はじめに
CodeBuildで見たことがないエラーを発見したのでメモ
「error parsing HTTP 403 response body: unexpected end of JSON input: “”」の解消方法をメモします。
発生タイミング
AWS CodeBuildでECRから取り出したイメージをベースイメージとしてビルドして他のECRにイメージをpushしようとした際に発生した。
[Container] 2024/06/28 09:15:23.085024 Running command docker push $AWS_ACCOUNT_ID.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com/$IMAGE_REPO_NAME:$IMAGE_TAG
The push refers to repository [{AWS_ACCOUNT_ID}.dkr.ecr.ap-northeast-1.amazonaws.com/test-image]
afd960e1af2e: Preparing
8b81268b176d: Preparing
2e78ae41ac62: Preparing
error parsing HTTP 403 response body: unexpected end of JSON input: ""
[Container] 2024/06/28 09:15:25.142451 Command did not exit successfully docker push $AWS_ACCOUNT_ID.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com/$IMAGE_REPO_NAME:$IMAGE_TAG exit status 1
[Container] 2024/06/28 09:15:25.148466 Phase complete: POST_BUILD State: FAILED
[Container] 2024/06/28 09:15:25.148486 Phase context status code: COMMAND_EXECUTION_ERROR Message: Error while executing command: docker push $AWS_ACCOUNT_ID.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com/$IMAGE_REPO_NAME:$IMAGE_TAG. Reason: exit status 1
解消方法
CodeBuildのサービスロールに以下の権限を追加します。
ecr:BatchCheckLayerAvailability
IAMポリシーの実装例
Resourceセクションにはpush先のECRリポジトリを指定します。
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"ecr:BatchCheckLayerAvailability"
],
"Resource": [
"arn:aws:ecr:ap-northeast-1:{AWS_ACCOUNT_ID}:repository/test-image"
],
"Effect": "Allow"
}
]
}
再実行して動作確認
[Container] 2024/06/28 09:18:17.185879 Running command docker push $AWS_ACCOUNT_ID.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com/$IMAGE_REPO_NAME:$IMAGE_TAG
The push refers to repository [{AWS_ACCOUNT_ID}.dkr.ecr.ap-northeast-1.amazonaws.com/test-image]
afd960e1af2e: Preparing
8b81268b176d: Preparing
2e78ae41ac62: Preparing
afd960e1af2e: Layer already exists
2e78ae41ac62: Pushed
8b81268b176d: Pushed
latest: digest: sha256:74c1326b79e7654abf2a0aa4ef5865abea07c9c0fbf38f148b3fe9dcf3cb9c60 size: 949
[Container] 2024/06/28 09:18:37.971738 Phase complete: POST_BUILD State: SUCCEEDED