When running from the command line, to pull from a specific registry I can run these commands:
dockerCommand=$("aws ecr get-login --profile profileName --region us-west-2")
$dockerCommand (which looks like docker login -u AWS -p ..longPassword.. -e none https://ACCTID.dkr.ecr.us-west-2.amazonaws.com
docker pull ACCTID.dkr.ecr.us-west-2.amazonaws.com/REPO/NAME:TAGNAME
If I want a different registry, I change the region or profileName
Trying this with docker-py, I have
import boto3
import docker
dockerClient = docker.from_env()
session = boto3.setup_default_session(profile_name='vzw')
client = session.client('ecr', region_name='us-west-2')
token = client.get_authorization_token(registryIds=[registryId])
username = 'AWS'
password = token['authorizationData'][0]['authorizationToken']
registry = token['authorizationData'][0]['proxyEndpoint']
regClient = dockerClient.login(username, password, registry)
but the dockerClient
refuses the connection with:
bad username or password
From there, once that is working, I'll want to use a docker client pull/push to move the images between registries.
Is the the right direction or should I be trying to implement this entirely with shell scripts? (Python has been especially valuable for the boto calls to describe what is in each registry)
Best Answer
Login Fail
The signature of the function you are calling to login is:
Note the position of the
registry
parameter. It is fourth in the list. So your call of:Is passing your
registry
as theemail
sinceemail
is the third parameter. Suggest you change to something like:Python or shell?
Go with the Python.