Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

GitOps with CodeCommit in FluxConfig with git configuration fails in validation stage #4290

Closed
prakkie-others opened this issue Dec 5, 2022 · 2 comments
Closed

GitOps with CodeCommit in FluxConfig with git configuration fails in validation stage #4290

prakkie-others opened this issue Dec 5, 2022 · 2 comments
Assignees
@ddjjia
Labels
priority/p0 ASAP
Milestone
v0.17.0

Comments

@prakkie-others
Copy link

prakkie-others commented Dec 5, 2022
edited

What happened:

I wanted to use CodeCommit repository as GitRepository source for Flux and followed instructions mentioned here. RepoURL is not accepted in any form. I have tested the same RepoURL format directly from admin machine and it is accessible. Same configuration works fine for GitHub RepoURL.

Cluster creation throws below error

2022-12-05T17:01:26.568Z        V6      Executing command       {"cmd": "/usr/bin/docker run -d --name eksa_1670259686399887634 --network host -w /home/ssm-user/gw2 -v /var/run/docker.sock:/var/run/docker.sock -v /root/.ssh:/root/.ssh -v /root/.ssh:/root/.ssh -v /home/ssm-user/gw2:/home/ssm-user/gw2 -v /home/ssm-user/gw2:/home/ssm-user/gw2 --entrypoint sleep public.ecr.aws/eks-anywhere/cli-tools:v0.12.2-eks-a-21 infinity"}
2022-12-05T17:01:26.840Z        V3      Validating git setup    {"repoUrl": "ssh://APKAEIBAERJR2EXAMPLE@git-codecommit.us-west-2.amazonaws.com/v1/repos/eksa-gitops"}
Error: connecting with remote origin for repository: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain

Observed username hardcoded to git at this line of gitfactory.go

What you expected to happen:

Git configuration of FluxConfig should accept RepoURL format of CodeCommit. CodeCommit repository URL format for SSH access is ssh://<SSH Key ID>@git-codecommit.<REGION>.amazonaws.com/v1/repos/<REPO NAME>. For example: ssh://APKAEIBAERJR2EXAMPLE@git-codecommit.us-west-2.amazonaws.com/v1/repos/eksa-gitops

Note that CodeCommit SSH access is through SSH Key ID which acts like username. For GitHub git is a standard user.

How to reproduce it (as minimally and precisely as possible):

Create a FluxConfig as shown below and try upgrading cluster

 gitOpsRef:
    kind: FluxConfig
    name: gw2-cluster-gitops

---
apiVersion: anywhere.eks.amazonaws.com/v1alpha1
kind: FluxConfig
metadata:
  name: gw2-cluster-gitops
spec:
    git:
      repositoryUrl: ssh://APKAEIBAERJR2EXAMPLE@git-codecommit.us-west-2.amazonaws.com/v1/repos/eksa-gitops
      sshKeyAlgorithm: rsa

Anything else we need to know?:

Environment: Ubuntu - vSphere

  • EKS Anywhere Release: 0.12.2
@danbudris
Copy link
Member

Thanks for the report, we'll take a look at this ASAP

@drewvanstone drewvanstone added kind/enhancement New feature or request priority/p0 ASAP kind/bug Something isn't working and removed kind/enhancement New feature or request labels Dec 6, 2022
@drewvanstone drewvanstone added this to the next milestone Dec 6, 2022
@Paulius0112
Copy link

Is this issue solved?

@drewvanstone drewvanstone modified the milestones: next, v0.15.0, v0.16.0 Mar 20, 2023
@drewvanstone drewvanstone modified the milestones: v0.16.0, v0.17.0 May 22, 2023
@jiayiwang7 jiayiwang7 assigned ddjjia and unassigned jiayiwang7 Jun 20, 2023
@ddjjia ddjjia removed the kind/bug Something isn't working label Jun 26, 2023
@ddjjia ddjjia mentioned this issue Jun 28, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ddjjia ddjjia

Labels
priority/p0 ASAP
Projects
None yet
Milestone
v0.17.0
Development

No branches or pull requests
6 participants
@drewvanstone @danbudris @jiayiwang7 @Paulius0112 @prakkie-others @ddjjia