This container provides a way to get the ECR creds via aws-cli and then login via Docker and write the Docker .config file to disk somewhere.
- Replace "ap-southeast-2" in
flux-deployment.yamlwith the name of the AWS region that your registry is in - Edit the "--git-url" in
flux-deployment.yamlto point to your git repository - Install the supporting manifests from weaveworks/flux/deploy according to the installation instructions
- Install the
flux-deployment.yamlmanifest withkubectl apply -f flux-deployment.yaml
Now your flux pod should be up and running and checking ECR images running inside your cluster!
If you see an error message about "--docker-config" then something isn't configured right. Debug by running kubectl exec -it <pod_name> -c flux /bin/sh and running cat /docker-creds/config.json and inspecting the docker config using base64 to look for reasons why.
The Dockerfile is provided for convenience but the one already used in the manifest should work fine.
You can also get support for ECR in combination with other docker registries. To do this, edit the flux-with-secrets-deployment.yaml file as you would for the basic usage, change the references to example-docker-pull-secret to instead point to a secret in the namespace flux is running in. The secret should be of type kubernetes.io/dockercfg. Anything created for use with a serviceAccount will work.
Apply the flux-with-secrets-deployment.yaml manifest and it will use jq to combine all of the docker auth json together into one file, which flux will then use for auth.