AVB/bedrock-access-gateway
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
37374e79ba1b3245855a1ea60615ba528b150121
bedrock-access-gateway/scripts/push-to-ecr.sh
Justin Dray 37374e79ba fix: Allow the push-to-ecr.sh script to run from anywhere instead of requiring the user to cd manually (#202) 
* fix: Allow the push-to-ecr.sh script to run from anywhere instead of requiring the user to cd manually

* Add docker-compose to support running locally
2025-11-20 14:33:43 +08:00

128 lines
4.4 KiB
Bash
Executable File
Raw Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# NOTE: The script will try to create the ECR repository if it doesn't exist. Please grant the necessary permissions to the IAM user or role.
# Usage:
# cd scripts
# bash ./push-to-ecr.sh
set -o errexit # exit on first error
set -o nounset # exit on using unset variables
set -o pipefail # exit on any error in a pipeline
# Change to the directory where the script is located
cd "$(dirname "$0")"
# Prompt user for inputs
echo "================================================"
echo "Bedrock Access Gateway - Build and Push to ECR"
echo "================================================"
echo ""
# Get repository name for Lambda version
read -p "Enter ECR repository name for Lambda (default: bedrock-proxy-api): " LAMBDA_REPO
LAMBDA_REPO=${LAMBDA_REPO:-bedrock-proxy-api}
# Get repository name for ECS/Fargate version
read -p "Enter ECR repository name for ECS/Fargate (default: bedrock-proxy-api-ecs): " ECS_REPO
ECS_REPO=${ECS_REPO:-bedrock-proxy-api-ecs}
# Get image tag
read -p "Enter image tag (default: latest): " TAG
TAG=${TAG:-latest}
# Get AWS region
read -p "Enter AWS region (default: us-east-1): " AWS_REGION
AWS_REGION=${AWS_REGION:-us-east-1}
echo ""
echo "Configuration:"
echo " Lambda Repository: $LAMBDA_REPO"
echo " ECS/Fargate Repository: $ECS_REPO"
echo " Image Tag: $TAG"
echo " AWS Region: $AWS_REGION"
echo ""
read -p "Continue with these settings? (y/n): " CONFIRM
if [[ ! "$CONFIRM" =~ ^[Yy]$ ]]; then
echo "Aborted."
exit 1
fi
echo ""
# Acknowledgment about ECR repository creation
echo " NOTICE: This script will automatically create ECR repositories if they don't exist."
echo " The repositories will be created with the following default settings:"
echo " - Image tag mutability: MUTABLE (allows overwriting tags)"
echo " - Image scanning: Disabled"
echo " - Encryption: AES256 (AWS managed encryption)"
echo ""
echo " You can modify these settings later in the AWS ECR Console if needed."
echo " Required IAM permissions: ecr:CreateRepository, ecr:GetAuthorizationToken,"
echo " ecr:BatchCheckLayerAvailability, ecr:InitiateLayerUpload, ecr:UploadLayerPart,"
echo " ecr:CompleteLayerUpload, ecr:PutImage"
echo ""
read -p "Do you acknowledge and want to proceed? (y/n): " ACK_CONFIRM
if [[ ! "$ACK_CONFIRM" =~ ^[Yy]$ ]]; then
echo "Aborted."
exit 1
fi
echo ""
# Define variables
ARCHS=("arm64") # Single architecture for simplicity
build_and_push_image() {
local IMAGE_NAME=$1
local TAG=$2
local DOCKERFILE_PATH=$3
local REGION=$AWS_REGION
local ARCH=${ARCHS[0]}
echo "Building $IMAGE_NAME:$TAG..."
# Build Docker image
docker buildx build --platform linux/$ARCH -t $IMAGE_NAME:$TAG -f $DOCKERFILE_PATH --load ../src/
# Get the account ID
ACCOUNT_ID=$(aws sts get-caller-identity --region $REGION --query Account --output text)
# Create repository URI
REPOSITORY_URI="${ACCOUNT_ID}.dkr.ecr.${REGION}.amazonaws.com/${IMAGE_NAME}"
echo "Creating ECR repository if it doesn't exist..."
# Create ECR repository if it doesn't exist
aws ecr create-repository --repository-name "${IMAGE_NAME}" --region $REGION || true
echo "Logging in to ECR..."
# Log in to ECR
aws ecr get-login-password --region $REGION | docker login --username AWS --password-stdin $REPOSITORY_URI
echo "Pushing image to ECR..."
# Tag the image for ECR
docker tag $IMAGE_NAME:$TAG $REPOSITORY_URI:$TAG
# Push the image to ECR
docker push $REPOSITORY_URI:$TAG
echo "✅ Successfully pushed $IMAGE_NAME:$TAG to $REPOSITORY_URI"
echo ""
}
echo "Building and pushing Lambda image..."
build_and_push_image "$LAMBDA_REPO" "$TAG" "../src/Dockerfile"
echo "Building and pushing ECS/Fargate image..."
build_and_push_image "$ECS_REPO" "$TAG" "../src/Dockerfile_ecs"
echo "================================================"
echo "✅ All images successfully pushed!"
echo "================================================"
echo ""
echo "Your container image URIs:"
ACCOUNT_ID=$(aws sts get-caller-identity --region $AWS_REGION --query Account --output text)
echo " Lambda: ${ACCOUNT_ID}.dkr.ecr.${AWS_REGION}.amazonaws.com/${LAMBDA_REPO}:${TAG}"
echo " ECS/Fargate: ${ACCOUNT_ID}.dkr.ecr.${AWS_REGION}.amazonaws.com/${ECS_REPO}:${TAG}"
echo ""
echo "Next steps:"
echo " 1. Download the CloudFormation templates from deployment/ folder"
echo " 2. Update the ContainerImageUri parameter with your image URI above"
echo " 3. Deploy the stack via AWS CloudFormation Console"
echo ""
Reference in New Issue View Git Blame Copy Permalink