Pushing a docker image to ECR and a little script to add autonomy to it.

I have a .NET Core program for a client which runs in a Docker container under their own AWS account via ECR (Elastic Container Registry). When a modification is required I go through the usual process and eventually push it to their ECR registry. The application isn’t apart of a continuous deployment or any automated build system which would take care of this also, this program does some ad-hoc reporting and data processing on a relatively infrequent basis. This just documents that process.

Setup the ECR profile in AWS CLI

You need to add the credentials for an AWS account to access your ECR registry, usually they are stored in ~/.aws/credentials, but we can also do that via AWS CLI (command line interface). If you have this done already, you can skip this bit.

aws configure --profile <your_profile_name>

Replace <your_profile_name> with the name of your profile, aws account, client name – something meaningful if you just run aws configure it will use the default profile.

Paste in your access key ID & hit return, then paste the key itself. Give a preferred region (like eu-west-1) if you want to operate from a default region and unless you have a specific reason leave Output format as default.

The CLI should exit and your profile is setup!

Pushing the image to ECR

This assumes you have your dockerfile ready to go and an ECR registry setup.

What I do now is make a file called “buildandpush.sh“.

I then paste this content:

eval $(aws ecr get-login --no-include-email --profile <your_profile_name> --region <region> | sed 's|https://||')

docker build -t <docker_tag> .

docker tag <docker_tag>:latest <ecr_url>:latest

docker push <ecr_url>:latest
  • Replace <your_profile_name> with the value you set when setting up the profile
  • Replace <region> with your preferred region
  • Set <docker_tag> to the name of your project or chosen tag
  • Replace <ecr_url> with your ECR URL, they are formatted like <number>.dkr.ecr.<region>.amazonaws.com/<registry_name>. Example: 012345678901.dkr.ecr.eu-west-1.amazonaws.com/agreatdockerapp-1

I then execute the command:

./buildandpush.sh

And those commands will execute, first credentials will be obtained from AWS, then the docker file is built, the build is tagged with the ECR URL and then the image is pushed.

If all is well, you should have an output that looks like this at the end

Successfully built bf845022fa6a
Successfully tagged <docker_tag>:latest
The push refers to repository [012345678901.dkr.ecr.eu-west-1.amazonaws.com/agreatdockerapp-1]
5d13f56bfffe: Pushed
09dd11c57715: Pushed
51a2ee32aecb: Layer already exists
f21a1d4bd051: Layer already exists
5d6550aaa3c7: Layer already exists
e825243ca30e: Layer already exists
67ecfc9591c8: Layer already exists
latest: digest: sha256:a557e936f9b4abee4a610944f736e2d4dc8d039c0bedaac394d6665e7f2d0835 size: 1788