BitBucket pipeline: Unable to pull private ECR image after login

I have a BitBucket pipeline I am using to push a docker image into ECR. I am using a custom private build environment that I was able to push into ECR, but for some reason I’m unable to use that build environment in my pipeline. I am able to login to the ECR repo, but after login succeeds, I am getting unable to pull image and docker login may be required. Any advice on how to pull after logging in would be helpful.

bitbucket-pipelines.yml

image:
  name: xxxxxxxxxxxx.dkr.ecr.us-east-2.amazonaws.com/awscli/kubectl
  aws:
    access-key: $AWS_ACCESS_KEY_ID
    secret-key: $AWS_SECRET_ACCESS_KEY
definitions:
step: &push
    name: Push Docker Image to ECR
    script:
      - ecr_scripts/login.sh
      - docker build -t $DOCKER_IMAGE .
      - pipe: atlassian/aws-ecr-push-image:1.3.0
        variables:
          IMAGE_NAME: $DOCKER_IMAGE
          AWS_DEFAULT_REGION: us-east-2

  step: &deploy
    name: Deploy to EKS
    deployment: development
    script:
      - aws eks --region $AWS_DEFAULT_REGION update-kubeconfig --name $EKS_CLUSTER
      - kubectl rollout --namespace $NS restart deployments $DEPLOYMENT

pipelines:
  branches:
    master:
      - step: *push
      - step: *deploy

    staging:
      - step: *push
      - step: *deploy

    production:
      - step:
          <<: *push
          script:
            - pipe: atlassian/aws-ecr-push-image:1.3.0
              variables:
                IMAGE_NAME: $DOCKER_IMAGE
                AWS_DEFAULT_REGION: "us-west-2"
      - step: *deploy

Login Succeeded

+ ecr_scripts/login.sh
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
Login Succeeded
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Docker Build fail

+ docker build -t $DOCKER_IMAGE .
Sending build context to Docker daemon  2.794MB
Step 1/7 : FROM xxx/xxx
pull access denied for xxx/xxx, repository does not exist or may require 'docker login': denied: requested access to the resource is denied

Source: Docker Questions

LEAVE A COMMENT