search

osbuild / bootc-image-builder

A container for deploying bootable container images.
https://osbuild.org
Apache License 2.0
123 stars 51 forks source link

AWS url-endpoint upload issue, bib does not pick up endpoint / use it #501

Open cdrage opened 3 months ago

cdrage commented 3 months ago

Within my .aws/credentials, I have an endpoint_url for my own S3 endpoint (s3 compatible minio server). However, bib does not pick the endpoint URL up (most other aws-upload-like-tools-do).

Other AWS-like tools authenticate no problem, but I'm unable to do it with bib.

▶ cat .aws/credentials
[default]
endpoint_url = http://<MY-CUSTOM-URL>:9000
aws_access_key_id = <REDACTED>
aws_secret_access_key =  <REDACTED>

bib should be able to pick this up from the credentials file.

bib output:

podman run --rm \
  --name nvidia-3060-bootc-image-builder \
  --tty \
  --privileged \
  --security-opt label=type:unconfined_t \
  -v /Users/cdrage/bootc/aws:/output/ \
  -v /var/lib/containers/storage:/var/lib/containers/storage \
  -v /Users/cdrage/.aws:/root/.aws:ro \
  --label bootc.image.builder=true \
  quay.io/centos-bootc/bootc-image-builder:latest-1714633180 \
  foobar.com/private/nvidia-3060:latest \
  --output \
  /output/ \
  --local \
  --type \
  ami \
  --target-arch \
  amd64 \
  --rootfs \
  xfs \
  --aws-ami-name \
  foobar \
  --aws-bucket \
  foobar \
  --aws-region \
  us-east-1
Error: cannot handle AWS setup: retrieving AWS regions for 'us-east-1' failed: AuthFailure: AWS was not able to validate the provided access credentials
    status code: 401, request id: 7d21a8d9-e109-445a-aec9-02d9e3f774de
2024/06/25 19:15:22 error: cannot handle AWS setup: retrieving AWS regions for 'us-east-1' failed: AuthFailure: AWS was not able to validate the provided access credentials
    status code: 401, request id: 7d21a8d9-e109-445a-aec9-02d9e3f774de
ondrejbudai commented 3 months ago

@schuellerf can you take a look when you have a less busy moment?

schuellerf commented 3 months ago

From my first investigations it might be caused by the underlying library not respecting the config. Actually also ignoring a potential .aws/config file, too (maybe related to this https://github.com/aws/aws-sdk-go/issues/1048#issuecomment-274133433 ) . The current issue could be resolved once we move to v2 https://github.com/osbuild/images/issues/788 I can also implement a command line argument for now but this has to be done in our library and then implemented here. I'll align with the team which approach is best here.