-
Notifications
You must be signed in to change notification settings - Fork 401
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Does not work with aws service accounts #280
Comments
It seems the AWS storage provider is implemented in a separate package The master branch was upgraded to a suitable AWS SDK version in chartmuseum/storage#27 but this hasn't yet been released. I've asked for it to be released in chartmuseum/storage#32 Once that is done, it will be possible to upgrade chartmuseum. |
@evilezh @andyspiers @NikolayMarusenko @biradrags @Igor-Kalyniak @gopisaba @mvisonneau @uLan08 @italolelis Would one of you be willing to test out that this is now fixed on master? You can use Docker image Once I can get confirmation that this is finally fixed (as well as #152), I'll go ahead and release chartmuseum v1.12.0. Thanks in advance! |
Hi @jdolitsky, I tested the new image with a helm installation:
Unfortunately, I still got the same error. This is the output:
The
I made sure that this cluster supports IRSA properly, and it does as other tools are able to fetch IAMs from service accounts. Maybe there is still something missing to configure? Happy to help with whatever you need. Thanks, |
@italolelis appreciate you trying this out. Looks like maybe updating the module isnt enough, need to perhaps use a different method for auth in the Go code? If anyone has experience with this lmk |
|
I just tried installing ChartMuseum v0.11.0 with Helm chart stable/chartmuseum v2.8.0. I tried adding: env:
open:
AWS_SDK_LOAD_CONFIG: "1" But this didn't work either. Still getting the following messages in the logs:
|
@sc250024 im wondering what happens with this combo and latest image? |
@jdolitsky Ah right. I just tried it with the image SHA, and it also didn't work. Same error as above. EDIT: Totally forgot the Roughly how long until we can get an official release? |
I also can confirm that running the image Thanks for working on it! |
Hi everyone, thanks for your patience. New version of ChartMuseum has been released (v0.12.0) with the latest version of AWS SDK. Please try it out. Closing this issue for now, please comment here if you continue to see any issues. |
Thank you! |
The Chartmuseum S3 client need set an Env variable Ref: helm/chartmuseum#280 Signed-off-by: DQ <dengq@vmware.com>
The Chartmuseum S3 client need set an Env variable Ref: helm/chartmuseum#280 Signed-off-by: DQ <dengq@vmware.com> Signed-off-by: Ye Liu <ye.liu@hp.com>
The Chartmuseum S3 client need set an Env variable Ref: helm/chartmuseum#280 Signed-off-by: DQ <dengq@vmware.com> Signed-off-by: molinber <bertrand.molin@credit-agricole.net>
The Chartmuseum S3 client need set an Env variable Ref: helm/chartmuseum#280 Signed-off-by: DQ <dengq@vmware.com>
Hi @jdolitsky , I have the exact same problem. These are my helm values.
Tried with |
@ridicule777 - can you confirm you're using chartmuseum 0.12 ? |
Yes Iam using 0.12. Please check the complete helm values.
|
Here is the pod log.
I attached the same service account to a nginx deployment. Installed python, python-pip and awscli.
And then tried copying a blank file into the s3 bucket, I was able to upload it. So, I'm pretty sure, service account is working. |
I managed to make it work base on comments #328 (comment)
|
I tried to run with AWS service account, but couldn't get it work.
I did check on dependencies and as per this page: https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts-minimum-sdk.html it seems 1.23.13 is minimum version required for it to work.
Probably just simple aws sdk dependency update would work.
The text was updated successfully, but these errors were encountered: