amazon-eks-ami icon indicating copy to clipboard operation
amazon-eks-ami copied to clipboard

Published 20 hours ago verified publisher icon awslabs

`bootstrap.sh` should support setting the `ecr` endpoint type (such as `ecr-fips`)

Open seanorama opened this issue 2 years ago • 1 comments

What happened:

In an environment which requires FIPS ./files/bootstrap.sh used the standard ecr endpoint, not ecr-fips.

This can't be easily set in this code:

https://github.com/awslabs/amazon-eks-ami/blob/d9c8938f6666d3037d126ee906c2f133f2be0fb8/files/bootstrap.sh#L351

What you expected to happen:

Update bootstrap.sh with:

  1. A variable named like $PAUSE_CONTAINER_ENDPOINT_TYPE which defaults to ecr.
  2. A switch of --pause-container-endpoint-type which can set the variable.
  3. Update the line above to use that variable.

Environment:

  • AWS Region: us-gov-west-1
  • EKS Platform version: eks.10
  • Kubernetes version: 1.21

seanorama avatar Aug 25 '22 21:08 seanorama

Here's a PR to solve this: #1012

seanorama avatar Aug 31 '22 22:08 seanorama

I believe this is now resolved with #1458 - cc @cartermckinnon

Ref: https://github.com/awslabs/amazon-eks-ami/pull/1458/files#diff-2a573fe0e1a474595da4e9944a8e3c95aead7ab627514e3fc3a6f6702768f8d1R72-R78

bryantbiggs avatar Nov 25 '23 16:11 bryantbiggs