Add SCIM Bridge Docker image to Amazon ECR public repository?
I was wondering if it'd be possible to upload the SCIM Bridge Docker image to a public ECR repository (in addition to Docker Hub), e.g. https://gallery.ecr.aws/1password/scim
.
General reason: some AWS services, like AppRunner, can only fetch images from an ECR endpoint1. Unfortunately, AWS's ECR pull-through feature only supports Quay and ECR public at the moment2. I understand this is more of a short-coming on AWS's part; however, this would be a nice convenience to avoid managing a private ECR repo and re-uploading the image from Docker Hub (e.g. Docker Hub -> intermediate machine -> private ECR pipeline).
Personal bias: The ECS example fortunately doesn't suffer this issue, being able to pull from Docker Hub directly3. Nevertheless, I wanted to try out AppRunner (with EC) to see if it would be a better fit for my use case. I have things up and running no problem, but would be an improvement to eliminate the private ECR repo.
Also happy to share the AppRunner Terraform I have to the scim-examples
repo if that's helpful.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided
-
https://docs.aws.amazon.com/apprunner/latest/dg/service-source-image.html ;↩︎
-
https://aws.amazon.com/blogs/aws/announcing-pull-through-cache-repositories-for-amazon-elastic-container-registry/ ;↩︎
-
https://github.com/1Password/scim-examples/blob/51d6f620840a557531bf40ed5003e3349c1d49d9/aws-ecsfargate-terraform/task-definitions/scim.json#L4 ;↩︎
Comments
-
Hi deadbeef, my apologies for the late response. I'm Laz, a developer on the SCIM bridge. Thanks for the suggestion, we really appreciate any feedback on how to make our product better. Your use case makes sense, and I have relayed it to the rest of the team. We are taking this into consideration, but cannot guarantee this will happen. Hope you are able to use and enjoy the SCIM bridge through a private ECR repo regardless!
0