Links

Build a Docker image from Azure DevOps

Build and push a Docker image from Azure DevOps to the AWS Elastic Container Registry (ECR)
Use DuploCloud service account authentication to build and push a Docker image from Azure DevOps to the AWS Elastic Container Registry (ECR). You can use ECR regardless of where your app is hosted.
Avoid using capital letters when referencing a DuploCloud construct, such as a Tenant, even when the UI displays the string as all capital letters. Don't specify DEV01 for example, specify dev01.

Building and Pushing to the ECR

To build a Docker image and push it to the ECR, use a pipeline script. The script:
  • Logs you into AWS ECR, using Just-In-Time credentials from DuploCloud.
  • Builds and tags the Docker image. The tag name is based on the git commit SHA (Simple Hashing Algorithm).
  • Pushes the Docker image to the ECR.

Example Pipeline Script

Here is an example Azure DevOps pipeline that builds a Docker image and pushes it to ECR.
Test and code coverage steps are commented to aid in getting started quickly with .NET apps. you can remove them for clarity.

Prerequisites to use the example script without modification

These prerequisites can be customized to fit existing pipelines and conventions for passing YAML attribute values. Test and code coverage steps are included for illustration purposes. They are not required to publish an image to an ECR.

Example Code

trigger:
batch: true
branches:
include:
- develop
pool:
vmImage: 'ubuntu-22.04'
variables:
- group: duplocloud-secrets
- name: solution
value: '**/*.sln'
- name: buildPlatform
value: 'Any CPU'
- name: buildConfiguration
value: 'Release'
steps:
- task: DotNetCoreCLI@2
displayName: 'dotnet test'
inputs:
command: 'test'
arguments: '--configuration $(buildConfiguration) --collect:"XPlat Code Coverage" -- DataCollectionRunSettings.DataCollectors.DataCollector.Configuration.Format=cobertura'
publishTestResults: true
projects: '**/*Tests.csproj'
- task: PublishCodeCoverageResults@1
displayName: 'Publish code coverage report'
inputs:
codeCoverageTool: 'Cobertura'
summaryFileLocation: '$(Agent.TempDirectory)/**/coverage.cobertura.xml'
- script: |
export token=$(DUPLO_TOKEN)
export host=$(DUPLO_HOST)
export ecr_base=$(ECR_BASE)
pip install duplocloud-client
duploctl --host=$host --token=$(DUPLO_TOKEN) jit aws -q "{AWS_ACCESS_KEY_ID: AccessKeyId, AWS_SECRET_ACCESS_KEY: SecretAccessKey, AWS_SESSION_TOKEN: SessionToken, AWS_REGION: Region}" -o env > duplo.env
export $(xargs <duplo.env)
aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin $ecr_base
displayName: Authenticate to ECR
- script: |
cd src
docker build -t $(Build.Repository.Name) .
export shortHash=${BUILD_SOURCEVERSION:0:8}
export ecr_base=$(ECR_BASE)
docker tag $(Build.Repository.Name):latest $ecr_base/$(Build.Repository.Name):$(Build.BuildId)
docker tag $(Build.Repository.Name):latest $ecr_base/$(Build.Repository.Name):$(Build.SourceBranchName)
docker tag $(Build.Repository.Name):latest $ecr_base/$(Build.Repository.Name):$shortHash
docker push $ecr_base/$(Build.Repository.Name):$(Build.BuildId)
docker push $ecr_base/$(Build.Repository.Name):$(Build.SourceBranchName)
docker push $ecr_base/$(Build.Repository.Name):$shortHash
displayName: Build and Push