Create or update AWS registry secret on Kubernetes

apply-registry-secret.sh

#!/bin/bash
update_registry_secret() {
  login_cmd=$(aws ecr get-login)
  username=$(echo $login_cmd | cut -d " " -f 4)
  password=$(echo $login_cmd | cut -d " " -f 6)
  endpoint=$(echo $login_cmd | cut -d " " -f 9)
  auth=$(echo "$username:$password" | /usr/bin/base64)

  configjson="{ \"auths\": { \"${endpoint}\": { \"auth\": \"${auth}\" } } }"

  kubectl apply -f - << EOF
apiVersion: v1
kind: Secret
metadata:
  name: aws-ecr-registry
data:
  .dockerconfigjson: $(echo $configjson | /usr/bin/base64)
type: kubernetes.io/dockerconfigjson
EOF
}

update_registry_secret

Note to whomever want to use this, you might want to remove line ending to auth and add one in the yaml:

#!/bin/bash
update_registry_secret() {
  login_cmd=$(aws ecr get-login)
  username=$(echo $login_cmd | cut -d " " -f 4)
  password=$(echo $login_cmd | cut -d " " -f 6)
  endpoint=$(echo $login_cmd | cut -d " " -f 9)
  auth=$(echo -n "$username:$password" | /usr/bin/base64)

  configjson="{ \"auths\": { \"${endpoint}\": { \"auth\": \"${auth}\" } } }"

  kubectl apply -f - << EOF
apiVersion: v1
kind: Secret
metadata:
  name: aws-ecr-registry
data:
  .dockerconfigjson: '$(echo -n "$configjson" | /usr/bin/base64 | tr -d "\n")'
type: kubernetes.io/dockerconfigjson
EOF
}

update_registry_secret

Also please note that the following command

kubectl create secret docker-registry regcred --docker-server=<your-registry-server> --docker-username=<your-name> --docker-password=<your-pword> --docker-email=<your-email>

does the same — see the documentation.