-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to push using kaniko #2
Comments
Hey @shreera1 , which version of Kaniko are you using? There was an issue in v1.19.0 and 1.19.1 that prevented Kaniko from pushing to ECR but that was fixed in 1.19.2. GoogleContainerTools/kaniko#2882 This Task Definition has just worked ok for me:
Note the |
Hi @ollypom, Thanks for your reply. Apologies, my question was not well phrased. I am using an IAM role, specifically a role that is developed for github actions (https://aws.amazon.com/blogs/security/use-iam-roles-to-connect-github-actions-to-actions-in-aws/). I am also configuring aws-credentials using the following
So, my CI image does not have the aws credentials file that is required for kaniko to authenticate. Do you have any suggestions how I can avoid passing AWS_ credentials as environment variables? |
Interesting. Are you using Fargate to run Kaniko or are you instead running Kaniko on a GH (self)hosted Runner as the next step in your pipeline? |
I am using FARGATE to run kaniko.. |
Ah ok, sorry needed to clarify. I feel like I'm missing something. Are you using the GH action to create / register the Task Definition (passing in the environment variables) or are you using the GH action to run a task (passing in variables as a container override)? |
Aah. My bad, let me share the complete flow so maybe you can have a better idea.
|
Hi @ollypom
I went over the very detailed and helpful tutorial https://aws.amazon.com/blogs/containers/building-container-images-on-amazon-ecs-on-aws-fargate/, but I am unable to push a docker image present on a private github repo using kaniko present in an ECR repository. However, I was able to push if I pass AWS_ACCESS_KEY_ID, AWS_SESSION_TOKEN and AWS_SECRET_ACCESS_KEY as environment variables.
I want to remove those env variables in the ecs task definition file and successfully push. I am getting the following error:
401 Unuathorized. Any help will be appreciated.Thanks
The text was updated successfully, but these errors were encountered: