Connect Spinnaker to Amazon Elastic Container Registry
Adding ECR as a Docker registry
When configuring a registry, you normally use standard
SpinnakerService configuration if using the Operator, or the
hal command for adding a Docker Registry if using Halyard.
Starting Halyard version v1.10 and later , the ECR token refresh is supported by the docker registry provider by default. Hence you are not required to have the side car container alongside clouddriver to refresh the token. In these later versions, use the
--password-command option to pass the command to update your access token through halyard as shown under ECR Docker Registry or use
passwordCommand: under dockerRegistry account configuration for operator.
Update your Spinnaker installation
dockerRegistry: enabled: true primaryAccount: dockerhub accounts: - name: dockerhub requiredGroupMembership: providerVersion: V1 address: 012345678910.dkr.ecr.us-east-1.amazonaws.com username: AWS passwordCommand: "aws --region ue-east-2ecr get-authorization-token --output text --query 'authorizationData.authorizationToken' | base64 -d | sed 's/^AWS://"
hal config provider docker-registry account add my-ecr-registry \ --address $ADDRESS \ --username AWS \ --password-command "aws --region $REGION ecr get-authorization-token --output text --query 'authorizationData.authorizationToken' | base64 -d | sed 's/^AWS://'"
Success! Now you will be able to use ECR as a Docker registry in the configuration stage.
Was this page helpful?
Thank you for letting us know!
Sorry to hear that. Please tell us how we can improve.
Last modified February 3, 2022: (ab10083c)