Andreas/watchtower
1
0
Fork 0
mirror of https://github.com/containrrr/watchtower.git synced 2025-12-16 15:10:12 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Deployed 70ca4c2 with MkDocs version: 1.2.3

Browse source
This commit is contained in:
2022-02-17 13:26:58 +00:00
parent 670ba26f36
commit 383f9ef9cb
39 changed files with 8444 additions and 1087 deletions
Download patch file Download diff file Expand all files Collapse all files

254
private-registries/index.html
View file

@ -8,11 +8,10 @@
<link rel="canonical" href="https://containrrr.dev/watchtower/private-registries/">
<link rel="icon" href="../images/favicon.ico">
<meta name="generator" content="mkdocs-1.1.2, mkdocs-material-7.1.3">
<meta name="generator" content="mkdocs-1.2.3, mkdocs-material-8.1.11">
@ -20,10 +19,10 @@
<link rel="stylesheet" href="../assets/stylesheets/main.e35208c4.min.css">
<link rel="stylesheet" href="../assets/stylesheets/main.50e68009.min.css">
<link rel="stylesheet" href="../assets/stylesheets/palette.ef6f36e2.min.css">
<link rel="stylesheet" href="../assets/stylesheets/palette.e6a45f82.min.css">
@ -33,15 +32,16 @@
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:300,400,400i,700%7CRoboto+Mono&display=fallback">
<style>:root{--md-text-font-family:"Roboto";--md-code-font-family:"Roboto Mono"}</style>
<style>:root{--md-text-font:"Roboto";--md-code-font:"Roboto Mono"}</style>
<link rel="stylesheet" href="../stylesheets/theme.css">
<script>__md_scope=new URL("..",location),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script>
</head>
@ -55,7 +55,6 @@
<body dir="ltr" data-md-color-scheme="containrrr" data-md-color-primary="" data-md-color-accent="">
<script>function __prefix(e){return new URL("..",location).pathname+"."+e}function __get(e,t=localStorage){return JSON.parse(t.getItem(__prefix(e)))}</script>
<input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer" autocomplete="off">
<input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off">
@ -72,7 +71,10 @@
</div>
<header class="md-header" data-md-component="header">
<header class="md-header" data-md-component="header">
<nav class="md-header__inner md-grid" aria-label="Header">
<a href=".." title="Watchtower" class="md-header__button md-logo" aria-label="Watchtower" data-md-component="logo">
@ -104,19 +106,22 @@
<label class="md-header__button md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5z"/></svg>
</label>
<div class="md-search" data-md-component="search" role="dialog">
<div class="md-search" data-md-component="search" role="dialog">
<label class="md-search__overlay" for="__search"></label>
<div class="md-search__inner" role="search">
<form class="md-search__form" name="search">
<input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" data-md-state="active" required>
<input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" required>
<label class="md-search__icon md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5z"/></svg>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12z"/></svg>
</label>
<button type="reset" class="md-search__icon md-icon" aria-label="Clear" tabindex="-1">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41z"/></svg>
</button>
<nav class="md-search__options" aria-label="Search">
<button type="reset" class="md-search__icon md-icon" aria-label="Clear" tabindex="-1">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41z"/></svg>
</button>
</nav>
</form>
<div class="md-search__output">
<div class="md-search__scrollwrap" data-md-scrollfix>
@ -133,11 +138,10 @@
<div class="md-header__source">
<a href="https://github.com/containrrr/watchtower/" title="Go to repository" class="md-source" data-md-component="source">
<a href="https://github.com/containrrr/watchtower/" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.0.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
</div>
<div class="md-source__repository">
GitHub
@ -146,12 +150,15 @@
</div>
</nav>
</header>
