Open juventus18 opened 5 months ago
I've been digging into this for hours and, of course, I figured a workaround just minutes after posting... I can use two targets to get the desired behavior:
"build-container": {
"executor": "@nx-tools/nx-container:build",
"options": {
"engine": "docker",
"push": false,
"metadata": {
"images": [
"my-project/my-app"
],
"load": true,
"tags": [
"latest",
"type=schedule",
"type=ref,event=branch",
"type=ref,event=tag",
"type=ref,event=pr",
"type=semver,pattern={{version}}",
"type=semver,pattern={{major}}.{{minor}}",
"type=semver,pattern={{major}}",
"type=sha,prefix=sha-"
]
}
}
},
"publish-container": {
"executor": "@nx-tools/nx-container:build",
"dependsOn": [
"@my-project/source:ecr-login",
"build-container"
],
"options": {
"engine": "docker",
"push": true,
"metadata": {
"images": [
"$AWS_CONTAINER_IMAGE_REGISTRY/my-project/my-app"
],
"load": false,
"tags": [
"latest",
"type=schedule",
"type=ref,event=branch",
"type=ref,event=tag",
"type=ref,event=pr",
"type=semver,pattern={{version}}",
"type=semver,pattern={{major}}.{{minor}}",
"type=semver,pattern={{major}}",
"type=sha,prefix=sha-"
]
}
}
}
Only downside is the container has to be built twice. Even with caching it takes a little time, but it's not a big deal. Still seems unwanted behavior to push to a repo I didn't specify in the image name, but maybe that's a feature instead of bug...
@juventus18 why not just use build-container
and set:
"$AWS_CONTAINER_IMAGE_REGISTRY/my-project/my-app"
"dependsOn": [ "@my-project/source:ecr-login",],
"push": true,
And your build should be fine IMO
Hey @juventus18!
To achieve what you did, we did something like this in our GH Actions deploy workflow file:
- name: Login to Amazon ECR
id: ecr-login
uses: aws-actions/amazon-ecr-login@v2
- '...'
- name: Build and push images
run: yarn nx affected --target=build:container
env:
INPUT_BUILD_ARGS: |
A_BUILD_ARG=build_arg_value
INPUT_YOUR_FIRST_APP_NAME_TAGS: '${{ steps.ecr-login.outputs.registry }}/first-app-name:latest'
INPUT_YOUR_OTHER_APP_NAME_TAGS: '${{ steps.ecr-login.outputs.registry }}/other-app-name:latest'
INPUT_GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}'
INPUT_PLATFORMS: 'linux/amd64'
INPUT_PUSH: true
Basically, you can use env variables to override target options from your projects' project.json
files. Hope it helps. 🙂
@juventus18 why not just use
build-container
and set:
- the image name to
"$AWS_CONTAINER_IMAGE_REGISTRY/my-project/my-app"
"dependsOn": [ "@my-project/source:ecr-login",],
"push": true,
And your build should be fine IMO
yeah, thats what I did. My complaint is that if I want to push the image to AWS ECR and have the image available locally, I can't do it in one step. When attempting to do so, the plugin also attempts to push to dockerhub repo (even though I didn't specify that), thus causing the task to fail.
Basically, you can use env variables to override target options from your projects'
project.json
files. Hope it helps. 🙂
thanks for the tip, but I did get it working ok otherwise. My main complaint is that the plugin attempts to push to dockerhub even when it has not been specified in the configuration (using my first configuration, I have specified AWS ECR, but not dockerhub). I think this is unexpected behavior.
I'm trying to push my built images to a private container repository. The action keeps failing because it attempts to push to a docker.io registry in addition to my AWS ECR. I don't have a docker.io repo and do not wish to create one. I only want to push to my AWS ECR. Here's the relevant part from my Nx
project.json
The task fails when attempting to push to
docker.io
(but I don't want it to push there). Here's some of the console output:If I omit the base image name, the task properly pushes to my AWS ECR, but I no longer have the simple name available in my Docker Desktop (i.e. the image name is prefixed with the AWS ECR URL):
Is there any way to skip attempting to push to docker.io?