Hi, I'm trying to authenticate to my private registry (AWS ECR) and use docker compose to start my container. I have something like this:
- name: Create AWS credentials file ansible.builtin.copy: dest: "{{ user_details.home }}/.aws/credentials" content: | [default] aws_access_key_id = {{ aws_access_key_id }} aws_secret_access_key = {{ aws_secret_access_key }} mode: "0600" force: true register: aws_credentials_created - name: Authenticate to AWS ansible.builtin.command: "aws ecr get-login-password --region {{ aws_region }} --profile default" register: ecr_login_password changed_when: true - name: Docker login to AWS ECR community.docker.docker_login: state: present username: "AWS" password: "{{ ecr_login_password.stdout }}" reauthorize: true # what does this do? registry_url: "{{ registry_url }}" changed_when: true - name: Docker compose container community.docker.docker_compose_v2: project_src: "{{ user_details.home }}/{{ path_to_repos }}/container" state: "present" I can't get the compose task to correctly pull the image from my private registry given that I authenticated in the task before. Is it even possible to do this? Setting aside security best practices for the moment, how do I get the compose task to pull the image? The compose file has a pull policy of "always", so when the task tries to do like "docker compose up", it will try to pull the image. See the error here: fatal: [18.208.187.13]: FAILED! => {"actions": [{"id": "my-image", "status": "Pulling", "what": "service"}], "changed": false, "cmd": "/snap/bin/docker compose --ansi never --progress plain --project-directory /home/ubuntu/docker/my-image up --detach --no-color --quiet-pull --", "containers": [], "images": [], "msg": "Error when processing my-image: Error response from daemon: Head \"https://account-id.dkr.ecr.region.amazonaws.com/v2/my-image/manifests/latest\": no basic auth credentials", "rc": 18, "stderr": " my-image Pulling \n my-image Error \nError response from daemon: Head \"https://account-id.dkr.ecr.region.amazonaws.com/v2/my-image/manifests/latest\": no basic auth credentials\n", "stderr_lines": [" my-image Pulling ", " my-image Error ", "Error response from daemon: Head \"https://account-id.dkr.ecr.region.amazonaws.com/v2/my-image/manifests/latest\": no basic auth credentials"], "stdout": "", "stdout_lines": []} Thanks, Emilio -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/4e958157-4c76-4e32-a6f6-069675318259n%40googlegroups.com.