<div class="md-container" data-md-component="container">
<main class="md-main" data-md-component="main">
<div class="md-main__inner md-grid">
@ -175,11 +182,10 @@
</label>
<div class="md-nav__source">
<a href="https://github.com/containrrr/watchtower/" title="Go to repository" class="md-source" data-md-component="source">
<a href="https://github.com/containrrr/watchtower/" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.0.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
</div>
<div class="md-source__repository">
GitHub
@ -304,6 +310,7 @@
</a>
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
@ -487,6 +494,7 @@
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
@ -557,14 +565,14 @@
<article class="md-content__inner md-typeset">
<a href="https://github.com/containrrr/watchtower/edit/main/docs/private-registries.md" title="Edit this page" class="md-content__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20.71 7.04c.39-.39.39-1.04 0-1.41l-2.34-2.34c-.37-.39-1.02-.39-1.41 0l-1.84 1.83 3.75 3.75M3 17.25V21h3.75L17.81 9.93l-3.75-3.75L3 17.25z"/></svg>
</a>
<h1>Private registries</h1>
<p>Watchtower supports private Docker image registries. In many cases, accessing a private registry
<a href="https://github.com/containrrr/watchtower/edit/main/docs/private-registries.md" title="Edit this page" class="md-content__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20.71 7.04c.39-.39.39-1.04 0-1.41l-2.34-2.34c-.37-.39-1.02-.39-1.41 0l-1.84 1.83 3.75 3.75M3 17.25V21h3.75L17.81 9.93l-3.75-3.75L3 17.25z"/></svg>
</a>
<h1>Private registries</h1>
<p>Watchtower supports private Docker image registries. In many cases, accessing a private registry
requires a valid username and password (i.e., <em>credentials</em>). In order to operate in such an
environment, watchtower needs to know the credentials to access the registry. </p>
<p>The credentials can be provided to watchtower in a configuration file called <code>config.json</code>.
@ -576,16 +584,26 @@ There are two ways to generate this configuration file:</p>
<h3 id="create_the_configuration_file_manually">Create the configuration file manually<a class="headerlink" href="#create_the_configuration_file_manually" title="Permanent link">&para;</a></h3>
<p>Create a new configuration file with the following syntax and a base64 encoded username and
password <code>auth</code> string:</p>
<div class="highlight"><pre><span></span><code><span class="p">{</span>
<span class="nt">&quot;auths&quot;</span><span class="p">:</span> <span class="p">{</span>
<span class="nt">&quot;&lt;REGISTRY_NAME&gt;&quot;</span><span class="p">:</span> <span class="p">{</span>
<span class="nt">&quot;auth&quot;</span><span class="p">:</span> <span class="s2">&quot;XXXXXXX&quot;</span>
<span class="p">}</span>
<span class="p">}</span>
<span class="p">}</span>
<div class="highlight"><pre><span></span><code><span class="p">{</span><span class="w"></span>
<span class="w"> </span><span class="nt">&quot;auths&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"></span>
<span class="w"> </span><span class="nt">&quot;&lt;REGISTRY_NAME&gt;&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"></span>
<span class="w"> </span><span class="nt">&quot;auth&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;XXXXXXX&quot;</span><span class="w"></span>
<span class="w"> </span><span class="p">}</span><span class="w"></span>
<span class="w"> </span><span class="p">}</span><span class="w"></span>
<span class="p">}</span><span class="w"></span>
</code></pre></div>
<p><code>&lt;REGISTRY_NAME&gt;</code> needs to be replaced by the name of your private registry
(e.g., <code>my-private-registry.example.org</code>)</p>
<div class="admonition important">
<p class="admonition-title">Using private images on docker hub</p>
<p>When using private images on docker hub, the containers beeing watched needs to use the full image name, including the repository prefix <code>index.docker.io</code>.
So instead of
<div class="highlight"><pre><span></span><code>docker run -d myuser/myimage
</code></pre></div>
you would run it as
<div class="highlight"><pre><span></span><code>docker run -d index.docker.io/myuser/myimage
</code></pre></div></p>
</div>
<p>The required <code>auth</code> string can be generated as follows:</p>
<div class="highlight"><pre><span></span><code><span class="nb">echo</span> -n <span class="s1">&#39;username:password&#39;</span> <span class="p">|</span> base64
</code></pre></div>
@ -608,28 +626,28 @@ additional configuration file is not necessary.</p>
<div class="highlight"><pre><span></span><code>docker run <span class="o">[</span>...<span class="o">]</span> -v &lt;PATH_TO_HOME_DIR&gt;/.docker/config.json:/config.json containrrr/watchtower
</code></pre></div>
<p>When creating the watchtower container via docker-compose, use the following lines:</p>
<div class="highlight"><pre><span></span><code><span class="nt">version</span><span class="p">:</span> <span class="s">&quot;3.4&quot;</span>
<span class="nt">services</span><span class="p">:</span>
<span class="nt">watchtower</span><span class="p">:</span>
<span class="nt">image</span><span class="p">:</span> <span class="l l-Scalar l-Scalar-Plain">index.docker.io/containrrr/watchtower:latest</span>
<span class="nt">volumes</span><span class="p">:</span>
<span class="p p-Indicator">-</span> <span class="l l-Scalar l-Scalar-Plain">/var/run/docker.sock:/var/run/docker.sock</span>
<span class="p p-Indicator">-</span> <span class="l l-Scalar l-Scalar-Plain">&lt;PATH_TO_HOME_DIR&gt;/.docker/config.json:/config.json</span>
<span class="l l-Scalar l-Scalar-Plain">...</span>
<div class="highlight"><pre><span></span><code><span class="nt">version</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;3.4&quot;</span><span class="w"></span>
<span class="nt">services</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="nt">watchtower</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="nt">image</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">index.docker.io/containrrr/watchtower:latest</span><span class="w"></span>
<span class="w"> </span><span class="nt">volumes</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/var/run/docker.sock:/var/run/docker.sock</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">&lt;PATH_TO_HOME_DIR&gt;/.docker/config.json:/config.json</span><span class="w"></span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">...</span><span class="w"></span>
</code></pre></div>
<h4 id="docker_config_path">Docker Config path<a class="headerlink" href="#docker_config_path" title="Permanent link">&para;</a></h4>
<p>By default, watchtower will look for the <code>config.json</code> file in <code>/</code>, but this can be changed by setting the <code>DOCKER_CONFIG</code> environment variable to the directory path where your config is located. This is useful for setups where the config.json file is changed while the watchtower instance is running, as the changes will not be picked up for a mounted file if the inode changes.
Example usage:</p>
<div class="highlight"><pre><span></span><code><span class="nt">version</span><span class="p">:</span> <span class="s">&quot;3.4&quot;</span>
<div class="highlight"><pre><span></span><code><span class="nt">version</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;3.4&quot;</span><span class="w"></span>
<span class="nt">services</span><span class="p">:</span>
<span class="nt">watchtower</span><span class="p">:</span>
<span class="nt">image</span><span class="p">:</span> <span class="l l-Scalar l-Scalar-Plain">containrrr/watchtower</span>
<span class="nt">environment</span><span class="p">:</span>
<span class="nt">DOCKER_CONFIG</span><span class="p">:</span> <span class="l l-Scalar l-Scalar-Plain">/config</span>
<span class="nt">volumes</span><span class="p">:</span>
<span class="p p-Indicator">-</span> <span class="l l-Scalar l-Scalar-Plain">/etc/watchtower/config/:/config/</span>
<span class="p p-Indicator">-</span> <span class="l l-Scalar l-Scalar-Plain">/var/run/docker.sock:/var/run/docker.sock</span>
<span class="nt">services</span><span class="p">:</span><span class="w"> </span>
<span class="w"> </span><span class="nt">watchtower</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="nt">image</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">containrrr/watchtower</span><span class="w"></span>
<span class="w"> </span><span class="nt">environment</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="nt">DOCKER_CONFIG</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/config</span><span class="w"></span>
<span class="w"> </span><span class="nt">volumes</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/etc/watchtower/config/:/config/</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/var/run/docker.sock:/var/run/docker.sock</span><span class="w"></span>
</code></pre></div>
<h2 id="credential_helpers">Credential helpers<a class="headerlink" href="#credential_helpers" title="Permanent link">&para;</a></h2>
<p>Some private Docker registries (the most prominent probably being AWS ECR) use non-standard ways of authentication.
