CDK construct to deploy docker image to Amazon ECR
Project description
cdk-ecr-deployment
CDK construct to synchronize single docker image between docker registries.
Only use v3 of this package
⚠️ Version 2.* is no longer supported, as the Go.1.x runtime is no longer supported in AWS Lambda.
⚠️ Version 1.* is no longer supported, as CDK v1 has reached the end-of-life
stage.
Features
- Copy image from ECR/external registry to (another) ECR/external registry
- Copy an archive tarball image from s3 to ECR/external registry
Environment variables
Enable flags: true
, 1
. e.g. export CI=1
CI
indicate if it's CI environment. This flag will enable building lambda from scratch.NO_PREBUILT_LAMBDA
disable using prebuilt lambda.FORCE_PREBUILT_LAMBDA
force using prebuilt lambda.
⚠️ If you want to force using prebuilt lambda in CI environment to reduce build time. Try export FORCE_PREBUILT_LAMBDA=1
.
Examples
from aws_cdk.aws_ecr_assets import DockerImageAsset
image = DockerImageAsset(self, "CDKDockerImage",
directory=path.join(__dirname, "docker")
)
# Copy from cdk docker image asset to another ECR.
ecrdeploy.ECRDeployment(self, "DeployDockerImage1",
src=ecrdeploy.DockerImageName(image.image_uri),
dest=ecrdeploy.DockerImageName(f"{cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx:latest")
)
# Copy from docker registry to ECR.
ecrdeploy.ECRDeployment(self, "DeployDockerImage2",
src=ecrdeploy.DockerImageName("nginx:latest"),
dest=ecrdeploy.DockerImageName(f"{cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx2:latest")
)
# Copy from private docker registry to ECR.
# The format of secret in aws secrets manager must be plain text! e.g. <username>:<password>
ecrdeploy.ECRDeployment(self, "DeployDockerImage3",
src=ecrdeploy.DockerImageName("javacs3/nginx:latest", "username:password"),
# src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'aws-secrets-manager-secret-name'),
# src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'arn:aws:secretsmanager:us-west-2:000000000000:secret:id'),
dest=ecrdeploy.DockerImageName(f"{cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx3:latest")
).add_to_principal_policy(iam.PolicyStatement(
effect=iam.Effect.ALLOW,
actions=["secretsmanager:GetSecretValue"
],
resources=["*"]
))
Sample: test/example.ecr-deployment.ts
# Run the following command to try the sample.
NO_PREBUILT_LAMBDA=1 npx cdk deploy -a "npx ts-node -P tsconfig.dev.json --prefer-ts-exts test/example.ecr-deployment.ts"
API
Tech Details & Contribution
The core of this project relies on containers/image which is used by Skopeo. Please take a look at those projects before contribution.
To support a new docker image source(like docker tarball in s3), you need to implement image transport interface. You could take a look at docker-archive transport for a good start.
To test the lambda
folder, make test
.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for cdk_ecr_deployment-3.0.114.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 394dbf59417d43feaab410f2b5222c6e7d3993debc76a9a6e7be480dba33a9f7 |
|
MD5 | 31c0722c64d817806c0a56ec32115c0b |
|
BLAKE2b-256 | 9981c85ed96016959efdbb80ef6a70de42728e9fc93f2edc8fc76ac89980efaa |
Hashes for cdk_ecr_deployment-3.0.114-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 01d907d3bf261eb515b36cb3c487f58f7a738cb17975bd35e46a4394a0e1f160 |
|
MD5 | e81f4fad38192d89effc5e11fa7d552d |
|
BLAKE2b-256 | 6bacc4d3ca18a22cf3733134b38e30b2a366f7260eb8b1580c9dbf8faad66596 |