##[错误]被拒绝:将 docker 图像推送到 AWS ECR 时未授权

##[error]denied: Not Authorized when pushing docker image to AWS ECR

我正在尝试将我的 Docker 图像推送到 AWS ECR,但在尝试这样做时我得到了 Not Authorized

我已将所有必需的变量设置为 Azure DevOps 中的变量,这正是我正在使用的。所以我不确定为什么它没有获得正确的身份验证。

这是我的 YAML 代码:

trigger:
- main

pool:
  vmImage: ubuntu-latest
strategy:
  matrix:
    Python38:
      python.version: '3.8'

steps:
- task: UsePythonVersion@0
  inputs:
    versionSpec: '$(python.version)'
  displayName: 'Use Python $(python.version)'

- script: |
    python -m pip install --upgrade pip
    python -m pip install --upgrade pip requests os smtplib datetime
    pip install -r requirements.txt
  displayName: 'Install dependencies'

- task: CopyFiles@2
  inputs:
    SourceFolder: 
    Contents: '*'
    TargetFolder: $(build.artifactstagingdirectory)

- task: ArchiveFiles@2
  inputs:
    rootFolderOrFile: '$(build.artifactstagingdirectory)'
    includeRootFolder: true
    archiveType: 'zip'
    archiveFile: '$(Build.ArtifactStagingDirectory)/project.zip'
    replaceExistingArchive: true

- task: S3Upload@1
  inputs:
    awsCredentials: 'weather'
    regionName: 'us-west-2'
    bucketName: 'weather-update-project-bucket'
    sourceFolder: '$(build.artifactstagingdirectory)'
    globExpressions: '*project.zip*'
    targetFolder: 'python'
    createBucket: true

- script: |
    aws ecr get-login-password --region $(AWS_REGION) | docker login --username AWS --password-stdin $(AWS_ACCOUNT_ID).dkr.ecr.$(AWS_REGION).amazonaws.com
  displayName: 'Login to AWS'
  env:
    AWS_ACCESS_KEY_ID: $(AWS_ACCESS_KEY_ID)
    AWS_SECRET_ACCESS_KEY: $(AWS_SECRET_ACCESS_KEY)

- task: Docker@2
  inputs:
    repository: 'public.ecr.aws/u1c1h9j4/weather-update-project'
    command: 'buildAndPush'
    Dockerfile: '**/Dockerfile'
    tags: 'latest'

最好使用 Amazon ECR Push task 而不是常规的 Docker 推送。

首先,使用Docker@2构建镜像:

- task: Docker@2
  displayName: Build an image
  inputs:
    command: build
    dockerfile: '**/Dockerfile'
    buildContext: '$(Build.SourcesDirectory)'
    tags: 'latest'

之后,用ECRPushImage@1推送:

- task: ECRPushImage@1
  inputs:
    awsCredentials: 'weather'
    regionName: us-west-2
    imageSource: 'imagename'
    sourceImageName: 'YOUR-IAMGE-NAME'
    sourceImageTag: 'latest'
    pushTag: 'latest'
    repositoryName: 'YOUR-AWS-ECR-REPO'