deis-admin
commented
7 years ago Thanks for the contribution! Please ensure your commits follow our style guide. This code will be tested once a Deis maintainer reviews it.
Closed dmcnaught closed 7 years ago
deis-admin
commented
7 years ago Thanks for the contribution! Please ensure your commits follow our style guide. This code will be tested once a Deis maintainer reviews it.
dmcnaught
commented
7 years ago Also fixes my trail to the issue https://github.com/deis/workflow-migration/issues/9 https://github.com/deis/workflow/issues/712
bacongobbler
commented
7 years ago This is actually how the code is supposed to work. When IAM is implemented, there shouldn't be any files with AWS access keys or secret keys set. We check for if they have any data, and if they are then we propagate them to the environment.
If you have IAM set up and you've also written data in values.yaml with your S3 information, that would explain why this fixes your problem. I'd take a look into why you have an objectstorage secret set with values.
Effectively this code is now saying "if I have set anything in values.yaml in regards to S3 credentials, ignore it", which is not the intention here :)
dmcnaught
commented
7 years ago ok, thanks. Yes - I tested my changes and they don't fix the issue. I was confused because it looks like those lines were always running before, but it worked (deis workflow version<=2.8.0)
jwalters-gpsw
commented
7 years ago I have IAM setup and have confirmed it works in the deis workspace by running up generic ubuntu there are accessing the bucket successfully. However the database log is showing this:
Performing an initial backup...
wal_e.main INFO MSG: starting WAL-E
DETAIL: The subcommand is "backup-push".
STRUCTURED: time=2017-04-13T21:05:13.346499-00 pid=111
wal_e.main ERROR MSG: AWS Access Key credential is required but not provided
HINT: Pass "--aws-access-key-id" or set the environment variable "AWS_ACCESS_KEY_ID".
STRUCTURED: time=2017-04-13T21:05:13.346858-00 pid=111My values config snippets are:
global:
# Set the storage backend
#
# Valid values are:
# - s3: Store persistent data in AWS S3 (configure in S3 section)
# - azure: Store persistent data in Azure's object storage
# - gcs: Store persistent data in Google Cloud Storage
# - minio: Store persistent data on in-cluster Minio server
storage: s3
.
.
.
database_location: "on-cluster"
.
.
.
s3:
# Your AWS access key. Leave it empty if you want to use IAM credentials.
accesskey: ""
# Your AWS secret key. Leave it empty if you want to use IAM credentials.
secretkey: ""
# Any S3 region
region: "us-west-2"
# Your buckets.
registry_bucket: "tectonic-deis-registry"
database_bucket: "tectonic-deis-database"
builder_bucket: "tectonic-deis-builder"let's continue this discussion in #192.
Comments say to check the values are empty, but the check is that they are not empty. Fixing. https://github.com/deis/postgres/issues/184