ArgoCD is unable to generate tokens for external EKS clusters
Summary
When added an external AWS EKS cluster, ArgoCD is unable to generate a token due to the missing AWS CLI.
Steps to reproduce
Add an EKS cluster to the BigBang deployment configmap:
values:
configs:
clusterCredentials:
- name: nifty-cluster
server: "https://XXXXXXXX.eks.amazonaws.com"
config:
awsAuthConfig:
clusterName: XXXXXXX-cluster
roleArn: "arn:aws-us-gov:iam::XXXXXXXX:role/eks-XXXXXX"
tlsClientConfig:
insecure: false
caData: XXXX
What is the current bug behavior?
ArgoCD can't generate a token and displays an error message about aws
missing.
What is the expected correct behavior?
ArgoCD can communicate with the external cluster using the token generated from the AWS CLI.
Relevant logs and/or screenshots
time="2022-04-27T19:29:32Z" level=error msg="finished unary call with code Unknown" error="Get \"https://XXXXXXXXXXXXX.eks.amazonaws.com/version?timeout=32s\": getting credentials: exec: executable aws not found\n\nIt looks like you are trying to use a client-go credential plugin that is not installed.\n\nTo learn more about this feature, consult the documentation available at:\n https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins" grpc.code=Unknown grpc.method=Create grpc.service=cluster.ClusterService grpc.start_time="2022-04-27T19:29:32Z" grpc.time_ms=46.581 span.kind=server system=grpc
Possible fixes
Update the Dockerfile
to leave the AWS CLI from the opensource Ironbank ArgoCD container
Tasks
-
Bug has been identified and corrected within the container