This article is intended for FirstGen.
Introduction
Amazon ECR supports pushing Open Container Initiative (OCI) artifacts to your repositories. Although HTTP protocol for fetching charts is more common, a few edge cases need OCI protocol. Unfortunately, CurrentGen doesn’t support this kind of repository and requires additional customization to make this work.
Tutorial
Before you begin
- Read the Create an Application topic to get an overview of how Harness organizes Services.
- Read the Add a Service topic to understand the process to add a Service to an Application.
- Create an ECR repository and push a chart into it. Note: you must create a repository with the same name as the chart’s name.
Step 1
To add a Custom Artifact Source, do the following:
- In your Harness Application, open the Service where you want to use a Custom Artifact Source.
- Click Add Artifact Source, and then click Custom Repository.
The Add Custom Artifact Source dialog appears.
Step 2: Source Type
Select Custom.
Step 3: Display Name
Enter a name to identify this custom artifact source. You will use this name when picking the artifact builds and versions during deployment.
Step 4: Script
Use the script below for pulling tags from the ECR repository.
In the example below, AWS command line and helm binary are installed in the runtime, but I highly recommend for optimization purposes to install it using Delegate profile
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
./aws/install
export AWS_ACCESS_KEY_ID="<your-aws-access-key>"
export AWS_SECRET_ACCESS_KEY="<your-aws-secret-key>"
aws ecr describe-images \
--repository-name <your-repository-name> \
--region us-east-1 > ${ARTIFACT_RESULT_PATH}
The shell script you enter will query the custom artifact repository for your artifact, and output the result to a file on the Harness Delegate host using the environment variable ARTIFACT_RESULT_PATH , initialized by Harness. ARTIFACT_RESULT_PATH is a random, unique file path created on the Delegate by Harness.
The script you enter should result in a JSON array, for example:
{
"imageDetails": [
{
"registryId": "911642792698",
"repositoryName": "<repo-name>",
"imageDigest": "sha256:e2e134648e38775ff8893f5726ca487cb2c24easd123e42a7383c52c976899b40",
"imageTags": [
"0.16.2"
],
"imageSizeInBytes": 40818,
"imagePushedAt": "2023-03-02T11:23:41-03:00",
"imageManifestMediaType": "application/vnd.oci.image.manifest.v1+json",
"artifactMediaType": "application/vnd.cncf.helm.config.v1+json",
"lastRecordedPullTime": "2023-03-06T14:47:12.715000-03:00"
}
]
}
Step 5: Query Result to Artifact Mapping
Use the Query Result to Artifact Mapping section to map the JSON key from your script to the artifact Build Number.
In Artifacts Array Path , enter the root object of the array. In this case, $.imageDetails for Artifacts Array Path and imageTags[0] for Build No. Path.
Once mapped, you can reference the build number using the expression ${artifact.buildNo}.
For more information about Custom Artifact Sources, refer to: Using Custom Artifact Sources | Harness Developer Hub
Conclusion
If you have any suggestions on how to improve this article, or helpful and specific examples of permissions related issues that may be of use to others, please leave a comment with the information as this document is intended to evolve over time.
If this article cannot resolve your issue, don’t hesitate to contact us here: support@harness.io – or through the Zendesk portal in Harness SaaS.