Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OCI Repositories #1591

Open
abohmeed opened this issue Jul 30, 2023 · 1 comment
Open

OCI Repositories #1591

abohmeed opened this issue Jul 30, 2023 · 1 comment

Comments

@abohmeed
Copy link

Setting .spec.provider to aws is mandatory when using OIDC and IRSA for allowing the pods to talk to ECR using a role. Failing to add this provider to the Helm Repository manifest will make the Source Controller receive 401 error from AWS when trying to downoad the Helm artifact even when using the correct role and policy. The documentation states that it is optional but in the next prapgraph, it details how to attach a role to the source-controller service account so that it can pull charts from ECR which won't happen without correctly setting the provider.

@darkowlzz
Copy link
Contributor

Hi, are you referring to this docs section https://fluxcd.io/flux/components/source/helmrepositories/#aws ?
If that is so, node IAM and IRSA, are subsections of the provider.aws section. The document states that setting provider.aws is optional if you're not using AWS. But if you do, then you have to follow the respective docs of node IAM or IRSA.
Is there any way we can improve the docs? You can also create a pull request with your suggestion on improving the docs. The source an be found in https://github.com/fluxcd/source-controller/blob/66b93aad314d523fbe97c83d431b69e44a198df8/docs/spec/v1beta2/helmrepositories.md#aws .

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants