prevents aws errors when not using aws

fluxcd · Mar 8, 2019 · 62e5d6d · 62e5d6d
1 parent 1360f9b
commit 62e5d6d
Show file tree

Hide file tree

Showing 3 changed files with 31 additions and 15 deletions.
diff --git a/cmd/fluxd/main.go b/cmd/fluxd/main.go
@@ -334,23 +334,37 @@ func main() {
 
 	// Wrap the procedure for collecting images to scan
 	{
-		awsConf := registry.AWSRegistryConfig{
-			Regions:    *registryAWSRegions,
-			AccountIDs: *registryAWSAccountIDs,
-			BlockIDs:   *registryAWSBlockAccountIDs,
+		awsOptions := []string{
+			"registry-ecr-region",
+			"registry-ecr-include-id",
+			"registry-ecr-exclude-id",
 		}
-		credsWithAWSAuth, err := registry.ImageCredsWithAWSAuth(imageCreds, log.With(logger, "component", "aws"), awsConf)
-		if err != nil {
-			logger.Log("warning", "AWS authorization not used; pre-flight check failed")
-		} else {
-			imageCreds = credsWithAWSAuth
+		usingAWS := false
+		for _, awsOption := range awsOptions {
+			if fs.Changed(awsOption) {
+				usingAWS = true
+				break
+			}
 		}
-		if *dockerConfig != "" {
-			credsWithDefaults, err := registry.ImageCredsWithDefaults(imageCreds, *dockerConfig)
+		if usingAWS {
+			awsConf := registry.AWSRegistryConfig{
+				Regions:    *registryAWSRegions,
+				AccountIDs: *registryAWSAccountIDs,
+				BlockIDs:   *registryAWSBlockAccountIDs,
+			}
+			credsWithAWSAuth, err := registry.ImageCredsWithAWSAuth(imageCreds, log.With(logger, "component", "aws"), awsConf)
 			if err != nil {
-				logger.Log("warning", "--docker-config not used; pre-flight check failed", "err", err)
+				logger.Log("warning", "AWS authorization not used; pre-flight check failed")
 			} else {
-				imageCreds = credsWithDefaults
+				imageCreds = credsWithAWSAuth
+			}
+			if *dockerConfig != "" {
+				credsWithDefaults, err := registry.ImageCredsWithDefaults(imageCreds, *dockerConfig)
+				if err != nil {
+					logger.Log("warning", "--docker-config not used; pre-flight check failed", "err", err)
+				} else {
+					imageCreds = credsWithDefaults
+				}
 			}
 		}
 	}

diff --git a/deploy/flux-deployment.yaml b/deploy/flux-deployment.yaml
@@ -54,7 +54,7 @@ spec:
         # There are no ":latest" images for flux. Find the most recent
         # release or image version at https://quay.io/weaveworks/flux
         # and replace the tag here.
-        image: quay.io/weaveworks/flux:1.10.1
+        image: quay.io/weaveworks/flux
         imagePullPolicy: IfNotPresent
         resources:
           requests:
@@ -103,7 +103,7 @@ spec:
         - --ssh-keygen-dir=/var/fluxd/keygen
 
         # replace or remove the following URL
-        - [email protected]:weaveworks/flux-get-started
+        - [email protected]:dimitropoulos/flux-scratch
         - --git-branch=master
 
