Action does not support EKS pod identities

[casey-robertson-paypal]

Describe the bug We are migrating workloads to EKS - in particular Github Actions runners. The runner scalesets run as service accounts wired up to AWS EKS Pod Identities. We run v2 of the action and receive the following error:

Run aws-actions/amazon-ecr-login@v2
  with:
    mask-password: true
    registry-type: private
    skip-logout: false
Error: 169.254.170.23 is not a valid container metadata service hostname

To Reproduce

Create a test action that uses amazon-ecr-login in a pod/runner running in EKS and a service account identity.

Expected behavior The action discovers the creds mounted in the metadata path and uses them to authenticate with ECR.

Screenshots No screenshots but we confirmed that raw aws sts commands are returning the correct assumed role that we'd expect.

Desktop (please complete the following information): EKS 1.29 Running 0.9.0 version of github action runner container and helm chart.

[meithon]

Current Workaround At present, one of the most effective solutions appears to be using the following action instead:

- name: Login to Amazon ECR
  id: login-ecr
  run: |
    aws ecr get-login-password --region $AWS_REGION | docker login --username AWS --password-stdin xxxxxxxxxxxx.dkr.ecr.ap-northeast-1.amazonaws.com