docs: Mention that endpoint should not be used with IRSA (!2473) · Merge requests · GitLab.org / charts / GitLab Chart · GitLab

Stan Hu requested to merge sh-document-no-endpoint-with-irsa into master Mar 25, 2022

What does this MR do?

Users specifying an endpoint when trying to use IAM Roles for Service Accounts (IRSA) will see the following error:

WebldentityErr: failed to retrieve credentials
status code: 405

This happens because of https://github.com/aws/aws-sdk-go/issues/3972: the Workhorse AWS SDK client attempts to use this endpoint for STS and fails.

Make it explicit that endpoint should be omitted from the object storage secret.

Related issues

Closes #3148 (closed)

Checklist

See Definition of done.

For anything in this list which will not be completed, please provide a reason in the MR discussion.

Required

Merge Request Title and Description are up to date, accurate, and descriptive
MR targeting the appropriate branch
MR has a green pipeline on GitLab.com

Expected (please provide an explanation if not completing)

Test plan indicating conditions for success has been posted and passes
Documentation created/updated
Tests added
Integration tests added to GitLab QA
Equivalent MR/issue for omnibus-gitlab opened

Edited Mar 25, 2022 by Stan Hu