         # include these next two to connect to an "upstream" service

diff --git a/deploy/flux-secret.yaml b/deploy/flux-secret.yaml
@@ -4,3 +4,5 @@ kind: Secret
 metadata:
   name: flux-git-deploy
 type: Opaque
+data:
+  identity: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcFFJQkFBS0NBUUVBMzdsQVdOUW56MFp3SFpvMll2UGhrTHl4ZXJQQlB4Zmp1VDROa3NiY2J1cjh1LzJxCkpQMUN6WWY0byswRU5KS0ZnSmxQT2RuazVaTHMwd011T0NTVmE0V3FaQjRVM3hLQWI5d3E3SUk2WkV4NmZaUVcKVFpqYmJ4SG5HSmc0TEc0MVkyWHh4YjNkdXpTWC9HTFZ2cFdmRjRsU0t1THNHL2tyVHR1TUtHSDYwNkEvcWVFMgp3Wm9EUVI2RXg2cjMyb0F3dTIwYUNuNzF4VWd3U2poN3FuZ1Nvb1YvSHJValBrWlI3L2lreTFRWTA0NDMybzR0CjdXbzlNNTFvZGc2Z1pwWmdkZzh3Z2RVTm8vQ01HZWxVVFNJN0lRVXhNQVNnY3ZUbCtKa3RDaERmYm9HYk1RQVMKbFF6WTNiNm9YalVCTk5JZERMcDh6RE1lZ3Z1bVg0K01KZ0tUVXdJREFRQUJBb0lCQVFDRm9SZ3ZOcUdFcS9VQgpxWC84d09FbFc1L0N3NldVc3dkQk9UQlFVRm1RSXVuTXUrb3A1K0JEOVlodEdZQWVpcm9WSXYxd2Q1YkNEVzFKCmFLZnR2dVJFOGZUaGtob3pWOURCZjhkZnR6VjdmVGJZMVdBdy96RnFlVTRJb2J0RHhwdzYvOFJXc1Y3RWw5aUUKVnVDRzBzWFJBQ1BGRy8rZGdjbjljeU9YWjFhem1mRDZScE1vUytrMyszdkNwYjZtQTU5RHNGcGQxZy9lMTJ1cAptNlYzK3dzU2g1emxmQld2S3NicHNlUjBjV3VJVWZ2NXVwWHZROHpwNG1ob2dGc3Z0VWpRejVUdTVtRnNKc0NYCjhlRUNOd1h2NmNJaVFqaVN6VzVlYVdXRlc5QXFoNWNCMEticHFVYnc4MFd2b2RVSHlEVm5rMlNzS2RBd3Z3dVAKa0ozNjl4cXhBb0dCQVBmNU4yNkpUYXZrbW9LcWZvRDJJUVpUZXZ3eVg2YU43b0pCVVRJK1o4VmxIcURZRExoZApGMy9RbEpGOWQ3Q2lidzdhV09mQ2NaRGl4TEFKVDNWNlRYa0t4S0xLNlN2RXhEanJmNUdnRTJGZ2JDZkh3UndSCkNibm9ERmM4bHBxQXd4Mm1odTk5QTlsVEt1anpYMFR3RWRpVFF3Z3M0QjZTUURPNDV1cHc2TzQ1QW9HQkFPYjMKRjlaZHh2d3RoYzd5SUNEaDRvV2lVTjFhcVFOY29ibXg3Y1lXQkM3aWkrN1k0WkZPUnRDVGZqaHlySnVjQVMrMgpaeVlTVVcrOVpGRWFjRUs0aWZWWGVSci9PU2VDcjdLbXJ1dEVrbFVBYUpPY3pWVEhlMFRKUER1VGtNdWVzd1FlCjNQdFh6MWJwVVZHbHlhYndNLzZOYnhVL3ZmWlVhcXFZUzlKc3p3M3JBb0dCQU1uTzhPWHNxR0cwY21yVkJvODkKd0RLOXplRmh2YVoyN0J6bHU0Y0Fjc09iUUFuMnlxTmdYN2VOc051WEdNbVA2SUpXQVBUY3NrQVB6YkxXWU94aQoxSm9sd1ZJYmdSZzEwdHZnRExvZlpLWmpLcUpWVnp2WVFlb2loNmlYanBtL0lRd0ljdGlGRFpUWXNwdFROYjJOCkEza1duLzhQUm5hYTM5VTRMZld1WG1OQkFvR0FPRjJ4S1pXMVRESG41L3RiTCtzd2x5Qm56NzJpWmJtamxtZi8KK1VuQ041YitRNG9XY3BuQjJvRkVXbzVSNWFBTEFoUG4xSGkvK3g4amJrK2ZlZ2tEVWliSTNYZlFBUDU1MW9XcgpScXR6Y3Q4b3BtMnNCcmF3TkxkUHhkSmJrZlhuQm1ocDBjVTZTcUdpUU9UTzg3akhWNlk0cDl6b2hVZFF5TlZtCkc3S0dUWVVDZ1lFQWpldE9NR3R4NXNtV2NOTGphY2xzZnZlNHlrVEltNG9UNWNBd2w5Nm1aNXJlQllaTFdUQmoKYkhNUGFwL2VtY09NdXdJbmhaL0xDWXNxblk4NSt6REo5cGRZU2U4WmhNcEhWRzlDbFU0RmRIcWsxcjh5WjBzWQp5WGFnUEZ3TlIxYXVDTmhwb3RDSk41aGY3Vm9KbmdtU3BuUXNYK1lCeGpyNENKL1dCUjQxeDZjPQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=