#release-engineering (2019-03)

@Erik Osterman (Cloud Posse) I’ve got Codefresh pushing to ECR (and apparently codefreshe’s own registry too). How does one go about now pulling that ECR image?

Have tried: aws-vault exec acme-mgmt-iac aws ecr get-login aws-vault exec acme-mgmt-iac docker pull [xxxx.dkr.ecr.eu-west-2.amazonaws.com/acme/foo:develop](http://xxxx.dkr.ecr.eu-west-2.amazonaws.com/acme/foo:develop)

But both have their errors

I can see a quick workaround actually by having a default credentials so I can avoid aws-vault

Well that workaround worked. But would be to find out the answer.

Likewise how to avoid:

REPOSITORY                                                   TAG                        IMAGE ID            CREATED             SIZE
xxx.dkr.ecr.eu-west-2.amazonaws.com/acme/pod   develop                    xxx        41 minutes ago      498MB

so I can just run docker run acme/pod:develop instead of docker run [xxx.dkr.ecr.eu-west-2.amazonaws.com/acme/pod:develop](http://xxx.dkr.ecr.eu-west-2.amazonaws.com/acme/pod:develop)

https://docs.aws.amazon.com/AmazonECR/latest/userguide/ECR_AWSCLI.html#AWSCLI_pull_image

docker needs a registry to pull an image (DockerHub by default), so docker run acme/pod:develop will not work with ECR

…unless you hack your DNS to make hub.docker.com (or whatever domain it connects to when pulling) return your ECR endpoint instead

meh, I seem to recall some ssl explosions doing that.

Ooo Tim I kind of fancy doing that but I just know I’ll need the standard hub.docker.com at some point ;)

Going to use variant instead