Score:0

Elastic Beanstalk: Authentication does not work?

kr flag

I'm trying my best to connect my ECS instance to a private registry in gitlab. I've uploaded a .dockercfg file to a bucket in the same region as main EB environment and referenced it as described in the docs:

{
    "AWSEBDockerrunVersion": 2,
    "authentication": {
        "bucket": "xxxx",
        "key": ".dockercfg"
    },
    "volumes": [
        {
            "name": "redis",
            "host": {
                "sourcePath": "/var/app/volumes/redis"
            }
        }
    ],
    "containerDefinitions": [
        {
            "name": "core",
            "image": "registry.gitlab.com/newsletter3/newsletter:latest",
            "hostname": "core",
            "essential": true,
            "portMappings": [
                {
                    "hostPort": 80,
                    "containerPort": 8012
                }
            ],
            "links": ["redis"],
            "memory": 600
        },
        {
            "name": "redis",
            "image": "redis:6.2-alpine",
            "hostname": "redis",
            "essential": true,
            "memory": 300,
            "portMappings": [
                {
                    "hostPort": 6379,
                    "containerPort": 6379
                }
            ],
            "mountPoints": [
                {
                    "sourceVolume": "redis",
                    "containerPath": "/cache",
                    "readOnly": false
                }
            ]
        }
    ]
}

I've created my .docker cfg file by creating a new deploy token and encoding it with base64.

echo “AWS:GYqZmZxxxxxxxxxx” | tr -d “\n” | base64

And the resulting file looks like this:

{
    "registry.gitlab.com": {
        "auth": "xxxxNWQK"
    }
}

I've also tried a second format with an encloding "auths" object (the way docker stores config.json).

No matter what I try, I keep seeing errors like this:

level=error time=2022-05-10T20:56:28Z msg="DockerGoClient: failed to pull image registry.gitlab.com/xxxx/xxxx: [CannotPullContainerError] Error response from daemon: Head "https://registry.gitlab.com/v2/xxx/xxxx/manifests/latest": unauthorized: HTTP Basic: Access denied" module=docker_client.go

I also searched the docs for any reference of elastic beanstalk downloading my authentication file from the s3 bucket but was not able to find any reference.

I'm not sure if the docs are outdated and the "authentication" option does not exist anymore.

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.