search

aws / containers-roadmap

This is the public roadmap for AWS container services (ECS, ECR, Fargate, and EKS).
https://aws.amazon.com/about-aws/whats-new/containers/
Other
5.2k stars 316 forks source link

[ECR] Make prefix optional on pull through caches #2096

Open yob opened 1 year ago

yob commented 1 year ago

Community Note

Tell us about your request When configuring an ECR pull through cache for public.ecr.aws, we're forced to set a namespace prefix. For example public.ecr.aws/datadog/agent:7.46.0 might gain an ecr-public prefix and become <account_id>.dkr.ecr.us-east-1.amazonaws.com/ecr-public/datadog/agent:7.46.0.

This is a hassle because a number of tools in the docker ecosystem (like buildkit) support auto mapping of registry hosts (like public.ecr.aws to <account_id>.dkr.ecr.us-east-1.amazonaws.com), but they don't support automatically adding a prefix to the image reference.

As a result, we must change our Dockerfiles and docker-compose.ymls to use the pull through cache images explicitly. It would be super nice if we could leave them referencing public.ecr.aws/datadog/agent:7.46.0 and the mapping could happen under the hood. This would be possible if the ecr-public prefix was made optional.

This would be particularly helpful because it would leave the Dockerfile and docker-compose.yml in a shape that works for unauthenticated users on local machines.

Which service(s) is this request for? ECR

Are you currently working around this issue? We are changing Dockerfile and docker-compose.ymlto use the private ECR reference, but it requires users to login locally, and it prevents tools like dependabot from being able to update the files (they don't have access to our private ECR).

Kurt-Larson commented 3 months ago

All I see here is the title of the Issue. That doesn't adequately describe the request to ECR, i.e. what the OP wants ECR to do. Can someone please explain what the gist of the request is or explain what the title means?