I’m trying to authenticate pulls from a private Docker repo on AWS ECR, but can’t get the drone registry plugin to work. I set up the microservice and verified that I can pull secrets from the CLI. Is there a way to authenticate image: aws_account_id.dkr.ecr.eu-central-1.amazonaws.com/myimage:latest without explicitly passing the credentials in .drone.yml?
The registry extension is recommended for providing aws credentials to clone private images from ecr (see https://github.com/drone/drone-registry-plugin) and there are plenty of folks using this extension in production. It sounds like perhaps you have given up on the registry extension as a potential solution, however, if you provide more details (your installation, configuration, yaml, trace logs, etc) then members of the community may be able to help you debug and get it working.
The examples I have found usually have a step just for pulling the image and then run it after: How do you authenticate with and pull from an ECR registry?
Do you have an example of how to use drone registry plugin to authenticate pulls using image: without a separate pull step?
When I do it now, I get Error response from daemon: Get https://xxxxxxxxxx.dkr.ecr.eu-central-1.amazonaws.com/v2/xxxxxxxxx/manifests/latest: no basic auth credentials