Gitlab aws ecr get-login gives InvalidSignatureException

I’ve been trying to push images to aws ecr. In short my ci script uses:
image: docker:latest
services:

  • docker:dind

and calls a deploy script. That contains:

apk add --update python3
pip3 install awscli --upgrade

export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID
export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY
$(aws ecr get-login --no-include-email --region $AWS_REGION | tr -d ‘\r’) <=this-line
docker push $AWS_REGISTRY_IMAGE:$CI_ENVIRONMENT_SLUG

The highlighted line always gives me…
An error occurred (InvalidSignatureException) when calling the GetAuthorizationToken operation:
The request signature we calculated does not match the signature you provided.

even though I know the credentials are good and work OK in ubuntu.
I wonder if it would be possible to have an image that contained the dind and awscli such that the highlighted line works and pushing container images up to ecr was easy.

1 Like

Bump, still happening in November, 24 of 2019