@ -643,20 +661,21 @@ in a volume that may be mounted onto your watchtower container.</p>
<ol>
<li>
<p>Create the Dockerfile (contents below):
<div class="highlight"><pre><span></span><code><span class="k">FROM</span> <span class="s">golang:latest</span>
<div class="highlight"><pre><span></span><code><span class="k">FROM</span><span class="w"> </span><span class="s">golang:1.16</span>
<span class="k">ENV</span> CGO_ENABLED <span class="m">0</span>
<span class="k">ENV</span> REPO github.com/awslabs/amazon-ecr-credential-helper/ecr-login/cli/docker-credential-ecr-login
<span class="k">ENV</span><span class="w"> </span>GO111MODULE off
<span class="k">ENV</span><span class="w"> </span>CGO_ENABLED <span class="m">0</span>
<span class="k">ENV</span><span class="w"> </span>REPO github.com/awslabs/amazon-ecr-credential-helper/ecr-login/cli/docker-credential-ecr-login
<span class="k">RUN</span> go get -u <span class="nv">$REPO</span>
<span class="k">RUN</span><span class="w"> </span>go get -u <span class="nv">$REPO</span>
<span class="k">RUN</span> rm /go/bin/docker-credential-ecr-login
<span class="k">RUN</span><span class="w"> </span>rm /go/bin/docker-credential-ecr-login
<span class="k">RUN</span> go build <span class="se">\</span>
<span class="k">RUN</span><span class="w"> </span>go build <span class="se">\</span>
-o /go/bin/docker-credential-ecr-login <span class="se">\</span>
/go/src/<span class="nv">$REPO</span>
<span class="k">WORKDIR</span><span class="s"> /go/bin/</span>
<span class="k">WORKDIR</span><span class="w"> </span><span class="s">/go/bin/</span>
</code></pre></div></p>
</li>
<li>
@ -675,58 +694,61 @@ docker run -d --rm --name aws-cred-helper <span class="se">\</span>
<li>
<p>Create a configuration file for docker, and store it in $HOME/.docker/config.json (replace the <AWS_ACCOUNT_ID>
placeholders with your AWS Account ID):
<div class="highlight"><pre><span></span><code><span class="p">{</span>
<span class="nt">&quot;credsStore&quot;</span> <span class="p">:</span> <span class="s2">&quot;ecr-login&quot;</span><span class="p">,</span>
<span class="nt">&quot;HttpHeaders&quot;</span> <span class="p">:</span> <span class="p">{</span>
<span class="nt">&quot;User-Agent&quot;</span> <span class="p">:</span> <span class="s2">&quot;Docker-Client/19.03.1 (XXXXXX)&quot;</span>
<span class="p">},</span>
<span class="nt">&quot;auths&quot;</span> <span class="p">:</span> <span class="p">{</span>
<span class="nt">&quot;&lt;AWS_ACCOUNT_ID&gt;.dkr.ecr.us-west-1.amazonaws.com&quot;</span> <span class="p">:</span> <span class="p">{}</span>
<span class="p">},</span>
<span class="nt">&quot;credHelpers&quot;</span><span class="p">:</span> <span class="p">{</span>
<span class="nt">&quot;&lt;AWS_ACCOUNT_ID&gt;.dkr.ecr.us-west-1.amazonaws.com&quot;</span> <span class="p">:</span> <span class="s2">&quot;ecr-login&quot;</span>
<span class="p">}</span>
<span class="p">}</span>
<div class="highlight"><pre><span></span><code><span class="p">{</span><span class="w"></span>
<span class="w"> </span><span class="nt">&quot;credsStore&quot;</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;ecr-login&quot;</span><span class="p">,</span><span class="w"></span>
<span class="w"> </span><span class="nt">&quot;HttpHeaders&quot;</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"></span>
<span class="w"> </span><span class="nt">&quot;User-Agent&quot;</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;Docker-Client/19.03.1 (XXXXXX)&quot;</span><span class="w"></span>
<span class="w"> </span><span class="p">},</span><span class="w"></span>
<span class="w"> </span><span class="nt">&quot;auths&quot;</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"></span>
<span class="w"> </span><span class="nt">&quot;&lt;AWS_ACCOUNT_ID&gt;.dkr.ecr.us-west-1.amazonaws.com&quot;</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="p">{}</span><span class="w"></span>
