stephankoelle · June 17, 2025 09:44
diff --git a/bitbucket-pipelines.yml b/bitbucket-pipelines.yml
 image: atlassian/default-image:4


 pipelines:
  default:
    - step:
        name: Build maven base container with docker buildkit
        #image: docker.io/fedora:latest
        script:
          - export DOCKER_BUILDKIT=1             # Check storage configuration
          - |
            cd maven-base; docker build \
            --build-arg bitbucketpipelines_bootstrap="${bitbucketpipelines_bootstrap}"  \
            --build-arg bamboo_id_rsa=${bamboo_id_rsa} \
            -t epoq-base/maven .

          #docker.io/amazon/aws-cli vs  public.ecr.aws/aws-cli/aws-cli
          - |
            docker run  \
            -e AWS_ACCESS_KEY_ID="${AWSCREDID}" \
            -e AWS_SECRET_ACCESS_KEY="${AWSCREDKEY}" \
            -e AWS_DEFAULT_REGION="us-west-2"  \
            --rm  docker.io/amazon/aws-cli ecr get-login-password --region eu-central-1 | docker login --username AWS --password-stdin 482897829914.dkr.ecr.eu-central-1.amazonaws.com
          - docker tag epoq-base/maven:latest xx.dkr.ecr.eu-central-1.amazonaws.com/epoq-base/maven:latest;
          - docker push xx.dkr.ecr.eu-central-1.amazonaws.com/epoq-base/maven:latest
        services:
          - docker
        runs-on:
          - 'self.hosted'
    - step:
        name: "re-download to local cache  (for local runner)"
        image:
          name: xx.dkr.ecr.eu-central-1.amazonaws.com/epoq-base/maven:latest
          aws:
            # https://support.atlassian.com/bitbucket-cloud/docs/docker-image-options/#AWS
            # https://jira.atlassian.com/browse/BCLOUD-16664
            access-key: $AWSCREDID #_ kills the build
            secret-key: $AWSCREDKEY
        script:
          - mvn --version
        runs-on:
          - 'self.hosted'
diff --git a/Dockerfile b/Dockerfile
 # Use Maven 3.9.X with Eclipse Temurin JDK 21 as the base image
 #FROM docker.io/library/maven:3.9.9-eclipse-temurin-21
 FROM public.ecr.aws/docker/library/maven:3.9.9-eclipse-temurin-21

 # Set working directory
 WORKDIR /app

 # Environment variables (replace with actual values or set dynamically in pipeline)
 ARG bitbucketpipelines_bootstrap
 ARG bamboo_id_rsa
 ENV bitbucketpipelines_bootstrap=${bitbucketpipelines_bootstrap}
 ENV bamboo_id_rsa=${bamboo_id_rsa}


 # Execute the script during the build process
 RUN mkdir -p /root/.ssh;touch /root/.ssh/bamboo_id_rsa; mkdir -p /root/.m2/;touch /root/.m2/settings.xml
 RUN curl -s -S --user koelle:${bitbucketpipelines_bootstrap} \
    https://api.bitbucket.org/2.0/repositories/..../bitbucket-pipelines-bootstrap.sh  | bash
 #those will be populated from the acutal run
 RUN   rm /root/.ssh/bamboo_id_rsa;rm /root/.m2/settings.xml

diff --git a/snippet.txt b/snippet.txt
 Secrets for the pipeline:
 AWSCREDID
 AWSCREDKEY

 bitbucketpipelines_bootstrap a bitbucket user key to, with permission to fetch a file from a repo via http:
 bitbucket-pipelines-bootstrap.sh is the ramaining code for der Dockerfile (you can add it all there directly)
	image: atlassian/default-image:4


	pipelines:
	default:
	- step:
	name: Build maven base container with docker buildkit
	#image: docker.io/fedora:latest
	script:
	- export DOCKER_BUILDKIT=1 # Check storage configuration
	- \|
	cd maven-base; docker build \
	--build-arg bitbucketpipelines_bootstrap="${bitbucketpipelines_bootstrap}" \
	--build-arg bamboo_id_rsa=${bamboo_id_rsa} \
	-t epoq-base/maven .

	#docker.io/amazon/aws-cli vs public.ecr.aws/aws-cli/aws-cli
	- \|
	docker run \
	-e AWS_ACCESS_KEY_ID="${AWSCREDID}" \
	-e AWS_SECRET_ACCESS_KEY="${AWSCREDKEY}" \
	-e AWS_DEFAULT_REGION="us-west-2" \
	--rm docker.io/amazon/aws-cli ecr get-login-password --region eu-central-1 \| docker login --username AWS --password-stdin 482897829914.dkr.ecr.eu-central-1.amazonaws.com
	- docker tag epoq-base/maven:latest xx.dkr.ecr.eu-central-1.amazonaws.com/epoq-base/maven:latest;
	- docker push xx.dkr.ecr.eu-central-1.amazonaws.com/epoq-base/maven:latest
	services:
	- docker
	runs-on:
	- 'self.hosted'
	- step:
	name: "re-download to local cache (for local runner)"
	image:
	name: xx.dkr.ecr.eu-central-1.amazonaws.com/epoq-base/maven:latest
	aws:
	# https://support.atlassian.com/bitbucket-cloud/docs/docker-image-options/#AWS
	# https://jira.atlassian.com/browse/BCLOUD-16664
	access-key: $AWSCREDID #_ kills the build
	secret-key: $AWSCREDKEY
	script:
	- mvn --version
	runs-on:
	- 'self.hosted'
	# Use Maven 3.9.X with Eclipse Temurin JDK 21 as the base image
	#FROM docker.io/library/maven:3.9.9-eclipse-temurin-21
	FROM public.ecr.aws/docker/library/maven:3.9.9-eclipse-temurin-21

	# Set working directory
	WORKDIR /app

	# Environment variables (replace with actual values or set dynamically in pipeline)
	ARG bitbucketpipelines_bootstrap
	ARG bamboo_id_rsa
	ENV bitbucketpipelines_bootstrap=${bitbucketpipelines_bootstrap}
	ENV bamboo_id_rsa=${bamboo_id_rsa}


	# Execute the script during the build process
	RUN mkdir -p /root/.ssh;touch /root/.ssh/bamboo_id_rsa; mkdir -p /root/.m2/;touch /root/.m2/settings.xml
	RUN curl -s -S --user koelle:${bitbucketpipelines_bootstrap} \
	https://api.bitbucket.org/2.0/repositories/..../bitbucket-pipelines-bootstrap.sh \| bash
	#those will be populated from the acutal run
	RUN rm /root/.ssh/bamboo_id_rsa;rm /root/.m2/settings.xml
	Secrets for the pipeline:
	AWSCREDID
	AWSCREDKEY

	bitbucketpipelines_bootstrap a bitbucket user key to, with permission to fetch a file from a repo via http:
	bitbucket-pipelines-bootstrap.sh is the ramaining code for der Dockerfile (you can add it all there directly)