Only use AWS ECR auth if no secret given

Checking for ECR whether or not there's a secret referenced means the reconciliation can fail despite there being a valid credential. If you are not running in EKS (or otherwise with AWS IAM permissions), but using ECR, you will still want to be able to supply a secret. Signed-off-by: Michael Bridgen <[email protected]>
fluxcd · Oct 5, 2021 · 6de3efa · 6de3efa
1 parent bbd04a3
commit 6de3efa
Showing 1 changed file with 1 addition and 4 deletions.
diff --git a/controllers/imagerepository_controller.go b/controllers/imagerepository_controller.go
@@ -266,10 +266,7 @@ func (r *ImageRepositoryReconciler) scan(ctx context.Context, imageRepo *imagev1
 			return err
 		}
 		options = append(options, remote.WithAuth(auth))
-
-	}
-
-	if accountId, awsEcrRegion, ok := parseAwsImage(imageRepo.Spec.Image); ok {
+	} else if accountId, awsEcrRegion, ok := parseAwsImage(imageRepo.Spec.Image); ok {
 		if r.UseAwsEcr {
 			logr.FromContext(ctx).Info("Logging in to AWS ECR for " + imageRepo.Spec.Image)