How to get docker images from privacy AWS ECR repository in Vagrant
I found that you can use Vagrant and Docker as a provider, That I think is so cool. Official doc
The documentation shows a section to set up using private repositories.
email, username, password and auth_server
I want to know if Vagrant supports
aws ecr get-login to get docker images from AWS Registry?
I tried this:
Vagrant.configure("2") do |config| config.vm.define "mydocker" do |a| a.vm.provider "docker" do |d| d.image = "my-account.dkr.ecr.us-east-1.amazonaws.com/myimage:latest" #Private registry d.email = "email@example.com" d.username = "my-user" d.password = "my-pass" d.auth_server = "my-account.dkr.ecr.us-east-1.amazonaws.com" #Custom Docker Host d.vagrant_machine = "dockerhost" d.vagrant_vagrantfile = "./dockerHost/Vagrantfile" end end end
This is the output error: (Vagrant tried to make the login with the parameters)
Command: "docker" "login" "-u" "my-user" "-p" "my-pass" "my-account.dkr.ecr.us-east-1.amazonaws.com" Stderr: Error response from daemon: login attempt to https://my-account.dkr.ecr.us-east-1.amazonaws.com/v2/ failed with status: 401 Unauthorized
One Solution collect form web for “How to get docker images from privacy AWS ECR repository in Vagrant”
I found the way using
get-authorization-token I don’t know it is the best way, but it works by the moment.
get-authorization-token command creates a valid token for 12 hours. (I think this can be changed) and you can see the official doc
If you are on MAC More info (does`t work with zsh console, so uses bash)
aws ecr get-authorization-token --output text --query authorizationData.authorizationToken | base64 -D | cut -d: -f2
It will print the decode password and then in the Vagrantfile:
... #Private registry d.email = "" d.username = "AWS" d.password = "The-decoded-password" d.auth_server = "my-account.dkr.ecr.us-east-1.amazonaws.com" ...
And it works.
Maybe it is necessary to generate a password that live more than 12 hours =0)
I will waiting for comments or improvements.