I have a CI/CD pipeline with a single JenkinsBuild.jk setup which is automatically triggered whenever a pull Request has been merged to master branch .
I have bunch of commands like 'docker build' and 'docker push' in JenkinsBuild which creates version of docker-images like:
x.36, x.37, x.38, x.39, x.40, x.41 , x.42, x.43, x.44, x.45 (Added prefix "x." to delete untagged images).
Now the problem arises when I have to deploy few of those dockerImages to prod and not all of them. Example - x.36 , x.40 and x.45 are images deployed to prod and rest all images are used for non-prod environment for testing code.
When I apply the below ECR lifecycle policy, it keeps top 5 images , hence all those versions which were not deployed to prod are also stored whereas which are most recently deployed are deleted. Example : Top 5 images i.e x.41 , x.42, x.43, x.44, x.45 are stored in ECR ,and most recently prod dockerImages i.e. x.36 , x.40 are deleted due to below policy ( x.45 is not deleted as it was one of the top 5 images).
{
"rulePriority": 1,
"description": "Keep last 5 images",
"selection": {
"tagStatus": "tagged",
"tagPrefixList": ["x."],
"countType": "imageCountMoreThan",
"countNumber": 5
},
"action": {
"type": "expire"
}
}
Can someone help me how ECR policy can only delete non-prod dockerImages ?
or
How can I override the dockerImages during prod deployment as p.36, p.40, p.45 using JenkinsDeploy.jk ?
Please suggest if you can. Thank you for reading my post.
Since there's no pattern of production ECR images and they are handpicked picked. You need to add some identifier to your production images and save them from your ecr lifecycle policy.
One way to do it is:
./rename_tag.sh <repo_name> "x.36" "p.36"After rename, you'll use p.36 as your production image.
Don't forget to update your ECR lifecycle policy as:
You may increase the numbers for prod if required and you may run this script in JenkinsDeploy.jk (based on build succeed may be), but since you said prod promotions are manual it makes more sense to call it manually.