# cdk-ecr-deployment
[](https://github.com/cdklabs/cdk-ecr-deployment/actions/workflows/release.yml)
[](https://www.npmjs.com/package/cdk-ecr-deployment)
[](https://pypi.org/project/cdk-ecr-deployment)
[](https://www.npmjs.com/package/cdk-ecr-deployment)
[](https://pypi.org/project/cdk-ecr-deployment)
CDK construct to synchronize single docker image between docker registries.
âš ï¸ Version 1.* is no longer supported, as CDK v1 has reached the end-of-life
stage. Please use only ^2.0.0.
## Features
- Copy image from ECR/external registry to (another) ECR/external registry
- Copy an archive tarball image from s3 to ECR/external registry
## Environment variables
Enable flags: `true`, `1`. e.g. `export CI=1`
- `CI` indicate if it's CI environment. This flag will enable building lambda from scratch.
- `NO_PREBUILT_LAMBDA` disable using prebuilt lambda.
- `FORCE_PREBUILT_LAMBDA` force using prebuilt lambda.
âš ï¸ If you want to force using prebuilt lambda in CI environment to reduce build time. Try `export FORCE_PREBUILT_LAMBDA=1`.
âš ï¸ The above flags are only available in cdk-ecr-deployment 2.x.
## Examples
```ts
import { DockerImageAsset } from 'aws-cdk-lib/aws-ecr-assets';
const image = new DockerImageAsset(this, 'CDKDockerImage', {
directory: path.join(__dirname, 'docker'),
});
// Copy from cdk docker image asset to another ECR.
new ecrdeploy.ECRDeployment(this, 'DeployDockerImage1', {
src: new ecrdeploy.DockerImageName(image.imageUri),
dest: new ecrdeploy.DockerImageName(`${cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx:latest`),
});
// Copy from docker registry to ECR.
new ecrdeploy.ECRDeployment(this, 'DeployDockerImage2', {
src: new ecrdeploy.DockerImageName('nginx:latest'),
dest: new ecrdeploy.DockerImageName(`${cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx2:latest`),
});
// Copy from private docker registry to ECR.
// The format of secret in aws secrets manager must be plain text! e.g. <username>:<password>
new ecrdeploy.ECRDeployment(this, 'DeployDockerImage3', {
src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'username:password'),
// src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'aws-secrets-manager-secret-name'),
// src: new ecrdeploy.DockerImageName('javacs3/nginx:latest', 'arn:aws:secretsmanager:us-west-2:000000000000:secret:id'),
dest: new ecrdeploy.DockerImageName(`${cdk.Aws.ACCOUNT_ID}.dkr.ecr.us-west-2.amazonaws.com/my-nginx3:latest`),
}).addToPrincipalPolicy(new iam.PolicyStatement({
effect: iam.Effect.ALLOW,
actions: [
'secretsmanager:GetSecretValue',
],
resources: ['*'],
}));
```
## Sample: [test/example.ecr-deployment.ts](./test/example.ecr-deployment.ts)
```shell
# Run the following command to try the sample.
NO_PREBUILT_LAMBDA=1 npx cdk deploy -a "npx ts-node -P tsconfig.dev.json --prefer-ts-exts test/example.ecr-deployment.ts"
```
## [API](./API.md)
## Tech Details & Contribution
The core of this project relies on [containers/image](https://github.com/containers/image) which is used by [Skopeo](https://github.com/containers/skopeo).
Please take a look at those projects before contribution.
To support a new docker image source(like docker tarball in s3), you need to implement [image transport interface](https://github.com/containers/image/blob/master/types/types.go). You could take a look at [docker-archive](https://github.com/containers/image/blob/ccb87a8d0f45cf28846e307eb0ec2b9d38a458c2/docker/archive/transport.go) transport for a good start.
To test the `lambda` folder, `make test`.