How to pull docker image from ECR in Githubactions

Asked 3/11, 2022 at 15:39 Answered 1/4 at 22:45

docker github-actions amazon-ecr building-github-actions

I'm trying to pull docker image from ECR and deploy it on ec2 instance. However it's throwing an error like

docker pull  $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG

======END======
err: invalid reference format
2022/11/03 15:31:54 Process exited with status 1

My yml file is:

name: Docker Image CI

on:
  push:
    branches: [ "main" ]

jobs:

  build:
    runs-on: ubuntu-latest

    steps:
    - uses: actions/checkout@v3
    - name: Configure AWS credentials
      uses: aws-actions/configure-aws-credentials@v1
      with:
        aws-access-key-id: ${{ secrets.TF_USER_AWS_KEY }}
        aws-secret-access-key: ${{ secrets.TF_USER_AWS_SECRET }}
        aws-region: us-east-1

    - name: Login to Amazon ECR
      id: login-ecr
      uses: aws-actions/amazon-ecr-login@v1

    - name: Build, tag, and push image to Amazon ECR
      env:
        ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
        ECR_REPOSITORY: githubactions
        IMAGE_TAG: githubactions_image
      run: |
        docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
        docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
    - name: Docker pull & run from github
      uses: appleboy/ssh-action@master
      with:
        host: ec2-3-86-102-151.compute-1.amazonaws.com
        username: ec2-user
        key: ${{ secrets.ACTIONS_PRIVATE_KEY }}
        envs: GITHUB_SHA
        script: |
            docker pull  $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG

I spent a lot of time and I can't really understand what's wrong. Any idea really appreciated.

Toadinthehole answered 3/11, 2022 at 15:39 Comment(0)

Your issue is with the env vars. You are confusing the GitHub server to the ec2 server.

The env var you mention in the GitHub YAML do no exist on the remote machine (ec2). The cmd docker pull $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG is failing because the remote machine (ec2) do not know about your GitHub env vars.

From the docs here you can see that there is an easy built-in way to pass it to the ec2 instance:

  - name: pass environment
    uses: appleboy/ssh-action@master
+   env:
+     FOO: "BAR"
+     BAR: "FOO"
+     SHA: ${{ github.sha }}
    with:
      host: ${{ secrets.HOST }}
      username: ${{ secrets.USERNAME }}
      key: ${{ secrets.KEY }}
      port: ${{ secrets.PORT }}
+     envs: FOO,BAR,SHA
      script: |
        echo "I am $FOO"
        echo "I am $BAR"
        echo "sha: $SHA"

Tayler answered 17/11, 2022 at 21:23 Comment(0)

I would first add an ls and echo:

      run: |
        pwd
        ls -arth
        echo "docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG ."
        docker ...

That way, I would check if I am in the right folder (with a Dockerfile in it), and if all variables are indeed valued.

If you see <aregistry>/<arepo>: (meaning no tag), the final ':' might be enough to trigger the error message.
That or:

the name use the wrong hyphen '-' as in this issue.
the image name has an invalid character like a \
the image name uses the wrong syntax

Unprepared answered 4/11, 2022 at 7:1 Comment(8)

Here dockerfile is there on my github repo and for that repo trying to build and push to ECR. And later need to deploy on new EC2 instance. – Toadinthehole 4/11, 2022 at 7:31

@Toadinthehole OK, what does the echo show? – Unprepared 4/11, 2022 at 7:36

out: docker build -t /: . – Toadinthehole 4/11, 2022 at 8:56

@Toadinthehole So your variables are empty, which explains the error message. – Unprepared 4/11, 2022 at 9:18

Yes..How can i use/define variable already define in the jobs section( ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}) – Toadinthehole 4/11, 2022 at 10:2

without using export ECR_REGISTRY="***.dkr.ecr.us-east-1.amazonaws.com" command – Toadinthehole 4/11, 2022 at 10:3

@Toadinthehole Check first why steps.login-ecr.outputs.registry is empty – Unprepared 4/11, 2022 at 10:21

It's not empty...it's a URI of ECR repo ECR_REGISTRY: ***.dkr.ecr.us-east-1.amazonaws.com – Toadinthehole 4/11, 2022 at 12:49

-2

I understand your situation. I also faced the same error. You just need to change the code as follows:

- name: Pull latest images
    
  env:
    ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
    ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY_NAME }}
    IMAGE_TAG: latest
  run: |
    docker pull $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG

(YAML file screenshot)

You can remove other commands. "invalid reference" means the code that you are written is not in the correct format. The code for build and push image is working properly for you. You just need to adopt same type of coding for pulling the image also.

Allowance answered 1/4 at 22:45 Comment(3)

Note: the image and the text do not show the same YAML (the indentation is different). Incidentally, we discourage images of text here: they're not compatible with clipboards, search-engine robots, and screen readers. – Newsy 3/4 at 19:35

could you please mention where is that indendation probleme and what issue you faced, it is working fine with me. – Allowance 4/4 at 18:29

I have repaired the indentation myself. The docker line is slightly mis-indented in the image, but that looks like an accident; I assume it still works. – Newsy 4/4 at 19:12

Recommended topics

Hot tags