<span class="w"> </span><span class="p">},</span><span class="w"></span>
<span class="w"> </span><span class="nt">&quot;credHelpers&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"></span>
<span class="w"> </span><span class="nt">&quot;&lt;AWS_ACCOUNT_ID&gt;.dkr.ecr.us-west-1.amazonaws.com&quot;</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;ecr-login&quot;</span><span class="w"></span>
<span class="w"> </span><span class="p">}</span><span class="w"></span>
<span class="p">}</span><span class="w"></span>
</code></pre></div></p>
</li>
<li>
<p>Create a docker-compose file (as an example) to help launch the container:
<div class="highlight"><pre><span></span><code><span class="nt">version</span><span class="p">:</span> <span class="s">&quot;3.4&quot;</span>
<span class="nt">services</span><span class="p">:</span>
<span class="c1"># Check for new images and restart things if a new image exists</span>
<span class="c1"># for any of our containers.</span>
<span class="nt">watchtower</span><span class="p">:</span>
<span class="nt">image</span><span class="p">:</span> <span class="l l-Scalar l-Scalar-Plain">containrrr/watchtower:latest</span>
<span class="nt">volumes</span><span class="p">:</span>
<span class="p p-Indicator">-</span> <span class="l l-Scalar l-Scalar-Plain">/var/run/docker.sock:/var/run/docker.sock</span>
<span class="p p-Indicator">-</span> <span class="l l-Scalar l-Scalar-Plain">.docker/config.json:/config.json</span>
<span class="p p-Indicator">-</span> <span class="l l-Scalar l-Scalar-Plain">helper:/go/bin</span>
<span class="nt">environment</span><span class="p">:</span>
<span class="p p-Indicator">-</span> <span class="l l-Scalar l-Scalar-Plain">HOME=/</span>
<span class="p p-Indicator">-</span> <span class="l l-Scalar l-Scalar-Plain">PATH=$PATH:/go/bin</span>
<span class="p p-Indicator">-</span> <span class="l l-Scalar l-Scalar-Plain">AWS_REGION=us-west-1</span>
<span class="nt">volumes</span><span class="p">:</span>
<span class="nt">helper</span><span class="p">:</span>
<span class="nt">external</span><span class="p">:</span> <span class="l l-Scalar l-Scalar-Plain">true</span>
<div class="highlight"><pre><span></span><code><span class="nt">version</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;3.4&quot;</span><span class="w"></span>
<span class="nt">services</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="c1"># Check for new images and restart things if a new image exists</span><span class="w"></span>
<span class="w"> </span><span class="c1"># for any of our containers.</span><span class="w"></span>
<span class="w"> </span><span class="nt">watchtower</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="nt">image</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">containrrr/watchtower:latest</span><span class="w"></span>
<span class="w"> </span><span class="nt">volumes</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/var/run/docker.sock:/var/run/docker.sock</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">.docker/config.json:/config.json</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">helper:/go/bin</span><span class="w"></span>
<span class="w"> </span><span class="nt">environment</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">HOME=/</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">PATH=$PATH:/go/bin</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">AWS_REGION=us-west-1</span><span class="w"></span>
<span class="nt">volumes</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="nt">helper</span><span class="p">:</span><span class="w"> </span>
<span class="w"> </span><span class="nt">external</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">true</span><span class="w"></span>
</code></pre></div></p>
</li>
</ol>
