Skip to content

Instantly share code, notes, and snippets.

@Cepr0

Cepr0/build-push-docker-image-to-aws.md

Last active October 26, 2021 21:03
Show Gist options
  • Save Cepr0/458ff3430e6ac75526725b297c2148cd to your computer and use it in GitHub Desktop.
Save Cepr0/458ff3430e6ac75526725b297c2148cd to your computer and use it in GitHub Desktop.
Download ZIP
Build and push docker image to Amazon from maven
Raw
build-push-docker-image-to-aws.md
  1. Install amazon-ecr-credential-helper
go get -u github.com/awslabs/amazon-ecr-credential-helper/ecr-login/cli/docker-credential-ecr-login
  1. Move it to a some folder already in the execution PATH:
mv ~/go/bin/docker-credential-ecr-login ~/bin/
  1. Add credHelpers section to ~/.docker/config.json file for our Amazon ECR docker repo ID:
{
  "credHelpers": {
    "<ecr-id>.dkr.ecr.<aws-region>.amazonaws.com": "ecr-login"
  },
  //...
}

(on Windows remove line "credsStore": "wincred",, if it exists, from this file)

  1. Check that ~/.aws/config has our region
[default]
region = <aws-region>

and ~/.aws/credentials has our keys

[ecr-push-user]
aws_access_key_id = <id>
aws_secret_access_key = <secret>

(More info...)

  1. Add Spotify dockerfile-maven-plugin to pom.xml:
    <properties>
        <docker.image.prefix>xxxxxxxxxxxx.dkr.ecr.rrrrrrr.amazonaws.com</docker.image.prefix>
        <docker.image.name>${project.artifactId}</docker.image.name>
        <docker.image.tag>${project.version}</docker.image.tag>
        <docker.file>Dockerfile</docker.file>
    </properties>

    <build>
      <finalName>service</finalName>
      
      <plugins>
          <!-- Docker image mastering -->
          <plugin>
              <groupId>com.spotify</groupId>
              <artifactId>dockerfile-maven-plugin</artifactId>
              <version>1.4.10</version>
              <configuration>
                  <repository>${docker.image.prefix}/${docker.image.name}</repository>
                  <tag>${docker.image.tag}</tag>
                  <dockerfile>${docker.file}</dockerfile>
                  <buildArgs>
                      <JAR_FILE>target/${project.build.finalName}.jar</JAR_FILE>
                  </buildArgs>
              </configuration>
              <executions>
                  <execution>
                      <id>default</id>
                      <phase>package</phase>
                      <goals>
                          <goal>build</goal>
                          <goal>push</goal>
                      </goals>
                  </execution>
              </executions>
          </plugin>
      </plugins>
    </build>
  1. Make sure that Dockerfile exists:
FROM openjdk:11-jre-slim
VOLUME /tmp
WORKDIR /service
COPY target/service.jar service.jar
ENTRYPOINT exec java -server \
-Djava.security.egd=file:/dev/./urandom \
$JAVA_OPTS \
-jar service.jar
@jhuamanchumo
Copy link

Actually the aws cli can help with steps 1,2,3, with the following command:

aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ACCOUNT-ID.dkr.ecr.us-east-1.amazonaws.com

the command produces an entry in ~/.docker/config.json, here is two entries, one for DockerHub and the other for ECR.

{
  "auths": {
    "ACCOUNT-ID.dkr.ecr.us-east-1.amazonaws.com": {
      "auth": "RS1d5WSndZ......................WGxwPQ=="
    },
    "https://index.docker.io/v1/": {
      "auth": "1tfDcxOO..........jdKUgtFddg=="
    }
  }
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment