■ はじめに
Amazon Elastic Container Registry (ECR) を、Terraform で作る。 なお、ECRについては、以下の関連記事を参照のこと。
Amazon ECR ~ 入門編 ~
https://dk521123.hatenablog.com/entry/2020/05/22/165711
Amazon ECR ~ 基本編 ~
https://dk521123.hatenablog.com/entry/2020/05/26/142645
目次
【1】公式ドキュメント 1)Resource: aws_ecr_repository 2)Resource: aws_ecr_lifecycle_policy 【2】サンプル 【3】AWS ECR あれこれ 1)コンテナイメージを push するには
【1】公式ドキュメント
1)Resource: aws_ecr_repository
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository
2)Resource: aws_ecr_lifecycle_policy
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_lifecycle_policy
【2】サンプル
resource "aws_ecr_repository" "demo_ecr_repository" { name = "demo-ecr-repository" # The tag mutability setting for the repository. # MUTABLE or IMMUTABLE image_tag_mutability = "MUTABLE" image_scanning_configuration { scan_on_push = true } }
【3】AWS ECR あれこれ
1)コンテナイメージを push するには
https://qiita.com/hayaosato/items/d6049cf68c84a26845d2
の null_resource が使えそう
null_resource
https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource
# パラメータ locals { aws_region= "us-west-2" server_name = "xxx.xxx.us-west-2.amazonaws.com" image_name = "hello-world-ecr-repository" docker_dir = "." } # コンテナイメージを push する resource "null_resource" "default" { # Step1: ECRにログインする # About "get-login-password", see https://awscli.amazonaws.com/v2/documentation/api/2.0.34/reference/ecr/get-login-password.html # About "aws ecr get-login", see https://docs.docker.jp/engine/reference/commandline/build.html provisioner "local-exec" { command = "$(aws ecr get-login --region ${local.aws_region} | docker login --username AWS --password-stdin ${local.server_name})" } # Step2: 作成したDockerfileをビルドする # About "docker build", see https://docs.docker.jp/engine/reference/commandline/build.html provisioner "local-exec" { command = "docker build -t ${local.image_name} ${local.docker_dir}" } # Step3: タグづけする # About "docker tag", see https://docs.docker.jp/engine/reference/commandline/tag.html provisioner "local-exec" { command = "docker tag ${local.image_name}:latest ${aws_ecr_repository.demo_ecr_repository.repository_url}" } # Step4: ECRにプッシュする # About "docker push", see https://docs.docker.jp/engine/reference/commandline/push.html provisioner "local-exec" { command = "docker push ${aws_ecr_repository.demo_ecr_repository.repository_url}" } }
参考文献
https://book.st-hakky.com/docs/infra-terraform-aws-ecr/
関連記事
Terraform ~ 環境構築編 ~
https://dk521123.hatenablog.com/entry/2023/04/05/000224
Terraform ~ 入門編 ~
https://dk521123.hatenablog.com/entry/2019/12/09/222057
Terraform ~ 基本編 ~
https://dk521123.hatenablog.com/entry/2023/05/03/000000
Terraform ~ 基本編 / Module ~
https://dk521123.hatenablog.com/entry/2023/05/19/113544
Terraform ~ Terraformあれこれ ~
https://dk521123.hatenablog.com/entry/2023/05/15/205352
Terraform ~ AWS S3 ~
https://dk521123.hatenablog.com/entry/2023/04/09/104204
Terraform ~ AWS IAM ~
https://dk521123.hatenablog.com/entry/2023/04/12/214311
Terraform ~ AWS Glue ~
https://dk521123.hatenablog.com/entry/2023/04/08/220411
Terraform ~ AWS Secrets Manager ~
https://dk521123.hatenablog.com/entry/2023/04/11/152801
Terraform ~ AWS CloudWatch ~
https://dk521123.hatenablog.com/entry/2023/05/17/123335
Terraform ~ AWS EC2 ~
https://dk521123.hatenablog.com/entry/2023/05/21/003048
Amazon ECR ~ 入門編 ~
https://dk521123.hatenablog.com/entry/2020/05/22/165711
Amazon ECR ~ 基本編 ~
https://dk521123.hatenablog.com/entry/2020/05/26/142645
Amazon ECR でのトラブルシューティング
https://dk521123.hatenablog.com/entry/2020/05/24/000000
Docker ~ 基本編 / レポジトリに関するコマンド ~
https://dk521123.hatenablog.com/entry/2023/01/21/000000