The Wayback Machine - https://web.archive.org/web/20201110184038/https://github.com/GoogleContainerTools/jib/issues/2814
Skip to content

/ jib

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set environment variables for credHelper #2814

Open
EugenDueck opened this issue Oct 9, 2020 · 2 comments
Open

Set environment variables for credHelper #2814

EugenDueck opened this issue Oct 9, 2020 · 2 comments
Labels
good first issue

Comments

@EugenDueck
Copy link

@EugenDueck EugenDueck commented Oct 9, 2020
edited

I want to use the "ecr-login" credHelper for both from and to, but I need to use different environment variables (AWS_PROFILE in my case), because the IAM is different in each case. If it is possible somehow, I would like to know, and if not, I would like to request this feature (just like e.g. environment can be set for dockerClient).

As a workaround, I will now try to run the credHelper manually and pass in username/password values via system properties (-Djib.to.auth.username=...)
@EugenDueck EugenDueck mentioned this issue Oct 9, 2020
Closed
@chanseokoh
Copy link
Member

@chanseokoh chanseokoh commented Oct 12, 2020
edited

This is an interesting use case.

As another coarse workaround, you can write two wrapper scripts ecr-login-foo and ecr-login-bar (probably OK to have a .sh suffix) that just sets AWS_PROFILE and delegates to ecr-login. For example,

#!/bin/sh

AWS_PROFILE=profile-foo
exec docker-credential-ecr-login $*  # "exec" is not really required; I just do it to replace the sh process.

Then having jib.{from|to}.credHelper='ecr-login-foo' will probably work. Still ugly. Just an idea.
@EugenDueck
Copy link
Author

@EugenDueck EugenDueck commented Oct 13, 2020
edited

@chanseokoh Thanks for the idea - I ended up being able to push the base image into the same ecr registry as the output image. So problem solved for me, but by working around it. But I think this is a valid, if not that common, use case, so I would like to leave this as a feature request.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
good first issue
2 participants
@EugenDueck @chanseokoh
You can’t perform that action at this time.