description |
---|
Build and push a Docker image from Azure DevOps to the AWS Elastic Container Registry (ECR) |
Use DuploCloud service account authentication to build and push a Docker image from Azure DevOps to the AWS Elastic Container Registry (ECR). You can use ECR regardless of where your app is hosted.
{% hint style="info" %} Avoid using capital letters when referencing a DuploCloud construct, such as a Tenant, even when the UI displays the string as all capital letters. Don't specify DEV01 for example, specify dev01. {% endhint %}
To build a Docker image and push it to the ECR, use a pipeline script. The script:
- Logs you into AWS ECR, using Just-In-Time credentials from DuploCloud.
- Builds and tags the Docker image. The tag name is based on the
git commit
SHA (Simple Hashing Algorithm). - Pushes the Docker image to the ECR.
Here is an example Azure DevOps pipeline that builds a Docker image and pushes it to ECR.
Test and code coverage steps are commented to aid in getting started quickly with .NET apps. you can remove them for clarity.
DUPLO_TOKEN
,DUPLO_HOST
, andECR_BASE
need to be pre-configured in the Azure DevOps variable group namedduplocloud-secrets
.- The ECR must have the same name as the Azure DevOps repo being built. Modify the name of the ECR, if needed.
- A
Dockerfile
must exist for the application in yoursrc
folder
These prerequisites can be customized to fit existing pipelines and conventions for passing YAML attribute values. Test and code coverage steps are included for illustration purposes. They are not required to publish an image to an ECR.
trigger:
batch: true
branches:
include:
- develop
pool:
vmImage: 'ubuntu-22.04'
variables:
- group: duplocloud-secrets
- name: solution
value: '**/*.sln'
- name: buildPlatform
value: 'Any CPU'
- name: buildConfiguration
value: 'Release'
steps:
- task: DotNetCoreCLI@2
displayName: 'dotnet test'
inputs:
command: 'test'
arguments: '--configuration $(buildConfiguration) --collect:"XPlat Code Coverage" -- DataCollectionRunSettings.DataCollectors.DataCollector.Configuration.Format=cobertura'
publishTestResults: true
projects: '**/*Tests.csproj'
- task: PublishCodeCoverageResults@1
displayName: 'Publish code coverage report'
inputs:
codeCoverageTool: 'Cobertura'
summaryFileLocation: '$(Agent.TempDirectory)/**/coverage.cobertura.xml'
- script: |
export token=$(DUPLO_TOKEN)
export host=$(DUPLO_HOST)
export ecr_base=$(ECR_BASE)
pip install duplocloud-client
duploctl --host=$host --token=$(DUPLO_TOKEN) jit aws -q "{AWS_ACCESS_KEY_ID: AccessKeyId, AWS_SECRET_ACCESS_KEY: SecretAccessKey, AWS_SESSION_TOKEN: SessionToken, AWS_REGION: Region}" -o env > duplo.env
export $(xargs <duplo.env)
aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin $ecr_base
displayName: Authenticate to ECR
- script: |
cd src
docker build -t $(Build.Repository.Name) .
export shortHash=${BUILD_SOURCEVERSION:0:8}
export ecr_base=$(ECR_BASE)
docker tag $(Build.Repository.Name):latest $ecr_base/$(Build.Repository.Name):$(Build.BuildId)
docker tag $(Build.Repository.Name):latest $ecr_base/$(Build.Repository.Name):$(Build.SourceBranchName)
docker tag $(Build.Repository.Name):latest $ecr_base/$(Build.Repository.Name):$shortHash
docker push $ecr_base/$(Build.Repository.Name):$(Build.BuildId)
docker push $ecr_base/$(Build.Repository.Name):$(Build.SourceBranchName)
docker push $ecr_base/$(Build.Repository.Name):$shortHash
displayName: Build and Push
\