CDK construct to deploy docker image to Amazon ECR
Project description
cdk-ecr-deployment
CDK construct to synchronize single docker image between docker registries.
Only use v3 of this package
⚠️ Version 2.* is no longer supported, as the Go.1.x runtime is no longer supported in AWS Lambda.
⚠️ Version 1.* is no longer supported, as CDK v1 has reached the end-of-life
stage.
Features
- Copy image from ECR/external registry to (another) ECR/external registry
- Copy an archive tarball image from s3 to ECR/external registry
Environment variables
Enable flags: true
, 1
. e.g. export CI=1
CI
indicate if it's CI environment. This flag will enable building lambda from scratch.NO_PREBUILT_LAMBDA
disable using prebuilt lambda.FORCE_PREBUILT_LAMBDA
force using prebuilt lambda.
⚠️ If you want to force using prebuilt lambda in CI environment to reduce build time. Try export FORCE_PREBUILT_LAMBDA=1
.
Examples
from aws_cdk.aws_ecr_assets import DockerImageAsset
image = DockerImageAsset(self, "CDKDockerImage",
directory=path.join(__dirname, "docker")
)
# Copy from cdk docker image asset to another ECR.
ecrdeploy.ECRDeployment(self, "DeployDockerImage1",
src=ecrdeploy.DockerImageName(image.image_uri),
dest=ecrdeploy.DockerImageName(f"{cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx:latest")
)
# Copy from docker registry to ECR.
ecrdeploy.ECRDeployment(self, "DeployDockerImage2",
src=ecrdeploy.DockerImageName("nginx:latest"),
dest=ecrdeploy.DockerImageName(f"{cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx2:latest")
)
# Copy from private docker registry to ECR.
# The format of secret in aws secrets manager must be plain text! e.g. <username>:<password>
ecrdeploy.ECRDeployment(self, "DeployDockerImage3",
src=ecrdeploy.DockerImageName("javacs3/nginx:latest", "username:password"),
# src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'aws-secrets-manager-secret-name'),
# src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'arn:aws:secretsmanager:us-west-2:000000000000:secret:id'),
dest=ecrdeploy.DockerImageName(f"{cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx3:latest")
).add_to_principal_policy(iam.PolicyStatement(
effect=iam.Effect.ALLOW,
actions=["secretsmanager:GetSecretValue"
],
resources=["*"]
))
Sample: test/example.ecr-deployment.ts
# Run the following command to try the sample.
NO_PREBUILT_LAMBDA=1 npx cdk deploy -a "npx ts-node -P tsconfig.dev.json --prefer-ts-exts test/example.ecr-deployment.ts"
API
Tech Details & Contribution
The core of this project relies on containers/image which is used by Skopeo. Please take a look at those projects before contribution.
To support a new docker image source(like docker tarball in s3), you need to implement image transport interface. You could take a look at docker-archive transport for a good start.
To test the lambda
folder, make test
.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for cdk_ecr_deployment-3.0.127.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | fdb547fec7b6dd6a0a044cfd7c2ad8ebef347f8d7e6dbbee641ad886c2d5001c |
|
MD5 | 0d9ae7ad3ee7751a5b3f3ab1375d6581 |
|
BLAKE2b-256 | 16bfd9897264ccb7d5eb107038628c54995b6f1a786f461398799918aef4e612 |
Hashes for cdk_ecr_deployment-3.0.127-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 6a3a8f5c5f01bba7bb8c363d83c1f3ff54dc29cc8d2e889935aee10033169381 |
|
MD5 | 6494b30290241ac368bd2d7728f16b08 |
|
BLAKE2b-256 | 11b6392d7b4cca559aaef0a7fa651106980c336521b74b8bfaa4b93770b0b085 |