-
Notifications
You must be signed in to change notification settings - Fork 905
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ensure AWS credential key in setup script matches provider config #3275
Ensure AWS credential key in setup script matches provider config #3275
Conversation
@@ -45,9 +45,9 @@ fi | |||
|
|||
echo "apiVersion: v1 | |||
data: | |||
key: $AWS_CREDS_BASE64 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@wwentland thanks for this update! I believe this script actually is corresponding to https://crossplane.io/docs/v1.9/concepts/providers.html#configuring-providers, which has the same key. However, it would be great to standardize between the previous link and the getting started guide. Would you mind updating the field in the document I referenced as well as part of this change?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No problem, @hasheddan. I've normalised all examples I could find to use creds
in lieu of a variety of other keys.
The key used in the aws-creds `Secret` has to match the corresponding settings in `spec:credentials:secretRef:key`, which is `creds` rather than `key`. Without this change, users see errors such as the following when trying to reconcile resources: ``` Warning CannotObserveExternalResource 6s (x4 over 11s) managed/queue.sqs.aws.crossplane.io cannot get Queue URL: operation error SQS: GetQueueUrl, failed to sign request: failed to retrieve credentials: failed to refresh cached credentials, static credentials are empty ``` Signed-off-by: Wolodja Wentland <w@wentland.dev>
43a7096
to
4850373
Compare
Examples in the documentation alternated between using `creds` and `credentials`. In line with the conventions established in the installation guide, it is changed to `creds` everywhere. Signed-off-by: Wolodja Wentland <w@wentland.dev>
4850373
to
43d972a
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @wwentland! I'm going to add backport labels for this as well 👍🏻
Successfully created backport PR #3279 for |
Successfully created backport PR #3280 for |
Successfully created backport PR #3281 for |
Backport failed for Please cherry-pick the changes locally. git fetch origin release-1.10
git worktree add -d .worktree/backport-3275-to-release-1.10 origin/release-1.10
cd .worktree/backport-3275-to-release-1.10
git checkout -b backport-3275-to-release-1.10
ancref=$(git merge-base e02c7a3c61b29d21a401130613f4bb72c54aae2d 43d972af940c2c142d6f84053499aab0ed1d5c4f)
git cherry-pick -x $ancref..43d972af940c2c142d6f84053499aab0ed1d5c4f |
/backport |
Backport failed for Please cherry-pick the changes locally. git fetch origin release-1.10
git worktree add -d .worktree/backport-3275-to-release-1.10 origin/release-1.10
cd .worktree/backport-3275-to-release-1.10
git checkout -b backport-3275-to-release-1.10
ancref=$(git merge-base e02c7a3c61b29d21a401130613f4bb72c54aae2d 43d972af940c2c142d6f84053499aab0ed1d5c4f)
git cherry-pick -x $ancref..43d972af940c2c142d6f84053499aab0ed1d5c4f |
The key used in the aws-creds
Secret
has to match the correspondingsettings in
spec:credentials:secretRef:key
, which iscreds
ratherthan
key
.Without this change, users see errors such as the following when
trying to reconcile resources:
Signed-off-by: Wolodja Wentland w@wentland.dev
Description of your changes
Fixes #
I have:
make reviewable
to ensure this PR is ready for review.backport release-x.y
labels to auto-backport this PR if necessary.How has this code been tested
Ran through the provider-aws configuration instructions again, created a simple managed resource, and verified that it synchronised successfully.