Skip to content

Instantly share code, notes, and snippets.

Last active March 1, 2024 13:35
Show Gist options
  • Save outofcoffee/8f40732aefacfded14cce8a45f6e5eb1 to your computer and use it in GitHub Desktop.
Save outofcoffee/8f40732aefacfded14cce8a45f6e5eb1 to your computer and use it in GitHub Desktop.
Check if Docker image exists with tag in AWS ECR
#!/usr/bin/env bash
# Example:
# ./ foo/bar mytag
if [[ $# -lt 2 ]]; then
echo "Usage: $( basename $0 ) <repository-name> <image-tag>"
exit 1
IMAGE_META="$( aws ecr describe-images --repository-name=$1 --image-ids=imageTag=$2 2> /dev/null )"
if [[ $? == 0 ]]; then
IMAGE_TAGS="$( echo ${IMAGE_META} | jq '.imageDetails[0].imageTags[0]' -r )"
echo "$1:$2 found"
echo "$1:$2 not found"
exit 1
Copy link

Thanks for this! Very handy.

Copy link

mcindea commented Apr 28, 2020

@maxdbn I wouldn't recommend using ||: because that will result in a false positive: The script will say "found" even though the aws command returns a non-zero exit code.
You can test this by adding a "typo" in the aws command:

IMAGE_META="$( awsz ecr describe-images --registry-id $REGISTRY_ID --repository-name=$REPOSITORY --image-ids=imageTag=$IMAGE_TAG 2> /dev/null ||: )"

Doing this, the script will always say it's found.

Copy link

jeevanshu commented Jul 13, 2020

Thank you so much for this!!

For adding help message you can make use of this in script, I picked this up from a hackernews thread few days ago

USAGE="find-ecr-image — Check ECR for existing docker image

      ./find-ecr-image <repository-name> <image-tag>
      ./ foo/bar mytag

      <repository-name>   ECR repository name
      <image-tag>         ECR image tag 
      -h                  Show this message
  help() {
    echo "$USAGE"

if [[ $# -lt 2 ]] || [[ "$1" == "-h" ]]; then
    exit 1

Copy link

Thanks for this script!

I've expanded it to include support for public repositories, using the -p or --public flag and incorporated the usage block from @jeevanshu

#!/usr/bin/env bash
# Example:
#    ./ foo/bar mytag
# via

USAGE="find-ecr-image — Check ECR for existing docker image

      ./find-ecr-image <repository-name> <image-tag>
      ./ foo/bar mytag
      ./ -p public/repo mytag

      <repository-name>   ECR repository name
      <image-tag>         ECR image tag 
      -h                  Show this message
      -p / --pubic        Public Repository (optional)
  help() {
    echo "$USAGE"

if [[ $# -lt 2 ]] || [[ "$1" == "-h" ]]; then
    exit 1

if [[ "$3" == "-p" ]] || [[ "$3" == "--public" ]]; then
    # public repository
    IMAGE_META="$( aws ecr-public describe-images --repository-name=$1 --image-ids=imageTag=$2 2> /dev/null )"
    # private repository
    IMAGE_META="$( aws ecr describe-images --repository-name=$1 --image-ids=imageTag=$2 2> /dev/null )"

if [[ $? == 0 ]]; then
    IMAGE_TAGS="$( echo ${IMAGE_META} | jq '.imageDetails[0].imageTags[0]' -r )"
    echo "$1:$2 found"
    echo "$1:$2 not found"
    exit 1

Copy link

The following command worked out a bit better for me as it won't fail if tag not present, but will fail if repo not found or on aws cli error:

aws ecr batch-get-image --repository-name=$1 --image-ids=imageTag=$2 --query 'images[].imageId.imageTag' --output text

Copy link

similar, don't fail if tag not present:
aws ecr list-images --repository-name $1 --query 'imageIds[?imageTag=='$2'].imageTag' --output text

Copy link

I used the first command, update the behavior to sent null if the tag is not present:

cmd="$(aws ecr describe-images --repository-name="NAME" --image-ids=imageTag="TAG" ||:)"
if [[ ! -z "$cmd" ]]; then

Copy link

Startouf commented Dec 1, 2021

Thanks you @sanchojaf yours is the best answer that will work for images that may have multiple tags

However your code had some quote issues, the working one is

aws ecr list-images \
    --repository-name ${REPO_NAME} \
    --query "imageIds[?imageTag=='${GIT_SHA1}'].imageTag" \
    --output text

Copy link

The following would push only if the image with the tag does not exist.
aws ecr list-images --repository-name ${REPO_NAME} --query "imageIds[?imageTag=='${GIT_SHA1}'].imageTag" --output text | docker push ${AWSACCOUNTID}.dkr.ecr.${AWS_REGION}${REPO_NAME}:${GIT_SHA1}

Copy link

sarthak commented Jun 15, 2022

Thanks for this script!

I've expanded it to include support for public repositories, using the -p or --public flag and incorporated the usage block from @jeevanshu

aws ecr-public commands only work in us-east-1 region, therefore the correct command should be

    IMAGE_META="$( aws ecr-public --region=us-east-1 describe-images --repository-name=$1 --image-ids=imageTag=$2 2> /dev/null )"

Copy link

jeremiahlukus commented Jan 12, 2023

          IMAGE_META="$( aws ecr batch-get-image --repository-name=$REPOSITORY --image-ids=imageTag=$IMAGE_TAG --query 'images[].imageId.imageTag' --output text )"
          if [[ $IMAGE_META == $IMAGE_TAG ]]; then
            echo "$IMAGE_META found skipping build"
            echo "$REPOSITORY:$IMAGE_TAG not found, building new image"
            docker build -t $REGISTRY/$REPOSITORY:$IMAGE_TAG .
            docker push $REGISTRY/$REPOSITORY:$IMAGE_TAG

  This way is working for me, thanks for the help

Copy link

devxoul commented Jan 19, 2023

@jeremiahlukus, thanks this does work for me 👍

Copy link

cig0 commented Jan 26, 2023

Thanks, AWS CLI goes out of it's way to make things less obvious -

👆 👆 👆

Copy link

anxo-outeiral commented Nov 20, 2023

          IMAGE_META="$( aws ecr batch-get-image --repository-name=$REPOSITORY --image-ids=imageTag=$IMAGE_TAG --query 'images[].imageId.imageTag' --output text )"
          if [[ $IMAGE_META == $IMAGE_TAG ]]; then
            echo "$IMAGE_META found skipping build"
            echo "$REPOSITORY:$IMAGE_TAG not found, building new image"
            docker build -t $REGISTRY/$REPOSITORY:$IMAGE_TAG .
            docker push $REGISTRY/$REPOSITORY:$IMAGE_TAG
  This way is working for me, thanks for the help

@jeremiahlukus thanks a lot! It works really well!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment