(credentials.authorizationToken, "base64").toString();
            let [username, password] = decodedCredentials.split(":");
            if (!password || !username) {
                throw new Error("Invalid credentials");
            }

            return {
                registry: credentials.proxyEndpoint,
                username: username,
                password: password,
            };
        });

        uniqueImageName.apply(d => pulumi.log.debug(`    build complete: ${imageName} (${d})`, parent));
        return uniqueImageName;
    }

❤️ 1

wide-whale-78548

11/29/2021, 8:44 AM

Thanks @steep-sunset-89396 I was not aware that

aws.ecr.getCredentials

method exits and that was very helpful.

steep-sunset-89396

11/29/2021, 8:51 AM

Glad to hear. Have you seen our repo full of examples? That's how I found this function.

❤️ 1

wide-whale-78548

11/29/2021, 8:58 AM

Yes, the Pulumi example repository is great :)

👍 1

Open in Slack

Previous Next