You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We have the Image Updater running on EKS clusters using IRSA to link them to an IAM role that grants it permissions to our ECR registry. In addition, we have an auth script configured to run an awscli command to grab a new token every 11 hours:
This usually works on startup, and sometimes after credsexpire, but it also often fails with:
Could not set registry endpoint credentials: error executing /scripts/ecr-login-us-east-2.sh: /scripts/ecr-login-us-east-2.sh failed timeout after 10s
Sometimes this can take hours of retries to rectify and sometimes nothing short of killing the pod and starting a new one will fix it.
It's also weird that it seems to run this script once for each app in its update cycle (see logs below) rather than just running it once seeing as we've configured at the registry level.
To Reproduce
Set up as above. Unfortunately, this is intermittent.
Expected behavior
The script runs correctly (once) and stores the new token for all apps to use.
Describe the bug
We have the Image Updater running on EKS clusters using IRSA to link them to an IAM role that grants it permissions to our ECR registry. In addition, we have an auth script configured to run an awscli command to grab a new token every 11 hours:
This usually works on startup, and sometimes after
credsexpire
, but it also often fails with:Sometimes this can take hours of retries to rectify and sometimes nothing short of killing the pod and starting a new one will fix it.
It's also weird that it seems to run this script once for each app in its update cycle (see logs below) rather than just running it once seeing as we've configured at the registry level.
To Reproduce
Set up as above. Unfortunately, this is intermittent.
Expected behavior
The script runs correctly (once) and stores the new token for all apps to use.
Additional context
N/A
Version
0.12.0
Logs
The text was updated successfully, but these errors were encountered: