Using External Feed in ECS Deploy step


I have a deployment that makes use of the ECS Deploy step, all the configuration seems good but when it deploys to ECS, the task keeps stopping with the following error message:

STOPPED (CannotPullContainerError: inspect image has been retried 1 time(s): failed to resolve ref " xxxxxxx . jfrog . io/yyyyyyy/zzzzzzz": failed to authorize: failed to fetch anonymous token: unexpected status: 401)

I thought that the package/image would be pulled by the Octopus Tentacle or something like that, if it isn’t the case, how can I add the authorization keys for pulling the image in the task?

Thanks in advance.

Hi @andres.carcamo,

Thanks for reaching out on our community forum. Have you added your artifactory NuGet feed to Octopus as an external feed? If not, you need to add the feed in your Octopus Library, and there you could specify the required credentials to pull images. If you are using a pull command in a private repo without specifying any creds, that is likely why you see the 401 unauthorized errors.

The document linked above should help you set up the external feed and get you moving.

Let us know how you progress.


Hello @brent_kinney

Thanks for the response. Yes, in our case we are using a Docker Container Registry configured with our JFrog Artifactory, and in the step, we used it in the Container Image like this:

Hey @andres.carcamo,

Thanks for that info. I’m betting the issue is with the repository authentication you’ve chosen. You might need to select the other auth option, or you may need to confirm your IAM role in AWS has the proper permissions and is added to Octopus for use against the repo.


This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.