Empty ecr imagepullsecret

[ghazalrana]

Hi, I am using these files and I also double-checked my encoded base64 values in the secret by decoding it (using 12 digit account id in aws-account field). When I deployed these files, I get .dockerconfigjson: e30= in the generated awsecr-cred secret (kubectl get secret awsecr-cred -o yaml)

note: minikube addons registry-creds is disabled

Could anyone suggest a way to use these manifests accurately?

cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Secret
metadata:
  name: registry-creds-ecr
  namespace: kube-system
  labels:
    app: registry-creds
data:
  AWS_ACCESS_KEY_ID: QUtJQ34VdML0RTRbgtVFMVFJYWFdMRjYK
  AWS_SECRET_ACCESS_KEY: cUExMFwrtew3ay7lZDJiT1RkODVZaFR3NHBnc1czeXZ9ZEZzelZvcG9Oigo=
  aws-account: NjOyNlc9MXcxNThjdNzCf==
  aws-region: dXMtZWFzdCwdftgfd0xCg==
type: Opaque
EOF

apiVersion: apps/v1
kind: Deployment
metadata:
  name: registry-creds
  namespace: kube-system
spec:
  replicas: 1
  selector:
    matchLabels:
      name: registry-creds
  template:
    metadata:
      labels:
        name: registry-creds
    spec:
      containers:
      - image: upmcenterprises/registry-creds:1.10
        name: registry-creds
        imagePullPolicy: Always
        env:
          - name: AWS_ACCESS_KEY_ID
            valueFrom:
              secretKeyRef:
                name: registry-creds-ecr
                key: AWS_ACCESS_KEY_ID
          - name: AWS_SECRET_ACCESS_KEY
            valueFrom:
              secretKeyRef:
                name: registry-creds-ecr
                key: AWS_SECRET_ACCESS_KEY
          - name: awsaccount
            valueFrom:
              secretKeyRef:
                name: registry-creds-ecr
                key: aws-account
          - name: awsregion
            valueFrom:
              secretKeyRef:
                name: registry-creds-ecr
                key: aws-region