问题描述
我想使用ansible登录AWS docker ecr注册表
# return docker login -u AWS -p <token>
-name: dget docker command
shell: "aws ecr get-login --region {{ aws_region }}"
register: docker_login_command
-name: docker login
shell: "{{docker_login_command.output}}"
这将需要在我们的机器上安装docker cli。但是我们使用docker容器与共享docker套接字一起运行ansible。有没有办法不使用docker cli?
解决方法
尝试一下。这项工作对我来说。
- name: ecr docker get-authorization-token
shell: "aws ecr get-authorization-token \
--profile {{ envsettings.infra.aws_profile }} --region {{ envsettings.infra.aws_region }}"
register: ecr_command
- set_fact:
ecr_authorization_data: "{{ (ecr_command.stdout | from_json).authorizationData[0] }}"
- set_fact:
ecr_credentials: "{{ (ecr_authorization_data.authorizationToken | b64decode).split(':') }}"
- name: docker_repository - Log into ECR registry and force re-authorization
docker_login:
registry_url: "{{ ecr_authorization_data.proxyEndpoint.rpartition('//')[2] }}"
username: "{{ ecr_credentials[0] }}"
password: "{{ ecr_credentials[1] }}"
reauthorize: yes
它需要docker pip python模块。在上述代码之前安装
- name: install required packages for this role
pip:
state: present
name: docker
executable: /usr/bin/pip3
,
这对我有用\o/
const disptach = useDispatch(); // useDispatch() is a hook
psicopante