search

CircleCI-Public / aws-ecs-orb

An orb that simplifies deployment to Amazon's Elastic Container Service (ECS). Supports both EC2 and Fargate launch types.
https://circleci.com/orbs/registry/orb/circleci/aws-ecs
MIT License
51 stars 80 forks source link

Allow passing DockerHub credentials #114

Closed blimmer closed 4 years ago

blimmer commented 4 years ago

What would you like to be added

We'll need a way to pass the auth block to the docker configuration parameter (docs). I see that you can customize the docker image, but you can't pass auth credentials: https://github.com/CircleCI-Public/aws-ecs-orb/blob/0f7fce6f951ff6ccdcf76538efa781eef9efb5f0/src/orb.yml.hbs#L390-L391

Why is this needed

Starting November 1, 2020, DockerHub will begin rate-limiting image pulls from DockerHub. Users need a way to pass their DockerHub credentials to avoid the rate limit. Without providing this configuration option, deployments from CircleCI will be impacted.

Workaround

I was able to work around this by recreating the steps from the job:

deploy-service-update:
  # Use upstream image
  # https://github.com/CircleCI-Public/aws-ecs-orb/blob/0f7fce6f951ff6ccdcf76538efa781eef9efb5f0/src/orb.yml.hbs#L181-L185
  docker:
    - image: circleci/python:3.7.1
      # !!! This is the important part that I can't do today
      auth:
        username: $DOCKERHUB_USERNAME
        password: $DOCKERHUB_ACCESS_TOKEN
  steps:
    - aws-cli/install
    - aws-cli/setup
    - aws-ecs/update-service:
        cluster-name: "my-cluster"
        service-name: "my-service"
        family: "MyTaskDef"
        container-image-name-updates: "container=service,tag=my-service-${CIRCLE_SHA1}"

However, a parameter would be nice to use instead.

gmemstr commented 4 years ago

CircleCI has partnered with Docker Hub and will not be subject to rate limiting - you can read more here: https://support.circleci.com/hc/en-us/articles/360050623311-Docker-Hub-rate-limiting-FAQ