ECR Secret Operator
Amazon Elastic Container Registry Private Registry Authentication provides a temporary authorization token valid only for 12 hours. This operator refreshes automatically the Amazon ECR authorization token before it expires, reducing the overhead in managing the authentication flow.
This operator contains two Custom Resources which direct the operator to generate/refresh Amazon ECR authorization token in a timely manner:
How to use this operator
Prerequisites
- Create an ECR private repository
- Provide AWS Authentication to the operator. Two Options:
Install the operator
- Install the operator from operator hub community
Create the ECR Secret CRD
A docker registry secret is created by the operator momentally and the token is patched every 10 hours
A sample build process with generated secret
Link the secret to builder
Configure build config to point to your ECR Container repository
Build should succeed and push the image to the the private ECR Container repository
Create the ECR Secret Argo CD Helm Repo CRD
- OpenShift GitOps is installed
- Helm chart stored in ecr
- Create the Helm Repo CRD
- Create a sample GitOps application
The ArgoCD application should sync with ECR helm chart successfully
