Jenkins에서 ecr-login-password 숨기기

withEnv 안으로 들어가면 토큰 안보인다.

 

 

Jenkinsfile에서

 

steps{

    withEnv("JIB_TO_AUTH_PASSWORD=${sh(script: 'aws ecr get-login-password --region <region>', returnStdout: true).trim()}"]) {

        sh """

        sed -i "s/\\IMAGE_TAG_NUMBER/$BUILD_NUMBER/g" build.gradle

        ./gradlew jib

        """

    }

}

 

 

build.gradle 에서 

 

jib{

    from{

        image = 'gcr.io/distroless/java21-debian'

    }

    to{

        image = '12345678.dkr.ecr.ap-northeast-2.amazonaws.com/ecr_repo_name'

        tags = IMAGE_TAG_NUMBER

        auth {

            username = "AWS"

            password = System.getenv("JIB_TO_AUTH_PASSWORD")

        }

    }

}