I have configured my ECR as an external package feed on Octopus.
I haven’t found many integrations with ECR online so I’ve decided to go with Fabfuel’s approach and use this library: https://github.com/fabfuel/ecs-deploy
The plan is to have ECS Deploy run as a script on the Octopus Server itself and update all services/task definitions.
The script looks like this: ecs deploy $Cluster $Service --tag $OctopusParameters[‘Octopus.Action.Package.PackageVersion’]
Now what I’d like to do is associate my Project with the repository, either by the package id or some other way, so I new tags are identified when creating new releases in Octopus.
Is there any way I can do this?
Also when configuring the package feed in my step I’m getting this error:
The step failed: Activity failed with error ‘The Docker Registry v2 ‘AWS EC2 Container Service’ at https://someurl.amazonaws.com does not support downloading packages on the Octopus Server.’
Thanks for getting in touch.
Regarding ECS/ECR support, my suspicion is that you’re running into login issues, which are popping up as the “does not support downloading packages” error. We’ve got some documentation on ECS at the following URL
This notes that ECR logins expire in 12 hours and as yet we have no first-class support for renewing these logins automatically - which makes working with ECS/ECR a little problematic.
I’m running up a lab at the moment to confirm my suspicions, but obviously that’s going to take a little while.
Thanks for your reply.
You’re right the error is documented and it refers to downloading packages into the Octopus Server (and not a tentacle).
Since in my case I just want Octopus to create new task definitions and update the services on a specific cluster on ECS - I assume that an alternative would be installing a tentacle in the Octopus server itself (seems a bit of a hack tho).
Is there any way that I can create a custom script template that associates my Project with a package/ECRrepository (without downloading it) and then running my powershell script?
In theory, Octopus can run any PowerShell you care to write, so a custom step could work for you. You’d just need the AWS Powershell Tools installed on the server or tentacle/target, and an IAM key pair stored as sensitive variables. Then you can use
Get-ECRAuthorizationToken to initiate the auth process and go from there.
Most of the docunentation seems to be aimed at the cli tools rather than powershell, but it looks like all the major operations are supported.