我已经编写了地形文件来创建ecr repo并构建docker映像并将其推送到ecr repo,并且在构建参数中我已经给出了github令牌,该令牌已被创建为github动作秘密。目的是在terraform中提到的构建参数必须从githubaction秘密中选择令牌。
data "aws_caller_identity" "current" {}
locals {
account_id = data.aws_caller_identity.current.account_id
ecr_repo_name = "ecr-repo"
ecr_image_tag = "latest"
}
resource "aws_ecr_repository" "repo" {
name = local.ecr_repo_name
}
resource "null_resource" "ecr_image" {
triggers = {
docker_file = md5(file("${path.module}/../docker/Dockerfile"))
}
provisioner "local-exec" {
command = <<EOF
aws ecr get-login-password --region eu-west-1 | docker login --username AWS --password-stdin ${local.account_id}.dkr.ecr.eu-west-1.amazonaws.com
cd ${path.module}/../docker
docker build -t ${aws_ecr_repository.repo.repository_url}:${local.ecr_image_tag} --build-arg cms_git_token="${{ secrets.CMS_GIT_TOKEN }}" .
docker images
docker push ${aws_ecr_repository.repo.repository_url}:${local.ecr_image_tag}
EOF
}
}
When I run this terraform code I am getting error like "Error: local-exec provisioner error" can anyone help me on this.
Error: local-exec provisioner error
│
│ with null_resource.ecr_image,
│ on ecr.tf line 14, in resource "null_resource" "ecr_image":
│ 14: provisioner "local-exec" {
│
│ Error running command ' aws ecr get-login***
│ eu-west-1 | docker login --username AWS --password-stdin
│ ***.dkr.ecr.eu-west-1.amazonaws.com
│ cd ./../src
│ docker build -t ***.dkr.ecr.eu-west-1.amazonaws.com/retention-analysis-repo:latest .
│ docker images
│ docker push ***.dkr.ecr.eu-west-1.amazonaws.com/retention-analysis-repo:latest
│ ': exit status 1. Output: WARNING! Your password will be stored unencrypted
│ in /home/runner/.docker/config.json.
│ Configure a credential helper to remove this warning. See
│ https://docs.docker.com/engine/reference/commandline/login/#credentials-store
@Rajeev,试试这个,为我工作
resource "null_resource" "ecr_image" {
depends_on = [aws_ecr_repository.repo]
triggers = {
docker_file = md5(file("${path.module}/../../DOCKER/docker-sample-nginx/Dockerfile"))
}
provisioner "local-exec" {
interpreter = ["/bin/bash" ,"-c"]
command = "docker images && docker build -t ${aws_ecr_repository.repo.repository_url}:v1 ${path.module}/../../DOCKER/docker-sample-nginx/ && docker images && docker login --username AWS --password `aws ecr get-login-password --region us-east-1` 1####99292.dkr.ecr.us-east-1.amazonaws.com && docker push ${aws_ecr_repository.repo.repository_url}:v1"
}
}