<p>A few additional notes:</p>
<ol>
<li>With docker-compose the volume (helper, in this case) MUST be set to <code>external: true</code>, otherwise docker-compose
will preface it with the directory name.</li>
<li>Note that "credsStore" : "ecr-login" is needed - and in theory if you have that you can remove the
credHelpers section </li>
<li>I have this running on an EC2 instance that has credentials assigned to it - so no keys are needed; however,
you may need to include the <code>AWS_ACCESS_KEY_ID</code> and <code>AWS_SECRET_ACCESS_KEY</code> environment variables as well.</li>
<li>An alternative to adding the various variables is to create a ~/.aws/config and ~/.aws/credentials files and
place the settings there, then mount the ~/.aws directory to / in the container.</li>
<li>
<p>With docker-compose the volume (helper, in this case) MUST be set to <code>external: true</code>, otherwise docker-compose
will preface it with the directory name.</p>
</li>
<li>
<p>Note that "credsStore" : "ecr-login" is needed - and in theory if you have that you can remove the
credHelpers section</p>
</li>
<li>
<p>I have this running on an EC2 instance that has credentials assigned to it - so no keys are needed; however,
you may need to include the <code>AWS_ACCESS_KEY_ID</code> and <code>AWS_SECRET_ACCESS_KEY</code> environment variables as well.</p>
</li>
<li>
<p>An alternative to adding the various variables is to create a ~/.aws/config and ~/.aws/credentials files and
place the settings there, then mount the ~/.aws directory to / in the container.</p>
</li>
</ol>
</article>
@ -735,12 +757,12 @@ docker run -d --rm --name aws-cred-helper <span class="se">\</span>
</main>
<footer class="md-footer">
<footer class="md-footer">
<nav class="md-footer__inner md-grid" aria-label="Footer">
<a href="../container-selection/" class="md-footer__link md-footer__link--prev" rel="prev">
<a href="../container-selection/" class="md-footer__link md-footer__link--prev" aria-label="Previous: Container selection" rel="prev">
<div class="md-footer__button md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12z"/></svg>
</div>
@ -755,7 +777,8 @@ docker run -d --rm --name aws-cred-helper <span class="se">\</span>
</a>
<a href="../linked-containers/" class="md-footer__link md-footer__link--next" rel="next">
<a href="../linked-containers/" class="md-footer__link md-footer__link--next" aria-label="Next: Linked containers" rel="next">
<div class="md-footer__title">
<div class="md-ellipsis">
<span class="md-footer__direction">
@ -773,14 +796,15 @@ docker run -d --rm --name aws-cred-helper <span class="se">\</span>
<div class="md-footer-meta md-typeset">
<div class="md-footer-meta__inner md-grid">
<div class="md-footer-copyright">
Made with
<a href="https://squidfunk.github.io/mkdocs-material/" target="_blank" rel="noopener">
Material for MkDocs
</a>
</div>
<div class="md-copyright">
Made with
<a href="https://squidfunk.github.io/mkdocs-material/" target="_blank" rel="noopener">
Material for MkDocs
</a>
</div>
</div>
</div>
@ -790,10 +814,10 @@ docker run -d --rm --name aws-cred-helper <span class="se">\</span>
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<script id="__config" type="application/json">{"base": "..", "features": [], "translations": {"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing"}, "search": "../assets/javascripts/workers/search.fe42c31b.min.js", "version": null}</script>
<script id="__config" type="application/json">{"base": "..", "features": [], "translations": {"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing", "select.version.title": "Select version"}, "search": "../assets/javascripts/workers/search.092fa1f6.min.js"}</script>
<script src="../assets/javascripts/bundle.4ea5477f.min.js"></script>
<script src="../assets/javascripts/bundle.5a9542cf.min.js"></script>
</body>